-This command creates the actual database, @userdb@.dat and -@userdb@shadow.dat from the plain text file +This command creates the actual database, @userdb@.db and +@userdb@shadow.db from the plain text file @userdb@. Courier will now start accepting logins to this mailbox. Adding and removing mailboxes can be done while Courier is running.

-Courier reads @userdb@.dat and -@userdb@shadow.dat only. The plain text source, +Courier reads @userdb@.db and +@userdb@shadow.db only. The plain text source, @userdb@ is not read by Courier itself. Changes take effect only when makeuserdb runs.

Large virtual domain farm

diff --git a/courier-authlib/authuserdb.c b/courier-authlib/authuserdb.c index 36006ca..4ab93f8 100644 --- a/courier-authlib/authuserdb.c +++ b/courier-authlib/authuserdb.c @@ -81,14 +81,14 @@ int rc; return (-1); userdb_set_debug(courier_authdebug_login_level); - userdb_init(USERDB ".dat"); + userdb_init(USERDB ".db"); if ( (u=userdb(cci.user)) == 0) { userdb_close(); return (-1); } - if ( (udbs=userdbshadow(USERDB "shadow.dat", cci.user)) == 0) + if ( (udbs=userdbshadow(USERDB "shadow.db", cci.user)) == 0) { free(u); userdb_close(); diff --git a/courier-authlib/authuserdbpwd.c b/courier-authlib/authuserdbpwd.c index 3a5be7b..ea553cc 100644 --- a/courier-authlib/authuserdbpwd.c +++ b/courier-authlib/authuserdbpwd.c @@ -242,7 +242,7 @@ static int dochangepwd1(const char *service, const char *uid, struct userdbs *udb; - udbs=userdbshadow(USERDB "shadow.dat", uid); + udbs=userdbshadow(USERDB "shadow.db", uid); if (!udbs) { @@ -293,7 +293,7 @@ static int dochangepwd1(const char *service, const char *uid, free(passwords); free(udbs); - userdb_init(USERDB ".dat"); + userdb_init(USERDB ".db"); if ( (u=userdb(uid)) == 0 || (udb=userdb_creates(u)) == 0) { diff --git a/courier-authlib/preauthuserdbcommon.c b/courier-authlib/preauthuserdbcommon.c index e39decb..3dc0fd3 100644 --- a/courier-authlib/preauthuserdbcommon.c +++ b/courier-authlib/preauthuserdbcommon.c @@ -34,7 +34,7 @@ char *passwords=0; int rc; userdb_set_debug(courier_authdebug_login_level); - userdb_init(USERDB ".dat"); + userdb_init(USERDB ".db"); /* We rely on DPRINTF doing 'safe' printing */ DPRINTF("userdb: looking up '%s'", userid); if ( (u=userdb(userid)) == 0) @@ -62,7 +62,7 @@ int rc; if (needpass) { - udbs=userdbshadow(USERDB "shadow.dat", userid); + udbs=userdbshadow(USERDB "shadow.db", userid); if (udbs) { @@ -128,7 +128,7 @@ void auth_userdb_enumerate( void(*cb_func)(const char *name, { struct userdbs *u; - userdb_init(USERDB ".dat"); + userdb_init(USERDB ".db"); for (u=userdb_enum_first(); u; u=userdb_enum_next()) { diff --git a/courier-authlib/userdb/makeuserdb.8.in b/courier-authlib/userdb/makeuserdb.8.in index 28f5094..37e5c06 100644 --- a/courier-authlib/userdb/makeuserdb.8.in +++ b/courier-authlib/userdb/makeuserdb.8.in @@ -42,19 +42,19 @@ makeuserdb \- create @userdb@ .PP \fBmakeuserdb\fR creates -@userdb@\&.dat +@userdb@\&.db from the contents of @userdb@\&. @userdb@\*(Aqs contents are described later in this document\&. Maildrop, Courier, and other applications use -@userdb@\&.dat +@userdb@\&.db as a substitute/complement