question on autch cache parameters

matthias lay matthias.lay at securepoint.de
Wed Aug 5 14:30:58 UTC 2015


Hi list,

I have a question on auth caching in 2.2.18.

I am using acl_groups for a master user, appended in a static userdb file

# snip ###############################
master at uma:{SHA}XXXX=::::::userdb_acl_groups=umareadmaster
allow_nets=127.0.0.1
# snap ###############################

and use this group in a global ACL file.
I discovered this only works on first NOT-cached login



environment in imap-postlogin script on first login:


AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c
MASTER_USER=master at uma
SPUSER=private/pdf
LOCAL_IP=127.0.0.1
USER=pdf
AUTH_USER=master at uma
PWD=/var/run/dovecot
USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
SHLVL=1
HOME=/var/data/vmail/private/pdf
ACL_GROUPS=umareadmaster
IP=127.0.0.1
_=/usr/bin/env


on the second cached login it looks like this


AUTH_TOKEN=12703b11932f233520f6d4b33559c33aeb1cfc7f
MASTER_USER=master at uma
SPUSER=private/pdf
LOCAL_IP=127.0.0.1
USER=pdf
AUTH_USER=master at uma
PWD=/var/run/dovecot
USERDB_KEYS=HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
SHLVL=1
HOME=/var/data/vmail/private/pdf
IP=127.0.0.1
_=/usr/bin/env

so the ACL_GROUPS is gone.

is this intended to be like that.
so groups not included in cache and I have to find another approach?

anybody else encountered similar problems with some auth Variables and
caching?


Greetz Matze


More information about the dovecot mailing list