[hcoop/debian/courier-authlib.git] / authsqliterc

##VERSION: $Id: authsqliterc 17 2011-04-04 02:07:37Z mrsam $
#
# Copyright 2012 Double Precision, Inc.  See COPYING for
# distribution information.
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# authsqliterc created from authsqliterc.dist by sysconftool
#
# Each line in this file must follow the following format:
#
# field[spaces|tabs]value
#
# That is, the name of the field, followed by spaces or tabs, followed by
# field value.  Trailing spaces are prohibited.


##NAME: LOCATION:0
#
# The SQLite database. You must create this database beforehand, and create
# the users table, as defined below.

SQLITE_DATABASE		/var/users.db

##NAME: SQLITE_USER_TABLE:0
#
# Suggested format of the table specified by SQLITE_USER_TABLE:
#
# CREATE TABLE passwd (
#        id                    text not null primary key,
#        crypt                 text,   # Either...
#        clear                 text,   # ... or
#        name                  text,
#        uid                   int,
#        gid                   int,
#        home                  text not null,
#        maildir               text,
#        defaultdelivery       text,
#        quota                 text,
#        options               text);
#
# Use either crypt or clear, to specify whether cleartext or crypted passwords
# get used (and define either SQLITE_CRYPT_PWFIELD or SQLITE_CLEAR_PWFIELD,
# below, accordingly).

SQLITE_USER_TABLE	passwd

##NAME: SQLITE_CRYPT_PWFIELD:0
#
# Either SQLITE_CRYPT_PWFIELD or SQLITE_CLEAR_PWFIELD must be defined.  Both
# are OK too. crypted passwords go into SQLITE_CRYPT_PWFIELD, cleartext
# passwords go into SQLITE_CLEAR_PWFIELD.  Cleartext passwords allow
# CRAM-MD5 authentication to be implemented.

SQLITE_CRYPT_PWFIELD	crypt

##NAME: SQLITE_CLEAR_PWFIELD:0
#
#
# SQLITE_CLEAR_PWFIELD	clear

##NAME: SQLITE_DEFAULT_DOMAIN:0
#
# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
# we will search for 'user@DEFAULT_DOMAIN' instead.
#
#
# DEFAULT_DOMAIN		example.com

##NAME: SQLITE_UID_FIELD:0
#
# Other fields in the sqlite table:
#
# SQLITE_UID_FIELD - contains the numerical userid of the account
#
SQLITE_UID_FIELD		uid

##NAME: SQLITE_GID_FIELD:0
#
# Numerical groupid of the account

SQLITE_GID_FIELD		gid

##NAME: SQLITE_LOGIN_FIELD:0
#
# The login id, default is id.  Basically the query is:
#
#  SELECT SQLITE_UID_FIELD, SQLITE_GID_FIELD, ... WHERE id='loginid'
#

SQLITE_LOGIN_FIELD	id

##NAME: SQLITE_HOME_FIELD:0
#

SQLITE_HOME_FIELD	home

##NAME: SQLITE_NAME_FIELD:0
#
# The user's name (optional)

SQLITE_NAME_FIELD	name

##NAME: SQLITE_MAILDIR_FIELD:0
#
# This is an optional field, and can be used to specify an arbitrary
# location of the maildir for the account, which normally defaults to
# $HOME/Maildir (where $HOME is read from SQLITE_HOME_FIELD).
#
# You still need to provide a SQLITE_HOME_FIELD, even if you uncomment this
# out.
#
# SQLITE_MAILDIR_FIELD	maildir

##NAME: SQLITE_DEFAULTDELIVERY:0
#
# Courier mail server only: optional field specifies custom mail delivery
# instructions for this account (if defined) -- essentially overrides
# DEFAULTDELIVERY from ${sysconfdir}/courierd
#
# SQLITE_DEFAULTDELIVERY defaultdelivery

##NAME: SQLITE_QUOTA_FIELD:0
#
# Define SQLITE_QUOTA_FIELD to be the name of the field that can optionally
# specify a maildir quota.  See README.maildirquota for more information 
#
# SQLITE_QUOTA_FIELD	quota

##NAME: SQLITE_AUXOPTIONS:0
#
# Auxiliary options.  The SQLITE_AUXOPTIONS field should be a char field that
# contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
# pairs.  These names are additional attributes that define various per-account
# "options", as given in INSTALL's description of the "Account OPTIONS"
# setting.
#
# SQLITE_AUXOPTIONS_FIELD	options
#
# You might want to try something like this, if you'd like to use a bunch
# of individual fields, instead of a single text blob:
#
# SQLITE_AUXOPTIONS_FIELD	"disableimap=" || disableimap || ",disablepop3=" || disablepop3 || ",disablewebmail=" || disablewebmail || ",sharedgroup=" || sharedgroup
#
# This will let you define fields called "disableimap", etc, with the end result
# being something that the OPTIONS parser understands.


