[Dovecot] qmail and LDA: passdb didn't return userdb entries
Hi,
i'm testing Dovecot LDA to works with qmail and vpopmail. I have added into a .qmail for a users this line:
root@test.com: /home/vpopmail/domains/test.com/0/test# cat .qmail
| /var/qmail/bin/preline -f /usr/libexec/dovecot/deliver -d $EXT@$USER
This is my dovecont conf:
# dovecot -n # 1.1.7: /etc/dovecot.conf # OS: Linux 2.6.24-21-server x86_64 Ubuntu 8.04.1 log_path: /var/log/dovecot/dovecot-err.log info_log_path: /var/log/dovecot/dovecot.log protocols: imap listen: *:143 ssl_disable: yes disable_plaintext_auth: no login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login login_greeting: Ready login_process_per_connection: no first_valid_uid: 89 mail_drop_priv_before_exec: yes mail_plugins: quota imap_quota namespace: type: private separator: . prefix: INBOX. inbox: yes list: yes subscriptions: yes auth default: passdb: driver: checkpassword args: /home/vpopmail/bin/vchkpw userdb: driver: prefetch args: uid=89 gid=89 home=/home/vpopmail/domains/%d/%u socket: type: listen master: path: /var/run/dovecot/auth-master mode: 432 user: vpopmail group: vchkpw plugin: quota: maildir
I have added
protocol lda { postmaster_address = postmaster@test.com mail_plugins = quota log_path = /tmp/dovecot-deliver.log info_log_path = /tmp/dovecot-deliver.log }
and
socket listen {
master {
path = /var/run/dovecot/auth-master
mode = 0660
user = vpopmail
group = vchkpw
}
}But in the log file i find this errors:
dovecot: Dec 02 15:28:04 Error: auth(default): prefetch(test@test.com): passdb didn't return userdb entries
I have read in the wiki that deliver needed to know some much information about users, like HOMEDIR, but this information are not returned by vpopmail authentication?
IMAP authentication works fine instead.
What is wrong? Thanks
Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it @ LOLUG -> Socio http://www.lolug.net
On Tue, 2008-12-02 at 15:35 +0100, Alessio Cecchi wrote:
passdb: driver: checkpassword args: /home/vpopmail/bin/vchkpw userdb: driver: prefetch args: uid=89 gid=89 home=/home/vpopmail/domains/%d/%u
The args for prefetch userdb don't do anything. Prefetch only returns what the passdb had already looked up. This doesn't work with deliver, which doesn't authenticate but instead just wants to do a userdb lookup. Since there's no userdb, it returns the "passdb didn't return userdb entries" error. That's actually a bad error message, I fixed it now to give "userdb lookup not possible with only userdb prefetch".
So, what to do about it? I guess you could change userdb prefetch to userdb static. It looks like you already have its parameters set up. You'll also need to add allow_all_users=yes parameter and make sure your MTA rejects invalid users.
Il Tuesday 02 December 2008 18:14:23 Timo Sirainen ha scritto:
On Tue, 2008-12-02 at 15:35 +0100, Alessio Cecchi wrote:
passdb: driver: checkpassword args: /home/vpopmail/bin/vchkpw userdb: driver: prefetch args: uid=89 gid=89 home=/home/vpopmail/domains/%d/%u
The args for prefetch userdb don't do anything. Prefetch only returns what the passdb had already looked up. This doesn't work with deliver, which doesn't authenticate but instead just wants to do a userdb lookup. Since there's no userdb, it returns the "passdb didn't return userdb entries" error. That's actually a bad error message, I fixed it now to give "userdb lookup not possible with only userdb prefetch".
So, what to do about it? I guess you could change userdb prefetch to userdb static. It looks like you already have its parameters set up. You'll also need to add allow_all_users=yes parameter and make sure your MTA rejects invalid users.
Hi Timo,
thanks for your reply, in effect if I modify my "userdb prefetch" simple to this, without any "args":
userdb prefetch { }
authentication works always fine.
