Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Email Authentication Data

Discussion in 'E-mail Discussion' started by beddo, Sep 21, 2011.

  1. beddo

    beddo Well-Known Member

    Joined:
    Jan 19, 2007
    Messages:
    161
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    England
    cPanel Access Level:
    DataCenter Provider
    Hi folks,

    Long story in the short form, I'm adding redundancy to my mail setup.

    I am looking for a way to copy the email authentication data from a WHM server to be used with Exim on another server.

    Exim uses dovecot through /var/run/dovecot/auth-client to authenticate, so the question then become where does dovecot keep its auth data and how to I access it?

    The key file seems to be: /usr/local/cpanel/bin/dovecot-auth

    If I was to synch this file (say every 30 minutes) to a separate instance of dovecot running on the none WHM server and use the same auth in Exim, would authentication thus be synched?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,609
    Likes Received:
    32
    Trophy Points:
    238
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    The files are in /home/username/etc/domain.com location for the username and passwords (passwd and shadow files there). You would only be copying the binary if you copied /usr/local/cpanel/bin/dovecot-auth file.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. beddo

    beddo Well-Known Member

    Joined:
    Jan 19, 2007
    Messages:
    161
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    England
    cPanel Access Level:
    DataCenter Provider
    Thanks for that, many files makes it more complicated - but not impossible.

    So my next theory would be a script that checks for /home/*/etc/*/passwd and /home/*/etc/*/shadow and merges all the results into one passwd and one shadow file.

    Transport that over and somehow make Exim use it.

    If I do come up with a solution I'll make sure to put it up here.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. beddo

    beddo Well-Known Member

    Joined:
    Jan 19, 2007
    Messages:
    161
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    England
    cPanel Access Level:
    DataCenter Provider
    In case anyone is interested, the following perl script collects all the relevant information from my system and puts it into an exim passwd file. It then needs to be copied to the exim server (copy as /etc/exim/passwd and Exim set up to use PAM with that file).

    It may need some modifications depending on system config. I had to put an if in to detect if the path began with /usr or /home for mine and the temp array numbers may vary depending on your paths too.

    Code:
    #!/usr/local/bin/perl
    
    use strict;
    
    my @outputfile;
    my $fname = "/root/passwdcollect";
    if (-e $fname) { unlink($fname); }
    
    my @passwd_list = `find /home/*/etc/*/passwd`;
    my @shadow_list = `find /home/*/etc/*/shadow`;
    
    my @fullpw =();
    my %fullsh =();
    
    foreach (@passwd_list) {
            open (PWLIST, "<$_");
            @fullpw= (@fullpw, <PWLIST>);
    }
    
    foreach (@shadow_list) {
            open (PWLIST, "<$_");
            while ( <PWLIST> ) {
                    my @temp = split(/:/,$_);
                    $fullsh{$temp[0]} = $temp[1];
            }
    }
    
    foreach (@fullpw) {
            my @temp = split(/:/,$_);
            my @temp2 = split(/\//,$temp[5]);
            if ($temp2[1] eq "usr") {
                    push(@outputfile, $temp2[6],"@",$temp2[5],":",$fullsh{$temp2[6]},"::\n");
    
            }
            if ($temp2[1] eq "home") {
                    push(@outputfile, $temp2[5],"@",$temp2[4],":",$fullsh{$temp2[5]},"::\n");
            }
    }
    
    open my $FH,">>$fname" or die "Can't open $fname: $!";
    foreach( @outputfile) {
            print $FH $_;
    }
    close $FH
    
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #4 beddo, Sep 25, 2011
    Last edited: Sep 25, 2011
  5. beddo

    beddo Well-Known Member

    Joined:
    Jan 19, 2007
    Messages:
    161
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    England
    cPanel Access Level:
    DataCenter Provider
    Please don't use the script in the last post it has a fairly major bug. If the same alias exists under multiple domains it will record the password for the last one it finds against all of those aliases!

    This one works much better. I've also had to modify it to include /home2 as for some random reason one of the accounts uses that despite everything being told otherwise.

    Code:
    #!/usr/local/bin/perl
    
    use strict;
    use File::Basename;
    
    my @outputfile;
    my $fname = "/mnt/iscsi/pass/passwdfred";
    if (-e $fname) { unlink($fname); }
    
    my @passwd_list = `find /home/*/etc/*/passwd`;
    my @shadow_list = `find /home/*/etc/*/shadow`;
    
    my @fullpw =();
    my %fullsh =();
    
    foreach (@passwd_list) {
            open (PWLIST, "<$_");
            @fullpw= (@fullpw, <PWLIST>);
    }
    
    foreach (@shadow_list) {
            my ($fname, $dir) = fileparse($_);
            my @domtemp = split(/\//,$_);
            my $dname = $domtemp[$#domtemp-1];
            open (PWLIST, "<$_");
            while ( <PWLIST> ) {
                    my @temp = split(/:/,$_);
                    my $emailaddr = $temp[0] . "@" . $dname;
                    $fullsh{$emailaddr} = $temp[1];
            }
    }
    
    foreach (@fullpw) {
            my @temp = split(/:/,$_);
            my @temp2 = split(/\//,$temp[5]);
            if ($temp2[1] eq "usr") {
                    my $emailaddr = $temp2[6] . "@" . $temp2[5];
                    push(@outputfile, $emailaddr,":",$fullsh{$emailaddr},"\n");
    
            }
            if ($temp2[1] eq "home" or $temp2[1] eq "home2") {
                    my $emailaddr = $temp2[5] . "@" . $temp2[4];
                    push(@outputfile, $emailaddr,":",$fullsh{$emailaddr},"\n");
            }
    }
    
    open my $FH,">>$fname" or die "Can't open $fname: $!";
    foreach( @outputfile) {
            print $FH $_;
    }
    close $FH
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice