Yvan Rodrigues' problogue

(like a blog, but with less effort)

Disconnected ramblings about software development, iOS, FreeBSD, anti-social networking, kittens, drosophilidae, small business, Android, web services, finches, Windows, electrical engineering, XML, rental cars, rye, or ... FIVE dollars??!... something something beer.

How to enable password changing on remote host in roundcube on FreeBSD

Roundcube

Roundcube comes with a password change module, through it's disabled by default. Configuring it to change passwords on another server's [geshifilter-code]passwd[/geshifilter-code] database is another matter. The instructions only cover using [geshifilter-code]chpasswd[/geshifilter-code] on a Linux server to update the local password database.

On the mail server:

  • [geshifilter-code]adduser roundcube[/geshifilter-code], set a shell and create a home directory.
  • [geshifilter-code]visudo[/geshifilter-code], adding [geshifilter-code]roundcube ALL = NOPASSWD: /usr/sbin/pw[/geshifilter-code]

On the web server:

  • [geshifilter-code]chpass www[/geshifilter-code], assigning a shell to allow logins.
  • [geshifilter-code]su www[/geshifilter-code], impersonate www.
  • [geshifilter-code]ssh-keygen -t rsa[/geshifilter-code], create an RSA private/public key pair.
  • [geshifilter-code]scp /home/www/.ssh/id_rsa.pub roundcube@<em>remotehost</em>/~/.ssh/authorized_keys[/geshifilter-code], copying the public key to the mail server to allow passwordless logins.

The [geshifilter-code]chpasswd[/geshifilter-code] driver ([geshifilter-code]/www/roundcube/plugins/password/drivers/chpasswd.php[/geshifilter-code] will require modification.

[geshifilter-php]function password_save($currpass, $newpass) { $cmd = rcmail::get_instance()-&gt;config-&gt;get('password_chpasswd_cmd'); $username = $_SESSION['username']; $handle = popen($cmd, "w"); fwrite($handle, "$newpass "); if (pclose($handle) == 0) { return PASSWORD_SUCCESS; } else { raise_error(array( 'code' =&gt; 600, 'type' =&gt; 'php', 'file' =&gt; __FILE__, 'line' =&gt; __LINE__, 'message' =&gt; "Password plugin: Unable to execute $cmd" ), true, false); } return PASSWORD_ERROR; }[/geshifilter-php]

And so will this line in [geshifilter-code]/www/roundcube/plugins/password/config.inc.php[/geshifilter-code]

[geshifilter-php]// chpasswd Driver options // --------------------- // Command to use $rcmail_config['password_chpasswd_cmd'] = "ssh roundcube@mailhost sudo pw usermod -n {$_SESSION['username']} -h 0 2&gt; /dev/null";[/geshifilter-php]

Pages

Simple Copyright Policy: If you want to reproduce anything on this site, get my permission first.