On Mon, 2007-02-05 at 12:39 -0800, Tom Bombadil wrote:> We are thinking about using the master DB, so a few admins can
> impersonate an ordinary user.
I was trying to do the same thing. Not for impersonation :) but for
migration to another IMAP server (Zimbra).
The docs are here http://wiki.dovecot.org/MasterPassword
It works inconsistently for me for some reason. Sometimes dovecot
recognized the auth_master_user_separator delimiter and sometimes it
doesn't.
dovecot-1.0-0.beta8.3.fc5 did not
Jan 26 18:57:01 mail dovecot: auth(default):
passdb(zimbra,::ffff:169.237.222.333,master): Master user logging in as
dlbewley*zimbra
Jan 26 18:57:01 mail dovecot: auth(default): client out: OK 1
user=dlbewley*zimbra
Jan 26 18:57:01 mail dovecot: auth(default): master in: REQUEST 146 19330
1
Jan 26 18:57:01 mail dovecot: auth(default):
passwd(dlbewley*zimbra,::ffff:169.237.222.333): unknown user
Jan 26 18:57:01 mail dovecot: auth(default):
userdb(dlbewley*zimbra,::ffff:169.237.222.333): user not found from userdb
Jan 26 18:57:01 mail dovecot: auth(default): master out: NOTFOUND 146
Jan 26 18:57:01 mail dovecot: imap-login: Internal login failure:
user=<dlbewley*zimbra>, method=PLAIN, rip=::ffff:169.237.222.333,
lip=::ffff:169.237.222.111, TLS
dovecot-1.0-1.1.rc15 on FC5 did work
Jan 26 21:27:37 mail dovecot: auth(default):
passdb(zimbra,::ffff:169.237.111.111,master): Master user logging in as dlbewley
Jan 26 21:27:37 mail dovecot: auth(default): client out: OK 1 user=dlbewley
Jan 26 21:27:37 mail dovecot: auth(default): master in: REQUEST 8 28380 1
Jan 26 21:27:37 mail dovecot: auth(default): master out: USER 8 dlbewley
system_user=dlbewley uid=500 gid=500 home=/home/dlbewley master_user=zimbra
Jan 26 21:27:37 mail dovecot: imap-login: Login: user=<dlbewley>,
method=PLAIN, rip=::ffff:169.237.111.111, lip=::ffff:169.237.222.111
But then it stopped working in rc15.
Feb 5 12:52:38 mail dovecot: auth(default):
userdb(dlbewley*zimbra,::ffff:169.237.222.111): user not found from userdb
Feb 5 12:52:38 mail dovecot: imap-login: Internal login failure:
user=<dlbewley*zimbra>, method=PLAIN, rip=::ffff:169.237.111.111,
lip=::ffff:169.237.222.111, TLS
Here's my config:
I tried various changes to auth_username_chars like adding * or blanking
it out and using different characters for auth_master_user_separator.
protocols = imap imaps pop3 pop3s
ssl_cert_file = /usr/share/ssl/certs/mail.cert
ssl_key_file = /usr/share/ssl/private/mail.key
disable_plaintext_auth = no
login_process_per_connection = no
login_processes_count = 10
max_mail_processes = 2048
protocol imap {
}
protocol pop3 {
}
auth_username_chars auth_master_user_separator = *
auth default {
mechanisms = plain
passdb passwd-file {
args = /etc/dovecot/dovecot.masterusers
master = yes
pass = no
}
passdb pam {
}
userdb passwd {
}
user = root
}
plugin {
}
--
Dale Bewley - Unix Administrator - Shields Library - UC Davis
GPG: 0xB098A0F3 0D5A 9AEB 43F4 F84C 7EFD 1753 064D 2583 B098 A0F3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20070205/aacf18c9/attachment.bin>