Mercurial > dovecot > original-hg > dovecot-1.2
diff dovecot-example.conf @ 1707:ba70d60987e2 HEAD
We now support checking the password against all defined auth processes and
use the one that matches.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 22 Aug 2003 07:42:13 +0300 |
parents | 72624cb9e4d6 |
children | cc0690f92d96 |
line wrap: on
line diff
--- a/dovecot-example.conf Fri Aug 22 06:52:25 2003 +0300 +++ b/dovecot-example.conf Fri Aug 22 07:42:13 2003 +0300 @@ -337,15 +337,11 @@ ## Authentication processes ## -# You can have multiple processes; each time "auth = xx" is seen, a new -# process definition is started. The point of multiple processes is to be -# able to set stricter permissions to others. For example, plain/PAM -# authentication requires roots, but if you also use digest-md5 authentication -# for some users, you can authenticate them without any privileges in a -# separate auth process. Just remember that only one auth process is asked -# for the password, so you can't have different passwords with different -# processes (unless they have different auth mechanisms, and you're ok with -# having different password for each mechanism). +# You can have multiple authentication processes. With plaintext authentication +# the password is checked against each process, the first one which succeeds is +# used. This is useful if you want to allow both system users (/etc/passwd) +# and virtual users to login without duplicating the system users into virtual +# database. # Executable location #auth_executable = /usr/libexec/dovecot/dovecot-auth @@ -379,7 +375,7 @@ auth default { # Space separated list of wanted authentication mechanisms: # plain digest-md5 anonymous - auth_mechanisms = plain + mechanisms = plain # Where user database is kept: # passwd: /etc/passwd or similiar, using getpwnam() @@ -388,7 +384,7 @@ # vpopmail: vpopmail library # ldap <config path>: LDAP, see doc/dovecot-ldap.conf # pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf - auth_userdb = passwd + userdb = passwd # Where password database is kept: # passwd: /etc/passwd or similiar, using getpwnam() @@ -398,34 +394,44 @@ # vpopmail: vpopmail authentication # ldap <config path>: LDAP, see doc/dovecot-ldap.conf # pgsql <config path>: a PostgreSQL database, see doc/dovecot-pgsql.conf - auth_passdb = pam + passdb = pam # User to use for the process. This user needs access to only user and # password databases, nothing else. Only shadow and pam authentication # requires roots, so use something else if possible. Note that passwd # authentication with BSDs internally accesses shadow files, which also # requires roots. - auth_user = root + user = root # Directory where to chroot the process. Most authentication backends don't # work if this is set, and there's no point chrooting if auth_user is root. - #auth_chroot = + #chroot = # Number of authentication processes to create - #auth_count = 1 + #count = 1 } -# digest-md5 authentication process. It requires special MD5 passwords which -# /etc/shadow and PAM doesn't support, so we never need roots to handle it. -# Note that the passwd-file is opened before chrooting and dropping root -# privileges, so it may be 0600-root owned file. +# PAM doesn't provide a way to get uid, gid or home directory. If you don't +# want to use a separate user database (passwd usually), you can use static +# userdb. -#auth digest_md5 { -# auth_mechanisms = digest-md5 -# auth_userdb = passwd-file /etc/passwd.imap -# auth_passdb = passwd-file /etc/passwd.imap -# auth_user = imapauth +#auth onlypam { +# mechanisms = plain +# userdb = static uid=500 gid=500 home=/var/mail/%u +# passdb = pam +# user = dovecot-auth #} -# if you plan to use only passwd-file, you don't need the two auth processes, -# simply set "auth_mechanisms = plain digest-md5" +#auth ldap { +# mechanisms = plain +# userdb = ldap /etc/dovecot-ldap.conf +# passdb = ldap /etc/dovecot-ldap.conf +# user = dovecot-auth +#} + +#auth virtualfile { +# mechanisms = plain digest-md5 +# userdb = passwd-file /etc/passwd.imap +# passdb = passwd-file /etc/passwd.imap +# user = dovecot-auth +#}