There is been some talk about getting qmailadmin to run with PHP and
other environments.

The problem is, how to you get a web server that is running as "nobody"
to run commands as vpopmail?  The answer has been to set qmailadmin
SETUID vpopmail.  The problem with that is. What if you want to develop
your own front-end in PHP for example?

One answer is to introduce a new command in the base distribution of
vpopmail which would run SETUID vpopmail which could then be called by
whatever front-end you care to design.

This means a tool like qmailadmin or at least of subset if it could be
easily created in mod_perl or mod_php or whatever.  Modules for many of
the webmail solutions out there would popup in no time.

Included is a mock man page for the new command to give you an idea of
what I am talking about.

Let me know what you all think.
     vadm - user level vpopmail admin tool

     vadm [options] command [command_args]

     vadm is a tools to provide non interactive user level commands for
     The binary is SETUID to vpopmail so any user on the system can use
     This greatly simplifies the creating of a web front-end for

     -b, --base64
         The password is BASE64 encoded.  This is especially useful when
         the password at the command line.

     -p PASS, --password=PASS
         Provide the authentication password for the execution of the
         Its better to use the VADM_PASS environment variable if

         Provide the authentication user name for the execution of the
         You can also set this in the VADM_USER environment variable.

     You must authenticate with a valid user/pass for any commands to be
     Some commands will only execute if the user/pass has admin rights
on the
    domain in question.

         This will output a coma delimited line of info about the user
trying to authenticate.
         If the supplied user/pass fails to authenticate then it exits
with a 1.

     list_users [DOMAIN] [OFFSET] [MAX]
         If DOMAIN is not supplied then assume the domain of the
authenticated user.
         OFFSET and MAX is to handle cases when the list of users is
quite large.
         If the authenticated user has admin rights to the domain then
this command
         will return a list of all users for that domain.  The list
output is one line per
         user with coma delimited info for every user.

     update USER SETTING
         USER is the email address of the account to be updated.
         SETTING is a coma delimited settings in a format similar to
that returned by
         the info command.
         If USER is equal to the authenticated user then the command is
         otherwise the authenticated user must have admin right to that

     password USER [-b] [NEW_PASSWORD]
         USER if the email address of the account to be updated.
         -b here indicated if the new pass is BASE64 encoded
         If [NEW_PASSWORD] is not supplied then read the new password
from the
         environment variable VADM_NEWPASS

     newacct USER [SETTING]
         The authenticated user must have admin rights on the domain to
         this command.

     rmacct [-f] USER
         This will remove an account and if the [-f] if supplied it will
also delete all
         the users email. Some checking is done to make sure no forwards
         to this account.

     setfallback DOMAIN EMAIL
         This will set the fallback address for the domain.

     list_forwards [DOMAIN] [OFFSET] [MAX]
     newfwd USER EMAIL
     rmfwd USER

     etc...... I am sure there are a few more commands that would be

     It is recommended that the credentials of the user be set with
environment variable
     rather then at the commend line for security reasons.

         This variable specifies the email address of the user
requesting the execution
         of the command.

         This variable specifies the password user requesting the
execution of the
         The password can be encoded in BASE64 if the -b is supplied.

         This variable hold the new password user requesting to change a
         The password can be encoded in BASE64 if the -b is supplied.

     Normally, exit status is 0 with output on STDOUT and 1 otherwise.

     This tool does not exist yet.

Reply via email to