Re: [vchkpw] proposed vpopmaild commands/usage
Hi all, where can i find vpopmaild? Am Mo, den 05.04.2004 schrieb Ken Jones um 16:16: > vpopmaild Monday status and summary > > 1) Status > I have a working vpopmaild that authenticates and runs > a few of the commands below. I'll be working on more > of the functions today. I'll update CVS later today so > people can pick up a working copy. > > 1) The auth command. > Let's have it return the user information for who is authenticating. > I think that information could be handy. Plus for System Admins > return the full path to vpopmail/domains directory. And for Domain Admins > return the full path to the domain directory. > > 2) Directories. > Following up on what Rick was suggesting for directory paths. > For simplicity perhaps we should use full paths for everything. > With the auth command returning full paths and the user > information containing full paths it might make things easier > to understand if everything uses full paths. > > 3) Current list of proposed functions > Authentication: > auth > > User commands: > add_user del_user mod_user user_info > > Domain commands: > add_domain del_domain dom_info > (do we need mod_domain?) > > Directory/File commands: > mk_dir rm_dir list_dir > mk_file rm_file write_file read_file > (perhaps mk_file and write_file should be one function) > > List commands: > list_domains list_users list_alias list_lists > > IP mapping commands: > get_ip_map add_ip_map del_ip_map show_ip_map > > Limit commands: > get_limits set_limits del_limits > > Last Auth commands: > get_lastauth get_lastauthip > (perhaps just one get_lastauth command returning date and ip?) > > Mailing list comamnds: > add_list del_list mod_list > > Graceful close: > quit > > Ken -- HS-IT.net Holger Seidenberg http://www.hs-it.net http://www.domaincommander.de
Re: [vchkpw] proposed vpopmaild commands/usage
vpopmaild Monday status and summary 1) Status I have a working vpopmaild that authenticates and runs a few of the commands below. I'll be working on more of the functions today. I'll update CVS later today so people can pick up a working copy. 1) The auth command. Let's have it return the user information for who is authenticating. I think that information could be handy. Plus for System Admins return the full path to vpopmail/domains directory. And for Domain Admins return the full path to the domain directory. 2) Directories. Following up on what Rick was suggesting for directory paths. For simplicity perhaps we should use full paths for everything. With the auth command returning full paths and the user information containing full paths it might make things easier to understand if everything uses full paths. 3) Current list of proposed functions Authentication: auth User commands: add_user del_user mod_user user_info Domain commands: add_domain del_domain dom_info (do we need mod_domain?) Directory/File commands: mk_dir rm_dir list_dir mk_file rm_file write_file read_file (perhaps mk_file and write_file should be one function) List commands: list_domains list_users list_alias list_lists IP mapping commands: get_ip_map add_ip_map del_ip_map show_ip_map Limit commands: get_limits set_limits del_limits Last Auth commands: get_lastauth get_lastauthip (perhaps just one get_lastauth command returning date and ip?) Mailing list comamnds: add_list del_list mod_list Graceful close: quit Ken
Re: [vchkpw] proposed vpopmaild commands/usage
> Here is what I've come up with so far for the vpopmaild daemon. > Comments? One more. Prototypes you sent don't include options to vaddusers etc. Options should be passed along in this protocol so that we could use for example vaddduser -n :-) Solt
Re: [vchkpw] proposed vpopmaild commands/usage
Iavor Raytchev wrote: Guys, I am in hospital at the moment - one of the muscles of my left leg refused to work and the doctors look for the reason. Get better first, then think about this, its a second priority. I could not read all posts - I would just like to tell you that two more people are interested in this daemon - and they want to write it - so it seems that this project has the unique chance to be something supported by a broad community of top people. I have never managed such huge community effort, so I have no idea about the dynamics. I only hope that personal pursuits will not allow any of the great people interested in the daemon to be lost. Ken Jones has allready written one, and was releasing a beta on Monday, we shall see how that goes. I'll try to come back to the list on Monday. Until then - best to all, Iavor X-Istence
RE: [vchkpw] proposed vpopmaild commands/usage
Guys, I am in hospital at the moment - one of the muscles of my left leg refused to work and the doctors look for the reason. I could not read all posts - I would just like to tell you that two more people are interested in this daemon - and they want to write it - so it seems that this project has the unique chance to be something supported by a broad community of top people. I have never managed such huge community effort, so I have no idea about the dynamics. I only hope that personal pursuits will not allow any of the great people interested in the daemon to be lost. I'll try to come back to the list on Monday. Until then - best to all, Iavor
Re: [vchkpw] proposed vpopmaild commands/usage
