From 532de231b64fdf83df07cfe3f49161d2eb60903e Mon Sep 17 00:00:00 2001
From: "Konstantin A. Lepikhov" systempw
too.
Finally, compile the database:
# makeuserdb
-This command creates the actual database, @userdb@.dat
and
-@userdb@shadow.dat
from the plain text file
+This command creates the actual database, @userdb@.db
and
+@userdb@shadow.db
from the plain text file
@userdb@
. Courier will now start accepting logins to this
mailbox. Adding and removing mailboxes can be done while Courier is
running.
-Courier reads @userdb@.dat
and
-@userdb@shadow.dat
only. The plain text source,
+Courier reads @userdb@.db
and
+@userdb@shadow.db
only. The plain text source,
@userdb@
is not read by Courier itself. Changes take
effect
only when makeuserdb runs.
diff --git a/courier-authlib/authuserdb.c b/courier-authlib/authuserdb.c index 36006ca..4ab93f8 100644 --- a/courier-authlib/authuserdb.c +++ b/courier-authlib/authuserdb.c @@ -81,14 +81,14 @@ int rc; return (-1); userdb_set_debug(courier_authdebug_login_level); - userdb_init(USERDB ".dat"); + userdb_init(USERDB ".db"); if ( (u=userdb(cci.user)) == 0) { userdb_close(); return (-1); } - if ( (udbs=userdbshadow(USERDB "shadow.dat", cci.user)) == 0) + if ( (udbs=userdbshadow(USERDB "shadow.db", cci.user)) == 0) { free(u); userdb_close(); diff --git a/courier-authlib/authuserdbpwd.c b/courier-authlib/authuserdbpwd.c index 3a5be7b..ea553cc 100644 --- a/courier-authlib/authuserdbpwd.c +++ b/courier-authlib/authuserdbpwd.c @@ -242,7 +242,7 @@ static int dochangepwd1(const char *service, const char *uid, struct userdbs *udb; - udbs=userdbshadow(USERDB "shadow.dat", uid); + udbs=userdbshadow(USERDB "shadow.db", uid); if (!udbs) { @@ -293,7 +293,7 @@ static int dochangepwd1(const char *service, const char *uid, free(passwords); free(udbs); - userdb_init(USERDB ".dat"); + userdb_init(USERDB ".db"); if ( (u=userdb(uid)) == 0 || (udb=userdb_creates(u)) == 0) { diff --git a/courier-authlib/preauthuserdbcommon.c b/courier-authlib/preauthuserdbcommon.c index e39decb..3dc0fd3 100644 --- a/courier-authlib/preauthuserdbcommon.c +++ b/courier-authlib/preauthuserdbcommon.c @@ -34,7 +34,7 @@ char *passwords=0; int rc; userdb_set_debug(courier_authdebug_login_level); - userdb_init(USERDB ".dat"); + userdb_init(USERDB ".db"); /* We rely on DPRINTF doing 'safe' printing */ DPRINTF("userdb: looking up '%s'", userid); if ( (u=userdb(userid)) == 0) @@ -62,7 +62,7 @@ int rc; if (needpass) { - udbs=userdbshadow(USERDB "shadow.dat", userid); + udbs=userdbshadow(USERDB "shadow.db", userid); if (udbs) { @@ -128,7 +128,7 @@ void auth_userdb_enumerate( void(*cb_func)(const char *name, { struct userdbs *u; - userdb_init(USERDB ".dat"); + userdb_init(USERDB ".db"); for (u=userdb_enum_first(); u; u=userdb_enum_next()) { diff --git a/courier-authlib/userdb/makeuserdb.8.in b/courier-authlib/userdb/makeuserdb.8.in index 28f5094..37e5c06 100644 --- a/courier-authlib/userdb/makeuserdb.8.in +++ b/courier-authlib/userdb/makeuserdb.8.in @@ -42,19 +42,19 @@ makeuserdb \- create @userdb@ .PP \fBmakeuserdb\fR creates -@userdb@\&.dat +@userdb@\&.db from the contents of @userdb@\&. @userdb@\*(Aqs contents are described later in this document\&. Maildrop, Courier, and other applications use -@userdb@\&.dat +@userdb@\&.db as a substitute/complement for your system password file\&. The usual purpose for -@userdb@\&.dat +@userdb@\&.db is to specify "virtual" accounts \- accounts that do not have an associated system login\&. Usually (but not necessarily) all virtual accounts share the same system userid\&. -@userdb@\&.dat +@userdb@\&.db may also replace your system password file\&. Because the system password file is a text file, when there\*(Aqs a large number of accounts it will be significantly faster to search -@userdb\&.dat@, which