Sun Cobalt RAQ550 安装Openwebmail v2.51

By | 2018-11-26

Installing OpenWebmail 2.51

From CobaltFAQs

Jump to: navigation, search

Installing Open WebMail v2.51. Assumes you already had v2.40 installed from the Nuonce PKG, etc.

这里要求原本你系统中已经安装 OpenWebmail 2.40 , 但尝试过并不需要.

用 Sun Cobalt restore CD 恢复系统后有两种方法安装 OpenWebmail v2.51

A. 用openwebmail 软件包直接安装

请安装 http://pkgmaster.com/packages/raq/550/  的安装包 Openwebmail v2.51 

B. 以源码方式手动安装,步骤如下

如果你是用以上安装包安装可直接跳过 (1)  (2)  (4)  (5) 四个安装步骤,如果你是源码手动安装请按步骤安装.

Contents

[hide]

1) Upgrade MIME-Base64

cd /root wget http://cpan.org/modules/by-module/MIME/MIME-Base64-3.07.tar.gz tar zxf MIME-Base64-3.07.tar.gz cd MIME-Base64-3.07  perl Makefile.PL make make test make install

2) Get and install Open WebMail

  cd /root wget http://www.openwebmail.org/openwebmail/download/current/openwebmail-current.tar.gz mv openwebmail-current.tar.gz openwebmail-2.51.tar.gz mkdir owm cd owm tar zxf ../openwebmail-2.51.tar.gz cd /home mv openwebmail __old_openwebmail mkdir openwebmail cd openwebmail cp -r /root/owm/* .

3) Configure authentication and permissions

cp /home/__old_openwebmail/cgi-bin/openwebmail/auth/auth_pam_cobalt.pl 
/home/openwebmail/cgi-bin/openwebmail/auth/.

If you’re missing the file, you can get the contents at auth_pam_cobalt.pl

经过安装测试下载回来的 auth_pam_cobalt.pl 是不能正常工作的,可以自建新文件 auth_pam_cobalt.pl 并把以下内容贴上

——————– 以下为 auth_pam_cobalt.pl 的内容 ——————-

package ow::auth_pam_cobalt;
use strict;
#
# auth_pam.pl - authenticate user with PAM
#
# 2002/08/01 webmaster.AT.pkgmaster.com
#            add check for nologin, validshell, cobaltuser
#            based on work from Trevor.Paquette.AT.TeraGo.ca
# 2001/10/05 tung.AT.turtle.ee.ncku.edu.tw
#
# The code of check_userpassword and change_userpassword is from
# the example code of Authen::PAM by Nikolay Pelov <nikip.AT.iname.com>
# Webpage is available at http://www.cs.kuleuven.ac.be/~pelov/pam
#

########## No configuration required from here ###################

use Authen::PAM;
use Fcntl qw(:DEFAULT :flock);
require "modules/filelock.pl";
require "modules/tool.pl";

my %conf;
if (($_=ow::tool::find_configfile('etc/auth_pam.conf', 'etc/defaults/auth_pam.conf')) ne '') {
   my ($ret, $err)=ow::tool::load_configfile($_, \%conf);
   die $err if ($ret<0);
}

my $servicename = $conf{'servicename'} || "login";
my $passwdfile_plaintext = $conf{'passwdfile_plaintext'} || "/etc/passwd";

my $check_nologin = $conf{'check_nologin'} || 'no';
my $check_shell = $conf{'check_shell'} || 'no';
my $check_cobaltuser = $conf{'check_cobaltuser'} || 'no';

########## end init ##############################################

# routines get_userinfo() and get_userlist still get data from a passwdfile
# instead of PAM, you may have to rewrite if it does notfit your requirement

