基本上參考這一篇
http://www.roundcubeforum.net/index.php?topic=21861.0
之前實作的時候一直碰到密碼更改失敗的情況,看log也看不出所以然,只看到Unable to execute sudo。原來sudoers裡頭預設有"Defaults requiretty"這個設定,php在執行chpasswd是沒有console的,所以無法執行,照這篇文章修改就行。
1) enable password function
vi /var/www/html/roundcube/config/config.inc.php
- alter the following line as follows:
$config['plugins'] = array('password');
cd /var/www/html/roundcube/plugins/password
cp config.inc.php.dist config.inc.php
2) enable the password plugin
cd /var/www/html/roundcube/plugins/password
cp config.inc.php.dist config.inc.php
vi config.inc.php
- alter the following as follows:
$config['password_driver'] = 'chpasswd';
3) allow apache to run the script
visudo
- add to bottom
Defaults:apache !requiretty
apache ALL=(root) NOPASSWD: /usr/sbin/chpass-wrapper.py
4) add blacklisted users and minimum UID below
vi /var/www/html/roundcube/plugins/password/helpers/chpass-wrapper.py
BLACKLIST = (
# add blacklisted users here comma separated
'root'
)
if user.pw_uid < 494:
sys.exit('Changing the password for user id < 494 is forbidden')
5) copy the helper to executable directory & set make it executable
cp /var/www/html/roundcube/plugins/password/helpers/chpass-wrapper.py /usr/sbin
chmod 755 /usr/sbin/chpass-wrapper.py
6) alter the driver to run the helper which in turn runs the driver (wraps it)
vi /var/www/html/roundcube/plugins/password/config.inc.php
old:
$config['password_chpasswd_cmd'] = 'sudo /usr/sbin/chpasswd 2> /dev/null';
new:
$config['password_chpasswd_cmd'] = 'sudo /usr/sbin/chpass-wrapper.py 2> /dev/null';