Port details on branch 2022Q3 |
- courierpasswd User authentication and password changing utility
- 1.1.3_1 security =0 1.1.3_1Version of this port present on the latest quarterly branch.
- There is no maintainer for this port.
- Any concerns regarding this port should be directed to the FreeBSD Ports mailing list via ports@FreeBSD.org
- Port Added: 2006-05-01 20:46:48
- Last Update: 2024-02-25 12:55:02
- Commit Hash: 4176b20
- Also Listed In: mail
- License: GPLv2+
- WWW:
- http://www.arda.homeunix.net/downloads/
- Description:
- courierpasswd is an authentication and password changing utility
that uses the courier-authlib authentication library to find user credentials.
Its interface follows that of Daniel J. Bernstein's checkpassword program.
- ¦ ¦ ¦ ¦
- Manual pages:
- FreshPorts has no man page information for this port.
- pkg-plist: as obtained via:
make generate-plist - Dependency lines:
-
- courierpasswd>0:security/courierpasswd
- To install the port:
- cd /usr/ports/security/courierpasswd/ && make install clean
- To add the package, run one of these commands:
- pkg install security/courierpasswd
- pkg install courierpasswd
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.- PKGNAME: courierpasswd
- Flavors: there is no flavor information for this port.
- distinfo:
- SHA256 (courierpasswd-1.1.3.tar.gz) = b063d92b4416b79b830c65a99bc9aa90b80cd46fc42a7af310af749687501592
SIZE (courierpasswd-1.1.3.tar.gz) = 341024
Packages (timestamps in pop-ups are UTC):
- Dependencies
- NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
- Build dependencies:
-
- gmake>=4.3 : devel/gmake
- Library dependencies:
-
- libcourierauth.so : security/courier-authlib-base
- There are no ports dependent upon this port
Configuration Options:
- ===> The following configuration options are available for courierpasswd-1.1.3_1:
DOCS=on: Build and/or install documentation
===> Use 'make config' to modify these settings
- Options name:
- security_courierpasswd
- USES:
- gmake localbase
- pkg-message:
- For install:
- NOTES FOR RUNNING COURIERPASSWD
In order to use courierpasswd, it must be able to access the
authdaemon domain socket, named 'socket'. When courierpasswd runs as
root, this presents no problem. However, if you need to run courierpasswd
as a non-root user, you have three options, all of which require some
manual work.
Option 1: Add the user courierpasswd will run as the group that owns
the authdaemon socket directory in /etc/group. More than one user
can be added to the group vector in this way. This arrangement works
well if courierpasswd will be run by only a small number of users.
If the authdaemon socket directory is owned by courier:courier and you
run courierpasswd as user vmail, your /etc/group file will have a line
something like this:
courier:x:465:vmail
Option 2: Some programs, such as tcpserver, allow you to separately set
the uid and gid of programs they call but don't honour the group vector
found in /etc/group. If you invoke courierpasswd from such a program,
set the gid to the group ownership of the authdaemon socket directory.
For tcpserver, you could do something like this:
#!/bin/sh
QMAILUID=`/usr/bin/id -u qmaild`
COURIERGID=`/usr/bin/id -g courier`
exec /usr/local/bin/tcpserver -u "$QMAILUID" -g "$COURIERGID" \
0 smtp /var/qmail/bin/qmail-smtpd /usr/local/sbin/courierpasswd -- \
/usr/bin/true 2>&1
Option 3: Change the permissions on courierpasswd to set gid to the
group ownership of the socket directory. Again, if the socket directory
is owned by courier:courier, change the ownership and permissions
of courierpasswd like so:
chgrp courier courierpasswd
chmod g+s courierpasswd
Be aware that courierpasswd does not provide any max-failed-retry
functionality so it is possible for local users to perform dictionary
attacks against account passwords if courierpasswd is set up this way.
The location of the authdaemon domain socket is listed in the
authdaemonrc configuration file as the parameter authdaemonvar.
- Master Sites:
|