This documentation is for Dovecot v2.x, see wiki1 for v1.x documentation.

User database extra fields

A user database lookup typically returns uid, gid and home fields, as per traditional /etc/passwd lookups. Other fields may also be stored in the userdb, and these are called 'extra fields'. Possibilities are:

The following suffixes added to a field name are handled specially:

These fields can be returned the exact same way as uid, gid, and home fields. Below are examples for some user databases.

Overriding settings

Most commonly settings are overridden from plugin section. For example if your plugin section has quota_rule=*:storage=100M value and the userdb lookup returns quota_rule=*:storage=200M, the original quota setting gets overridden. In fact if the lookup always returns a quota_rule field, there's no point in having the quota_rule setting in the plugin section at all, because it always gets overridden anyway.

To understand how imap and pop3 processes see their settings, it may be helpful to know how Dovecot internally passes them:

  1. First all actual settings are first read into memory.
  2. Next all the extra fields returned by userdb lookup are used to override the settings. Any unknown setting is placed into the plugin {} section (e.g. foo=bar will be parsed as if it were plugin { foo=bar }).

  3. Last, if post-login scripting is used, it may modify the settings if wanted.

If you want to override settings inside sections, you can separate the section name and key with '/'. For example:

namespace default {
  inbox = yes
  separator = .
  location = maildir:~/Maildir
}

The separator setting can be overridden by returning namespace/default/separator=. extra field.

Examples

SQL

dovecot-sql.conf:

user_query = SELECT home, uid, gid, \
  CONCAT('*:bytes=', quota_bytes) AS quota_rule, \
  separator AS "namespace/default/separator" \
  FROM users WHERE username = '%n' and domain = '%d'

LDAP

dovecot-ldap.conf:

user_attrs = \
  =home=%{ldap:homeDirectory}, \
  =uid=%{ldap:uidNumber},
  =gid=%{ldap:gidNumber},
  =quota_rule=*:bytes=%{ldap:quotaBytes},
  =namespace/default/separator=%{ldap:mailSeparator}

passwd-file

Below are examples that show how to give two userdb extra fields ("mail" and "quota"). Note that all userdb extra fields must be prefixed with "userdb_", otherwise they're treated as passdb extra fields.

user:{plain}pass:1000:1000::/home/user::userdb_mail=mbox:~/mail userdb_quota_rule=*:storage=100M userdb_namespace/default/separator=/
user2:{plain}pass2:1001:1001::/home/user2::userdb_mail=maildir:~/Maildir userdb_quota_rule=*:storage=200M

UserDatabase/ExtraFields (last edited 2018-01-05 15:58:25 by AkiTuomi)