There is been some talk about getting qmailadmin to run with PHP and
other environments.
The problem is, how to you get a web server that is running as "nobody"
to run commands as vpopmail? The answer has been to set qmailadmin
SETUID vpopmail. The problem with that is. What if you want to develop
your own front-end in PHP for example?
One answer is to introduce a new command in the base distribution of
vpopmail which would run SETUID vpopmail which could then be called by
whatever front-end you care to design.
This means a tool like qmailadmin or at least of subset if it could be
easily created in mod_perl or mod_php or whatever. Modules for many of
the webmail solutions out there would popup in no time.
Included is a mock man page for the new command to give you an idea of
what I am talking about.
Let me know what you all think.
Gérald
==========================
NAME
vadm - user level vpopmail admin tool
SYNOPSIS
vadm [options] command [command_args]
DESCRIPTION
vadm is a tools to provide non interactive user level commands for
vpopmail.
The binary is SETUID to vpopmail so any user on the system can use
it.
This greatly simplifies the creating of a web front-end for
example.
OPTIONS
-b, --base64
The password is BASE64 encoded. This is especially useful when
providing
the password at the command line.
-p PASS, --password=PASS
Provide the authentication password for the execution of the
command.
Its better to use the VADM_PASS environment variable if
possible.
-u EMAIL_ADDRESS, --user=EMAIL_ADDRESS
Provide the authentication user name for the execution of the
command.
You can also set this in the VADM_USER environment variable.
COMMAND SUMMARY
You must authenticate with a valid user/pass for any commands to be
executed.
Some commands will only execute if the user/pass has admin rights
on the
domain in question.
info
This will output a coma delimited line of info about the user
trying to authenticate.
If the supplied user/pass fails to authenticate then it exits
with a 1.
list_users [DOMAIN] [OFFSET] [MAX]
If DOMAIN is not supplied then assume the domain of the
authenticated user.
OFFSET and MAX is to handle cases when the list of users is
quite large.
If the authenticated user has admin rights to the domain then
this command
will return a list of all users for that domain. The list
output is one line per
user with coma delimited info for every user.
update USER SETTING
USER is the email address of the account to be updated.
SETTING is a coma delimited settings in a format similar to
that returned by
the info command.
If USER is equal to the authenticated user then the command is
accepted
otherwise the authenticated user must have admin right to that
domain.
password USER [-b] [NEW_PASSWORD]
USER if the email address of the account to be updated.
-b here indicated if the new pass is BASE64 encoded
If [NEW_PASSWORD] is not supplied then read the new password
from the
environment variable VADM_NEWPASS
newacct USER [SETTING]
The authenticated user must have admin rights on the domain to
execute
this command.
rmacct [-f] USER
This will remove an account and if the [-f] if supplied it will
also delete all
the users email. Some checking is done to make sure no forwards
pointing
to this account.
setfallback DOMAIN EMAIL
This will set the fallback address for the domain.
list_forwards [DOMAIN] [OFFSET] [MAX]
newfwd USER EMAIL
rmfwd USER
etc...... I am sure there are a few more commands that would be
needed.
ENVIRONMENT VARIABLES
It is recommended that the credentials of the user be set with
environment variable
rather then at the commend line for security reasons.
VADM_USER
This variable specifies the email address of the user
requesting the execution
of the command.
VADM_PASS
This variable specifies the password user requesting the
execution of the
command.
The password can be encoded in BASE64 if the -b is supplied.
VADM_NEWPASS
This variable hold the new password user requesting to change a
password.
The password can be encoded in BASE64 if the -b is supplied.
DIAGNOSTICS
Normally, exit status is 0 with output on STDOUT and 1 otherwise.
BUGS
This tool does not exist yet.
