| 1 | ##VERSION: $Id: authmysqlrc,v 1.19 2007/02/10 02:51:07 mrsam Exp $ |
| 2 | # |
| 3 | # Copyright 2000-2007 Double Precision, Inc. See COPYING for |
| 4 | # distribution information. |
| 5 | # |
| 6 | # Do not alter lines that begin with ##, they are used when upgrading |
| 7 | # this configuration. |
| 8 | # |
| 9 | # authmysqlrc created from authmysqlrc.dist by sysconftool |
| 10 | # |
| 11 | # DO NOT INSTALL THIS FILE with world read permissions. This file |
| 12 | # might contain the MySQL admin password! |
| 13 | # |
| 14 | # Each line in this file must follow the following format: |
| 15 | # |
| 16 | # field[spaces|tabs]value |
| 17 | # |
| 18 | # That is, the name of the field, followed by spaces or tabs, followed by |
| 19 | # field value. Trailing spaces are prohibited. |
| 20 | |
| 21 | |
| 22 | ##NAME: LOCATION:0 |
| 23 | # |
| 24 | # The server name, userid, and password used to log in. |
| 25 | |
| 26 | MYSQL_SERVER mysql.example.com |
| 27 | MYSQL_USERNAME admin |
| 28 | MYSQL_PASSWORD admin |
| 29 | |
| 30 | ##NAME: SSLINFO:0 |
| 31 | # |
| 32 | # The SSL information. |
| 33 | # |
| 34 | # To use SSL-encrypted connections, define the following variables (available |
| 35 | # in MySQL 4.0, or higher): |
| 36 | # |
| 37 | # |
| 38 | # MYSQL_SSL_KEY /path/to/file |
| 39 | # MYSQL_SSL_CERT /path/to/file |
| 40 | # MYSQL_SSL_CACERT /path/to/file |
| 41 | # MYSQL_SSL_CAPATH /path/to/file |
| 42 | # MYSQL_SSL_CIPHERS ALL:!DES |
| 43 | |
| 44 | ##NAME: MYSQL_SOCKET:0 |
| 45 | # |
| 46 | # MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the |
| 47 | # filesystem pipe used for the connection |
| 48 | # |
| 49 | # MYSQL_SOCKET /var/mysql/mysql.sock |
| 50 | |
| 51 | ##NAME: MYSQL_PORT:0 |
| 52 | # |
| 53 | # MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to |
| 54 | # connect to. |
| 55 | |
| 56 | MYSQL_PORT 0 |
| 57 | |
| 58 | ##NAME: MYSQL_OPT:0 |
| 59 | # |
| 60 | # Leave MYSQL_OPT as 0, unless you know what you're doing. |
| 61 | |
| 62 | MYSQL_OPT 0 |
| 63 | |
| 64 | ##NAME: MYSQL_DATABASE:0 |
| 65 | # |
| 66 | # The name of the MySQL database we will open: |
| 67 | |
| 68 | MYSQL_DATABASE mysql |
| 69 | |
| 70 | ##NAME: MYSQL_USER_TABLE:0 |
| 71 | # |
| 72 | # The name of the table containing your user data. See README.authmysqlrc |
| 73 | # for the required fields in this table. |
| 74 | |
| 75 | MYSQL_USER_TABLE passwd |
| 76 | |
| 77 | ##NAME: MYSQL_CRYPT_PWFIELD:0 |
| 78 | # |
| 79 | # Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined. Both |
| 80 | # are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext |
| 81 | # passwords go into MYSQL_CLEAR_PWFIELD. Cleartext passwords allow |
| 82 | # CRAM-MD5 authentication to be implemented. |
| 83 | |
| 84 | MYSQL_CRYPT_PWFIELD crypt |
| 85 | |
| 86 | ##NAME: MYSQL_CLEAR_PWFIELD:0 |
| 87 | # |
| 88 | # |
| 89 | # MYSQL_CLEAR_PWFIELD clear |
| 90 | |
| 91 | ##NAME: MYSQL_DEFAULT_DOMAIN:0 |
| 92 | # |
| 93 | # If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user', |
| 94 | # we will look up 'user@DEFAULT_DOMAIN' instead. |
| 95 | # |
| 96 | # |
| 97 | # DEFAULT_DOMAIN example.com |
| 98 | |
| 99 | ##NAME: MYSQL_UID_FIELD:0 |
| 100 | # |
| 101 | # Other fields in the mysql table: |
| 102 | # |
| 103 | # MYSQL_UID_FIELD - contains the numerical userid of the account |
| 104 | # |
| 105 | MYSQL_UID_FIELD uid |
| 106 | |
| 107 | ##NAME: MYSQL_GID_FIELD:0 |
| 108 | # |
| 109 | # Numerical groupid of the account |
| 110 | |
| 111 | MYSQL_GID_FIELD gid |
| 112 | |
| 113 | ##NAME: MYSQL_LOGIN_FIELD:0 |
| 114 | # |
