Hi,
each user exists in one db.
I changed configuration:
# 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d)
# OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386)
auth_debug = yes
debug_log_path = /var/log/dovecot/dovecot_debug.log
disable_plaintext_auth = no
info_log_path = /var/log/state.mail/dovecot.pipe
log_path = /var/log/dovecot/dovecot.log
mail_debug = yes
mail_gid = users
mail_location = maildir:~/.maildir
mail_plugins = acl quota
mail_shared_explicit_inbox = yes
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave duplicate
namespace {
list = yes
location = maildir:/data/home/vmail/public
prefix = Public/
separator = /
subscriptions = no
type = public
}
namespace {
list = children
location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u
prefix = Shared/%%u/
separator = /
subscriptions = no
type = shared
}
namespace inbox {
inbox = yes
list = yes
location mailbox Cestino {
special_use = \Trash
}
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox "Posta inviata" {
special_use = \Sent
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix separator = /
subscriptions = yes
type = private
}
passdb {
args = /etc/dovecot/passwd.masterusers
driver = passwd-file
master = yes
}
passdb {
args = /var/etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
passdb {
driver = passwd
skip = authenticated
}
plugin {
acl = vfile:/etc/dovecot/acl:cache_secs=300
acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes
quota = maildir:User quota
quota_rule = *:storage=5M
quota_rule2 = Trash:storage=+100M
quota_rule3 = SPAM:ignore
sieve = ~/.dovecot.sieve
sieve_before = /var/etc/dovecot/sieve/general/
sieve_dir = ~/sieve
sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute
sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter
sieve_global_dir = /var/etc/dovecot/sieve/global/
sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter
+vnd.dovecot.pipe +editheader
sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe
sieve_plugins = sieve_extprograms
}
protocols = imap pop3 lmtp sieve
service auth {
unix_listener auth-userdb {
group = users
}
}
service imap-postlogin {
executable = script-login /usr/local/bin/imap-postlogin.sh
user = $default_internal_user
}
service imap {
executable = imap imap-postlogin
}
ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt
ssl_key = </conf/etc/cert/private/services/imap_pop/majornet.key
userdb {
args = /var/etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
userdb {
driver = passwd
}
protocol lda {
info_log_path = /var/log/dovecot/dovecot-lda.log
log_path = /var/log/dovecot/dovecot-lda.log
mail_plugins = acl quota sieve
}
protocol imap {
mail_max_userip_connections = 20
mail_plugins = acl quota imap_acl imap_quota
}
File /var/etc/dovecot/dovecot-ldap.conf.ext is:
hosts = localhost
base = ou=mnusers,dc=majornet,dc=local
user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes}
But when I run:
doveadm -D quota get -u afasystems
No extra field is returned:
doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so
doveadm(root): Debug: Loading modules from directory:
/usr/lib/dovecot/doveadm
doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so
doveadm(root): Debug: Skipping module doveadm_expire_plugin, because
dlopen() failed:
/usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined
symbol: expire_set_deinit (this is usually intentional, so just ignore
this message)
doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so
doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so
doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, because
dlopen() failed:
/usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined
symbol: lucene_index_iter_deinit (this is usually intentional, so just
ignore this message)
doveadm(root): Debug: Skipping module doveadm_fts_plugin, because
dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so:
undefined symbol: fts_backend_rescan (this is usually intentional, so
just ignore this message)
doveadm(afasystems): Debug: auth input: afasystems
system_groups_user=afasystems uid=1040 gid=100 home=/data/home/afasystems
doveadm(afasystems): Debug: Effective uid=1040, gid=100,
home=/data/home/afasystems
doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir
argsdoveadm(afasystems): Debug: Quota rule: root=User quota mailbox=*
bytes=5242880 messages=0
doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=Trash
bytes=+104857600 messages=0
doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=SPAM ignored
doveadm(afasystems): Debug: Quota grace: root=User quota bytes=524288 (10%)
doveadm(afasystems): Debug: Namespace inbox: type=private, prefix=,
sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes
location=maildir:~/.maildir
doveadm(afasystems): Debug: maildir++:
root=/data/home/afasystems/.maildir, index=, indexpvt=, control=,
inbox=/data/home/afasystems/.maildir, altdoveadm(afasystems): Debug: acl:
initializing backend with data:
vfile:/etc/dovecot/acl:cache_secs=300
doveadm(afasystems): Debug: acl: acl username = afasystems
doveadm(afasystems): Debug: acl: owner = 1
doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory:
/etc/dovecot/acl
doveadm(afasystems): Debug: Namespace : type=public, prefix=Public/,
sep=/, inbox=no, hidden=no, list=yes, subscriptions=no
location=maildir:/data/home/vmail/public
doveadm(afasystems): Debug: maildir++: root=/data/home/vmail/public,
index=, indexpvt=, control=, inbox=, altdoveadm(afasystems): Debug: acl:
initializing backend with data:
vfile:/etc/dovecot/acl:cache_secs=300
doveadm(afasystems): Debug: acl: acl username = afasystems
doveadm(afasystems): Debug: acl: owner = 0
doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory:
/etc/dovecot/acl
doveadm(afasystems): Debug: Namespace : type=shared, prefix=Shared/%u/,
sep=/, inbox=no, hidden=no, list=children, subscriptions=no
location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u
doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=,
indexpvt=, control=, inbox=, altdoveadm(afasystems): Debug: acl: initializing
backend with data:
vfile:/etc/dovecot/acl:cache_secs=300
doveadm(afasystems): Debug: acl: acl username = afasystems
doveadm(afasystems): Debug: acl: owner = 0
doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory:
/etc/dovecot/acl
Quota name Type Value Limit %
User quota STORAGE 9517 5120 185
User quota MESSAGE 263 - 0
Where I am wrong?
Thank you very much
Il 20/07/2017 11:30, Steffen Kaiser ha scritto:> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Thu, 20 Jul 2017, Michele Petrella wrote:
>
>> To be more accurate, all users in ldap db need to use mail, but some
>> users in /etc/passwd file use mail too.
>
> Does users exist in both passwd and ldap?
>
>> For this reason I set up "driver=passwd" in userdb section
and in
>> /etc/nsswitch.conf I set up "passwd: files ldap".
>
> If you did this for Dovecot, revert it.
>
>> Now I want to use dovecot per user quota to limit ldap users mailbox
>> size. I need quota only for ldap users, no need for users in
>> /etc/passwd file.
>>
>> Which is the correct configuration to do this?
>
> use two databases for both passdb and userdb. One using pam / passwd,
> the other one the standard LDAP config.
>
> see: https://wiki2.dovecot.org/Authentication/MultipleDatabases
>
> Use LDAP instead of SQL userdb and passdb.
>
> I guess, you will find posts in the sense "virtual and system
users".
>
> If there is no user in both databases, the order does not matter
> (except for speed); otherwise:
>
> each database is tried in order of definition until a successful hit
> was found.
>
> You can order the passdb's and userdb's differently, e.g. if
> passwd-passdb is first and the user's password match, and the
> ldap-userdb is first and you get a hit there, the user authentificates
> against passwd, but its data is retrieved from LDAP.
> See comment in page: "look up users from SQL first (even if
> authentication was done using PAM!)"
>
>> I understand that I need to use extra fields to obtain user quota
>> from users db. But you said "the userdb section cannot merge two
>> databases together". So
>
> You cannot merge, but use one-after-another.
>
>> I can not use dovecot per user quota with "driver=passwd" in
userdb
>> section? I could use only global quota?
>
>
>> P.S.
>> 1) I use dovecot-lda as delivery agent.
