From 818d428d1f5fd13f0e0c02a07ca4347db1437890 Mon Sep 17 00:00:00 2001 From: Thomas Picouet <thomas.picouet@riseup.net> Date: Mon, 19 Nov 2018 18:08:31 +0100 Subject: [PATCH] =?UTF-8?q?ajout=20de=20logs=20=C3=A0=20l'authentification?= =?UTF-8?q?=20(pour=20mieux=20comprendre=20ce=20qu'il=20se=20passe)=20et?= =?UTF-8?q?=20d'un=20petit=20script=20pour=20aller=20plus=20vite=20quand?= =?UTF-8?q?=20je=20bidouille=20les=20fichiers=20de=20config?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pica-mail-mda/auth_LDAP/conf.d/10-logging.conf | 4 ++-- pica-mail-mda/auth_LDAP/dovecot-ldap.conf.ext | 4 ++-- pica-mail-mda/auth_LDAP/reset.sh | 6 ++++++ 3 files changed, 10 insertions(+), 4 deletions(-) create mode 100755 pica-mail-mda/auth_LDAP/reset.sh diff --git a/pica-mail-mda/auth_LDAP/conf.d/10-logging.conf b/pica-mail-mda/auth_LDAP/conf.d/10-logging.conf index 20539501..60d1c571 100644 --- a/pica-mail-mda/auth_LDAP/conf.d/10-logging.conf +++ b/pica-mail-mda/auth_LDAP/conf.d/10-logging.conf @@ -21,7 +21,7 @@ log_path = /var/log/dovecot.log ## # Log unsuccessful authentication attempts and the reasons why they failed. -#auth_verbose = no +auth_verbose = yes # In case of password mismatches, log the attempted password. Valid values are # no, plain and sha1. sha1 can be useful for detecting brute force password @@ -31,7 +31,7 @@ log_path = /var/log/dovecot.log # Even more verbose logging for debugging purposes. Shows for example SQL # queries. -#auth_debug = no +auth_debug = yes # In case of password mismatches, log the passwords and used scheme so the # problem can be debugged. Enabling this also enables auth_debug. diff --git a/pica-mail-mda/auth_LDAP/dovecot-ldap.conf.ext b/pica-mail-mda/auth_LDAP/dovecot-ldap.conf.ext index 849cd3bd..25d28f0d 100644 --- a/pica-mail-mda/auth_LDAP/dovecot-ldap.conf.ext +++ b/pica-mail-mda/auth_LDAP/dovecot-ldap.conf.ext @@ -89,7 +89,7 @@ ldap_version = 3 # LDAP base. %variables can be used here. # For example: dc=mail, dc=example, dc=org -base = dc=picasoft, dc=net +base = dc=picasoft,dc=net # Dereference: never, searching, finding, always #deref = never @@ -113,7 +113,7 @@ user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid # %u - username # %n - user part in user@domain, same as %u if there's no domain # %d - domain part in user@domain, empty if user there's no domain -user_filter = (&(objectClass=posixAccount)(uid=%u)) +#user_filter = (&(objectClass=posixAccount)(uid=%u)) # Password checking attributes: # user: Virtual user name (user@domain), if you wish to change the diff --git a/pica-mail-mda/auth_LDAP/reset.sh b/pica-mail-mda/auth_LDAP/reset.sh new file mode 100755 index 00000000..d3f7681d --- /dev/null +++ b/pica-mail-mda/auth_LDAP/reset.sh @@ -0,0 +1,6 @@ +#!/bin/bash +docker kill pica-mail-mda-ldap +docker rm pica-mail-mda-ldap +docker build -t pica-mail-mda:2 . +docker run -d --name pica-mail-mda-ldap --network local-mail-delivery --hostname pica-mail-mda --mount source=mail-maildir,target=/home/ --mount source=mail-log,target=/var/log pica-mail-mda:2 +docker exec -it pica-mail-mda-ldap /bin/bash -- GitLab