

Passwd-file
===========


This file is compatible with a normal '/etc/passwd' file, and a password file used by libpam-pwdfile >>PAM<< plugin. It's in the following format: 

---%<-------------------------------------------------------------------------
user:password:uid:gid:(gecos):home:(shell):extra_fields
---%<-------------------------------------------------------------------------

For a password database it's enough to have only the user and password fields. For a user database, you need to set also uid, gid and preferably also home (see >>VirtualUsers<<). (gecos) and (shell) fields are unused by Dovecot. 
The password field can be in four formats: 

 * 'password': Assume CRYPT >>password scheme<<. 
 * '{SCHEME}password': The password is in the given >>scheme<<. 
 * 'password[13]': libpam-passwd file compatible format for CRYPT >>scheme<<. 
 * 'password[34]': libpam-passwd file compatible format for MD5 >>scheme<<. 
extra_fields is a space-separated list of key=value pairs which can be used to set various >>passdb settings<< and >>userdb settings<<. Keys which begin with a 'userdb_' prefix are used for userdb, others are used for passdb. So for example if you wish to override >>mail_location<< setting for one user, use 'userdb_mail=mbox:~/mail'. 


Multiple passwd files
=====================


You can use all the >>variables<< in the passwd-file filenames, for example: 

---%<-------------------------------------------------------------------------
passdb passwd-file {
  # Each domain has a separate passwd-file:
  args = /etc/auth/%d/passwd
}
---%<-------------------------------------------------------------------------

*v1.0 only*: If the filename contains %d, the usernames in the passwd file are expected to contain only the user, not the domain. If you want to use full "user@domain" usernames in the file, use %0.d instead. For v1.1, see below. 


Parameters
==========


These are available *only with v1.1* and later: 

 * *scheme=<s>*: Allows you to specify the default password scheme. The default is CRYPT. This is available only for passdb. 
 * *username_format=<s>*: Look up usernames using this format instead of the full username ('%u'). If you want to enable user@domain logins but have only "user" in the file, set this to '%n'. 
For example: 

---%<-------------------------------------------------------------------------
passdb passwd-file {
  args = scheme=plain-md5 username_format=%n /etc/imap.passwd
}
userdb passwd-file {
  args = username_format=%n /etc/imap.passwd
}
---%<-------------------------------------------------------------------------



Examples
========


This file can be used as a passdb: 

---%<-------------------------------------------------------------------------
user:{plain}password
user2:{plain}password2
---%<-------------------------------------------------------------------------

This file can be used as both a passwd and a userdb: 

---%<-------------------------------------------------------------------------
user:{plain}pass:1000:1000::/home/user::userdb_mail=maildir:~/Maildir allow_nets=192.168.0.0/24
user2:{plain}pass2:1001:1001::/home/user2
---%<-------------------------------------------------------------------------

(This file was created from the wiki on 2007-12-11 04:42)
