Re: [Dovecot] Master User Features I'd like to see
On 8/16/2010 2:24 PM, Timo Sirainen wrote:
On 16.8.2010, at 22.01, Marc Perkel wrote:
But the %{login_domain} evaluates to an empty string as you can see from the
results of the debug.
What about %{login_user} or %{username}?
Hi Timo,
Apparently I'm getting different results that you are. I'm trying to
think of anything unusual I might be doing. I do have more than one
master user db. Perhaps that is the problem? Is there some tests I can
run to debug this?
passdb {
driver = sql
args = /etc/dovecot/dovecot-master-sql.conf
master = yes
pass = yes
}
passdb {
driver = sql
args = /etc/dovecot/dovecot-domain-owner-sql.conf
master = yes
pass = yes
}
Re: [Dovecot] Master User Features I'd like to see
On 8/15/2010 3:06 PM, Timo Sirainen wrote:
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Hi Timo,
I just tried the 2.0 official release and these variables return an
empty string.
Re: [Dovecot] Master User Features I'd like to see
On Mon, 2010-08-16 at 10:49 -0700, Marc Perkel wrote:
On 8/15/2010 3:06 PM, Timo Sirainen wrote:
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Hi Timo,
I just tried the 2.0 official release and these variables return an
empty string.
Works with me:
passdb {
driver = sql
master = yes
args = /usr/local/etc/dovecot/dovecot-sql-master.conf
pass = yes
}
password_query = \
SELECT user, password FROM masters \
WHERE user = '%u' and '%d' = '%{login_domain}'
auth: Debug: sql(mas...@dovecot.org,::1,master): query: SELECT user, password
FROM masters WHERE user = 'mas...@dovecot.org' and 'dovecot.org' =
'dovecot.org'
auth: Debug: sql(mas...@dovecot.org,::1,master): query: SELECT user, password
FROM masters WHERE user = 'mas...@dovecot.org' and 'dovecot.org' =
'foobar.org'
Re: [Dovecot] Master User Features I'd like to see
You can use checkpassword:
http://wiki.dovecot.org/AuthDatabase/CheckPassword
Works fine for me for master user authentication.
Emerson Pinter
On 15-08-2010 18:46, Marc Perkel wrote:
Here's what I'd like. Limited master users, where someone can be a
master users for some domains but not others. I think I could do what
I want with the right kinds of variable passing that doesn't yet
exist. Let me see if I can explain clearly.
From the example in the wiki:
auth_master_user_separator = *
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
Login looks like this:
# telnet localhost 143
* OK Dovecot ready.
1 login loginuser*masteruser masterpass
1 OK Logged in.
I'm assuming that the masteruser and masterpass is passed to the
master passdb and when doing so the variable %u is the master user. I
assume that %n and %d also represent the name and domain part of the
master user.
What I need is to also be able to have variables for the loginuser
passed to the master user query. Something like %lu, %ln, and %ld
perhaps. That way with MySQL tricks I might be able to see if the
master user is master for that particular login user. That way I can
give domain owners or owners of multiple domains the ability to manage
the email accounts within their scope of permission.
Re: [Dovecot] Master User Features I'd like to see
On 8/16/2010 11:04 AM, Timo Sirainen wrote:
On Mon, 2010-08-16 at 10:49 -0700, Marc Perkel wrote:
On 8/15/2010 3:06 PM, Timo Sirainen wrote:
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Hi Timo,
I just tried the 2.0 official release and these variables return an
empty string.