for your system password file\&. The usual purpose for -@userdb@\&.dat +@userdb@\&.db is to specify "virtual" accounts \- accounts that do not have an associated system login\&. Usually (but not necessarily) all virtual accounts share the same system userid\&. -@userdb@\&.dat +@userdb@\&.db may also replace your system password file\&. Because the system password file is a text file, when there\*(Aqs a large number of accounts it will be significantly faster to search -@userdb\&.dat@, which is a binary database, instead of a flat text file that the system password file usually is\&. +@userdb\&.db@, which is a binary database, instead of a flat text file that the system password file usually is\&. .PP The \fBmakeuserdb\fR @@ -63,10 +63,10 @@ command can be safely executed during normal system activity\&. The \fB\-f\fR option creates -\fIfilename\fR\&.dat +\fIfilename\fR\&.db from \fIfilename\fR, instead of the default -@userdb@\&.dat +@userdb@\&.db from @userdb@\&. .SS "Format of @userdb@" @@ -100,7 +100,7 @@ is followed by exactly one tab character, then a list of field/value pairs separ is the name of the field, \fIvalue\fR is the field value\&. Fields and values themself cannot contain slashes or control characters\&. Fields may be specified in any order\&. Here are all the currently defined fields\&. Note that not every field is used by every application that reads -@userdb@\&.dat\&. +@userdb@\&.db\&. .PP \fIuid\fR \- @@ -159,14 +159,14 @@ Courier has a software\-based Maildir quota enforcement mechanism which requires additional setup and configuration\&. See \m[blue]\fB\fBmaildirquota\fR(7)\fR\m[]\&\s-2\u[2]\d\s+2 for additional information\&. -.SS "@userdb@shadow\&.dat" +.SS "@userdb@shadow\&.db" .PP All fields whose name ends with \*(Aqpw\*(Aq will NOT copied to -@userdb@\&.dat\&. These fields will be copied to -@userdb@shadow\&.dat\&. +@userdb@\&.db\&. These fields will be copied to +@userdb@shadow\&.db\&. \fBmakeuserdb\fR creates -@userdb@shadow\&.dat +@userdb@shadow\&.db without any group and world permissions\&. Note that \fBmakeuserdb\fR reports an error if @@ -199,7 +199,7 @@ After saving the output of \fBpw2userdb\fR, you must still run \fBmakeuserdb\fR to create -@userdb@\&.dat\&. +@userdb@\&.db\&. .PP \fBvchkpw2userdb\fR converts a vpopmail\-style directory hierarchy to the @@ -252,7 +252,7 @@ makeuserdb .PP It is still necessary to run \fBmakeuserdb\fR, of course, to create the binary database file -@userdb@\&.dat +@userdb@\&.db .PP NOTE: You are still required to create the \fB@userdb@\fR @@ -288,8 +288,8 @@ without having to go in and cleaning up again, afterwards\&. .\} .nf @userdb@ -@userdb@\&.dat -@userdb@shadow\&.dat +@userdb@\&.db +@userdb@shadow\&.db @tmpdir@/userdb\&.tmp \- temporary file @tmpdir@/userdbshadow\&.tmp \- temporary file .fi diff --git a/courier-authlib/userdb/makeuserdb.html.in b/courier-authlib/userdb/makeuserdb.html.in index c3797a4..c2f6705 100644 --- a/courier-authlib/userdb/makeuserdb.html.in +++ b/courier-authlib/userdb/makeuserdb.html.in @@ -5,31 +5,31 @@ Copyright 1998 - 2009 Double Precision, Inc. See COPYING for distribution information. -->

