4

I'm using Dovecot with passdb as a user database:

passdb {
    args = scheme=sha512-crypt /etc/mail/passwd
    driver = passwd-file
}

userdb {
    args = uid=vmail gid=vmail home=/var/vmail/%d/%n
    driver = static
}

I cannot use the -A flag with any doveadm commands (whereas using -u user works). For example:

$ doveadm expunge -A mailbox Trash all
Error: User listing returned failure
doveadm: Error: Failed to iterate through some users

The dovecot log shows:

... dovecot[1225]: auth: Error: Trying to iterate users, but userdbs don't support it

Is there a way to configure this support or is this simply a limitation?

Kevin
  • 215
  • 2
  • 10
  • Have you also `userdb{...}` section configured? – Kondybas Nov 10 '18 at 06:43
  • @Kondybas Yes. I've just edited the question with the `userdb` section I have. Thanks for your help! – Kevin Nov 10 '18 at 21:51
  • 2
    You have configured your user-db as static with no source of the usernames. `dovecot` knows nothing about usernames and their mail directories. You should refer to the `dovecot`'s wiki for the proper configuration: https://wiki.dovecot.org/AuthDatabase/Passwd – Kondybas Nov 11 '18 at 12:32
  • @Kondybas Thanks, that makes sense. I think this came from an OpenSMTPD tutorial, so I will have to understand Dovecot in detail what I should do instead and perhaps use the Passwd configuration instead (but need to check if that breaks opensmtpd) – Kevin Nov 12 '18 at 14:25
  • 2
    `userdb` establish the correspondence between username and maildir. Also additional data like quota can be provided. `passdb` establish only the correspondence between username and password. Some parts of `dovecot` need only data from the `userdb` - `delivery` for example. For the security reasons the whole user-related data is splitted into two parts. – Kondybas Nov 12 '18 at 18:51
  • Thanks. If you'd like to put your comments as answer I can mark it as an answer. I guess something about the tutorial I followed which configures OpenSMTPD and Dovecot requires that the userdb always returns the `vmail` user. I don't have the time right now to figure out why the tutorial configured things this way, so I will just not use `-A`. Instead, I've been using an explicit user; for example, `doveadm expunge -u $user@$host mailbox Trash all` – Kevin Nov 21 '18 at 01:44

1 Answers1

3

The static driver indeed doesn’t support iteration, but you can switch to passwd-file with minimal effort, and that driver does support iteration.

You can use the same file for both passdb and userdb:

passdb {
    args = scheme=sha512-crypt /etc/mail/passwd
    driver = passwd-file
}

userdb {
    default_fields = uid=vmail gid=vmail home=/var/vmail/%d/%n
    args = /etc/mail/passwd
    driver = passwd-file
}

With this configuration, you must make sure that /etc/mail/passwd has eight colon-separated fields, see https://wiki2.dovecot.org/UserDatabase. (Simply append six colons :::::: to each line of your current file.)

Reload and your doveadm -A command succeeds.

glts
  • 897
  • 5
  • 17