[Dovecot] Master user doesn't work with 'pass=yes'

Ron Avriel ravriel_1 at yahoo.com
Mon Feb 25 15:02:40 EET 2008


Hi,

It seems that master user login does not work with the 'pass=yes' option
as recommended and documented.

I defined a master user passdb as documented. In addition, I have a passdb sql.
If 'pass=yes' is defined then it seems that dovecot recognizes the master login, 
verifies the master password but then attempts to verify the ***master*** 
password again with the ***user*** password (?) and fails.

If 'pass=yes' is not defined then master login works OK, but if the
user does not exist I get a "* BYE Internal login failure. Refer to 
server log for more information." instead of the usual "NO Authentication failed.".

In addition, I'd like to check the SQL users before the master user, because
most logins will be done by SQL users. If I place master passdb after
passdb SQL then dovecot fails to start with "Last passdb can't have pass=yes".

How can I use master password and "pass=yes"?

I'm using dovecot 1.0.10.
This is the configuration that fails master login:

dovecot.conf:
auth_master_user_separator=*
auth default {
        passdb passwd-file {
                args = /usr/local/etc/passwd.masterusers
                master = yes
                pass = yes
        }
        passdb sql {
                args = /usr/local/etc/dovecot-sql.conf
        }
        userdb prefetch {
        }
        userdb sql {
                args = /usr/local/etc/dovecot-sql.conf
        }
}

passwd.masterusers:
master:{SHA}aFAMsNWXTaL5dwGZWeeOhWhlTZA=

(password is 'masterpass')

log file:
Feb 18 17:44:27 ha-test1 dovecot: auth(default): client in: AUTH    1    PLAIN    service=IMAP    secured    lip=127.0.0.1    rip=127.0.0.1    resp=AHVzZXIxQGV4YW1wbGUub3JnKm1hc3RlcgBtYXN0ZXJwYXNz
Feb 18 17:44:27 ha-test1 dovecot: auth(default): passwd-file(master,127.0.0.1,master): lookup: user=master file=/usr/local/etc/passwd.masterusers
Feb 18 17:44:27 ha-test1 dovecot: auth(default): passdb(master,127.0.0.1,master): Master user logging in as user1 at example.org
Feb 18 17:44:27 ha-test1 dovecot: auth-worker(default): sql(user1 at example.org,127.0.0.1): query: SELECT username as user, password, maildir as userdb_home, concat('maildir:', maildir) as userdb_mail, 150 as userdb_uid, 12 as userdb_gid, concat('maildir:storage=', quota) AS userdb_quota FROM mailbox WHERE username = 'user1 at example.org' AND active = '1'
Feb 18 17:44:27 ha-test1 dovecot: auth-worker(default): sql(user1 at example.org,127.0.0.1): Password mismatch

***** Here 'masterpass' is compared to the **USER** password hash (?) *******************

Feb 18 17:44:27 ha-test1 dovecot: auth-worker(default): sql(user1 at example.org,127.0.0.1): PLAIN-MD5(masterpass) != '81dc9bdb52d04dc20036dbd8313ed055'

Feb 18 17:44:28 ha-test1 dovecot: auth(default): client out: FAIL    1    user=user1 at example.org

Thanks,
Ron





      ____________________________________________________________________________________
Never miss a thing.  Make Yahoo your home page. 
http://www.yahoo.com/r/hs



More information about the dovecot mailing list