[Dovecot] Semi-static userdb...?

John Robinson john.robinson at anonymous.org.uk
Tue May 15 05:16:49 EEST 2007

On 11/05/2007 15:57, Timo Sirainen wrote:
> On Fri, 2007-04-20 at 14:00 +0100, John Robinson wrote:
>> I'm trying to add "virtual" mailboxes to a system. Real users with 
>> different uids own domains. Each domain has a passwd-file passdb. I 
>> don't want to use this passwd-file for the userdb, because I want to fix 
>> the home, mail and uid/gid settings. Can I use the static userdb in a 
>> less static manner, e.g.
>> userdb static {
>>    args = uid=%{owner of /vmail/%d} gid=%{gid of /vmail/%d} 
>> home=/vmail/%d/users/%u 
>> mail=mbox:/vmail/%d/users/%u/mail:INBOX=/vmail/%d/users/%u/INBOX
>> }
> Hmm. You could always use a checkpassword script which does everything,
> but the above does look like it could be useful. I'm just not sure what
> would be the best way to implement it so that it would be useful for
> other kinds of configurations too..
> One possibility would be to set "uid_file=/vmail/%d gid_file=/vmail/%d".
> I guess that would be good. Added to TODO, but I'm not sure when I get
> around to implementing it.

Something like the attached? It applies cleanly to 1.0.0, I've tested it 
lightly and it appears to work. My testing was to use passdb pam with 
userdb static { args = uid_file=/home/%u gid_file=/home/%u home=/home/%u 
}. It's perhaps not perfect: it doesn't complain if you set both uid and 
uid_file, ditto gid and gid_file, and it doesn't do any sanity checks on 
the result of the expansion[1].



[1] Use uid_file=/vmail/%d and login with domain ../etc/passwd and you 
end up looking at /etc/passwd. I don't know whether this matters: it's 
only doing a stat(), hopefully dovecot won't let you check mail as root, 
and anyway presumably the user has already had their password checked by 
now, and someone logging in as foo at ../etc/passwd or whatever would have 
failed a password check.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dovecot-1.0.0-semistatic.patch
Url: http://dovecot.org/pipermail/dovecot/attachments/20070515/2446029d/attachment-0001.pot 

More information about the dovecot mailing list