Disabling auth fallback to PAM
Hi folks, According to the wiki,¹ it's considered a feature of Dovecot and its ability to support multiple authentication sources that "if the password doesn't match in the first database, it checks the next one". ¹) http://wiki.dovecot.org/Authentication/MultipleDatabases I think it's great that Dovecot allows auth sources to be stacked like this, but I am not sold on the idea that the next database ought to be tried when a *password* does not match. Let me elaborate: If the first database has knowledge of a user, then it can (should) be considered authoritative, and if the provided password does not match, it's an authentication error right away. Only if the first source does not posess any knowledge about a given user, then should Dovecot proceed to query/check with the next database. Can this be configured somehow? If not, would it make sense to make this behaviour configurable? Thanks, -- @martinkrafft | http://madduck.net/ | http://two.sentenc.es/ "the ships hung in the sky in much the same way that bricks don't." -- hitchhiker's guide to the galaxy spamtraps: madduck.bo...@madduck.net digital_signature_gpg.asc Description: Digital signature (see http://martin-krafft.net/gpg/sig-policy/999bbcc4/current)
Re: doveadm import/sync with read-only source location
+1 to that idea. Ask the same couple month before during migration from 1.x to 2.x but got no answer from someone who able to change this. On Tue, 17 Nov 2015 10:35:11 +0200 Teodor Milkov wrote: > Hello, > > Currently doveadm tool can't be used with read-only source locations > because it's trying to create lock files. > > I'd guess lock files shouldn't be necessary on a read-only media, > because no one else is going to change anything while our doveadm > instance is running anyway. Example: > > doveadm import -u t...@example.com > maildir:/backup.0/domains/example.com/postmaster/Maildir restored ALL > doveadm(t...@example.com): Error: > open(/backup.0/domains/example.com/postmaster/Maildir/.Trash/dovecot-uidlist.lock) > > failed: Read-only file system > > Perhaps this should be something like doveadm backup -R flag, but in the > opposite direction – i.e. we have a [full] backup command, but no > [partial] restore command right now. Or am I missing something? > > Best regards, > Teodor
doveadm import/sync with read-only source location
Hello, Currently doveadm tool can't be used with read-only source locations because it's trying to create lock files. I'd guess lock files shouldn't be necessary on a read-only media, because no one else is going to change anything while our doveadm instance is running anyway. Example: doveadm import -u t...@example.com maildir:/backup.0/domains/example.com/postmaster/Maildir restored ALL doveadm(t...@example.com): Error: open(/backup.0/domains/example.com/postmaster/Maildir/.Trash/dovecot-uidlist.lock) failed: Read-only file system Perhaps this should be something like doveadm backup -R flag, but in the opposite direction – i.e. we have a [full] backup command, but no [partial] restore command right now. Or am I missing something? Best regards, Teodor