##NAME: SQLITE_WHERE_CLAUSE:0
#
# This is optional, SQLITE_WHERE_CLAUSE can be basically set to an arbitrary
# fixed string that is appended to the WHERE clause of our query
#
# SQLITE_WHERE_CLAUSE	server='mailhost.example.com'

##NAME: SQLITE_SELECT_CLAUSE:0
#
# This is optional, SQLITE_SELECT_CLAUSE can be set when you have a database,
# which is structuraly different from the proposed layout. The fixed string will
# be used to do a SELECT operation on database, which should return fields
# in order specified bellow:
#
# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
#
# The username field should include the domain (see example below).
#
# Enabling this option causes ignorance of any other field-related
# options, excluding default domain.
#
# There are two variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. These variables are:
#	 	$(local_part), $(domain), $(service)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
#
# $(service) will expand out to the service being authenticated: imap, imaps,
# pop3 or pop3s.  Courier mail server only: service will also expand out to
# "courier", when searching for local mail account's location.  In this case,
# if the "maildir" field is not empty it will be used in place of
# DEFAULTDELIVERY.  Courier mail server will also use esmtp when doing
# authenticated ESMTP.
#
# For example:
#
# SQLITE_SELECT_CLAUSE	SELECT popbox.local_part || '@' || popbox.domain_name,\
#			'{MD5}' || popbox.password_hash),		\
#			popbox.clearpw,					\
#			domain.uid,					\
#			domain.gid,					\
#			domain.path || '/' || popbox.mbox_name, 	\
#			'',						\
#			domain.quota,					\
#			'',						\
#			"disableimap=" || disableimap || ",disablepop3=" || \
#                       disablepop3 || ",disablewebmail=" || disablewebmail || \
#                              ",sharedgroup=" || sharedgroup           \
#			FROM popbox, domain				\
#			WHERE popbox.local_part = '$(local_part)'	\
#			AND popbox.domain_name = '$(domain)'		\
#			AND popbox.domain_name = domain.domain_name


##NAME: SQLITE_ENUMERATE_CLAUSE:1
#
# Optional custom SQL query used to enumerate accounts for authenumerate,
# in order to compile a list of accounts for shared folders.  The query
# should return the following fields: name, uid, gid, homedir, maildir, options
#
# Example:
# SQLITE_ENUMERATE_CLAUSE SELECT popbox.local_part || '@' || popbox.domain_name, \
#			domain.uid,					\
#			domain.gid,					\
#			domain.path || '/' || popbox.mbox_name, 	\
#			'',						\
#			'sharedgroup=' || sharedgroup 			\
#			FROM popbox, domain				\
#			WHERE popbox.local_part = '$(local_part)'	\
#			AND popbox.domain_name = '$(domain)'		\
#			AND popbox.domain_name = domain.domain_name