Name

makeuserdb — create @userdb@

Synopsis

makeuserdb [-f filename]

pw2userdb

vchkpw2userdb [--vpopmailhome=dir] [--todir=dir]

DESCRIPTION

-makeuserdb creates @userdb@.dat from +makeuserdb creates @userdb@.db from the contents of @userdb@. @userdb@'s contents are described later in this document. Maildrop, Courier, and other applications use -@userdb@.dat as a +@userdb@.db as a substitute/complement for your system password file. The usual purpose for -@userdb@.dat is to specify "virtual" accounts - accounts +@userdb@.db is to specify "virtual" accounts - accounts that do not have an associated system login. Usually (but not necessarily) all virtual accounts share the same system userid. -@userdb@.dat may also replace +@userdb@.db may also replace your system password file. Because the system password file is a text file, when there's a large number of accounts it will be significantly faster to search -@userdb.dat@, which is a binary database, +@userdb.db@, which is a binary database, instead of a flat text file that the system password file usually is.

The makeuserdb command can be safely executed during normal system activity.

The -f option creates -filename.dat from +filename.db from filename, instead of the -default @userdb@.dat from +default @userdb@.db from @userdb@.

Format of `@userdb@`

@userdb@ is a plain text file that can be created using any text editor. Blank lines are ignored. Lines that start with the # @@ -51,7 +51,7 @@ Fields and values themself cannot contain slashes or control characters. Fields may be specified in any order. Here are all the currently defined fields. Note that not every field is used by every application that reads -@userdb@.dat.

+@userdb@.db.
uid - value is a (possibly) unique numerical user ID for this account.
gid - value is a (possibly) @@ -92,11 +92,11 @@ software-based Maildir quota enforcement mechanism which requires additional setup and configuration. See maildirquota(7) -for additional information.

`@userdb@shadow.dat`

+for additional information.

`@userdb@shadow.db`

All fields whose name ends with 'pw' will NOT copied to -@userdb@.dat. These fields will be copied to -@userdb@shadow.dat. -makeuserdb creates @userdb@shadow.dat +@userdb@.db. These fields will be copied to +@userdb@shadow.db. +makeuserdb creates @userdb@shadow.db without any group and world permissions. Note that makeuserdb reports an error if @userdb@ has any group @@ -119,7 +119,7 @@ amount of time it takes to look up this information.

After saving the output of pw2userdb, you must still run makeuserdb to create -@userdb@.dat.

+@userdb@.db.

vchkpw2userdb converts a vpopmail-style directory hierarchy to the @userdb@ format. This is an external virtual domain management package that's often used @@ -152,7 +152,7 @@ vchkpw2userdb --todir=@userdb@/vpopmail
makeuserdb

It is still necessary to run makeuserdb, of course, to -create the binary database file @userdb@.dat

+create the binary database file @userdb@.db

NOTE: You are still required to create the @userdb@ entry which maps system userids back to accounts, @@ -179,8 +179,8 @@ This allows you to run vchkpw2userdb without having to go in and cleaning up again, afterwards.

BUGS

makeuserdb is a Perl script, and uses Perl's portable diff --git a/courier-authlib/userdb/makeuserdb.in b/courier-authlib/userdb/makeuserdb.in index 4765309..20c1bb4 100644 --- a/courier-authlib/userdb/makeuserdb.in +++ b/courier-authlib/userdb/makeuserdb.in @@ -26,10 +26,10 @@ if ($name eq "-f") { $dbfile=~s/\/$//; } -$datfile=$dbfile.".dat"; +$datfile=$dbfile.".db"; # XXX the lock file here is etc/userdb.lock but the userdb command uses etc/.lock.userdb $lockfile=$dbfile.".lock"; -$shadowfile=$dbfile."shadow.dat"; +$shadowfile=$dbfile."shadow.db"; $tmpdatfile=$dbfile.".tmp"; $tmpshadowfile=$dbfile."shadow.tmp"; diff --git a/courier-authlib/userdb/userdb.8.in b/courier-authlib/userdb/userdb.8.in index 890f832..16e4919 100644 --- a/courier-authlib/userdb/userdb.8.in +++ b/courier-authlib/userdb/userdb.8.in @@ -179,16 +179,16 @@ userdb postmaster@test\&.испытание set \e .if n \{\ .RE .\} -.SS "REBUILDING @userdb@\&.dat" +.SS "REBUILDING @userdb@\&.db" .PP The actual virtual account/address database is -@userdb@\&.dat\&. This is a binary database file\&. +@userdb@\&.db\&. This is a binary database file\&. \fB@userdb@\fR is the plain text version\&. After running \fBuserdb\fR, execute the \m[blue]\fB\fBmakeuserdb\fR(8)\fR\m[]\&\s-2\u[1]\d\s+2 command to rebuild -@userdb@\&.dat +@userdb@\&.db for the changes to take effect\&. .SH "BUGS" .PP diff --git a/courier-authlib/userdb/userdb.c b/courier-authlib/userdb/userdb.c index e5a6066..1e0bd07 100644 --- a/courier-authlib/userdb/userdb.c +++ b/courier-authlib/userdb/userdb.c @@ -26,7 +26,7 @@ static ino_t di; static int initialized=0; int userdb_debug_level=0; -/* Open userdb.dat, if already opened, see if it changed, if so reopen */ +/* Open userdb.db, if already opened, see if it changed, if so reopen */ void userdb_init(const char *n) { @@ -89,7 +89,7 @@ void userdb_set_debug(int lvl) userdb_debug_level = lvl; } -/* Fetch a record from userdb.dat */ +/* Fetch a record from userdb.db */ char *userdb(const char *u) { @@ -305,7 +305,7 @@ struct userdbs *userdb_enum_next() return NULL; } -/* Extracted a userdb.dat record, convert it to a userdbs structure */ +/* Extracted a userdb.db record, convert it to a userdbs structure */ struct userdbs *userdb_creates(const char *u) { diff --git a/courier-authlib/userdb/userdb.h b/courier-authlib/userdb/userdb.h index 3b2690a..db450fe 100644 --- a/courier-authlib/userdb/userdb.h +++ b/courier-authlib/userdb/userdb.h @@ -14,7 +14,7 @@ extern "C" { #endif /* - Functions to access local/config/userdb.dat + Functions to access local/config/userdb.db */ void userdb_set_debug(int); diff --git a/courier-authlib/userdb/userdb.html.in b/courier-authlib/userdb/userdb.html.in index a2af5e5..1cf338c 100644 --- a/courier-authlib/userdb/userdb.html.in +++ b/courier-authlib/userdb/userdb.html.in @@ -86,13 +86,13 @@ all the fields in @userdb@ for this international domain name:

userdb postmaster@test.испытание set \
- home=/home/postmaster.test.com uid=999 gid=999

BUGS

addr must be unique. If @userdb@ is a subdirectory, it's possible to create the same diff --git a/courier-authlib/userdb/userdbpw.8.in b/courier-authlib/userdb/userdbpw.8.in index bfd8ab4..f3074d8 100644 --- a/courier-authlib/userdb/userdbpw.8.in +++ b/courier-authlib/userdb/userdbpw.8.in @@ -65,11 +65,11 @@ uses the SHA1 hash function instead\&. Whether either HMAC function is actually library\&. .PP Note that even though the result of HMAC hashing looks like an encrypted password, it\*(Aqs really not\&. HMAC\-based challenge/response authentication mechanisms require the cleartext password to be available as cleartext\&. Computing an intermediate HMAC context does scramble the cleartext password, however if its compromised, it WILL be possible for an attacker to succesfully authenticate\&. Therefore, applications that use challenge/response authentication will store intermediate HMAC contexts in the "pw" fields in the userdb database, which will be compiled into the -userdbshadow\&.dat +userdbshadow\&.db database, which has group and world permissions turned off\&. The userdb library also requires that the cleartext userdb source for the -userdb\&.dat +userdb\&.db and -userdbshadow\&.dat +userdbshadow\&.db databases is also stored with the group and world permissions turned off\&. .PP \fBuserdbpw\fR diff --git a/courier-authlib/userdb/userdbpw.html.in b/courier-authlib/userdb/userdbpw.html.in index d2424c5..b385bb8 100644 --- a/courier-authlib/userdb/userdbpw.html.in +++ b/courier-authlib/userdb/userdbpw.html.in @@ -27,11 +27,11 @@ however if its compromised, it WILL be possible for an attacker to succesfully authenticate. Therefore, applications that use challenge/response authentication will store intermediate HMAC contexts in the "pw" fields in the userdb database, which will be compiled into the -userdbshadow.dat +userdbshadow.db database, which has group and world permissions turned off. The userdb library also requires that the cleartext userdb source for the -userdb.dat and -userdbshadow.dat databases is also stored with the +userdb.db and +userdbshadow.db databases is also stored with the group and world permissions turned off.

userdbpw is usually used together in a pipe with userdb, which reads from standard input. For example:

userdbpw -md5 | userdb users/john set systempw

or:

userdbpw -hmac-md5 | userdb users/john set hmac-md5pw

These commands set the systempw field in the record for the user john in @userdb@/users file, and the -- 2.33.0

Large virtual domain farm

Name

Synopsis

DESCRIPTION

Format of `@userdb@`

`@userdb@shadow.dat`

`@userdb@shadow.db`

FILES

BUGS

REBUILDING `@userdb@.dat`

REBUILDING `@userdb@.db`

BUGS

BUGS

Large virtual domain farm

Name

Synopsis

DESCRIPTION

Format of @userdb@

@userdb@shadow.dat

@userdb@shadow.db

FILES

BUGS

REBUILDING @userdb@.dat

REBUILDING @userdb@.db

BUGS

BUGS

Format of `@userdb@`

`@userdb@shadow.dat`

`@userdb@shadow.db`

REBUILDING `@userdb@.dat`

REBUILDING `@userdb@.db`