 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
7 messages in net.sourceforge.lists.courier-maildrop[maildropl] maildrop ldap lookup conf...| From | Sent On | Attachments |
|---|---|---|
| Daniel Ludwig | Sep 5, 2005 3:31 am | |
| Tony Earnshaw | Sep 5, 2005 8:27 am | |
| Tony Earnshaw | Sep 5, 2005 8:57 am | |
| Daniel Ludwig | Sep 7, 2005 9:54 am | |
| Andrew Gargan | Sep 8, 2005 2:05 am | |
| Tony Earnshaw | Sep 10, 2005 1:34 am | |
| Daniel Ludwig | Sep 19, 2005 4:05 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | [maildropl] maildrop ldap lookup confusion ? | Actions... |
|---|---|---|
| From: | Daniel Ludwig (dlud...@alphyra-evs.de) | |
| Date: | Sep 5, 2005 3:31:55 am | |
| List: | net.sourceforge.lists.courier-maildrop | |
Hi,
I am running "postfix + courier-imap + LDAP + virtual-users" with postfix' virtual transport and would like to switch to maildrop. Postfix' virtual transport works fine but when I try to switch to "virtual_transport = maildrop" I get a "Cannot find system user"-error.
Since version 1.8.0, maildrop uses the courier-authlib/authdaemon. So maildrop makes a ldap-lookup for the attributes that are defined in /etc/courier/authldaprc.
I test maildrop like this: vmail@hostname:~> /usr/local/bin/maildrop -V 9 -d us...@mydomain.com < message maildrop: authlib: groupid=100 Cannot find system user us...@mydomain.com maildrop: signal 0x06
user...@mydomain.com is a virtual user account in LDAP, no system account !
.. I see maildrop's LDAP-query appear in syslog (/var/log/messages): conn=477 op=4 SRCH base="ou=mailusers,dc=mydomain,dc=com" scope=2 deref=0 filter="(&(objectClass=CourierMailAccount)(accountStatus=active)(mail=user...@mydomain.com))"
conn=477 op=4 SRCH attr=uid homeDirectory cn userPassword uidNumber gidNumber mail quota conn=477 op=4 SEARCH RESULT tag=101 err=0 nentries=1 text=
--> "Cannot find system user"-error
Doing a manual ldapsearch with this query "(&(objectClass=CourierMailAccount)(accountStatus=active)(mail=user...@mydomain.com))" gives me the CORRECT user's LDIF !!!
my LDAP-users look like this: dn: uid=username, ou=mailusers, dc=mydomain, dc=com objectClass: CourierMailAccount .. (+ some more objectClasses) uid: username cn: User Name givenName: User sn: Name mail: user...@mydomain.com mail: user...@my2nddomain.com mail: user...@my3rddomain.com mailbox: username maildrop: user...@mydomain.com accountStatus: active homeDirectory: /home/vmail/username/ uidNumber: 3000 gidNumber: 100 loginShell: /bin/false .. etc.
How does 'maildrop with ldap' find the corresponding Maildir for a VIRTUAL user (f.e. /home/vmail/username/Maildir/) ? I am wondering why maildrop does not like my ldap-attributes ? Is it possible to configure maildrop's own ldap-attributes? Is maildropldap.config still useable since 1.8.1 ?
Another point of failure I think of: I'm using the username as uid to login, but the uidNumber is the one of my vmail-User (3000). Might that cause problems ?
Did I miss some important documentation regarding "maildrop 1.8.x + virtual accounts + LDAP(!) + courier-authlib(!)" ? maildrop's manpage refers to makeuserdb(1) <http://www.courier-mta.org/maildrop/makeuserdb.html> for more information on virtual accounts, but I would like to use LDAP; not a userdb-file !?
I can't see a ldap-lookup in my strace-output ...see below (strace /usr/local/bin/maildrop -V 9 -d us...@mydomain.com < message) ... Before that, I assumed that my maildrop-compiling was successful, because i see its ldap-lookups in syslog, but now I'm not sure anymore .. ;) ! Any hints ?
btw. my OS is SuSE-9.3, most software installed from original SuSE-rpms, except "maildrop", which was compiled from sources. I had to compile courier-authlib from sources too, because I didn't find any "courierauthconfig" in the suse-distribution. That means: I have SuSE's courierauthdaemon running and installed in: /usr/lib/courier-imap/authlib/ and my compiled courierauthlib+maildrop reside in: /usr/local/ I had to create a link to the socket of SuSE's courierauthdaemon so that maildrop does find the socket of the running authdaemon. (/usr/local/var/spool/authdaemon -> /var/run/authdaemon.courier-imap/) This might be a point of failure too ? ;/ (I tested to exchange Suse's authdaemon-binary in their init-script to my compiled one, but I see no changes.)
Anyone running maildrop with LDAP on SuSE-9.3 ?
Bye Daniel
strace /usr/local/bin/maildrop -V 9 -d us...@mydomain.com < message
------------------------------------------------- ... open("/etc/passwd", O_RDONLY) = 4 fcntl64(4, F_GETFD) = 0 fcntl64(4, F_SETFD, FD_CLOEXEC) = 0 _llseek(4, 0, [0], SEEK_CUR) = 0 fstat64(4, {st_mode=S_IFREG|0644, st_size=1557, ...}) = 0 mmap2(NULL, 1557, PROT_READ, MAP_SHARED, 4, 0) = 0x40018000 _llseek(4, 1557, [1557], SEEK_SET) = 0 fstat64(4, {st_mode=S_IFREG|0644, st_size=1557, ...}) = 0 munmap(0x40018000, 1557) = 0 close(4) = 0 write(2, "Cannot find system user ", 24Cannot find system user ) = 24 write(2, "us...@mydomain.com", 22u...@mydomain.com) = 22 write(2, "\n", 1 ) = 1 rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0 gettid() = 21893 tgkill(21893, 21893, SIGABRT) = 0 --- SIGABRT (Aborted) @ 0 (0) ---
-------------------------------------------------