[vchkpw] vqmaillocal
The other day i just noticed vqmaillocal and was excited to see that i didnt need to put vdelivermail in each users .qmail file but now i see a read me that says '** vqmaillocal has not been actively maintained and should not be used. **'. I would love to see this finished. Are there plans to finish it? Estimated date? -- Best Regards, Shaun Reitan Account Specialist www.NDCHost.com www.cPlicensing.net
[vchkpw] Re: vchkpw suid perms..
I dont want to run qmaild as vpopmail user, with the correct permissions this should work i dont see why it wouldnt. -- ~Shaun Clayton Weise [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] If it's the same smtp auth patch I use (http://members.elysium.pl/brush/qmail-smtpd-auth/) then I had to set my qmail-smtpd process to run as the vpopmail user and not qmaild. It's in the FAQ :). Shaun wrote: I have kind of a custom setup here. I'm trying to get smtp-auth to work and i noticed that the site says to give suid perms to vchkpw. I assume this is because vchkpw needs permission to read the vpasswd files. Mine is running as qmaild, and when i su to qmaild i can cat the vpasswd and vpasswd.cdb file so i it has read access to those files. my question is what could be wrong! what else does it need read perms too... i must be missing somthing. ## My Setup The qmail setup is pretty much straight from lwq, qmaild(501) is the user and nofiles(500) is the group for the process below qmaild4900 0.0 0.0 3148 492 ?S16:38 0:00 | | \_ /usr/local/bin/tcpserver -v -R -H -l0 -x /etc/tcp.smtp.cdb -c 20 -u 501 -g 500 0 smtp /var/qmail/bin/qmail-smtpd hostname.com /home/vpopmail/bin/vchkpw /bin/true /home/user1 is 0711 and user1.nofiles /home/user1/domains is 0711 and user1.nofiles /home/user1/domains/user1.domain.com is 0711 and user1.nofiles /home/user1/domains/user1.domain.com/vpasswd is 0640 and user1.nofiles /home/user1/domains/user1.domain.com/vpasswd.cdb is 0640 and user1.nofiles su to qmaild and i can cat both /home/user1/domains/user1.domain.com/vpasswd and /home/user1/domains/user1.domain.com/vpasswd.cdb When running vchkpw as qmaild auth always fails, strace doesnt show me any permissions errors... -- ~Shaun
[vchkpw] Re: vchkpw suid perms..
run qmail-smtpd as root, if it came down to it i would just suid vchkpw as that works.. I'm trying to get all this stuff to run with non-suid privs. -- ~Shaun Ken Jones [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] You can also run the smtp server as root if any of your domains are not owned by vpopmail. Ken Jones On Wednesday 31 December 2003 12:28 pm, Clayton Weise wrote: If it's the same smtp auth patch I use (http://members.elysium.pl/brush/qmail-smtpd-auth/) then I had to set my qmail-smtpd process to run as the vpopmail user and not qmaild. It's in the FAQ :). Shaun wrote: I have kind of a custom setup here. I'm trying to get smtp-auth to work and i noticed that the site says to give suid perms to vchkpw. I assume this is because vchkpw needs permission to read the vpasswd files. Mine is running as qmaild, and when i su to qmaild i can cat the vpasswd and vpasswd.cdb file so i it has read access to those files. my question is what could be wrong! what else does it need read perms too... i must be missing somthing. ## My Setup The qmail setup is pretty much straight from lwq, qmaild(501) is the user and nofiles(500) is the group for the process below qmaild4900 0.0 0.0 3148 492 ?S16:38 0:00 | | \_ /usr/local/bin/tcpserver -v -R -H -l0 -x /etc/tcp.smtp.cdb -c 20 -u 501 -g 500 0 smtp /var/qmail/bin/qmail-smtpd hostname.com /home/vpopmail/bin/vchkpw /bin/true /home/user1 is 0711 and user1.nofiles /home/user1/domains is 0711 and user1.nofiles /home/user1/domains/user1.domain.com is 0711 and user1.nofiles /home/user1/domains/user1.domain.com/vpasswd is 0640 and user1.nofiles /home/user1/domains/user1.domain.com/vpasswd.cdb is 0640 and user1.nofiles su to qmaild and i can cat both /home/user1/domains/user1.domain.com/vpasswd and /home/user1/domains/user1.domain.com/vpasswd.cdb When running vchkpw as qmaild auth always fails, strace doesnt show me any permissions errors... -- ~Shaun
[vchkpw] vchkpw suid perms..
