On 2015-02-04 10:22, Gilles Chehade wrote:
> On Wed, Feb 04, 2015 at 06:19:05AM -0300, Hugo Osvaldo Barrera wrote:
> > On 2015-02-04 09:31, Gilles Chehade wrote:
> > > On Wed, Feb 04, 2015 at 03:51:23AM -0300, Hugo Osvaldo Barrera wrote:
> > > > I'm trying to clean up my setup and not have it refer to a system user
> > > > at all.
> > > > I also want to get rid of aliases and simply use a catch all.
> > > >
> > > > I currently have:
> > > >
> > > > table catchall { "@" => hugo } # hugo is a real system user.
> > > > table mydomains { "*.barrera.io", "barrera.io" }
> > > > # [...]
> > > > accept from any for domain <mydomains> virtual <catchall> \
> > > > deliver to mda "/usr/local/libexec/dovecot/dovecot-lda -d
> > > > [email protected]"
> > > >
> > > > Reading the man page and the list a bit, I concluded that this should
> > > > work:
> > > >
> > > > table catchall { "@" => user } # user does not exist as a system
> > > > user
> > > > table mydomains { "*.barrera.io", "barrera.io" }
> > > > table myuserbase { user => user:10:100:/tmp }
> > > > # [...]
> > > > accept from any for domain <mydomains> virtual <catchall> userbase
> > > > <myuserbase> \
> > > > deliver to mda "/usr/local/libexec/dovecot/dovecot-lda -d
> > > > [email protected]"
> > > >
> > > > Alas, it does not. When sending email to [email protected], smtpd returns
> > > > 451.
> > > > I got this with `smtpd -dv`:
> > > >
> > > > debug: aliases_virtual_get: '[email protected]' resolved to 1 nodes
> > > > smtp-in: Failed command on session 58068d7cbc47df70: "RCPT
> > > > TO:<[email protected]>" => 451 Temporary failure
> > > >
> > > > What am I doing wrong? Any hints?
> > > >
> > >
> > > This
> > >
> > > > table myuserbase { user => user:10:100:/tmp }
> > >
> > > Should read:
> > >
> > > > table myuserbase { user => 10:100:/tmp }
> > >
> >
> > That seems to have done it. Is this format missing from the man pages, or
> > did I
> > just miss it?
> >
>
> From table(5):
>
> The userinfo table is a mapping from virtual user names to a set of
> system user ID, group ID and path to home directory.
>
> A userinfo table looks as follows:
>
> joe 1000:100:/home/virtual/joe
> jack 1000:100:/home/virtual/jack
>
> In this example, both joe and jack are virtual users mapped to the local
> system user with UID 1000 and GID 100, but different home directories.
> These directories may contain a forward(5) file.
> Yeah, I seem to have skipped table(5) (AGAIN!). My bad. > > However, a while (several months, possibly a year) ago, the userbase format > was the one you used, maybe you have an old man page ? > I actually copy-pasted that from a somewhat recent email on this list while catching up - again, I had not looked at the man page for table(5). > > > > I do get some issues regarding dovecot and it's lda now, though I won't go > > into > > details since it's off topic. > > > > I am wondering though: as what user is the command from `deliver to mda` > > invoked (in this case: "/usr/local/libexec/dovecot/dovecot-lda"). > > > > Thanks, cheers, > > > > MDA is invoked with the privileges of the end user. > So, to make sure if I'm still not mistaken: in the above example, it would be 1000:100, right? > Since recently this can be overriden so that all deliveries take place as > a specific user, people use it for LMTP as far as I know. > This hasn't made it to the latest snapshot, has it? Also, if I use lda with a unix domain socket, do I still need to give write permissions to the user (eg: 1000:100 in this case), or does smtpd connect to it using the same user the process runs as? > > -- > Gilles Chehade > > https://www.poolp.org @poolpOrg > > -- > You received this mail because you are subscribed to [email protected] > To unsubscribe, send a mail to: [email protected] > Thanks for all the help, Cheers, -- Hugo Osvaldo Barrera A: Because we read from top to bottom, left to right. Q: Why should I start my reply below the quoted text?
pgpuPzG3U4u5Z.pgp
Description: PGP signature
