Disabling of userdb/passdb modules using config statements

Jeroen Massar jeroen at massar.ch
Fri Apr 10 10:27:12 UTC 2015


On 2015-04-10 12:16, Gedalya wrote:
> On 04/10/2015 05:59 AM, Jeroen Massar wrote:
>>
>> This can be resolved by commenting out the entries in
>> auth-system.conf.ext but then I'll have to do that again at package
>> upgrade time.
> 
> Comment out the !include auth-system.conf.ext line in 10-auth.conf.

Though indeed simpler than commenting out multiple lines, that file also
gets replaced by a package upgrade.

Hence does not solve the 'can just upgrade silently' issue.

>> Hence, would it be a cool option to be able (in the 99-myconfig.conf)
>> file to put:
> Actually you mean local.conf. See the master dovecont.conf file, it's
> included last.

Only when it exists, one can use both.

from dovecot.conf:
8<-------------
# Most of the actual configuration gets included below. The filenames are
# first sorted by their ASCII value and parsed in that order. The
00-prefixes
# in filenames are intended to make it easier to understand the ordering.
!include conf.d/*.conf

# A config file can also tried to be included without giving an error if
# it's not found:
!include_try local.conf
--------------------------->8

Both conf.d/99-myconfig.conf and local.conf can work for this.

I prefer 99- as that is what other daemons also use.

>>
>> passdb {
>>      driver = pam
>>      enabled = false
>> }
>> userdb {
>>      driver = passwd
>>      enabled = false
>> }
>>
>> And thereby disabling those modules completely? Thus avoiding upgrade
>> conflicts etc.
> That's an interesting idea actually. My first thought is that it could
> be helpful to use *named* passdb / userdb sections to facilitate this.

That would require a default system, which now works out of the box with
pam/etc to be properly named and then renamed...

Greets,
 Jeroen



More information about the dovecot mailing list