[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vchkpw
Subject:    Re: [vchkpw] non-root courier-imap + vmysql.c problem
From:       Ro Achterberg <ro () greyhat ! nl>
Date:       2009-10-01 10:37:58
Message-ID: 20091001103758.B909E1E2B5 () smtp09 ! online ! nl
[Download RAW message or body]

At 17:04 28-9-2009, Matt Brookings wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Ro Achterberg wrote:
> > Hi all,
> >
> > I'm using the vpopmail MySQL module to manage my domains and to provide
> > an authorization backend for courier-imapd's authdaemon (among other
> > things). However, it seems that since the MySQL module (vmysql.c +
> > vmysql.h) doesn't bother registering the Maildir domain's uid and gid
> > (thereby storing them with a default value of 0), courier-imap runs into
> > problems when trying to authenticate a user, since I have it run as a
> > non-root user.
> >
> > Basically what happens is that courier-imap is unable to setgid() from
> > 'root', since that's what it's reading from the SQL table, that the
> > MySQL module had created. Am I missing a configuration parameter
> > somewhere, or could this be considered a bug? Any insights would be
> > greatly appreciated.
>
>Ro, Courier-MTA has dropped all support for vpopmail, and as such,
>vpopmail has dropped all support for Courier-MTA, and it's various
>parts such as Courier-IMAP.
>
>This isn't really considered a bug because this worked in the past, but
>they simply chose to take a stance of non-support.  I saw that you sent
>me a patch that allows authentication to work, but the uid/gid fields
>in vpopmail are not used as named.  The fields are called that so that
>implementors realize it's authentication scheme is based on the Unix-based
>passwd system calls.  The fields are actually used to store user flags.
>
>Most people using qmail/vpopmail installations have moved to Dovecot for
>IMAP, and some other services as well.  Most would tell you that Dovecot
>is a superior IMAP server too.  Moving to Dovecot from Courier-IMAP is
>*easy as can be*.
>- --

Hi Matt,

I thought you'd like to know that eventhough it took some courage to 
dive into the rather fragmented and poorly written documentation 
provided by Dovecot which led to some initial frustration, I decided 
to drop courier in favor of it. I'm now using Dovecot + the SQL auth 
driver which queries the vpopmail table for authentication and user 
info. It better suits my needs for proper security, performance and 
easy of use.

Thanks for recommending it to me.

Bye, Ro 


!DSPAM:4ac4868a32711125817689!

[prev in list] [next in list] [prev in thread] [next in thread]