#  0 : ok
# -2 : parameter format error
# -3 : authentication system/internal error
# -4 : user doesn't exist
sub get_userinfo {
   my ($r_config, $user)[email protected]_;
   return(-2, 'User is null') if ($user eq '');

   my ($uid, $gid, $realname, $homedir);
   if ($passwdfile_plaintext eq "/etc/passwd") {
      ($uid, $gid, $realname, $homedir)= (getpwnam($user))[2,3,6,7];
   } else {
      if ($passwdfile_plaintext=~/\|/) { # maybe NIS, try getpwnam first
         ($uid, $gid, $realname, $homedir)= (getpwnam($user))[2,3,6,7];
      }
      if ($uid eq "") { # else, open file directly
         ($uid, $gid, $realname, $homedir)= (getpwnam_file($user, $passwdfile_plaintext))[2,3,6,7];
      }
   }
   return(-4, "User $user doesn't exist") if ($uid eq "");

   # get other gid for this user in /etc/group
   while (my @gr=getgrent()) {
      $gid.=' '.$gr[2] if ($gr[3]=~/\b$user\b/ && $gid!~/\b$gr[2]\b/);
   }
   # use first field only
   $realname=(split(/,/, $realname))[0];
   # guess real homedir under sun's automounter
   $homedir="/export$homedir" if (-d "/export$homedir");

   return(0, "", $realname, $uid, $gid, $homedir);
}


#  0 : ok
# -1 : function not supported
# -3 : authentication system/internal error
sub get_userlist {      # only used by openwebmail-tool.pl -a
   my $r_config=$_[0];

   my @userlist=();
   my $line;

   # a file should be locked only if it is local accessable
   if ( -f $passwdfile_plaintext) {
      ow::filelock::lock($passwdfile_plaintext, LOCK_SH) or
         return (-3, "Couldn't get read lock on $passwdfile_plaintext", @userlist);
   }
   open(PASSWD, $passwdfile_plaintext);
   while (defined($line=<PASSWD>)) {
      next if ($line=~/^#/);
      chomp($line);
      push(@userlist, (split(/:/, $line))[0]);
   }
   close(PASSWD);
   ow::filelock::lock($passwdfile_plaintext, LOCK_UN) if ( -f $passwdfile_plaintext);
   return(0, "", @userlist);
}

# globals passed to inner function to avoid closure effect
use vars qw($pam_user $pam_password $pam_newpassword $pam_convstate);

#  0 : ok
# -2 : parameter format error
# -3 : authentication system/internal error
# -4 : password incorrect
sub check_userpassword {
   my $r_config;
   local ($pam_user, $pam_password);    # localized global to make reentry safe
   ($r_config, $pam_user, $pam_password)[email protected]_;
   return (-2, "User or password is null") if ($pam_user eq '' || $pam_password eq '');

   sub checkpwd_conv_func {
      my @res;
      while ( @_ ) {
         my $code = shift;
         my $msg = shift;
         my $ans = "";

         if ($code == PAM_PROMPT_ECHO_ON() ) {
            $ans = $pam_user;
         } elsif ($code == PAM_PROMPT_ECHO_OFF() ) {
            $ans = $pam_password;
         }
         push @res, (PAM_SUCCESS(),$ans);
#ow::tool::log_time("code:$code, msg:$msg, ans:$ans\n");        # debug
      }
      push @res, PAM_SUCCESS();
      return @res;
   }

   # disable SIG CHLD since authsys in PAM may fork process
   local $SIG{CHLD}; undef $SIG{CHLD};

   my ($pamh, $ret, $errmsg);
   if ( ref($pamh = new Authen::PAM($servicename, $pam_user, \&checkpwd_conv_func)) ) {
      my $tty_name = "";
      my $error=$pamh->pam_set_item(PAM_TTY(), $tty_name);
      $error=$pamh->pam_authenticate();
      if ($error==0) {
         ($ret, $errmsg)= (0, "");
      } else {
         ($ret, $errmsg)= (-4, "pam_authticate() err $error, ".pam_strerror($pamh, $error));
      }
   } else {
      ($ret, $errmsg)= (-3, "PAM init error $pamh");
   }
   $pamh = 0;  # force Destructor (per docs) (invokes pam_close())

   return($ret, $errmsg) if ($ret<0);