is a binary database, instead of a flat text file that the system password file usually is\&. +@userdb\&.db@, which is a binary database, instead of a flat text file that the system password file usually is\&. .PP The \fBmakeuserdb\fR @@ -63,10 +63,10 @@ command can be safely executed during normal system activity\&. The \fB\-f\fR option creates -\fIfilename\fR\&.dat +\fIfilename\fR\&.db from \fIfilename\fR, instead of the default -@userdb@\&.dat +@userdb@\&.db from @userdb@\&. .SS "Format of @userdb@" @@ -100,7 +100,7 @@ is followed by exactly one tab character, then a list of field/value pairs separ is the name of the field, \fIvalue\fR is the field value\&. Fields and values themself cannot contain slashes or control characters\&. Fields may be specified in any order\&. Here are all the currently defined fields\&. Note that not every field is used by every application that reads -@userdb@\&.dat\&. +@userdb@\&.db\&. .PP \fIuid\fR \- @@ -159,14 +159,14 @@ Courier has a software\-based Maildir quota enforcement mechanism which requires additional setup and configuration\&. See \m[blue]\fB\fBmaildirquota\fR(7)\fR\m[]\&\s-2\u[2]\d\s+2 for additional information\&. -.SS "@userdb@shadow\&.dat" +.SS "@userdb@shadow\&.db" .PP All fields whose name ends with \*(Aqpw\*(Aq will NOT copied to -@userdb@\&.dat\&. These fields will be copied to -@userdb@shadow\&.dat\&. +@userdb@\&.db\&. These fields will be copied to +@userdb@shadow\&.db\&. \fBmakeuserdb\fR creates -@userdb@shadow\&.dat +@userdb@shadow\&.db without any group and world permissions\&. Note that \fBmakeuserdb\fR reports an error if @@ -199,7 +199,7 @@ After saving the output of \fBpw2userdb\fR, you must still run \fBmakeuserdb\fR to create -@userdb@\&.dat\&. +@userdb@\&.db\&. .PP \fBvchkpw2userdb\fR converts a vpopmail\-style directory hierarchy to the @@ -252,7 +252,7 @@ makeuserdb .PP It is still necessary to run \fBmakeuserdb\fR, of course, to create the binary database file -@userdb@\&.dat +@userdb@\&.db .PP NOTE: You are still required to create the \fB@userdb@\fR @@ -288,8 +288,8 @@ without having to go in and cleaning up again, afterwards\&. .\} .nf @userdb@ -@userdb@\&.dat -@userdb@shadow\&.dat +@userdb@\&.db +@userdb@shadow\&.db @tmpdir@/userdb\&.tmp \- temporary file @tmpdir@/userdbshadow\&.tmp \- temporary file .fi diff --git a/courier-authlib/userdb/makeuserdb.html.in b/courier-authlib/userdb/makeuserdb.html.in index c3797a4..c2f6705 100644 --- a/courier-authlib/userdb/makeuserdb.html.in +++ b/courier-authlib/userdb/makeuserdb.html.in @@ -5,31 +5,31 @@ Copyright 1998 - 2009 Double Precision, Inc. See COPYING for distribution information. -->
makeuserdb — create @userdb@
makeuserdb
[-f filename
]
pw2userdb
vchkpw2userdb
[--vpopmailhome=dir
] [--todir=dir
]
-makeuserdb creates @userdb@.dat
from
+makeuserdb creates @userdb@.db
from
the contents of @userdb@
.
@userdb@
's contents are described later in this document.
Maildrop,
Courier, and other applications use
-@userdb@.dat
as a
+@userdb@.db
as a
substitute/complement for your system password file.
The usual purpose for
-@userdb@.dat
is to specify "virtual" accounts - accounts
+@userdb@.db
is to specify "virtual" accounts - accounts
that do
not have an associated system login.
Usually (but not necessarily) all virtual accounts share the same
system userid.
-@userdb@.dat
may also replace
+@userdb@.db
may also replace
your system password file. Because the system password file is a text file,
when there's a large number of accounts it will be significantly faster to
search
-@userdb.dat@
, which is a binary database,
+@userdb.db@
, which is a binary database,
instead of a flat text file that the system password file usually is.
The makeuserdb command can be safely executed during normal system activity.
