[vchkpw] Disable clear password
Hi all, i have setup vpopmail ver 5.4.17 few months ago, and it is working fine all the way. When i setup the program, i enable the clear password while configure vpopmail. But now i wish to disable the clear password, what should i do to disable it? What i have tried ... i go back to the installation folder, re-run again ./configure --disable-clear-passwd, then make and make install-strip ... but the result also same, when i used vuserinfo to view user's detail, the command still can show up the clear password of the user. so what should i need to do to disable it? THank you Regards, Kenny
Re: [vchkpw] Disable clear password
On 9/20/2007 2:28 AM, Kenny Lee wrote: What i have tried ... i go back to the installation folder, re-run again ./configure --disable-clear-passwd, then make and make install-strip ... but the result also same, when i used vuserinfo to view user's detail, the command still can show up the clear password of the user. You did the right thing recompiling. That should make new passwords not contain the clear text. But you've got to go through all the vpasswd files manually to remove the clear passwords from existing mailboxes. I actually did the same thing years ago and published the code: http://jeremy.kister.net/code/perl/vchkpw.remove_clearpw.pl -- Jeremy Kister http://jeremy.kister.net./
Re: [vchkpw] Disable clear password
Hi Jeremy, after the re-compiling, i tried to create a new domain, and found that the [EMAIL PROTECTED] also showed out the clear password while i used vuserinfo command. i unable to download the perl script you mentioned below .. http://jeremy.kister.net/code/perl/vchkpw.remove_clearpw.pl Regards, Kenny Lee From: Jeremy Kister [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: 2007-09-20 02:44 PM Subject: Re: [vchkpw] Disable clear password On 9/20/2007 2:28 AM, Kenny Lee wrote: What i have tried ... i go back to the installation folder, re-run again ./configure --disable-clear-passwd, then make and make install-strip ... but the result also same, when i used vuserinfo to view user's detail, the command still can show up the clear password of the user. You did the right thing recompiling. That should make new passwords not contain the clear text. But you've got to go through all the vpasswd files manually to remove the clear passwords from existing mailboxes. I actually did the same thing years ago and published the code: http://jeremy.kister.net/code/perl/vchkpw.remove_clearpw.pl -- Jeremy Kister http://jeremy.kister.net./
[vchkpw] Feature Request - vmoduser addition
Hi, Is it possible to have vmoduser modified so that changing a password with a new -$option changes both encrypted and clear text passwords in one run? Sort of like: ./vmoduser [EMAIL PROTECTED] -P test would change the password for [EMAIL PROTECTED] to test in both clear text format and in the encrypted format... At least, being an available option if compiled with MySQL (and maybe other DB's, but I can't comment on them as I don't use any other), thoughts? Q
Re: [vchkpw] Disable clear password
Hi Kenny, if you use mysql to store user data you should drop the clear password column too. It happend the same to me few months ago. I forgot to disable the clear password and after, when i recompiled and reinstalled, vpopmail was still putting the clear text password in the table till i didn't dropped the column in the DB. I hope it can help. Bye, Marcello Kenny Lee wrote: Hi Jeremy, after the re-compiling, i tried to create a new domain, and found that the [EMAIL PROTECTED] also showed out the clear password while i used vuserinfo command. i unable to download the perl script you mentioned below .. http://jeremy.kister.net/code/perl/vchkpw.remove_clearpw.pl Regards, Kenny Lee From: Jeremy Kister [EMAIL PROTECTED] To: vchkpw@inter7.com Sent: 2007-09-20 02:44 PM Subject: Re: [vchkpw] Disable clear password On 9/20/2007 2:28 AM, Kenny Lee wrote: What i have tried ... i go back to the installation folder, re-run again ./configure --disable-clear-passwd, then make and make install-strip ... but the result also same, when i used vuserinfo to view user's detail, the command still can show up the clear password of the user. You did the right thing recompiling. That should make new passwords not contain the clear text. But you've got to go through all the vpasswd files manually to remove the clear passwords from existing mailboxes. I actually did the same thing years ago and published the code: http://jeremy.kister.net/code/perl/vchkpw.remove_clearpw.pl -- Jeremy Kister http://jeremy.kister.net./
