[Dovecot] PgSQL+TLS
Christian Roessner
c at g33k5.de
Tue Jul 19 09:54:41 EEST 2011
Hi,
>> I would like to use PostgreSQL instead of a flat file for ACLs:
>>
>> http://wiki2.dovecot.org/SharedMailboxes/Shared
>>
>> How must a connect=-line look like to connect with TLS to a server?
>>
>> Thanks in advance
>> Christian
>
> The example configuration¹ mentions "For available options, see the
> PostgreSQL documention for the PQconnectdb function of libpq".
> Click here: http://google.com/search?q=PostgreSQL+PQconnectdb
first of all thanks for your answer. After reading the documentation, I
end up in a problem:
Jul 19 08:31:52 mx0 dovecot: imap(de10015 at service.intern): Fatal:
Unknown ACL backend: pgsql
Am I pgsql missing?
ldd /usr/lib/dovecot/imap
linux-gate.so.1 => (0x00e94000)
libdovecot-storage.so.0 => /usr/lib/dovecot/libdovecot-storage.so.0
(0x00161000)
libdovecot.so.0 => /usr/lib/dovecot/libdovecot.so.0 (0x00760000)
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x00110000)
librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00b2c000)
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00220000)
/lib/ld-linux.so.2 (0x00acd000)
libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x00114000)
I can not see it here, but:
ldd dict
linux-gate.so.1 => (0x00440000)
libdovecot.so.0 => /usr/lib/dovecot/libdovecot.so.0 (0x00d43000)
libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x00485000)
libmysqlclient.so.16 => /usr/lib/libmysqlclient.so.16 (0x00110000)
libpq.so.5 => /usr/lib/libpq.so.5 (0x00304000)
libsqlite3.so.0 => /usr/lib/libsqlite3.so.0 (0x00df3000)
libz.so.1 => /lib/libz.so.1 (0x0080b000)
librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x0066a000)
libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00489000)
/lib/ld-linux.so.2 (0x00f3d000)
libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x00327000)
libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0x00340000)
libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0x00372000)
libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x00797000)
libssl.so.0.9.8 => /lib/i686/cmov/libssl.so.0.9.8 (0x00a81000)
libcrypto.so.0.9.8 => /lib/i686/cmov/libcrypto.so.0.9.8 (0x00ac9000)
libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x00389000)
libcom_err.so.2 => /lib/libcom_err.so.2 (0x0062c000)
libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x00711000)
libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0x008e1000)
libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x00441000)
libkrb5support.so.0 => /usr/lib/libkrb5support.so.0 (0x006d6000)
libkeyutils.so.1 => /lib/libkeyutils.so.1 (0x00ef8000)
libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0x00f27000)
liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0x00465000)
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x005e3000)
has libpq.so. I have these configure options in my debian/rules file:
./configure --with-ldap \
--with-ssl=openssl \
--with-pgsql \
--with-mysql \
--with-sqlite \
--with-gssapi \
--with-ioloop=best \
--host=$(DEB_HOST_GNU_TYPE) \
--build=$(DEB_BUILD_GNU_TYPE) \
--prefix=/usr \
--sysconfdir=/etc \
--libexecdir=\$${prefix}/lib \
--localstatedir=/var \
--mandir=\$${prefix}/share/man \
--infodir=\$${prefix}/share/info \
--with-moduledir=\$${prefix}/lib/dovecot/modules
and libpq-dev is listed in the control file. So I am pretty sure the
package was built cleanly.
My dovecot installation is completely bound to OpenLDAP. The only
exception is ACL, where I want to use PostgreSQL. I tried adding
something like "driver=pgsql" to the plugin section, but this does
nothing. So what am I missing here?
90-acl.conf:
plugin {
acl_shared_dict = file:/var/mail/virtual/shared-mailboxes.db
# acl_shared_dict = proxy::acl
}
plugin {
acl = vfile
# acl = pgsql:/etc/dovecot/dovecot-dict-sql.conf.ext
}
Right now, I use vfile as a workaround. So please don't get confused, if
you have a look at doveadm config -n. It's clear that I enabled the
lines for pgsql, when trying to get things working ;-)
Anything else is working like a charm :-)
Thanks a lot in advance for helping me on this topic
Best wishes
Christian
doveadm config -n
# 2.0.13: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-33-generic-pae i686 Ubuntu 10.04.3 LTS
auth_cache_size = 10 M
auth_default_realm = roessner-net.de
auth_master_user_separator = *
auth_mechanisms = plain login digest-md5 cram-md5 ntlm
auth_realms = roessner-net.de
auth_verbose = yes
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
mail_access_groups = vmail
mail_gid = vmail
mail_location = mdbox:~/mdbox
mail_plugins = quota acl
mail_privileged_group = mail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex
imap4flags copy include variables body enotify environment mailbox date
namespace {
inbox = yes
location =
prefix =
separator = /
type = private
}
namespace {
list = children
location = mdbox:%%h/mdbox
prefix = shared/%%u/
separator = /
subscriptions = no
type = shared
}
passdb {
args = /etc/dovecot/master-users
driver = passwd-file
master = yes
pass = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
acl = vfile
acl_shared_dict = file:/var/mail/virtual/shared-mailboxes.db
quota = dict:User quota::file:%h/mdbox/dovecot-quota
quota_rule = *:storage=300M:messages=20000
quota_warning = storage=95%% quota-warning 95 %u
quota_warning2 = storage=80%% quota-warning 80 %u
recipient_delimiter = +
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_extensions = -reject
}
postmaster_address = postmaster at mx0.roessner-net.de
protocols = imap pop3 sieve lmtp
service auth-worker {
unix_listener auth-worker {
user = vmail
}
user = vmail
}
service auth {
unix_listener auth-userdb {
mode = 0600
user = vmail
}
user = vmail
}
service dict {
unix_listener dict {
mode = 0600
user = vmail
}
}
service imap-login {
service_count = 0
vsz_limit = 64 M
}
service lmtp {
inet_listener lmtp {
address = ::1
port = 24
}
}
service managesieve-login {
service_count = 0
}
service quota-warning {
executable = script /usr/local/bin/quota-warning.sh
unix_listener quota-warning {
user = vmail
}
user = dovecot
}
ssl_cert = </ca/mail.roessner-net.de/newcert.pem
ssl_key = </ca/mail.roessner-net.de/newkey.pem
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
verbose_proctitle = yes
protocol lmtp {
mail_plugins = quota acl sieve
}
protocol lda {
mail_plugins = quota acl sieve
}
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep
mail_max_userip_connections = 50
mail_plugins = quota acl imap_quota imap_acl
}
--
Roessner-Network-Solutions
Bachelor of Science Informatik
50°34.725'N, 08°40.904'O, Nahrungsberg 81, 35390 Giessen
F: +49 641 5879091, M: +49 176 93118939
USt-IdNr.: DE225643613
http://www.roessner-network-solutions.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20110719/66f34f97/attachment-0001.bin>
More information about the dovecot
mailing list