The -f
option creates
-
from
+filename
.dat
from
filename
.db
, instead of the
-default filename
@userdb@.dat
from
+default @userdb@.db
from
@userdb@
.
@userdb@
@userdb@
is a plain text file that can be created using
any text editor. Blank lines are ignored. Lines that start with the #
@@ -51,7 +51,7 @@ Fields and values themself cannot contain slashes or control characters.
Fields may be
specified in any order. Here are all the currently defined fields. Note that
not every field is used by every application that reads
-@userdb@.dat
.
+
@userdb@.db
.
uid
-value
is a (possibly) unique numerical user ID for this account.
gid
-value
is a (possibly) @@ -92,11 +92,11 @@ software-based Maildir quota enforcement mechanism which requires additional setup and configuration. See maildirquota(7) -for additional information.
@userdb@shadow.db
All fields whose name ends with 'pw' will NOT copied to
-@userdb@.dat
. These fields will be copied to
-@userdb@shadow.dat
.
-makeuserdb creates @userdb@shadow.dat
+@userdb@.db
. These fields will be copied to
+@userdb@shadow.db
.
+makeuserdb creates @userdb@shadow.db
without any group and world permissions.
Note that makeuserdb reports an error
if @userdb@ has any group
@@ -119,7 +119,7 @@ amount of
time it takes to look up this information.
After saving the output of pw2userdb, you must still run
makeuserdb to create
-@userdb@.dat
.
+@userdb@.db
.
vchkpw2userdb converts a vpopmail-style
directory hierarchy to the @userdb@
format.
This is an external virtual domain management package that's often used
@@ -152,7 +152,7 @@ vchkpw2userdb --todir=@userdb@/vpopmail
makeuserdb
It is still necessary to run makeuserdb, of course, to
-create the binary database file @userdb@.dat
+create the binary database file @userdb@.db
NOTE: You are still required to create the @userdb@ entry which maps system userids back to accounts, @@ -179,8 +179,8 @@ This allows you to run vchkpw2userdb without having to go in and cleaning up again, afterwards.
@userdb@
-@userdb@.dat
-@userdb@shadow.dat
+@userdb@.db
+@userdb@shadow.db
@tmpdir@/userdb.tmp
- temporary file
@tmpdir@/userdbshadow.tmp
- temporary file
makeuserdb is a Perl script, and uses Perl's portable
diff --git a/courier-authlib/userdb/makeuserdb.in b/courier-authlib/userdb/makeuserdb.in
index 4765309..20c1bb4 100644
--- a/courier-authlib/userdb/makeuserdb.in
+++ b/courier-authlib/userdb/makeuserdb.in
@@ -26,10 +26,10 @@ if ($name eq "-f") {
$dbfile=~s/\/$//;
}
-$datfile=$dbfile.".dat";
+$datfile=$dbfile.".db";
# XXX the lock file here is etc/userdb.lock but the userdb command uses etc/.lock.userdb
$lockfile=$dbfile.".lock";
-$shadowfile=$dbfile."shadow.dat";
+$shadowfile=$dbfile."shadow.db";
$tmpdatfile=$dbfile.".tmp";
$tmpshadowfile=$dbfile."shadow.tmp";
diff --git a/courier-authlib/userdb/userdb.8.in b/courier-authlib/userdb/userdb.8.in
index 890f832..16e4919 100644
--- a/courier-authlib/userdb/userdb.8.in
+++ b/courier-authlib/userdb/userdb.8.in
@@ -179,16 +179,16 @@ userdb postmaster@test\&.испытание set \e
.if n \{\
.RE
.\}
-.SS "REBUILDING @userdb@\&.dat"
+.SS "REBUILDING @userdb@\&.db"
.PP
The actual virtual account/address database is
-@userdb@\&.dat\&. This is a binary database file\&.
+@userdb@\&.db\&. This is a binary database file\&.
\fB@userdb@\fR
is the plain text version\&. After running
\fBuserdb\fR, execute the
\m[blue]\fB\fBmakeuserdb\fR(8)\fR\m[]\&\s-2\u[1]\d\s+2
command to rebuild
-@userdb@\&.dat
+@userdb@\&.db
for the changes to take effect\&.
