Home Explore Help
Sign In
cookbooks
/
dovecot
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: ed0ea86ffd
Branches Tags
dovecot
/
templates
/
default
/
conf.d
/
auth-system.conf.ext.erb

auth-system.conf.ext.erb 2.4 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879 
  1. # Authentication for system users. Included from auth.conf.
    2. 

  2. #
    3. 

  3. # <doc/wiki/PasswordDatabase.txt>
    4. 

  4. # <doc/wiki/UserDatabase.txt>
    5. 

  5. 

  6. # PAM authentication. Preferred nowadays by most systems.
    7. 

  7. # PAM is typically used with either userdb passwd or userdb static.
    8. 

  8. # REMEMBER: You'll need /etc/pam.d/dovecot file created for PAM
    9. 

  9. # authentication to actually work. <doc/wiki/PasswordDatabase.PAM.txt>
    10. 

  10. <% if Dovecot::Auth.has_passdb?(@auth['system']) -%>
    11. 

  11. <%=  Dovecot::Conf.authdb('pam', 'passdb', @auth['system']['passdb']) %>
    12. 

  12. <% else -%>
    13. 

  13. passdb {
    14. 

  14.   driver = pam
    15. 

  15.   # [session=yes] [setcred=yes] [failure_show_msg=yes] [max_requests=<n>]
    16. 

  16.   # [cache_key=<key>] [<service name>]
    17. 

  17.   #args = dovecot
    18. 

  18. }
    19. 

  19. 

  20. # System users (NSS, /etc/passwd, or similiar).
    21. 

  21. # In many systems nowadays this uses Name Service Switch, which is
    22. 

  22. # configured in /etc/nsswitch.conf. <doc/wiki/AuthDatabase.Passwd.txt>
    23. 

  23. #passdb {
    24. 

  24.   #driver = passwd
    25. 

  25.   # [blocking=no]
    26. 

  26.   #args = 
    27. 

  27. #}
    28. 

  28. 

  29. # Shadow passwords for system users (NSS, /etc/shadow or similiar).
    30. 

  30. # Deprecated by PAM nowadays.
    31. 

  31. # <doc/wiki/PasswordDatabase.Shadow.txt>
    32. 

  32. #passdb {
    33. 

  33.   #driver = shadow
    34. 

  34.   # [blocking=no]
    35. 

  35.   #args = 
    36. 

  36. #}
    37. 

  37. 

  38. # PAM-like authentication for OpenBSD.
    39. 

  39. # <doc/wiki/PasswordDatabase.BSDAuth.txt>
    40. 

  40. #passdb {
    41. 

  41.   #driver = bsdauth
    42. 

  42.   # [blocking=no] [cache_key=<key>]
    43. 

  43.   #args =
    44. 

  44. #}
    45. 

  45. <% end -%>
    46. 

  46. 

  47. ##
    48. 

  48. ## User databases
    49. 

  49. ##
    50. 

  50. 

  51. # System users (NSS, /etc/passwd, or similiar). In many systems nowadays this
    52. 

  52. # uses Name Service Switch, which is configured in /etc/nsswitch.conf.
    53. 

  53. <% if Dovecot::Auth.has_userdb?(@auth['system']) -%>
    54. 

  54. <%=  Dovecot::Conf.authdb('passwd', 'userdb', @auth['system']['userdb']) %>
    55. 

  55. <% else -%>
    56. 

  56. userdb {
    57. 

  57.   # <doc/wiki/AuthDatabase.Passwd.txt>
    58. 

  58.   driver = passwd
    59. 

  59.   # [blocking=no]
    60. 

  60.   #args = 
    61. 

  61. }
    62. 

  62. 

  63. # Static settings generated from template <doc/wiki/UserDatabase.Static.txt>
    64. 

  64. #userdb {
    65. 

  65.   #driver = static
    66. 

  66.   # Can return anything a userdb could normally return. For example:
    67. 

  67.   #
    68. 

  68.   #  args = uid=500 gid=500 home=/var/mail/%u
    69. 

  69.   #
    70. 

  70.   # LDA and LMTP needs to look up users only from the userdb. This of course
    71. 

  71.   # doesn't work with static userdb because there is no list of users.
    72. 

  72.   # Normally static userdb handles this by doing a passdb lookup. This works
    73. 

  73.   # with most passdbs, with PAM being the most notable exception. If you do
    74. 

  74.   # the user verification another way, you can add allow_all_users=yes to
    75. 

  75.   # the args in which case the passdb lookup is skipped.
    76. 

  76.   #
    77. 

  77.   #args =
    78. 

  78. #}
    79. 

  79. <% end -%>
    80.