At 17:04 28-9-2009, Matt Brookings wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Ro Achterberg wrote:
> Hi all,
> I'm using the vpopmail MySQL module to manage my domains and to provide
> an authorization backend for courier-imapd's authdaemon (among other
> things). However, it seems that since the MySQL module (vmysql.c +
> vmysql.h) doesn't bother registering the Maildir domain's uid and gid
> (thereby storing them with a default value of 0), courier-imap runs into
> problems when trying to authenticate a user, since I have it run as a
> non-root user.
> Basically what happens is that courier-imap is unable to setgid() from
> 'root', since that's what it's reading from the SQL table, that the
> MySQL module had created. Am I missing a configuration parameter
> somewhere, or could this be considered a bug? Any insights would be
> greatly appreciated.
Ro, Courier-MTA has dropped all support for vpopmail, and as such,
vpopmail has dropped all support for Courier-MTA, and it's various
parts such as Courier-IMAP.
This isn't really considered a bug because this worked in the past, but
they simply chose to take a stance of non-support. I saw that you sent
me a patch that allows authentication to work, but the uid/gid fields
in vpopmail are not used as named. The fields are called that so that
implementors realize it's authentication scheme is based on the Unix-based
passwd system calls. The fields are actually used to store user flags.
Most people using qmail/vpopmail installations have moved to Dovecot for
IMAP, and some other services as well. Most would tell you that Dovecot
is a superior IMAP server too. Moving to Dovecot from Courier-IMAP is
*easy as can be*.
I thought you'd like to know that eventhough it took some courage to
dive into the rather fragmented and poorly written documentation
provided by Dovecot which led to some initial frustration, I decided
to drop courier in favor of it. I'm now using Dovecot + the SQL auth
driver which queries the vpopmail table for authentication and user
info. It better suits my needs for proper security, performance and
easy of use.
Thanks for recommending it to me.