[Dovecot] sqlite queries for master user

Alan Chandler alan at chandlerfamily.org.uk
Thu Feb 13 22:43:45 UTC 2014


Hi

I am trying to achieve the following functionality

"usera" can't login because his account is set non active.  there is a 
deny query that checks this.

a master user ("masteruser") should be able login using 
"usera*masteruser" syntax to this disabled account

I just tried it with auth_debug set on, but the deny query is being run 
for usera, presumably because my master definition is

passdb {
   driver = sql
   master = yes
   args = /etc/dovecot/sqlite-master.conf

   # Unless you're using PAM, you probably still want the destination 
user to
   # be looked up from passdb that it really exists. pass=yes does that.
   pass = yes
}

with pass=yes, and that causes usera to be validated through both the 
deny and accept phase of authorisation.


In the password_query defined in sqlite-master.conf I user '%u' to 
locate my master user.  Is there any variable I could use to (in that 
query) to also check that "usera" exists? I could then remove the pass = 
yes, both to avoid two more queries and to avoid the trap that this 
account is locked out.

Alternatively some other parameter in the passdb segment above to tell 
the other login to miss the deny stage.


More information about the dovecot mailing list