.SH "BUGS"
.PP
diff --git a/courier-authlib/userdb/userdb.c b/courier-authlib/userdb/userdb.c
index e5a6066..1e0bd07 100644
--- a/courier-authlib/userdb/userdb.c
+++ b/courier-authlib/userdb/userdb.c
@@ -26,7 +26,7 @@ static ino_t di;
static int initialized=0;
int userdb_debug_level=0;
-/* Open userdb.dat, if already opened, see if it changed, if so reopen */
+/* Open userdb.db, if already opened, see if it changed, if so reopen */
void userdb_init(const char *n)
{
@@ -89,7 +89,7 @@ void userdb_set_debug(int lvl)
userdb_debug_level = lvl;
}
-/* Fetch a record from userdb.dat */
+/* Fetch a record from userdb.db */
char *userdb(const char *u)
{
@@ -305,7 +305,7 @@ struct userdbs *userdb_enum_next()
return NULL;
}
-/* Extracted a userdb.dat record, convert it to a userdbs structure */
+/* Extracted a userdb.db record, convert it to a userdbs structure */
struct userdbs *userdb_creates(const char *u)
{
diff --git a/courier-authlib/userdb/userdb.h b/courier-authlib/userdb/userdb.h
index 3b2690a..db450fe 100644
--- a/courier-authlib/userdb/userdb.h
+++ b/courier-authlib/userdb/userdb.h
@@ -14,7 +14,7 @@ extern "C" {
#endif
/*
- Functions to access local/config/userdb.dat
+ Functions to access local/config/userdb.db
*/
void userdb_set_debug(int);
diff --git a/courier-authlib/userdb/userdb.html.in b/courier-authlib/userdb/userdb.html.in
index a2af5e5..1cf338c 100644
--- a/courier-authlib/userdb/userdb.html.in
+++ b/courier-authlib/userdb/userdb.html.in
@@ -86,13 +86,13 @@ all the fields in @userdb@
for this
international domain name:
userdb postmaster@test.испытание set \
- home=/home/postmaster.test.com uid=999 gid=999
@userdb@.db
The actual virtual account/address database is
-@userdb@.dat
.
+@userdb@.db
.
This is a binary database file. @userdb@ is the plain text
version. After running userdb, execute the
makeuserdb(8) command to rebuild
-@userdb@.dat
for the changes to take effect.
must be unique.
If addr
@userdb@
is a subdirectory,
it's possible to create the same
diff --git a/courier-authlib/userdb/userdbpw.8.in b/courier-authlib/userdb/userdbpw.8.in
index bfd8ab4..f3074d8 100644
--- a/courier-authlib/userdb/userdbpw.8.in
+++ b/courier-authlib/userdb/userdbpw.8.in
@@ -65,11 +65,11 @@ uses the SHA1 hash function instead\&. Whether either HMAC function is actually
library\&.
.PP
Note that even though the result of HMAC hashing looks like an encrypted password, it\*(Aqs really not\&. HMAC\-based challenge/response authentication mechanisms require the cleartext password to be available as cleartext\&. Computing an intermediate HMAC context does scramble the cleartext password, however if its compromised, it WILL be possible for an attacker to succesfully authenticate\&. Therefore, applications that use challenge/response authentication will store intermediate HMAC contexts in the "pw" fields in the userdb database, which will be compiled into the
-userdbshadow\&.dat
+userdbshadow\&.db
database, which has group and world permissions turned off\&. The userdb library also requires that the cleartext userdb source for the
-userdb\&.dat
+userdb\&.db
and
-userdbshadow\&.dat
+userdbshadow\&.db
databases is also stored with the group and world permissions turned off\&.
.PP
\fBuserdbpw\fR
diff --git a/courier-authlib/userdb/userdbpw.html.in b/courier-authlib/userdb/userdbpw.html.in
index d2424c5..b385bb8 100644
--- a/courier-authlib/userdb/userdbpw.html.in
+++ b/courier-authlib/userdb/userdbpw.html.in
@@ -27,11 +27,11 @@ however if its compromised, it WILL be possible for an attacker to succesfully
authenticate. Therefore, applications that use challenge/response
authentication will store intermediate HMAC contexts in the "pw" fields in the
userdb database, which will be compiled into the
-userdbshadow.dat
+userdbshadow.db
database, which has group and world permissions turned off. The
userdb library also requires that the cleartext userdb source for the
-userdb.dat
and
-userdbshadow.dat
databases is also stored with the
+userdb.db
and
+userdbshadow.db
databases is also stored with the
group and world permissions turned off.
userdbpw is usually used together in a pipe with userdb, which reads from standard input. For example:
userdbpw -md5 | userdb users/john set systempw
or:
userdbpw -hmac-md5 | userdb users/john set hmac-md5pw
These commands set the systempw
field in the record for
the user john
in @userdb@/users
file, and the
--
2.33.0