[Dovecot] passwd authentication issues (ATTN: Petar)

[Petar Bogdanovic]

Bruce Lane wrote:
> Hi, Petar,

Hi!


> 	Is my dovecot running chrooted? Not that I know of. However, the option to (apparently) decide this is confusing at best. Here is what I have entered.
> 
> # chroot login process to the login_dir. Only reason not to do this is if you
> # wish to run the whole Dovecot without roots.
> # http://wiki.dovecot.org/Rootless
> login_chroot = yes

Hmm, I had chroot(8) on my mind, but AFAIK, this option and chroot(8) 
have both something to do with chroot(2).

I don't fully understand what `login_chroot' is actually doing. However, 
it's not activated in my dovecot.conf.

$ grep login_chroot dovecot.conf.ssl
#login_chroot = yes

The wiki says, that this just makes sense if you want to _start_ dovecot 
as non-root, so you better ignore my `login_chroot' and stick to the 
default (if that really is the default).


> 	This has me deeply confused. I'm not running IMAP, I'm not interested in running IMAP, I don't want anything to do with IMAP. However, there's five processes for imap-login. What gives?

What does `protocols' from your dovecot.conf say?


> 	On to your second question: Are /etc/pwd.db and /etc/spwd.db available? Yes, both are listed in the directory of /etc as follows.
> 
> 	How "available" this makes them (I don't know what context you were asking in), I'm not sure.

That question war related to chroot(8). If you chroot things and if you 
want to authenticate `passwd'-users in this new chroot-ed environment.. 
then you need at least pwd.db.


> 	One other question: Pegasus (the mail client) has two options for secure POP connections besides apop (which I've shelved for the moment): STLS and direct SSL connection. I've got it set to direct SSL at the moment. Does this sound right?

How about trying plain-pop3 / plain-imap? Maybe your problem has 
something to do with ssl..


Kind regards,

Petar