Re: [vchkpw] Feature Request - vmoduser addition
On Sep 20, 2007, at 12:19 AM, Quey wrote: Is it possible to have vmoduser modified so that changing a password with a new -$option changes both encrypted and clear text passwords in one run? It already does that. When you set the clear password, it also updates the encrypted password. I can't think of a time when you'd use the option to set the encrypted password directly, but it's there in case someone needs it... -- Tom Collins - [EMAIL PROTECTED] Vpopmail - virtual domains for qmail: http://vpopmail.sf.net/ QmailAdmin - web interface for Vpopmail: http://qmailadmin.sf.net/
Re: [vchkpw] Mysql table
John Simpson wrote: On 2007-09-19, at 1532, mlist wrote: Please try creating a domain with a long name, up around 80-90 characters long. ... I did as you said and I recieved errors. Here is the command I used and the errors returned. ... vmysql: error creating table 'a_com': Incorrect table name 'a_com' Error. Failed while attempting to add domain to auth backend you missed the other error message. mysql has a limit of 64 bytes for a table name (at least mysql versions 5.1, 5.0, and 5.1 do, i'm assuming earlier versions had the same limit.) also see RFC 1035 section 2.3.4. each portion of a domain name (i.e. the abc in abc.com) can be no longer than 63 bytes, and no full hostname (i.e. www.abc.com) can be longer than 255 bytes. and since mysql has a limit of 64 bytes for a table name, you have a... maybe not a bug, but a design flaw. the name a(63 times).com IS a valid domain name, but a(63 times)_com is NOT a valid table name. perhaps you shouldn't store each domain's data in a separate table? i've never understood the reason for creating separate tables for each domain anyway- but since i don't normally use a SQL back-end for mailbox information, it's not something i really worry about. Well then . . . that explains it. Thanks Rick, Joshua, and John. I'm no full-time DBA wouldn't it take less time to query through a specific table looking for data than it would to query one massive table? Any one else have any thoughts? I'm curious to know which would perform better. Matt
[vchkpw] segfault vdeluser 5.4.21
Okay, running into a new problem suddenly. I thought I had seen this problem on the list before - but my searches came up with nothing - so I appologize if this is duplicated. Now when I try to delete a user I get a segfault: mail:/home/vpopmail/bin # vdeluser [EMAIL PROTECTED] Segmentation fault I did find one post about a month ago addressing a similar issue. The author suggests to add an entry into the valias table: adding a valias as this in the valias table: alias domain valias_line default foo.bar | /home/vpopmail/bin/vdelivermail '' bounce-no-mailbox and the vdeluser work correctly. Which it did (but it did leave that alias in the table . . . not sure if it should delete it or not - but I would imagine so). I ran an strace on that and it does in fact segfault when examining the valias table: . . . read(5, # Default limits file. This fil..., 4096) = 1161 read(5, , 4096) = 0 close(5)= 0 munmap(0xb7f9, 4096)= 0 fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0 read(4, 0x8061ea8, 8192)= -1 EAGAIN (Resource temporarily unavailable) fcntl64(4, F_SETFL, O_RDWR) = 0 write(4, \1\0\0\0\16, 5) = 5 read(4, \7\0\0\1\0\0\0\2\0\0\0, 16384) = 11 fcntl64(4, F_SETFL, O_RDWR|O_NONBLOCK) = 0 read(4, 0x8061ea8, 8192)= -1 EAGAIN (Resource temporarily unavailable) fcntl64(4, F_SETFL, O_RDWR) = 0 write(4, P\0\0\0\3select valias_line from val..., 84) = 84 read(4, [EMAIL PROTECTED]..., 16384) = 91 --- SIGSEGV (Segmentation fault) @ 0 (0) --- +++ killed by SIGSEGV +++ So, does any one have suggestions on how I can delete that? . . . crap. So I knew I saw this same problem somewhere else. It's noted in the 5.4.22 changelog. Why oh why didn't I go with 5.4.22 ??? I'll post this anyways for posterity. Matt
