1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
|
Minimum Survial Readme
VPOPMAIL SPECIFIC ISSUES
-------------------------------------------------------------------------------
assume
qmail is installed in /var/qmail
vpopmail in ~vpopmail
qmail-send runs as qmails
different parts of vpopmail require certain user id (uid) and
group id (gid) in order to operate normally.
brief list with requirements:
adddomain
deldomain
addaliasdomain
read/write permissions on
/var/qmail/users/ assing, assign.lock, cdb
read/write permissions on
/var/qmail/control/*
singnal qmail-send with SIGHUP (uid==qmails or root)
read/write permissions on
~vpopmail/domains
optionally read/write to cdb vpopmail databases
adduser
deluser
read/write permissions on
~vpopmail/domains/<givendomain> (or the default domain)
optionally read/write to cdb vpopmail databases
passwd
optionally read/write on
~vpopmail/domains/<givendomain>/<givenuser>
(only when sqwebmail is configured)
setuserquota
optionally read/write to cdb vpopmail databases
auth_user
optionally read from cdb vpopmail databases
POSSIBLE SCENARIOS
-------------------------------------------------------------------------------
php is in cgi mode
command line invocation
web server cgi invocation
php is web server module
in command line mode the php interpreter may be run from vpopmail uid to
administer users, etc. or as root to add/del domains - this is the easiest case
in cgi mode proper uid may be provided eighter by suid php interpreter or
using cgi exec wrapper. the same restrictions as in command line mode apply
the web server module mode is the most powerful and works much faster that cgi.
in this mode more restrictions apply because web server's uid at least must
be able to read/write the directories of the manages domains.
first scenario only allows web scripts to manage certain domains. security
may be compromised if there are user webs under the same web server
with allowed script execution.
second scenario is to setup web server and vpopmail under the same uid/gid.
thus allowing only user management in all domains.
third scenario extends second with the ability to manage domains. generally
from security reasons it is not a good idea to run such a system on a server
with shell users - vpopmail's domain admin tools must be suid root to work
properly and most users will be able to add/delete domains.
it is not considered a good idea to run web servers as root. hence the need
to suid vpopmail domain management tools and exec them insted using native api.
native api for domains is only suitable for cgi/command line mode, when php is
run through suid root wrapper or suid itself.
almost all scenarios lack secutiry in different ways - eighter powerful tools
get suid root or parts of vpopmail setup become useable by any system user
or web users with cgi/php access may utilize vpopmail api for mail management.
perhapse the most secure solution is to run a separate apache server under
the vpopmail user and chmod 700 ~vpopmail/bin.
FREQUENTLY USED CONFIGURATION STEPS
-------------------------------------------------------------------------------
changing existing vpopmail uid/gid is possible but not easy -
take these into account:
#1 - backup your setup, mail and configuration!
stop qmail-send before doing any changes
else your mail in process may get bounced or
deleted or delivered to a default destination or...
stop pop3/imap remote/local users - while changing uids
users cannot check their mail
you may leave smtp - qmail-inject will take care
no matter vpopmail setup is broken (if and only
if you have stopped qmail-send)
in rc.d scripts tcpserver uid/gid may need to be changed
reconfiguring vpopmail:
./configure ....your opts plus new uid/gid....
remember to
make clean all install
in vpopmail src tree; clean is needed if vpopmail has already been
configured with another uid/gid - vpopmail's dependencies are not
intact after reconfigure
after these steps change the uid/gid in
/var/qmail/users/assign
compile the assign file. the dummies way is to
vadddomain mydummy.domain aaaa
vdeldomain mydummy.domain
suid root vadddomain, vdeldomain and vaddaliasdomain
(this is only needed for domain management in web server module)
cd ~vpopmail/bin
chown 0.0 vadddomain vdeldomain vaddaliasdomain
chmod +s vadddomain vdeldomain vaddaliasdomain
optionally secure ~vpopmail/bin
(beware these programs may be exploitable or at least used)
chmod 700 ~vpopmail/bin
run qmail-send
/bin/csh -cf '/var/qmail/rc &'
run pop3 tcpserver or what you are using
verify your setup
#2 verify php vpopmail module and configuration
for web server module and cgi setups create a phpinfo page:
<?php phpinfo() ?>
for command line mode run
php -i
check for vpopmail section in result
verify that php euid/egid match vpopmail's
in setups where only certain domain users will be administrated
verify that php euid/egid can access their respective directories
FUNCTION PROTOTYPES
-------------------------------------------------------------------------------
bool vpopmail_add_domain(string domain, string dir, int uid, int gid)
bool vpopmail_del_domain(string domain)
bool vpopmail_add_alias_domain(string domain, string aliasdomain)
bool vpopmail_add_domain_ex(string domain, string passwd [, string quota [, string bounce [, bool apop]]])
bool vpopmail_del_domain_ex(string domain)
bool vpopmail_add_alias_domain_ex(string olddomain, string newdomain)
bool vpopmail_add_user(string user, string domain, string password[, string gecos[, bool apop]])
bool vpopmail_del_user(string user, string domain)
bool vpopmail_passwd(string user, string domain, string password)
bool vpopmail_set_user_quota(string user, string domain, string quota)
bool vpopmail_auth_user(string user, string domain, string password[, string apop])
bool vpopmail_alias_add(string user, string domain, string alias)
bool vpopmail_alias_del(string user, string domain)
bool vpopmail_alias_del_domain(string domain)
array vpopmail_alias_get(string alias, string domain)
string vpopmail_error(void)
CONTACT INFO
-------------------------------------------------------------------------------
your comments, fixes and stuff are welcome
Boian Bonev <boian@bonev.com>
$Id$
|
