Bug 184364 - dovecot should provide a way to remotely change virtual user passwords
Summary: dovecot should provide a way to remotely change virtual user passwords
Alias: None
Product: Fedora
Classification: Fedora
Component: dovecot   
(Show other bugs)
Version: 4
Hardware: i386 Linux
Target Milestone: ---
Assignee: Petr Rockai
QA Contact:
URL: http://www.dovecot.org/
Keywords: FutureFeature
Depends On:
TreeView+ depends on / blocked
Reported: 2006-03-08 08:55 UTC by Razvan Sandu
Modified: 2014-01-21 22:53 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-03-08 16:26:50 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Razvan Sandu 2006-03-08 08:55:46 UTC
Description of problem:

dovecot should provide a standard tool for administering passwords for virtual
users in a passwd-like text file as /etc/imap.passwd (console based and GUI
based variants).

The tool should not depend on the fact that virtual users have separeate
UIDs/GIDs or share a common one. 

This tool must be usable remotely by regular users, even from a Windows machine,
to change their own password stored in /etc/imap.passwd (via a ssh-like
mechanism, as a standard plugin from changing passwords from squirrelmail, etc.)

The tool should work in a SELinux-enabled environment, with the default policy

Version-Release number of selected component (if applicable):
(stock Fedora Core 4 + updates March 06, 2006)

How reproducible:

Steps to Reproduce:
Actual results:

There is no way to remotely change virtual users' e-mail passwords on the server
if the server doesn't use MySQL, LDAP or alike.

Expected results:

Users must be able to change their password remotely, even if passwords are
stored in a text file on the server (passwd-like syntax). Root must be able to
change password for any user.

Additional info:

Comment 1 Petr Rockai 2006-03-08 12:32:25 UTC
Patches welcome. 

Comment 2 Warren Togami 2006-03-08 15:01:32 UTC
Is this even a standard part of the IMAP protocol?  If not, then this shouldn't
be the job of dovecot.  Any patch would need to be acceptable to the upstream
dovecot project.

I suspect this is a NOTABUG issue, but I'll wait to see what tss says.

Comment 3 Timo Sirainen 2006-03-08 15:48:32 UTC
Right. Probably should be done some separate package with web backend, and there already exists some, 
although I don't know if there exists for passwd-files (or LinuxConf maybe). There's no way to change the 
password with IMAP protocol.

Comment 4 Razvan Sandu 2006-03-20 22:20:48 UTC

Thanks for your comments and help!

Just a non-technical newbie observation about all that (please see bug #184355 

What seems strange to me is the fact that some tools like I suggested *do 
exist* (please see intraperson, a plugin for squirrelmail) and they *are* able 
to change an encrypted password located in /etc/passwd.

However, as I discovered, these plugins cannot operate on a file which has a 
syntax absolutely equal to /etc/passwd (such as Dovecot's /etc/imap.passwd)! 
Needing a MySQL or LDAP database just for interacting with these plugins seems 
to me contrary to good old Linux minimalism... ;-)

From the "marketing" point of view  ;-), trying to compete with Microsoft 
Exchange means that some facilities like changing password for yourself or 
being able to set a vacation message (when you're definded as a "virtual" user 
in the e-mail system) are absolutely necessary...


Note You need to log in before you can comment on or make changes to this bug.