On Thu, 1 Aug 2002, Colm MacCarthaigh wrote:
> I didnt really want the overhead of
> check_local_user (at this stage, we do need it later) or an lsearch
> on /etc/passwd either, since the mail was just about to be fired off
> to amavis pretty much none of what it does matters to me.
Hmm. I think I must be missing something here. You say you don't want
that overhead, and yet you've gone and implemented a lookup that does
if ((p = getpwnam(username)) != NULL)
That is *exactly* what check_local_user does. (And it caches the result
so that it doesn't repeat the lookup later.) Also, depending on your
operating system, getpwnam() may indeed do a linear search of
/etc/passwd.
So, what have I missed?
> So instead I've added a lookup method "passwd",
Full marks for figuring out how to add a lookup. The code looks
absolutely fine.
> amavis:
> driver = manualroute
> condition = "${if eq {$interface_port}{10025} {0}{1}}"
> # if scanning incoming mails, uncomment the following line and
> # change local_domains accordingly
> local_parts = dbm;/etc/aliases.db : passwd;$local_part
> domains = +local_domains
> transport = amavis
> route_list = * localhost
> self = send
Ah. I think I see why you've done that. You want to be able to say "if a
local user OR one of these users", and you can't do that with
check_local_user. You would have to use two separate routers.
OK, this seems reasonable, but I think two changes should be made:
1. Why force lower casing? Exim will lowercase $local_part anyway,
unless you have set caseful_local_part, and even then you could
force it with ${lc.
2. There's a function called route_finduser() that does getpwnam()
lookup in a slightly more sophisticated way, including caching the
result of the last lookup. From its heading comment: "Try several times
(if configured) to find a local user, in case delays in NIS or NFS
whatever cause an incorrect refusal. It's a pity that getpwnam()
doesn't have some kind of indication as to why it has failed."
3. Why return the user name? Surely it would be more useful (in
general) to return the password data as a sequence of name=value
fields? In your usage above, it wouldn't make any difference.
I'll put this on the Wish List.
Philip
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
