Displaying 20 results from an estimated 20 matches for "gssapi_hostname".
2007 Mar 27
2
gssapi auth issue...
...ice_name);
str_append_c(principal_name, '@');
---> str_append(principal_name, my_hostname);
We wind up asking kerberos to look for a ticket for imap at foobar,
instead of imap at foobar.sfbay.sun.com.
Obviously we can patch the source, but I was wondering if we could
have a gssapi_hostname setting in the config file? Or perhaps
we could have a knob letting us globally override my_hostname? Although I
don't know what side effects that could have.
We have some new cores I also need to report-- I'll get on that.
Thanks in advance,
-dp
--
Daniel Price - Solaris Ker...
2009 Feb 12
2
mbox snarf plugin + idle
...sses: 4096
mail_location: mbox:%h/new:INBOX=/var/spool/mail/14/%u
mmap_disable: yes
dotlock_use_excl: no
mbox_write_locks: fcntl
mbox_lazy_writes: no
mail_plugins: mbox_snarf
imap_client_workarounds: delay-newmail
auth default:
mechanisms: plain gssapi
krb5_keytab: /etc/krb5/dovecot.keytab
gssapi_hostname: $ALL
verbose: yes
debug: yes
passdb:
driver: pam
userdb:
driver: passwd
plugin:
mbox_snarf: /gpfs/inbox/14/%u
Thanks,
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2541 bytes...
2009 Apr 30
4
Disabling users whilst still allowing logins with a 'master password'
...st requirement with master passwords roughly as
described at the bottom of
http://wiki.dovecot.org/Authentication/MasterUsers
by configuring another passdb with the master password hash
in place for the users we want to be enabled to migrate.
Our standard auth config looks like:
auth default {
gssapi_hostname = imap210.herald.ox.ac.uk
mechanisms = plain login gssapi
passdb pam {
}
userdb passwd {
args = blocking=yes
}
socket listen {
master {
path = /var/run/dovecot/auth-master
}
}
}
and my first try at satisfying my requirements was:
auth default {
gssapi_hostnam...
2012 Nov 08
3
Mails don't get deleted after POP3
..._negative_ttl: 3600
executable: /usr/lib/dovecot/dovecot-auth
user: root
chroot:
username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
username_translation:
username_format:
master_user_separator:
anonymous_username: anonymous
krb5_keytab:
gssapi_hostname:
winbind_helper_path: /usr/bin/ntlm_auth
failure_delay: 2
verbose: no
debug: no
debug_passwords: no
ssl_require_client_cert: no
ssl_username_from_cert: no
use_winbind: no
count: 1
worker_max_count: 30
process_size: 256
passdb:
driver: pam
args:
den...
2009 Aug 19
1
dovecot-1.2.4, sendmail,deliver,sieve
...ntl
mbox_lazy_writes: no
mail_plugins: mbox_snarf
mail_plugin_dir: /usr/dovecot-1.2.4/lib/dovecot/imap/
imap_client_workarounds: tb-extra-mailbox-sep
imap_id_log: *
lda:
postmaster_address: postmaster at localhost
auth default:
mechanisms: plain gssapi
krb5_keytab: /etc/krb5/krb5.keytab
gssapi_hostname: $ALL
debug: yes
worker_max_count: 2
passdb:
driver: pam
args: max_requests=1
userdb:
driver: passwd
plugin:
mbox_snarf: /gpfs/inbox/%Ju/%u
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature...
2008 Mar 19
0
Dovecot 1.0.13 ignores auth_krb5_keytab settings
..._workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
namespace:
type: private
separator: /
inbox: yes
namespace:
type: private
separator: /
prefix: mail/
location: mbox:~/mail
auth default:
mechanisms: gssapi plain login
krb5_keytab: /etc/mail.krb5.keytab
gssapi_hostname: mail2.physik-pool.tu-berlin.de
verbose: yes
debug: yes
debug_passwords: yes
passdb:
driver: pam
userdb:
driver: passwd
]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPG...
