Hi
in my opinion you found a bug. In the function passdb_preinit(..) in
file src/auth/passdb.c the username_filters are copied from
set->username_filter to passdb->username_filter. However that code only
gets to be executed if this line returns NULL
passdb = passdb_find(set->driver, set->args, &idx);
For some reason this code finds a match (i.e. != NULL) for your second
passdb (postmasterfilter) so it never reaches the code to setup the
filter correctly. Strange to say for the third db it doesn't find a
match and does setup the filter.
I would guess that the main reason this hasn't been noticed is that most
use cases of multiple passdb's use different drivers. Either this should
be treated as a bug or the documentation should be updated to state that
multiple passdb's should not use the same driver.
As a workaround to this problem, given that you are handing off
authentication to a php script, my suggestion would be to update that
script so that it handles all the use cases directly. In Dovecot you
will only need to define one passdb that calls the script.
John
On 01/08/2024 15:17, zaxwat93--- via dovecot wrote:
added names:
passdb allusers {
...
}
passdb postmasterfilter {
...
username_filter =us...@postmaster.local.one
...
}
passdb user2filter {
....
username_filter =us...@user2.local.one
,,,
}
try "doveadm auth testus...@user2.local.one" and got logs:
Aug 1 16:08:02 auth: Debug: auth client connected (pid=0)
Aug 1 16:08:02 auth: Debug: client in: AUTH 1 PLAIN service=doveadm
debug resp=<hidden>
Aug 1 16:08:02 auth: Debug: allusers(us...@user2.local.one): Performing passdb
lookup
Aug 1 16:08:02 auth: Debug: allusers(us...@user2.local.one): execute:
/usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php
/usr/local/libexec/dovecot/checkpassword-reply
Aug 1 16:08:02 auth: Debug: allusers(us...@user2.local.one): Received input:
Aug 1 16:08:02 auth: Debug: allusers(us...@user2.local.one): exit_status=1
Aug 1 16:08:02 auth: allusers(us...@user2.local.one): Login failed (status=1)
Aug 1 16:08:02 auth: Debug: allusers(us...@user2.local.one): Finished passdb
lookup
Aug 1 16:08:02 auth: Debug: postmasterfilter(us...@user2.local.one):
Performing passdb lookup
Aug 1 16:08:02 auth: Debug: postmasterfilter(us...@user2.local.one): username
changedus...@user2.local.one ->us...@local.one
Aug 1 16:08:02 auth: Debug: postmasterfilter(us...@local.one): execute:
/usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php
/usr/local/libexec/dovecot/checkpassword-reply
Aug 1 16:08:02 auth: Debug: postmasterfilter(us...@local.one): Received
input:user=us...@local.one userdb_home=/var/spool/mail/
userdb_uid=dovecot userdb_gid=dovecot
Aug 1 16:08:02 auth: Debug: postmasterfilter(us...@local.one): exit_status=0
Aug 1 16:08:02 auth: Debug: postmasterfilter(us...@local.one): username
changedus...@local.one ->postmas...@local.one
Aug 1 16:08:02 auth: Debug: postmasterfilter(postmas...@local.one): Finished
passdb lookup
Aug 1 16:08:02 auth: Debug: auth(postmas...@local.one): Auth request finished
Aug 1 16:08:02 auth: Debug: client passdb out: OK
1user=postmas...@local.one original_user=us...@user2.local.one
Same result: it should skip postmasterfilter passdb and work with user2filter,
but it didn't
_______________________________________________
dovecot mailing list --dovecot@dovecot.org
To unsubscribe send an email todovecot-le...@dovecot.org
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