But if I change userdb to this (with or without args):
userdb static { args = uid=89 gid=89 home=/home/vpopmail/domains/%d/%n }
autentication works but home location isn't set correctoly, so I can login into the webmail but there isn't any messages:
dovecot: Dec 03 09:10:49 Info: imap-login: Login: user=<test>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured dovecot: Dec 03 09:10:49 Info: IMAP(test): Loading modules from directory: /usr/lib/dovecot/imap dovecot: Dec 03 09:10:49 Info: IMAP(test): Module loaded: /usr/lib/dovecot/imap/lib10_quota_plugin.so dovecot: Dec 03 09:10:49 Info: IMAP(test): Module loaded: /usr/lib/dovecot/imap/lib11_imap_quota_plugin.so dovecot: Dec 03 09:10:49 Info: IMAP(test): Effective uid=89, gid=89, home=/home/vpopmail/domains//test dovecot: Dec 03 09:10:49 Info: IMAP(test): Quota root: name= backend=maildir args= dovecot: Dec 03 09:10:49 Info: IMAP(test): Namespace: type=private, prefix=INBOX., sep=., inbox=yes, hidden=no, list=yes, sub scriptions=yes dovecot: Dec 03 09:10:49 Info: IMAP(test): maildir: data=~/Maildir dovecot: Dec 03 09:10:49 Info: IMAP(test): maildir++: root=/home/vpopmail/domains//test/Maildir, index=, control=, inbox=/home /vpopmail/domains//test/Maildir dovecot: Dec 03 09:10:49 Info: IMAP(test): Disconnected: Logged out bytes=117/931
As you can see in "root=/home/vpopmail/domains//test/Maildir" after domains//test/Maildir there isn't domain name.
Normaly for this user (with userdb prefetch) home location is:
dovecot: Dec 03 09:11:16 Info: IMAP(test): Effective uid=89, gid=89, home=/home/vpopmail/domains/domain.com/0/test
I think that before I can set "allow_all_users=yes" I need to resolving this problem :-)
Thanks
Alessio Cecchi is: @ ILS -> http://www.linux.it/~alessice/ on LinkedIn -> http://www.linkedin.com/in/alessice Assistenza Sistemi GNU/Linux -> http://www.cecchi.biz/ @ PLUG -> ex-Presidente, adesso senatore a vita, http://www.prato.linux.it @ LOLUG -> Socio http://www.lolug.net
On Wed, 2008-12-03 at 09:33 +0100, Alessio Cecchi wrote:
Il Tuesday 02 December 2008 18:14:23 Timo Sirainen ha scritto:
On Tue, 2008-12-02 at 15:35 +0100, Alessio Cecchi wrote:
passdb: driver: checkpassword args: /home/vpopmail/bin/vchkpw .. userdb static { args = uid=89 gid=89 home=/home/vpopmail/domains/%d/%n } .. dovecot: Dec 03 09:11:16 Info: IMAP(test): Effective uid=89, gid=89, home=/home/vpopmail/domains/domain.com/0/test
And the "0" in the middle changes from one user to another? In that case you can't use a home template.
Wouldn't it work if you simply used passdb vpopmail and userdb vpopmail?
On Tuesday, December 2 at 03:35 PM, quoth Alessio Cecchi:
i'm testing Dovecot LDA to works with qmail and vpopmail. I have added into a .qmail for a users this line:
root@test.com: /home/vpopmail/domains/test.com/0/test# cat .qmail
| /var/qmail/bin/preline -f /usr/libexec/dovecot/deliver -d $EXT@$USER
The easiest way to do this is to follow the instructions on the wiki
(http://wiki.dovecot.org/LDA). Dovecot's deliver needs to know two
things: the $HOME and the FROM_ENVELOPE. Why does it need the latter?
I haven't a clue. But this should work for you:
| /var/qmail/bin/preline -f /usr/libexec/dovecot/deliver -f ${SENDER:-<>}
Using the -d flag is a bad idea unless your dovecot is set up with a passdb and userdb.
The problem for you with instituting a static userdb is that you've enabled user hashing in vpopmail. On my system, I can use this:
userdb static {
args = uid=XXX gid=XXX home=/var/lib/vpopmail/domains/%Ld/%Ln allow_all_users=yes
}But that won't work for you because the location of the home directory isn't so simple on your system. I don't know how to tell Dovecot how to hash user directories the way that vpopmail does.
I have read in the wiki that deliver needed to know some much information about users, like HOMEDIR, but this information are not returned by vpopmail authentication?
It also needs the -f flag (for unknown reasons) AND you need to avoid the -d flag (the -d flag tells deliver to ignore the $HOME environment variable and to attempt to look up the home directory in the userdb which, as you've noticed, can be tricky).
~Kyle
Moral indignation is jealousy with a halo. -- H. G. Wells
participants (3)
-
Alessio Cecchi
-
Kyle Wheeler
-
Timo Sirainen