How to merge in Dovecot extra fields from system accounts to passwd-file format?

TommyPeanuts

10/31/23, 8:41 AM

I'm running an Ubuntu mail server with Dovecot 2.2.33 and am using system accounts:

passdb {
  driver = pam

I have about 100 mail users.

I would like to impose per-user storage quotas, but the Dovecot docs on per-user quota configuration say:

The Passwd userdb doesn’t support extra fields. That’s why you can’t directly set users’ quota limits to passwd file. One possibility would be to write a script that reads quota limits from another file, merges them with passwd file and produces another passwd-file, which you could then use with Dovecot’s Passwd-file.

Does anyone have an example of such a script? I'm not clear from the docs how the password itself is handled, for example. Or is there some other workaround that wouldn't entail having to migrate to a virtual user setup to get per-user quotas?

1 + 2

email-server

disk-space-utilization

dovecot

mailbox

TommyPeanuts

10/31/23, 10:33 PM

Ah OK. That sounds like an answer to my question. So can I replace my existing `userdb` stanza with something calling multiple dbs? I'm not clear how that's done, but [like this](https://pastebin.com/rCJUSi5e)?

anx

11/1/23, 5:47 AM

never tried it myself, but looks close. however still need to change the real lookup to `continue-ok` on success and the partial quota lookup to `continue` on success. you do not want a match for entries that *only* appear in the quota file, but not (or no longer) in the system password database, so the quota-lookup must not modify found state, that must come from the main passwd lookup.

Score:1

Server

anx

11/1/23, 7:27 AM

I think the easiest way to merge your user list with your quota configuration is to chain multiple user databases.

You want the original lookup to remember the result and continue, and the additional lookup to only continue. That will still get the found status (whether a user exists) from your original passwd file, but it will continue to check additional userdb lookups, the results of which are merged.

userdb {
  driver = passwd
  result_success = continue-ok
  # result_failure = continue
  result_internalfail = return-fail
}
userdb {
  driver = passwd-file
  args = /etc/dovecot/quotas
  result_success = continue
  # result_failure = continue
  result_internalfail = return-fail
}

# where /etc/dovecot/quotas is a passwd-style file
#  only associate usernames and userdb options via the added column (*seven* colons):
user1:::::::userdb_quota_rule=*:bytes=512M
user2:::::::userdb_quota_rule=*:bytes=256M

Be sure to add a reasonable default so that users created without customizing their quota through that file are also sensibly restricted.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to merge in Dovecot extra fields from system accounts to passwd-file format?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.