Hi, Trying to simplify the postfix/dovecot/saslauthd setup with less than 10 users, I was looking for some way to NOT duplicate the username/password setup. Currently I need to use a seperate file for dovecot as I do for saslauthd. (One is a simple shadow-alike file, the other the sasldb) I know that postfix 2.3 can use dovecot directly for sasl authentication, and that would be a neat solution, but we're stuck with postfix 2.2. I was wondering if anyone ever succeeded in making dovecot use saslauthd for authentication so that saslauthd becomes the authoritative source for password authentication for virtual users. (both for smtp auth as pop3/imap) My other idea to simplify was using something like pam_unix, but modified to use a seperate file (not /etc/shadow) and use pam in both dovecot and saslauthd. But I can't find something like that, pam_unix is fixed, and pam_userdb is something I'd like to avoid. Any ideas ? Thanks in advance, -- dag wieers, dag at wieers.com, http://dag.wieers.com/ -- [all I want is a warm bed and a kind word and unlimited power]
Dag Wieers wrote:> Trying to simplify the postfix/dovecot/saslauthd setup with less than 10 > users, I was looking for some way to NOT duplicate the username/password > setup.[...]> My other idea to simplify was using something like pam_unix, but modified > to use a seperate file (not /etc/shadow) and use pam in both dovecot and > saslauthd. But I can't find something like that, pam_unix is fixed, and > pam_userdb is something I'd like to avoid.Why don't you just use pam_unix? Cheers, -jkt -- cd /local/pub && more beer > /dev/mouth -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 252 bytes Desc: OpenPGP digital signature URL: <http://dovecot.org/pipermail/dovecot/attachments/20060916/b3323829/attachment.bin>
On Sat, 16 Sep 2006, Jan Kundr?t wrote:> Dag Wieers wrote: > > Trying to simplify the postfix/dovecot/saslauthd setup with less than 10 > > users, I was looking for some way to NOT duplicate the username/password > > setup. > [...] > > My other idea to simplify was using something like pam_unix, but modified > > to use a seperate file (not /etc/shadow) and use pam in both dovecot and > > saslauthd. But I can't find something like that, pam_unix is fixed, and > > pam_userdb is something I'd like to avoid. > > Why don't you just use pam_unix?These are virtual users. But I found a workaround, apparently authsasld is able to authenticate against dovecot IMAP using 'rimap' authentication mechanism. Sadly this means I have to enable PLAIN IMAP password authentication in dovecot. But at least it means I can get rid of the sasldb database that had the same user/pass information that was in my dovecot passwd file. Now the only redundant information is in postfix's virtual user file and in the dovecot virtual user file. For defining new user this means I have 3 files to edit (dovecot userdb en passdb, and postfix virtual mailbox map) instead of 4 (sasldb). Kind regards, -- dag wieers, dag at wieers.com, http://dag.wieers.com/ -- [all I want is a warm bed and a kind word and unlimited power]
On Saturday 16 September 2006 08:56, Dag Wieers wrote:> I know that postfix 2.3 can use dovecot directly for sasl > authentication, and that would be a neat solution, but we're stuck > with postfix 2.2.You, of all people, stuck?!?! How could that be? I used several of your RPMs (thanks!) to improve a RHEL4 machine. You didn't have a Postfix 2.3 RPM, but I got the SRPM from Simon Mudd. There was simply no way I would accept an artificial limit on software versions, doing things the hard way, when Wietse and Timo have already solved those problems. Postfix 2.3 on RHEL4 is working nicely with Dovecot SASL. -- Offlist mail to this address is discarded unless "/dev/rob0" or "not-spam" is in Subject: header