##NAME: SQLITE_CHPASS_CLAUSE:0
#
# This is optional, SQLITE_CHPASS_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do an UPDATE operation on database. In other words, it is
# used, when changing passwords. This is used by sqwebmail/Courier webmail.
#
# There are four variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. There variables are:
# 	$(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
# $(newpass) contains plain password
# $(newpass_crypt) contains its crypted form
#
# SQLITE_CHPASS_CLAUSE	UPDATE	popbox					\
#			SET	clearpw='$(newpass)',			\
#				password_hash='$(newpass_crypt)'	\
#			WHERE	local_part='$(local_part)'		\
#			AND	domain_name='$(domain)'
#
Commit	Line	Data
b0322a85 CE	1	##VERSION: $Id: authsqliterc 17 2011-04-04 02:07:37Z mrsam $
	2	#
	3	# Copyright 2012 Double Precision, Inc. See COPYING for
	4	# distribution information.
	5	#
	6	# Do not alter lines that begin with ##, they are used when upgrading
	7	# this configuration.
	8	#
	9	# authsqliterc created from authsqliterc.dist by sysconftool
	10	#
	11	# Each line in this file must follow the following format:
	12	#
	13	# field[spaces\|tabs]value
	14	#
	15	# That is, the name of the field, followed by spaces or tabs, followed by
	16	# field value. Trailing spaces are prohibited.
	17
	18
	19	##NAME: LOCATION:0
	20	#
	21	# The SQLite database. You must create this database beforehand, and create
	22	# the users table, as defined below.
	23
	24	SQLITE_DATABASE /var/users.db
	25
	26	##NAME: SQLITE_USER_TABLE:0
	27	#
	28	# Suggested format of the table specified by SQLITE_USER_TABLE:
	29	#
	30	# CREATE TABLE passwd (
	31	# id text not null primary key,
	32	# crypt text, # Either...
	33	# clear text, # ... or
	34	# name text,
	35	# uid int,
	36	# gid int,
	37	# home text not null,
	38	# maildir text,
	39	# defaultdelivery text,
	40	# quota text,
	41	# options text);
	42	#
	43	# Use either crypt or clear, to specify whether cleartext or crypted passwords
	44	# get used (and define either SQLITE_CRYPT_PWFIELD or SQLITE_CLEAR_PWFIELD,
	45	# below, accordingly).
	46
	47	SQLITE_USER_TABLE passwd
	48
	49	##NAME: SQLITE_CRYPT_PWFIELD:0
	50	#
	51	# Either SQLITE_CRYPT_PWFIELD or SQLITE_CLEAR_PWFIELD must be defined. Both
	52	# are OK too. crypted passwords go into SQLITE_CRYPT_PWFIELD, cleartext
	53	# passwords go into SQLITE_CLEAR_PWFIELD. Cleartext passwords allow
	54	# CRAM-MD5 authentication to be implemented.
	55
	56	SQLITE_CRYPT_PWFIELD crypt
	57
	58	##NAME: SQLITE_CLEAR_PWFIELD:0
	59	#
	60	#
	61	# SQLITE_CLEAR_PWFIELD clear
	62
	63	##NAME: SQLITE_DEFAULT_DOMAIN:0
	64	#
65	# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
66	# we will search for 'user@DEFAULT_DOMAIN' instead.
67	#
68	#
69	# DEFAULT_DOMAIN example.com
70
71	##NAME: SQLITE_UID_FIELD:0
72	#
73	# Other fields in the sqlite table:
74	#
75	# SQLITE_UID_FIELD - contains the numerical userid of the account
76	#
77	SQLITE_UID_FIELD uid
78
79	##NAME: SQLITE_GID_FIELD:0
80	#
81	# Numerical groupid of the account
82
83	SQLITE_GID_FIELD gid
84
85	##NAME: SQLITE_LOGIN_FIELD:0
86	#
87	# The login id, default is id. Basically the query is:
88	#
89	# SELECT SQLITE_UID_FIELD, SQLITE_GID_FIELD, ... WHERE id='loginid'
90	#
91
92	SQLITE_LOGIN_FIELD id
93
94	##NAME: SQLITE_HOME_FIELD:0
95	#
96
97	SQLITE_HOME_FIELD home
98
99	##NAME: SQLITE_NAME_FIELD:0
100	#
101	# The user's name (optional)
102
103	SQLITE_NAME_FIELD name
104
105	##NAME: SQLITE_MAILDIR_FIELD:0
106	#
107	# This is an optional field, and can be used to specify an arbitrary
108	# location of the maildir for the account, which normally defaults to
109	# $HOME/Maildir (where $HOME is read from SQLITE_HOME_FIELD).
110	#
111	# You still need to provide a SQLITE_HOME_FIELD, even if you uncomment this
112	# out.
113	#
114	# SQLITE_MAILDIR_FIELD maildir
115
116	##NAME: SQLITE_DEFAULTDELIVERY:0
117	#
118	# Courier mail server only: optional field specifies custom mail delivery
119	# instructions for this account (if defined) -- essentially overrides
120	# DEFAULTDELIVERY from ${sysconfdir}/courierd
121	#
122	# SQLITE_DEFAULTDELIVERY defaultdelivery
123
124	##NAME: SQLITE_QUOTA_FIELD:0
125	#
126	# Define SQLITE_QUOTA_FIELD to be the name of the field that can optionally
127	# specify a maildir quota. See README.maildirquota for more information
128	#
129	# SQLITE_QUOTA_FIELD quota
130
131	##NAME: SQLITE_AUXOPTIONS:0
132	#
133	# Auxiliary options. The SQLITE_AUXOPTIONS field should be a char field that
134	# contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
135	# pairs. These names are additional attributes that define various per-account
136	# "options", as given in INSTALL's description of the "Account OPTIONS"
