'Re: [SM-PLUGINS] I'm getting an error: To test the chpasswd'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squirrelmail-plugins
Subject:    Re: [SM-PLUGINS] I'm getting an error: To test the chpasswd
From:       "Tomas Kuliavas" <tokul () users ! sourceforge ! net>
Date:       2006-05-28 11:39:14
Message-ID: 33198.88.118.24.44.1148816354.squirrel () internet ! eik ! lt
[Download RAW message or body]

> Dear Tomas,
>
> Thank you very very much for your reply.
>
>> Are you using php in safe_mode?
> I tryed to test
> http://192.168.222.2/squirrelmail/plugins/change_passwd/exec_test.php
> And I received this result, but I'm not sure what is it (I think safe_mode
> is off):
>
> Testing exec()...
> safe_mode =
> safe_mode_exec_dir =
> ------------------------------
> return value = 0
>
> output:
>
> Array
> (
>     [0] => COPYING
>     [1] => INSTALL
>     [2] => README
>     [3] => chpasswd
>     [4] => chpasswd.c
>     [5] => config.php.sample
>     [6] => exec_test.php
>     [7] => functions.php
>     [8] => getpot
>     [9] => index.php
>     [10] => locale
>     [11] => options.php
>     [12] => setup.php
>     [13] => version
> )
>
>
>> Have you tried to execute chpasswd as webserver user and not as root?
> my apache user is wwwrun.
> I tryed this commands:
> # vipw
> in file I changed wwwrun .... /bin/false to wwwrun .... /bin/bash
> # su - wwwrun
> # cd /srv/www/htdocs/squirrelmail/plugins/change_passwd
> # ./chpasswd 'nu' 'testoldpasswd' 'testnewpasswd' 2>&1
> -bash: ./chpasswd: Permission denied
>
> Here I changed file permission chmoding 777 and owner to wwwrun:www.
> Tryed again:
> # ./chpasswd 'nu' 'testoldpasswd' 'testnewpasswd' 2>&1
> chpasswd - setuid: Operation not permitted

From plugin's INSTALL file.

  chown root:apache chpasswd
  chmod 4750 chpasswd

First number in chmod command adds SUID bit. Use your webserver group
instead of 'apache'

> I'm not advanced user so I don't know what is this and how I have to make
> some changes
> whithout causing damage to security. I googled some info about setuid but
> I'm not sure how to use that.
>
> I tryed with poppassd but I have got this error:
> nu:~ # telnet 192.168.222.2 106
> Trying 192.168.222.2...
> Connected to 192.168.222.2.
> Escape character is '^]'.
> 200 poppassd v1.8.5 hello, who are you?
> user nu
> 200 Your password please.
> pass testoldpassword
> 500 Old password is incorrect.
> Connection closed by foreign host.
>
> But password is correct!
>
> I would be very appreciated  if  you  could advise me some additional
> steps,

Have you created /etc/pam.d/poppassd file as described in poppassd README
file.

-- 
Tomas


-------------------------------------------------------
All the advantages of Linux Managed Hosting--Without the Cost and Risk!
Fully trained technicians. The highest number of Red Hat certifications in
the hosting industry. Fanatical Support. Click to learn more
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=107521&bid=248729&dat=121642
--
squirrelmail-plugins mailing list
Posting Guidelines: http://www.squirrelmail.org/wiki/MailingListPostingGuidelines
List Address: squirrelmail-plugins@lists.sourceforge.net
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.plugins
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=3931
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-plugins
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic