This file is indexed.

/etc/courier/authpgsqlrc is in courier-authlib-postgresql 0.68.0-4build1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
##VERSION: $Id: c6a82fc8c0bd0e858ca7c133640ed14769e3e04c-20160501082012$
#
# Copyright 2000-2004 Double Precision, Inc.  See COPYING for
# distribution information.
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# authpgsqlrc created from authpgsqlrc.dist by sysconftool
#
# DO NOT INSTALL THIS FILE with world read permissions.  This file
# might contain the PostgreSQL admin password!
#
# Each line in this file must follow the following format:
#
# field[spaces|tabs]value
#
# That is, the name of the field, followed by spaces or tabs, followed by
# field value.  Trailing spaces are prohibited.


##NAME: LOCATION:1
#
# The server hostname, port, userid, and password used to log in.
#
# See Postgresql's documenation for PQconnectdb(), for other options that
# you can use here.

PGSQL_CONNECTION        \
          host=pgsql.example.com \
	  port=5400              \
	  user=admin             \
	  password=admin

##NAME: PGSQL_DATABASE:0
#
# The name of the PostgreSQL database we will open:

PGSQL_DATABASE		template1

##NAME: PGSQL_CHARACTER_SET:0
#
# Optionally install a character set mapping. Restart authdaemond, send a test
# query using authtest and check for error messages in syslog/maillog.
#
# PGSQL_CHARACTER_SET	UTF8

##NAME: PGSQL_USER_TABLE:0
#
# The name of the table containing your user data.  See README.authmysqlrc
# for the required fields in this table (both MySQL and Postgress use the
# same suggested layout.

PGSQL_USER_TABLE	passwd

##NAME: PGSQL_CRYPT_PWFIELD:0
#
# Either PGSQL_CRYPT_PWFIELD or PGSQL_CLEAR_PWFIELD must be defined.  Both
# are OK too. crypted passwords go into PGSQL_CRYPT_PWFIELD, cleartext
# passwords go into PGSQL_CLEAR_PWFIELD.  Cleartext passwords allow
# CRAM-MD5 authentication to be implemented.

PGSQL_CRYPT_PWFIELD	crypt

##NAME: PGSQL_CLEAR_PWFIELD:0
#
#
# PGSQL_CLEAR_PWFIELD	clear

##NAME: PGSQL_DEFAULT_DOMAIN:0
#
# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
# we will look up 'user@DEFAULT_DOMAIN' instead.
#
#
# DEFAULT_DOMAIN		example.com

##NAME: PGSQL_UID_FIELD:0
#
# Other fields in the mysql table:
#
# PGSQL_UID_FIELD - contains the numerical userid of the account
#
PGSQL_UID_FIELD		uid

##NAME: PGSQL_GID_FIELD:0
#
# Numerical groupid of the account

PGSQL_GID_FIELD		gid

##NAME: PGSQL_LOGIN_FIELD:0
#
# The login id, default is id.  Basically the query is:
#
#  SELECT PGSQL_UID_FIELD, PGSQL_GID_FIELD, ... WHERE id='loginid'
#

PGSQL_LOGIN_FIELD	id

##NAME: PGSQL_HOME_FIELD:0
#

PGSQL_HOME_FIELD	home

##NAME: PGSQL_NAME_FIELD:0
#
# The user's name (optional)

PGSQL_NAME_FIELD	name

##NAME: PGSQL_MAILDIR_FIELD:0
#
# This is an optional field, and can be used to specify an arbitrary
# location of the maildir for the account, which normally defaults to
# $HOME/Maildir (where $HOME is read from PGSQL_HOME_FIELD).
#
# You still need to provide a PGSQL_HOME_FIELD, even if you uncomment this
# out.
#
# PGSQL_MAILDIR_FIELD	maildir

##NAME: PGSQL_DEFAULTDELIVERY:0
#
# Courier mail server only: optional field specifies custom mail delivery
# instructions for this account (if defined) -- essentially overrides
# DEFAULTDELIVERY from ${sysconfdir}/courierd
#
# PGSQL_DEFAULTDELIVERY defaultDelivery

