Hi, each user exists in one db. I changed configuration: # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) auth_debug = yes debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { driver = passwd skip = authenticated } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = </conf/etc/cert/private/services/imap_pop/majornet.key userdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota } File /var/etc/dovecot/dovecot-ldap.conf.ext is: hosts = localhost base = ou=mnusers,dc=majornet,dc=local user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes} But when I run: doveadm -D quota get -u afasystems No extra field is returned: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth input: afasystems system_groups_user=afasystems uid=1040 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Effective uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir argsdoveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: root=User quota bytes=524288 (10%) doveadm(afasystems): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir doveadm(afasystems): Debug: maildir++: root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, inbox=/data/home/afasystems/.maildir, altdoveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=public, prefix=Public/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no location=maildir:/data/home/vmail/public doveadm(afasystems): Debug: maildir++: root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=, altdoveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, altdoveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl Quota name Type Value Limit % User quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0 Where I am wrong? Thank you very much Il 20/07/2017 11:30, Steffen Kaiser ha scritto:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On Thu, 20 Jul 2017, Michele Petrella wrote: > >> To be more accurate, all users in ldap db need to use mail, but some >> users in /etc/passwd file use mail too. > > Does users exist in both passwd and ldap? > >> For this reason I set up "driver=passwd" in userdb section and in >> /etc/nsswitch.conf I set up "passwd: files ldap". > > If you did this for Dovecot, revert it. > >> Now I want to use dovecot per user quota to limit ldap users mailbox >> size. I need quota only for ldap users, no need for users in >> /etc/passwd file. >> >> Which is the correct configuration to do this? > > use two databases for both passdb and userdb. One using pam / passwd, > the other one the standard LDAP config. > > see: https://wiki2.dovecot.org/Authentication/MultipleDatabases > > Use LDAP instead of SQL userdb and passdb. > > I guess, you will find posts in the sense "virtual and system users". > > If there is no user in both databases, the order does not matter > (except for speed); otherwise: > > each database is tried in order of definition until a successful hit > was found. > > You can order the passdb's and userdb's differently, e.g. if > passwd-passdb is first and the user's password match, and the > ldap-userdb is first and you get a hit there, the user authentificates > against passwd, but its data is retrieved from LDAP. > See comment in page: "look up users from SQL first (even if > authentication was done using PAM!)" > >> I understand that I need to use extra fields to obtain user quota >> from users db. But you said "the userdb section cannot merge two >> databases together". So > > You cannot merge, but use one-after-another. > >> I can not use dovecot per user quota with "driver=passwd" in userdb >> section? I could use only global quota? > > >> P.S. >> 1) I use dovecot-lda as delivery agent. >> >> 2) I send again my dovecot configuration: >> >> # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf >> # Pigeonhole version 0.4.18 (29cc74d) >> # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) >> debug_log_path = /var/log/dovecot/dovecot_debug.log >> disable_plaintext_auth = no >> info_log_path = /var/log/state.mail/dovecot.pipe >> log_path = /var/log/dovecot/dovecot.log >> mail_debug = yes >> mail_gid = users >> mail_location = maildir:~/.maildir >> mail_plugins = acl quota >> mail_shared_explicit_inbox = yes >> mail_uid = vmail >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date index ihave duplicate mime foreverypart >> extracttext >> namespace { >> list = yes >> location = maildir:/data/home/vmail/public >> prefix = Public/ >> separator = / >> subscriptions = no >> type = public >> } >> namespace { >> list = children >> location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u >> prefix = Shared/%%u/ >> separator = / >> subscriptions = no >> type = shared >> } >> namespace inbox { >> inbox = yes >> list = yes >> location >> mailbox Cestino { >> special_use = \Trash >> } >> mailbox Drafts { >> special_use = \Drafts >> } >> mailbox Junk { >> special_use = \Junk >> } >> mailbox "Posta inviata" { >> special_use = \Sent >> } >> mailbox Sent { >> special_use = \Sent >> } >> mailbox "Sent Messages" { >> special_use = \Sent >> } >> mailbox Trash { >> special_use = \Trash >> } >> prefix >> separator = / >> subscriptions = yes >> type = private >> } >> passdb { >> args = /etc/dovecot/passwd.masterusers >> driver = passwd-file >> master = yes >> } >> passdb { >> driver = pam >> } >> plugin { >> acl = vfile:/etc/dovecot/acl:cache_secs=300 >> acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes >> quota = maildir:User quota >> quota_rule = *:storage=5M >> quota_rule2 = Trash:storage=+100M >> quota_rule3 = SPAM:ignore >> sieve = ~/.dovecot.sieve >> sieve_before = /var/etc/dovecot/sieve/general/ >> sieve_dir = ~/sieve >> sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute >> sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter >> sieve_global_dir = /var/etc/dovecot/sieve/global/ >> sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter >> +vnd.dovecot.pipe +editheader >> sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe >> sieve_plugins = sieve_extprograms >> } >> protocols = imap pop3 lmtp sieve >> service auth { >> unix_listener auth-userdb { >> group = users >> } >> } >> service imap-postlogin { >> executable = script-login /usr/local/bin/imap-postlogin.sh >> user = $default_internal_user >> } >> service imap { >> executable = imap imap-postlogin >> } >> ssl = no >> ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt >> ssl_key = # hidden, use -P to show it >> userdb { >> driver = passwd >> } >> protocol lda { >> info_log_path = /var/log/dovecot/dovecot-lda.log >> log_path = /var/log/dovecot/dovecot-lda.log >> mail_plugins = acl quota sieve >> } >> protocol imap { >> mail_max_userip_connections = 20 >> mail_plugins = acl quota imap_acl imap_quota >> } >> >> >>>> userdb { >>>> default_fields = quota_rule=*:bytes=%$ >>>> driver = passwd >>>> } >>> >>>> I have problems in return extra fields from passwd userdb. My users >>>> are partially in passwd files and partially in LDAP. Users who use >>>> mail are in LDAP db. >>> >>>> If I use "default_fields = quota_rule=*:bytes=100M" in userdb, >>> >>>> if I use "default_fields = quota_rule=*:bytes=%{userdb:quotabytes}" >>>> in userdb, >>> >>> 1) default_fields supplies default values, if the userdb does not >>> return them. Hence, you cannot reference a LDAP result. >>> >>> 2) the userdb section cannot merge two databases together. You said >>> "Users who use mail are in LDAP db", so you would one userdb with >>> driver ldap. >> >> > > > - -- > Steffen Kaiser > > H Bonn-Rhein-Sieg | e-mail: Steffen.Kaiser at H-BRS.DE > FB Informatik | room : C179 > Grantham-Allee 20 | phone : +49 2241/865-203 > 53757 Sankt Augustin | > Germany - Deutschland | fax : +49 2241/865-8203 > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQEVAwUBWXB4Q3Q8rp7BXVwTAQLBtgf/UeNwRnHz4y+5r71+Ni9oL1snzikq08rO > zr9v+7kc6XZjPjATEcbrdnp6F+zPgiTtEye2k/1aQhjDdAxzAWKGOATeAfA7AJfw > 5bbmtfzOm7flkpfiiM2zBBbcwAPemLcdzMl6NAm3pg32oCnF93IkKPou/y7xjmdw > UAi4SxPaPQjUGqbkK6r3SFmDMPlUPAjQg2rqHBsc3gedJXy+milEKfwUiQhMtL7j > aflHATo4gwwMDwyu6+zAYzJDTa+g9IQ8LzKEOPZWtNL6eQcI+h8TVrdcZftObZUK > QETOnpN3IbFdIOfdrOlZ4Npe4BNby+dUGNViBP21ZNs9/nH0nvirOw=> =yLbr > -----END PGP SIGNATURE------- AFA Systems Srl Via G.Pastore Zona Industriale B 86039 Termoli (CB) - Italia tel.: +39 0875 724104 fax.: +39 0875 726084 www.afasystems.it
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Michele Petrella wrote:> Hi, > > each user exists in one db. > > I changed configuration: > > # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole > version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE > Linux 7.1 (i386) auth_debug = yes debug_log_path = > /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no > info_log_path = /var/log/state.mail/dovecot.pipe log_path = > /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users > mail_location = maildir:~/.maildir mail_plugins = acl quota > mail_shared_explicit_inbox = yes mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave duplicate namespace { list = yes > location = maildir:/data/home/vmail/public prefix = Public/ > separator = / subscriptions = no type = public } namespace { list > children location = > maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix > = Shared/%%u/ separator = / subscriptions = no type = shared } > namespace inbox { inbox = yes list = yes location = mailbox > Cestino { special_use = \Trash } mailbox Drafts { special_use > \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta > inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent > } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { > special_use = \Trash } prefix = separator = / subscriptions = yes > type = private } passdb { args = /etc/dovecot/passwd.masterusers > driver = passwd-file master = yes } passdb { args = > /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { > driver = passwd skip = authenticated } plugin { acl = > vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = > file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User > quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M > quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = > /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve > sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute > sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter > sieve_global_dir = /var/etc/dovecot/sieve/global/ > sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter > +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = > /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms > } protocols = imap pop3 lmtp sieve service auth { unix_listener > auth-userdb { group = users } } service imap-postlogin { executable > = script-login /usr/local/bin/imap-postlogin.sh user > $default_internal_user } service imap { executable = imap > imap-postlogin } ssl_cert = > </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = > </conf/etc/cert/private/services/imap_pop/majornet.key userdb { > args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } > userdb { driver = passwd } protocol lda { info_log_path = > /var/log/dovecot/dovecot-lda.log log_path = > /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } > protocol imap { mail_max_userip_connections = 20 mail_plugins > acl quota imap_acl imap_quota } > > > File /var/etc/dovecot/dovecot-ldap.conf.ext is: > > hosts = localhost base = ou=mnusers,dc=majornet,dc=local > user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes} > > > But when I run: doveadm -D quota get -u afasystemsWell, first try this: doveadm user afasystems All extra fields should be displayed (quotaByte only in your example). Then verify that this user has quotaBytes at all ldapsearch -B ou=mnusers,dc=majornet,dc=local user=afasystems quotaBytes Then look here: https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb user_attrs = \ =home=%{ldap:homeDirectory}, \ =uid=%{ldap:uidNumber}, \ =gid=%{ldap:gidNumber} all mappings using %{ldap:...} have a "=" prefixed before the settings name Then re-try doveadm user ....> > No extra field is returned: doveadm(root): Debug: Loading modules > from directory: /usr/lib/dovecot doveadm(root): Debug: Module > loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug: > Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so > doveadm(root): Debug: Loading modules from directory: > /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so > doveadm(root): Debug: Skipping module doveadm_expire_plugin, > because dlopen() failed: > /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined > symbol: expire_set_deinit (this is usually intentional, so just > ignore this message) doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so > doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so > doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, > because dlopen() failed: > /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: > undefined symbol: lucene_index_iter_deinit (this is usually > intentional, so just ignore this message) doveadm(root): Debug: > Skipping module doveadm_fts_plugin, because dlopen() failed: > /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined > symbol: fts_backend_rescan (this is usually intentional, so just > ignore this message) doveadm(afasystems): Debug: auth input: > afasystems system_groups_user=afasystems uid=1040 gid=100 > home=/data/home/afasystems doveadm(afasystems): Debug: Effective > uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems): > Debug: Quota root: name=User quota backend=maildir args= > doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* > bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule: > root=User quota mailbox=Trash bytes=+104857600 messages=0 > doveadm(afasystems): Debug: Quota rule: root=User quota > mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: > root=User quota bytes=524288 (10%) doveadm(afasystems): Debug: > Namespace inbox: type=private, prefix=, sep=/, inbox=yes, > hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir > doveadm(afasystems): Debug: maildir++: > root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, > inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems): > Debug: acl: initializing backend with data: > vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: > acl: acl username = afasystems doveadm(afasystems): Debug: acl: > owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy > directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace > : type=public, prefix=Public/, sep=/, inbox=no, hidden=no, > list=yes, subscriptions=no location=maildir:/data/home/vmail/public > doveadm(afasystems): Debug: maildir++: > root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=, > alt= doveadm(afasystems): Debug: acl: initializing backend with > data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): > Debug: acl: acl username = afasystems doveadm(afasystems): Debug: > acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL > legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: > Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, > hidden=no, list=children, subscriptions=no > location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u > doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=, > indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: > acl: initializing backend with data: > vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: > acl: acl username = afasystems doveadm(afasystems): Debug: acl: > owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy > directory: /etc/dovecot/acl Quota name Type Value Limit % User > quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0 > > > Where I am wrong? >-----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJZcmQXAAoJEHz1H7kL/d9rnhEH/RKIc+TodFZsoxSPg/j6nuzf YWNamXhjS0O76g5ufAQdEcR6+5joEc0n4nC71hK3MtEbtX3kIM7LoEwipVlptf1r OkkJ90wieFQCp79MsWtLSL5+cvm1vR3rYe5v8tR8M3A8uGBeI+MkB05RhT2v0SrJ 3KxsGGjGDupUlSml2FuMmMIgJfiUu7oDWj4Tk09/qxasOCK+TZsmz8JvSg9O2Qwm cHF4syexJb4u1hjrYJCusCVOCjlHOjUzLvwwZJwcseUyxZEDkq46qmlKhjUrr22H +evSEwE/ocJyman4h1ag70mGn/k0rVdyBygxOn1f5yW0AWzwX5Xyycwd7qo77vI=ayu1 -----END PGP SIGNATURE-----
