subject:"Re\: pam authentication"

Re: pam authentication error?

2019-05-27 Thread @lbutlr via dovecot

On 27 May 2019, at 14:18, @lbutlr via dovecot  wrote:
> auth-worker(5045): Error: pam(kremels,xxx.xxx.xxx.xxx: pam_authenticate() 
> failed: authentication error (/etc/pam.d/dovecot missing?)

Stopped dovecot, reloaded it, stopped it and postfix, rebuilt dovecot just for 
grins. Nothing seemed to work.

Rebooted.

Sigh. Seems to be working now.  ¯\_(ツ)_/¯ 

-- 
Two of the most famous products of Berkeley are LSD and Unix. 
I don't think that is a coincidence

Re: pam authentication

2017-09-05 Thread dovecotml

I'm sorry but there's a problem with virtual users: seems that dovecot 
processes first part of domain, for example: testdomain.org, and 
testdomain.com for dovecot are the same


I can login using user00@testdomain

well if I've

use...@testdomain.com and use...@testdomain.org

an user can login using: user00@testdomain and dovecot check first 
domain


it's strange (!)

how to solve?

Pol

On 2017-09-05 13:54, Aki Tuomi wrote:


Sorry, small typo

passdb {
driver = static
args = user=%n noauthenticate
}

Aki

On 05.09.2017 14:51, Pol Hallen wrote: does not work :-/

Sep 05 13:49:41 auth: Debug: auth client connected (pid=31115)
Sep 05 13:49:41 auth: Debug: client in: AUTH1   PLAIN
service=imapsecured session=IFCT0m9Y0KjAqAFk
lip=192.168.1.100   rip=192.168.1.100   lport=143
rport=43216
resp=AHBvbGhhbGxlbkBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA== (previous
base64 data may contain sensitive data)
Sep 05 13:49:41 auth: Debug:
passwd-file(use...@realdomain.org,192.168.1.100,):
lookup: user=use...@realdomain.org file=/etc/dovecot/users
Sep 05 13:49:41 auth: Debug:
static(use...@realdomain.org,192.168.1.100,): lookup
Sep 05 13:49:41 auth: Debug:
static(use...@realdomain.org,192.168.1.100,):
Allowing any password
Sep 05 13:49:41 auth: Debug:
static(use...@realdomain.org,192.168.1.100,): Not
performing authentication (noauthenticate set)
==> /var/log/dovecot.info <==
Sep 05 13:49:41 auth: Info:
passwd-file(use...@realdomain.org,192.168.1.100,):
unknown user (given password: pass) - trying the next passdb
==> /var/log/dovecot.debug <==
Sep 05 13:49:41 auth-worker(31116): Debug: Loading modules from
directory: /usr/lib/dovecot/modules/auth
Sep 05 13:49:41 auth-worker(31116): Debug: passwd-file
/etc/dovecot/users: Read 4 users in 0 secs
Sep 05 13:49:41 auth-worker(31116): Debug:
pam(use...@realdomain.org,192.168.1.100,): lookup
service=dovecot
Sep 05 13:49:41 auth-worker(31116): Debug:
pam(use...@realdomain.org,192.168.1.100,): #1/1
style=1 msg=Password:
==> /var/log/dovecot.info <==
Sep 05 13:49:42 auth-worker(31116): Info:
pam(use...@realdomain.org,192.168.1.100,):
pam_authenticate() failed: Authentication failure (password mismatch?)
(given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:49:42 auth-worker(31116): Debug:
pam(use...@realdomain.org,192.168.1.100,): lookup
service=dovecot
Sep 05 13:49:42 auth-worker(31116): Debug:
pam(use...@realdomain.org,192.168.1.100,): #1/1
style=1 msg=Password:
==> /var/log/dovecot.info <==
Sep 05 13:49:45 auth-worker(31116): Info:
pam(use...@realdomain.org,192.168.1.100,):
pam_authenticate() failed: Authentication failure (password mismatch?)
(given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:49:45 auth: Debug:
passwd-file(use...@realdomain.org,192.168.1.100,):
lookup: user=use...@realdomain.org file=/etc/dovecot/users
==> /var/log/dovecot.info <==
Sep 05 13:49:45 auth: Info:
passwd-file(use...@realdomain.org,192.168.1.100,):
unknown user (given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:49:47 auth: Debug: client passdb out: FAIL1
user=use...@realdomain.org
Sep 05 13:49:47 imap-login: Debug: Ignoring unknown passdb extra field:
==> /var/log/dovecot.info <==
Sep 05 13:49:47 imap-login: Info: Disconnected (auth failed, 1
attempts in 6 secs): user=, method=PLAIN,
rip=192.168.1.100, lip=192.168.1.100, secured

On 2017-09-05 13:41, Aki Tuomi wrote:

No, you modify dovecot.conf

Aki

On 05.09.2017 14:40, Pol Hallen wrote: Do I modify
auth-system.conf.ext only (sorry for the question)

if yes, I've same problem

Pol

On 2017-09-05 13:34, Aki Tuomi wrote:

Try configuring like this:

passdb {
args = scheme=SHA256 username_format=%u /etc/dovecot/users
driver = passwd-file
}

passdb {
driver = static
args = username=%n noauthenticate
skip = authenticated
}

passdb {
driver = pam
skip = authenticated
}

On 05.09.2017 14:29, Pol Hallen wrote: Sure :) thanks

cat /var/log/dovecot/[...]

Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131)
Sep 05 13:26:02 auth: Debug: client in: AUTH1   PLAIN
service=imapsecured session=JK0Bfm9YuqfAqAFk
lip=192.168.1.100   rip=192.168.1.100   lport=143
rport=42938   resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA==
(previous base64 data may contain sensitive data)
Sep 05 13:26:02 auth-worker(30088): Debug:
pam(use...@realsystem.org,192.168.1.100,): lookup
service=username_format=user00
Sep 05 13:26:02 auth-worker(30088): Debug:
pam(use...@realsystem.org,192.168.1.100,): #1/1
style=1 msg=Password:
==> /var/log/dovecot.info <==
Sep 05 13:26:04 auth-worker(30088): Info:
pam(use...@realsystem.org,192.168.1.100,):
pam_authenticate() failed: Authentication failure (password mismatch?)
(given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:26:04 auth: Debug:
passwd-file(use...@realsystem.org,192.168.1.100,):
lookup: user=use...@realsystem.org file=/etc/dovecot/users
==> /var/log/dovecot.info <==
Sep 05 13:26:04 auth: Info:
passwd-file(use...@realsystem.org,192.168.1.100

Re: pam authentication

2017-09-05 Thread Pol Hallen


How cl!!! Works! :-)))

Very very thanks for your help!!!

