4 require './dovecot-lib.pl';
6 &error_setup($text{'login_err'});
8 &lock_dovecot_files($conf);
10 # Allowed and default realm
11 &save_directive($conf, "auth_realms",
12 $in{'realms_def'} ? undef : $in{'realms'});
13 &save_directive($conf, "auth_default_realm",
14 $in{'realm_def'} ? undef : $in{'realm'});
16 # Authentication mechanisms
17 if (&find("auth_mechanisms", $conf, 2)) {
18 &save_directive($conf, "auth_mechanisms",
19 join(" ", split(/\0/, $in{'mechs'})));
22 &save_directive($conf, "mechanisms",
23 join(" ", split(/\0/, $in{'mechs'})), "auth","default");
27 $userdb = $in{'usermode'};
28 if ($in{'usermode'} eq 'passwd-file') {
29 -r $in{'passwdfile'} || &error($text{'login_epasswdfile'});
30 $userdb .= " ".$in{'passwdfile'};
32 elsif ($in{'usermode'} eq 'static') {
33 $in{'uid'} =~ /^\d+$/ || &error($text{'login_euid'});
34 $in{'gid'} =~ /^\d+$/ || &error($text{'login_egid'});
35 $in{'home'} || &error($text{'login_ehome'});
36 $userdb .= " uid=".$in{'uid'}." gid=".$in{'gid'}.
39 elsif ($in{'usermode'} eq 'ldap') {
40 -r $in{'ldap'} || &error($text{'login_eldap'});
41 $userdb .= " ".$in{'ldap'};
43 elsif ($in{'usermode'} eq 'pgsql') {
44 -r $in{'pgsql'} || &error($text{'login_epgsql'});
45 $userdb .= " ".$in{'pgsql'};
47 elsif ($in{'usermode'} eq 'sql') {
48 -r $in{'sql'} || &error($text{'login_esql'});
49 $userdb .= " ".$in{'sql'};
51 elsif ($in{'usermode'} eq '') {
52 $userdb = $in{'other'};
54 if ($usec = &find_section("userdb", $conf, undef, "auth", "default")) {
55 # Version 1.0.alpha format, which has a userdb *section*
56 ($svalue, $args) = split(/\s+/, $userdb, 2);
57 $usec->{'value'} = $svalue;
58 $usec->{'members'} = [ grep { $_->{'name'} ne 'args' }
59 @{$usec->{'members'}} ];
61 $usec->{'members'} = [ { 'name' => 'args',
64 &save_section($conf, $usec);
66 elsif (&find("auth_userdb", $conf, 2)) {
68 &save_directive($conf, "auth_userdb", $userdb);
70 elsif (&find_value("driver", $conf, 2, "userdb")) {
72 $args = $userdb =~ s/\s+(\S.*)$// ? $1 : undef;
73 &save_directive($conf, "driver", $userdb, "userdb");
74 &save_directive($conf, "args", $args, "userdb");
78 &save_directive($conf, "userdb", $userdb, "auth", "default");
82 $passdb = $in{'passmode'};
83 if ($in{'passmode'} eq 'dpam') {
86 elsif ($in{'passmode'} eq 'pam') {
87 $in{'ppam'} =~ /^\S+$/ || &error($text{'login_edpam'});
88 if (defined($in{'ppam_ckey'}) && !$in{'ppam_ckey_def'}) {
89 $ckey = $in{'ppam_ckey'};
90 $ckey =~ /^\S+$/ || &error($text{'login_eckey'});
92 $passdb .= ($in{'ppam_session'} ? " -session" : "").
93 ($ckey ? " cache_key=$ckey" : "").
