Mauricio Tavares
2011-Jan-23 16:56 UTC
[Dovecot] PAM problem with virtual domain/user ownership
I am running dovecot 1.2.9 (ubuntu package, not from source) and wanted
to use pam to authenticate my mail users who have no local accounts.
I've done that before in an earlier release of dovecot and ubuntu, so I
would not need to do set dovecot to ask LDAP directly.
So, I have in dovecot.conf:
# Authentication processes
mechanisms = plain login
passdb pam {
args = "*"
}
userdb static {
args = allow_all_users uid=virtual gid=virtual
home=/var/spool/vmail/domain.com/%n
}
i.e. /var/spool/vmail/domain.com/ is owned by virtual:virtual,
drwxr-x--- 4 virtual virtual 4.0K 2011-01-23 11:45 domain.com
and that is how I would hope dovecot would be trying to login as. When I
tried to login as user raub, the log file seems to tell me that it is
trying to create /var/spool/vmail/domain.com/raub/cur as raub:users, not
as virtual:virtual
Jan 22 06:35:02 mail dovecot: imap-login: Login: user=<raub>,
method=PLAIN, rip=216.155.101.90, lip=216.155.101.94, TLS
Jan 22 06:35:02 mail dovecot: IMAP(raub):
mkdir(/var/spool/vmail/domain.com/raub/cur) failed: Permission denied
(euid=5016(raub) egid=100(users) missing +w perm:
/var/spool/vmail/domain.com)
What am I missing here?
Timo Sirainen
2011-Jan-24 22:26 UTC
[Dovecot] PAM problem with virtual domain/user ownership
On 23.1.2011, at 18.56, Mauricio Tavares wrote:> So, I have in dovecot.conf:Show dovecot -n output instead of copy & pasting.> userdb static { > args = allow_all_users uid=virtual gid=virtual home=/var/spool/vmail/domain.com/%n > }My guess is that you have userdb passwd enabled and this isn't being actually used.