##NAME: PGSQL_QUOTA_FIELD:0
#
# Define PGSQL_QUOTA_FIELD to be the name of the field that can optionally
# specify a maildir quota.  See README.maildirquota for more information
#
# PGSQL_QUOTA_FIELD	quota

##NAME: PGSQL_AUXOPTIONS:0
#
# Auxiliary options.  The PGSQL_AUXOPTIONS field should be a char field that
# contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
# pairs.  These names are additional attributes that define various per-account
# "options", as given in  INSTALL's description of the "Account OPTIONS"
# setting.
#
# PGSQL_AUXOPTIONS_FIELD	auxoptions
#
# You might want to try something like this, if you'd like to use a bunch
# of individual fields, instead of a single text blob:
#
# PGSQL_AUXOPTIONS_FIELD	'disableimap=' || disableimap || ',disablepop3=' || disablepop3 || ',disablewebmail=' || disablewebmail || ',sharedgroup=' || sharedgroup
#
# This will let you define fields called "disableimap", etc, with the end result
# being something that the OPTIONS parser understands.

##NAME: PGSQL_WHERE_CLAUSE:0
#
# This is optional, PGSQL_WHERE_CLAUSE can be basically set to an arbitrary
# fixed string that is appended to the WHERE clause of our query
#
# PGSQL_WHERE_CLAUSE	server='mailhost.example.com'

##NAME: PGSQL_SELECT_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, PGSQL_SELECT_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do a SELECT operation on database, which should return fields
# in order specified bellow:
#
# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
#
# Enabling this option causes ignorance of any other field-related
# options, excluding default domain.
#
# There are two variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. These variables are:
#	 	$(local_part), $(domain), and $(service)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
#
# $(service) will expand out to the service being authenticated: imap, imaps,
# pop3 or pop3s.  Courier mail server only: service will also expand out to
# "courier", when searching for local mail account's location.  In this case,
# if the "maildir" field is not empty it will be used in place of
# DEFAULTDELIVERY.  Courier mail server will also use esmtp when doing
# authenticated ESMTP.
#
# This example is a little bit modified adaptation of vmail-sql
# database scheme:
#
# PGSQL_SELECT_CLAUSE	SELECT popbox.local_part,			\
#			'{MD5}' || popbox.password_hash,		\
#			popbox.clearpw,					\
#			domain.uid,					\
#			domain.gid,					\
#			domain.path || '/' || popbox.mbox_name),	\
#			'',						\
#			domain.quota,					\
#			'',						\
#			FROM popbox, domain				\
#			WHERE popbox.local_part = '$(local_part)'	\
#			AND popbox.domain_name = '$(domain)'		\
#			AND popbox.domain_name = domain.domain_name


##NAME: PGSQL_ENUMERATE_CLAUSE:1
#
# {EXPERIMENTAL}
# Optional custom SQL query used to enumerate accounts for authenumerate,
# in order to compile a list of accounts for shared folders.  The query
# should return the following fields: name, uid, gid, homedir, maildir, options
#
# Example:
# PGSQL_ENUMERATE_CLAUSE	SELECT popbox.local_part || '@' || popbox.domain_name,	\
#			domain.uid,					\
#			domain.gid,					\
#			domain.path || '/' || popbox.mbox_name,		\
#			'',						\
#			'sharedgroup=' || sharedgroup			\
#			FROM popbox, domain				\
#			WHERE popbox.local_part = '$(local_part)'	\
#			AND popbox.domain_name = '$(domain)'		\
#			AND popbox.domain_name = domain.domain_name


##NAME: PGSQL_CHPASS_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, PGSQL_CHPASS_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do an UPDATE operation on database. In other words, it is
# used, when changing password.
#
# There are four variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. There variables are:
# 	$(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
# $(newpass) contains plain password
# $(newpass_crypt) contains its crypted form
#
# PGSQL_CHPASS_CLAUSE	UPDATE	popbox					\
#			SET	clearpw='$(newpass)',			\
#				password_hash='$(newpass_crypt)'	\
#			WHERE	local_part='$(local_part)'		\
#			AND	domain_name='$(domain)'
#


##NAME: MARKER:0
#
# Do not remove this section from this configuration file. This section
# must be present at the end of this file.