Last_login plugin and mysql
Thomas Hooge
thomas at hoogi.de
Mon Sep 24 10:34:24 EEST 2018
Hello,
> last_login plugin uses dict interface, which does not support "update",
> it only supports get, set, unset and atomic inc. Set is implemented
> with
> 'INSERT INTO foo ... ON DUPLICATE UPDATE'. There is no configuration
> setting to change this, as dict cannot know without performing a SELECT
> that a value already exists.
Ok, now i understand the dict behaviour.
Some clarification in the last-login wiki page would be nice:
* needed Database rights
* Example of last_login in separate table
In my special case i wanted to use the last_login field inside
the mailbox table of postfixadmin.
From the security point of view i don't want dovecot to be able
to insert records in that table. So the only additional right
should be update on the last_login field.
In the case of the last_login plugin there ist a very high probability
the dict key exists because of the previous successfull login which
uses the same table.
If the key does not exist there is a serious problem :-)
Perhaps there shoud be a feature of different types of dicts:
* normal dict (as implemented)
* immutable dict (read only)
* dict with immutable keys (only value writeable)
Kind regards,
Thomas
More information about the dovecot
mailing list