Rick Widmer wrote: mkdir auth: SA - restricted to vpopmail domain directories auth: DA - restricted to DA domain directory auth: U - restricted to users directory usage: mkdir OK - on success ERROR What is , and how do I specify them. I think my favorite would be: SA - prepend ~vpopmail/domains/ to DA - prepend ~vpopmail/domains/mydomain/ to U - prepend ~vpopmail/domains/mydomain/myuser/ to On the other hand that requires the programmer on the PHP side to describe the directory differently depending on the access level of the user that is logged in. Maybe it is better to just prepend ~vpopmail/domains to the directory and require the user to send the directory part below no matter what access is available. That way I don't have to change how I specify a directory based on the user's rights. Is there _any_ reason the daemon should ever access any file or directory above ~vpopmail/domains? The more I think about this, the more I prefer to have vpopmaild always prepend ~vpopmail/domains/ to all entries, and no matter what kind of user is logged in, the program using the daemon always has to include the domain and user directories in the request. The daemon would allow SA users any directory under ~vpopmail/domains, require DA users to specify their domain directory, and U users must specify their domain directory and user directory. I think that would simplify code on both sides of the connection. Also... I forgot to list these missing commands: getdir auth: SA - restricted to vpopmail domain directories auth: DA - restricted to DA domain directory auth: U - restricted to users directory usage: getdir OK - on success ERROR Returns a list of files and directories, one per line. Is there any information in a ls that we want to have besides just the file/dir name? getfile auth: SA - restricted to vpopmail domain directories auth: DA - restricted to DA domain directory auth: U - restricted to users directory usage: getfile OK - on success ERROR Returns the contents of a file, followed by a blank line, then the status. Maybe we need the size of the file, in lines; just in case the file being received has blank lines followed with things that look like a status report. Maybe we need some kind of unique terminator. I'm not sure, but I do need to be able to do things like list the current contents of a mail robot Message file.
Re: [vchkpw] proposed vpopmaild commands/usage
Ken Jones wrote: Here is what I've come up with so far for the vpopmaild daemon. Looking good! Can I get an early copy? I'd like to try to build the PHP object to connect with it using sockets. I think most of what you have done looks great. Comments? Several. You don't show any authentication commands. How do I login to the daemon? How will the daemon report what access level the user has? I'm sure the program using the daemon will have to adapt to the rights of the current user. How are you planning to authenticate SA users? (Where are the passwords kept.) adduser auth: SA - no restrictions auth: DA - must match DA domain usage: adduser <[EMAIL PROTECTED]> OK - on success ERROR A SA user should be able to use adduser to create a new SA user through the interface. Or something similar, I would like to manage system users within the application. mkdir auth: SA - restricted to vpopmail domain directories auth: DA - restricted to DA domain directory auth: U - restricted to users directory usage: mkdir OK - on success ERROR What is , and how do I specify them. I think my favorite would be: SA - prepend ~vpopmail/domains/ to DA - prepend ~vpopmail/domains/mydomain/ to U - prepend ~vpopmail/domains/mydomain/myuser/ to On the other hand that requires the programmer on the PHP side to describe the directory differently depending on the access level of the user that is logged in. Maybe it is better to just prepend ~vpopmail/domains to the directory and require the user to send the directory part below no matter what access is available. That way I don't have to change how I specify a directory based on the user's rights. Is there _any_ reason the daemon should ever access any file or directory above ~vpopmail/domains? Please be sure to look up vpopmail's home directory, and not just assume it is /home/vpopmail! (Compile time is fine.) Error Codes: Not yet defined Where possible, pass existing error codes on, and make up all new codes so they have unique values. (Check against vpopmail and ezmlm for existing codes.) MISSING FUNCTIONS: Listing listdomain auth: SA - list all domains auth: DA - no access, return an error auth: U - no access, return an error usage listdomain List of all domains, in alpha order, followed by an empty line, followed by OK. NOTE: The base code for this should be placed in vpopmail itself. I am specifying alpha order because it is so easy for all of the database back ends to do, and not that much harder to do for CDB. (Yes I will handle the CDB interface to allow this. It is much like my patch to list aliases in order.) listuser auth: SA - can list any domain auth: DA - can list own domain auth: u - no access, return an error usage listuser List all users (accounts with a maildir, and pop/imap access) in alpha order, within the domain, followed by a blank line then OK. listalias auth: SA - can list any domain auth: DA - can list own domain auth: u - no