Home Explore Help
Sign In
cookbooks
/
dovecot
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 7c7e2d7ddb
Branches Tags
dovecot
/
templates
/
default
/
conf.d
/
auth-system.conf.ext.erb

auth-system.conf.ext.erb 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081 
  1. # Generated by Chef
    2. 

  2. 

  3. # Authentication for system users. Included from auth.conf.
    4. 

  4. #
    5. 

  5. # <doc/wiki/PasswordDatabase.txt>
    6. 

  6. # <doc/wiki/UserDatabase.txt>
    7. 

  7. 

  8. # PAM authentication. Preferred nowadays by most systems.
    9. 

  9. # PAM is typically used with either userdb passwd or userdb static.
    10. 

  10. # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
    11. 

  11. # authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt>
    12. 

  12. <% if Dovecot::Auth.has_passdb?(@auth['system']) -%>
    13. 

  13. <%=  Dovecot::Conf.authdb('pam', 'passdb', @auth['system']['passdb']) %>
    14. 

  14. <% else -%>
    15. 

  15. passdb {
    16. 

  16.   driver = pam
    17. 

  17.   # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
    18. 

  18.   # [cache_key=<key>] [<service name>]
    19. 

  19.   #args = dovecot
    20. 

  20. }
    21. 

  21. 

  22. # System users (NSS, /etc/passwd, or similiar).
    23. 

  23. # In many systems nowadays this uses Name Service Switch, which is
    24. 

  24. # configured in /etc/nsswitch.conf. <doc/wiki/AuthDatabase.Passwd.txt>
    25. 

  25. #passdb {
    26. 

  26.   #driver = passwd
    27. 

  27.   # [blocking=no]
    28. 

  28.   #args = 
    29. 

  29. #}
    30. 

  30. 

  31. # Shadow passwords for system users (NSS, /etc/shadow or similiar).
    32. 

  32. # Deprecated by PAM nowadays.
    33. 

  33. # <doc/wiki/PasswordDatabase.Shadow.txt>
    34. 

  34. #passdb {
    35. 

  35.   #driver = shadow
    36. 

  36.   # [blocking=no]
    37. 

  37.   #args = 
    38. 

  38. #}
    39. 

  39. 

  40. # PAM-like authentication for OpenBSD.
    41. 

  41. # <doc/wiki/PasswordDatabase.BSDAuth.txt>
    42. 

  42. #passdb {
    43. 

  43.   #driver = bsdauth
    44. 

  44.   # [blocking=no] [cache_key=<key>]
    45. 

  45.   #args =
    46. 

  46. #}
    47. 

  47. <% end -%>
    48. 

  48. 

  49. ##
    50. 

  50. ## User databases
    51. 

  51. ##
    52. 

  52. 

  53. # System users (NSS, /etc/passwd, or similiar). In many systems nowadays this
    54. 

  54. # uses Name Service Switch, which is configured in /etc/nsswitch.conf.
    55. 

  55. <% if Dovecot::Auth.has_userdb?(@auth['system']) -%>
    56. 

  56. <%=  Dovecot::Conf.authdb('passwd', 'userdb', @auth['system']['userdb']) %>
    57. 

  57. <% else -%>
    58. 

  58. userdb {
    59. 

  59.   # <doc/wiki/AuthDatabase.Passwd.txt>
    60. 

  60.   driver = passwd
    61. 

  61.   # [blocking=no]
    62. 

  62.   #args = 
    63. 

  63. }
    64. 

  64. 

  65. # Static settings generated from template <doc/wiki/UserDatabase.Static.txt>
    66. 

  66. #userdb {
    67. 

  67.   #driver = static
    68. 

  68.   # Can return anything a userdb could normally return. For example:
    69. 

  69.   #
    70. 

  70.   #  args = uid=500 gid=500 home=/var/mail/%u
    71. 

  71.   #
    72. 

  72.   # LDA and LMTP needs to look up users only from the userdb. This of course
    73. 

  73.   # doesn't work with static userdb because there is no list of users.
    74. 

  74.   # Normally static userdb handles this by doing a passdb lookup. This works
    75. 

  75.   # with most passdbs, with PAM being the most notable exception. If you do
    76. 

  76.   # the user verification another way, you can add allow_all_users=yes to
    77. 

  77.   # the args in which case the passdb lookup is skipped.
    78. 

  78.   #
    79. 

  79.   #args =
    80. 

  80. #}
    81. 

  81. <% end -%>
    82.