>>
>> 2) I send again my dovecot configuration:
>>
>> # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf
>> # Pigeonhole version 0.4.18 (29cc74d)
>> # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386)
>> debug_log_path = /var/log/dovecot/dovecot_debug.log
>> disable_plaintext_auth = no
>> info_log_path = /var/log/state.mail/dovecot.pipe
>> log_path = /var/log/dovecot/dovecot.log
>> mail_debug = yes
>> mail_gid = users
>> mail_location = maildir:~/.maildir
>> mail_plugins = acl quota
>> mail_shared_explicit_inbox = yes
>> mail_uid = vmail
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date index ihave duplicate mime foreverypart
>> extracttext
>> namespace {
>> list = yes
>> location = maildir:/data/home/vmail/public
>> prefix = Public/
>> separator = /
>> subscriptions = no
>> type = public
>> }
>> namespace {
>> list = children
>> location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u
>> prefix = Shared/%%u/
>> separator = /
>> subscriptions = no
>> type = shared
>> }
>> namespace inbox {
>> inbox = yes
>> list = yes
>> location >> mailbox Cestino {
>> special_use = \Trash
>> }
>> mailbox Drafts {
>> special_use = \Drafts
>> }
>> mailbox Junk {
>> special_use = \Junk
>> }
>> mailbox "Posta inviata" {
>> special_use = \Sent
>> }
>> mailbox Sent {
>> special_use = \Sent
>> }
>> mailbox "Sent Messages" {
>> special_use = \Sent
>> }
>> mailbox Trash {
>> special_use = \Trash
>> }
>> prefix >> separator = /
>> subscriptions = yes
>> type = private
>> }
>> passdb {
>> args = /etc/dovecot/passwd.masterusers
>> driver = passwd-file
>> master = yes
>> }
>> passdb {
>> driver = pam
>> }
>> plugin {
>> acl = vfile:/etc/dovecot/acl:cache_secs=300
>> acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes
>> quota = maildir:User quota
>> quota_rule = *:storage=5M
>> quota_rule2 = Trash:storage=+100M
>> quota_rule3 = SPAM:ignore
>> sieve = ~/.dovecot.sieve
>> sieve_before = /var/etc/dovecot/sieve/general/
>> sieve_dir = ~/sieve
>> sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute
>> sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter
>> sieve_global_dir = /var/etc/dovecot/sieve/global/
>> sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter
>> +vnd.dovecot.pipe +editheader
>> sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe
>> sieve_plugins = sieve_extprograms
>> }
>> protocols = imap pop3 lmtp sieve
>> service auth {
>> unix_listener auth-userdb {
>> group = users
>> }
>> }
>> service imap-postlogin {
>> executable = script-login /usr/local/bin/imap-postlogin.sh
>> user = $default_internal_user
>> }
>> service imap {
>> executable = imap imap-postlogin
>> }
>> ssl = no
>> ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt
>> ssl_key = # hidden, use -P to show it
>> userdb {
>> driver = passwd
>> }
>> protocol lda {
>> info_log_path = /var/log/dovecot/dovecot-lda.log
>> log_path = /var/log/dovecot/dovecot-lda.log
>> mail_plugins = acl quota sieve
>> }
>> protocol imap {
>> mail_max_userip_connections = 20
>> mail_plugins = acl quota imap_acl imap_quota
>> }
>>
>>
>>>> userdb {
>>>> default_fields = quota_rule=*:bytes=%$
>>>> driver = passwd
>>>> }
>>>
>>>> I have problems in return extra fields from passwd userdb. My
users
>>>> are partially in passwd files and partially in LDAP. Users who
use
>>>> mail are in LDAP db.
>>>
>>>> If I use "default_fields = quota_rule=*:bytes=100M"
in userdb,
>>>
>>>> if I use "default_fields =
quota_rule=*:bytes=%{userdb:quotabytes}"
>>>> in userdb,
>>>
>>> 1) default_fields supplies default values, if the userdb does not
>>> return them. Hence, you cannot reference a LDAP result.
>>>
>>> 2) the userdb section cannot merge two databases together. You said
>>> "Users who use mail are in LDAP db", so you would one
userdb with
>>> driver ldap.
