Commit | Line | Data |
---|---|---|
b0322a85 CE |
1 | ##VERSION: $Id: authsqliterc 17 2011-04-04 02:07:37Z mrsam $ |
2 | # | |
3 | # Copyright 2012 Double Precision, Inc. See COPYING for | |
4 | # distribution information. | |
5 | # | |
6 | # Do not alter lines that begin with ##, they are used when upgrading | |
7 | # this configuration. | |
8 | # | |
9 | # authsqliterc created from authsqliterc.dist by sysconftool | |
10 | # | |
11 | # Each line in this file must follow the following format: | |
12 | # | |
13 | # field[spaces|tabs]value | |
14 | # | |
15 | # That is, the name of the field, followed by spaces or tabs, followed by | |
16 | # field value. Trailing spaces are prohibited. | |
17 | ||
18 | ||
19 | ##NAME: LOCATION:0 | |
20 | # | |
21 | # The SQLite database. You must create this database beforehand, and create | |
22 | # the users table, as defined below. | |
23 | ||
24 | SQLITE_DATABASE /var/users.db | |
25 | ||
26 | ##NAME: SQLITE_USER_TABLE:0 | |
27 | # | |
28 | # Suggested format of the table specified by SQLITE_USER_TABLE: | |
29 | # | |
30 | # CREATE TABLE passwd ( | |
31 | # id text not null primary key, | |
32 | # crypt text, # Either... | |
33 | # clear text, # ... or | |
34 | # name text, | |
35 | # uid int, | |
36 | # gid int, | |
37 | # home text not null, | |
38 | # maildir text, | |
39 | # defaultdelivery text, | |
40 | # quota text, | |
41 | # options text); | |
42 | # | |
43 | # Use either crypt or clear, to specify whether cleartext or crypted passwords | |
44 | # get used (and define either SQLITE_CRYPT_PWFIELD or SQLITE_CLEAR_PWFIELD, | |
45 | # below, accordingly). | |
46 | ||
47 | SQLITE_USER_TABLE passwd | |
48 | ||
49 | ##NAME: SQLITE_CRYPT_PWFIELD:0 | |
50 | # | |
51 | # Either SQLITE_CRYPT_PWFIELD or SQLITE_CLEAR_PWFIELD must be defined. Both | |
52 | # are OK too. crypted passwords go into SQLITE_CRYPT_PWFIELD, cleartext | |
53 | # passwords go into SQLITE_CLEAR_PWFIELD. Cleartext passwords allow | |
54 | # CRAM-MD5 authentication to be implemented. | |
55 | ||
56 | SQLITE_CRYPT_PWFIELD crypt | |
57 | ||
58 | ##NAME: SQLITE_CLEAR_PWFIELD:0 | |
59 | # | |
60 | # | |
61 | # SQLITE_CLEAR_PWFIELD clear | |
62 | ||
63 | ##NAME: SQLITE_DEFAULT_DOMAIN:0 | |
64 | # | |
65 | # If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', | |
66 | # we will search for 'user@DEFAULT_DOMAIN' instead. | |
67 | # | |
68 | # | |
69 | # DEFAULT_DOMAIN example.com | |
70 | ||
71 | ##NAME: SQLITE_UID_FIELD:0 | |
72 | # | |
73 | # Other fields in the sqlite table: | |
74 | # | |
75 | # SQLITE_UID_FIELD - contains the numerical userid of the account | |
76 | # | |
77 | SQLITE_UID_FIELD uid | |
78 | ||
79 | ##NAME: SQLITE_GID_FIELD:0 | |
80 | # | |
81 | # Numerical groupid of the account | |
82 | ||
83 | SQLITE_GID_FIELD gid | |
84 | ||
85 | ##NAME: SQLITE_LOGIN_FIELD:0 | |
86 | # | |
87 | # The login id, default is id. Basically the query is: | |
88 | # | |
89 | # SELECT SQLITE_UID_FIELD, SQLITE_GID_FIELD, ... WHERE id='loginid' | |
90 | # | |
91 | ||
92 | SQLITE_LOGIN_FIELD id | |
93 | ||
94 | ##NAME: SQLITE_HOME_FIELD:0 | |
95 | # | |
96 | ||
97 | SQLITE_HOME_FIELD home | |
98 | ||
99 | ##NAME: SQLITE_NAME_FIELD:0 | |
100 | # | |
101 | # The user's name (optional) | |
102 | ||
103 | SQLITE_NAME_FIELD name | |
104 | ||
105 | ##NAME: SQLITE_MAILDIR_FIELD:0 | |
106 | # | |
