[Dovecot] 2.0.5 masteruser problem with uncached users
Ralf Hildebrandt
Ralf.Hildebrandt at charite.de
Thu Oct 14 17:51:51 EEST 2010
* Timo Sirainen <tss at iki.fi>:
> On Fri, 2010-10-08 at 15:38 +0200, Ralf Hildebrandt wrote:
>
> > # fuer user*masteruser logins
> > passdb {
> > args = /usr/dovecot-2/etc/dovecot/dovecot.masteruser
> > driver = passwd-file
> > master = yes
> > pass = yes
>
> You can't use pass=yes with passdb pam. From wiki:
Ah. I fixed it by using
passdb shadow :)
as well
> "You should also add the pass=yes setting to the master passdb if
> possible. It means that Dovecot verifies that the login user really
> exists before allowing the master user to log in. Without the setting if
> a nonexistent login username is given, depending on the configuration,
> it could either return an internal login error (the userdb lookup
> failed) or create a whole new user (with eg. static userdb). pass=yes
> doesn't work with PAM or LDAP with auth_bind=yes, because both of them
> require knowing the user's password."
>
> But .. yeah, maybe a fallback should be to do a userdb lookup instead.
> Or change it to a pass=yes|no|userdb setting.
--
Ralf Hildebrandt
Geschäftsbereich IT | Abteilung Netzwerk
Charité - Universitätsmedizin Berlin
Campus Benjamin Franklin
Hindenburgdamm 30 | D-12203 Berlin
Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
ralf.hildebrandt at charite.de | http://www.charite.de
More information about the dovecot
mailing list