Works with me:
passdb {
driver = sql
master = yes
args = /usr/local/etc/dovecot/dovecot-sql-master.conf
pass = yes
}
password_query = \
SELECT user, password FROM masters \
WHERE user = '%u' and '%d' = '%{login_domain}'
auth: Debug: sql(mas...@dovecot.org,::1,master): query: SELECT user, password FROM
masters WHERE user = 'mas...@dovecot.org' and 'dovecot.org' = 'dovecot.org'
auth: Debug: sql(mas...@dovecot.org,::1,master): query: SELECT user, password FROM
masters WHERE user = 'mas...@dovecot.org' and 'dovecot.org' = 'foobar.org'
Odd - wonder what I'm doing wrong then? My result:
Aug 16 10:44:43 auth: Debug: sql(supp...@junkemailfilter.com,127.0.0.1):
query: SELECT user_name, domain_name, password FROM users WHERE
user_name = 'support' AND domain_name = 'junkemailfilter.com' AND
owns_domain='1' AND 'junkemailfilter.com'=''
My query:
password_query = SELECT user_name, domain_name, password FROM users
WHERE user_name = '%n' AND domain_name = '%d' AND owns_domain='1' AND
'%d'='%{login_domain}'
Re: [Dovecot] Master User Features I'd like to see
On Mon, 2010-08-16 at 11:17 -0700, Marc Perkel wrote:
Odd - wonder what I'm doing wrong then? My result:
Aug 16 10:44:43 auth: Debug: sql(supp...@junkemailfilter.com,127.0.0.1):
query: SELECT user_name, domain_name, password FROM users WHERE
user_name = 'support' AND domain_name = 'junkemailfilter.com' AND
owns_domain='1' AND 'junkemailfilter.com'=''
This is from passdb { master = yes } passdb? How are you logging in? I
used auth_master_user_separator=* and:
a login t...@dovecot.org*master@dovecot.org pass
b login t...@foobar.org*master@dovecot.org pass
Re: [Dovecot] Master User Features I'd like to see
On 8/16/2010 11:26 AM, Timo Sirainen wrote:
On Mon, 2010-08-16 at 11:17 -0700, Marc Perkel wrote:
Odd - wonder what I'm doing wrong then? My result:
Aug 16 10:44:43 auth: Debug: sql(supp...@junkemailfilter.com,127.0.0.1):
query: SELECT user_name, domain_name, password FROM users WHERE
user_name = 'support' AND domain_name = 'junkemailfilter.com' AND
owns_domain='1' AND 'junkemailfilter.com'=''
This is from passdb { master = yes } passdb? How are you logging in? I
used auth_master_user_separator=* and:
a login t...@dovecot.org*master@dovecot.org pass
b login t...@foobar.org*master@dovecot.org pass
auth_master_user_separator = *
passdb {
driver = sql
args = /etc/dovecot/dovecot-domain-owner-sql.conf
master = yes
pass = yes
}
I'm logging in les...@junkemailfilter.com*support@junkemailfilter.com
But the %{login_domain} evaluates to an empty string as you can see from
the results of the debug.
Aug 16 10:44:43 auth: Debug: sql(supp...@junkemailfilter.com,127.0.0.1):
query: SELECT user_name, domain_name, password FROM users WHERE
user_name = 'support' AND domain_name = 'junkemailfilter.com' AND
owns_domain='1' AND*'junkemailfilter.com'=''*
Re: [Dovecot] Master User Features I'd like to see
On 16.8.2010, at 22.01, Marc Perkel wrote:
But the %{login_domain} evaluates to an empty string as you can see from the
results of the debug.
What about %{login_user} or %{username}?
Re: [Dovecot] Master User Features I'd like to see
On 8/16/2010 2:24 PM, Timo Sirainen wrote:
On 16.8.2010, at 22.01, Marc Perkel wrote:
But the %{login_domain} evaluates to an empty string as you can see from the
results of the debug.
What about %{login_user} or %{username}?
Interestingly %{login_user} doesn't work either returning an empty
string. However %{username} works.
Re: [Dovecot] Master User Features I'd like to see
On 8/16/2010 2:24 PM, Timo Sirainen wrote:
On 16.8.2010, at 22.01, Marc Perkel wrote:
But the %{login_domain} evaluates to an empty string as you can see from the
results of the debug.
What about %{login_user} or %{username}?
Actually - spoke too soon. %{username} returned the wrong value. It
returned that name part of the master user.
[Dovecot] Master User Features I'd like to see
Here's what I'd like. Limited master users, where someone can be a
master users for some domains but not others. I think I could do what I
want with the right kinds of variable passing that doesn't yet exist.