access, return an error usage listalias List all aliases (.qmail files, or aliases stored in a database) in alpha order, using the new valias capabilities of vpopmail. NOTE: Tom's valias support handles most of this. Add my patch for CDB and a 'ORDER BY' statement in the SQL code for the database plugins to have vpopmail return the values in the correct order. This will use the vpopmail functions valias_select and valias_select_next. listlist auth: SA - can list any domain auth: DA - can list own domain auth: u - no access, return an error usage listalias List all mailing lists, in alpha order within the domain. This will probably involve searching for symlinks in the Domain's directory. I would like to get my hands on the following vpopmail functions: Alias Handling valias_insert valias_delete valias_remove There is no current support in vpopmail for it, but it would be very nice to have a set of functions that store and retrieve aliases in a user specified order. This does not have to be done now, but should be on the long term plan. IP Mapping vget_ip_map vadd_ip_map vdel_ip_map vshow_ip_map Domain Limits vget_limits vset_limits vdel_limits Last Authentication vget_lastauth vget_lastauthip vset_lastauth You might want to call vset_lastauth yourself, and not make it something that can be requested by the daemon. At least SA and DA users should be able to view lastauth info on their users. And then there are mailing lists... Right now my policy on ezmlm is to ignore it till the rest of my QmailAdmin project is complete. Sorry, I don't know much about how mailing lists are handled now, but I do feel they are important to manage from PHP. If someone knows more about what is required, please chime in! Rick
Re: [vchkpw] proposed vpopmaild commands/usage
Hi, > Here is what I've come up with so far for the vpopmaild daemon. > Comments? addaliasdomain (and derivatives) auth: SA - no restrictions auth: DA - depends on privileges usage: adddomain returns: OK - on success ERROR example: client -> adddomain example.com test vpopmaild -> OK or vpopmaild -> ERROR XXX alias domains not allowed setdomainquota setadminuser - to set other than postmater domain admin > I have a working vpopmaild now. If we can work out the details then > I can probably have a version for testing by Monday. Great! > I added file/directory commands so we can manage .qmail files > or create autoresponder directories/files etc. Will need extending vpopmail PHP class but ... > I'm thinking we should keep the vpopmaild as simple as possible, > and place most of the intelligence for formating these simple commands > into the php module. ... that is good as well. Solt
[vchkpw] proposed vpopmaild commands/usage
Here is what I've come up with so far for the vpopmaild daemon. Comments? I have a working vpopmaild now. If we can work out the details then I can probably have a version for testing by Monday. I added file/directory commands so we can manage .qmail files or create autoresponder directories/files etc. I'm thinking we should keep the vpopmaild as simple as possible, and place most of the intelligence for formating these simple commands into the php module. Ken Jones vpopmaild Summary vpopmaild provides authenticated access via a tcpserver connection to vpopmail based commands. Primarily for php programs which can not easily change to the right permissions. How to run: tcpservervpopmaild example with multlog: tcpserver -vHRD 0 8989 vpopmaild | \ /usr/local/bin/setuidgid vpopmail \ /usr/local/bin/multilog t n20 s100 /var/log/vpopmaild & Definitions: SA = system administrator privilages DA = domain administrator privilages U = user privilages = three digit error number, example: 123 Functions: adddomain auth: SA - no restrictions usage: adddomain returns: OK - on success ERROR example: client -> adddomain example.com test vpopmaild -> OK or vpopmaild -> ERROR XXX domain exists deldomain auth: SA - no restrictions usage: deldomain OK - on success ERROR example: client -> deldomain example.com vpopmaild -> OK or vpopmaild -> ERROR XXX not authorized adduser auth: SA - no restrictions auth: DA - must match DA domain usage: adduser <[EMAIL PROTECTED]> OK - on success ERROR deluser auth: SA - no restrictions auth: DA - must match DA domain usage: deluser <[EMAIL PROTECTED]> OK - on success ERROR passwd auth: SA - unrestricted auth: DA - restricted to DA domain accounts auth: U - restricted to users account usage: passwd <[EMAIL PROTECTED]> setquota auth: SA - unrestricted auth: DA - restricted to DA domain accounts usage: setquota <[EMAIL PROTECTED]> mkdir auth: SA - restricted to vpopmail domain directories auth: DA - restricted to DA domain directory auth: U - restricted to users directory usage: mkdir OK - on success ERROR rmdir auth: SA - restricted to vpopmail domain directories auth: DA - restricted to DA domain directory auth: U - restricted to users directory usage: rmdir OK - on success ERROR mkfile auth: SA - restricted to vpopmail domain directories auth: DA - restricted to DA domain directory auth: U - restricted to users directory usage: mkfile OK - on success ERROR rmfile auth: SA - restricted to vpopmail domain directories auth: DA - restricted to DA domain directory auth: U - restricted to users directory usage: rmfile OK - on success ERROR Error Codes: Not yet defined