I have kind of a custom setup here. I'm trying to get smtp-auth to work and i noticed that the site says to give suid perms to vchkpw. I assume this is because vchkpw needs permission to read the vpasswd files. Mine is running as qmaild, and when i su to qmaild i can cat the vpasswd and vpasswd.cdb file so i it has read access to those files. my question is what could be wrong! what else does it need read perms too... i must be missing somthing. ## My Setup The qmail setup is pretty much straight from lwq, qmaild(501) is the user and nofiles(500) is the group for the process below qmaild4900 0.0 0.0 3148 492 ?S16:38 0:00 | | \_ /usr/local/bin/tcpserver -v -R -H -l0 -x /etc/tcp.smtp.cdb -c 20 -u 501 -g 500 0 smtp /var/qmail/bin/qmail-smtpd hostname.com /home/vpopmail/bin/vchkpw /bin/true /home/user1 is 0711 and user1.nofiles /home/user1/domains is 0711 and user1.nofiles /home/user1/domains/user1.domain.com is 0711 and user1.nofiles /home/user1/domains/user1.domain.com/vpasswd is 0640 and user1.nofiles /home/user1/domains/user1.domain.com/vpasswd.cdb is 0640 and user1.nofiles su to qmaild and i can cat both /home/user1/domains/user1.domain.com/vpasswd and /home/user1/domains/user1.domain.com/vpasswd.cdb When running vchkpw as qmaild auth always fails, strace doesnt show me any permissions errors... -- ~Shaun
[vchkpw] problem w/ vadddomain and -d option
I'm trying to get vadddomain to use a dir named mail rahter than domains when creating the maildir's (ex: /home/user3/mail/user3.domain.com rather than /home/user3/domains/user3.domain.com) but i keep getting this error... am i doign somthing wrong? ./vadddomain -u user3 -d mail user3.domain.com 123123123 Error: Unable to chdir to vpopmail/domains/domain directory ./vadddomain -u user3 -d /home/user3/mail user3.domain.com 123123123 Error: Unable to chdir to vpopmail/domains/domain directory ~Shaun
[vchkpw] .dir-control, what is it?
i noticed that in the domain dirs that there is a file called .dir-control. What is this file used for? why is it needed? If a system user has access to this file could they do anything funny to qmail or vpopmail? ~Shaun
[vchkpw] vcdb.c patch for bad vpasswd permissions
I noticed that vpopmail's vcdb.c failed to set secure permissions on the vpasswd.cdb file. It was giving global read permissions! In a vpopmail install where you install vpopmail exactly how it was ment to be run this is not a big deal because the domains dir is 0700. I want/like to rely on the domains dir though. Anyway attached and pasted below is my patch ~Shaun -[snip]- - diff -Naur vpopmail-5.2.2/vcdb.c vpopmail-5.2.2.patched/vcdb.c --- vpopmail-5.2.2/vcdb.c 2003-08-01 21:09:57.0 -0700 +++ vpopmail-5.2.2.patched/vcdb.c 2003-12-26 14:44:04.0 -0800 @@ -216,6 +216,14 @@ chown(vpasswd_lock_file, uid, gid); chown(vpasswd_file, uid, gid); +/* Patch by [EMAIL PROTECTED] +Global Read Perms are evil, i dont like to rely on the permissions of the previous dir! */ +chmod(vpasswd_cdb_file, S_IRUSR | S_IWUSR); +chmod(vpasswd_lock_file, S_IRUSR | S_IWUSR); +chmod(vpasswd_file, S_IRUSR | S_IWUSR); + /* Patch end */ + + return 0; } [EOP]--- --- begin 666 vcdb.c_permissions_fix.patch M9EF9B M3F%UB!V]P;6%I;TU+C(N,B]V8V1B+F,@=G!OUA:6PM-2XR