Pol :)


On 2017-09-05 13:54, Aki Tuomi wrote:

Sorry, small typo

passdb {
 driver = static
 args = user=%n noauthenticate
}

Aki


On 05.09.2017 14:51, Pol Hallen wrote:

does not work :-/

Sep 05 13:49:41 auth: Debug: auth client connected (pid=31115)
Sep 05 13:49:41 auth: Debug: client in: AUTH1   PLAIN
service=imapsecured session=IFCT0m9Y0KjAqAFk
lip=192.168.1.100   rip=192.168.1.100   lport=143
rport=43216
resp=AHBvbGhhbGxlbkBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA== (previous
base64 data may contain sensitive data)
Sep 05 13:49:41 auth: Debug:
passwd-file(use...@realdomain.org,192.168.1.100,):
lookup: user=use...@realdomain.org file=/etc/dovecot/users
Sep 05 13:49:41 auth: Debug:
static(use...@realdomain.org,192.168.1.100,): lookup
Sep 05 13:49:41 auth: Debug:
static(use...@realdomain.org,192.168.1.100,):
Allowing any password
Sep 05 13:49:41 auth: Debug:
static(use...@realdomain.org,192.168.1.100,): Not
performing authentication (noauthenticate set)
==> /var/log/dovecot.info <==
Sep 05 13:49:41 auth: Info:
passwd-file(use...@realdomain.org,192.168.1.100,):
unknown user (given password: pass) - trying the next passdb
==> /var/log/dovecot.debug <==
Sep 05 13:49:41 auth-worker(31116): Debug: Loading modules from
directory: /usr/lib/dovecot/modules/auth
Sep 05 13:49:41 auth-worker(31116): Debug: passwd-file
/etc/dovecot/users: Read 4 users in 0 secs
Sep 05 13:49:41 auth-worker(31116): Debug:
pam(use...@realdomain.org,192.168.1.100,): lookup
service=dovecot
Sep 05 13:49:41 auth-worker(31116): Debug:
pam(use...@realdomain.org,192.168.1.100,): #1/1
style=1 msg=Password:
==> /var/log/dovecot.info <==
Sep 05 13:49:42 auth-worker(31116): Info:
pam(use...@realdomain.org,192.168.1.100,):
pam_authenticate() failed: Authentication failure (password mismatch?)
(given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:49:42 auth-worker(31116): Debug:
pam(use...@realdomain.org,192.168.1.100,): lookup
service=dovecot
Sep 05 13:49:42 auth-worker(31116): Debug:
pam(use...@realdomain.org,192.168.1.100,): #1/1
style=1 msg=Password:
==> /var/log/dovecot.info <==
Sep 05 13:49:45 auth-worker(31116): Info:
pam(use...@realdomain.org,192.168.1.100,):
pam_authenticate() failed: Authentication failure (password mismatch?)
(given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:49:45 auth: Debug:
passwd-file(use...@realdomain.org,192.168.1.100,):
lookup: user=use...@realdomain.org file=/etc/dovecot/users
==> /var/log/dovecot.info <==
Sep 05 13:49:45 auth: Info:
passwd-file(use...@realdomain.org,192.168.1.100,):
unknown user (given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:49:47 auth: Debug: client passdb out: FAIL1
user=use...@realdomain.org
Sep 05 13:49:47 imap-login: Debug: Ignoring unknown passdb extra 
field:

==> /var/log/dovecot.info <==
Sep 05 13:49:47 imap-login: Info: Disconnected (auth failed, 1
attempts in 6 secs): user=, method=PLAIN,
rip=192.168.1.100, lip=192.168.1.100, secured



On 2017-09-05 13:41, Aki Tuomi wrote:


No, you modify dovecot.conf

Aki

On 05.09.2017 14:40, Pol Hallen wrote: Do I modify
auth-system.conf.ext only (sorry for the question)

if yes, I've same problem

Pol

On 2017-09-05 13:34, Aki Tuomi wrote:

Try configuring like this:

passdb {
args = scheme=SHA256 username_format=%u /etc/dovecot/users
driver = passwd-file
}

passdb {
driver = static
args = username=%n noauthenticate
skip = authenticated
}

passdb {
driver = pam
skip = authenticated
}

On 05.09.2017 14:29, Pol Hallen wrote: Sure :) thanks

cat /var/log/dovecot/[...]

Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131)
Sep 05 13:26:02 auth: Debug: client in: AUTH1   PLAIN
service=imapsecured session=JK0Bfm9YuqfAqAFk
lip=192.168.1.100   rip=192.168.1.100   lport=143
rport=42938   resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA==
(previous base64 data may contain sensitive data)
Sep 05 13:26:02 auth-worker(30088): Debug:
pam(use...@realsystem.org,192.168.1.100,): lookup
service=username_format=user00
Sep 05 13:26:02 auth-worker(30088): Debug:
pam(use...@realsystem.org,192.168.1.100,): #1/1
style=1 msg=Password:
==> /var/log/dovecot.info <==
Sep 05 13:26:04 auth-worker(30088): Info:
pam(use...@realsystem.org,192.168.1.100,):
pam_authenticate() failed: Authentication failure (password 
mismatch?)

(given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:26:04 auth: Debug:
passwd-file(use...@realsystem.org,192.168.1.100,):
lookup: user=use...@realsystem.org file=/etc/dovecot/users
==> /var/log/dovecot.info <==
Sep 05 13:26:04 auth: Info:
passwd-file(use...@realsystem.org,192.168.1.100,):
unknown user (given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:26:06 auth: Debug: client passdb out: FAIL1
user=use...@realsystem.org
==> /var/log/dovecot.info <==
Sep 05 13:26:06 imap-login: Info: Disconnected (auth failed, 1
attempts in 4 secs): user=, method=PLAIN,
rip=192.168.1.100, li