Thank you very much Steffen! It finally works! I have 2 ldap dbs in my system, the first for inetOrgPerson class and the second for system specific class attributes. So I introduce another userdb section: ---------------------------------------------------------------------- ## ## User databases ## # System users (NSS, /etc/passwd, or similiar). In many systems nowadays this # uses Name Service Switch, which is configured in /etc/nsswitch.conf. userdb { driver = ldap args = /var/etc/dovecot/dovecot-ldap.conf.ext result_success = continue-ok } userdb { driver = ldap args = /var/etc/dovecot/dovecot-mnusers-ldap.conf.ext } userdb { driver = passwd } ----------------------------------------------------------------------------------- and content of /var/etc/dovecot/dovecot-mnusers-ldap.conf.ext is: -------------------------------------------------------------------------- user_filter = (&(objectClass=AFASystems)(uid=%u)) user_attrs = \ =quota_rule=*:bytes=%{ldap:quotaBytes} ----------------------------------------------------------------------- Now if I run "doveadm user afasystems", the output is: field value uid 1040 gid 100 home /data/home/afasystems mail maildir:~/.maildir quota_rule *:bytes=80M But if quotaBytes is empty in ldap, the output is: # doveadm user admin doveadm(root): Error: user admin: Initialization failed: Failed to initialize quota: Invalid quota root quota: Invalid rule *:bytes= : Invalid rule limit value 'bytes= ': Unknown unit: field value Is there a way in dovecot configuration to assign 0 (i.e. unlimited) to quota_rule if quotaBytes from ldap is empty? Thank you so much again! Il 21/07/2017 22:29, Steffen ha scritto:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Michele Petrella wrote: >> Hi, >> >> each user exists in one db. >> >> I changed configuration: >> >> # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole >> version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE >> Linux 7.1 (i386) auth_debug = yes debug_log_path >> /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no >> info_log_path = /var/log/state.mail/dovecot.pipe log_path >> /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users >> mail_location = maildir:~/.maildir mail_plugins = acl quota >> mail_shared_explicit_inbox = yes mail_uid = vmail >> managesieve_notify_capability = mailto >> managesieve_sieve_capability = fileinto reject envelope >> encoded-character vacation subaddress comparator-i;ascii-numeric >> relational regex imap4flags copy include variables body enotify >> environment mailbox date ihave duplicate namespace { list = yes >> location = maildir:/data/home/vmail/public prefix = Public/ >> separator = / subscriptions = no type = public } namespace { list >> children location >> maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix >> = Shared/%%u/ separator = / subscriptions = no type = shared } >> namespace inbox { inbox = yes list = yes location = mailbox >> Cestino { special_use = \Trash } mailbox Drafts { special_use >> \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta >> inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent >> } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { >> special_use = \Trash } prefix = separator = / subscriptions = yes >> type = private } passdb { args = /etc/dovecot/passwd.masterusers >> driver = passwd-file master = yes } passdb { args >> /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { >> driver = passwd skip = authenticated } plugin { acl >> vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict >> file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User >> quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M >> quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before >> /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve >> sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute >> sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter >> sieve_global_dir = /var/etc/dovecot/sieve/global/ >> sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter >> +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir >> /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms >> } protocols = imap pop3 lmtp sieve service auth { unix_listener >> auth-userdb { group = users } } service imap-postlogin { executable >> = script-login /usr/local/bin/imap-postlogin.sh user >> $default_internal_user } service imap { executable = imap >> imap-postlogin } ssl_cert >> </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key >> </conf/etc/cert/private/services/imap_pop/majornet.key userdb { >> args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } >> userdb { driver = passwd } protocol lda { info_log_path >> /var/log/dovecot/dovecot-lda.log log_path >> /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } >> protocol imap { mail_max_userip_connections = 20 mail_plugins >> acl quota imap_acl imap_quota } >> >> >> File /var/etc/dovecot/dovecot-ldap.conf.ext is: >> >> hosts = localhost base = ou=mnusers,dc=majornet,dc=local >> user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes} >> >> >> But when I run: doveadm -D quota get -u afasystems > Well, first try this: > > doveadm user afasystems > > All extra fields should be displayed (quotaByte only in your example). > Then verify that this user has quotaBytes at all > > ldapsearch -B ou=mnusers,dc=majornet,dc=local user=afasystems quotaBytes > > Then look here: https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb > user_attrs = \ > =home=%{ldap:homeDirectory}, \ > =uid=%{ldap:uidNumber}, \ > =gid=%{ldap:gidNumber} > > all mappings using %{ldap:...