Thank you very much Steffen!
It finally works!
I have 2 ldap dbs in my system, the first for inetOrgPerson class and
the second for system specific class attributes.
So I introduce another userdb section:
----------------------------------------------------------------------
##
## User databases
##
# System users (NSS, /etc/passwd, or similiar). In many systems nowadays
this
# uses Name Service Switch, which is configured in /etc/nsswitch.conf.
userdb {
driver = ldap
args = /var/etc/dovecot/dovecot-ldap.conf.ext
result_success = continue-ok
}
userdb {
driver = ldap
args = /var/etc/dovecot/dovecot-mnusers-ldap.conf.ext
}
userdb {
driver = passwd
}
-----------------------------------------------------------------------------------
and content of /var/etc/dovecot/dovecot-mnusers-ldap.conf.ext is:
--------------------------------------------------------------------------
user_filter = (&(objectClass=AFASystems)(uid=%u))
user_attrs = \
=quota_rule=*:bytes=%{ldap:quotaBytes}
-----------------------------------------------------------------------
Now if I run "doveadm user afasystems", the output is:
field value
uid 1040
gid 100
home /data/home/afasystems
mail maildir:~/.maildir
quota_rule *:bytes=80M
But if quotaBytes is empty in ldap, the output is:
# doveadm user admin
doveadm(root): Error: user admin: Initialization failed: Failed to
initialize quota: Invalid quota root quota: Invalid rule *:bytes= :
Invalid rule limit value 'bytes= ': Unknown unit:
field value
Is there a way in dovecot configuration to assign 0 (i.e. unlimited) to
quota_rule if quotaBytes from ldap is empty?
Thank you so much again!
Il 21/07/2017 22:29, Steffen ha scritto:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Michele Petrella wrote:
Hi,
each user exists in one db.
I changed configuration:
# 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole
version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE
Linux 7.1 (i386) auth_debug = yes debug_log_path =
/var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no
info_log_path = /var/log/state.mail/dovecot.pipe log_path =
/var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users
mail_location = maildir:~/.maildir mail_plugins = acl quota
mail_shared_explicit_inbox = yes mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date ihave duplicate namespace { list = yes
location = maildir:/data/home/vmail/public prefix = Public/
separator = / subscriptions = no type = public } namespace { list =
children location =
maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix
= Shared/%%u/ separator = / subscriptions = no type = shared }
namespace inbox { inbox = yes list = yes location = mailbox
Cestino { special_use = \Trash } mailbox Drafts { special_use =
\Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta
inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent
} mailbox "Sent Messages" { special_use = \Sent } mailbox Trash {
special_use = \Trash } prefix = separator = / subscriptions = yes
type = private } passdb { args = /etc/dovecot/passwd.masterusers
driver = passwd-file master = yes } passdb { args =
/var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb {
driver = passwd skip = authenticated } plugin { acl =
vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict =
file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User
quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M
quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before =
/var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve
sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute
sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter
sieve_global_dir = /var/etc/dovecot/sieve/global/
sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter
+vnd.dovecot.pipe +editheader sieve_pipe_bin_dir =
/usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms
} protocols = imap pop3 lmtp sieve service auth { unix_listener
auth-userdb { group = users } } service imap-postlogin { executable
= script-login /usr/local/bin/imap-postlogin.sh user =
$default_internal_user } service imap { executable = imap
imap-postlogin } ssl_cert =
</conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key =
</conf/etc/cert/private/services/imap_pop/majornet.key userdb {
args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap }
userdb { driver = passwd } protocol lda { info_log_path =
/var/log/dovecot/dovecot-lda.log log_path =
/var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve }
protocol imap { mail_max_userip_connections = 20 mail_plugins =
acl quota imap_acl imap_quota }
File /var/etc/dovecot/dovecot-ldap.conf.ext is:
hosts = localhost base = ou=mnusers,dc=majornet,dc=local
user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes}
But when I run: doveadm -D quota get -u afasystems
Well, first try this:
doveadm user afasystems
All extra fields should be displayed (quotaByte only in your example).
