[Exim] Re: Using nis/ldap in a reliable fashion (i.e. withou…

Top Page
Delete this message
Reply to this message
Author: Miquel van Smoorenburg
Date:  
To: exim-users
Subject: [Exim] Re: Using nis/ldap in a reliable fashion (i.e. without losing mail)
In article <20020918053625.GX16570@???>,
Marc MERLIN <marc_news@???> wrote:
>> Yes, but the only way to do this reliably is to add a new directive
>> that makes it possible to define what a "local user" means to
>> check_local_user.
>>
>> check_local_user fills in user, uid, gid, home, and gecos. So
>> you need something like
>(...)
>
>I see, so you can't really do nsswitch inside exim with the current code,
>although it sounds like it wouldn't be a very tough addition.


It's perhaps a bit much. I think I went overboard. If you could
set home = in a router, you'd have most of the functionality already.

The only useful thing would be to be able to set
local_user = "something" to be used by
check_local_user instead of the default $local_part.

>> It _is_ possible to do it without all this, by doing a NIS lookup
>> in a router and putting it in address_data (exim4) and looking
>> it up in every subsequent router using $address_data (or by
>> setting address_data in every router), but it just doesn't look
>> as nice, it's conceptually very different, and you can't use
>> address_data for something else easily.
>
>Mmmh, interesting, I'll have to look into this too.


It's something like:

lookup_user:
  driver = redirect
  address_data = \
           ${lookup {$local_part} nis {passwd.byname}\
                {  user=${extract{1}{:}{$value}} \
                   home=${extract{1}{:}{$value}}
                }\
                {:fail:}\
            }
  allow_fail
  data = ${if eq {$address_data}{:fail:}{:fail:User unknown}{}}
  retry_use_local_part


localuser:
driver = accept
user = ${extract{user}{$address_data}}
transport = local_delivery

# Transports

local_delivery:
driver = appendfile
file = /var/spool/mail/${extract{user}{$address_data}}

.. you get the idea.

Mike.