96 elsif ($in{'passmode'} eq 'passwd-file') {
97 -r $in{'ppasswdfile'} || &error($text{'login_epasswdfile'});
98 $passdb .= " ".$in{'ppasswdfile'};
100 elsif ($in{'passmode'} eq 'ldap') {
101 -r $in{'pldap'} || &error($text{'login_eldap'});
102 $passdb .= " ".$in{'pldap'};
104 elsif ($in{'passmode'} eq 'pgsql') {
105 -r $in{'ppgsql'} || &error($text{'login_epgsql'});
106 $passdb .= " ".$in{'ppgsql'};
108 elsif ($in{'passmode'} eq 'sql') {
109 -r $in{'psql'} || &error($text{'login_esql'});
110 $passdb .= " ".$in{'psql'};
112 elsif ($in{'passmode'} eq 'bsdauth') {
113 $in{'bsdauth_ckey_def'} || $in{'bsdauth_ckey'} =~ /^\S+$/ ||
114 &error($text{'login_eckey'});
115 $passdb .= " cache_key=$in{'bsdauth_ckey'}"
116 if (!$in{'bsdauth_ckey_def'});
118 elsif ($in{'passmode'} eq 'checkpassword') {
119 -x $in{'checkpassword'} || &error($text{'login_echeckpassword'});
120 $passdb .= " ".$in{'checkpassword'};
122 elsif ($in{'passmode'} eq '') {
123 $passdb = $in{'other'};
126 if ($psec = &find_section("passdb", $conf, undef, "auth", "default")) {
127 # Version 1.0.alpha format
128 ($svalue, $args) = split(/\s+/, $passdb, 2);
129 $psec->{'value'} = $svalue;
130 $psec->{'members'} = [ grep { $_->{'name'} ne 'args' }
131 @{$psec->{'members'}} ];
133 $psec->{'members'} = [ { 'name' => 'args',
134 'value' => $args } ];
136 &save_section($conf, $psec);
138 elsif (&find("auth_passdb", $conf, 2)) {
139 # Version 0.99 format
140 &save_directive($conf, "auth_passdb", $passdb);
142 elsif (&find_value("driver", $conf, 2, "passdb")) {
144 $args = $passdb =~ s/\s+(\S.*)$// ? $1 : undef;
145 &save_directive($conf, "driver", $passdb, "passdb");
146 &save_directive($conf, "args", $args, "passdb");
150 &save_directive($conf, "passdb", $passdb, "auth", "default");
153 # Allowed UIDs and GIDs
154 $in{'fuid_def'} || $in{'fuid'} =~ /^\d+$/ || &error($text{'login_efuid'});
155 &save_directive($conf, "first_valid_uid",
156 $in{'fuid_def'} ? undef : $in{'fuid'});
158 $in{'luid_def'} || $in{'luid'} =~ /^\d+$/ || &error($text{'login_eluid'});
159 &save_directive($conf, "last_valid_uid",
160 $in{'luid_def'} ? undef : $in{'luid'});
162 $in{'fgid_def'} || $in{'fgid'} =~ /^\d+$/ || &error($text{'login_efgid'});
163 &save_directive($conf, "first_valid_gid",
164 $in{'fgid_def'} ? undef : $in{'fgid'});
166 $in{'lgid_def'} || $in{'lgid'} =~ /^\d+$/ || &error($text{'login_elgid'});
167 &save_directive($conf, "last_valid_gid",
168 $in{'lgid_def'} ? undef : $in{'lgid'});
170 &save_directive($conf, "mail_extra_groups",
171 $in{'extra_def'} ? undef : $in{'extra'});
173 $in{'chroot_def'} || -d $in{'chroot'} || &error($text{'login_echroot'});
174 &save_directive($conf, "mail_chroot",
175 $in{'chroot_def'} ? undef : $in{'chroot'});
177 if (&find("login_max_processes_count", $conf, 2)) {
178 $in{'procs_def'} || $in{'procs'} =~ /^\d+$/ ||
179 &error($text{'login_eprocs'});
180 &save_directive($conf, "login_max_processes_count",
181 $in{'procs_def'} ? undef : $in{'procs'});
184 if (&find("login_processes_count", $conf, 2)) {
185 $in{'count_def'} || $in{'count'} =~ /^\d+$/ ||
186 &error($text{'login_ecount'});
187 &save_directive($conf, "login_processes_count",
188 $in{'count_def'} ? undef : $in{'count'});
192 &unlock_dovecot_files($conf);
193 &webmin_log("login");