Consensus on the Roundcube Password Plugin Virtualmin Driver?

SYSTEM INFORMATION
OS type and version Ubuntu Server 22.04.1 LTS
Virtualmin version 7.3-1
Roundcube version 1.6.0 (or 1.5.3)

So I see several posts about this topic, and most mention that Roundcube’s packaged “Password” plugin API for Virtualmin is either outdated, incompletely implemented, or somehow dangerous… but no one seems to present a solid solution to the issue at hand — that being, exactly how do I let users change their login password without relying on Usermin (or phpmyadmin like someone else mentioned)?

Also, is my assumption correct that the password for the db user for Roundcube must always be the SAME as the password being passed along to Virtualmin/Dovecot/Postfix for unix auth?

If so, is there another, more appropriate Virtualmin API for changing users’ unix passwords that I could use to whip up a custom solution apart from Roundcube’s own plugin?

Also, am I correct in assuming that the intent behind the Roundcube password plugin is that Roundcube can change the password for the user on a different server (in other words, Roundcube doesn’t need to be running on the same server where Virtualmin/Dovecot/Postifx are running)?

See
https://www.virtualmin.com/documentation/developer/http/

And also see:
https://www.virtualmin.com/documentation/developer/cli/

That’s correct, I confirm Roundcube can run on a different server and act as a mail client for Virtualmin, though I am not sure about how that could work with the change password functionality between Virtualmin and Roundcube)

Right, I’ve got that first part down; I’ve used a Roundcube installation running in IIS (shudder) on a Win Server — but the password plugin was totally nonfunctional.

I assumed that the Roundcube password plugin was supposed to be capable of changing the unix user password remotely via API, as opposed to requiring Roundcube to be installed on the same OS/VM/Server as Virtualmin itself.

Thank you for sharing those links; I will give those a good read when I have more gray matter at my disposal than at present. :sleeping:

I don’t see how phpmyadmin could possibly be involved in this.

The only possible explanation I could come up with for why phpMyAdmin was brought up was if someone was talking about directly changing the password for the Roundcube user, separate from the respective unix user in Vmin.

Presumably, the Roundcube login password must match the user’s unix password, otherwise how could you access the mail server? I guess they meant, “How do you change the Roundcube password after changing the unix user password?” or something like that.

It does look like this is going to have to be done in two separate steps with a custom piece of code, since it still appears to me that the password plugin for RC doesn’t work on Vmin users.

Inside Rouncube 1.6 plugins folder you will find password
Long list of choices
One I had found that looked interesting was the HTTP-API

The settings are straight forward and I believe you only need to add in the url for your Virtualmin passwd/change_passed.cgi
Than go Webmin Config page > authenticate and turn on the API all the way on the bottom of the page.

Could be other steps to get this working. I haven’t tried it yet but looks like the better option.
The only thing I didn’t see was how to call on this API in Virtualmin without an Administrator user and password.
Perhaps it works without it? IDK…

Regards,

Peter

replaced of with on… sorry

It does not, and it would be dangerous to hand out HTTP API user/password to anything less than a trusted server that doesn’t have users who could get that password. The Virtualmin API is an administrative tool, with effectively root access.

It is not immediately clear to me how one could safely allow a remote RoundCube instance to change passwords on a Virtualmin system. Locally, it can just run the passwd command (because we use system users, and a user can change their own password with the passwd command, though it requires the user know the old password, which can make password resets tricky and a different sort of problem). Remotely? I don’t know. It’d have to have elevated privileges to be able to change every user’s password.

Passwords are hard, because they have such severe security implications.

I think there would need to be a non-privileged API that allows Roundcube to authenticate using the users username and password…so, maybe a Usermin API (this is not a thing that exists, just spitballing ideas for how it might safely be done)? Usermin drops privileges and becomes the user when you login (like a shell session, basically), so it can only do things the user can do, which includes changing the user’s own password.