Re: pam authentication

2017-09-05 Thread Aki Tuomi

Sorry, small typo

passdb {
 driver = static
 args = user=%n noauthenticate
}

Aki


On 05.09.2017 14:51, Pol Hallen wrote:
> does not work :-/
>
> Sep 05 13:49:41 auth: Debug: auth client connected (pid=31115)
> Sep 05 13:49:41 auth: Debug: client in: AUTH1   PLAIN  
> service=imapsecured session=IFCT0m9Y0KjAqAFk   
> lip=192.168.1.100   rip=192.168.1.100   lport=143  
> rport=43216  
> resp=AHBvbGhhbGxlbkBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA== (previous
> base64 data may contain sensitive data)
> Sep 05 13:49:41 auth: Debug:
> passwd-file(use...@realdomain.org,192.168.1.100,):
> lookup: user=use...@realdomain.org file=/etc/dovecot/users
> Sep 05 13:49:41 auth: Debug:
> static(use...@realdomain.org,192.168.1.100,): lookup
> Sep 05 13:49:41 auth: Debug:
> static(use...@realdomain.org,192.168.1.100,):
> Allowing any password
> Sep 05 13:49:41 auth: Debug:
> static(use...@realdomain.org,192.168.1.100,): Not
> performing authentication (noauthenticate set)
> ==> /var/log/dovecot.info <==
> Sep 05 13:49:41 auth: Info:
> passwd-file(use...@realdomain.org,192.168.1.100,):
> unknown user (given password: pass) - trying the next passdb
> ==> /var/log/dovecot.debug <==
> Sep 05 13:49:41 auth-worker(31116): Debug: Loading modules from
> directory: /usr/lib/dovecot/modules/auth
> Sep 05 13:49:41 auth-worker(31116): Debug: passwd-file
> /etc/dovecot/users: Read 4 users in 0 secs
> Sep 05 13:49:41 auth-worker(31116): Debug:
> pam(use...@realdomain.org,192.168.1.100,): lookup
> service=dovecot
> Sep 05 13:49:41 auth-worker(31116): Debug:
> pam(use...@realdomain.org,192.168.1.100,): #1/1
> style=1 msg=Password:
> ==> /var/log/dovecot.info <==
> Sep 05 13:49:42 auth-worker(31116): Info:
> pam(use...@realdomain.org,192.168.1.100,):
> pam_authenticate() failed: Authentication failure (password mismatch?)
> (given password: pass)
> ==> /var/log/dovecot.debug <==
> Sep 05 13:49:42 auth-worker(31116): Debug:
> pam(use...@realdomain.org,192.168.1.100,): lookup
> service=dovecot
> Sep 05 13:49:42 auth-worker(31116): Debug:
> pam(use...@realdomain.org,192.168.1.100,): #1/1
> style=1 msg=Password:
> ==> /var/log/dovecot.info <==
> Sep 05 13:49:45 auth-worker(31116): Info:
> pam(use...@realdomain.org,192.168.1.100,):
> pam_authenticate() failed: Authentication failure (password mismatch?)
> (given password: pass)
> ==> /var/log/dovecot.debug <==
> Sep 05 13:49:45 auth: Debug:
> passwd-file(use...@realdomain.org,192.168.1.100,):
> lookup: user=use...@realdomain.org file=/etc/dovecot/users
> ==> /var/log/dovecot.info <==
> Sep 05 13:49:45 auth: Info:
> passwd-file(use...@realdomain.org,192.168.1.100,):
> unknown user (given password: pass)
> ==> /var/log/dovecot.debug <==
> Sep 05 13:49:47 auth: Debug: client passdb out: FAIL1  
> user=use...@realdomain.org
> Sep 05 13:49:47 imap-login: Debug: Ignoring unknown passdb extra field:
> ==> /var/log/dovecot.info <==
> Sep 05 13:49:47 imap-login: Info: Disconnected (auth failed, 1
> attempts in 6 secs): user=, method=PLAIN,
> rip=192.168.1.100, lip=192.168.1.100, secured
>
>
>
> On 2017-09-05 13:41, Aki Tuomi wrote:
>
>> No, you modify dovecot.conf
>>
>> Aki
>>
>> On 05.09.2017 14:40, Pol Hallen wrote: Do I modify
>> auth-system.conf.ext only (sorry for the question)
>>
>> if yes, I've same problem
>>
>> Pol
>>
>> On 2017-09-05 13:34, Aki Tuomi wrote:
>>
>> Try configuring like this:
>>
>> passdb {
>> args = scheme=SHA256 username_format=%u /etc/dovecot/users
>> driver = passwd-file
>> }
>>
>> passdb {
>> driver = static
>> args = username=%n noauthenticate
>> skip = authenticated
>> }
>>
>> passdb {
>> driver = pam
>> skip = authenticated
>> }
>>
>> On 05.09.2017 14:29, Pol Hallen wrote: Sure :) thanks
>>
>> cat /var/log/dovecot/[...]
>>
>> Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131)
>> Sep 05 13:26:02 auth: Debug: client in: AUTH1   PLAIN
>> service=imapsecured session=JK0Bfm9YuqfAqAFk
>> lip=192.168.1.100   rip=192.168.1.100   lport=143
>> rport=42938   resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA==
>> (previous base64 data may contain sensitive data)
>> Sep 05 13:26:02 auth-worker(30088): Debug:
>> pam(use...@realsystem.org,192.168.1.100,): lookup
>> service=username_format=user00
>> Sep 05 13:26:02 auth-worker(30088): Debug:
>> pam(use...@realsystem.org,192.168.1.100,): #1/1
>> style=1 msg=Password:
>> ==> /var/log/dovecot.info <==
>> Sep 05 13:26:04 auth-worker(30088): Info:
>> pam(use...@realsystem.org,192.168.1.100,):
>> pam_authenticate() failed: Authentication failure (password mismatch?)
>> (given password: pass)
>> ==> /var/log/dovecot.debug <==
>> Sep 05 13:26:04 auth: Debug:
>> passwd-file(use...@realsystem.org,192.168.1.100,):
>> lookup: user=use...@realsystem.org file=/etc/dovecot/users
>> ==> /var/log/dovecot.info <==
>> Sep 05 13:26:04 auth: Info:
>> passwd-file(use...@realsystem.org,192.168.1.100,):
>> unknown user (given password: pass)
>> ==> /var/log/dovecot.debug <==
>> Sep 05 13:26:06 auth:

Re: pam authentication

2017-09-05 Thread Pol Hallen


does not work :-/

Sep 05 13:49:41 auth: Debug: auth client connected (pid=31115)
Sep 05 13:49:41 auth: Debug: client in: AUTH1   PLAIN   
service=imapsecured session=IFCT0m9Y0KjAqAFk
lip=192.168.1.100   rip=192.168.1.100   lport=143   
rport=43216   resp=AHBvbGhhbGxlbkBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA== 
(previous base64 data may contain sensitive data)
Sep 05 13:49:41 auth: Debug: 
passwd-file(use...@realdomain.org,192.168.1.100,): 
lookup: user=use...@realdomain.org file=/etc/dovecot/users
Sep 05 13:49:41 auth: Debug: 
static(use...@realdomain.org,192.168.1.100,): lookup
Sep 05 13:49:41 auth: Debug: 
static(use...@realdomain.org,192.168.1.100,): Allowing 
any password
Sep 05 13:49:41 auth: Debug: 
static(use...@realdomain.org,192.168.1.100,): Not 
performing authentication (noauthenticate set)

==> /var/log/dovecot.info <==
Sep 05 13:49:41 auth: Info: 
passwd-file(use...@realdomain.org,192.168.1.100,): 
unknown user (given password: pass) - trying the next passdb

==> /var/log/dovecot.debug <==
Sep 05 13:49:41 auth-worker(31116): Debug: Loading modules from 
directory: /usr/lib/dovecot/modules/auth
Sep 05 13:49:41 auth-worker(31116): Debug: passwd-file 
/etc/dovecot/users: Read 4 users in 0 secs
Sep 05 13:49:41 auth-worker(31116): Debug: 
pam(use...@realdomain.org,192.168.1.100,): lookup 
service=dovecot
Sep 05 13:49:41 auth-worker(31116): Debug: 
pam(use...@realdomain.org,192.168.1.100,): #1/1 
style=1 msg=Password:

==> /var/log/dovecot.info <==
Sep 05 13:49:42 auth-worker(31116): Info: 
pam(use...@realdomain.org,192.168.1.100,): 
pam_authenticate() failed: Authentication failure (password mismatch?) 
(given password: pass)

==> /var/log/dovecot.debug <==
Sep 05 13:49:42 auth-worker(31116): Debug: 
pam(use...@realdomain.org,192.168.1.100,): lookup 
service=dovecot
Sep 05 13:49:42 auth-worker(31116): Debug: 
pam(use...@realdomain.org,192.168.1.100,): #1/1 
style=1 msg=Password:

==> /var/log/dovecot.info <==
Sep 05 13:49:45 auth-worker(31116): Info: 
pam(use...@realdomain.org,192.168.1.100,): 
pam_authenticate() failed: Authentication failure (password mismatch?) 
(given password: pass)

==> /var/log/dovecot.debug <==
Sep 05 13:49:45 auth: Debug: 
passwd-file(use...@realdomain.org,192.168.1.100,): 
lookup: user=use...@realdomain.org file=/etc/dovecot/users

==> /var/log/dovecot.info <==
Sep 05 13:49:45 auth: Info: 
passwd-file(use...@realdomain.org,192.168.1.100,): 
unknown user (given password: pass)

==> /var/log/dovecot.debug <==
Sep 05 13:49:47 auth: Debug: client passdb out: FAIL1   
user=use...@realdomain.org

Sep 05 13:49:47 imap-login: Debug: Ignoring unknown passdb extra field:
==> /var/log/dovecot.info <==
Sep 05 13:49:47 imap-login: Info: Disconnected (auth failed, 1 attempts 
in 6 secs): user=, method=PLAIN, 
rip=192.168.1.100, lip=192.168.1.100, secured




On 2017-09-05 13:41, Aki Tuomi wrote:


No, you modify dovecot.conf

Aki

On 05.09.2017 14:40, Pol Hallen wrote: Do I modify auth-system.conf.ext 
only (sorry for the question)


if yes, I've same problem

Pol

On 2017-09-05 13:34, Aki Tuomi wrote:

Try configuring like this:

passdb {
args = scheme=SHA256 username_format=%u /etc/dovecot/users
driver = passwd-file
}

passdb {
driver = static
args = username=%n noauthenticate
skip = authenticated
}

passdb {
driver = pam
skip = authenticated
}

On 05.09.2017 14:29, Pol Hallen wrote: Sure :) thanks

cat /var/log/dovecot/[...]

Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131)
Sep 05 13:26:02 auth: Debug: client in: AUTH1   PLAIN
service=imapsecured session=JK0Bfm9YuqfAqAFk
lip=192.168.1.100   rip=192.168.1.100   lport=143
rport=42938   resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA==
(previous base64 data may contain sensitive data)
Sep 05 13:26:02 auth-worker(30088): Debug:
pam(use...@realsystem.org,192.168.1.100,): lookup
service=username_format=user00
Sep 05 13:26:02 auth-worker(30088): Debug:
pam(use...@realsystem.org,192.168.1.100,): #1/1
style=1 msg=Password:
==> /var/log/dovecot.info <==
Sep 05 13:26:04 auth-worker(30088): Info:
pam(use...@realsystem.org,192.168.1.100,):
pam_authenticate() failed: Authentication failure (password mismatch?)
(given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:26:04 auth: Debug:
passwd-file(use...@realsystem.org,192.168.1.100,):
lookup: user=use...@realsystem.org file=/etc/dovecot/users
==> /var/log/dovecot.info <==
Sep 05 13:26:04 auth: Info:
passwd-file(use...@realsystem.org,192.168.1.100,):
unknown user (given password: pass)
==> /var/log/dovecot.debug <==
Sep 05 13:26:06 auth: Debug: client passdb out: FAIL1
user=use...@realsystem.org
==> /var/log/dovecot.info <==
Sep 05 13:26:06 imap-login: Info: Disconnected (auth failed, 1
attempts in 4 secs): user=, method=PLAIN,
rip=192.168.1.100, lip=192.168.1.100, secured

doveconf -n

# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-3-amd64 x86_64 Debian 9.1
au