Re: [vchkpw] Feature Request - vmoduser addition
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tom Collins wrote: I can't think of a time when you'd use the option to set the encrypted password directly, but it's there in case someone needs it... We've used it during conversions from other MTAs. It can be quite handy :) - -- /* Matt Brookings [EMAIL PROTECTED] GnuPG Key ABA26FE7 Software developer Systems technician Inter7 Internet Technologies, Inc. (815)776-9465 */ -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFG8rTGYaj0Mauib+cRAhFtAJ9xLgnOZfTDtuEW8vqKeBG4q+avigCcDbzR sLIhKbKXpf26Q6t825las8M= =F0Zq -END PGP SIGNATURE-
Re: [vchkpw] segfault vdeluser 5.4.21
mlist wrote: Okay, running into a new problem suddenly. I thought I had seen this problem on the list before - but my searches came up with nothing - so I appologize if this is duplicated. Now when I try to delete a user I get a segfault: mail:/home/vpopmail/bin # vdeluser [EMAIL PROTECTED] Segmentation fault crap. So I knew I saw this same problem somewhere else. It's noted in the 5.4.22 changelog. Why oh why didn't I go with 5.4.22 ??? I'll post this anyways for posterity. Matt I reported an issue with this a while back. I started using 5.4.22 a couple of days ago and the issue no longer exists, as per the ChangeLog. Adam
[vchkpw] Anyone using Courier-imap Virtual Shared Folders with Vpopmail
I have been looking at this feature and would like to implement the virtual shared folders. Seems a lot easier if you have mail client that can set the acl on the Maildir's etc. We are also looking at the Bynari Outlook Plugin to handle these as well. The setup seems straight forward until it comes to keeping shared folders for different domains separate. Courier has a setting to apply a sharedgroup option to assign a user/email address to a group. Courier then allows that user to only access that groups shared folders (Courier terms this as a universe). In looking at this, it looks like Courier gets this setting via the auth module, in this case via vpopmail. Any one found away to use this feature, the sharedgroups setting? I have looked at the code a little, but I only know enough to get a general idea about what is going on. It looks like on the courier side, in the auth module, the options variable is getting set, but is limited to the access stuff regarding imap, pop, ... I tried looking on the vpopmail side at where that is set, but got lost and decided to check here. Anyone else have any interest or got something to work? Any ideas or pointers would be great. Thanks Brian
Re: [vchkpw] Mysql table
mlist wrote: John Simpson wrote: and since mysql has a limit of 64 bytes for a table name, you have a... maybe not a bug, but a design flaw. the name a(63 times).com IS a valid domain name, but a(63 times)_com is NOT a valid table name. Definitely a design flaw, even before the domain name length increase. I believe Ken once told me it was a mistake, but he never removed it because people were using it. I think the name length issue is a good reason to depreciate the feature. I'm looking to reduce the number of options to ./configure, and this looks like a good candidate. perhaps you shouldn't store each domain's data in a separate table? i've never understood the reason for creating separate tables for each domain anyway- but since i don't normally use a SQL back-end for mailbox information, it's not something i really worry about. Well then . . . that explains it. Thanks Rick, Joshua, and John. I'm no full-time DBA wouldn't it take less time to query through a specific table looking for data than it would to query one massive table? Any one else have any thoughts? I'm curious to know which would perform better. If I remember right, speed was the reason for separate tables, but testing showed it was not faster. I think the single table works better because all your mail users are accessing the same table, and its indexes so they stay loaded all the time. If you use separate tables it is always thrashing the cache as different files need to be accessed.
