Bug 243983

Summary: [RFE] Dovecot should provide a way for users to change their passwords
Product: Red Hat Enterprise Linux 5 Reporter: Răzvan Sandu <rsandu2004>
Component: dovecotAssignee: Tomas Janousek <tjanouse>
Status: CLOSED WONTFIX QA Contact:
Severity: high Docs Contact:
Priority: low    
Version: 5.1   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-15 13:52:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Răzvan Sandu 2007-06-13 08:18:56 UTC 
Description of problem:


Hello,

IMHO, the following is a major limitation / missing feature in dovecot:

Regular users should be provided with a facile way of changing their own
password, without administrator's intervention.

This mechanism should meet the following criteria:

- can be done remotely, in a facile way (via a Web interface ?)

- should be 100% independent of the way users are defined in dovecot (plain text
files, databases, LDAP, etc. )

- users should not be able to modify other dovecot parameters (as they can via
Webmin or other remote administration solutions)

- should be present in the default dovecot repository (probably as a separate
.rpm package)

- should integrate nicely with other related packages (sendmail, postfix,
squirrelmail, Fedora Directory Server, openldap, etc.)


I'm marking this as "severity=high" because I consider it of general interest,
for a large mass of users.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:

dovecot doesn't provide a way for regular users to change their own password
(without administrator's intervention).

Expected results:

Such a way should exist; it should be accesible remotely in a facile way and
should be independent of the database backend used for usernames and passwords.


Additional info:
Comment 1 Tomas Janousek 2007-06-13 10:44:24 UTC 
It may be possible to extend dovecot-auth to support password changing. The
upstream's plan is to split dovecot-auth and add some general purpose
binaries/libs around it. These may be used from the web frontend, or the
frontend may talk to dovecot-auth itself. The web frontend should not be a part
of the dovecot package. I suppose one can just write a dovecot-auth backend for
an existing password changing webinterface.
Comment 2 RHEL Program Management 2007-10-31 18:25:13 UTC 
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 3 Tomas Janousek 2007-11-13 16:56:08 UTC 
It's not clear what to do, upstream hasn't moved any further in this respect,
and it's too late for 5.2 to start thinking how to do this. We'll have to close
it for now.
Comment 5 RHEL Program Management 2007-11-15 13:52:47 UTC 
Development Management has reviewed and declined this request.  You may appeal
this decision by reopening this request.