} have a "=" prefixed before the settings > name > > Then re-try doveadm user .... > >> No extra field is returned: doveadm(root): Debug: Loading modules >> from directory: /usr/lib/dovecot doveadm(root): Debug: Module >> loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug: >> Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so >> doveadm(root): Debug: Loading modules from directory: >> /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: >> /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so >> doveadm(root): Debug: Skipping module doveadm_expire_plugin, >> because dlopen() failed: >> /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined >> symbol: expire_set_deinit (this is usually intentional, so just >> ignore this message) doveadm(root): Debug: Module loaded: >> /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so >> doveadm(root): Debug: Module loaded: >> /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so >> doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, >> because dlopen() failed: >> /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: >> undefined symbol: lucene_index_iter_deinit (this is usually >> intentional, so just ignore this message) doveadm(root): Debug: >> Skipping module doveadm_fts_plugin, because dlopen() failed: >> /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined >> symbol: fts_backend_rescan (this is usually intentional, so just >> ignore this message) doveadm(afasystems): Debug: auth input: >> afasystems system_groups_user=afasystems uid=1040 gid=100 >> home=/data/home/afasystems doveadm(afasystems): Debug: Effective >> uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems): >> Debug: Quota root: name=User quota backend=maildir args>> doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* >> bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule: >> root=User quota mailbox=Trash bytes=+104857600 messages=0 >> doveadm(afasystems): Debug: Quota rule: root=User quota >> mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: >> root=User quota bytes=524288 (10%) doveadm(afasystems): Debug: >> Namespace inbox: type=private, prefix=, sep=/, inbox=yes, >> hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir >> doveadm(afasystems): Debug: maildir++: >> root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, >> inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems): >> Debug: acl: initializing backend with data: >> vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: >> acl: acl username = afasystems doveadm(afasystems): Debug: acl: >> owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy >> directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace >> : type=public, prefix=Public/, sep=/, inbox=no, hidden=no, >> list=yes, subscriptions=no location=maildir:/data/home/vmail/public >> doveadm(afasystems): Debug: maildir++: >> root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=, >> alt= doveadm(afasystems): Debug: acl: initializing backend with >> data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): >> Debug: acl: acl username = afasystems doveadm(afasystems): Debug: >> acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL >> legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: >> Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, >> hidden=no, list=children, subscriptions=no >> location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u >> doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=, >> indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: >> acl: initializing backend with data: >> vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: >> acl: acl username = afasystems doveadm(afasystems): Debug: acl: >> owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy >> directory: /etc/dovecot/acl Quota name Type Value Limit % User >> quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0 >> >> >> Where I am wrong? >> > > -----BEGIN PGP SIGNATURE----- > Comment: GPGTools - https://gpgtools.org > > iQEcBAEBCgAGBQJZcmQXAAoJEHz1H7kL/d9rnhEH/RKIc+TodFZsoxSPg/j6nuzf > YWNamXhjS0O76g5ufAQdEcR6+5joEc0n4nC71hK3MtEbtX3kIM7LoEwipVlptf1r > OkkJ90wieFQCp79MsWtLSL5+cvm1vR3rYe5v8tR8M3A8uGBeI+MkB05RhT2v0SrJ > 3KxsGGjGDupUlSml2FuMmMIgJfiUu7oDWj4Tk09/qxasOCK+TZsmz8JvSg9O2Qwm > cHF4syexJb4u1hjrYJCusCVOCjlHOjUzLvwwZJwcseUyxZEDkq46qmlKhjUrr22H > +evSEwE/ocJyman4h1ag70mGn/k0rVdyBygxOn1f5yW0AWzwX5Xyycwd7qo77vI> =ayu1 > -----END PGP SIGNATURE------- AFA Systems Srl Via G.Pastore Zona Industriale B 86039 Termoli (CB) - Italia tel.: +39 0875 724104 fax.: +39 0875 726084 www.afasystems.it