Bug 243983 - [RFE] Dovecot should provide a way for users to change their passwords
Summary: [RFE] Dovecot should provide a way for users to change their passwords
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: dovecot   
(Show other bugs)
Version: 5.1
Hardware: All
OS: Linux
Target Milestone: ---
: ---
Assignee: Tomas Janousek
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2007-06-13 08:18 UTC by Răzvan Sandu
Modified: 2007-11-17 01:14 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-11-15 13:52:47 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Răzvan Sandu 2007-06-13 08:18:56 UTC
Description of problem:


IMHO, the following is a major limitation / missing feature in dovecot:

Regular users should be provided with a facile way of changing their own
password, without administrator's intervention.

This mechanism should meet the following criteria:

- can be done remotely, in a facile way (via a Web interface ?)

- should be 100% independent of the way users are defined in dovecot (plain text
files, databases, LDAP, etc. )

- users should not be able to modify other dovecot parameters (as they can via
Webmin or other remote administration solutions)

- should be present in the default dovecot repository (probably as a separate
.rpm package)

- should integrate nicely with other related packages (sendmail, postfix,
squirrelmail, Fedora Directory Server, openldap, etc.)

I'm marking this as "severity=high" because I consider it of general interest,
for a large mass of users.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

dovecot doesn't provide a way for regular users to change their own password
(without administrator's intervention).

Expected results:

Such a way should exist; it should be accesible remotely in a facile way and
should be independent of the database backend used for usernames and passwords.

Additional info:

Comment 1 Tomas Janousek 2007-06-13 10:44:24 UTC
It may be possible to extend dovecot-auth to support password changing. The
upstream's plan is to split dovecot-auth and add some general purpose
binaries/libs around it. These may be used from the web frontend, or the
frontend may talk to dovecot-auth itself. The web frontend should not be a part
of the dovecot package. I suppose one can just write a dovecot-auth backend for
an existing password changing webinterface.

Comment 2 RHEL Product and Program Management 2007-10-31 18:25:13 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update

Comment 3 Tomas Janousek 2007-11-13 16:56:08 UTC
It's not clear what to do, upstream hasn't moved any further in this respect,
and it's too late for 5.2 to start thinking how to do this. We'll have to close
it for now.

Comment 5 RHEL Product and Program Management 2007-11-15 13:52:47 UTC
Development Management has reviewed and declined this request.  You may appeal
this decision by reopening this request. 

Note You need to log in before you can comment on or make changes to this bug.