Help with imapc and Shared Folder in a Cluster

Alessio Cecchi alessio at skye.it
Fri Apr 23 20:05:11 EEST 2021 

Il 23/04/21 09:29, Markus Valentin ha scritto:
> On 4/22/21 11:49 PM, Alessio Cecchi wrote:> I'm tryng to setup Shared
> Mailboxes in Dovecot (2.3.14) Cluster as
>> explained here:
>>
>> https://doc.dovecot.org/configuration_manual/shared_mailboxes/cluster_setup/
>>
>>
>> but I'm not happy:
>>
>> # doveadm acl debug -u test1 at emailtest.net shared/test2/Sent
>>
>> doveadm(test1 at emailtest.net): Info: imapc(10.0.0.202:143): Connected to
>> 10.0.0.202:143 (local 10.0.0.203:58054)
>> doveadm(test1 at emailtest.net): Info: imapc(10.0.0.202:143): Connected to
>> 10.0.0.202:143 (local 10.0.0.203:58056)
>> doveadm(test1 at emailtest.net): Error: imapc(10.0.0.202:143):
>> Authentication failed: [AUTHENTICATIONFAILED] Authentication failed.
>> doveadm(test1 at emailtest.net): Error: Can't open mailbox
>> shared/test2/Sent: Authentication failed: [AUTHENTICATIONFAILED]
>> Authentication failed.
>>
>> ACL, master-user, master-password works fine because with regular
>> configuration shared folders works fine and also with master-user or
>> with master-password I can login and see and access to shared/ namespace
>> and shared folders.
>>
>> But when I try to switch location from
>>
>> location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
>>
>> to
>>
>> location = imapc:~/Maildir/shared/%%u/
>> [...]
>> imapc_host = 10.0.0.202
>> imapc_master_user = %u
>> #imapc_user = %u
>> imapc_password = Password
>> imapc_features = search
>>
>> stop working.
>>
>> The relevant error is this:
>>
>> Apr 22 22:57:14 doveadm(test1 at testemail.net): Info:
>> imapc(10.0.0.203:143): Connected to 10.0.0.202:143 (local 10.0.0.203:58070)
>> Apr 22 22:57:14 doveadm(test1 at testemail.net): Debug:
>> imapc(10.0.0.203:143): Server capabilities: IMAP4rev1 SASL-IR
>> LOGIN-REFERRALS ID ENABLE IDLE XLIST LITERAL+ AUTH=PLAIN AUTH=LOGIN
>> Apr 22 22:57:14 doveadm(test1 at testemail.net): Debug:
>> imapc(10.0.0.203:143): Authenticating as test1 at testemail.net for user
>> test2 at testemail.net
>> Apr 22 22:57:16 doveadm(test1 at testemail.net): Error:
>> imapc(10.0.0.203:143): Authentication failed: [AUTHENTICATIONFAILED]
>> Authentication failed.
>> Apr 22 22:57:16 doveadm(test1 at testemail.net): Debug:
>> imapc(10.0.0.203:143): Disconnected
>> Apr 22 22:57:16 doveadm(test1 at testemail.net): Error: Can't open mailbox
>> shared/test2/Sent: Authentication failed: [AUTHENTICATIONFAILED]
>> Authentication failed.
>>
>> Please note "Authenticating as test1 at testemail.net for user
>> test2 at testemail.net" failed.
>>
>> So my question is, the documentation page is update and right or I
>> missing something?
> Hi,
>
> from my perspective it is likely that test1 at testemail.net can't be
> authenticated as a master user which is required for this setup to work.
>
>  From the cluster setup page:
>
> "You’ll need to setup master user logins to work for all the users. The
> logged in user becomes the master user. The master user doesn’t actually
> have any special privileges. "

Hi Markus,

really thanks for your support.

I understand your explanation but I don't understand how to apply it on 
master user/password side.

I must put in configuration file "imapc_password = master-secret" where 
"master-secret" is a fixed string, and "imapc_master_user = %u" that is 
replaced with "test1 at testemail.net" in my case.

So I have insert in auth-master.conf:

passdb {
    driver = static
    args = password=master-secret
    result_success = continue
}

but I don't think is right/sufficient since, if I understand what you 
said, the master user name will be "test1 at testemail.net" (from %u) , so 
login format at IMAP level will be 
"test2 at testemail.net*"test1 at testemail.net"

but this require a passdb conf more similar to

passdb {
   driver = sql
   args = /etc/dovecot/dovecot-sql-master.conf.ext
   master = yes
   result_success = continue
}

so every %u can be master user, but the password cannot be fixed in this 
case, since will be the password for every users.

Should I mix passdb driver = sql with args = password=master-secret?

Or what?

Thanks

-- 
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20210423/beb9b317/attachment-0001.html>

More information about the dovecot mailing list