[Dovecot] Changing password for users
Joseph Tam
jtam.home at gmail.com
Tue Oct 30 04:09:12 EET 2012
Ben Morrow wrote:
>> Maybe replace "/usr/bin/passwd" with htpasswd?
>
> Try pam_pwdfile with poppwd or some other poppassd that supports PAM.
That's it! I was trying to remember the name of this PAM module.
>>> and is there another way other than poppassd?
>>
>> Write your own PHP script -- it couldn't be more than a few dozen lines
>> of code for a working skeleton. Or Google "php change password htpasswd".
>
> It's not as simple as you seem to think. Quite apart from getting the
> password-changing itself right (have you considered what happens when
> two users change their passwords at the same time? when Dovecot tries to
> read the password file at the same time as you are changing it? when the
> system crashes when you are halfway through rewriting the password
> file?), you really shouldn't be running PHP as a user with write access
> to a password file (even a virtual password file) in any case.
I did consider it, and you're right, it is tricky to get it absolutely
right. If robusteness and security was of utmost importance, I would
abandon PHP too. I was scaling the solution to the OP's technical
ability and apparent size of their operation -- if poppwd passes muster,
this wouldn't be too far off.
Joseph Tam <jtam.home at gmail.com>
More information about the dovecot
mailing list