1 ##VERSION: $Id: authsqliterc 17 2011-04-04 02:07:37Z mrsam $
3 # Copyright 2012 Double Precision, Inc. See COPYING for
4 # distribution information.
6 # Do not alter lines that begin with ##, they are used when upgrading
9 # authsqliterc created from authsqliterc.dist by sysconftool
11 # Each line in this file must follow the following format:
13 # field[spaces|tabs]value
15 # That is, the name of the field, followed by spaces or tabs, followed by
16 # field value. Trailing spaces are prohibited.
21 # The SQLite database. You must create this database beforehand, and create
22 # the users table, as defined below.
24 SQLITE_DATABASE /var/users.db
26 ##NAME: SQLITE_USER_TABLE:0
28 # Suggested format of the table specified by SQLITE_USER_TABLE:
30 # CREATE TABLE passwd (
31 # id text not null primary key,
32 # crypt text, # Either...
33 # clear text, # ... or
39 # defaultdelivery text,
43 # Use either crypt or clear, to specify whether cleartext or crypted passwords
44 # get used (and define either SQLITE_CRYPT_PWFIELD or SQLITE_CLEAR_PWFIELD,
45 # below, accordingly).
47 SQLITE_USER_TABLE passwd
49 ##NAME: SQLITE_CRYPT_PWFIELD:0
51 # Either SQLITE_CRYPT_PWFIELD or SQLITE_CLEAR_PWFIELD must be defined. Both
52 # are OK too. crypted passwords go into SQLITE_CRYPT_PWFIELD, cleartext
53 # passwords go into SQLITE_CLEAR_PWFIELD. Cleartext passwords allow
54 # CRAM-MD5 authentication to be implemented.
56 SQLITE_CRYPT_PWFIELD crypt
58 ##NAME: SQLITE_CLEAR_PWFIELD:0
61 # SQLITE_CLEAR_PWFIELD clear
63 ##NAME: SQLITE_DEFAULT_DOMAIN:0
65 # If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
66 # we will search for 'user@DEFAULT_DOMAIN' instead.
69 # DEFAULT_DOMAIN example.com
71 ##NAME: SQLITE_UID_FIELD:0
73 # Other fields in the sqlite table:
75 # SQLITE_UID_FIELD - contains the numerical userid of the account
79 ##NAME: SQLITE_GID_FIELD:0
81 # Numerical groupid of the account
85 ##NAME: SQLITE_LOGIN_FIELD:0
87 # The login id, default is id. Basically the query is:
89 # SELECT SQLITE_UID_FIELD, SQLITE_GID_FIELD, ... WHERE id='loginid'
94 ##NAME: SQLITE_HOME_FIELD:0
97 SQLITE_HOME_FIELD home
99 ##NAME: SQLITE_NAME_FIELD:0
101 # The user's name (optional)
103 SQLITE_NAME_FIELD name
105 ##NAME: SQLITE_MAILDIR_FIELD:0
107 # This is an optional field, and can be used to specify an arbitrary
108 # location of the maildir for the account, which normally defaults to
109 # $HOME/Maildir (where $HOME is read from SQLITE_HOME_FIELD).
111 # You still need to provide a SQLITE_HOME_FIELD, even if you uncomment this
114 # SQLITE_MAILDIR_FIELD maildir
116 ##NAME: SQLITE_DEFAULTDELIVERY:0
118 # Courier mail server only: optional field specifies custom mail delivery
119 # instructions for this account (if defined) -- essentially overrides
120 # DEFAULTDELIVERY from ${sysconfdir}/courierd
122 # SQLITE_DEFAULTDELIVERY defaultdelivery
124 ##NAME: SQLITE_QUOTA_FIELD:0
126 # Define SQLITE_QUOTA_FIELD to be the name of the field that can optionally
127 # specify a maildir quota. See README.maildirquota for more information
129 # SQLITE_QUOTA_FIELD quota
131 ##NAME: SQLITE_AUXOPTIONS:0
133 # Auxiliary options. The SQLITE_AUXOPTIONS field should be a char field that
134 # contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
135 # pairs. These names are additional attributes that define various per-account
136 # "options", as given in INSTALL's description of the "Account OPTIONS"
139 # SQLITE_AUXOPTIONS_FIELD options
141 # You might want to try something like this, if you'd like to use a bunch
142 # of individual fields, instead of a single text blob:
144 # SQLITE_AUXOPTIONS_FIELD "disableimap=" || disableimap || ",disablepop3=" || disablepop3 || ",disablewebmail=" || disablewebmail || ",sharedgroup=" || sharedgroup
146 # This will let you define fields called "disableimap", etc, with the end result
147 # being something that the OPTIONS parser understands.
150 ##NAME: SQLITE_WHERE_CLAUSE:0
152 # This is optional, SQLITE_WHERE_CLAUSE can be basically set to an arbitrary
153 # fixed string that is appended to the WHERE clause of our query
155 # SQLITE_WHERE_CLAUSE server='mailhost.example.com'
157 ##NAME: SQLITE_SELECT_CLAUSE:0
159 # This is optional, SQLITE_SELECT_CLAUSE can be set when you have a database,
160 # which is structuraly different from the proposed layout. The fixed string will
161 # be used to do a SELECT operation on database, which should return fields
162 # in order specified bellow:
164 # username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
166 # The username field should include the domain (see example below).
168 # Enabling this option causes ignorance of any other field-related
169 # options, excluding default domain.
171 # There are two variables, which you can use. Substitution will be made
172 # for them, so you can put entered username (local part) and domain name
173 # in the right place of your query. These variables are:
174 # $(local_part), $(domain), $(service)
176 # If a $(domain) is empty (not given by the remote user) the default domain
177 # name is used in its place.
179 # $(service) will expand out to the service being authenticated: imap, imaps,
180 # pop3 or pop3s. Courier mail server only: service will also expand out to
181 # "courier", when searching for local mail account's location. In this case,
182 # if the "maildir" field is not empty it will be used in place of
183 # DEFAULTDELIVERY. Courier mail server will also use esmtp when doing
184 # authenticated ESMTP.
188 # SQLITE_SELECT_CLAUSE SELECT popbox.local_part || '@' || popbox.domain_name,\
189 # '{MD5}' || popbox.password_hash), \
193 # domain.path || '/' || popbox.mbox_name, \
197 # "disableimap=" || disableimap || ",disablepop3=" || \
198 # disablepop3 || ",disablewebmail=" || disablewebmail || \
199 # ",sharedgroup=" || sharedgroup \
200 # FROM popbox, domain \
201 # WHERE popbox.local_part = '$(local_part)' \
202 # AND popbox.domain_name = '$(domain)' \
203 # AND popbox.domain_name = domain.domain_name
206 ##NAME: SQLITE_ENUMERATE_CLAUSE:1
208 # Optional custom SQL query used to enumerate accounts for authenumerate,
209 # in order to compile a list of accounts for shared folders. The query
210 # should return the following fields: name, uid, gid, homedir, maildir, options
213 # SQLITE_ENUMERATE_CLAUSE SELECT popbox.local_part || '@' || popbox.domain_name, \
216 # domain.path || '/' || popbox.mbox_name, \
218 # 'sharedgroup=' || sharedgroup \
219 # FROM popbox, domain \
220 # WHERE popbox.local_part = '$(local_part)' \
221 # AND popbox.domain_name = '$(domain)' \
222 # AND popbox.domain_name = domain.domain_name
225 ##NAME: SQLITE_CHPASS_CLAUSE:0
227 # This is optional, SQLITE_CHPASS_CLAUSE can be set when you have a database,
228 # which is structuraly different from proposed. The fixed string will
229 # be used to do an UPDATE operation on database. In other words, it is
230 # used, when changing passwords. This is used by sqwebmail/Courier webmail.
232 # There are four variables, which you can use. Substitution will be made
233 # for them, so you can put entered username (local part) and domain name
234 # in the right place of your query. There variables are:
235 # $(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
237 # If a $(domain) is empty (not given by the remote user) the default domain
238 # name is used in its place.
239 # $(newpass) contains plain password
240 # $(newpass_crypt) contains its crypted form
242 # SQLITE_CHPASS_CLAUSE UPDATE popbox \
243 # SET clearpw='$(newpass)', \
244 # password_hash='$(newpass_crypt)' \
245 # WHERE local_part='$(local_part)' \
246 # AND domain_name='$(domain)'