2011 Jun 16
0
quota_rule beeing ignored and set to system soft! quota
...list: yes
subscriptions: yes
lda:
postmaster_address: postmaster at physik.tu-berlin.de
log_path:
info_log_path:
mail_plugins: sieve quota
quota_full_tempfail: yes
sendmail_path: /usr/sbin/sendmail
auth default:
mechanisms: gssapi plain login
krb5_keytab: /etc/mail.krb5.keytab
gssapi_hostname: mail.physik-pool.tu-berlin.de
worker_max_count: 120
passdb:
driver: pam
args: session=yes failure_show_msg=yes max_requests=100
userdb:
driver: passwd
args: blocking=yes
plugin:
sieve: ~/.dovecot.sieve
sieve_dir: ~/.sieve
quota_rule: *:storage=15728640
quota: fs:user
2009 Sep 30
1
deliver doesn't support !include directive, mail is bounced
...x:~/mail
list: yes
subscriptions: yes
lda:
postmaster_address: postmaster@$DOMAIN
log_path:
info_log_path:
mail_plugins: sieve
quota_full_tempfail: yes
sendmail_path: /usr/sbin/sendmail
auth default:
mechanisms: gssapi plain login
username_format: %Lu
krb5_keytab: /etc/$FILE
gssapi_hostname: $Hostname
worker_max_count: 120
passdb:
driver: pam
args: session=yes failure_show_msg=yes max_requests=100 dovecot
userdb:
driver: passwd
args: blocking=yes
socket:
type: listen
client:
path: /var/run/dovecot/auth-client
mode: 432
master:
path...
2008 Aug 12
2
[PATCH] Allow GSSAPI to work with multihomed hosts
...e about it. This
is my situation..
When you add windows into the mix, which uses a totally different set
of rules to determine the principle all hope seems to be lost to have
a single service principle name for an imap server :( I was able to
make things work for my environment using only the
auth_gssapi_hostname feature if only MIT kerberos was used, but as
soon as windows SSPI was involved it choose a different hostname.
Thus we want to have GSSAPI to match any service principle in the keytab.
As far as security concerns go, the admin can configure the keytab for
dovecot to be seperate from the system k...
2009 Oct 16
2
deliver and stale NFS file handles
...criptions: yes
lda:
postmaster_address: postmaster at physik.tu-berlin.de
log_path:
info_log_path:
mail_plugins: sieve
quota_full_tempfail: yes
sendmail_path: /usr/sbin/sendmail
auth default:
mechanisms: gssapi plain login
username_format: %Lu
krb5_keytab: /etc/mail3.krb5.keytab
gssapi_hostname: backupmail
worker_max_count: 120
passdb:
driver: pam
args: session=yes failure_show_msg=yes max_requests=100 dovecot
userdb:
driver: passwd
args: blocking=yes
socket:
type: listen
client:
path: /var/run/dovecot/auth-client
mode: 432
master:
pat...
2010 Feb 15
1
sieve addflag has stopped working
...00
cache_negative_ttl: 3600
executable: /usr/lib/dovecot/dovecot-auth
user: root
chroot:
username_chars:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
username_translation:
username_format:
master_user_separator:
anonymous_username: anonymous
krb5_keytab:
gssapi_hostname:
winbind_helper_path: /usr/bin/ntlm_auth
failure_delay: 2
verbose: no
debug: no
debug_passwords: no
ssl_require_client_cert: no
ssl_username_from_cert: no
use_winbind: no
count: 1
worker_max_count: 30
process_size: 256
passdb:
driver: pam
args:
deny: no
pass:...
2010 Nov 01
1
fts_solr on debian lenny dovecot 1.2.15
...: 3600
cache_negative_ttl: 3600
executable: /usr/lib/dovecot/dovecot-auth
user: nobody
chroot:
username_chars:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
username_translation:
username_format:
master_user_separator:
anonymous_username: anonymous
krb5_keytab:
gssapi_hostname:
winbind_helper_path: /usr/bin/ntlm_auth
failure_delay: 2
verbose: no
debug: no
debug_passwords: no
ssl_require_client_cert: no
ssl_username_from_cert: no
use_winbind: no
count: 1
worker_max_count: 30
process_size: 256
passdb:
driver: sql
args: /etc/dovecot/dovecot-sql.conf
deny: no...
2011 Jun 09
4
dovecot auth server problem PAM handshake imap-login
...che_size: 0
cache_ttl: 3600
executable: /usr/lib/dovecot/dovecot-auth
user: root
chroot:
username_chars:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
username_translation:
username_format:
master_user_separator:
anonymous_username: anonymous
krb5_keytab:
gssapi_hostname:
verbose: no
debug: yes
debug_passwords: no
ssl_require_client_cert: no
ssl_username_from_cert: no
count: 1
worker_max_count: 30
process_size: 256
passdb:
driver: pam
args: session=yes dovecot
deny: no
pass: no
master: no
userdb:
driver: passwd
args:...
