Re: [exim] LDAP router section - part 2

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MM 
MStanczak Slawomir at ->
Delete this message
Reply to this message
Author: Stanczak Slawomir
Date:  
To: exim-users
Old-Topics: Re: [exim] LDAP router section
Subject: Re: [exim] LDAP router section - part 2
On Thu, 16 Sep 2010, Nigel Wade wrote:

Thank you for your hlep.

I will use real names. I have simple LDAP base on one mail host
(not for all environment).

I had been following:

Router configuration
--------------------
dnslookup:
driver = dnslookup
[...]

userforward:
driver = redirect
[...]

system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/exim4/aliases}}
# user = Debian-exim
file_transport = address_file
pipe_transport = address_pipe

(I have many complex aliases so I keep it in aliases file not LDAP)

localuser:
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user

Transport configuration
-----------------------
remote_smtp:
driver = smtp

local_delivery:
driver = appendfile
maildir_format = true
maildir_use_size_file
directory = ${home}/Maildir
create_directory
create_file = anywhere
directory_mode = 0700
delivery_date_add
envelope_to_add
return_path_add

address_pipe:
driver = pipe
return_output

address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add

address_reply:
driver = autoreply

And LDAP Authentication
-----------------------

plain_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${if ldapauth {user="uid=${quote_ldap:$2},
ou=people,dc=pam,dc=szczecin,dc=pl" pass="$3"
ldap://ara.pam.szczecin.pl/}{yes}{no}}
server_set_id = $2

login_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${if ldapauth {user="uid=${quote_ldap:$1},
ou=people,dc=pam,dc=szczecin,dc=pl" pass="$2"
ldap://ara.pam.szczecin.pl/}{yes}{no}}
server_set_id = $1

+++++++++++++++

I wanted to define router and transport section for ldap user.

I changed following:

Main configuration:

UBASE = ou=people,dc=pam,dc=szczecin,dc=pl
ldap_default_servers = ara.pam.szczecin.pl::389
-----------------------------------------------

("ldap_default_servers = ara.pam.szczecin.pl" <- doesn't work)

Router configuration:

ldap_user:
debug_print = "R: ldap_user for $local_part@$domain"
driver = accept
domains = +local_domains
condition = ${lookup
ldap{ldap:///UBASE?uid?sub?(uid=${quote_ldap:$local_part})}{$value}}
transport = local_delivery
--------------------------
cannot_route_message = Unknown user

Transport configuration:

local_delivery:
---------------
debug_print = "T: local_delivery for $local_part@$domain"
driver = appendfile
directory = $home/Maildir
create_directory
create_file = anywhere
delivery_date_add
envelope_to_add
return_path_add
maildir_format
directory_mode = 0700
mode = 0660
mode_fail_narrower = false
group = Debian-exim

It's fine. Exim find LDAP user but it can't deliver message:

opr@??? R=ldap_user T=local_delivery defer (13):
Permission denied: cannot create /Maildir
-----------------------------------------

Why "/Maildir"?
--------------- 

14:36:05 14298 --------> opr@??? <--------
14:36:05 14298 locking /var/spool/exim4/db/retry.lockfile
14:36:05 14298 locked /var/spool/exim4/db/retry.lockfile
14:36:05 14298 EXIM_DBOPEN(/var/spool/exim4/db/retry)
14:36:05 14298 returned from EXIM_DBOPEN
14:36:05 14298 opened hints database /var/spool/exim4/db/retry: 
flags=O_RDONLY
14:36:05 14298 dbfn_read: key=T:opr@???
14:36:05 14298 retry record exists: age=26m33s (max 1w)
14:36:05 14298   time to retry = 33m27s expired = 0
14:36:05 14298 search_tidyup called
14:36:05 14299 changed uid/gid: local delivery to opr 
<opr@???> transport=local_delivery
14:36:05 14299   uid=100 gid=102 pid=14299
14:36:05 14299   auxiliary group list: <none>
14:36:05 14299   home=NULL current=/
14:36:05 14299 set_process_info: 14299 delivering 1OwDh7-0003ia-4O to opr 
using local_delivery
14:36:05 14299 expanding: T: local_delivery for $local_part@$domain
14:36:05 14299    result: T: local_delivery for opr@???
14:36:05 14299 T: local_delivery for opr@???
14:36:05 14299 appendfile transport entered
14:36:05 14299 expanding: $home/Maildir
14:36:05 14299    result: /Maildir
----------------------------------
14:36:05 14299 appendfile: mode=660 notify_comsat=0 quota=0 warning=0
14:36:05 14299   directory=/Maildir format=maildir
14:36:05 14299   message_prefix=null
14:36:05 14299   message_suffix=null
14:36:05 14299   maildir_use_size_file=no
14:36:05 14299 ensuring maildir directories exist in /Maildir
14:36:05 14299 search_tidyup called
14:36:05 14298 local_delivery transport returned DEFER for 
opr@???
14:36:05 14298 added retry item for T:opr@???: errno=13 
more_errno=0 flags=0
14:36:05 14298 post-process opr@??? (1)
14:36:05 14298 LOG: MAIN
14:36:05 14298   == opr@??? R=ldap_user T=local_delivery 
defer (13): Permission denied: cannot create /Maildir


ara:~# ls -l /home/prac/sec/opr/Maildir
total 48
drwx------ 2 opr sec  4096 2010-09-04 05:30 cur
drwx------ 2 opr sec  4096 2010-09-16 12:04 new
-----------------------------------------------
-rw------- 1 opr sec 31374 2010-09-16 12:04 procmail.log
-rw------- 1 opr sec    25 2010-09-04 05:30 subscriptions
drwx------ 2 opr sec  4096 2010-09-16 12:04 tmp


How Exim define "$home/Maildir" variable?
It is not "$HOME/Maildir" ("/home/prac/sec/opr/Maildir")?

Regards

Slawomir Stanczak

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] ACL Drop IssueRe: [exim] ACL Drop Issue->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)