Description of problem: dovecot should provide a standard tool for administering passwords for virtual users in a passwd-like text file as /etc/imap.passwd (console based and GUI based variants). The tool should not depend on the fact that virtual users have separeate UIDs/GIDs or share a common one. This tool must be usable remotely by regular users, even from a Windows machine, to change their own password stored in /etc/imap.passwd (via a ssh-like mechanism, as a standard plugin from changing passwords from squirrelmail, etc.) The tool should work in a SELinux-enabled environment, with the default policy active. Version-Release number of selected component (if applicable): dovecot-0.99.14-4.fc4 (stock Fedora Core 4 + updates March 06, 2006) How reproducible: Always Steps to Reproduce: 1. 2. 3. Actual results: There is no way to remotely change virtual users' e-mail passwords on the server if the server doesn't use MySQL, LDAP or alike. Expected results: Users must be able to change their password remotely, even if passwords are stored in a text file on the server (passwd-like syntax). Root must be able to change password for any user. Additional info:
Patches welcome.
Is this even a standard part of the IMAP protocol? If not, then this shouldn't be the job of dovecot. Any patch would need to be acceptable to the upstream dovecot project. I suspect this is a NOTABUG issue, but I'll wait to see what tss says.
Right. Probably should be done some separate package with web backend, and there already exists some, although I don't know if there exists for passwd-files (or LinuxConf maybe). There's no way to change the password with IMAP protocol.
Hello, Thanks for your comments and help! Just a non-technical newbie observation about all that (please see bug #184355 too): What seems strange to me is the fact that some tools like I suggested *do exist* (please see intraperson, a plugin for squirrelmail) and they *are* able to change an encrypted password located in /etc/passwd. However, as I discovered, these plugins cannot operate on a file which has a syntax absolutely equal to /etc/passwd (such as Dovecot's /etc/imap.passwd)! Needing a MySQL or LDAP database just for interacting with these plugins seems to me contrary to good old Linux minimalism... ;-) From the "marketing" point of view ;-), trying to compete with Microsoft Exchange means that some facilities like changing password for yourself or being able to set a vacation message (when you're definded as a "virtual" user in the e-mail system) are absolutely necessary... Regards, Razvan