userdb username changed

Péter Márton marton.peter at gmail.com
Fri Apr 17 08:19:34 UTC 2015


Hi!

I'm playing with a postfix + dovecot + mysql test setup, and noticed
something strange. It seems that despite the "username changed" line,
auth returns the original username:

Apr 17 09:27:34 imap21 dovecot: quota-status: Debug: Loading modules
from directory: /usr/lib64/dovecot
(...)
Apr 17 09:27:34 imap21 dovecot: auth-worker(27661): Debug:
sql(ppp at example.net): SELECT at.userid AS user, at.home AS home,
at.uid AS uid, at.gid AS gid, concat('*:storage=', at.quotabytes,
'b:messages=', at.quotamessages) AS quota_rule FROM auth at INNER JOIN
mailaddr mt ON at.userid = mt.userid WHERE mt.mailaddress =
'ppp at example.net' OR at.userid = 'ppp at example.net'
Apr 17 09:27:34 imap21 dovecot: auth-worker(27661): Debug:
sql(ppp at example.net): username changed ppp at example.net -> uppp
Apr 17 09:27:34 imap21 dovecot: auth: Debug: userdb out:
USER#0111#011ppp at example.net#011home=/home/ppp#011uid=500#011gid=500#011quota_rule=*:storage=3100b:messages=1024
Apr 17 09:27:34 imap21 dovecot: quota-status: Debug: auth input:
ppp at example.net home=/home/ppp uid=500 gid=500
quota_rule=*:storage=3100b:messages=1024
Apr 17 09:27:34 imap21 dovecot: quota-status: Debug: Added userdb
setting: plugin/quota_rule=*:storage=3100b:messages=1024
Apr 17 09:27:34 imap21 dovecot: quota-status(ppp at example.net): Debug:
Effective uid=500, gid=500, home=/home/ppp
Apr 17 09:27:34 imap21 dovecot: quota-status(ppp at example.net): Debug:
Quota root: name=User quota backend=dict args=:proxy::quota
Apr 17 09:27:34 imap21 dovecot: quota-status(ppp at example.net): Debug:
Quota rule: root=User quota mailbox=* bytes=3100 messages=1024
Apr 17 09:27:34 imap21 dovecot: quota-status(ppp at example.net): Debug:
Quota grace: root=User quota bytes=310 (10%)
Apr 17 09:27:34 imap21 dovecot: quota-status(ppp at example.net): Debug:
dict quota: user=ppp at example.net, uri=proxy::quota, noenforcing=0

I've checked this with the LMTP service (i know, normally it wouldn't
get mail addresses) and it produces the same:

Apr 17 09:30:35 imap21 dovecot: auth-worker(27730): Debug:
sql(ppp at example.net,127.0.0.1): SELECT at.userid AS user, at.home AS
home, at.uid AS uid, at.gid AS gid, concat('*:storage=',
at.quotabytes, 'b:messages=', at.quotamessages) AS quota_rule FROM
auth at INNER JOIN mailaddr mt ON at.userid = mt.userid WHERE
mt.mailaddress = 'ppp at example.net' OR at.userid = 'ppp at example.net'
Apr 17 09:30:35 imap21 dovecot: auth-worker(27730): Debug:
sql(ppp at example.net,127.0.0.1): username changed ppp at example.net ->
uppp
Apr 17 09:30:35 imap21 dovecot: auth: Debug: userdb out:
USER#0111#011ppp at example.net#011home=/home/ppp#011uid=500#011gid=500#011quota_rule=*:storage=3100b:messages=1024
Apr 17 09:30:35 imap21 dovecot: lmtp(27728): Debug: auth input:
ppp at example.net home=/home/ppp uid=500 gid=500
quota_rule=*:storage=3100b:messages=1024
Apr 17 09:30:35 imap21 dovecot: lmtp(27728): Debug: Added userdb
setting: plugin/quota_rule=*:storage=3100b:messages=1024
Apr 17 09:30:35 imap21 dovecot: lmtp(27728, ppp at example.net): Debug:
Effective uid=500, gid=500, home=/home/ppp

Passdb works as it should. IMAP test:

Apr 17 09:36:21 imap21 dovecot: auth-worker(27849): Debug:
sql(ppp at example.net,10.10.128.25): query: SELECT at.userid AS user,
at.password AS password, at.home AS userdb_home, at.uid AS userdb_uid,
at.gid AS userdb_gid, concat('*:storage=', at.quotabytes,
'b:messages=', at.quotamessages) AS userdb_quota_rule FROM auth at
INNER JOIN mailaddr mt ON at.userid = mt.userid WHERE mt.mailaddress =
'ppp at example.net' OR at.userid = 'ppp at example.net'
Apr 17 09:36:21 imap21 dovecot: auth-worker(27849): Debug:
sql(ppp at example.net,10.10.128.25): username changed ppp at example.net ->
uppp
Apr 17 09:36:21 imap21 dovecot: auth: Debug:
sql(ppp at example.net,10.10.128.25,<ox/+ouYTQQDDyoAZ>): username changed
ppp at example.net -> uppp
Apr 17 09:36:21 imap21 dovecot: auth: Debug: client passdb out:
OK#0111#011user=uppp#011original_user=ppp at example.net
Apr 17 09:36:21 imap21 dovecot: auth: Debug: master in:
REQUEST#0113358588929#01127844#0111#011dbf373ba260f9990e1ea6b688924d513#011session_pid=27850#011request_auth_token
Apr 17 09:36:21 imap21 dovecot: auth: Debug:
prefetch(uppp,10.10.128.25,<ox/+ouYTQQDDyoAZ>): success
Apr 17 09:36:21 imap21 dovecot: auth: Debug: master userdb out:
USER#0113358588929#011uppp#011home=/home/ppp#011uid=500#011gid=500#011quota_rule=*:storage=3100b:messages=1024#011auth_token=737d315a5c0e388a0b3dc2bea3c9e333357696d8#011auth_user=ppp at example.net
Apr 17 09:36:21 imap21 dovecot: imap-login: Login: user=<uppp>,
method=PLAIN, rip=10.10.128.25, lip=10.10.97.201, mpid=27850, TLS,
session=<ox/+ouYTQQDDyoAZ>
Apr 17 09:36:21 imap21 dovecot: imap: Debug: Loading modules from
directory: /usr/lib64/dovecot
Apr 17 09:36:21 imap21 dovecot: imap: Debug: Module loaded:
/usr/lib64/dovecot/lib10_quota_plugin.so
Apr 17 09:36:21 imap21 dovecot: imap: Debug: Module loaded:
/usr/lib64/dovecot/lib11_imap_quota_plugin.so
Apr 17 09:36:21 imap21 dovecot: imap: Debug: Added userdb setting:
plugin/quota_rule=*:storage=3100b:messages=1024
Apr 17 09:36:21 imap21 dovecot: imap(uppp): Debug: Effective uid=500,
gid=500, home=/home/ppp

Can someone tell what should i do to make this work? Or any idea i could try?
It would help if Postfix would be able to run Virtual before the
policy check, but thats a problem for the postfix list. :)

Thanks!

Peter

doveconf -n:

# 2.2.15: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.6 (3e924b1b6c5c+)
# OS: Linux 2.6.32-504.8.1.el6.x86_64 x86_64 CentOS release 6.6 (Final)
auth_debug = yes
auth_verbose = yes
dict {
  quota = mysql:/etc/dovecot/dict-quota-sql.conf.ext
}
mail_access_groups = dovecot
mail_debug = yes
mail_fsync = always
mail_plugins = quota
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave duplicate
mbox_write_locks = fcntl
mmap_disable = yes
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix =
}
passdb {
  args = /etc/dovecot/dovecot-example-mysql.conf.ext
  driver = sql
}
plugin {
  quota = dict:User quota::proxy::quota
  quota_status_nouser = 554 5.5.4 Who the f* is Alice?
  quota_status_overquota = 552 5.2.2 Mailbox is full
  quota_status_success = DUNNO
}
service dict {
  unix_listener dict {
    group = dovecot
    mode = 0660
  }
}
service imap-login {
  inet_listener imap {
    port = 143
  }
}
service lmtp {
  inet_listener lmtp {
    address = *
    port = 25
  }
}
service pop3-login {
  inet_listener pop3 {
    port = 110
  }
}
service quota-status {
  client_limit = 1
  executable = quota-status -p postfix
  inet_listener {
    port = 252
  }
}
ssl = required
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-example-mysql.conf.ext
  driver = sql
}
protocol lmtp {
  mail_plugins = quota
}
protocol lda {
  mail_plugins = quota
}
protocol imap {
  mail_plugins = quota imap_quota
}
protocol pop3 {
  mail_plugins = quota
}

/etc/dovecot/dovecot-example-mysql.conf.ext:

driver=mysql
connect = host=10.10.90.206 dbname=mail user=user password=abcabcabc
password_query = SELECT at.userid AS user, at.password AS password, \
        at.home AS userdb_home, at.uid AS userdb_uid, at.gid AS userdb_gid, \
        concat('*:storage=', at.quotabytes, 'b:messages=',
at.quotamessages) AS userdb_quota_rule \
        FROM auth at INNER JOIN mailaddr mt ON at.userid = mt.userid
WHERE mt.mailaddress = '%u' OR at.userid = '%u'
user_query = SELECT at.userid AS user, at.home AS home, at.uid AS uid,
at.gid AS gid, \
     concat('*:storage=', at.quotabytes, 'b:messages=',
at.quotamessages) AS quota_rule \
     FROM auth at INNER JOIN mailaddr mt ON at.userid = mt.userid
WHERE mt.mailaddress = '%u' OR at.userid = '%u'


More information about the dovecot mailing list