Dovecot won't work with quota value from LDAP that include the "S" appended for size?

Question

I have a courier-imap IMAP system backed by LDAP holding the user data. I would like to convert IMAP to dovecot, and I am able to successfully configure basic login; that is working correctly.

But I am stumbling when enabling the QUOTA command. The quota backend in dovecot fails to initialize because the quota value stored in LDAP has the S appended to it. When dovecot is parsing this value, it thinks it is a unit specification, complains, and aborts:

Feb  6 09:12:15 site02 dovecot: auth: Debug: ldap(todd@todd.com,10.1.1.238,
  <JzSd+b/xswAKAQHu>): result: gidNumber=1000 uidNumber=1101 
  homeDirectory=/netapp1/mail/maildirs/t/o/d/todd.todd.com 
  quota=943718400S
Feb  6 09:12:15 site02 dovecot: imap(todd@todd.com): Error: user todd@todd.com: 
  Initialization failed: Failed to initialize quota: Invalid quota root quota: 
  Invalid rule *:bytes=943718400S: Invalid rule limit value 'bytes=943718400S': 
  Unknown unit: S

The above is from a development machine. The debug output shows that the value returned from the LDAP lookup is 943718400S, and that dovecot doesn't recognize the S as a valid unit.

I expected it to work properly because according to the documentation at http://wiki2.dovecot.org/Quota/Configuration, it notes Backend-specific configuration currently is used only with Maildir++ quota backend. It means you can have the quota in Maildir++ format (e.g. "10000000S"). Either this documentation is in error, or my understanding of the documentation is

The data in LDAP cannot be changed, so as I see it, four approaches come to mind:

Can dovecot set variables and do string manipulation in the config file? If so, this is the preferred way.
Strip the S from the quota value in the LDAP search. (Is this possible like can be done with SQL queries?)
Strip the S from the quota value in plugins/quota.c.
Fake it by adding "S" as a unit and setting the multiplier to 1 in plugins/quota.c.

Any suggestions of which of these would be the best way to move forward would be appreciated. What follows is raw data and configs.

Output of dovecot -n:

auth_debug = yes
disable_plaintext_auth = no
listen = *
mail_fsync = always
mail_nfs_index = yes
mail_nfs_storage = yes
mail_plugins = " quota"
mbox_write_locks = fcntl
mmap_disable = yes
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = 
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
plugin {
  quota = maildir:User quota
}
protocols = imap
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocol imap {
  mail_plugins = " quota imap_quota"
}

The dovecot ldap specific file referenced above:

hosts = localhost
dn = cn=ldap_user,dc=dev,dc=ivenue,dc=net
dnpass = ldap_pass
auth_bind = no
ldap_version = 3
base = ou=users,dc=dev,dc=ivenue,dc=net
deref = never
scope = subtree
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid,=quota_rule=*:bytes=%{ldap:quota}
user_filter = (&(objectClass=posixAccount)(objectClass=CourierMailAccount)(uid=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=posixAccount)(objectClass=CourierMailAccount)(uid=%u))
iterate_attrs = mail=user
iterate_filter = (&(objectClass=posixAccount)(objectClass=CourierMailAccount))
default_pass_scheme = PLAIN

LDIF for this test user:

# todd.todd.com, users, dev.ivenue.net
dn: uid=todd.todd.com,ou=users,dc=dev,dc=ivenue,dc=net
gidNumber: 1000
uidNumber: 1101
shadowMax: 99999
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
objectClass: account
objectClass: CourierMailAccount
uid: todd@todd.com
uid: todd.todd.com
mail: todd@todd.com
gecos:: IA==
shadowLastChange: 11740
cn:: IA==
homeDirectory: /netapp1/mail/maildirs/t/o/d/todd.todd.com
description: customerNumber->46791
shadowWarning: 7
quota: 943718400S
loginShell: /bin/sh

Added Feb 7: Showing quota configuration for maildir:

# doveconf -a | egrep "mail_loca|quota"
lmtp_rcpt_check_quota = no
mail_location = 
mail_plugins = " quota"
  quota = maildir:User quota
quota_full_tempfail = no
  mail_plugins = " quota imap_quota"

Are you sure you have use maildir++ as storage? show please `doveconf -a | egrep "mail_loca|quota"` — Kondybas, Feb 07 '14 at 00:40
Looks like you have an incomplete dovecot's config with no mail_location defined. That cause autodetection that can fail if user hasn't mailbox yet. Then there is no storage and no backend that should be maildir++. See http://wiki2.dovecot.org/MailLocation for details. — Kondybas, Feb 08 '14 at 04:01
@Kondybas, the mail_location comes from the LDAP lookup "user_attrs = homeDirectory=home,..." portion. Are you implying I need to define a hardcoded path when it's not needed for any phase? (provisioning system creates maildir structure so it will always exist). — Todd Lyons, Feb 08 '14 at 18:35

Dovecot won't work with quota value from LDAP that include the "S" appended for size?

0 Answers0