Let me see if I can explain clearly.
From the example in the wiki:
auth_master_user_separator = *
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
Login looks like this:
# telnet localhost 143
* OK Dovecot ready.
1 login loginuser*masteruser masterpass
1 OK Logged in.
I'm assuming that the masteruser and masterpass is passed to the master
passdb and when doing so the variable %u is the master user. I assume
that %n and %d also represent the name and domain part of the master user.
What I need is to also be able to have variables for the loginuser
passed to the master user query. Something like %lu, %ln, and %ld
perhaps. That way with MySQL tricks I might be able to see if the master
user is master for that particular login user. That way I can give
domain owners or owners of multiple domains the ability to manage the
email accounts within their scope of permission.
Re: [Dovecot] Master User Features I'd like to see
On 8/15/2010 5:46 PM, Marc Perkel wrote:
Here's what I'd like. Limited master users, where someone can be a
master users for some domains but not others. I think I could do what
I want with the right kinds of variable passing that doesn't yet
exist. Let me see if I can explain clearly.
From the example in the wiki:
auth_master_user_separator = *
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
userdb {
driver = sql
args = /etc/dovecot/dovecot-sql.conf.ext
}
Login looks like this:
# telnet localhost 143
* OK Dovecot ready.
1 login loginuser*masteruser masterpass
1 OK Logged in.
I'm assuming that the masteruser and masterpass is passed to the
master passdb and when doing so the variable %u is the master user. I
assume that %n and %d also represent the name and domain part of the
master user.
What I need is to also be able to have variables for the loginuser
passed to the master user query. Something like %lu, %ln, and %ld
perhaps. That way with MySQL tricks I might be able to see if the
master user is master for that particular login user. That way I can
give domain owners or owners of multiple domains the ability to manage
the email accounts within their scope of permission.
YES, lets make an administrative tool for dovecot supporting multiple
domains administrated by various user. Oh, wait! There's vpopmail :-S
Jerrale G.
SC Senior Admin
Re: [Dovecot] Master User Features I'd like to see
On 15.8.2010, at 22.46, Marc Perkel wrote:
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
..
I'm assuming that the masteruser and masterpass is passed to the master
passdb and when doing so the variable %u is the master user. I assume that
%n and %d also represent the name and domain part of the master user.
Yes.
What I need is to also be able to have variables for the loginuser passed to
the master user query. Something like %lu, %ln, and %ld perhaps. That way
with MySQL tricks I might be able to see if the master user is master for
that particular login user. That way I can give domain owners or owners of
multiple domains the ability to manage the email accounts within their scope
of permission.
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Re: [Dovecot] Master User Features I'd like to see
On 8/15/2010 3:06 PM, Timo Sirainen wrote:
On 15.8.2010, at 22.46, Marc Perkel wrote:
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
..
I'm assuming that the masteruser and masterpass is passed to the master passdb
and when doing so the variable %u is the master user. I assume that %n and %d
also represent the name and domain part of the master user.
Yes.
What I need is to also be able to have variables for the loginuser passed to
the master user query. Something like %lu, %ln, and %ld perhaps. That way with
MySQL tricks I might be able to see if the master user is master for that
particular login user. That way I can give domain owners or owners of multiple
domains the ability to manage the email accounts within their scope of
permission.
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Yeah - let us know where. I'm having a hard time finding the normal
variables documented. I'll see if I can use this and get something working.
Re: [Dovecot] Master User Features I'd like to see
On 8/15/2010 3:06 PM, Timo Sirainen wrote:
On 15.8.2010, at 22.46, Marc Perkel wrote:
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
..
I'm assuming that the masteruser and masterpass is passed to the master passdb
and when doing so the variable %u is the master user. I assume that %n and %d
also represent the name and domain part of the master user.
Yes.
What I need is to also be able to have variables for the loginuser passed to
the master user query. Something like %lu, %ln, and %ld perhaps. That way with
MySQL tricks I might be able to see if the master user is master for that
particular login user. That way I can give domain owners or owners of multiple
domains the ability to manage the email accounts within their scope of
permission.