Re: pam authentication

2017-09-05 Thread Aki Tuomi

No, you modify dovecot.conf

Aki


On 05.09.2017 14:40, Pol Hallen wrote:
> Do I modify auth-system.conf.ext only (sorry for the question) 
>
> if yes, I've same problem 
>
> Pol 
>
> On 2017-09-05 13:34, Aki Tuomi wrote:
>
>> Try configuring like this:
>>
>> passdb {
>> args = scheme=SHA256 username_format=%u /etc/dovecot/users
>> driver = passwd-file
>> }
>>
>> passdb {
>> driver = static
>> args = username=%n noauthenticate
>> skip = authenticated
>> }
>>
>> passdb {
>> driver = pam
>> skip = authenticated
>> }
>>
>> On 05.09.2017 14:29, Pol Hallen wrote: Sure :) thanks
>>
>> cat /var/log/dovecot/[...]
>>
>> Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131)
>> Sep 05 13:26:02 auth: Debug: client in: AUTH1   PLAIN  
>> service=imapsecured session=JK0Bfm9YuqfAqAFk   
>> lip=192.168.1.100   rip=192.168.1.100   lport=143  
>> rport=42938   resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA==
>> (previous base64 data may contain sensitive data)
>> Sep 05 13:26:02 auth-worker(30088): Debug:
>> pam(use...@realsystem.org,192.168.1.100,): lookup
>> service=username_format=user00
>> Sep 05 13:26:02 auth-worker(30088): Debug:
>> pam(use...@realsystem.org,192.168.1.100,): #1/1
>> style=1 msg=Password:
>> ==> /var/log/dovecot.info <==
>> Sep 05 13:26:04 auth-worker(30088): Info:
>> pam(use...@realsystem.org,192.168.1.100,):
>> pam_authenticate() failed: Authentication failure (password mismatch?)
>> (given password: pass)
>> ==> /var/log/dovecot.debug <==
>> Sep 05 13:26:04 auth: Debug:
>> passwd-file(use...@realsystem.org,192.168.1.100,):
>> lookup: user=use...@realsystem.org file=/etc/dovecot/users
>> ==> /var/log/dovecot.info <==
>> Sep 05 13:26:04 auth: Info:
>> passwd-file(use...@realsystem.org,192.168.1.100,):
>> unknown user (given password: pass)
>> ==> /var/log/dovecot.debug <==
>> Sep 05 13:26:06 auth: Debug: client passdb out: FAIL1  
>> user=use...@realsystem.org
>> ==> /var/log/dovecot.info <==
>> Sep 05 13:26:06 imap-login: Info: Disconnected (auth failed, 1
>> attempts in 4 secs): user=, method=PLAIN,
>> rip=192.168.1.100, lip=192.168.1.100, secured
>>
>> doveconf -n
>>
>> # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.16 (fed8554)
>> # OS: Linux 4.9.0-3-amd64 x86_64 Debian 9.1
>> auth_debug = yes
>> auth_debug_passwords = yes
>> auth_mechanisms = login plain
>> auth_verbose = yes
>> auth_verbose_passwords = yes
>> debug_log_path = /var/log/dovecot.debug
>> disable_plaintext_auth = no
>> info_log_path = /var/log/dovecot.info
>> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
>> mail_debug = yes
>> mail_home = /home/vmail/%d/%n/Maildir
>> mail_location = maildir:~/Maildir
>> mail_plugins = " quota quota"
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date index ihave duplicate mime foreverypart
>> extracttext imapflags notify
>> namespace inbox {
>> inbox = yes
>> location =
>> mailbox Drafts {
>> special_use = \Drafts
>> }
>> mailbox Junk {
>> special_use = \Junk
>> }
>> mailbox Sent {
>> special_use = \Sent
>> }
>> mailbox "Sent Messages" {
>> special_use = \Sent
>> }
>> mailbox Trash {
>> special_use = \Trash
>> }
>> prefix =
>> subscriptions = yes
>> type = private
>> }
>> passdb {
>> args = username_format=%n
>> driver = pam
>> }
>> passdb {
>> args = scheme=SHA256 username_format=%u /etc/dovecot/users
>> driver = passwd-file
>> }
>> plugin {
>> mail_log_events = delete undelete expunge copy mailbox_delete
>> mailbox_rename append flag_change
>> mail_log_fields = uid box msgid size from subject vsize
>> quota = maildir:User quota
>> quota_rule = *:storage=1M
>> quota_rule2 = Junk:storage=+100M
>> quota_rule3 = SPAM:storage=+100M
>> quota_warning = storage=90%% quota-warning 90 %u
>> sieve = file:~/sieve;active=~/.dovecot.sieve
>> sieve_extensions = +notify +imapflags
>> }
>> protocols = " imap sieve pop3 sieve"
>> quota_full_tempfail = yes
>> service auth {
>> unix_listener /var/spool/postfix/private/auth {
>> group = postfix
>> mode = 0666
>> user = postfix
>> }
>> }
>> service imap-login {
>> inet_listener imap {
>> port = 143
>> }
>> inet_listener imaps {
>> port = 993
>> ssl = yes
>> }
>> }
>> service managesieve-login {
>> inet_listener sieve {
>> port = 4190
>> }
>> service_count = 1
>> vsz_limit = 64 M
>> }
>> service pop3-login {
>> inet_listener pop3 {
>> port = 110
>> }
>> inet_listener pop3s {
>> port = 995
>> ssl = yes
>> }
>> }
>> service quota-warning {
>> executable = script /root/bin/quota-warning.sh
>> unix_listener quota-warning {
>> mode = 0666
>> user = vmail
>> }
>> user = root
>> }
>> ssl_cert = > ssl_dh_parameters_length = 2048
>> ssl_key =  # hidden, use -P to show it
>> userdb {
>> driver = passwd
>> }
>> userdb {
>> args = scheme=SHA256 username_format=%u /etc/dov

Re: pam authentication

2017-09-05 Thread Pol Hallen

Do I modify auth-system.conf.ext only (sorry for the question) 

if yes, I've same problem 

Pol 

On 2017-09-05 13:34, Aki Tuomi wrote:

