Hi, recently i decided to use quota_over_flag with passwd_file userdb. The main idea is to prevent dovecot (or vmail) user to have write access to file with passwords.
To do it, i setup separate userdb as this (SQL userdb is SQLite based,
thus the same problem with write):
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
userdb {
args = username_format=%u /etc/dovecot/over_quota
default_fields = quota_over_flag=1
driver = passwd-file
result_internalfail = continue-fail
result_success = continue-fail
}
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
For testing i add one user into over_quota file:
sla...@slavino.eu:::::::
With this setting the doveadm user with user in over_quota seems to
work:
doveadm user sla...@slavino.eu
field value
uid 20000
gid 20000
home /srv/vmail/slavino.eu/slavko
mail maildir:~/Maildir
quota_over_flag 1
quota_rule *:storage=0M
quota2_rule *:storage=0M
But the user iteration shows duplicate users:
doveadm user '*'
sla...@slavino.eu
sla...@slavino.eu
...
As we discussed on IRC, it is how iteration works, as it emit users as
soon as it meet it, but this doesn't correspond with "multiple userdb
are merged" in docs (for iteration).
I am surprised by this mainly because the particular userdb has set
result_success to "continue-fail" and thus have to set user not found as
with any user, which is not in this db. But it seems, that iteration
ignores this result.
I wrote this as we discussed via IRC, i am not subscribed, thus please
CC me.
regards
--
Slavko
http://slavino.sk
pgpDv9UrbARt0.pgp
Description: Digitálny podpis OpenPGP