| 115 | # The login id, default is id. Basically the query is: |
| 116 | # |
| 117 | # SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid' |
| 118 | # |
| 119 | |
| 120 | MYSQL_LOGIN_FIELD id |
| 121 | |
| 122 | ##NAME: MYSQL_HOME_FIELD:0 |
| 123 | # |
| 124 | |
| 125 | MYSQL_HOME_FIELD home |
| 126 | |
| 127 | ##NAME: MYSQL_NAME_FIELD:0 |
| 128 | # |
| 129 | # The user's name (optional) |
| 130 | |
| 131 | MYSQL_NAME_FIELD name |
| 132 | |
| 133 | ##NAME: MYSQL_MAILDIR_FIELD:0 |
| 134 | # |
| 135 | # This is an optional field, and can be used to specify an arbitrary |
| 136 | # location of the maildir for the account, which normally defaults to |
| 137 | # $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD). |
| 138 | # |
| 139 | # You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this |
| 140 | # out. |
| 141 | # |
| 142 | # MYSQL_MAILDIR_FIELD maildir |
| 143 | |
| 144 | ##NAME: MYSQL_DEFAULTDELIVERY:0 |
| 145 | # |
| 146 | # Courier mail server only: optional field specifies custom mail delivery |
| 147 | # instructions for this account (if defined) -- essentially overrides |
| 148 | # DEFAULTDELIVERY from ${sysconfdir}/courierd |
| 149 | # |
| 150 | # MYSQL_DEFAULTDELIVERY defaultdelivery |
| 151 | |
| 152 | ##NAME: MYSQL_QUOTA_FIELD:0 |
| 153 | # |
| 154 | # Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally |
| 155 | # specify a maildir quota. See README.maildirquota for more information |
| 156 | # |
| 157 | # MYSQL_QUOTA_FIELD quota |
| 158 | |
| 159 | ##NAME: MYSQL_AUXOPTIONS:0 |
| 160 | # |
| 161 | # Auxiliary options. The MYSQL_AUXOPTIONS field should be a char field that |
| 162 | # contains a single string consisting of comma-separated "ATTRIBUTE=NAME" |
| 163 | # pairs. These names are additional attributes that define various per-account |
| 164 | # "options", as given in INSTALL's description of the "Account OPTIONS" |
| 165 | # setting. |
| 166 | # |
| 167 | # MYSQL_AUXOPTIONS_FIELD auxoptions |
| 168 | # |
| 169 | # You might want to try something like this, if you'd like to use a bunch |
| 170 | # of individual fields, instead of a single text blob: |
| 171 | # |
| 172 | # MYSQL_AUXOPTIONS_FIELD CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup) |
| 173 | # |
| 174 | # This will let you define fields called "disableimap", etc, with the end result |
| 175 | # being something that the OPTIONS parser understands. |
| 176 | |
| 177 | |
| 178 | ##NAME: MYSQL_WHERE_CLAUSE:0 |
| 179 | # |
| 180 | # This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary |
| 181 | # fixed string that is appended to the WHERE clause of our query |
| 182 | # |
| 183 | # MYSQL_WHERE_CLAUSE server='mailhost.example.com' |
| 184 | |
| 185 | ##NAME: MYSQL_SELECT_CLAUSE:0 |
| 186 | # |
| 187 | # (EXPERIMENTAL) |
| 188 | # This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database, |
| 189 | # which is structuraly different from proposed. The fixed string will |
| 190 | # be used to do a SELECT operation on database, which should return fields |
| 191 | # in order specified bellow: |
| 192 | # |
| 193 | # username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options |
| 194 | # |
| 195 | # The username field should include the domain (see example below). |
| 196 | # |
| 197 | # Enabling this option causes ignorance of any other field-related |
| 198 | # options, excluding default domain. |
| 199 | # |
| 200 | # There are two variables, which you can use. Substitution will be made |
| 201 | # for them, so you can put entered username (local part) and domain name |
