Hi there, I posted this question in ServerFault
(https://serverfault.com/questions/1170095/proper-syntax-for-using-allow-nets-with-dovecot-passdb-sql)
but haven't gotten an answer after 10 days so thought I'd try here, I
appreciate any help you can offer!
I want to allow for two auth methods i
On 1/23/25 2:44 PM, Doug via dovecot wrote:
I don't have a working example because I do my dsync backups on the local
machine with output to shared NFS storage that is accessible to both my primary
and backup systems. No ssh required or remote connection required. That is
provided by NFS.
A
I don't have a working example because I do my dsync backups on the local
machine with output to shared NFS storage that is accessible to both my primary
and backup systems. No ssh required or remote connection required. That is
provided by NFS.
This excerpt of my backup script runs dsync in
I get the following output (edited)
>>> :~$ sudo doveadm mailbox list -A
doveadm(nobody): Error: mkdir(/home/vmail/mailboxes//nobody) failed:
Permission denied (euid=65534(nobody) egid=65534(nogroup) missing +w
perm: /home/vmail/mailboxes/, dir owned by 1001:1001 mode=0755)
doveadm(systemd-net
On 1/23/25 1:41 PM, cdm...@yahoo.com wrote:
In your working example you are connecting as root but in your dsync example your user is
remoteprefix:root. Try removing the "remoteprefix:" which is being treated as
part of the user name.
If I take off the "remoteprefix" it logs in, but it does
In your working example you are connecting as root but in your dsync example
your user is remoteprefix:root. Try removing the "remoteprefix:" which is
being treated as part of the user name.
> -Original Message-
> From: Kent Borg via dovecot
> Sent: Thursday, January 23, 2025 3:34 PM
On 1/23/25 12:26 PM, cdm...@yahoo.com wrote:
Kent,
You are being prompted for a password, so it isn't using private key
authentication. I recommend you get ssh working first, prove you are indeed
connecting to your secondary server, and only then introduce doveadm.
Yes, I checked that:
I t
Kent,
You are being prompted for a password, so it isn't using private key
authentication. I recommend you get ssh working first, prove you are indeed
connecting to your secondary server, and only then introduce doveadm.
Is mail.borg.org the name of your "matching server" or is that the name of
I had a typo (I said I'm a newbie).
On 1/23/25 10:50 AM, Kent Borg via dovecot wrote:
But when I try to make the command more complete and send a username
to the remote end, and now I am no longer talking to the remote end:
root@la:/etc/dovecot# doveadm sync -u kentborg -1 ssh -i
/root/.ssh/
I have a very basic postfix/dovecot server, with just a few users, and
it works. But in the past I have had hardware failures…so I would like
use dsync to a nearly matching server for some extra safety, and I have
not yet been successful.
I am trying to do this as root over ssh, with a private
I was kinda hoping it would've shown bit more details. But, looks like you've
ran into a bug. Lua passdb does not export fields in case return value is not
OK or NEXT. I'll file this to your bug tracker.
Aki
> On 23/01/2025 17:20 EET Arkadiusz Miśkiewicz via dovecot
> wrote:
>
>
> On 23/01
On 23/01/2025 14:23, Aki Tuomi wrote:
Can you post auth_debug=yes logs?
Attaching here (as quotation):
Jan 23 15:10:24 webx dovecot[10752]: auth: Debug: client in: AUTH 1 PLAIN
service=imapsession=qZ/XK2As7rsKFhKWlip=10.22.18.200
rip=10.22.18.150 lport=143
Can you post auth_debug=yes logs?
Aki
> On 23/01/2025 13:26 EET Arkadiusz Miśkiewicz via dovecot
> wrote:
>
>
> Hello.
>
>
> Trying to pass reason response via lua by passing it at
> dovecot.auth.PASSDB_RESULT_USER_DISABLED like:
>
>
> function auth_password_verify(request, password)
>
For a 200kb task that runs once a day/week? I think you can just run this
certbot stuff under a different user, people are probably just to 'lazy' to
adapt this.
>
> if you put all that into docker you can mitigate the privilege issue -
> you only need to chown the letsencrypt files as needed
if you put all that into docker you can mitigate the privilege issue - you only
need to chown the letsencrypt files as needed while copying them to the
directories for the dovecot certificates.
Am 23. Januar 2025 um 09:34 schrieb "Marc via dovecot" mailto:dovecot@dovecot.org?to=%22Marc%20via%20
Hello.
Trying to pass reason response via lua by passing it at
dovecot.auth.PASSDB_RESULT_USER_DISABLED like:
function auth_password_verify(request, password)
return dovecot.auth.PASSDB_RESULT_USER_DISABLED, "reason=custom_message"
end
function auth_userdb_lookup(request)
return dovecot
I have 0 issues 2-3 years. Besides what can be the issues with some shell
scripting. Better than having some code running as root.
I guess you see issues here, because if you ask at letsencrypt who can you sue
if they issue a false certificate, why they are not hosting in Europe, why they
run
Oh forgot letsencrypt also does not like when you ask about their ip ranges and
when you redirect dns of the amazon cloud to different zone files. So basically
when you use letsencrypt, you automatically have to open up your webserver
(unless you alter your environment on renewals) to amazon abu
Marc via dovecot skrev den 2025-01-23 09:21:
dovecot starts as root, and drops priveleges later, so group it non
rooted is a security problem on its own :)
certbot creates letencrypt pem files owned by root and grouped root,
only the private key cant be readed by other users then root
wtf le
>
> dovecot starts as root, and drops priveleges later, so group it non
> rooted is a security problem on its own :)
>
> certbot creates letencrypt pem files owned by root and grouped root,
> only the private key cant be readed by other users then root
>
wtf letsencrypt still requires root?? Wh
Poldi via dovecot skrev den 2025-01-23 08:11:
I'm using Dovecot 2.3.21 (47349e2482) on Ubuntu and have convigured
virtual mail users.
Everything is working finem but a few doevadm commands fail
sudo doveadm mailbox list
returns
doveadm(root): Error: chdir(/root/) failed: Permission denied
(e
21 matches
Mail list logo
