Greetings,
I'm trying to create a configuration that leaves every config file deployed
by
an install process or paket management software untouched. The goal is to put
every configuration required into /etc/dovecot/local.conf.
I've come quite far, but I fail to disable pam as passdb service in
local.conf. What I get if I run doveconf -n is this section:
passdb {
driver = pam
}
It is in there, because 10-auth.conf includes it:
!include auth-system.conf.ext
These actions are not an option at the moment:
- modify /etc/dovecot/conf.d/10-auth.conf and comment/remove the
!include-statement
- create an /etc/dovecot/dovecot.conf which would contain all options required
and would not include any other *.conf files
Reading http://wiki2.dovecot.org/ConfigFile I see ways to include external
files, but nothing to exclude a file in local.conf.
Knowing Timo I would expect there is a way to acchieve what I want. I just
don't seem to find it.
What am I missing?
Regards,
p at rick
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schlei?heimer Stra?e 26/MG,80333 M?nchen
Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer
Aufsichtsratsvorsitzender: Florian Kirstein
Sent from my iPhone> On Jun 20, 2016, at 3:03 PM, Patrick Ben Koetter <p at sys4.de> wrote: > > Greetings, > > I'm trying to create a configuration that leaves every config file deployed by > an install process or paket management software untouched. The goal is to put > every configuration required into /etc/dovecot/local.conf. > > I've come quite far, but I fail to disable pam as passdb service in > local.conf. What I get if I run doveconf -n is this section: > > passdb { > driver = pam > } > > It is in there, because 10-auth.conf includes it: > > !include auth-system.conf.ext > > > These actions are not an option at the moment: > > - modify /etc/dovecot/conf.d/10-auth.conf and comment/remove the > !include-statement > - create an /etc/dovecot/dovecot.conf which would contain all options required > and would not include any other *.conf files > > Reading http://wiki2.dovecot.org/ConfigFile I see ways to include external > files, but nothing to exclude a file in local.conf. > > Knowing Timo I would expect there is a way to acchieve what I want. I just > don't seem to find it. > > What am I missing? > > Regards, > > p at rick > > -- > [*] sys4 AG > > https://sys4.de, +49 (89) 30 90 46 64 > Schlei?heimer Stra?e 26/MG,80333 M?nchen > Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 > Vorstand: Patrick Ben Koetter, Marc Schiffbauer > Aufsichtsratsvorsitzender: Florian Kirstein >Is your goal to have "1" config file? If so get your system working how you want it then: doveconf -n > /etc/dovecot/config.test Start dovecot with this file.
* Edgar Pettijohn <edgar at pettijohn-web.com>:> Is your goal to have "1" config file?No, that would eliminate the ability to change distro settings via the regular package management. My goal is to add/remove what my service requires via the additional local.conf. p at rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG,80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
* Patrick Ben Koetter <p at sys4.de>:> Greetings, > > I'm trying to create a configuration that leaves every config file deployed by > an install process or paket management software untouched. The goal is to put > every configuration required into /etc/dovecot/local.conf. > > I've come quite far, but I fail to disable pam as passdb service in > local.conf. What I get if I run doveconf -n is this section: > > passdb { > driver = pam > }It seems that there is no way of saying something like: remove passdb Adding new passdb entries is no problem, but removing existing ones is hard. What is the actual problem? System accounts shouldn't be able to log-in? System accounts shouldn't be valid mailboxes? -- [*] sys4 AG http://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG, 80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 21 Jun 2016, Ralf Hildebrandt wrote:>> I'm trying to create a configuration that leaves every config file deployed by >> an install process or paket management software untouched. The goal is to put >> every configuration required into /etc/dovecot/local.conf. >> >> I've come quite far, but I fail to disable pam as passdb service in >> local.conf. What I get if I run doveconf -n is this section: >> >> passdb { >> driver = pam >> } > > It seems that there is no way of saying something like: > > remove passdb > > Adding new passdb entries is no problem, but removing existing ones is > hard.I thought passwd 1 { driver = none } would do the trick, but you get an error about that this passdb is already defined. passdb 0 { passdb 2 { is fine, because they do not already exist. - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBV2k483z1H7kL/d9rAQKAkQgApe4vem0lhSEcsgNK8W0jJjROC/z7N5Ij sNBdWolbzwP7I1cnNMP6cs7xHwneM7khmRh6PzNScHBoF6YpMkAb7MLWeXKpWLpN AafN9NOM6wBjr1Stzb4DzuztuKsFE806md96MgrSQKqfNKPNUDwlNpDW8yIRo07E kOi3CBRzur+ZVkUFXhtgtcejTpoo441WNUMbL9oFRatMv+lPVddLHMuNWINWoz2N kVtYdzN+hlTUHuI2wlWIs1J0YqiAVXbbsEHT8LExp9d30eMxbNiQDqX9hQlUSmax 2tTKPuiLZ8VRZytQcMfAHX0DmNfDga8/zvWrt9SRaLn5d9Qc4rGdPA==5tei -----END PGP SIGNATURE-----
On Mon, 20 Jun 2016 22:03:44 +0200 Patrick Ben Koetter <p at sys4.de> wrote:> Greetings, > > I'm trying to create a configuration that leaves every config file > deployed by an install process or paket management software > untouched. The goal is to put every configuration required > into /etc/dovecot/local.conf. > > I've come quite far, but I fail to disable pam as passdb service in > local.conf. What I get if I run doveconf -n is this section: > > passdb { > driver = pam > } > > It is in there, because 10-auth.conf includes it: > > !include auth-system.conf.ext > > > These actions are not an option at the moment: > > - modify /etc/dovecot/conf.d/10-auth.conf and comment/remove the > !include-statement > - create an /etc/dovecot/dovecot.conf which would contain all options > required and would not include any other *.conf files > > Reading http://wiki2.dovecot.org/ConfigFile I see ways to include > external files, but nothing to exclude a file in local.conf. > > Knowing Timo I would expect there is a way to acchieve what I want. I > just don't seem to find it. > > What am I missing?That 10-auth.conf is actually meant to be edited. most distros should have configuration file handling pretty much figured out by now. so none of your changes to those files should get lost. also configuration management comes to mind. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
* Marcus Rueckert <darix at nordisch.org>:> > What am I missing? > > That 10-auth.conf is actually meant to be edited. most distros should > have configuration file handling pretty much figured out by now. so > none of your changes to those files should get lost. also configuration > management comes to mind.As I repeatedly said none of those actions are an option in this project. I think we better stop this thread. p at rick -- [*] sys4 AG https://sys4.de, +49 (89) 30 90 46 64 Schlei?heimer Stra?e 26/MG,80333 M?nchen Sitz der Gesellschaft: M?nchen, Amtsgericht M?nchen: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
Am 2016-06-21 um 13:51 schrieb Ralf Hildebrandt:> * Patrick Ben Koetter <p at sys4.de>: >> Greetings, >> >> I'm trying to create a configuration that leaves every config file deployed by >> an install process or paket management software untouched. The goal is to put >> every configuration required into /etc/dovecot/local.conf. >> >> I've come quite far, but I fail to disable pam as passdb service in >> local.conf. What I get if I run doveconf -n is this section: >> >> passdb { >> driver = pam >> } > > > What is the actual problem? System accounts shouldn't be able to > log-in? System accounts shouldn't be valid mailboxes? >Use case: virtual accounts in "passdb { driver = passwd-file ?" The initial pam driver will make each logon have to wait for pam to timeout first which adds a considerable delay in the process -- peter