Then verify that this user has quotaBytes at all
ldapsearch -B ou=mnusers,dc=majornet,dc=local user=afasystems quotaBytes
Then look here: https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb
user_attrs = \
=home=%{ldap:homeDirectory}, \
=uid=%{ldap:uidNumber}, \
=gid=%{ldap:gidNumber}
all mappings using %{ldap:...} have a "=" prefixed before the settings
name
Then re-try doveadm user ....
No extra field is returned: doveadm(root): Debug: Loading modules
from directory: /usr/lib/dovecot doveadm(root): Debug: Module
loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug:
Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so
doveadm(root): Debug: Loading modules from directory:
/usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so
doveadm(root): Debug: Skipping module doveadm_expire_plugin,
because dlopen() failed:
/usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined
symbol: expire_set_deinit (this is usually intentional, so just
ignore this message) doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so
doveadm(root): Debug: Module loaded:
/usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so
doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin,
because dlopen() failed:
/usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so:
undefined symbol: lucene_index_iter_deinit (this is usually
intentional, so just ignore this message) doveadm(root): Debug:
Skipping module doveadm_fts_plugin, because dlopen() failed:
/usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined
symbol: fts_backend_rescan (this is usually intentional, so just
ignore this message) doveadm(afasystems): Debug: auth input:
afasystems system_groups_user=afasystems uid=1040 gid=100
home=/data/home/afasystems doveadm(afasystems): Debug: Effective
uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems):
Debug: Quota root: name=User quota backend=maildir args=
doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=*
bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule:
root=User quota mailbox=Trash bytes=+104857600 messages=0
doveadm(afasystems): Debug: Quota rule: root=User quota
mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace:
root=User quota bytes=524288 (10%) doveadm(afasystems): Debug:
Namespace inbox: type=private, prefix=, sep=/, inbox=yes,
hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir
doveadm(afasystems): Debug: maildir++:
root=/data/home/afasystems/.maildir, index=, indexpvt=, control=,
inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems):
Debug: acl: initializing backend with data:
vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug:
acl: acl username = afasystems doveadm(afasystems): Debug: acl:
owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy
directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace
: type=public, prefix=Public/, sep=/, inbox=no, hidden=no,
list=yes, subscriptions=no location=maildir:/data/home/vmail/public
doveadm(afasystems): Debug: maildir++:
root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=,
alt= doveadm(afasystems): Debug: acl: initializing backend with
data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems):
Debug: acl: acl username = afasystems doveadm(afasystems): Debug:
acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL
legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug:
Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no,
hidden=no, list=children, subscriptions=no
location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u
doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=,
indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug:
acl: initializing backend with data:
vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug:
acl: acl username = afasystems doveadm(afasystems): Debug: acl:
owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy
directory: /etc/dovecot/acl Quota name Type Value Limit % User
quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0
Where I am wrong?
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQEcBAEBCgAGBQJZcmQXAAoJEHz1H7kL/d9rnhEH/RKIc+TodFZsoxSPg/j6nuzf
YWNamXhjS0O76g5ufAQdEcR6+5joEc0n4nC71hK3MtEbtX3kIM7LoEwipVlptf1r
OkkJ90wieFQCp79MsWtLSL5+cvm1vR3rYe5v8tR8M3A8uGBeI+MkB05RhT2v0SrJ
3KxsGGjGDupUlSml2FuMmMIgJfiUu7oDWj4Tk09/qxasOCK+TZsmz8JvSg9O2Qwm
cHF4syexJb4u1hjrYJCusCVOCjlHOjUzLvwwZJwcseUyxZEDkq46qmlKhjUrr22H
+evSEwE/ocJyman4h1ag70mGn/k0rVdyBygxOn1f5yW0AWzwX5Xyycwd7qo77vI=
=ayu1
-----END PGP SIGNATURE-----
--
AFA Systems Srl
Via G.Pastore
Zona Industriale B
86039 Termoli (CB) - Italia
tel.: +39 0875 724104
fax.: +39 0875 726084
www.afasystems.it
