you could hard code vpopmail's uid and vchkpw gid in that user_query.. not quite sure if that will do what you're looking for though.


Michael Mussulis wrote:
Hmm... so basically so far from everything that's been said, it looks like the uid/gid values are being used for domain creation purposes, but not stored in the sql backend, which brings me to the issue of dovecot authentication via IMAP.

As mentioned before, I did a bog standard vpopmail build/install, followed by a bog standard dovecot build/install. If I add a domain, that is owned by vpopmail/vchkpw - dovecot imap authentication from squirremail works just fine.

However, if for a domain owned by a 'mike4', dovecot authentication fails with:

auth(default): Info: client in: AUTH 1 PLAIN service=imap secured lip= rip= lport=143 rport=56559 resp=AHBvc3RtYXN0ZXJAdGVzdDEwLmNvbQAxMjM= auth(default): Info: vpopmail(, lookup user=postmaster
auth(default): Info: vpopmail(, unknown user
auth(default): Info: new auth connection: pid=18526
auth(default): Info: client out: FAIL   1
imap-login: Info: Aborted login (auth failed, 1 attempts): user=<>, method=PLAIN, rip=, lip=, secured

My dovecot.conf auth section is:

## Authentication processes

auth default {
   mechanisms = plain

   ### works for vpopmail/vchkpw domains
   #passdb vpopmail {
   #    args =

   #userdb vpopmail {

   ### works for -u domains
   passdb sql {
      args = /usr/local/hcp/etc/dovecot-sql.conf

   userdb sql {
       args = /usr/local/hcp/etc/dovecot-sql.conf

   user = vpopmail
   count = 1
   ssl_require_client_cert = no

and dovecot-sql.conf:

driver = mysql
connect = host=localhost port=3306 user=admin password=xxxxxxxx dbname=hcp
default_pass_scheme = CRYPT
password_query = SELECT CONCAT(pw_name, '@', pw_domain) AS user, pw_passwd AS password FROM vpopmail WHERE pw_name = '%n' AND pw_domain = '%d' user_query = SELECT pw_dir as home, pw_uid AS uid, pw_gid AS gid FROM vpopmail WHERE pw_name = '%n' AND pw_domain = '%d'

Also, the pw_uid/pw_gid in vpopmail table MUST have the correct uid/gid values for the domain if created with -u, other dovecot will fail with:

dovecot: Error: User not allowed to log in using UNIX UID 0 (root logins are never allowed)

Am I doing something wrong? Am I to understand that for any domain I create with -u, I then have to update vpopmail table with the real uid/gid values?

(PS: I know part of the question is about dovecot, but it's closely tied to vpopmail authentication).

 > Date: Fri, 4 Dec 2009 09:46:37 -0600
 > From:
 > To:
 > Subject: Re: [vchkpw] vdeliver perimission denied for vadddomain -u
 > Hash: SHA1
 > Pavel V. Yanchenko wrote:
 > > Could it be that vdelivermail ignores groups? Is it possible at all?
 > The groups file is not read by uid selection or execution system calls.
 > - --
 > /*
 > Matt Brookings <> GnuPG Key FAE0672C
 > Software developer Systems technician
 > Inter7 Internet Technologies, Inc. (815)776-9465
 > */
 > Version: GnuPG v1.4.9 (GNU/Linux)
 > Comment: Using GnuPG with Mozilla -
 > iEYEARECAAYFAksZLt0ACgkQIwet2/rgZyyUBACcCRonIobcnTDT02rhYIr43oqA
 > /94Ani3PjvK4TTtEB0fmsiHhCi9mbU8E
 > =sHP6
 > -----END PGP SIGNATURE-----

Use Hotmail to send and receive mail from your different email accounts. Find out how. <>


Reply via email to