I have a question about dovecot...

trist007 · 02-02-2010, 08:31 AM

I just finished installing postfix and dovecot. I got postfix to work. Trying to setup dovecot to use PAM. I thought PAM always means that it uses the linux login credentials /etc/passwd auto? I enabled pam, yet I think I need to make a mysql database of the credentials. When I start dovecot, I get the error "Warning: There is no way to login to this server: disable_plaintext_auth=yes, ssl=no, no non-plaintext auth mechanisms."

Is it possible to setup dovecot to use PAM based on the /etc/passwd file or do you HAVE to use mysql or postgresql database to hold the credentials?

Dave_Devnull · 02-02-2010, 09:53 AM

Does this help?

http://wiki.dovecot.org/PasswordDatabase/PAM

trist007 · 02-02-2010, 10:17 AM

Nice thanks. I can't seem to find /etc/pam.d or /usr/local/etc/pam.d. Isn't PAM the method that I use to login to my linux computer which checks my credentials against /etc/passwd and /etc/shadow? Shouldn't it be in there already by default? I guess I'm just confused as to what PAM actually is. All the sites are a bit ambiguous. So if PAM is not installed into my computer, when I login with my user/pass from /etc/passwd, what system is being used if it's not PAM?

Dave_Devnull · 02-02-2010, 10:42 AM

Reading this: http://www.installationwiki.org/PAM
Says this:
"Slackware is one of the last PAM-free Linux distributions and in UNIX operating systems like AIX, PAM is an add-on product."

Which may be your issue - I can't speak for Slackware.

trist007 · 02-02-2010, 11:13 AM

Thanks a bunch, I'm going to investigate why slackware wouldn't not want to take up PAM and what the advantages/disadvantages of not using PAM are. Thanks a ton.

trist007 · 02-02-2010, 01:57 PM

After some research I see that I would like to use Name Service Switch with dovecot for authentication. My /etc/nsswitch.conf is up and running. In my dovecot.conf, there is this section of code:

Code:

 # System users (NSS, /etc/passwd, or similiar)
  # In many systems nowadays this uses Name Service Switch, which is
  # configured in /etc/nsswitch.conf. <doc/wiki/AuthDatabase.Passwd.txt>
  passdb passwd {
    # [blocking=yes] - See userdb passwd for explanation
    args =
  }

I removed the comments before 'passdb password {' and the '}'. However, when I start up dovecot, I get this error.

Code:

Warning: There is no way to login to this server: disable_plaintext_auth=yes, ssl=no, no non-plaintext auth mechanisms.
Warning: There is no way to login to this server: disable_plaintext_auth=yes, ssl=no, no non-plaintext auth mechanisms.

So I uncommented the line
disable_plaintext_auth=no

Now dovecot runs without errors. However, when I netcat into port 110, I get this:

Code:

+OK Dovecot ready.
user john
+OK
pass candy
-ERR [IN-USE] Temporary authentication failure.

This username and password are the ones in my /etc/passwd file is used by nss.
Can anybody point me in the right direction.

Dave_Devnull · 02-03-2010, 01:33 AM

Beyond my knowledge I'm afraid - sorry I can't be more help to you.

trist007 · 02-03-2010, 08:27 AM

I was able to fix it by creating a file /etc/passwd.dovecot and populated it with users and passwrds. Here's an example of one user/password:

Code:

john:{PLAIN}scissors21

and added '/etc/passwd.dovecot' to the dovecot.conf

Code:

 passdb passwd-file {
    # File contains a list of usernames, one per line
    args = /etc/passwd.dovecot
    #deny = yes
  }

Now it works great, w00t

Dave_Devnull · 02-03-2010, 08:58 AM

SCORE! Thanks for following up - this will be very helpful to anyone else looking for the answer.