First Last Prev Next    This bug is not in your last search results.
Bug 56520 - UCR mail/dovecot/logging/auth_verbose_passwords Type is bool but should be str
UCR mail/dovecot/logging/auth_verbose_passwords Type is bool but should be str
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Mail
UCS 5.0
Other Linux
: P5 normal (vote)
: UCS 5.0-6-errata
Assigned To: Juan Carlos
Christian Castens
https://git.knut.univention.de/univen...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2023-09-04 12:02 CEST by Daniel Tröder
Modified: 2024-03-07 13:07 CET (History)
1 user (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 1: Nuisance – not a big deal but noticeable
User Pain: 0.017
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): bitesize
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Tröder univentionstaff 2023-09-04 12:02:06 CEST 
The UCR variables type for mail/dovecot/logging/auth_verbose_passwords is set to "bool", but should be "str".
This leads to a warning:


$ ucr set mail/dovecot/logging/auth_verbose_passwords=plain

W: Value 'plain' incompatible for 'mail/dovecot/logging/auth_verbose_passwords', but setting anyway

[mail/dovecot/logging/auth_verbose_passwords]
Description[de]=Im Fall von falschen Passwörtern, logge die verwendeten Passwörter. Gültige Werte sind "no", "plain" und "sha1". "sha1" kann nützlich sein um brute force Passwort Angriffe unterscheiden zu können von Benutzern die immer wieder das gleiche Passwort versuchen.
Description[en]=In case of password mismatches, log the attempted password. Valid values are "no", "plain" and "sha1". "sha1" can be useful for detecting brute force password attempts vs. user simply trying the same password over and over again.
Comment 1 Juan Carlos univentionstaff 2024-03-04 09:50:46 CET 
UCRV type changed to str

----

Package:

Package: univention-mail-dovecot
Version: 6.0.8-2
Branch: ucs_5.0-0
Scope: errata5.0-6
Comment 2 Juan Carlos univentionstaff 2024-03-04 12:20:36 CET 
Commits:

0820bb3bc6868f877e20e38fd1c5d16dec1c0dfe
Comment 3 Christian Castens univentionstaff 2024-03-04 12:28:43 CET 
QA:
  advisories: OK
  UCRV type changed + no more warning: OK

Waiting for the overnight test run
Comment 4 Christian Castens univentionstaff 2024-03-05 12:04:02 CET 
QA:
  no related errors in the overnight test run: OK
First Last Prev Next    This bug is not in your last search results.