[Dovecot] Feature Request - Authentication Scheme - Linuxconf
Marc Perkel
marc at perkel.com
Sun Jul 17 02:28:34 EEST 2005
Dominic Marks wrote:
>On Saturday 16 July 2005 23:59, Marc Perkel wrote:
>
>
>>This would make my life a lot easier in migrating to Dovecot. And it
>>should be really easy to implement. Here's how linuxconf does it:
>>
>>Password files are placed in the /etc/vmail directory as follows:
>>
>>/etc/vmail/passwd.domain1
>>/etc/vmail/shadow.domain1
>>/etc/vmail/passwd.domain2
>>/etc/vmail/shadow.domain2
>>
>>The password and shadow files are exactly the same format as the
>>/etc/password and /etc/shadow files. The user name within the files
>>would be the %n part of the email address passed to authenticate
>>with.
>>
>>Basically the password file names are /etc/vmail/passwd.%d with the
>>user withing the file being %n.
>>
>>marc:x:40000:12:Marc Perkel:/vhome/perkel.com/home/marc:/bin/false
>>test:x:40001:12::/vhome/perkel.com/home/test:/bin/false
>>dd:x:40002:12:Atia:/vhome/perkel.com/home/dd:/bin/false
>>test2:x:40003:12::/vhome/perkel.com/home/test2:/bin/false
>>
>>It also makes merging several servers with separate passwd/shadow
>>files into one virtual system because all you have to do is copy
>>their existing passwd/shadow files into the /etc/vmail directory and
>>rename them with the domain at the end.
>>
>>So - wouldn't that be easy to add? Sure would make migrating easy for
>>me.
>>
>>
>
>Not commenting on the idea, but:
>
>From the Dovecot Wiki: http://wiki.dovecot.org/moin.cgi/Authentication
>
>"Dovecot 1.0-tests support defining multiple password databases, so that
>if password doesn't match in the first database, it checks the next
>one. This can be useful if you want to easily support having both local
>system users in /etc/passwd but also virtual users..."
>
>Using this you could implement what you describe, with one small
>exception that usernames would have to be renamed in your passwd
>files to their appropriate user at domain form. I think that it is
>good practice to name your users with the complete name in the passwd
>file.
>
>Cheers,
>
>
Yes - I'm trying to avoid migration to a new format because I have an
interface that mamages the passwd/shadow method that I'm using now. I
would have to run a conversion script one a minute if I changed it to
something else. And I have about 200 of these virtual domain files.
It's actually a pretty good system and I believe it would be trivial to
make Dovecot compatible with it. If I migrate I would have to merge
these 200 files into one big file and that might be slow and ungle,
unless I went to MySQL perhaps. I was experimenting with that and
couldn't get it to work.
--
Marc Perkel - marc at perkel.com
Spam Filter: http://www.junkemailfilter.com
My Blog: http://marc.perkel.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://dovecot.org/pipermail/dovecot/attachments/20050716/e31f8561/attachment-0003.html>
More information about the dovecot
mailing list