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Hi Timo,
I don't think it's working. I tried this query:
password_query = SELECT user_name, domain_name, password FROM users
WHERE user_name = '%n' AND domain_name = '%d' AND owns_domain='1' AND
'%d'='%{login_domain}'
It didn't work. However this did:
password_query = SELECT user_name, domain_name, password FROM users
WHERE user_name = '%n' AND domain_name = '%d' AND owns_domain='1'
But that doesn't test the '%d'='%{login_domain}' part.
Am I missing something.
I should have been testing 2.0 earlier.
Re: [Dovecot] Master User Features I'd like to see
On 8/15/2010 3:06 PM, Timo Sirainen wrote:
On 15.8.2010, at 22.46, Marc Perkel wrote:
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
..
I'm assuming that the masteruser and masterpass is passed to the master passdb
and when doing so the variable %u is the master user. I assume that %n and %d
also represent the name and domain part of the master user.
Yes.
What I need is to also be able to have variables for the loginuser passed to
the master user query. Something like %lu, %ln, and %ld perhaps. That way with
MySQL tricks I might be able to see if the master user is master for that
particular login user. That way I can give domain owners or owners of multiple
domains the ability to manage the email accounts within their scope of
permission.
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Further testing shows %{login_domain} returns an empty string.
Re: [Dovecot] Master User Features I'd like to see
On Aug 15, 2010, at 4:56 PM, Marc Perkel wrote:
On 8/15/2010 3:06 PM, Timo Sirainen wrote:
On 15.8.2010, at 22.46, Marc Perkel wrote:
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
..
I'm assuming that the masteruser and masterpass is passed to the
master passdb and when doing so the variable %u is the master
user. I assume that %n and %d also represent the name and domain
part of the master user.
Yes.
What I need is to also be able to have variables for the loginuser
passed to the master user query. Something like %lu, %ln, and %ld
perhaps. That way with MySQL tricks I might be able to see if the
master user is master for that particular login user. That way I
can give domain owners or owners of multiple domains the ability
to manage the email accounts within their scope of permission.
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Further testing shows %{login_domain} returns an empty string.
What was your test? Mysql query log?
Did you add them as '%{login_user}' or '%login_user'?
ChangeLog has:
* src/auth/auth-request.c:
auth: Added %{login_user}, %{login_username} and %{login_domain}
variables that are set for master logins.
[5ae4a5c14f5b]
// Brad
Re: [Dovecot] Master User Features I'd like to see
On 8/15/2010 5:07 PM, Bradley Giesbrecht wrote:
On Aug 15, 2010, at 4:56 PM, Marc Perkel wrote:
On 8/15/2010 3:06 PM, Timo Sirainen wrote:
On 15.8.2010, at 22.46, Marc Perkel wrote:
passdb {
driver = sql
args = /etc/dovecot/dovecot-sql-master.conf.ext
master = yes
pass = yes
}
..
I'm assuming that the masteruser and masterpass is passed to the
master passdb and when doing so the variable %u is the master user.
I assume that %n and %d also represent the name and domain part of
the master user.
Yes.
What I need is to also be able to have variables for the loginuser
passed to the master user query. Something like %lu, %ln, and %ld
perhaps. That way with MySQL tricks I might be able to see if the
master user is master for that particular login user. That way I
can give domain owners or owners of multiple domains the ability to
manage the email accounts within their scope of permission.
These are available in v2.0:
%{login_user}
%{login_username}
%{login_domain}
I guess they should be added to wiki..
Further testing shows %{login_domain} returns an empty string.
What was your test? Mysql query log?
Did you add them as '%{login_user}' or '%login_user'?
ChangeLog has:
* src/auth/auth-request.c:
auth: Added %{login_user}, %{login_username} and %{login_domain}
variables that are set for master logins.
[5ae4a5c14f5b]
// Brad
The query is:
password_query = SELECT user_name, domain_name, password FROM users
WHERE user_name = '%n' AND domain_name = '%d' AND owns_domain='1' AND
'%d'='%{login_domain}'
