Re: [Dovecot] Master Login using MySQL problem - %{login_domain}

Tue, 17 Aug 2010 10:02:41 -0700 


On 8/17/2010 9:45 AM, Timo Sirainen wrote:

On Tue, 2010-08-17 at 08:50 -0700, Marc Perkel wrote:


Been trying to track this problem down further. The problem seems to be
related to verifying the master user failing.

Show the whole dovecot -n output and the whole logs when master user is
logging in? You've cut away some stuff I'd like to see.




dovecot -n

# 2.0.0: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-budarin.1 x86_64 Fedora release 12 (Constantine) simfs
auth_debug = yes
auth_master_user_separator = *
disable_plaintext_auth = no
dotlock_use_excl = yes
first_valid_uid = 12
info_log_path = /var/log/dovecot.log
log_path = /var/log/dovecot.log
login_greeting = Computer Tyme Dovecot ready.
mail_fsync = never
mail_gid = mail
mail_location = maildir:/vhome/%d/home/%n:INDEX=/imap-cache/%d-%n
mail_uid = mail
mmap_disable = yes
passdb {
  args = /etc/dovecot/sql.conf
  driver = sql
}
passdb {
  args = /etc/dovecot/domain-owner-sql.conf
  driver = sql
  master = yes
  pass = yes
}
passdb {
  args = /etc/dovecot/masteradmin-sql.conf
  driver = sql
  master = yes
  pass = yes
}
plugin {
  xexec = blacklist:/usr/local/dovecot/blacklist.sh %u
  xexec2 = whitelist:/usr/local/dovecot/whitelist.sh %u
  xexec3 = average:/usr/local/dovecot/average
  xexec4 = smtp:/usr/local/dovecot/smtp
}
protocols = imap pop3
service auth {
  unix_listener auth-client {
    mode = 0666
  }
  unix_listener auth-master {
    mode = 0666
  }
}
service imap-login {
  process_limit = 800
  process_min_avail = 100
  service_count = 0
  vsz_limit = 64
}
service imap {
  process_limit = 400
}
service pop3-login {
  process_limit = 800
  process_min_avail = 40
  service_count = 0
  vsz_limit = 64
}
service pop3 {
  process_limit = 400
}
ssl_cert = </usr/share/ssl/certs/imapd.pem
ssl_key = </usr/share/ssl/certs/imapd.pem
verbose_proctitle = yes
protocol pop3 {
  pop3_uidl_format = %v.%u
}

domain-owner-sql.conf


user_query = SELECT user_name, domain_name FROM users WHERE user_name = 
'%n' AND domain_name = '%d' AND owns_domain='1'



password_query = SELECT user_name, domain_name, password FROM users 
WHERE user_name = '%n' AND domain_name = '%d' AND owns_domain='1' \

AND '%d'='%{login_domain}'

Result:


Aug 17 09:59:17 auth: Debug: sql([email protected],127.0.0.1): query: SELECT 
user_name, domain_name, password FROM users WHERE user_name = 'tom' AND 
domain_name = 'plf.net' AND owns_domain='1' AND 'plf.net'=''

Aug 17 09:59:17 auth: Info: sql([email protected],127.0.0.1): unknown user

Aug 17 09:59:17 auth: Debug: sql([email protected],127.0.0.1): query: SELECT 
user_name, domain_name, password FROM users WHERE user_name = 'tom' AND 
domain_name = 'plf.net' AND masteradmin='1'

Aug 17 09:59:17 auth: Info: sql([email protected],127.0.0.1): unknown user
Aug 17 09:59:19 auth: Debug: client out: FAIL   10      [email protected]

Aug 17 09:59:19 imap-login: Info: Aborted login (auth failed, 1 
attempts): user=<[email protected]>, method=PLAIN, rip=127.0.0.1, 
lip=127.0.0.1, mpid=0, secured



Note - I have two different kinds of masters here. I have a masteradmin 
who can read anyone's email and I have domain owners who can read 
anyone's email in the same domain. At least that is what I'm hoping to do.
























					Reply via email to