> Try configuring like this:
> 
> passdb {
> args = scheme=SHA256 username_format=%u /etc/dovecot/users
> driver = passwd-file
> }
> 
> passdb {
> driver = static
> args = username=%n noauthenticate
> skip = authenticated
> }
> 
> passdb {
> driver = pam
> skip = authenticated
> }
> 
> On 05.09.2017 14:29, Pol Hallen wrote: Sure :) thanks
> 
> cat /var/log/dovecot/[...]
> 
> Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131)
> Sep 05 13:26:02 auth: Debug: client in: AUTH1   PLAIN  
> service=imapsecured session=JK0Bfm9YuqfAqAFk   
> lip=192.168.1.100   rip=192.168.1.100   lport=143  
> rport=42938   resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA==
> (previous base64 data may contain sensitive data)
> Sep 05 13:26:02 auth-worker(30088): Debug:
> pam(use...@realsystem.org,192.168.1.100,): lookup
> service=username_format=user00
> Sep 05 13:26:02 auth-worker(30088): Debug:
> pam(use...@realsystem.org,192.168.1.100,): #1/1
> style=1 msg=Password:
> ==> /var/log/dovecot.info <==
> Sep 05 13:26:04 auth-worker(30088): Info:
> pam(use...@realsystem.org,192.168.1.100,):
> pam_authenticate() failed: Authentication failure (password mismatch?)
> (given password: pass)
> ==> /var/log/dovecot.debug <==
> Sep 05 13:26:04 auth: Debug:
> passwd-file(use...@realsystem.org,192.168.1.100,):
> lookup: user=use...@realsystem.org file=/etc/dovecot/users
> ==> /var/log/dovecot.info <==
> Sep 05 13:26:04 auth: Info:
> passwd-file(use...@realsystem.org,192.168.1.100,):
> unknown user (given password: pass)
> ==> /var/log/dovecot.debug <==
> Sep 05 13:26:06 auth: Debug: client passdb out: FAIL1  
> user=use...@realsystem.org
> ==> /var/log/dovecot.info <==
> Sep 05 13:26:06 imap-login: Info: Disconnected (auth failed, 1
> attempts in 4 secs): user=, method=PLAIN,
> rip=192.168.1.100, lip=192.168.1.100, secured
> 
> doveconf -n
> 
> # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.16 (fed8554)
> # OS: Linux 4.9.0-3-amd64 x86_64 Debian 9.1
> auth_debug = yes
> auth_debug_passwords = yes
> auth_mechanisms = login plain
> auth_verbose = yes
> auth_verbose_passwords = yes
> debug_log_path = /var/log/dovecot.debug
> disable_plaintext_auth = no
> info_log_path = /var/log/dovecot.info
> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
> mail_debug = yes
> mail_home = /home/vmail/%d/%n/Maildir
> mail_location = maildir:~/Maildir
> mail_plugins = " quota quota"
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date index ihave duplicate mime foreverypart
> extracttext imapflags notify
> namespace inbox {
> inbox = yes
> location =
> mailbox Drafts {
> special_use = \Drafts
> }
> mailbox Junk {
> special_use = \Junk
> }
> mailbox Sent {
> special_use = \Sent
> }
> mailbox "Sent Messages" {
> special_use = \Sent
> }
> mailbox Trash {
> special_use = \Trash
> }
> prefix =
> subscriptions = yes
> type = private
> }
> passdb {
> args = username_format=%n
> driver = pam
> }
> passdb {
> args = scheme=SHA256 username_format=%u /etc/dovecot/users
> driver = passwd-file
> }
> plugin {
> mail_log_events = delete undelete expunge copy mailbox_delete
> mailbox_rename append flag_change
> mail_log_fields = uid box msgid size from subject vsize
> quota = maildir:User quota
> quota_rule = *:storage=1M
> quota_rule2 = Junk:storage=+100M
> quota_rule3 = SPAM:storage=+100M
> quota_warning = storage=90%% quota-warning 90 %u
> sieve = file:~/sieve;active=~/.dovecot.sieve
> sieve_extensions = +notify +imapflags
> }
> protocols = " imap sieve pop3 sieve"
> quota_full_tempfail = yes
> service auth {
> unix_listener /var/spool/postfix/private/auth {
> group = postfix
> mode = 0666
> user = postfix
> }
> }
> service imap-login {
> inet_listener imap {
> port = 143
> }
> inet_listener imaps {
> port = 993
> ssl = yes
> }
> }
> service managesieve-login {
> inet_listener sieve {
> port = 4190
> }
> service_count = 1
> vsz_limit = 64 M
> }
> service pop3-login {
> inet_listener pop3 {
> port = 110
> }
> inet_listener pop3s {
> port = 995
> ssl = yes
> }
> }
> service quota-warning {
> executable = script /root/bin/quota-warning.sh
> unix_listener quota-warning {
> mode = 0666
> user = vmail
> }
> user = root
> }
> ssl_cert =  ssl_dh_parameters_length = 2048
> ssl_key =  # hidden, use -P to show it
> userdb {
> driver = passwd
> }
> userdb {
> args = scheme=SHA256 username_format=%u /etc/dovecot/users
> driver = passwd-file
> }
> userdb {
> args = uid=vmail gid=vmail home=/home/vmail/%d/%n
> driver = static
> }
> verbose_proctitle = yes
> protocol lda {
> mail_plugins = " quota quota sieve quota"
> }
> protocol imap {
> mail_plugins =

Re: pam authentication

2017-09-05 Thread Aki Tuomi

Try configuring like this:

passdb {
  args = scheme=SHA256 username_format=%u /etc/dovecot/users
  driver = passwd-file
}

passdb {
  driver = static
  args = username=%n noauthenticate
  skip = authenticated
}

