[Dovecot] auth problem

Lampa lampacz at gmail.com
Tue Oct 17 14:19:01 UTC 2006


hello,

i new to list but i need little help.
I need only imap (later pop3),i have own checkpassword and own user/password
database.
i'm using last version v1.0.rc10

But i have problem with auth, user is authorized but cannot login, here is
log:

dovecot: Oct 17 15:00:36 Info: Dovecot v1.0.rc10 starting up
dovecot: Oct 17 15:00:40 Info: auth(default): client in: AUTH 1 PLAIN
service=IMAP lip=10.0.0.1 rip=10.0.0.13 resp=AG1kdgBza29sYTY2Ng==
dovecot: Oct 17 15:00:40 Info: auth(default): checkpassword(lampa,10.0.0.13):
Executed: /usr/local/checklocalpwd/checkpassword.pl
/usr/local/dovecot/bin/dovecot/checkpassword-reply
dovecot: Oct 17 15:00:40 Info: auth(default): checkpassword(lampa,10.0.0.13):
Received input: userdb_user=lampa userdb_home=/home/_mail/lampa
userdb_uid=65534 userdb_gid=65534
dovecot: Oct 17 15:00:40 Info: auth(default): checkpassword(lampa,10.0.0.13):
Received no input
dovecot: Oct 17 15:00:40 Info: auth(default): checkpassword(lampa,10.0.0.13):
exit_status=0
dovecot: Oct 17 15:00:40 Info: auth(default): client out: OK 1 user=lampa
dovecot: Oct 17 15:00:40 Info: auth(default): master in: REQUEST 1 17950 1
dovecot: Oct 17 15:00:40 Info: auth(default): master out: USER 1 lampa
user=lampa home=/home/_mail/lampa uid=65534 gid=65534
dovecot: Oct 17 15:00:40 Info: imap-login: Internal login failure:
user=<lampa>, method=PLAIN, rip=10.0.0.13, lip=10.0.0.1
dovecot: Oct 17 15:00:40 Error: Logins with UID 65534 (user lampa) not
permitted (see first_valid_uid in config file)

i think that problem is that uid and gid is set to user nobody instead 508
and 502 (user lampa , end of message is passwd file)

uid 65534 is user nobody (used in auth section in conf, if i set it to root
everyhting is ok)

this is my config:

base_dir = /var/run/dovecot/
protocols = imap
listen = 10.0.0.1
disable_plaintext_auth = no

log_path = /var/log/dovecot/dovecot.log
info_log_path = /var/log/dovecot/dovecot.info
log_timestamp = "%b %d %H:%M:%S "

ssl_disable = yes

login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot

mail_debug = yes
mail_log_prefix = "%Us(%u): "

verbose_proctitle = yes

first_valid_uid = 508
last_valid_uid = 508

first_valid_gid = 502
last_valid_gid = 502

protocol imap {
login_executable = /usr/local/dovecot/bin/imap-login
mail_executable = /usr/local/dovecot/bin/imap
}

auth_executable = /usr/local/dovecot/bin/dovecot-auth
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes

auth default {
mechanisms = plain
passdb checkpassword {
args = /usr/local/checklocalpwd/checkpassword.pl
}

userdb prefetch {
}

user = nobody
}

in file i must comment out chdir $home (program was unable to chdir) i think
due to chroot

/usr/local/checklocalpwd/checkpassword.pl:
#!/usr/bin/perl

use POSIX;
use strict qw(vars);

my $PASSWD_FILE = "/usr/local/qmail/control/passwd2";

%ENV=();

my($len, $buf);
open (USER, "<&=3") || _exit(2);
$len = read(USER, $buf, 512);
close USER;
_exit(2) if $len < 4;

my($user, $pass) = split /\x00/, $buf;
$user = lc $user;
$buf = "\x00" x $len;

my $cwd = getcwd;

my ($passwd, $uid, $gid, $gcos, $home, $shell) = "";

open F, $PASSWD_FILE || _exit(111);

while (<F>) {
if (/^$user:/) {
($user, $passwd, $uid, $gid, $gcos, $home, $shell) = split(/:/);
}
}

close F;

_exit(2) unless $uid;

if (crypt($pass, $passwd) ne $passwd) {
_exit(1);
}

$ENV{USER} = $user;
$ENV{UID} = $uid + 0;
$ENV{HOME} = $home;
$ENV{SHELL} = $shell;

_exit(111) unless $ENV{UID};

#chdir $home || _exit(111);

$) = $gid;
$( = $gid;
$> = $uid;
$< = $uid;

exec @ARGV;
_exit(0);

here is passwd/user file:
lampa:HSExFJNuwlKvk:508:502::/home/_mail/lampa:/bin/false
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://dovecot.org/pipermail/dovecot/attachments/20061017/f9ffda30/attachment.html 


More information about the dovecot mailing list