auth-system.conf.ext.erb 2.3 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879
  1. # Authentication for system users. Included from auth.conf.
  2. #
  3. # <doc/wiki/PasswordDatabase.txt>
  4. # <doc/wiki/UserDatabase.txt>
  5. # PAM authentication. Preferred nowadays by most systems.
  6. # PAM is typically used with either userdb passwd or userdb static.
  7. # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
  8. # authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt>
  9. <% if Dovecot::Auth.has_passdb?(@auth['system']) -%>
  10. <%= Dovecot::Conf.authdb('passdb', @auth['system']['passdb']) %>
  11. <% else -%>
  12. passdb {
  13. driver = pam
  14. # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
  15. # [cache_key=<key>] [<service name>]
  16. #args = dovecot
  17. }
  18. # System users (NSS, /etc/passwd, or similiar).
  19. # In many systems nowadays this uses Name Service Switch, which is
  20. # configured in /etc/nsswitch.conf. <doc/wiki/AuthDatabase.Passwd.txt>
  21. #passdb {
  22. #driver = passwd
  23. # [blocking=no]
  24. #args =
  25. #}
  26. # Shadow passwords for system users (NSS, /etc/shadow or similiar).
  27. # Deprecated by PAM nowadays.
  28. # <doc/wiki/PasswordDatabase.Shadow.txt>
  29. #passdb {
  30. #driver = shadow
  31. # [blocking=no]
  32. #args =
  33. #}
  34. # PAM-like authentication for OpenBSD.
  35. # <doc/wiki/PasswordDatabase.BSDAuth.txt>
  36. #passdb {
  37. #driver = bsdauth
  38. # [blocking=no] [cache_key=<key>]
  39. #args =
  40. #}
  41. <% end -%>
  42. ##
  43. ## User databases
  44. ##
  45. # System users (NSS, /etc/passwd, or similiar). In many systems nowadays this
  46. # uses Name Service Switch, which is configured in /etc/nsswitch.conf.
  47. <% if Dovecot::Auth.has_userdb?(@auth['system']) -%>
  48. <%= Dovecot::Conf.authdb('userdb', @auth['system']['userdb']) %>
  49. <% else -%>
  50. userdb {
  51. # <doc/wiki/AuthDatabase.Passwd.txt>
  52. driver = passwd
  53. # [blocking=no]
  54. #args =
  55. }
  56. # Static settings generated from template <doc/wiki/UserDatabase.Static.txt>
  57. #userdb {
  58. #driver = static
  59. # Can return anything a userdb could normally return. For example:
  60. #
  61. # args = uid=500 gid=500 home=/var/mail/%u
  62. #
  63. # LDA and LMTP needs to look up users only from the userdb. This of course
  64. # doesn't work with static userdb because there is no list of users.
  65. # Normally static userdb handles this by doing a passdb lookup. This works
  66. # with most passdbs, with PAM being the most notable exception. If you do
  67. # the user verification another way, you can add allow_all_users=yes to
  68. # the args in which case the passdb lookup is skipped.
  69. #
  70. #args =
  71. #}
  72. <% end -%>