Re: [vchkpw] Re: Inserting new users via mysql-insert into the vpopmail database

[Nick Harring]

Paul L. Allen wrote: Oliver Etzel - GoodnGo.COM \(R\) writes: I want to create new users like [EMAIL PROTECTED] NOT with vadduser BUT with just inserting it via mysql-insert into the vpopmail database. OK, you have now explained what you want to use instead. Somebody else pointed out that the maildir will be created automatically by vdelivermail if the user exists (I hadn't realized it did that until I read that message and looked at the code just now) so you can get away with doing that. What you have yet to explain is any valid or sensible reason WHY you want to do this. Any hints, how I can generate the encrypted password in the column pw_passwd (looks like this $1$S/TPu$GjMMj7yMJqG.0ckx) ??????? Not without breaking out of MySQL and returning to the shell. The hard way is to get a shell prompt, use passwd to set the password of a dummy system user then copy the crypted password into the MySQL command. This isn't actually true. Mysql provides an encrypt() function, which takes two strings, the password and the salt. On linux, and I would guess *BSD as well, when you supply $1$ as the start of the salt then an md5 crypt, same as in /etc/shadow, is performed.  This is what I got on my linux system: mysql> select encrypt("foo", "$1$foo"); +-------------------------------+ | encrypt("foo", "$1$foo")      | +-------------------------------+ | $1$foo$cicfbsODeQjKhATDU7z4p. | +-------------------------------+ The harder way is to write a perl script that generates some good random salt, calls crypt to crypt the password then uses the DBD modules to insert the user into MySQL. This is, imho, a less than stellar idea, particularly in light of MySQL providing crypt functions that will work the same as what vpopmail uses (crypt() btw). For "full" vpopmail compatability the salt must be 8 characters, the first three being $1$ if you're using MD5 passwords, and ended with 0. The middle 5 are random letters. An easy way to do it is to add the user with MySQL giving garbage for the crypted password then use vmoduser to set a valid crypted password. The very easy way to do it is to run vadduser. This all assumes you've got, and wish to use, shell access on the vpopmail system. You CANNOT do it all from MySQL. You CAN do it all with vadduser. Wrong, and sometimes also wrong. There may be very legitimate reasons, technical or political, for not allowing scripts to execute shell commands on a mail system. There may be integration reasons why only DB queries can be performed, instead of invoking a cgi or doing an ssh and executing a script. Hope that helps, Nick Harring Webley Systems, Inc.