Re: [vchkpw] Mysql table
Rick Widmer wrote: mlist wrote: John Simpson wrote: and since mysql has a limit of 64 bytes for a table name, you have a... maybe not a bug, but a design flaw. the name a(63 times).com IS a valid domain name, but a(63 times)_com is NOT a valid table name. Definitely a design flaw, even before the domain name length increase. I believe Ken once told me it was a mistake, but he never removed it because people were using it. I think the name length issue is a good reason to depreciate the feature. I'm looking to reduce the number of options to ./configure, and this looks like a good candidate. perhaps you shouldn't store each domain's data in a separate table? i've never understood the reason for creating separate tables for each domain anyway- but since i don't normally use a SQL back-end for mailbox information, it's not something i really worry about. Well then . . . that explains it. Thanks Rick, Joshua, and John. I'm no full-time DBA wouldn't it take less time to query through a specific table looking for data than it would to query one massive table? Any one else have any thoughts? I'm curious to know which would perform better. If I remember right, speed was the reason for separate tables, but testing showed it was not faster. I think the single table works better because all your mail users are accessing the same table, and its indexes so they stay loaded all the time. If you use separate tables it is always thrashing the cache as different files need to be accessed. I was going to ask about why that option was still available (seeing as how it's widely disliked) but I didn't want to seem ungrateful. If in the future it is deprecated does anyone have an idea on how to convert many tables to one? I'm sure I could piece together a shell script but I know there are a lot better scripters out there than me. Matt
Re: [vchkpw] Mysql table
Rick Widmer wrote: mlist wrote: John Simpson wrote: and since mysql has a limit of 64 bytes for a table name, you have a... maybe not a bug, but a design flaw. the name a(63 times).com IS a valid domain name, but a(63 times)_com is NOT a valid table name. Definitely a design flaw, even before the domain name length increase. I believe Ken once told me it was a mistake, but he never removed it because people were using it. I think the name length issue is a good reason to depreciate the feature. I'm looking to reduce the number of options to ./configure, and this looks like a good candidate. perhaps you shouldn't store each domain's data in a separate table? i've never understood the reason for creating separate tables for each domain anyway- but since i don't normally use a SQL back-end for mailbox information, it's not something i really worry about. Well then . . . that explains it. Thanks Rick, Joshua, and John. I'm no full-time DBA wouldn't it take less time to query through a specific table looking for data than it would to query one massive table? Any one else have any thoughts? I'm curious to know which would perform better. If I remember right, speed was the reason for separate tables, but testing showed it was not faster. I think the single table works better because all your mail users are accessing the same table, and its indexes so they stay loaded all the time. If you use separate tables it is always thrashing the cache as different files need to be accessed. I vote we depreciate the feature if we can provide a script to help people migrate from the multi table method to the single table method. The feature was only intended for sites with one or two domains and large numbers of users. In that case the database would not thrash since there would only be a few tables involved. And the database could save space by not storing the pw_domain field. As a DBA on large databases I could not resist optimizing this redundant data. The space saved on 100,000 users would be 6.4Mbytes for pw_domain of 64 chars or 12.4Mbytes for pw_domain of 128 chars. With the amount of RAM and disk space of modern servers the space saved does not seem significant now. Considering the confusion this feature generates and the relatively small amount of space it saves I say it's worth depreciating the feature. It should be relatively straight forward to create a migration script to move a site with many tables to the single table design. Ken Jones
Re: [vchkpw] Feature Request - vmoduser addition
Hi Tom, Tom Collins wrote: On Sep 20, 2007, at 12:19 AM, Quey wrote: Is it possible to have vmoduser modified so that changing a password with a new -$option changes both encrypted and clear text passwords in one run? It already does that. When you set the clear password, it also updates the encrypted password. Hrmm, maybe the help needs to be updated as it doesn't make this clear -e encrypted_passwd (set the password field ) -C clear_text_passwd (set the password field ) I now see the -C also changes the encrypted, it seems we were doubling up for nothing :) Cheers
