Red Hat Bugzilla – Bug 184364
dovecot should provide a way to remotely change virtual user passwords
Last modified: 2014-01-21 17:53:52 EST
Description of problem:
dovecot should provide a standard tool for administering passwords for virtual
users in a passwd-like text file as /etc/imap.passwd (console based and GUI
The tool should not depend on the fact that virtual users have separeate
UIDs/GIDs or share a common one.
This tool must be usable remotely by regular users, even from a Windows machine,
to change their own password stored in /etc/imap.passwd (via a ssh-like
mechanism, as a standard plugin from changing passwords from squirrelmail, etc.)
The tool should work in a SELinux-enabled environment, with the default policy
Version-Release number of selected component (if applicable):
(stock Fedora Core 4 + updates March 06, 2006)
Steps to Reproduce:
There is no way to remotely change virtual users' e-mail passwords on the server
if the server doesn't use MySQL, LDAP or alike.
Users must be able to change their password remotely, even if passwords are
stored in a text file on the server (passwd-like syntax). Root must be able to
change password for any user.
Is this even a standard part of the IMAP protocol? If not, then this shouldn't
be the job of dovecot. Any patch would need to be acceptable to the upstream
I suspect this is a NOTABUG issue, but I'll wait to see what tss says.
Right. Probably should be done some separate package with web backend, and there already exists some,
although I don't know if there exists for passwd-files (or LinuxConf maybe). There's no way to change the
password with IMAP protocol.
Thanks for your comments and help!
Just a non-technical newbie observation about all that (please see bug #184355
What seems strange to me is the fact that some tools like I suggested *do
exist* (please see intraperson, a plugin for squirrelmail) and they *are* able
to change an encrypted password located in /etc/passwd.
However, as I discovered, these plugins cannot operate on a file which has a
syntax absolutely equal to /etc/passwd (such as Dovecot's /etc/imap.passwd)!
Needing a MySQL or LDAP database just for interacting with these plugins seems
to me contrary to good old Linux minimalism... ;-)
From the "marketing" point of view ;-), trying to compete with Microsoft
Exchange means that some facilities like changing password for yourself or
being able to set a vacation message (when you're definded as a "virtual" user
in the e-mail system) are absolutely necessary...