On Thursday, April 11, 2019 3:07 PM, Aki Tuomi <aki.tuomi at open-xchange.com> wrote:> > On 11 April 2019 16:45 Laura Smith via dovecot < dovecot at dovecot.org> wrote: > > > > On Thursday, April 11, 2019 2:02 PM, Aki Tuomi < aki.tuomi at open-xchange.com> wrote: > > > > > PAM is trying to lookup user at domain while you probably only have user. PAM driver does not yet support username_format.? > > > > > Aki > > > > But /etc/dovecot/users file isn't pam ??? I don't need pam if if I'm using /etc/dovecot/users ?? Or am I understanding you wrong? > > you have passdb block using pam. it is involved in the lookup process.? > > --- > Aki Tuomi> doveconf -n passdb userdbpassdb { ? args = scheme=ARGON2ID username_format=%u /etc/dovecot/users ? auth_verbose = yes ? driver = passwd-file } userdb { ? args = scheme=ARGON2ID username_format=%u /etc/dovecot/users ? auth_verbose = yes ? driver = passwd-file }
> On 11 April 2019 17:56 Laura Smith via dovecot <dovecot at dovecot.org> wrote: > > > On Thursday, April 11, 2019 3:07 PM, Aki Tuomi <aki.tuomi at open-xchange.com> wrote: > > > > On 11 April 2019 16:45 Laura Smith via dovecot < dovecot at dovecot.org> wrote: > > > > > > On Thursday, April 11, 2019 2:02 PM, Aki Tuomi < aki.tuomi at open-xchange.com> wrote: > > > > > > > PAM is trying to lookup user at domain while you probably only have user. PAM driver does not yet support username_format.? > > > > > > > Aki > > > > > > But /etc/dovecot/users file isn't pam ??? I don't need pam if if I'm using /etc/dovecot/users ?? Or am I understanding you wrong? > > > > you have passdb block using pam. it is involved in the lookup process.? > > > > --- > > Aki Tuomi > > > doveconf -n passdb userdb > passdb { > ? args = scheme=ARGON2ID username_format=%u /etc/dovecot/users > ? auth_verbose = yes > ? driver = passwd-file > } > userdb { > ? args = scheme=ARGON2ID username_format=%u /etc/dovecot/users > ? auth_verbose = yes > ? driver = passwd-file > }Looks OK now. PAM is quite often the culprit as it's part of the default shipped config and can be often missed when setting things up. Aki
On Thursday, April 11, 2019 5:49 PM, Aki Tuomi <aki.tuomi at open-xchange.com> wrote:> > On 11 April 2019 17:56 Laura Smith via dovecot dovecot at dovecot.org wrote: > > On Thursday, April 11, 2019 3:07 PM, Aki Tuomi aki.tuomi at open-xchange.com wrote: > > > > > > On 11 April 2019 16:45 Laura Smith via dovecot < dovecot at dovecot.org> wrote: > > > > On Thursday, April 11, 2019 2:02 PM, Aki Tuomi < aki.tuomi at open-xchange.com> wrote: > > > > > > > > > PAM is trying to lookup user at domain while you probably only have user. PAM driver does not yet support username_format. > > > > > > > > > Aki > > > > > > > > But /etc/dovecot/users file isn't pam ??? I don't need pam if if I'm using /etc/dovecot/users ?? Or am I understanding you wrong? > > > > > > you have passdb block using pam. it is involved in the lookup process. > > > > > > Aki Tuomi > > > > > doveconf -n passdb userdb > > > passdb { > > > ? args = scheme=ARGON2ID username_format=%u /etc/dovecot/users > > > ? auth_verbose = yes > > > ? driver = passwd-file > > > } > > > userdb { > > > ? args = scheme=ARGON2ID username_format=%u /etc/dovecot/users > > > ? auth_verbose = yes > > > ? driver = passwd-file > > > } > > Looks OK now. PAM is quite often the culprit as it's part of the default shipped config and can be often missed when setting things up. > > AkiI guess for the future it might be nice to have an options in the params to enable overrides for shipped configs (e.g. something similar to '!important' in CSS land). It would be nice to be able to make local.conf the source of truth instead of having to say 97.5% local.conf and then these few hacks of shipped configs (which may or may not get overwritten by package updates from the distros)