#319 dovecot:CRYPT-METHOD does not work

v2.91 (3.0 beta1)
closed-invalid
nobody
None
5
2017-05-04
2014-05-30
Paul
No

I have not been able to get dovecot:CRYPT-METHOD to work (tried SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, and BLF-CRYPT, which I learned isn't supported in my OS). Using one results in the following error message when setting up admin account with setup.php:

can't encrypt password with dovecotpw, see error log for details

This is what the logs state:
1624#0: *6 FastCGI sent in stderr: "PHP message: dovecotpw password encryption failed.

PHP message: STDERR output: sh: 1: /usr/sbin/doveadm: not found" while reading response header from upstream <...> upstream: "fastcgi://unix:/var/run/php5-fpm.sock:" <...>

In config.inc.php I see:

// If you use the dovecot encryption method: where is the dovecotpw binary located?
// for dovecot 1.x
// $CONF['dovecotpw'] = "/usr/sbin/dovecotpw";
// for dovecot 2.x (dovecot 2.0.0 - 2.0.7 is not supported!)
$CONF['dovecotpw'] = "/usr/sbin/doveadm pw";

A couple quick checks:
# ll /usr/sbin/doveadm
-rwxr-xr-x 1 root root 423264 Feb 13 23:23 /usr/bin/doveadm*

# doveadm pw -l
CRYPT MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5 PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY RPA SHA256-CRYPT SHA512-CRYPT

Using Dovecot 2.2, PHP 5.5, MariaDB 10, Postfix 2.11.

Discussion

  • Christian Boltz

    Christian Boltz - 2014-10-28
    • status: open --> pending
     
  • Christian Boltz

    Christian Boltz - 2014-10-28

    "not found" is a quite obvious error message ;-)

    Does your webserver/fastcgi run chrooted?

     
  • Christian Boltz

    Christian Boltz - 2016-05-22
    • status: pending --> closed-invalid
     
  • Christian Boltz

    Christian Boltz - 2016-05-22

    No response since 1.5 years, closing.

     
  • Mario Yamaguchi

    Mario Yamaguchi - 2017-05-04

    It may be too late to respond this question. I had the same problem, and found a solution.
    There seems to be incompatibilty to deal with dovecotpw in functions.inc.php. Although doveadm generates password hashes with random salt, they offers verified function with '-t' option. You need few modification on functions.inc.php. If you need the source code, I am more than willing to share.
    (Postfix version 2.3.3/Dovecot version 2.2.10)

     
  • Christian Boltz

    Christian Boltz - 2017-05-04

    There's an easier solution - update to PostfixAdmin 3.0.x which already uses the '-t' option and is therefore able to handle most dovecot hashing methods (except a few where the username is mixed into the hash) ;-)

     
    • Mario Yamaguchi

      Mario Yamaguchi - 2017-05-04

      Thank you very much. I did not realize there is a newer virsion.

      Best regards,

      On May 5, 2017 01:45, "Christian Boltz" christian_boltz@users.sf.net
      wrote:

      There's an easier solution - update to PostfixAdmin 3.0.x which already
      uses the '-t' option and is therefore able to handle most dovecot hashing
      methods (except a few where the username is mixed into the hash) ;-)


      Status: closed-invalid
      Group: v2.91 (3.0 beta1)
      Created: Fri May 30, 2014 11:05 PM UTC by Paul
      Last Updated: Thu May 04, 2017 01:57 PM UTC
      Owner: nobody

      I have not been able to get dovecot:CRYPT-METHOD to work (tried
      SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, and BLF-CRYPT, which I learned isn't
      supported in my OS). Using one results in the following error message when
      setting up admin account with setup.php:

      can't encrypt password with dovecotpw, see error log for details

      This is what the logs state:
      1624#0: *6 FastCGI sent in stderr: "PHP message: dovecotpw password
      encryption failed.

      PHP message: STDERR output: sh: 1: /usr/sbin/doveadm: not found" while
      reading response header from upstream <...> upstream:
      "fastcgi://unix:/var/run/php5-fpm.sock:" <...>

      In config.inc.php I see:

      // If you use the dovecot encryption method: where is the dovecotpw binary
      located?
      // for dovecot 1.x
      // $CONF['dovecotpw'] = "/usr/sbin/dovecotpw";
      // for dovecot 2.x (dovecot 2.0.0 - 2.0.7 is not supported!)
      $CONF['dovecotpw'] = "/usr/sbin/doveadm pw";

      A couple quick checks:

      ll /usr/sbin/doveadm

      -rwxr-xr-x 1 root root 423264 Feb 13 23:23 /usr/bin/doveadm*

      doveadm pw -l

      CRYPT MD5 MD5-CRYPT SHA SHA1 SHA256 SHA512 SMD5 SSHA SSHA256 SSHA512 PLAIN
      CLEAR CLEARTEXT PLAIN-TRUNC CRAM-MD5 SCRAM-SHA-1 HMAC-MD5 DIGEST-MD5
      PLAIN-MD4 PLAIN-MD5 LDAP-MD5 LANMAN NTLM OTP SKEY RPA SHA256-CRYPT
      SHA512-CRYPT

      Using Dovecot 2.2, PHP 5.5, MariaDB 10, Postfix 2.11.

      Sent from sourceforge.net because you indicated interest in
      https://sourceforge.net/p/postfixadmin/bugs/319/

      To unsubscribe from further messages, please visit
      https://sourceforge.net/auth/subscriptions/

       

Log in to post a comment.