>>
>>
>
>
> - --
> Steffen Kaiser
>
> H Bonn-Rhein-Sieg | e-mail: Steffen.Kaiser at H-BRS.DE
> FB Informatik | room : C179
> Grantham-Allee 20 | phone : +49 2241/865-203
> 53757 Sankt Augustin |
> Germany - Deutschland | fax : +49 2241/865-8203
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQEVAwUBWXB4Q3Q8rp7BXVwTAQLBtgf/UeNwRnHz4y+5r71+Ni9oL1snzikq08rO
> zr9v+7kc6XZjPjATEcbrdnp6F+zPgiTtEye2k/1aQhjDdAxzAWKGOATeAfA7AJfw
> 5bbmtfzOm7flkpfiiM2zBBbcwAPemLcdzMl6NAm3pg32oCnF93IkKPou/y7xjmdw
> UAi4SxPaPQjUGqbkK6r3SFmDMPlUPAjQg2rqHBsc3gedJXy+milEKfwUiQhMtL7j
> aflHATo4gwwMDwyu6+zAYzJDTa+g9IQ8LzKEOPZWtNL6eQcI+h8TVrdcZftObZUK
> QETOnpN3IbFdIOfdrOlZ4Npe4BNby+dUGNViBP21ZNs9/nH0nvirOw=> =yLbr
> -----END PGP SIGNATURE-----
--
AFA Systems Srl
Via G.Pastore
Zona Industriale B
86039 Termoli (CB) - Italia
tel.: +39 0875 724104
fax.: +39 0875 726084
www.afasystems.it
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Michele Petrella wrote:> Hi, > > each user exists in one db. > > I changed configuration: > > # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole > version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE > Linux 7.1 (i386) auth_debug = yes debug_log_path = > /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no > info_log_path = /var/log/state.mail/dovecot.pipe log_path = > /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users > mail_location = maildir:~/.maildir mail_plugins = acl quota > mail_shared_explicit_inbox = yes mail_uid = vmail > managesieve_notify_capability = mailto > managesieve_sieve_capability = fileinto reject envelope > encoded-character vacation subaddress comparator-i;ascii-numeric > relational regex imap4flags copy include variables body enotify > environment mailbox date ihave duplicate namespace { list = yes > location = maildir:/data/home/vmail/public prefix = Public/ > separator = / subscriptions = no type = public } namespace { list > children location = > maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix > = Shared/%%u/ separator = / subscriptions = no type = shared } > namespace inbox { inbox = yes list = yes location = mailbox > Cestino { special_use = \Trash } mailbox Drafts { special_use > \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta > inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent > } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { > special_use = \Trash } prefix = separator = / subscriptions = yes > type = private } passdb { args = /etc/dovecot/passwd.masterusers > driver = passwd-file master = yes } passdb { args = > /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { > driver = passwd skip = authenticated } plugin { acl = > vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = > file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User > quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M > quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = > /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve > sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute > sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter > sieve_global_dir = /var/etc/dovecot/sieve/global/ > sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter > +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = > /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms > } protocols = imap pop3 lmtp sieve service auth { unix_listener > auth-userdb { group = users } } service imap-postlogin { executable > = script-login /usr/local/bin/imap-postlogin.sh user > $default_internal_user } service imap { executable = imap > imap-postlogin } ssl_cert = > </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = > </conf/etc/cert/private/services/imap_pop/majornet.key userdb { > args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } > userdb { driver = passwd } protocol lda { info_log_path = > /var/log/dovecot/dovecot-lda.log log_path = > /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } > protocol imap { mail_max_userip_connections = 20 mail_plugins > acl quota imap_acl imap_quota } > > > File /var/etc/dovecot/dovecot-ldap.conf.ext is: > > hosts = localhost base = ou=mnusers,dc=majornet,dc=local > user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes} > > > But when I run: doveadm -D quota get -u afasystemsWell, first try this: doveadm user afasystems All extra fields should be displayed (quotaByte only in your example). Then verify that this user has quotaBytes at all ldapsearch -B ou=mnusers,dc=majornet,dc=local user=afasystems quotaBytes Then look here: https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb user_attrs = \ =home=%{ldap:homeDirectory}, \ =uid=%{ldap:uidNumber}, \ =gid=%{ldap:gidNumber} all mappings using %{ldap:...} have a "=" prefixed before the settings name Then re-try doveadm user ....