>>>>> "John" == John Stoffel <j...@stoffel.org> writes:
Do I think I'm on the right track here, since I removed the following from /etc/dovecot/conf.d/auth-sql.conf.ext #userdb { # driver = static # args = uid=mail gid=mail home=/var/mail/%d/%n #} So now my error is as follows: # doveadm user -u '*' Error: auth-master: userdb list: User listing returned failure Fatal: user listing failed Because now when I restart dovecot, I see the following in the log: Dec 01 16:55:14 master: Info: Dovecot v2.3.21 (47349e2482) starting up for imap, lmtp, sieve (core dumps disabled) Dec 01 16:55:14 auth: Warning: sql: Ignoring changed iterate_query in /etc/dovecot/dovecot-sql.conf.ext, because userdb sql not used. (If this is intentional, set userdb_warning_disable=yes) Dec 01 16:55:14 auth: Error: auth-master client: Trying to iterate users, but userdbs don't support it (created 0 msecs ago, handshake 0 msecs ago) So I commented out my 'iterate_query = ...' (see below) from /etc/postfix/dovecot-sql.conf.ext and now I get the error on startup which says: Dec 01 16:57:42 master: Info: Dovecot v2.3.21 (47349e2482) starting up for imap, lmtp, sieve (core dumps disabled) Dec 01 16:57:42 auth: Error: auth-master client: Trying to iterate users, but userdbs don't support it (created 0 msecs ago, handshake 0 msecs ago) Dec 01 16:57:42 replicator: Error: auth-master: userdb list: User listing returned failure Dec 01 16:57:42 replicator: Error: listing users failed, can't replicate existing data Which tells me I need the iteracte_users setting, but I've got a bogus query in there. So I think I should be using something like this: iterate_query = SELECT email AS user from virtual_users; where 'virtual_users' is the one and only table in my sqlite db file. And I'm just returning the 'email' column as 'user', since that's what it seems to expect. Hmmm... > I've been pounding my head against the sand for a while here trying to > figure out why I can't get: > doveadm user '*' > working properly. I've got a Debian 11 VPS runnig dovecot version > 2.3.21-1+debian10 and it works great. But not I'm trying to add in > simple replication to a home dovecot instance over a wireguard tunnel > so I can do backups and have a little better resiliency. Maybe. > In any case, my sqlite schema looks like this: sqlite> .schema virtual_users > CREATE TABLE `virtual_users` ( > `id` integer NOT NULL PRIMARY KEY AUTOINCREMENT > , `domain_id` integer NOT NULL > , `password` varchar(106) NOT NULL > , `email` varchar(100) NOT NULL > , UNIQUE (`email`) > , CONSTRAINT `virtual_users_ibfk_1` FOREIGN KEY (`domain_id`) REFERENCES > `virtual_domains` (`id`) E > ); > CREATE INDEX "idx_virtual_users_domain_id" ON "virtual_users" > (`domain_id`); > and I don't have any other tables. The 'domain_id' was/is a leftover > from my thinking I needed it for extra testing of other domains and > such. > I can do 'doveadm user j...@stoffel.org' and it works just fine. When > I do "doveadm user '*'" it fails and I get: > doveadm user '*' > Error: auth-master: userdb list: User listing returned failure > Fatal: user listing failed > So my config looks like this: > root@mail:/etc/dovecot/conf.d# cat auth-sql.conf.ext > # Authentication for SQL users. Included from 10-auth.conf. > # > # <doc/wiki/AuthDatabase.SQL.txt> > passdb { > driver = sql > # Path for SQL configuration file, see > example-config/dovecot-sql.conf.ext > args = /etc/dovecot/dovecot-sql.conf.ext > } > userdb { > driver = static > args = uid=mail gid=mail home=/var/mail/%d/%n > } > My /etc/dovecot/dovecot-sql.conf.ext has the following: > driver = sqlite > connect = /etc/dovecot/private/virtual_users.sqlite3 > default_pass_scheme = SHA512-CRYPT > password_query = SELECT '/var/mail/%d/%u' AS userdb_home, 'mail' AS > userdb_uid, 'mail' AS userdb_gid, email as user, password FROM virtual_users > WHERE email='%u'; > iterate_query = SELECT email AS user from virtual_users; > And my general doveadm config output is this, slightly edited down to > remove stuff I don't think I need to show is at the end. Any hints on > what I've done wrong here? Do I need a more complete sqlite3 schema? > I wish I could get more debugging info on what query it's trying to > run and the error(s) it's getting. > Thanks, > John > # 2.3.21 (47349e2482): /etc/dovecot/dovecot.conf > # Pigeonhole version 0.5.21 (f6cd4b8e) > # OS: Linux 5.10.0-26-amd64 x86_64 Debian 11.8 ext4 > # Hostname: localhost > # NOTE: Send doveconf -n output instead when asking for help. > auth_anonymous_username = anonymous > auth_cache_negative_ttl = 1 hours > auth_cache_size = 0 > auth_cache_ttl = 1 hours > auth_cache_verify_password_with_worker = no > auth_debug = no > auth_debug_passwords = no > auth_failure_delay = 2 secs > auth_gssapi_hostname = > auth_krb5_keytab = > auth_master_user_separator = > auth_mechanisms = plain login > auth_policy_check_after_auth = yes > auth_policy_check_before_auth = yes > auth_policy_hash_mech = sha256 > auth_policy_hash_nonce = > auth_policy_hash_truncate = 12 > auth_policy_log_only = no > auth_policy_reject_on_fail = no > auth_policy_report_after_auth = yes > auth_policy_request_attributes = login=%{requested_username} > pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%s > session_id=%{session} > auth_policy_server_api_header = > auth_policy_server_timeout_msecs = 2000 > auth_policy_server_url = > auth_proxy_self = > auth_realms = > auth_socket_path = auth-userdb > auth_ssl_require_client_cert = no > auth_ssl_username_from_cert = no > auth_stats = no > auth_use_winbind = no > auth_username_chars = > abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@ > auth_username_format = %Lu > auth_username_translation = > auth_verbose = no > auth_verbose_passwords = no > auth_winbind_helper_path = /usr/bin/ntlm_auth > auth_worker_max_count = 30 > base_dir = /run/dovecot > config_cache_size = 1 M > debug_log_path = > default_client_limit = 1000 > default_idle_kill = 1 mins > default_internal_group = dovecot > default_internal_user = dovecot > default_login_user = dovenull > default_process_limit = 100 > default_vsz_limit = 256 M > deliver_log_format = msgid=%m: %$ > dict_db_config = > disable_plaintext_auth = yes > dotlock_use_excl = yes > doveadm_allowed_commands = > doveadm_api_key = > doveadm_http_rawlog_dir = > doveadm_password = > doveadm_port = 0 > doveadm_socket_path = doveadm-server > doveadm_ssl = no > doveadm_username = doveadm > doveadm_worker_count = 0 > first_valid_gid = 1 > first_valid_uid = 0 > import_environment = TZ CORE_OUTOFMEM CORE_ERROR LISTEN_PID LISTEN_FDS > NOTIFY_SOCKET > info_log_path = > libexec_dir = /usr/lib/dovecot > listen = * > log_core_filter = > log_debug = > log_path = /var/log/dovecot.log > log_timestamp = "%b %d %H:%M:%S " > mail_access_groups = > mail_always_cache_fields = > mail_attachment_detection_options = > mail_attachment_dir = > mail_attachment_fs = sis posix > mail_attachment_hash = %{sha1} > mail_attachment_min_size = 128 k > mail_attribute_dict = > mail_cache_fields = flags > mail_chroot = > mail_debug = no > mail_fsync = optimized > mail_full_filesystem_access = no > mail_gid = > mail_home = > mail_location = maildir:/var/mail/%d/%n/Maildir > mail_log_prefix = "%s(%u)<%{pid}><%{session}>: " > mail_max_keyword_length = 50 > mail_max_lock_timeout = 0 > mail_max_userip_connections = 10 > mail_never_cache_fields = imap.envelope > mail_nfs_index = no > mail_nfs_storage = no > mail_plugin_dir = /usr/lib/dovecot/modules > mail_plugins = " notify replication" > mail_prefetch_count = 0 > mail_privileged_group = mail > mail_save_crlf = no > mail_server_admin = > mail_server_comment = > mail_shared_explicit_inbox = no > mail_sort_max_read_count = 0 > mail_temp_dir = /tmp > mail_temp_scan_interval = 1 weeks > mail_uid = > mail_vsize_bg_after_count = 0 > passdb { > args = /etc/dovecot/dovecot-sql.conf.ext > auth_verbose = default > default_fields = > deny = no > driver = sql > master = no > mechanisms = > name = > override_fields = > pass = no > result_failure = continue > result_internalfail = continue > result_success = return-ok > skip = never > username_filter = > } > protocols = imap lmtp sieve > recipient_delimiter = +_ > service auth-worker { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = auth -w > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 0 > type = worker > unix_listener auth-worker { > group = > mode = 0600 > user = $default_internal_user > } > user = mail > vsz_limit = 18446744073709551615 B > } > service auth { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = auth > extra_groups = > group = > idle_kill = 0 > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = > unix_listener /var/spool/postfix/private/auth { > group = postfix > mode = 0666 > user = postfix > } > unix_listener auth-client { > group = > mode = 0600 > user = $default_internal_user > } > unix_listener auth-login { > group = > mode = 0600 > user = $default_internal_user > } > unix_listener auth-master { > group = > mode = 0600 > user = > } > unix_listener auth-userdb { > group = > mode = 0666 > user = mail > } > unix_listener login/login { > group = > mode = 0666 > user = > } > unix_listener token-login/tokenlogin { > group = > mode = 0666 > user = > } > user = dovecot > vsz_limit = 18446744073709551615 B > } > service doveadm { > chroot = > client_limit = 1 > drop_priv_before_exec = no > executable = doveadm-server > extra_groups = $default_internal_group > group = > idle_kill = 0 > privileged_group = > process_limit = 0 > process_min_avail = 0 > protocol = > service_count = 1 > type = > unix_listener doveadm-server { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > service log { > chroot = > client_limit = 0 > drop_priv_before_exec = no > executable = log > extra_groups = > group = > idle_kill = 4294967295 secs > privileged_group = > process_limit = 1 > process_min_avail = 0 > protocol = > service_count = 0 > type = log > unix_listener log-errors { > group = > mode = 0600 > user = > } > user = > vsz_limit = 18446744073709551615 B > } > state_dir = /var/lib/dovecot > stats_http_rawlog_dir = > syslog_facility = mail > userdb { > args = uid=mail gid=mail home=/var/mail/%d/%n > auth_verbose = default > default_fields = > driver = static > name = > override_fields = > result_failure = continue > result_internalfail = continue > result_success = return-ok > skip = never > } > _______________________________________________ > dovecot mailing list -- dovecot@dovecot.org > To unsubscribe send an email to dovecot-le...@dovecot.org _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org