"nologin" field set leads to internal failure
postminion at dicksinmyan.us
postminion at dicksinmyan.us
Fri Aug 17 16:50:20 EEST 2018
Hi,
I've tried to use the "nologin" extra password-db field as specified
here:
https://wiki.dovecot.org/PasswordDatabase/ExtraFields/NoLogin
Due to lack of exact documentation, I've tried to use `nologin`='y' for
users that can't login, and setting `nologin`='n' for normal users.
Apparently setting it to NULL for normal users would have been correct,
as I've found out. Maybe write that on the above website.
Anyway, login didn't work for a user with `nologin`='n' set. Trying to
debug a normal user being unable to login, the log (mail.log) says:
dovecot: imap-login: Disconnected (internal failure, 4 successful
auths): user=<test at example.com>, method=PLAIN, rip=<ip6>, lip=<ip6>,
TLS, session=<session>
What I'm expecting it to say would be something like "user not allowed
to login". I'm considering this a problem because of "Dovecot always
logs a detailed error message if something goes wrong." as written here:
https://wiki2.dovecot.org/Logging
For the record, setting auth_debug=yes and mail_debug=yes gave the
following line in the logs somewhere, from which I was able to figure
out that NOLOGIN was the problem:
dovecot: auth: Debug: client passdb out:
OK#011<id>#011user=test at example.com#011nologin
Thank you.
dovecot -n output:
--snip--
# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-7-amd64 x86_64 Debian 9.5
auth_default_realm = example.com
base_dir = ...
listen = *,[v6]
login_greeting = ...
mail_home = .../%d/%n/
mail_location = maildir:~/mail/:INDEX=MEMORY
mail_plugins = trees
mail_temp_dir = ...
namespace inbox {
inbox = yes
location =
prefix =
}
passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
protocols = imap lmtp
recipient_delimiter = -+
service auth {
unix_listener ... {
group = postfix
mode = 0660
user = postfix
}
}
service imap-login {
inet_listener imap {
port = 143
}
inet_listener imaps {
port = 0
}
service_count = 1
}
service lmtp {
unix_listener ... {
group = postfix
mode = 0600
user = postfix
}
user = vmail
}
ssl = required
ssl_cert = <...
ssl_cipher_list = ...
ssl_dh_parameters_length = 4096
ssl_key = # hidden, use -P to show it
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
--snap--
More information about the dovecot
mailing list