got a problem when configured passdb with username_filter — looks like the
option doesn't work
OS: FreeBSD 13 and 14. Dovecot version: 2.3.21
Part of config:
passdb {
args = /usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php
driver = checkpassword
}
passdb {
args = /usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php
driver = checkpassword
username_filter = us...@postmaster.local.one
default_fields = domain=local.one
override_fields = user=postmas...@local.one
}
passdb {
args = /usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php
driver = checkpassword
username_filter = us...@user2.local.one
default_fields = domain=local.one
override_fields = user=us...@local.one
}
When I try command "doveadm auth test us...@postmaster.local.one" and enter a
password of user1 — it works as planned — change us...@postmaster.local.one to
us...@local.one check it's password and override user to postmas...@local.one
But when I try "doveadm auth test us...@user2.local.one" — it also change
us...@user2.local.one to us...@local.one, and after password check — override
it to postmas...@local.one
Debug logs, when I try "doveadm auth test us...@user2.local.one":
Aug 1 11:01:03 auth: Debug: Loading modules from directory:
/usr/local/lib/dovecot/auth
Aug 1 11:01:03 auth: Debug: Module loaded:
/usr/local/lib/dovecot/auth/lib20_auth_var_expand_crypt.so
Aug 1 11:01:03 auth: Debug: Read auth token secret from
/var/run/dovecot/auth-token-secret.dat
Aug 1 11:01:03 auth: Debug: passwd-file /usr/local/etc/dovecot.users.list:Read
7 users in 0 secs
Aug 1 11:01:03 auth: Debug: auth client connected (pid=0)
Aug 1 11:01:03 auth: Debug: client in: AUTH 1 PLAIN
service=doveadm debug resp=<hidden>
Aug 1 11:01:03 auth: Debug: checkpassword(us...@user2.local.one): Performing
passdb lookup
Aug 1 11:01:03 auth: Debug: checkpassword(us...@user2.local.one): execute:
/usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php
/usr/local/libexec/dovecot/checkpassword-reply
Aug 1 11:01:03 auth: Debug: checkpassword(us...@user2.local.one): Received
input:
Aug 1 11:01:03 auth: Debug: checkpassword(us...@user2.local.one): exit_status=1
Aug 1 11:01:03 auth: checkpassword(us...@user2.local.one): Login failed
(status=1)
Aug 1 11:01:03 auth: Debug: checkpassword(us...@user2.local.one): Finished
passdb lookup
Aug 1 11:01:03 auth: Debug: checkpassword(us...@user2.local.one): Performing
passdb lookup
Aug 1 11:01:03 auth: Debug: checkpassword(us...@user2.local.one): username
changed us...@user2.local.one -> us...@local.one
Aug 1 11:01:03 auth: Debug: checkpassword(us...@local.one): execute:
/usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php
/usr/local/libexec/dovecot/checkpassword-reply
Aug 1 11:01:03 auth: Debug: checkpassword(us...@local.one): Received input:
user=us...@local.one userdb_home=/var/spool/mail/ userdb_uid=dovecot
userdb_gid=dovecot
Aug 1 11:01:03 auth: Debug: checkpassword(us...@local.one): exit_status=0
Aug 1 11:01:03 auth: Debug: checkpassword(us...@local.one): username changed
us...@local.one -> postmas...@local.one
Aug 1 11:01:03 auth: Debug: checkpassword(postmas...@local.one): Finished
passdb lookup
Aug 1 11:01:03 auth: Debug: auth(postmas...@local.one): Auth request finished
Aug 1 11:01:03 auth: Debug: client passdb out: OK 1
user=postmas...@local.one original_user=us...@user2.local.one
I've checked sources and find in " core/src/auth/auth-request.c (from line 617)
" code that check username_filter and should send "skipping passdb: username
filtered" message in debug, but it doesn't do it.
Is it a bug or I've missed something in setup?
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
