[Dovecot] Maildir owner importance

Timo Sirainen tss at iki.fi
Wed Dec 29 21:15:27 EET 2004


On 29.12.2004, at 20:53, Peter Clark wrote:

> On Wednesday 29 December 2004 14:06, Timo Sirainen wrote:
>> If you want to use 5000 UID, just make sure the userdb returns 5000 as
>> UID.
>     I'm using LDAP for authentification, so /etc/dovecot-ldap.conf has 
> this:
> user_global_uid = 5000
> user_global_gid = 5000
>     This is what you're referring to, right?

Either that, or return uid and gid fields from LDAP. But if they're the 
same, it doesn't matter.

>> And there was talk about auth_user in this thread too. The most
>> important thing with it is that it must not be the same as login_user
>> (1.0-tests enforce this check). Other than that, it's better to be the
>> least privileged user that has access to passdb and userdb, but just
>> using root isn't that bad either.
>     I didn't know that login_user and auth_user needed to be separate. 
> I've
> been using dovecot for both. But does this matter, since I'm using 
> LDAP, and
> the "dovecot" user for LDAP technically exists only in the LDAP 
> database, and
> is separate from the "dovecot" system user. So if I understand things
> correctly, they are technically two separate entities, just with the 
> same
> name. Right?

If there is a dovecot user in LDAP it's not used for anything (except 
if it has password you could log in as dovecot to read its mails). 
auth_user and login_user both refer to system users.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20041229/60163933/attachment-0001.bin>


More information about the dovecot mailing list