[Dovecot] passdb to add extra fields?

[Timo Sirainen]

Some passdbs like PAM can't really return any extra fields. Also some
people have wanted to combine users' data from different passdb/userdbs
so that for example you'd have userdb passwd give the uid/gid/home, but
then you'd also have some other userdb give quota limits.

So I was thinking something like this:

passdb {
  driver = pam
}
passdb {
  driver = sql
  include = yes
}

or:

userdb {
  driver = passwd
}
userdb {
  driver = passwd-file
  include = yes
}

I'm not sure about two things:

1) Should there be a way to replace all of the existing fields instead
of just adding new ones?

2) Any thoughts of a better name than "include"? With passdb it would
mean that it's included only when the authentication failed for some
other passdb. With userdb it means it's included only if a previous
userdb lookup succeeded.

Also there are already "deny" and "pass" settings. Interaction with them
can be somewhat confusing.. Maybe all of these should be replaced with:

type=deny: Same as old deny=yes (deny auth if user is in list)
type=precondition(?): Same as pass=yes (require another passdb to match)
type=postcondition(?): Require user to exist in this passdb/userdb as
well, adding any extra fields in it.
type=add: Add any extra fields, if the user exists at all.

(Better ideas for the names here? Is even "type" a good name?)

Then maybe a new setting to delete existing extra fields .. or perhaps
just extend passdb { override_fields } so that having "-field" would
delete the field if it already existed..