passdb {
  driver = pam
  skip = authenticated
}

On 05.09.2017 14:29, Pol Hallen wrote:
> Sure :) thanks
>
> cat /var/log/dovecot/[...]
>
> Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131)
> Sep 05 13:26:02 auth: Debug: client in: AUTH1   PLAIN  
> service=imapsecured session=JK0Bfm9YuqfAqAFk   
> lip=192.168.1.100   rip=192.168.1.100   lport=143  
> rport=42938   resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA==
> (previous base64 data may contain sensitive data)
> Sep 05 13:26:02 auth-worker(30088): Debug:
> pam(use...@realsystem.org,192.168.1.100,): lookup
> service=username_format=user00
> Sep 05 13:26:02 auth-worker(30088): Debug:
> pam(use...@realsystem.org,192.168.1.100,): #1/1
> style=1 msg=Password:
> ==> /var/log/dovecot.info <==
> Sep 05 13:26:04 auth-worker(30088): Info:
> pam(use...@realsystem.org,192.168.1.100,):
> pam_authenticate() failed: Authentication failure (password mismatch?)
> (given password: pass)
> ==> /var/log/dovecot.debug <==
> Sep 05 13:26:04 auth: Debug:
> passwd-file(use...@realsystem.org,192.168.1.100,):
> lookup: user=use...@realsystem.org file=/etc/dovecot/users
> ==> /var/log/dovecot.info <==
> Sep 05 13:26:04 auth: Info:
> passwd-file(use...@realsystem.org,192.168.1.100,):
> unknown user (given password: pass)
> ==> /var/log/dovecot.debug <==
> Sep 05 13:26:06 auth: Debug: client passdb out: FAIL1  
> user=use...@realsystem.org
> ==> /var/log/dovecot.info <==
> Sep 05 13:26:06 imap-login: Info: Disconnected (auth failed, 1
> attempts in 4 secs): user=, method=PLAIN,
> rip=192.168.1.100, lip=192.168.1.100, secured
>
> doveconf -n
>
> # 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
> # Pigeonhole version 0.4.16 (fed8554)
> # OS: Linux 4.9.0-3-amd64 x86_64 Debian 9.1
> auth_debug = yes
> auth_debug_passwords = yes
> auth_mechanisms = login plain
> auth_verbose = yes
> auth_verbose_passwords = yes
> debug_log_path = /var/log/dovecot.debug
> disable_plaintext_auth = no
> info_log_path = /var/log/dovecot.info
> login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
> mail_debug = yes
> mail_home = /home/vmail/%d/%n/Maildir
> mail_location = maildir:~/Maildir
> mail_plugins = " quota quota"
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope
> encoded-character vacation subaddress comparator-i;ascii-numeric
> relational regex imap4flags copy include variables body enotify
> environment mailbox date index ihave duplicate mime foreverypart
> extracttext imapflags notify
> namespace inbox {
>   inbox = yes
>   location =
>   mailbox Drafts {
> special_use = \Drafts
>   }
>   mailbox Junk {
> special_use = \Junk
>   }
>   mailbox Sent {
> special_use = \Sent
>   }
>   mailbox "Sent Messages" {
> special_use = \Sent
>   }
>   mailbox Trash {
> special_use = \Trash
>   }
>   prefix =
>   subscriptions = yes
>   type = private
> }
> passdb {
>   args = username_format=%n
>   driver = pam
> }
> passdb {
>   args = scheme=SHA256 username_format=%u /etc/dovecot/users
>   driver = passwd-file
> }
> plugin {
>   mail_log_events = delete undelete expunge copy mailbox_delete
> mailbox_rename append flag_change
>   mail_log_fields = uid box msgid size from subject vsize
>   quota = maildir:User quota
>   quota_rule = *:storage=1M
>   quota_rule2 = Junk:storage=+100M
>   quota_rule3 = SPAM:storage=+100M
>   quota_warning = storage=90%% quota-warning 90 %u
>   sieve = file:~/sieve;active=~/.dovecot.sieve
>   sieve_extensions = +notify +imapflags
> }
> protocols = " imap sieve pop3 sieve"
> quota_full_tempfail = yes
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
> group = postfix
> mode = 0666
> user = postfix
>   }
> }
> service imap-login {
>   inet_listener imap {
> port = 143
>   }
>   inet_listener imaps {
> port = 993
> ssl = yes
>   }
> }
> service managesieve-login {
>   inet_listener sieve {
> port = 4190
>   }
>   service_count = 1
>   vsz_limit = 64 M
> }
> service pop3-login {
>   inet_listener pop3 {
> port = 110
>   }
>   inet_listener pop3s {
> port = 995
> ssl = yes
>   }
> }
> service quota-warning {
>   executable = script /root/bin/quota-warning.sh
>   unix_listener quota-warning {
> mode = 0666
> user = vmail
>   }
>   user = root
> }
> ssl_cert =  ssl_dh_parameters_length = 2048
> ssl_key =  # hidden, use -P to show it
> userdb {
>   driver = passwd
> }
> userdb {
>   args = scheme=SHA256 username_format=%u /etc/dovecot/users
>   driver = passwd-file
> }
> userdb {
>   args = uid=vmail gid=vmail home=/home/vmail/%d/%n
>   driver = static
> }
> verbose_proctitle = yes
> protocol lda {
>   mail_plugins = " quota quota sieve quota"
> }
> protocol imap {
>   mail_

Re: pam authentication

2017-09-05 Thread Pol Hallen


Sure :) thanks

cat /var/log/dovecot/[...]

Sep 05 13:26:02 auth: Debug: auth client connected (pid=30131)
Sep 05 13:26:02 auth: Debug: client in: AUTH1   PLAIN   
service=imapsecured session=JK0Bfm9YuqfAqAFk
lip=192.168.1.100   rip=192.168.1.100   lport=143   
rport=42938   resp=AG1heEBmdWNrYXJvdW5kLm9yZwBQYW5kb3JhMjAwMA== 
(previous base64 data may contain sensitive data)
Sep 05 13:26:02 auth-worker(30088): Debug: 
pam(use...@realsystem.org,192.168.1.100,): lookup 
service=username_format=user00
Sep 05 13:26:02 auth-worker(30088): Debug: 
pam(use...@realsystem.org,192.168.1.100,): #1/1 
style=1 msg=Password:

==> /var/log/dovecot.info <==
Sep 05 13:26:04 auth-worker(30088): Info: 
pam(use...@realsystem.org,192.168.1.100,): 
pam_authenticate() failed: Authentication failure (password mismatch?) 
(given password: pass)

==> /var/log/dovecot.debug <==
Sep 05 13:26:04 auth: Debug: 
passwd-file(use...@realsystem.org,192.168.1.100,): 
lookup: user=use...@realsystem.org file=/etc/dovecot/users

==> /var/log/dovecot.info <==
Sep 05 13:26:04 auth: Info: 
passwd-file(use...@realsystem.org,192.168.1.100,): 
unknown user (given password: pass)

==> /var/log/dovecot.debug <==
Sep 05 13:26:06 auth: Debug: client passdb out: FAIL1   
user=use...@realsystem.org

==> /var/log/dovecot.info <==
Sep 05 13:26:06 imap-login: Info: Disconnected (auth failed, 1 attempts 
in 4 secs): user=, method=PLAIN, 
rip=192.168.1.100, lip=192.168.1.100, secured


doveconf -n

# 2.2.27 (c0f36b0): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.16 (fed8554)
# OS: Linux 4.9.0-3-amd64 x86_64 Debian 9.1
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = login plain
auth_verbose = yes
auth_verbose_passwords = yes
debug_log_path = /var/log/dovecot.debug
disable_plaintext_auth = no
info_log_path = /var/log/dovecot.info
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l mpid=%e %c
mail_debug = yes
mail_home = /home/vmail/%d/%n/Maildir
mail_location = maildir:~/Maildir
mail_plugins = " quota quota"
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date index ihave duplicate mime foreverypart 
extracttext imapflags notify

namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
special_use = \Drafts
  }
  mailbox Junk {
special_use = \Junk
  }
  mailbox Sent {
special_use = \Sent
  }
  mailbox "Sent Messages" {
special_use = \Sent
  }
  mailbox Trash {
special_use = \Trash
  }
  prefix =
  subscriptions = yes
  type = private
}
passdb {
  args = username_format=%n
  driver = pam
}
passdb {
  args = scheme=SHA256 username_format=%u /etc/dovecot/users
  driver = passwd-file
}
plugin {
  mail_log_events = delete undelete expunge copy mailbox_delete 
mailbox_rename append flag_change

