passdb {driver = shadow args = override_username=%variable}

Timo Sirainen tss at iki.fi
Tue Jul 12 01:25:53 UTC 2016


On 11 Jul 2016, at 19:48, William L. Thomson Jr. <wlt-ml at o-sinc.com> wrote:
> 
> On Saturday, July 09, 2016 12:01:43 PM UNIX admin wrote:
>> Hello list
>> 
>> I want to implement override_username = %variable for the "shadow"
>> driver, so that the following works:
>> 
>> passdb {
>>  driver = shadow
>>  args = override_username=%Ln
>> }
>> 
>> by "%variable", I mean "Variables" at http://wiki.dovecot.org/Variables.
> 
> That is pretty interesting, and along those lines. Could override_username also allow one 
> to block certain usernames from being synced?
> 
> My mail server monitoring uses the nobody user account. That triggers syncing for the 
> nobody user account. Which always fails syncing. I end up running the following command 
> allot to avoid repeat errors in logs.
> 
> "doveadm replicator remove nobody"
> 
> I have not found a way to block users from passdb. Seems to be all or nothing. I could see 
> about having monitoring use an actual account.

If something isn't in first_valid_uid..last_valid_uid it's not included in the list of users. In v2.3.x tree there's also a commit to check also first_valid_gid..last_valid_gid, which I'm not sure if it should be part of v2.2.x.



More information about the dovecot mailing list