Username aliases
Florian Pritz
bluewind at xinu.at
Fri Sep 28 00:08:31 EEST 2018
On Wed, Sep 26, 2018 at 09:34:07AM +0300, Aki Tuomi <aki.tuomi at open-xchange.com> wrote:
> # before current passbd
> passdb {
> driver = passwd-file
> args = username_format=%Lu /etc/dovecot/aliases
> }
>
> # into /etc/dovecot/aliases
> alias at user:::::::user=real_username noauthenticate
>
> This hopefully works.
This seems to work fine and I had the idea of doing something similar
for the userdb, but there it appears that the user name change doesn't
happen.
> auth_debug=yes
> userdb {
> driver = passwd-file
> args = username_format=%Lu /etc/dovecot/aliases
> result_success = continue-ok
> }
> userdb {
> driver = passwd-file
> args = username_format=%u /etc/passwd
> }
When I perform a lookup with `doveadm user 'test at xinu.at'` I get many
empty fields since the alias file doesn't have them set. I expected that
they would be fetched from the next userdb (/etc/passwd), but that
doesn't seem to happen. I get this in the log:
> dovecot[10118]: auth: Debug: master in: USER 1 test at xinu.at service=doveadm debug
> dovecot[10118]: auth: Debug: passwd-file(test at xinu.at): lookup: user=test at xinu.at file=/etc/dovecot/aliases
> dovecot[10118]: auth: Debug: passwd-file(test at xinu.at): lookup: user=test at xinu.at file=/etc/passwd
> dovecot[10118]: auth: passwd-file(test at xinu.at): unknown user
> dovecot[10118]: auth: Debug: userdb out: USER 1 test at xinu.at
So it looks like the user name change doesn't get applied with userdb,
while it works as expected with passdb. Is this expected or is this a
bug?
Just for comparison, the passdb config is this:
> passdb {
> driver = passwd-file
> args = username_format=%Lu /etc/dovecot/aliases
> }
> passdb {
> driver = pam
> }
And when logging in with `doveadm auth test test at xinu.at` the log looks like this:
> dovecot[10118]: auth: Debug: auth client connected (pid=0)
> dovecot[10118]: auth: Debug: client in: AUTH 1 PLAIN service=doveadm debug resp=<hidden>
> dovecot[10118]: auth: Debug: passwd-file(test at xinu.at): lookup: user=test at xinu.at file=/etc/dovecot/aliases
> dovecot[10118]: auth: Debug: passwd-file(test at xinu.at): username changed test at xinu.at -> flo
> dovecot[10118]: auth: Debug: passwd-file(flo): Allowing any password
> dovecot[10118]: auth: Debug: passwd-file(flo): Not performing authentication (noauthenticate set)
> dovecot[10118]: auth-worker(10356): Debug: pam(flo): lookup service=dovecot
> dovecot[10118]: auth-worker(10356): Debug: pam(flo): #1/1 style=1 msg=Password:
> dovecot[10118]: auth: Debug: client passdb out: OK 1 user=flo original_user=test at xinu.at
Florian
Full config:
# 2.3.2.1 (0719df592): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.2 (7704de5e)
# OS: Linux 4.18.5-arch1-1-ARCH x86_64 Arch Linux
# Hostname: calima
auth_debug = yes
mail_location = mdbox:~/.mdbox
mail_plugins = zlib
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
mmap_disable = yes
namespace {
hidden = no
inbox = yes
location =
prefix = INBOX.
separator = .
type = private
}
passdb {
args = username_format=%Lu /etc/dovecot/aliases
driver = passwd-file
}
passdb {
driver = pam
}
plugin {
mail_log_events = delete undelete expunge copy mailbox_delete mailbox_rename
mail_log_fields = uid box msgid size
quota = count:User quota
quota_status_nouser = DUNNO
quota_status_overquota = 552 5.2.2 Mailbox is full
quota_status_success = DUNNO
quota_vsizes = yes
sieve = ~/.dovecot.sieve
sieve_dir = ~/.sieve
sieve_global_dir = /etc/dovecot/sieve/global/
sieve_global_path = /etc/dovecot/sieve/default.sieve
}
protocols = imap lmtp
service auth {
user = root
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0660
user = postfix
}
}
service quota-status {
client_limit = 1
executable = quota-status -p postfix
unix_listener /var/spool/postfix/private/quota-status {
group = postfix
mode = 0660
user = postfix
}
}
ssl_cert = </etc/letsencrypt/live/calima.server-speed.net/fullchain.pem
ssl_cipher_list = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
ssl_options = no_compression
ssl_prefer_server_ciphers = yes
userdb {
args = username_format=%Lu /etc/dovecot/aliases
driver = passwd-file
result_success = continue-ok
}
userdb {
args = username_format=%u /etc/passwd
driver = passwd-file
}
protocol lmtp {
mail_plugins = zlib sieve
postmaster_address = postmaster at server-speed.net
}
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180927/aaa711fa/attachment.sig>
More information about the dovecot
mailing list