This documentation is for Dovecot v2.x, see wiki1 for v1.x documentation.
Differences between revisions 7 and 8
Revision 7 as of 2008-08-19 13:33:13
Size: 2815
Editor: TimoSirainen
Comment:
Revision 8 as of 2009-03-15 22:35:19
Size: 2792
Editor: localhost
Comment: converted to 1.6 markup
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
This file is compatible with a normal `/etc/passwd` file, and a password file used by libpam-pwdfile [wiki:PasswordDatabase/PAM PAM] plugin. It's in the following format: This file is compatible with a normal `/etc/passwd` file, and a password file used by libpam-pwdfile [[PasswordDatabase/PAM|PAM]] plugin. It's in the following format:
Line 13: Line 13:
 * `password`: Assume CRYPT [wiki:Authentication/PasswordSchemes password scheme].
 * `{SCHEME}password`: The password is in the given [wiki:Authentication/PasswordSchemes scheme].
 * `password[13]`: libpam-passwd file compatible format for CRYPT [wiki:Authentication/PasswordSchemes scheme].
 * `password[34]`: libpam-passwd file compatible format for MD5 [wiki:Authentication/PasswordSchemes scheme].
 * `password`: Assume CRYPT [[Authentication/PasswordSchemes|password scheme]].
 * `{SCHEME}password`: The password is in the given [[Authentication/PasswordSchemes|scheme]].
 * `password[13]`: libpam-passwd file compatible format for CRYPT [[Authentication/PasswordSchemes|scheme]].
 * `password[34]`: libpam-passwd file compatible format for MD5 [[Authentication/PasswordSchemes|scheme]].
Line 18: Line 18:
extra_fields is a space-separated list of key=value pairs which can be used to set various [wiki:PasswordDatabase/ExtraFields passdb settings] and [wiki:UserDatabase/ExtraFields userdb settings]. Keys which begin with a `userdb_` prefix are used for userdb, others are used for passdb. So for example if you wish to override [wiki:MailLocation mail_location] setting for one user, use `userdb_mail=mbox:~/mail`. extra_fields is a space-separated list of key=value pairs which can be used to set various [[PasswordDatabase/ExtraFields|passdb settings]] and [[UserDatabase/ExtraFields|userdb settings]]. Keys which begin with a `userdb_` prefix are used for userdb, others are used for passdb. So for example if you wish to override [[MailLocation|mail_location]] setting for one user, use `userdb_mail=mbox:~/mail`.
Line 24: Line 24:
You can use all the [:Variables:variables] in the passwd-file filenames, for example: You can use all the [[Variables|variables]] in the passwd-file filenames, for example:

Passwd-file

This file is compatible with a normal /etc/passwd file, and a password file used by libpam-pwdfile PAM plugin. It's in the following format:

user:password:uid:gid:(gecos):home:(shell):extra_fields

For a password database it's enough to have only the user and password fields. For a user database, you need to set also uid, gid and preferably also home (see VirtualUsers). (gecos) and (shell) fields are unused by Dovecot.

The password field can be in four formats:

  • password: Assume CRYPT password scheme.

  • {SCHEME}password: The password is in the given scheme.

  • password[13]: libpam-passwd file compatible format for CRYPT scheme.

  • password[34]: libpam-passwd file compatible format for MD5 scheme.

extra_fields is a space-separated list of key=value pairs which can be used to set various passdb settings and userdb settings. Keys which begin with a userdb_ prefix are used for userdb, others are used for passdb. So for example if you wish to override mail_location setting for one user, use userdb_mail=mbox:~/mail.

Empty lines and lines beginning with '#' character are ignored.

Multiple passwd files

You can use all the variables in the passwd-file filenames, for example:

passdb passwd-file {
  # Each domain has a separate passwd-file:
  args = /etc/auth/%d/passwd
}

v1.0 only: If the filename contains %d, the usernames in the passwd file are expected to contain only the user, not the domain. If you want to use full "user@domain" usernames in the file, use %0.d instead. For v1.1, see below.

Parameters

These are available only with v1.1 and later:

  • scheme=<s>: Allows you to specify the default password scheme. The default is CRYPT. This is available only for passdb.

  • username_format=<s>: Look up usernames using this format instead of the full username (%u). If you want to enable user@domain logins but have only "user" in the file, set this to %n.

For example:

passdb passwd-file {
  args = scheme=plain-md5 username_format=%n /etc/imap.passwd
}
userdb passwd-file {
  args = username_format=%n /etc/imap.passwd
}

Examples

This file can be used as a passdb:

user:{plain}password
user2:{plain}password2

This file can be used as both a passwd and a userdb:

user:{plain}pass:1000:1000::/home/user::userdb_mail=maildir:~/Maildir allow_nets=192.168.0.0/24
user2:{plain}pass2:1001:1001::/home/user2

None: AuthDatabase/PasswdFile (last edited 2019-09-11 14:15:57 by MichaelSlusarz)