Hello,
I've been doing some more tests with this problem I have (I need to
solve it because I'm planning to migrate mailboxes from maildir to mdbox
and I need to change mail_location for my users without rebooting the
server).
I think I have found the source of the problem, although I don't know
how to fix it. The problem is that I have different results if I ask for
user information with just the login or with the whole email:
root@myotis30:/etc/dovecot/conf.d# doveadm user angel.l...@um.es
userdb: angel.l...@um.es
mail :
mdbox:/home/alumnos/46/113246/mdbox:INDEX=/var/indexes/mdbox/angel.luis
home : /home/alumnos/46/113246
uid : 113246
gid : 1001
quota_rule: *:storage=10G
root@myotis30:/etc/dovecot/conf.d# doveadm user angel.luis
userdb: angel.luis
home : /home/alumnos/46/113246
uid : 113246
gid : 1001
quota_rule: *:storage=10G
I guess I'm using different keys depending the user database used. I
have configured three user databases, one for master-password, one for a
ldap server and the other with pam (I need it because my webmail users
authenticate in my SSO system through PAM).
This is my config:
passdb {
driver = passwd-file
master = yes
args = /etc/dovecot/master-users
# Unless you're using PAM, you probably still want the destination
user to
# be looked up from passdb that it really exists. pass=yes does that.
pass = yes
}
passdb {
driver = pam
# [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
# [cache_key=<key>] [<service name>]
#args = dovecot
args = session=yes cache_key=%n dovecot
}
passdb {
driver = ldap
# Path for LDAP configuration file, see
example-config/dovecot-ldap.conf.ext
args = /etc/dovecot/dovecot-ldap.conf.ext
}
# "prefetch" user database means that the passdb already provided the
# needed information and there's no need to do a separate userdb lookup.
# <doc/wiki/UserDatabase.Prefetch.txt>
userdb {
driver = prefetch
}
userdb {
driver = ldap
args = /etc/dovecot/dovecot-ldap.conf.ext
# Default fields can be used to specify defaults that LDAP may override
#default_fields = home=/home/virtual/%u
}
In my ldap configuration, I have a filter that looks for the uid of the
user or the hole email:
user_filter = (&(<other requirements>)(|(uid=%u)(mail=%u)))
I need this, because I have users that authenticate with just his/her
login, not the complete email address.
How can I unify those entries, so they use always just the login as key?
El 18/09/12 18:31, Timo Sirainen escribió:
On 18.9.2012, at 9.59, Angel L. Mateo wrote:
So I'm running this command. Whenever I run it, I get the message that
3 (sometimes, is 4) entries are removed, but user information isn't really
reloaded and I doubt it is really removed from cache (I have the user in a
passwd-file and information used by imap processes is still the old one, no the
new one, changed before the flush)
Works in my tests.
Is this cache the same than the user information cache?
Yes.
The parameter of the user I want to change is his quota, so I have
modified quota value in my ldap diretory, then I run:
doveadm auth cache flush <myuser>
What is your doveconf -n output and the dovecot-ldap.conf contents? Is <myuser>
with or without @domain? Also try this:
doveadm auth cache flush foo # make sure it isn't there
doveadm user foo
doveadm auth cache flush foo
Does the second flush return 1 or 0 entries? If 0, then there's a problem. If
1, then it really should have worked.
You could try also if disabling userdb prefetch makes any difference. And if
you still have multiple userdb try with only one.
# 2.1.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.4.0-030400-generic x86_64 Ubuntu 12.04.1 LTS
auth_cache_size = 20 M
auth_cache_ttl = 1 days
auth_debug = yes
auth_master_user_separator = *
auth_verbose = yes
default_process_limit = 1000
disable_plaintext_auth = no
log_timestamp = %Y-%m-%d %H:%M:%S
login_trusted_networks = 155.54.211.176/28
mail_debug = yes
mail_location = maildir:~/Maildir:INDEX=/var/indexes/%n
mail_plugins = quota
mail_privileged_group = mail
maildir_very_dirty_syncs = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy
include variables body enotify environment mailbox date ihave imapflags
mdbox_rotate_size = 20 M
namespace {
inbox = yes
location =
prefix =
separator = .
}
namespace {
hidden = yes
list = no
location = maildir:~/Maildir/expunged
prefix = BORRADOS.
separator = .
}
passdb {
args = /etc/dovecot/master-users
driver = passwd-file
master = yes
pass = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
passdb {
args = session=yes cache_key=%n dovecot
driver = pam
}
plugin {
lazy_expunge = BORRADOS.
quota = dict:User quota::file:%h/Maildir/dovecot.quota
quota_exceeded_message = El mensaje no se ha entregado porque el destinatario
del mismo tiene el buzón lleno.
quota_rule = *:storage=20G
quota_rule2 = Trash:storage=+1G
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_extensions = +imapflags
sieve_max_redirects = 15
zlib_save = gz
zlib_save_level = 6
}
postmaster_address = postmas...@um.es
protocols = imap pop3 lmtp sieve
service anvil {
client_limit = 2003
}
service auth {
client_limit = 3000
unix_listener auth-userdb {
mode = 0666
}
}
service doveadm {
inet_listener {
port = 24245
}
}
service imap {
process_limit = 5120
process_min_avail = 2
vsz_limit = 512 M
}
service ipc {
unix_listener ipc {
user = dovecot
}
}
service lmtp {
inet_listener lmtp {
port = 24
}
process_min_avail = 10
vsz_limit = 512 M
}
service pop3 {
process_min_avail = 2
}
ssl = no
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocol lda {
mail_plugins = quota sieve
}
protocol imap {
mail_plugins = quota imap_quota
}
protocol lmtp {
mail_plugins = quota sieve
}
protocol pop3 {
pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, in=%i, out=%o
}
local 155.54.211.160/27/27 {
doveadm_password = <password>
}
