[dovecot-cvs] dovecot dovecot-example.conf,1.71,1.72

cras at procontrol.fi cras at procontrol.fi
Fri Aug 22 08:42:15 EEST 2003 

Update of /home/cvs/dovecot
In directory danu:/tmp/cvs-serv14622

Modified Files:
	dovecot-example.conf 
Log Message:
We now support checking the password against all defined auth processes and
use the one that matches.



Index: dovecot-example.conf
===================================================================
RCS file: /home/cvs/dovecot/dovecot-example.conf,v
retrieving revision 1.71
retrieving revision 1.72
diff -u -d -r1.71 -r1.72
--- dovecot-example.conf	18 Aug 2003 03:32:19 -0000	1.71
+++ dovecot-example.conf	22 Aug 2003 04:42:13 -0000	1.72
@@ -337,15 +337,11 @@
 ## Authentication processes
 ##
 
-# You can have multiple processes; each time "auth = xx" is seen, a new
-# process definition is started. The point of multiple processes is to be
-# able to set stricter permissions to others. For example, plain/PAM
-# authentication requires roots, but if you also use digest-md5 authentication
-# for some users, you can authenticate them without any privileges in a
-# separate auth process. Just remember that only one auth process is asked
-# for the password, so you can't have different passwords with different
-# processes (unless they have different auth mechanisms, and you're ok with
-# having different password for each mechanism).
+# You can have multiple authentication processes. With plaintext authentication
+# the password is checked against each process, the first one which succeeds is
+# used. This is useful if you want to allow both system users (/etc/passwd)
+# and virtual users to login without duplicating the system users into virtual
+# database.
 
 # Executable location
 #auth_executable = /usr/libexec/dovecot/dovecot-auth
@@ -379,7 +375,7 @@
 auth default {
   # Space separated list of wanted authentication mechanisms:
   #   plain digest-md5 anonymous
-  auth_mechanisms = plain
+  mechanisms = plain
 
   # Where user database is kept:
   #   passwd: /etc/passwd or similiar, using getpwnam()
@@ -388,7 +384,7 @@
   #   vpopmail: vpopmail library
   #   ldap <config path>: LDAP, see doc/dovecot-ldap.conf
   #   pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
-  auth_userdb = passwd
+  userdb = passwd
 
   # Where password database is kept:
   #   passwd: /etc/passwd or similiar, using getpwnam()
@@ -398,34 +394,44 @@
   #   vpopmail: vpopmail authentication
   #   ldap <config path>: LDAP, see doc/dovecot-ldap.conf
   #   pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
-  auth_passdb = pam
+  passdb = pam
 
   # User to use for the process. This user needs access to only user and
   # password databases, nothing else. Only shadow and pam authentication
   # requires roots, so use something else if possible. Note that passwd
   # authentication with BSDs internally accesses shadow files, which also
   # requires roots.
-  auth_user = root
+  user = root
 
   # Directory where to chroot the process. Most authentication backends don't
   # work if this is set, and there's no point chrooting if auth_user is root.
-  #auth_chroot = 
+  #chroot = 
 
   # Number of authentication processes to create
-  #auth_count = 1
+  #count = 1
 }
 
-# digest-md5 authentication process. It requires special MD5 passwords which
-# /etc/shadow and PAM doesn't support, so we never need roots to handle it.
-# Note that the passwd-file is opened before chrooting and dropping root
-# privileges, so it may be 0600-root owned file.
+# PAM doesn't provide a way to get uid, gid or home directory. If you don't
+# want to use a separate user database (passwd usually), you can use static
+# userdb.
 
-#auth digest_md5 {
-#  auth_mechanisms = digest-md5
-#  auth_userdb = passwd-file /etc/passwd.imap
-#  auth_passdb = passwd-file /etc/passwd.imap
-#  auth_user = imapauth
+#auth onlypam {
+#  mechanisms = plain
+#  userdb = static uid=500 gid=500 home=/var/mail/%u
+#  passdb = pam
+#  user = dovecot-auth
 #}
 
-# if you plan to use only passwd-file, you don't need the two auth processes,
-# simply set "auth_mechanisms = plain digest-md5"
+#auth ldap {
+#  mechanisms = plain
+#  userdb = ldap /etc/dovecot-ldap.conf
+#  passdb = ldap /etc/dovecot-ldap.conf
+#  user = dovecot-auth
+#}
+
+#auth virtualfile {
+#  mechanisms = plain digest-md5
+#  userdb = passwd-file /etc/passwd.imap
+#  passdb = passwd-file /etc/passwd.imap
+#  user = dovecot-auth
+#}

More information about the dovecot-cvs mailing list