You could probably also hack up something on the Roundcube side that logs into the Virtualmin server via ssh and changes the password using passwd, but that’s likely to be very tricky to make work (have to worry about all sorts of possible configuration issues, like can the user login via ssh? do they have a shell that allows running passwd? are password logins allowed?).

While I’m talking, I should point out I have never used Roundcube and have never looked at how it is implemented. I know literally nothing about Roundcube or the password plugin or how Roundcube stores users and passwords and such. I had assumptions that are maybe wrong…mention of MySQL user storage above was news to me. I assumed Roundcube simply authenticated to the mail server and did not have its own user accounts (which would mean you’d only need to change the Virtualmin server user password), but that is maybe untrue and you also have to update something in Roundcube local storage, maybe a database?

You are not missing out on much…

I prefer Usermin since you have total control over spam if the server is using spamassin
The buttons could use an overhaul but still better to use on Virtualmin than alternative scripts.

Usermin is fine for techies like me, not so much for the users I intend to host email for. They need a minimum of complicated features that can be tweaked.

1 Like

That’s heartbreaking. We’ve tried so hard to make Usermin easy to use. I honestly don’t know how to make it simpler.

Please forgive my indiscretion; perhaps I simply lack enough understanding of how to adjust the feature-set I would prefer to be available or not in Usermin (I know the available/shown features can be adjusted).

I just know that the fewer things there are visible to be messed with, the more positive the response will be from users – I’ve already dealt with pushback on other “tech” projects because people didn’t want to “deal” with technology.

I recently posted in another forum, it’s a shame that the userbase for computers in general is largely transitioning from users to “consumers” — and that is the issue I am dealing with and why I was attempting to use Roundcube. Out of the box it feels a little more “Fisher Price” than Usermin.

We just need actionable feedback. I’m not complaining about being told it’s still too complicated, we just need to know what would make it suitable for end users. That’s the point of Usermin. It’s not an administrative tool, it is meant to be used by non-technical email users. It’s our webmail client, if nobody wants to use it for webmail, we’d like to know why.

But, just saying it’s too complicated doesn’t help, as I can’t see how it’s complicated. I’m not saying the complexity isn’t there, I’m saying we’re not able to discern where the complexity lies, so we can’t fix it.

You overestimate the tech literacy of the average user. Most of them are clueless.

Richard

1 Like

It does need forwarding. Not too many people are going to be able to productively use a mail client that can’t forward mail. It’s too common a function.

Other than that, you can throw most users off by changing the thickness of a div border or moving a button from left to right. Usermin “looks different,” which is enough to bewilder the average non-tech user.

Case in point: I just spent a day and a half helping a client’s employee set up his email client, with autodiscover and autoconfig enabled and working. A day and a half. All he needed to do was correctly enter his email address and password, and it took him a day and a half.

So don’t take it personally. Most users… Well, let’s just say they didn’t quite make MIT.

Richard

Webmin already has a remote password change API, which can be enabled in Webmin ⇾ Webmin Configuration: Authentication page. Although, it will only work properly starting with the next Webmin release.

RoundCube plugin developers should consider using that for changing user passwords.

Then it doesn’t already have it. :wink:

I didn’t know that existed. Where’s the code? Does it work without a root Webmin login? If it works without a root login, I’ll take a stab at making a Roundcube plugin for it. If it doesn’t work without a root login, then we don’t have a suitable API for this problem.

2 Likes

I’m a blithering fool.

Right there in the stinkin’ description of the Virtualmin driver for the Roundcube Password plugin:

It only works with virtualmin on the same host where Roundcube runs
and requires shell access and gcc in order to compile the binary.

I am so sorry everyone for wasting your time. :man_facepalming:t2:

Have a happy new year’s eve, if you haven’t already.

The code is in webmin/passwd/change_passwd.cgi file.

Does it work without a root Webmin login?

Yes, but only in anonymous mode and only using POST request.

I’ll take a stab at making a Roundcube plugin for it.

Thanks!