* What is CGIpaf?
"cgipaf" allows users to change their un*x Password, Autoreply and
mail Forwarding by a web interface.
CGIpaf 1.2.1 is the latest "stable" release.
CGIpaf 1.2.1 is available at http://staf.patat.org/cgipaf/
Debian ( woody ) packages are available at
http://staf.patat.org/debian/
* Requirements
o a Un*x server
o a mailserver that uses procmail
( vacation is supported by an external perl mailcfg script )
o webserver
o gcc, ndbm or gdbm
* License
GNU General Public License.
* Changelog
* o version 1.2.1 ( 20 Jan 2003 )
+ example php files in Brazilian Portuguese added
( Thanks to Fabricio Machado )
+ improved forward_to emailaddress testing
+ added test for mail headers like 'Precedence: bulk' to avoid
replying to maillinglists etc.
+ code cleanup
o version 1.2.0 ( 7 Dec 2002)
+ 1.2.0RC1 has been released as 1.2.0
o version 1.2.0RC1 ( 26 Nov 2002 )
+ setreuid(user_uid,0) added in cgipaf.c
passwd.cgi should now support all pam options in the PAM
configuration (cracklib, minimum/ maximum password length etc.)
on all systems with PAM support.
+ The set_PAM_CHANGE_EXPIRED_AUTHTOK directive is obsolete and
will be removed in the next releases of CGIpaf
o version 1.2.0pre1 ( 24 Oct 2002 )
+ Access Control List added
( AclOrder, AllowUsers, AllowGroups, DenyUsers,
DenyGroups directives )
* Overview
cgipaf is a combination of three cgi programs:
+ passwd.cgi : allows users to update their password
+ viewmailcfg.cgi : allows users to view their current mail
configuration.
+ mailcfg.cgi : update the mail configuration
o All programs use PAM for user authentication, systems without PAM
are only supported if they use the standard password file location
(/etc/passwd ,/etc/shadow) and the standard crypt or md5 passwords.
o If a password is changed it is possible to run a script to update
SAMBA passwords, NIS configuration, etc.
o The mail configuration is done by procmail, mailcfg.cgi creates a
.procmailrc in the user's home directory. If autoreply is enabled
the autoreply message is stored in ~/vacations.txt. When a user
enables mail forwarding the user can choose to keep the messages.
o For user authentication viewmailcfg.cgi creates a cookie, this
cookie is stored in the accessdb. mailcfg.cgi reads the cookie out
the accessdb and compares it with the cookie send by the users
browser.
o User with too many invalid logins can be locked.
o The minimum and maximum uid can be set in the configuration file,
so you can specify a range of uid's that are allowed to use
cgipasswd.
o You can specify html files with a few PHP extensions for the login
screen and error messages.
o It's possible to use a redirect for the error messages, instead of
plain html files.
o It's is possible to define an external script to update the the
mail configuration to support other mail configurations than
procmail a sample script with vacation support is included.
o CGIpaf also contains the "changepass" utility which is basically a
clone of the chpasswd(8) Linux command, it might be useful on
platforms that doesn't have such a command like Solaris.
regards,
--
staf
##########################################################################
# Send submissions for comp.os.linux.announce to: cola _at_ stump.algebra.com #
# PLEASE remember a short description of the software and the LOCATION. #
# This group is archived at http://stump.algebra.com/~cola/ #
##########################################################################
