cgipaf/INSTALL at master · stafwag/cgipaf · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
NOTE

    Please make a backup of your password files ( /etc/passwd, /etc/shadow,
    /etc/oshadow ) before you try this program.

SUPPORTED SYSTEMS

    cgipaf has been tested with Debian GNU/Linux, Solaris 10 and should work
    on other Un*ces with pam support. Systems without pam support are only
    supported if they use the standard password file location /etc/passwd
    /etc/shadow and standard crypt or md5 passwords.

    FreeBSD and NetBSD are supported, OpenBSD is not (yet) supported.

    PAM support is enabled on FreeBSD 7.3 or above and NetBSD 6 or above.

    GNU make is required to build cgipaf on a BSD system.

    Operating systems are automatically detected by configure.

    CGIpaf depends on the ndbm or compatible library. The GNU dbm library
    is also supported and is automatically detected by configure.


INSTALLATION

    If you have library/include files installed on non-default location e.g.
    /usr/local/lib /usr/local/include set LDFLAGS and CFLAGS environment
    variables.

	# export CFLAGS="-I /usr/local/include"
	# export LDFLAGS="-L /usr/local/lib"

    type:

	# ./configure --bindir=/usr/local/apache/cgi-bin \
                      --datadir=/etc/cgipaf/data \
                      --sysconfdir=/etc/cgipaf

    Update the above command with your real cgi-bin directory.

    This will create Makefile, install.sh and config.h

    If you want to disable pam support you can add "--disable-pam"
    configure should normally detect pam and no-pam systems.


    type:
          make

    To compile the sources.

    type:
	  make install

    The installation script will install "passwd.cgi","viewmailcfg.cgi" and
    "mailcfg.cgi" in cgi-bin, copy "php/*.php" in the data directory, and
    create a sample config file.

    "passwd.cgi", "viewmailcfg.cgi", "mailcfg.cgi"  should have the following
    permissions:

    -r-sr-xr-x    1 root     root        33391 Aug 10 22:16 mailcfg.cgi
    -r-sr-xr-x    1 root     root        30333 Aug 10 22:16 passwd.cgi
    -r-sr-xr-x    1 root     root        34658 Aug 10 22:16 viewmailcfg.cgi

    and owned by root.

    CGIpaf uses "/cgi-bin" in his action fields, if you use another cgi-bin
    location ( /cgi-bin/cgipaf )
    you have to update:

      cgipasswd_top.php
      mailcfg_form.php
      mailcfg_login.php

CONFIGURATION

    The configuration file ( cgipaf.conf ) allow you to set several options
    see Configuration.html for more information.

    If you're upgrading from a previous version of CGIpaf with cracklib enabled
    in cgipaf.conf you have to set cracklib_dictpath to your cracklib dictpath.

    The cracklib_dictpath is the path to the dictionary filename without the
    extension ( .pwi ), not the directory path.

    With the "pam_service" directive you can set the pam service name, if not
    set "passwd" is used. The passwd pam service ( /etc/pam.d/passwd ) usually
    doesn't have an entry for user authentication, therefor /etc/pam.d/other
    has to have a line auth set to pam_unix.so.

    auth     required       pam_unix.so
    account  required       pam_unix.so

    If you don't like this for security reason etc, you can set the pam_service
    directive to "cgipaf" and create the file /etc/pam.d/cgipaf that looks like
    this

    auth     required       pam_unix.so
    account  required       pam_unix.so
    password required       pam_unix.so md5

    Or better copy your system passwd configuration and the entries for
    "auth" and "account"

    If your system has a single PAM configuration file (usually /etc/pam.conf)
    you've to update /etc/pam.conf.

    If your system don't support md5 passwords remove md5 in the password line.

    passwd.cgi should support all pam options in the PAM configuration
    (cracklib, minimum/ maximum password length etc.).

    CGIpaf deletes the user's .procmailrc! If your users use procmail to
    distribute their mailings-lists into separate mailboxes etc, it is possible
    to copy the user's .procmailrc to a backup file and copy it back when
    mail-forwarding and autoreply is disabled. Set "use_statefile" to "yes" to
    avoid that the original procmail config confuses CGIpaf and use
    "run_before_mailcfg" to copy the user's procmail config to a backup file
    and "run_after_mailcfg" to restore it. See Configuration.html for more
    information.

    Examples with vacation support are available in the examples directory

THAT'S ALL FOLKS

    Point your browser to http://your_webserver/cgi-bin/passwd.cgi or
    http://your_webserver/cgi-bin/viewmailcfg.cgi and enjoy

COPYRIGHT NOTICE

   The documentation for CGIpaf is licensed under the terms of
   the FreeBSD Documentation License.

   The FreeBSD Documentation License

   Copyright (c) 2001 - 2020 Staf Wagemakers

   Redistribution and use in source (plaintext, HTML) and 'compiled' forms
   (SGML, HTML, PDF, PostScript, RTF and so forth) with or without
   modification, are permitted provided that the following conditions are
   met:

   1. Redistributions of source code (plaintext, HTML) must retain the
      above copyright notice, this list of conditions and the following
      disclaimer.

   2. Redistributions in compiled form (transformed to other DTDs,
      converted to PDF, PostScript, RTF and other formats) must reproduce
      the above copyright notice, this list of conditions and the following
      disclaimer in the documentation and/or other materials provided with
      the distribution.

   THIS DOCUMENTATION IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
   WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
   MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
   IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
   DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
   GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
   INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
   IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
   OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,
   EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.