M+C(N%T8VAE9]V8V1B+F,-BTM+2!V]P;6%I;TU+C(N,B]V8V1B+F,@ M( @( @,C P,RTP.TP,2 R,3HP.3HU-RXP,# P,# P,# @+3 W,# -BLK M*R!V]P;6%I;TU+C(N,BYP871C:5D+W9C9(N8R @( @( R,# S+3$R M+3(V(#$T.C0T.C T+C P,# P,# P, M,[EMAIL PROTECTED], T*0$ @+3(Q-BPV(LR,38L M,[EMAIL PROTECTED] -B @( @8VAO=VXH=G!AW-W9%]L;V-K7V9I;4L('5I9[EMAIL PROTECTED] M*3L-B @( @8VAO=VXH=G!AW-W9%]F:6QE+!U:60L(=I9D[#0H-BL@ M( @[EMAIL PROTECTED]%T8V@@[EMAIL PROTECTED]%N0$Y$0TAOW0N8V]M#0HK( @ M( @(!';[EMAIL PROTECTED]!097)MR!A[EMAIL PROTECTED];P@:2!D;VYT(QI:V4@ M=\@F5L2!O;B!T:4@5R;6ESVEO;G,@;[EMAIL PROTECTED]AE('!R979I;W5S(1I M[EMAIL PROTECTED]BL@( @8VAM;V0H=G!AW-W9%]C9)[EMAIL PROTECTED])4E534B!\ M(%-?25=54U(I.PT**R @(!C:UO9AV%S[EMAIL PROTECTED]) M4E534B!\(%-?25=54U(I.PT**R @(!C:UO9AV%SW=D7V9I;4L(%-? M25)54U(@?!37TE755-2*3L-BL@( O*B!0871C:!E;[EMAIL PROTECTED]BL-BL- 5B @( @F5T=7)N(# [EMAIL PROTECTED] ` end
[vchkpw] Re: vcdb.c patch for bad vpasswd permissions
Where can we see info on what is to come and was changed in the new version. -- Best Regards, ~Shaun Tom Collins [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] On Dec 26, 2003, at 3:05 PM, Shaun Reitan wrote: I noticed that vpopmail's vcdb.c failed to set secure permissions on the vpasswd.cdb file. It was giving global read permissions! In a vpopmail install where you install vpopmail exactly how it was ment to be run this is not a big deal because the domains dir is 0700. I want/like to rely on the domains dir though. Anyway attached and pasted below is my patch The 5.4.0 pre-releases set the umask before opening the file, so your patch shouldn't be necessary. As we're on the verge of a stable 5.4 release with numerous improvements over 5.2.2, we don't have any plans to make a 5.2.3 release. -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
[vchkpw] Rebuilding vpasswd?
How can i rebuild a users vpasswd.cdb from vpasswd with out using any of the vpop utilitys? I assume i can do this some how with the cdb util? i have tryed the following and this is the error i get... ---[SNIP] cdbmake vpasswd.cdb vpasswd.tmp vpasswd cdbmake: fatal: unable to read input: bad format --- I tryed cdbmake-sv as well and it doesnt error out but courier imap has issues it seams with the cdb file. How can rebuild it? -- Best Regards, Shaun Reitan Account Specialist www.NDCHost.com www.cPlicensing.net
[vchkpw] Re: Rebuilding vpasswd?
Ok, so if it doesnt exist and i check email it is rebuilt... but is courier-imap rebuilding it or is vchkpw? also, when it rebuilds it, it creates vpasswd.cdb with 644 permissions... i want 640 or even 600, why is it giving global read permissions! I still would like to know how to rebiuld the vpasswd by hand... with out vpopmail tools... if it's a cdb i must be able to do it via cdb's tools. -- ~Shaun Rick Widmer [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] Shaun Reitan wrote: How can i rebuild a users vpasswd.cdb from vpasswd with out using any of the vpop utilitys? I assume i can do this some how with the cdb util? i have tryed the following and this is the error i get... Why? If you remove the .cdb file it will be automagically recreated the next time one of the vpopmail programs needs to use it. Much easier... Rick