[dovecot-cvs] dovecot dovecot-example.conf,1.71,1.72
cras at procontrol.fi
cras at procontrol.fi
Fri Aug 22 08:42:15 EEST 2003
Update of /home/cvs/dovecot
In directory danu:/tmp/cvs-serv14622
Modified Files:
dovecot-example.conf
Log Message:
We now support checking the password against all defined auth processes and
use the one that matches.
Index: dovecot-example.conf
===================================================================
RCS file: /home/cvs/dovecot/dovecot-example.conf,v
retrieving revision 1.71
retrieving revision 1.72
diff -u -d -r1.71 -r1.72
--- dovecot-example.conf 18 Aug 2003 03:32:19 -0000 1.71
+++ dovecot-example.conf 22 Aug 2003 04:42:13 -0000 1.72
@@ -337,15 +337,11 @@
## Authentication processes
##
-# You can have multiple processes; each time "auth = xx" is seen, a new
-# process definition is started. The point of multiple processes is to be
-# able to set stricter permissions to others. For example, plain/PAM
-# authentication requires roots, but if you also use digest-md5 authentication
-# for some users, you can authenticate them without any privileges in a
-# separate auth process. Just remember that only one auth process is asked
-# for the password, so you can't have different passwords with different
-# processes (unless they have different auth mechanisms, and you're ok with
-# having different password for each mechanism).
+# You can have multiple authentication processes. With plaintext authentication
+# the password is checked against each process, the first one which succeeds is
+# used. This is useful if you want to allow both system users (/etc/passwd)
+# and virtual users to login without duplicating the system users into virtual
+# database.
# Executable location
#auth_executable = /usr/libexec/dovecot/dovecot-auth
@@ -379,7 +375,7 @@
auth default {
# Space separated list of wanted authentication mechanisms:
# plain digest-md5 anonymous
- auth_mechanisms = plain
+ mechanisms = plain
# Where user database is kept:
# passwd: /etc/passwd or similiar, using getpwnam()
@@ -388,7 +384,7 @@
# vpopmail: vpopmail library
# ldap <config path>: LDAP, see doc/dovecot-ldap.conf
# pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
- auth_userdb = passwd
+ userdb = passwd
# Where password database is kept:
# passwd: /etc/passwd or similiar, using getpwnam()
@@ -398,34 +394,44 @@
# vpopmail: vpopmail authentication
# ldap <config path>: LDAP, see doc/dovecot-ldap.conf
# pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf
- auth_passdb = pam
+ passdb = pam
# User to use for the process. This user needs access to only user and
# password databases, nothing else. Only shadow and pam authentication
# requires roots, so use something else if possible. Note that passwd
# authentication with BSDs internally accesses shadow files, which also
# requires roots.
- auth_user = root
+ user = root
# Directory where to chroot the process. Most authentication backends don't
# work if this is set, and there's no point chrooting if auth_user is root.
- #auth_chroot =
+ #chroot =
# Number of authentication processes to create
- #auth_count = 1
+ #count = 1
}
-# digest-md5 authentication process. It requires special MD5 passwords which
-# /etc/shadow and PAM doesn't support, so we never need roots to handle it.
-# Note that the passwd-file is opened before chrooting and dropping root
-# privileges, so it may be 0600-root owned file.
+# PAM doesn't provide a way to get uid, gid or home directory. If you don't
+# want to use a separate user database (passwd usually), you can use static
+# userdb.
-#auth digest_md5 {
-# auth_mechanisms = digest-md5
-# auth_userdb = passwd-file /etc/passwd.imap
-# auth_passdb = passwd-file /etc/passwd.imap
-# auth_user = imapauth
+#auth onlypam {
+# mechanisms = plain
+# userdb = static uid=500 gid=500 home=/var/mail/%u
+# passdb = pam
+# user = dovecot-auth
#}
-# if you plan to use only passwd-file, you don't need the two auth processes,
-# simply set "auth_mechanisms = plain digest-md5"
+#auth ldap {
+# mechanisms = plain
+# userdb = ldap /etc/dovecot-ldap.conf
+# passdb = ldap /etc/dovecot-ldap.conf
+# user = dovecot-auth
+#}
+
+#auth virtualfile {
+# mechanisms = plain digest-md5
+# userdb = passwd-file /etc/passwd.imap
+# passdb = passwd-file /etc/passwd.imap
+# user = dovecot-auth
+#}
More information about the dovecot-cvs
mailing list