> > No extra field is returned: doveadm(root): Debug: Loading modules > from directory: /usr/lib/dovecot doveadm(root): Debug: Module > loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug: > Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so > doveadm(root): Debug: Loading modules from directory: > /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so > doveadm(root): Debug: Skipping module doveadm_expire_plugin, > because dlopen() failed: > /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined > symbol: expire_set_deinit (this is usually intentional, so just > ignore this message) doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so > doveadm(root): Debug: Module loaded: > /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so > doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, > because dlopen() failed: > /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: > undefined symbol: lucene_index_iter_deinit (this is usually > intentional, so just ignore this message) doveadm(root): Debug: > Skipping module doveadm_fts_plugin, because dlopen() failed: > /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined > symbol: fts_backend_rescan (this is usually intentional, so just > ignore this message) doveadm(afasystems): Debug: auth input: > afasystems system_groups_user=afasystems uid=1040 gid=100 > home=/data/home/afasystems doveadm(afasystems): Debug: Effective > uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems): > Debug: Quota root: name=User quota backend=maildir args= > doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* > bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule: > root=User quota mailbox=Trash bytes=+104857600 messages=0 > doveadm(afasystems): Debug: Quota rule: root=User quota > mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: > root=User quota bytes=524288 (10%) doveadm(afasystems): Debug: > Namespace inbox: type=private, prefix=, sep=/, inbox=yes, > hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir > doveadm(afasystems): Debug: maildir++: > root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, > inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems): > Debug: acl: initializing backend with data: > vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: > acl: acl username = afasystems doveadm(afasystems): Debug: acl: > owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy > directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace > : type=public, prefix=Public/, sep=/, inbox=no, hidden=no, > list=yes, subscriptions=no location=maildir:/data/home/vmail/public > doveadm(afasystems): Debug: maildir++: > root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=, > alt= doveadm(afasystems): Debug: acl: initializing backend with > data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): > Debug: acl: acl username = afasystems doveadm(afasystems): Debug: > acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL > legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: > Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, > hidden=no, list=children, subscriptions=no > location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u > doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=, > indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: > acl: initializing backend with data: > vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: > acl: acl username = afasystems doveadm(afasystems): Debug: acl: > owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy > directory: /etc/dovecot/acl Quota name Type Value Limit % User > quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0 > > > Where I am wrong? >-----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJZcmQXAAoJEHz1H7kL/d9rnhEH/RKIc+TodFZsoxSPg/j6nuzf YWNamXhjS0O76g5ufAQdEcR6+5joEc0n4nC71hK3MtEbtX3kIM7LoEwipVlptf1r OkkJ90wieFQCp79MsWtLSL5+cvm1vR3rYe5v8tR8M3A8uGBeI+MkB05RhT2v0SrJ 3KxsGGjGDupUlSml2FuMmMIgJfiUu7oDWj4Tk09/qxasOCK+TZsmz8JvSg9O2Qwm cHF4syexJb4u1hjrYJCusCVOCjlHOjUzLvwwZJwcseUyxZEDkq46qmlKhjUrr22H +evSEwE/ocJyman4h1ag70mGn/k0rVdyBygxOn1f5yW0AWzwX5Xyycwd7qo77vI=ayu1 -----END PGP SIGNATURE-----
Thank you very much Steffen!
It finally works!
I have 2 ldap dbs in my system, the first for inetOrgPerson class and
the second for system specific class attributes.
So I introduce another userdb section:
----------------------------------------------------------------------
##
## User databases
##
# System users (NSS, /etc/passwd, or similiar). In many systems nowadays
this
# uses Name Service Switch, which is configured in /etc/nsswitch.conf.
userdb {
driver = ldap
args = /var/etc/dovecot/dovecot-ldap.conf.ext
result_success = continue-ok
}
userdb {
driver = ldap
args = /var/etc/dovecot/dovecot-mnusers-ldap.conf.ext
}
userdb {
driver = passwd
}
-----------------------------------------------------------------------------------
and content of /var/etc/dovecot/dovecot-mnusers-ldap.conf.ext is:
--------------------------------------------------------------------------
user_filter = (&(objectClass=AFASystems)(uid=%u))
user_attrs = \
=quota_rule=*:bytes=%{ldap:quotaBytes}
-----------------------------------------------------------------------
Now if I run "doveadm user afasystems", the output is:
field value
uid 1040
gid 100
home /data/home/afasystems
mail maildir:~/.maildir
quota_rule *:bytes=80M
But if quotaBytes is empty in ldap, the output is:
# doveadm user admin
doveadm(root): Error: user admin: Initialization failed: Failed to
initialize quota: Invalid quota root quota: Invalid rule *:bytes= :
Invalid rule limit value 'bytes= ': Unknown unit:
field value
Is there a way in dovecot configuration to assign 0 (i.e. unlimited) to
quota_rule if quotaBytes from ldap is empty?