2009 Aug 12
3
user_global_* ldap deliver
..._executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/imap
mail_plugin_dir(imap): /usr/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
auth default:
gssapi_hostname: mail.metc.net
verbose: yes
debug: yes
debug_passwords: yes
passdb:
driver: passwd-file
args: /etc/passwd.dovecot
passdb:
driver: ldap
args: /etc/dovecot/metc-dovecot-ldap.conf
userdb:
driver: passwd
userdb:
driver: static
args: uid=502 gid=502
socket:...
2011 Aug 19
1
Sharing all mailboxes and userdb LDAP attrs
...che_negative_ttl: 3600
executable: /usr/lib/dovecot/dovecot-auth
user: vmail
chroot:
username_chars:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
username_translation:
username_format: %Lu
master_user_separator: *
anonymous_username: anonymous
krb5_keytab:
gssapi_hostname:
winbind_helper_path: /usr/bin/ntlm_auth
failure_delay: 2
verbose: no
debug: no
debug_passwords: no
ssl_require_client_cert: no
ssl_username_from_cert: no
use_winbind: no
count: 1
worker_max_count: 30
process_size: 256
passdb:
driver: passwd-file
args: /etc/dovecot/p...
2011 Aug 29
4
Kerberos GSSAPI - proper item name in keytab
...?,192.168.4.12): Obtaining
credentials for imap at efim.test.local
Aug 29 16:05:14 auth: Debug: client out: CONT 1
Aug 29 16:05:14 auth: Debug: client in: CONT<hidden>
Aug 29 16:05:16 auth: Debug: client out: FAIL 1
*************************************
But (!). If I define << auth_gssapi_hostname = "$ALL" >> instead of <<
auth_gssapi_hostname = efim.test.local >> then everything works fine. I
decided to find out where is the problem, so I dig into source code of
gssapi module, "mech-gssapi.c". For versions 2.0.13 and 2.0.14 of
dovecot I see there the fo...
2011 Sep 06
2
error in logs, but system appears to work
..._ttl: 3600
executable: /usr/local/libexec/dovecot/dovecot-auth
user: root
chroot:
username_chars: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_
username_translation:
username_format:
master_user_separator:
anonymous_username: anonymous
krb5_keytab:
gssapi_hostname:
winbind_helper_path: /usr/bin/ntlm_auth
failure_delay: 2
verbose: yes
debug: yes
debug_passwords: yes
ssl_require_client_cert: no
ssl_username_from_cert: no
use_winbind: no
count: 1
worker_max_count: 30
process_size: 256
passdb:
driver: shadow
args:...
2009 Feb 24
4
"dovecot-uidlist: Duplicate file entry at line" error
..._negative_ttl: 3600
? executable: /usr/local/libexec/dovecot/dovecot-auth
? user: root
? chroot:
? username_chars:
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
? username_translation:
? username_format:
? master_user_separator:
? anonymous_username: anonymous
? krb5_keytab:
? gssapi_hostname:
? winbind_helper_path: /usr/bin/ntlm_auth
? failure_delay: 2
? verbose: no
? debug: no
? debug_passwords: no
? ssl_require_client_cert: no
? ssl_username_from_cert: no
? ntlm_use_winbind: no
? count: 1
? worker_max_count: 5
? worker_max_request_count: 0
? process_size: 256
? passdb:
??? driver: sq...
2009 Dec 14
1
deliver panics when handling mails bigger than some kByte
Hi,
i've just upgraded to dovecot-1.2.8 (from 1.2.4) and do now get the
following errors when deliver gets hands on mails with some attachments.
# tail -n 1 /var/log/messages
Dec 14 19:00:36 mail3 dovecot: deliver(user): Panic: file istream.c:
line 96 (i_stream_read): assertion failed: (stream->eof)
The MTA is postfix running inside a FreeBSD 7.2-STABLE jail. The homes
where deliver
2009 Aug 13
4
Crash in v1.2.3: istream.c: assertion failed on line 99
.../pop3
mail_plugin_dir(default): /usr/lib64/dovecot/imap
mail_plugin_dir(imap): /usr/lib64/dovecot/imap
mail_plugin_dir(pop3): /usr/lib64/dovecot/pop3
lda:
postmaster_address: example at example.com
auth default:
mechanisms: gssapi gss-spnego plain
krb5_keytab: /etc/opt/quest/vas/imap.keytab
gssapi_hostname: $ALL
passdb:
driver: passwd-file
args: /etc/dovecot.deny # empty file
deny: yes
passdb:
driver: pam
args: dovecot
userdb:
driver: passwd
userdb:
driver: static
args: home=/u/%u
--
Thanks,
Phill Macey