137	# setting.
138	#
139	# SQLITE_AUXOPTIONS_FIELD options
140	#
141	# You might want to try something like this, if you'd like to use a bunch
142	# of individual fields, instead of a single text blob:
143	#
144	# SQLITE_AUXOPTIONS_FIELD "disableimap=" \|\| disableimap \|\| ",disablepop3=" \|\| disablepop3 \|\| ",disablewebmail=" \|\| disablewebmail \|\| ",sharedgroup=" \|\| sharedgroup
145	#
146	# This will let you define fields called "disableimap", etc, with the end result
147	# being something that the OPTIONS parser understands.
148
149
150	##NAME: SQLITE_WHERE_CLAUSE:0
151	#
152	# This is optional, SQLITE_WHERE_CLAUSE can be basically set to an arbitrary
153	# fixed string that is appended to the WHERE clause of our query
154	#
155	# SQLITE_WHERE_CLAUSE server='mailhost.example.com'
156
157	##NAME: SQLITE_SELECT_CLAUSE:0
158	#
159	# This is optional, SQLITE_SELECT_CLAUSE can be set when you have a database,
160	# which is structuraly different from the proposed layout. The fixed string will
161	# be used to do a SELECT operation on database, which should return fields
162	# in order specified bellow:
163	#
164	# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
165	#
166	# The username field should include the domain (see example below).
167	#
168	# Enabling this option causes ignorance of any other field-related
169	# options, excluding default domain.
170	#
171	# There are two variables, which you can use. Substitution will be made
172	# for them, so you can put entered username (local part) and domain name
173	# in the right place of your query. These variables are:
174	# $(local_part), $(domain), $(service)
175	#
176	# If a $(domain) is empty (not given by the remote user) the default domain
177	# name is used in its place.
178	#
179	# $(service) will expand out to the service being authenticated: imap, imaps,
180	# pop3 or pop3s. Courier mail server only: service will also expand out to
181	# "courier", when searching for local mail account's location. In this case,
182	# if the "maildir" field is not empty it will be used in place of
183	# DEFAULTDELIVERY. Courier mail server will also use esmtp when doing
184	# authenticated ESMTP.
185	#
186	# For example:
187	#
188	# SQLITE_SELECT_CLAUSE SELECT popbox.local_part \|\| '@' \|\| popbox.domain_name,\
189	# '{MD5}' \|\| popbox.password_hash), \
190	# popbox.clearpw, \
191	# domain.uid, \
192	# domain.gid, \
193	# domain.path \|\| '/' \|\| popbox.mbox_name, \
194	# '', \
195	# domain.quota, \
196	# '', \
197	# "disableimap=" \|\| disableimap \|\| ",disablepop3=" \|\| \
198	# disablepop3 \|\| ",disablewebmail=" \|\| disablewebmail \|\| \
199	# ",sharedgroup=" \|\| sharedgroup \
200	# FROM popbox, domain \
201	# WHERE popbox.local_part = '$(local_part)' \
202	# AND popbox.domain_name = '$(domain)' \
203	# AND popbox.domain_name = domain.domain_name
204
205
206	##NAME: SQLITE_ENUMERATE_CLAUSE:1
207	#
208	# Optional custom SQL query used to enumerate accounts for authenumerate,
209	# in order to compile a list of accounts for shared folders. The query
210	# should return the following fields: name, uid, gid, homedir, maildir, options
211	#
212	# Example:
213	# SQLITE_ENUMERATE_CLAUSE SELECT popbox.local_part \|\| '@' \|\| popbox.domain_name, \
214	# domain.uid, \
215	# domain.gid, \
216	# domain.path \|\| '/' \|\| popbox.mbox_name, \
217	# '', \
218	# 'sharedgroup=' \|\| sharedgroup \
219	# FROM popbox, domain \
220	# WHERE popbox.local_part = '$(local_part)' \
221	# AND popbox.domain_name = '$(domain)' \
222	# AND popbox.domain_name = domain.domain_name
223
224
225	##NAME: SQLITE_CHPASS_CLAUSE:0
226	#
227	# This is optional, SQLITE_CHPASS_CLAUSE can be set when you have a database,
228	# which is structuraly different from proposed. The fixed string will
229	# be used to do an UPDATE operation on database. In other words, it is
230	# used, when changing passwords. This is used by sqwebmail/Courier webmail.
231	#
232	# There are four variables, which you can use. Substitution will be made
233	# for them, so you can put entered username (local part) and domain name
234	# in the right place of your query. There variables are:
235	# $(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
236	#
237	# If a $(domain) is empty (not given by the remote user) the default domain
238	# name is used in its place.
239	# $(newpass) contains plain password
240	# $(newpass_crypt) contains its crypted form
241	#
242	# SQLITE_CHPASS_CLAUSE UPDATE popbox \
243	# SET clearpw='$(newpass)', \
244	# password_hash='$(newpass_crypt)' \
245	# WHERE local_part='$(local_part)' \
246	# AND domain_name='$(domain)'
247	#