Roundcube Change-password plugin

Hi,

I’ve got an ‘out-of-the-box’ installation of VirtualMin on Ubuntu 10.4 and have installed the latest Roundcube (version .5.3) and all is working well except for the Change-password plugin. The form-page for changing the password shows up okay, but each time I attempt to change the password I get a message “Password could not be changed”.

In the config.inc.php file I’ve set it to:

$rcmail_config[‘password_driver’] = ‘virtualmin’;

… as the default is ‘sql’ and the mail is not using MySQL.

There seems to be a few methods of getting it to work described in a number of blogs and sites, but they seem to be about earlier versions. I’ve worked through a number of them but no luck.

Has anyone got any hints on getting this plugin to work?

Cheers,
Mark.

Howdy,

I don’t have any experience with that particular plugin… but one thing you may want to check is the Apache error logs in $HOME/logs/error_log.

Try changing the password, then view the error log for any errors that may have shown up.

-Eric

Hi Eric,

The logfile is only showing a few errors for missing files (favicon.ico, robots.txt) - but nothing relating to roundcube or mail.

??

Mark

Hi,

I tried with different suggestions too, but finally this is what I do and it seems to work correctly:

  • edit your ./plugins/password/driver/virualmin.php

  • At line 22 afther $username = $_SESSION[‘username’]; insert:
    $plugin = $rcmail->plugins->exec_hook(‘user2email’,
    array(‘email’ => NULL, ‘user’ => $username,
    ‘first’ => true, ‘extended’ => false));
    $email = $plugin[‘email’][0];
    $domain = substr(strrchr($email, “@”), 1);

  • comment the switch sentence because we have the user’s domain.

In my system, I have users with serveral system names: user.domain, user-domain, user without domain, because these came from others systems. I prefer to obtain the domain from the postfix virtual table using the user2email function provided by virtusert_file plugin.

I hope this works for you.
Regards.

Hi

I am having same issue.
my users are this way: user.domain and tried every solution out there.
Even hardcoding domain!!

But ends with:
PHP Error, Password plugin: Unable to execute
How can I fix it?
Or,
Is there a way to store mail’s password in the database where users are stored?

Regards

Andres

Howdy, I tried exactly the same, and it is working when running from console, however on my system the binary turns out red after changing the permissions. I am running on CentOS.

@frnet: What exactly did you do to set correct permission on that file?

Could this be because of suexec?

Howdy,

It’s unlikely to be a suexec problem, since suexec doesn’t directly run the PHP files, it instead executes the php5.cgi file in fcgi-bin or cgi-bin.

However, you would want to make sure that the plugin file is owned by your Virtual Server owner, and that the permissions on it are “755”.

-Eric

I tried, still get:

[15-Dec-2011 13:46:39 +0100]: PHP Error: Password plugin: Unable to execute /home/divint/domains/sjekkepost.no/public_html/plugins/password/drivers/chgvirtualminpasswd in /home/divint/domains/sjekkepost.no/public_html/plugins/password/drivers/virtualmin.php on line 67 (POST /?_task=settings&_action=plugin.password-save?_task=&_action=)

I think this script is supposed to run as root, not sure why though.

// set the UID this script will run as (root user)
#define UID 0
#define CMD “/usr/sbin/virtualmin”

/* INSTALLING:
gcc -o chgvirtualminpasswd chgvirtualminpasswd.c
chown root.apache chgvirtualminpasswd
strip chgvirtualminpasswd
chmod 4550 chgvirtualminpasswd
*/

Ah, so the password changing doesn’t occur from within the PHP script, it calls out to a custom program for that.

So if you type this command, what output do you get:

ls -l /home/divint/domains/sjekkepost.no/public_html/plugins/password/drivers/chgvirtualminpasswd

Yes, there’s a binary.

-rwxr-xr-x 1 divint divint 3420 Dec 14 14:36 /home/divint/domains/sjekkepost.no/public_html/plugins/password/drivers/chgvirtualminpasswd

This is the binary:

#include #include

// set the UID this script will run as (root user)
#define UID 0
#define CMD “/usr/sbin/virtualmin”

/* INSTALLING:
gcc -o chgvirtualminpasswd chgvirtualminpasswd.c
chown root.apache chgvirtualminpasswd
strip chgvirtualminpasswd
chmod 4550 chgvirtualminpasswd
*/

main(int argc, char *argv[])
{
int rc,cc;

cc = setuid(UID);
rc = execvp(CMD, argv);
if ((rc != 0) || (cc != 0))
{
fprintf(stderr, “__ %s: failed %d %d\n”, argv[0], rc, cc);
return 1;
}

return 0;
}

What instructions did you use for installing that particular module?

It doesn’t seem to have the permissions that it would need (the instructions I see in the module source should provide that).

-Eric

The instructions in my post above were the only instructions apart from going trough the configuration. I followed the instructions but when they did not work (permission error), I tried to chown site user and group instead.

Well, in the source code of the program you posted is the following comments:

/* INSTALLING:
gcc -o chgvirtualminpasswd chgvirtualminpasswd.c
chown root.apache chgvirtualminpasswd
strip chgvirtualminpasswd
chmod 4550 chgvirtualminpasswd
*/

Did you by chance run both the chown and the chmod commands?

While I’m not familiar with this plugin, it appears as if it’s calling the “/usr/sbin/virtualmin” command line tool in order to change the user’s password. It would indeed need to run as root in order for that to work, and you’d have to run both that chown and chmod command in order to run as root.

-Eric

Yes i did and it didn’t work either:/ ls -l shows that the file in question is red, not sure exactly what it means on CentOS but I have a pretty good idea.

The “ls -l” command you showed isn’t showing that the chown and chmod commands worked correct then.

You may want to try running these again:

chown root.apache /home/divint/domains/sjekkepost.no/public_html/plugins/password/drivers/chgvirtualminpasswd chmod 4550 /home/divint/domains/sjekkepost.no/public_html/plugins/password/drivers/chgvirtualminpasswd

That’s true, because that was after trying ownership of site user/group…

This is after following the readme:

-r-sr-x--- 1 root apache 3420 Dec 14 14:36 chgvirtualminpasswd

Great! So is that plugin working for you now?

-Eric

No it’s not, that’s the problem:( I still get the error message.

Hello,

I am new user of Virtualmin and it’s unclear for me how to execute this script, where to setup UID and define CMD in Virtualmin?

#include <stdio.h>
#include <unistd.h>

// set the UID this script will run as (root user)
#define UID 0
#define CMD “/usr/sbin/virtualmin”

/* INSTALLING:
gcc -o chgvirtualminpasswd chgvirtualminpasswd.c
chown root.apache chgvirtualminpasswd
strip chgvirtualminpasswd
chmod 4550 chgvirtualminpasswd
*/

main(int argc, char *argv[])
{
int rc,cc;

cc = setuid(UID);
rc = execvp(CMD, argv);
if ((rc != 0) || (cc != 0))
{
fprintf(stderr, “__ %s: failed %d %d\n”, argv[0], rc, cc);
return 1;
}

return 0;
}

Regards,
Maciek

You don’t, it’s already there. just follow the instructions below INSTALLING: and good luck, I could not get it working using CentOS at least, virtualmin command line require root perms, somehow my system won’t allow to run this…