On 16-08-16 16:38:36, Edgar Pettijohn wrote:
> On 16-08-16 12:18:31, Jeremy Volkening wrote:
> > Hello,
> >
> > I'm setting up OpenSMTPD 5.7.3p2 on a Linux box (Debian 8). So far
> > everything is great except for one annoyance. I have a credentials table in
> > 'passwd' format that I want to share between opensmtpd and dovecot. I have
> > created a separate group and added the 'opensmtpd' and 'dovecot' users and
> > given ownership of the table file to that group along with read permissions.
> > However, under this setup smtpd fails to start, with this truncated output:
> >
> > ...
> > mproc: queue -> lka: enabled
> > mproc: queue -> scheduler: enabled
> > mproc: queue -> pony: enabled
> > warn: table-passwd: error parsing config file
> > warn: table-proc: imsg_read: Connection reset by peer
> > fatal: table-proc: exiting
> > ...
> >
> > If I simply change the group ownership of the file from the shared
> > "mail_auth" group to the "opensmtpd" group, everything works fine. The
> > "opensmtpd" user is a member of both groups, and this is after a reboot so
> > all group memberships have fully propagated. I have also confirmed that the
> > "opensmtpd" user can read the file (e.g. with "cat") when owned by the
> > "mail_auth" group.
> >
> > I know this is an older version of the software. Is this a known issue that
> > has since been resolved, or does anyone have any insight? I couldn't find
> > anything at all relevant in the various lists and sources I searched.
> >
> > Thanks,
> > Jeremy
> >
> > --
> > You received this mail because you are subscribed to [email protected]
> > To unsubscribe, send a mail to: [email protected]
> >
> Your /etc/mail/smtpd.conf may be useful. However, here is an excert from
> table(5) that I think applies.
>
> In a listener context, the credentials are a mapping of username and
> encrypted passwords:
>
> user1
> $2a$06$hIJ4QfMcp.90nJwKqGbKM.MybArjHOTpEtoTV.DgLYAiThuoYmTSe
> user2
> $2a$06$bwSmUOBGcZGamIfRuXGTvuTo3VLbPG9k5yeKNMBtULBhksV5KdGsK
>
> But, I'm not sure if you are talking about in a listen context or not. I'm
> currently sharing my users table in a passwd file with dovecot with no
> problems.
> I do have a seperate creds table in the above format for my listen context.
>
> /etc/mail/users passwd file
> -rw-r--r-- 1 root wheel 214 Aug 3 2015 users
I never noticed this was world readable which doesn't seem like a good thing.
Now I see what your problem is, because I tried the same thing and it causes
problems for dovecot and smtpd.
>
> relevant doveconf -n
> passdb {
> args = scheme=BLF-CRYPT username_format=%n /etc/mail/users
> driver = passwd-file
> }
>
> userdb {
> args = username_format=%n /etc/mail/users
> default_fields = quota_rule=*:storage=1G
> driver = passwd-file
> }
>
> I hope this helps.
> --
> Edgar Pettijohn
>
> --
> You received this mail because you are subscribed to [email protected]
> To unsubscribe, send a mail to: [email protected]
>
--
Edgar Pettijohn
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