  mail_log_fields = uid box msgid size from subject vsize
  quota = maildir:User quota
  quota_rule = *:storage=1M
  quota_rule2 = Junk:storage=+100M
  quota_rule3 = SPAM:storage=+100M
  quota_warning = storage=90%% quota-warning 90 %u
  sieve = file:~/sieve;active=~/.dovecot.sieve
  sieve_extensions = +notify +imapflags
}
protocols = " imap sieve pop3 sieve"
quota_full_tempfail = yes
service auth {
  unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
  }
}
service imap-login {
  inet_listener imap {
port = 143
  }
  inet_listener imaps {
port = 993
ssl = yes
  }
}
service managesieve-login {
  inet_listener sieve {
port = 4190
  }
  service_count = 1
  vsz_limit = 64 M
}
service pop3-login {
  inet_listener pop3 {
port = 110
  }
  inet_listener pop3s {
port = 995
ssl = yes
  }
}
service quota-warning {
  executable = script /root/bin/quota-warning.sh
  unix_listener quota-warning {
mode = 0666
user = vmail
  }
  user = root
}
ssl_cert = 
Can you provide

doveconf -n  (with the new config)

enable auth_debug=yes, auth_verbose=yes and provide logs from
authentication attempt?

Aki

On 05.09.2017 13:37, Pol Hallen wrote: thanks Aki, but with all your 
advices I've same problem: in the logs

always I see the authentication with user and domain name, so dovecot
doesn't accept it

any idea?

thanks!

Pol

On 2017-09-05 10:58, Aki Tuomi wrote:

Oh right, you need to do it like this...

after the passwd-file drivers add

passdb {
driver = static
args = username=%n noauthenticate
}

Aki

On 05.09.2017 11:03, Pol Hallen wrote: Hello, thanks for your reply

I already tried with:

username_format=%n or auth_username_format=%n but I've same problem

Pol

passdb {
driver = pam
args = username_format=%n
}

also you probably want to consider using driver=passwd instead, if you
really don't need pam due to some special plugins.

Aki



--
Pol

Re: pam authentication

2017-09-05 Thread Aki Tuomi

Can you provide

doveconf -n  (with the new config)

enable auth_debug=yes, auth_verbose=yes and provide logs from
authentication attempt?

Aki


On 05.09.2017 13:37, Pol Hallen wrote:
> thanks Aki, but with all your advices I've same problem: in the logs
> always I see the authentication with user and domain name, so dovecot
> doesn't accept it
>
> any idea?
>
> thanks!
>
> Pol
>
> On 2017-09-05 10:58, Aki Tuomi wrote:
>
>> Oh right, you need to do it like this...
>>
>> after the passwd-file drivers add
>>
>> passdb {
>> driver = static
>> args = username=%n noauthenticate
>> }
>>
>> Aki
>>
>> On 05.09.2017 11:03, Pol Hallen wrote: Hello, thanks for your reply
>>
>> I already tried with:
>>
>> username_format=%n or auth_username_format=%n but I've same problem
>>
>> Pol
>>
>> passdb {
>> driver = pam
>> args = username_format=%n
>> }
>>
>> also you probably want to consider using driver=passwd instead, if you
>> really don't need pam due to some special plugins.
>>
>> Aki
>
>

Re: pam authentication

2017-09-05 Thread Pol Hallen

thanks Aki, but with all your advices I've same problem: in the logs 
always I see the authentication with user and domain name, so dovecot 
doesn't accept it


any idea?

thanks!

Pol

On 2017-09-05 10:58, Aki Tuomi wrote:


Oh right, you need to do it like this...

after the passwd-file drivers add

passdb {
driver = static
args = username=%n noauthenticate
}

Aki

On 05.09.2017 11:03, Pol Hallen wrote: Hello, thanks for your reply

I already tried with:

username_format=%n or auth_username_format=%n but I've same problem

Pol

passdb {
driver = pam
args = username_format=%n
}

also you probably want to consider using driver=passwd instead, if you
really don't need pam due to some special plugins.

Aki



--
Pol

Re: pam authentication

2017-09-05 Thread Aki Tuomi

Oh right, you need to do it like this...

after the passwd-file drivers add

passdb {
  driver = static
  args = username=%n noauthenticate
}

Aki


On 05.09.2017 11:03, Pol Hallen wrote:
> Hello, thanks for your reply
>
> I already tried with:
>
> username_format=%n or auth_username_format=%n but I've same problem
>
> Pol
>
>> passdb {
>> driver = pam
>> args = username_format=%n
>> }
>>
>> also you probably want to consider using driver=passwd instead, if you
>> really don't need pam due to some special plugins.
>>
>> Aki
>
>

Re: pam authentication

2017-09-05 Thread Pol Hallen


Hello, thanks for your reply

I already tried with:

username_format=%n or auth_username_format=%n but I've same problem

Pol


passdb {
driver = pam
args = username_format=%n
}

also you probably want to consider using driver=passwd instead, if you
really don't need pam due to some special plugins.

Aki



--
Pol

Re: pam authentication

2017-09-05 Thread Aki Tuomi



On 05.09.2017 10:52, Pol Hallen wrote:
> Hello all
>
> I use debian 9 with dovecot 2.x: real system users and virtual users:
> almost all works perfectly ;)
>
> Virtual users can connect via imap and pop using name + domain name:
> use...@domain1.org, etc.
>
> pam (real system users) users can connect via imap and pop ONLY
> without domain name
>
> It's a problem with pam authentication because linux make users
> authentication with only username (and not with also domain name) but
> I'd like user full email like tes...@realdomain.org
>
> cat /etc/dovecot/conf.d/auth-passwdfile.conf.ext
>
> passdb {
>   driver = passwd-file
>   args = scheme=SHA256 username_format=%u /etc/dovecot/users
> }
>
> userdb {
>   driver = passwd-file
>   args = scheme=SHA256 username_format=%u /etc/dovecot/users
> }
>
> cat /etc/dovecot/conf.d/auth-system.conf.ext
>
> passdb {
>   driver = pam
> }
>
> userdb {
>   driver = passwd
> }
>

passdb {
  driver = pam
  args = username_format=%n
}

also you probably want to consider using driver=passwd instead, if you
really don't need pam due to some special plugins.

Aki

Re: pam authentication error?

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

Re: pam authentication

14 matches

Site Navigation

Mail list logo

Footer information