[Dovecot] multiple passdbs and auth sockets
Hello,
I want to use different authentication arguments for smtp and imap/pop3.
In the dovecot list I found this:
http://www.dovecot.org/list/dovecot/2013-August/091960.html
I tried to follow these instructions but dovecot refuses to find the
auth executable:
Dec 12 10:36:18 jlaptop postfix/smtpd[7302]: connect from localhost[127.0.0.1]
Dec 12 10:36:18 jlaptop dovecot: auth-10: Error: doveconf: Fatal:
execvp(/usr/local/var/run/dovecot/dovecot/auth) failed: No such file
or directory
Dec 12 10:36:18 jlaptop dovecot: master: Error: service(auth-10):
command startup failed, throttling for 2 secs
Dec 12 10:36:18 jlaptop dovecot: auth-10: Fatal: master:
service(auth-10): child 7304 returned error 89 (Fatal failure)
Dec 12 10:36:18 jlaptop postfix/smtpd[7302]: fatal: no SASL
authentication mechanisms
Dec 12 10:36:19 jlaptop postfix/master[7046]: warning: process
/usr/lib/postfix/smtpd pid 7302 exit status 1
Dec 12 10:36:19 jlaptop postfix/master[7046]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
My settings for postfix and dovecot are as follows:
root@jlaptop:/usr/local/etc/dovecot/conf.d# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
default_transport = error
home_mailbox = Maildir/
inet_interfaces = loopback-only
mailbox_command =
mailbox_size_limit = 0
myhostname = jlaptop
mynetworks = 127.0.0.0/8 [:::127.0.0.0]/104 [::1]/128
queue_directory = /var/spool/postfix
readme_directory = no
recipient_delimiter = +
relay_transport = error
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth-10
smtpd_sasl_type = dovecot
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_gid_maps = static:8
virtual_mailbox_base = /var/mail/smtp
virtual_mailbox_domains = jlaptop.com
virtual_mailbox_maps = hash:/etc/postfix/vmaps
virtual_minimum_uid = 100
virtual_uid_maps = static:124
root@jlaptop:/usr/local/etc/dovecot/conf.d# doveconf -n
# 2.2.9: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 3.11.0-13-generic x86_64 Ubuntu 13.10
auth_debug = yes
auth_debug_passwords = yes
auth_verbose = yes
first_valid_uid = 124
mail_gid = mail
mail_home = /var/mail/imap/%n
mail_location = maildir:~/mail
mail_plugin_dir = /usr/local/lib/dovecot/
mail_plugins = gpgfuse_umount
mail_uid = vmail
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox Sent Messages {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
args = session=yes dovecot
driver = pam
}
protocols = imap pop3 lmtp imap pop3
service auth-10 {
executable = auth -c /usr/local/etc/dovecot-auth-smtp.conf
process_limit = 1
unix_listener /var/spool/postfix/private/auth-10 {
group = postfix
mode = 0666
user = postfix
}
}
ssl_cert = /etc/dovecot/dovecot.pem
ssl_key = /etc/dovecot/private/dovecot.pem
userdb {
args = uid=vmail gid=mail home=/var/mail/imap/%n
driver = static
}
The file /usr/local/etc/dovecot-auth-smtp.conf is as follows:
auth_mechanisms = plain login
disable_plaintext_auth = no
#auth_username_format = %Lu
auth_debug = yes
auth_debug_passwords = yes
auth_verbose = yes
first_valid_uid = 124
mail_gid = mail
mail_uid = vmail
protocols = imap pop3 lmtp imap pop3
ssl_cert = /etc/dovecot/dovecot.pem
ssl_key = /etc/dovecot/private/dovecot.pem
passdb {
driver = pam
args = dovecot
}
userdb {
driver = static
args = uid=vmail gid=mail home=/var/mail/imap/%n
}
The result is exactly the same also if I don't give the path to auth. I.e.:
executable = auth -c /usr/local/etc/dovecot-auth-smtp.conf
In order to get past this problem I provided the auth executable in
/usr/local/var/run/dovecot/dovecot/auth, but then I get a new problem:
Dec 12 12:31:53 jlaptop postfix/smtpd[9220]: connect from localhost[127.0.0.1]
Dec 12 12:31:53 jlaptop dovecot: auth-10: Error: Debug: Loading
modules from directory: /usr/local/lib/dovecot/auth
Dec 12 12:31:53 jlaptop dovecot: auth-10: Error: Debug: Read auth
token secret from /usr/local/var/run/dovecot/auth-token-secret.dat
Dec 12 12:32:03 jlaptop postfix/smtpd[9220]: fatal: no SASL
authentication mechanisms
Dec 12 12:32:04 jlaptop postfix/master[8842]: warning: process
/usr/lib/postfix/smtpd pid 9220 exit status 1
Dec 12 12:32:04 jlaptop postfix/master[8842]: warning:
/usr/lib/postfix/smtpd: bad command startup -- throttling
My test client is thunderbird with smtp connection security None and
Authentication
Re: [Dovecot] multiple passdbs and auth sockets
On 8.8.2013, at 18.53, Marco d'Itri m...@linux.it wrote:
I have a few systems which run dovecot 1.x as the authentication backend
for Postfix, with multiple auth { } sections like this one, each one
with a different passdb and its own socket:
auth ldap-10 {
passdb ldap {
args = /etc/dovecot/dovecot-ldap-10.conf
}
socket listen {
client {
path = /var/spool/postfix/private/auth-10
mode = 0666
}
}
}
I need multiple sockets tied to multiple dbs because there are duplicated
accounts, but after switching to dovecot 2.1.7 apparently *all* passdbs
are checked and dovecot reports this message:
Warning: Obsolete setting in /etc/dovecot/conf.d/auth-local.conf.ext:91: add
auth_ prefix to all settings inside auth {} and remove the auth {} section
completely
doveconf shows that all my custom sockets are now part of a single
service auth { } section, while all the passdbs appear at the top
level.
How can I update my configuration for dovecot 2.x?
I didn't think there was any point in having multiple auth {} sections the way
they worked in v1.x, but looks like you've managed to find one way to use them.
I'm not sure if it's possible to convert them to v2.x configuration currently.
You could try this though:
service auth-10 {
executable = auth -c /etc/dovecot-auth-10.conf
unix_listener /var/spool/postfix/private/auth-10 {
mode = 0666
}
process_limit = 1
}
So the master process would be starting multiple auth processes, each reading
their own (passdb) configuration from a different config file.
[Dovecot] multiple passdbs and auth sockets
I have a few systems which run dovecot 1.x as the authentication backend
for Postfix, with multiple auth { } sections like this one, each one
with a different passdb and its own socket:
auth ldap-10 {
passdb ldap {
args = /etc/dovecot/dovecot-ldap-10.conf
}
socket listen {
client {
path = /var/spool/postfix/private/auth-10
mode = 0666
}
}
}
I need multiple sockets tied to multiple dbs because there are duplicated
accounts, but after switching to dovecot 2.1.7 apparently *all* passdbs
are checked and dovecot reports this message:
Warning: Obsolete setting in /etc/dovecot/conf.d/auth-local.conf.ext:91: add
auth_ prefix to all settings inside auth {} and remove the auth {} section
completely
doveconf shows that all my custom sockets are now part of a single
service auth { } section, while all the passdbs appear at the top
level.
How can I update my configuration for dovecot 2.x?
--
ciao,
Marco