Thank you so much again!
Il 21/07/2017 22:29, Steffen ha scritto:> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Michele Petrella wrote:
>> Hi,
>>
>> each user exists in one db.
>>
>> I changed configuration:
>>
>> # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole
>> version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE
>> Linux 7.1 (i386) auth_debug = yes debug_log_path >>
/var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no
>> info_log_path = /var/log/state.mail/dovecot.pipe log_path >>
/var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users
>> mail_location = maildir:~/.maildir mail_plugins = acl quota
>> mail_shared_explicit_inbox = yes mail_uid = vmail
>> managesieve_notify_capability = mailto
>> managesieve_sieve_capability = fileinto reject envelope
>> encoded-character vacation subaddress comparator-i;ascii-numeric
>> relational regex imap4flags copy include variables body enotify
>> environment mailbox date ihave duplicate namespace { list = yes
>> location = maildir:/data/home/vmail/public prefix = Public/
>> separator = / subscriptions = no type = public } namespace { list
>> children location >>
maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix
>> = Shared/%%u/ separator = / subscriptions = no type = shared }
>> namespace inbox { inbox = yes list = yes location = mailbox
>> Cestino { special_use = \Trash } mailbox Drafts { special_use >>
\Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta
>> inviata" { special_use = \Sent } mailbox Sent { special_use =
\Sent
>> } mailbox "Sent Messages" { special_use = \Sent } mailbox
Trash {
>> special_use = \Trash } prefix = separator = / subscriptions = yes
>> type = private } passdb { args = /etc/dovecot/passwd.masterusers
>> driver = passwd-file master = yes } passdb { args >>
/var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb {
>> driver = passwd skip = authenticated } plugin { acl >>
vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict >>
file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User
>> quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M
>> quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before
>> /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve
>> sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute
>> sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter
>> sieve_global_dir = /var/etc/dovecot/sieve/global/
>> sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter
>> +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir >>
/usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms
>> } protocols = imap pop3 lmtp sieve service auth { unix_listener
>> auth-userdb { group = users } } service imap-postlogin { executable
>> = script-login /usr/local/bin/imap-postlogin.sh user >>
$default_internal_user } service imap { executable = imap
>> imap-postlogin } ssl_cert >>
</conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key >>
</conf/etc/cert/private/services/imap_pop/majornet.key userdb {
>> args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap }
>> userdb { driver = passwd } protocol lda { info_log_path >>
/var/log/dovecot/dovecot-lda.log log_path >>
/var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve }
>> protocol imap { mail_max_userip_connections = 20 mail_plugins >>
acl quota imap_acl imap_quota }
>>
>>
>> File /var/etc/dovecot/dovecot-ldap.conf.ext is:
>>
>> hosts = localhost base = ou=mnusers,dc=majornet,dc=local
>> user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes}
>>
>>
>> But when I run: doveadm -D quota get -u afasystems
> Well, first try this:
>
> doveadm user afasystems
>
> All extra fields should be displayed (quotaByte only in your example).
> Then verify that this user has quotaBytes at all
>
> ldapsearch -B ou=mnusers,dc=majornet,dc=local user=afasystems quotaBytes
>
> Then look here: https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb
> user_attrs = \
> =home=%{ldap:homeDirectory}, \
> =uid=%{ldap:uidNumber}, \
> =gid=%{ldap:gidNumber}
>
> all mappings using %{ldap:...} have a "=" prefixed before the
settings
> name
>
> Then re-try doveadm user ....
>
>> No extra field is returned: doveadm(root): Debug: Loading modules
>> from directory: /usr/lib/dovecot doveadm(root): Debug: Module
>> loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug:
>> Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so
>> doveadm(root): Debug: Loading modules from directory:
>> /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded:
>> /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so
>> doveadm(root): Debug: Skipping module doveadm_expire_plugin,
>> because dlopen() failed:
>> /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined
>> symbol: expire_set_deinit (this is usually intentional, so just
>> ignore this message) doveadm(root): Debug: Module loaded:
>> /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so
>> doveadm(root): Debug: Module loaded:
>> /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so
>> doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin,
>> because dlopen() failed:
>> /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so:
>> undefined symbol: lucene_index_iter_deinit (this is usually
>> intentional, so just ignore this message) doveadm(root): Debug:
>> Skipping module doveadm_fts_plugin, because dlopen() failed:
>> /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined
>> symbol: fts_backend_rescan (this is usually intentional, so just
>> ignore this message) doveadm(afasystems): Debug: auth input:
>> afasystems system_groups_user=afasystems uid=1040 gid=100
>> home=/data/home/afasystems doveadm(afasystems): Debug: Effective
>> uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems):
>> Debug: Quota root: name=User quota backend=maildir args>>
doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=*
>> bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule:
>> root=User quota mailbox=Trash bytes=+104857600 messages=0
>> doveadm(afasystems): Debug: Quota rule: root=User quota
>> mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace:
>> root=User quota bytes=524288 (10%) doveadm(afasystems): Debug:
>> Namespace inbox: type=private, prefix=, sep=/, inbox=yes,
>> hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir
>> doveadm(afasystems): Debug: maildir++:
>> root=/data/home/afasystems/.maildir, index=, indexpvt=, control=,
>> inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems):
>> Debug: acl: initializing backend with data:
>> vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug:
>> acl: acl username = afasystems doveadm(afasystems): Debug: acl:
>> owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy
>> directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace
>> : type=public, prefix=Public/, sep=/, inbox=no, hidden=no,
>> list=yes, subscriptions=no location=maildir:/data/home/vmail/public
>> doveadm(afasystems): Debug: maildir++:
>> root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=,
>> alt= doveadm(afasystems): Debug: acl: initializing backend with
>> data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems):
>> Debug: acl: acl username = afasystems doveadm(afasystems): Debug:
>> acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL
>> legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug:
>> Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no,
>> hidden=no, list=children, subscriptions=no
>> location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u
>> doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=,
>> indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug:
>> acl: initializing backend with data:
>> vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug:
>> acl: acl username = afasystems doveadm(afasystems): Debug: acl:
>> owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy
>> directory: /etc/dovecot/acl Quota name Type Value Limit % User
>> quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0
>>
>>
>> Where I am wrong?
>>
>
> -----BEGIN PGP SIGNATURE-----
> Comment: GPGTools - https://gpgtools.org
>
> iQEcBAEBCgAGBQJZcmQXAAoJEHz1H7kL/d9rnhEH/RKIc+TodFZsoxSPg/j6nuzf
> YWNamXhjS0O76g5ufAQdEcR6+5joEc0n4nC71hK3MtEbtX3kIM7LoEwipVlptf1r
> OkkJ90wieFQCp79MsWtLSL5+cvm1vR3rYe5v8tR8M3A8uGBeI+MkB05RhT2v0SrJ
> 3KxsGGjGDupUlSml2FuMmMIgJfiUu7oDWj4Tk09/qxasOCK+TZsmz8JvSg9O2Qwm
> cHF4syexJb4u1hjrYJCusCVOCjlHOjUzLvwwZJwcseUyxZEDkq46qmlKhjUrr22H
> +evSEwE/ocJyman4h1ag70mGn/k0rVdyBygxOn1f5yW0AWzwX5Xyycwd7qo77vI> =ayu1
> -----END PGP SIGNATURE-----
--
AFA Systems Srl
Via G.Pastore
Zona Industriale B
86039 Termoli (CB) - Italia
tel.: +39 0875 724104
fax.: +39 0875 726084
www.afasystems.it