107 | # This is an optional field, and can be used to specify an arbitrary | |
108 | # location of the maildir for the account, which normally defaults to | |
109 | # $HOME/Maildir (where $HOME is read from SQLITE_HOME_FIELD). | |
110 | # | |
111 | # You still need to provide a SQLITE_HOME_FIELD, even if you uncomment this | |
112 | # out. | |
113 | # | |
114 | # SQLITE_MAILDIR_FIELD maildir | |
115 | ||
116 | ##NAME: SQLITE_DEFAULTDELIVERY:0 | |
117 | # | |
118 | # Courier mail server only: optional field specifies custom mail delivery | |
119 | # instructions for this account (if defined) -- essentially overrides | |
120 | # DEFAULTDELIVERY from ${sysconfdir}/courierd | |
121 | # | |
122 | # SQLITE_DEFAULTDELIVERY defaultdelivery | |
123 | ||
124 | ##NAME: SQLITE_QUOTA_FIELD:0 | |
125 | # | |
126 | # Define SQLITE_QUOTA_FIELD to be the name of the field that can optionally | |
127 | # specify a maildir quota. See README.maildirquota for more information | |
128 | # | |
129 | # SQLITE_QUOTA_FIELD quota | |
130 | ||
131 | ##NAME: SQLITE_AUXOPTIONS:0 | |
132 | # | |
133 | # Auxiliary options. The SQLITE_AUXOPTIONS field should be a char field that | |
134 | # contains a single string consisting of comma-separated "ATTRIBUTE=NAME" | |
135 | # pairs. These names are additional attributes that define various per-account | |
136 | # "options", as given in INSTALL's description of the "Account OPTIONS" | |
137 | # setting. | |
138 | # | |
139 | # SQLITE_AUXOPTIONS_FIELD options | |
140 | # | |
141 | # You might want to try something like this, if you'd like to use a bunch | |
142 | # of individual fields, instead of a single text blob: | |
143 | # | |
144 | # SQLITE_AUXOPTIONS_FIELD "disableimap=" || disableimap || ",disablepop3=" || disablepop3 || ",disablewebmail=" || disablewebmail || ",sharedgroup=" || sharedgroup | |
145 | # | |
146 | # This will let you define fields called "disableimap", etc, with the end result | |
147 | # being something that the OPTIONS parser understands. | |
148 | ||
149 | ||
150 | ##NAME: SQLITE_WHERE_CLAUSE:0 | |
151 | # | |
152 | # This is optional, SQLITE_WHERE_CLAUSE can be basically set to an arbitrary | |
153 | # fixed string that is appended to the WHERE clause of our query | |
154 | # | |
155 | # SQLITE_WHERE_CLAUSE server='mailhost.example.com' | |
156 | ||
157 | ##NAME: SQLITE_SELECT_CLAUSE:0 | |
158 | # | |
159 | # This is optional, SQLITE_SELECT_CLAUSE can be set when you have a database, | |
160 | # which is structuraly different from the proposed layout. The fixed string will | |
161 | # be used to do a SELECT operation on database, which should return fields | |
162 | # in order specified bellow: | |
163 | # | |
164 | # username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options | |
165 | # | |
166 | # The username field should include the domain (see example below). | |
167 | # | |
168 | # Enabling this option causes ignorance of any other field-related | |
169 | # options, excluding default domain. | |
170 | # | |
171 | # There are two variables, which you can use. Substitution will be made | |
172 | # for them, so you can put entered username (local part) and domain name | |
173 | # in the right place of your query. These variables are: | |
174 | # $(local_part), $(domain), $(service) | |
175 | # | |
176 | # If a $(domain) is empty (not given by the remote user) the default domain | |
177 | # name is used in its place. | |
178 | # | |
179 | # $(service) will expand out to the service being authenticated: imap, imaps, | |
180 | # pop3 or pop3s. Courier mail server only: service will also expand out to | |
181 | # "courier", when searching for local mail account's location. In this case, | |
182 | # if the "maildir" field is not empty it will be used in place of | |
183 | # DEFAULTDELIVERY. Courier mail server will also use esmtp when doing | |
184 | # authenticated ESMTP. | |
185 | # | |
186 | # For example: | |
187 | # | |
188 | # SQLITE_SELECT_CLAUSE SELECT popbox.local_part || '@' || popbox.domain_name,\ | |
189 | # '{MD5}' || popbox.password_hash), \ | |
190 | # popbox.clearpw, \ | |
191 | # domain.uid, \ | |
192 | # domain.gid, \ | |
193 | # domain.path || '/' || popbox.mbox_name, \ | |
194 | # '', \ | |
195 | # domain.quota, \ | |
196 | # '', \ | |
197 | # "disableimap=" || disableimap || ",disablepop3=" || \ | |
198 | # disablepop3 || ",disablewebmail=" || disablewebmail || \ | |
199 | # ",sharedgroup=" || sharedgroup \ | |
200 | # FROM popbox, domain \ | |
201 | # WHERE popbox.local_part = '$(local_part)' \ | |
202 | # AND popbox.domain_name = '$(domain)' \ | |
203 | # AND popbox.domain_name = domain.domain_name | |
204 | ||
205 | ||
206 | ##NAME: SQLITE_ENUMERATE_CLAUSE:1 | |
207 | # | |
208 | # Optional custom SQL query used to enumerate accounts for authenumerate, | |
209 | # in order to compile a list of accounts for shared folders. The query | |
210 | # should return the following fields: name, uid, gid, homedir, maildir, options | |
211 | # | |
212 | # Example: | |
213 | # SQLITE_ENUMERATE_CLAUSE SELECT popbox.local_part || '@' || popbox.domain_name, \ | |
214 | # domain.uid, \ | |
215 | # domain.gid, \ | |
216 | # domain.path || '/' || popbox.mbox_name, \ | |
217 | # '', \ | |
218 | # 'sharedgroup=' || sharedgroup \ | |
219 | # FROM popbox, domain \ | |
220 | # WHERE popbox.local_part = '$(local_part)' \ | |
221 | # AND popbox.domain_name = '$(domain)' \ | |
222 | # AND popbox.domain_name = domain.domain_name | |
223 | ||
224 | ||
225 | ##NAME: SQLITE_CHPASS_CLAUSE:0 | |
226 | # | |
227 | # This is optional, SQLITE_CHPASS_CLAUSE can be set when you have a database, | |
228 | # which is structuraly different from proposed. The fixed string will | |
229 | # be used to do an UPDATE operation on database. In other words, it is | |
230 | # used, when changing passwords. This is used by sqwebmail/Courier webmail. | |
231 | # | |
232 | # There are four variables, which you can use. Substitution will be made | |
233 | # for them, so you can put entered username (local part) and domain name | |
234 | # in the right place of your query. There variables are: | |
235 | # $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) | |
236 | # | |
237 | # If a $(domain) is empty (not given by the remote user) the default domain | |
238 | # name is used in its place. | |
239 | # $(newpass) contains plain password | |
240 | # $(newpass_crypt) contains its crypted form | |
241 | # | |
242 | # SQLITE_CHPASS_CLAUSE UPDATE popbox \ | |
243 | # SET clearpw='$(newpass)', \ | |
244 | # password_hash='$(newpass_crypt)' \ | |
245 | # WHERE local_part='$(local_part)' \ | |
246 | # AND domain_name='$(domain)' | |
247 | # |