[Dovecot] Feature Request - Authentication Scheme - Linuxconf

Marc Perkel marc at perkel.com
Sun Jul 17 02:28:34 EEST 2005



Dominic Marks wrote:

>On Saturday 16 July 2005 23:59, Marc Perkel wrote:
>  
>
>>This would make my life a lot easier in migrating to Dovecot. And it
>>should be really easy to implement. Here's how linuxconf does it:
>>
>>Password files are placed in the /etc/vmail directory as follows:
>>
>>/etc/vmail/passwd.domain1
>>/etc/vmail/shadow.domain1
>>/etc/vmail/passwd.domain2
>>/etc/vmail/shadow.domain2
>>
>>The password and shadow files are exactly the same format as the
>>/etc/password and /etc/shadow files. The user name within the files
>>would be the %n part of the email address passed to authenticate
>>with.
>>
>>Basically the password file names are /etc/vmail/passwd.%d with the
>>user withing the file being %n.
>>
>>marc:x:40000:12:Marc Perkel:/vhome/perkel.com/home/marc:/bin/false
>>test:x:40001:12::/vhome/perkel.com/home/test:/bin/false
>>dd:x:40002:12:Atia:/vhome/perkel.com/home/dd:/bin/false
>>test2:x:40003:12::/vhome/perkel.com/home/test2:/bin/false
>>
>>It also makes merging several servers with separate passwd/shadow
>>files into one virtual system because all you have to do is copy
>>their existing passwd/shadow files into the /etc/vmail directory and
>>rename them with the domain at the end.
>>
>>So - wouldn't that be easy to add? Sure would make migrating easy for
>>me.
>>    
>>
>
>Not commenting on the idea, but:
>
>From the Dovecot Wiki: http://wiki.dovecot.org/moin.cgi/Authentication
>
>"Dovecot 1.0-tests support defining multiple password databases, so that 
>if password doesn't match in the first database, it checks the next 
>one. This can be useful if you want to easily support having both local 
>system users in /etc/passwd but also virtual users..."
>
>Using this you could implement what you describe, with one small 
>exception that usernames would have to be renamed in your passwd
>files to their appropriate user at domain form. I think that it is
>good practice to name your users with the complete name in the passwd
>file.
>
>Cheers,
>  
>
Yes - I'm trying to avoid migration to a new format because I have an 
interface that mamages the passwd/shadow method that I'm using now. I 
would have to run a conversion script one a minute if I changed it to 
something else. And I have about 200 of these virtual domain files.

It's actually a pretty good system and I believe it would be trivial to 
make Dovecot compatible with it. If I migrate I would have to merge 
these 200 files into one big file and that might be slow and ungle, 
unless I went to MySQL perhaps. I was experimenting with that and 
couldn't get it to work.

-- 
Marc Perkel - marc at perkel.com

Spam Filter: http://www.junkemailfilter.com
    My Blog: http://marc.perkel.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://dovecot.org/pipermail/dovecot/attachments/20050716/e31f8561/attachment.html


More information about the dovecot mailing list