[Dovecot] [Bug] doveadm pw Fatal: open(/etc/dovecot/dovecot.conf) failed: Permission denied
Jiří Bourek
bourek at thinline.cz
Tue Apr 1 08:37:50 UTC 2014
On 04/01/2014 08:56 AM, Dwain Blazej wrote:
> I'm writing some code for Posty, a Postfix and Dovecot Administration App.
> One way to support all of dovecot's password hashes is to have "dovecot pw"
> do the work, however I don't want to run the web facing Posty as root or
> the same user as Dovecot.
>
> Is the output of "dovecot pw" is effected by the contents of the
> configuration files? What in the configuration file does "dovecot pw"
> require to operate?
>
> I personally care about SHA512-crypt support, so I just called an outside
> library to generate the hash. However, others might want to use a different
> scheme, or Dovecot might not have support for SHA512-crypt on other systems
> (I think Mac OS X is an example). Hence the elegance of using dovecot pw
> to do all the work. If a normal user can call dovecot pw, then I'll add
> back in that code.
>
Well if you're using an external library for one scheme, you may just as
well use your own code for other schemes. For example:
require 'digest'
require 'base64'
hash = '{SSHA512.b64}' +
Base64.strict_encode64(
Digest::SHA512.digest("#{secret}#{salt}") + salt
)
IMO there's no need to call external program for this.
More information about the dovecot
mailing list