On Thu, Jun 14, 2012 at 06:01:14PM +0800, f5b wrote:
> I have setup OpenSMTPD + dovecot + roundcube simple mail server.
> People can ssh log in to the OpenBSD box, change their password using command
> passwd,
> the system account password is also the mail account password.
>
> So, for security reason, how to let the user can only run one command(passwd)
> when they login?
> or are there any other methods to let mail account user change their password
> by themself easily?
>
> sshd_config ChrootDirectory not suit our needs.
>
> 1. administrator login OpenBSD box, adduser user.
> 2. the user ssh log in OpenBSD box, run "passwd" to change their password
> assign by administrator.
So your users are ok with shell? If so you can define for them
their own passwd file.
Not tested though.
passdb {
driver = passwd-file
# Each user has a separate passwd-file:
args = /home/%u/.imappasswd
}
http://wiki2.dovecot.org/AuthDatabase/PasswdFile
http://wiki2.dovecot.org/Variables
jirib