| 202 | # in the right place of your query. These variables are: |
| 203 | # $(local_part), $(domain), $(service) |
| 204 | # |
| 205 | # If a $(domain) is empty (not given by the remote user) the default domain |
| 206 | # name is used in its place. |
| 207 | # |
| 208 | # $(service) will expand out to the service being authenticated: imap, imaps, |
| 209 | # pop3 or pop3s. Courier mail server only: service will also expand out to |
| 210 | # "courier", when searching for local mail account's location. In this case, |
| 211 | # if the "maildir" field is not empty it will be used in place of |
| 212 | # DEFAULTDELIVERY. Courier mail server will also use esmtp when doing |
| 213 | # authenticated ESMTP. |
| 214 | # |
| 215 | # This example is a little bit modified adaptation of vmail-sql |
| 216 | # database scheme: |
| 217 | # |
| 218 | # MYSQL_SELECT_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \ |
| 219 | # CONCAT('{MD5}', popbox.password_hash), \ |
| 220 | # popbox.clearpw, \ |
| 221 | # domain.uid, \ |
| 222 | # domain.gid, \ |
| 223 | # CONCAT(domain.path, '/', popbox.mbox_name), \ |
| 224 | # '', \ |
| 225 | # domain.quota, \ |
| 226 | # '', \ |
| 227 | # CONCAT("disableimap=",disableimap,",disablepop3=", \ |
| 228 | # disablepop3,",disablewebmail=",disablewebmail, \ |
| 229 | # ",sharedgroup=",sharedgroup) \ |
| 230 | # FROM popbox, domain \ |
| 231 | # WHERE popbox.local_part = '$(local_part)' \ |
| 232 | # AND popbox.domain_name = '$(domain)' \ |
| 233 | # AND popbox.domain_name = domain.domain_name |
| 234 | |
| 235 | |
| 236 | ##NAME: MYSQL_ENUMERATE_CLAUSE:1 |
| 237 | # |
| 238 | # {EXPERIMENTAL} |
| 239 | # Optional custom SQL query used to enumerate accounts for authenumerate, |
| 240 | # in order to compile a list of accounts for shared folders. The query |
| 241 | # should return the following fields: name, uid, gid, homedir, maildir, options |
| 242 | # |
| 243 | # Example: |
| 244 | # MYSQL_ENUMERATE_CLAUSE SELECT CONCAT(popbox.local_part, '@', popbox.domain_name), \ |
| 245 | # domain.uid, \ |
| 246 | # domain.gid, \ |
| 247 | # CONCAT(domain.path, '/', popbox.mbox_name), \ |
| 248 | # '', \ |
| 249 | # CONCAT('sharedgroup=', sharedgroup) \ |
| 250 | # FROM popbox, domain \ |
| 251 | # WHERE popbox.local_part = '$(local_part)' \ |
| 252 | # AND popbox.domain_name = '$(domain)' \ |
| 253 | # AND popbox.domain_name = domain.domain_name |
| 254 | |
| 255 | |
| 256 | |
| 257 | ##NAME: MYSQL_CHPASS_CLAUSE:0 |
| 258 | # |
| 259 | # (EXPERIMENTAL) |
| 260 | # This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database, |
| 261 | # which is structuraly different from proposed. The fixed string will |
| 262 | # be used to do an UPDATE operation on database. In other words, it is |
| 263 | # used, when changing password. |
| 264 | # |
| 265 | # There are four variables, which you can use. Substitution will be made |
| 266 | # for them, so you can put entered username (local part) and domain name |
| 267 | # in the right place of your query. There variables are: |
| 268 | # $(local_part) , $(domain) , $(newpass) , $(newpass_crypt) |
| 269 | # |
| 270 | # If a $(domain) is empty (not given by the remote user) the default domain |
| 271 | # name is used in its place. |
| 272 | # $(newpass) contains plain password |
| 273 | # $(newpass_crypt) contains its crypted form |
| 274 | # |
| 275 | # MYSQL_CHPASS_CLAUSE UPDATE popbox \ |
| 276 | # SET clearpw='$(newpass)', \ |
| 277 | # password_hash='$(newpass_crypt)' \ |
| 278 | # WHERE local_part='$(local_part)' \ |
| 279 | # AND domain_name='$(domain)' |
| 280 | # |