   # emulate pam_nologin.so
   if ($check_nologin=~/yes/i && -e "/etc/nologin") {
      return (-4, "/etc/nologin found, all logins are suspended");
   }
   # emulate pam_shells.so
   if ($check_shell=~/yes/i && !has_valid_shell($pam_user)) {
      return (-4, "user $pam_user doesn't have valid shell");
   }
   # valid user on cobalt ?
   if ($check_cobaltuser=~/yes/i) {
      my $cbhttphost=$ENV{'HTTP_HOST'}; $cbhttphost=~s/:\d+$//; # remove port number
      my $cbhomedir="/home/sites/$cbhttphost/users/$pam_user";
      if (!-d $cbhomedir) {
         return (-4, "This cobalt user $pam_user doesn't has homedir $cbhomedir");
      }
   }

   return (0, "");
}


#  0 : ok
# -1 : function not supported
# -2 : parameter format error
# -3 : authentication system/internal error
# -4 : password incorrect
sub change_userpassword {
   local ($pam_user, $pam_password, $pam_newpassword); # localized global to make reentry safe
   my $r_config;
   ($r_config, $pam_user, $pam_password, $pam_newpassword)[email protected]_;
   return (-2, "User or password is null") if ($pam_user eq '' || $pam_password eq '' || $pam_newpassword eq '');

   local $pam_convstate=0;      # localized global to make reentry safe
   sub changepwd_conv_func {
      my @res;

      while ( @_ ) {
         my $code = shift;
         my $msg = shift;
         my $ans = "";

         if ($code == PAM_PROMPT_ECHO_ON() ) {
            $ans = $pam_user;
         } elsif ($code == PAM_PROMPT_ECHO_OFF() ) {
            if ($pam_convstate>1 || $msg =~ /new/i ) {
               $ans = $pam_newpassword;
            } else {
               $ans = $pam_password;
            }
            $pam_convstate++;
         }
         push @res, (PAM_SUCCESS(),$ans);
#ow::tool::log_time("code:$code, msg:$msg, ans:$ans\n");        # debug
      }
      push @res, PAM_SUCCESS();
      return @res;
   }

   # disable SIG CHLD since authsys in PAM may fork process
   local $SIG{CHLD}; undef $SIG{CHLD};

   my ($pamh, $ret, $errmsg);
   if (ref($pamh = new Authen::PAM($servicename, $pam_user, \&changepwd_conv_func)) ) {
      my $error=$pamh->pam_chauthtok();
      if ( $error==0 ) {
         ($ret, $errmsg)= (0, "");
      } else {
         ($ret, $errmsg)= (-4, "pam_authtok() err $error, ".pam_strerror($pamh, $error));
      }
   } else {
      ($ret, $errmsg)= (-3, "PAM init error $pamh");
   }
   $pamh = 0;  # force Destructor (per docs) (invokes pam_close())
   return($ret, $errmsg);
}


########## misc support routine ##################################

# this routine is slower than system getpwnam() but can work with file
# other than /etc/passwd. ps: it always return '*' for passwd field.
sub getpwnam_file {
   my ($user, $passwdfile_plaintext)[email protected]_;
   my ($name, $passwd, $uid, $gid, $gcos, $dir, $shell);

   return("", "", "", "", "", "", "", "", "") if ($user eq "");

   open(PASSWD, "$passwdfile_plaintext");
   while(<PASSWD>) {
      next if (/^#/);
      chomp;
      ($name, $passwd, $uid, $gid, $gcos, $dir, $shell)=split(/:/);
      last if ($name eq $user);
   }
   close(PASSWD);

   if ($name eq $user) {
      return($name, "*", $uid, $gid, 0, "", $gcos, $dir, $shell);
   } else {
      return("", "", "", "", "", "", "", "", "");
   }
}

sub has_valid_shell {
   my $user=$_[0];

   my ($name, $shell);
   if ($passwdfile_plaintext eq "/etc/passwd") {
      $shell = (getpwnam($user))[8];
   } else {
      if ($passwdfile_plaintext=~/\|/) { # maybe NIS, try getpwnam first
         ($name, $shell)= (getpwnam($user))[0,8];
      }
      if ($name eq "") { # else, open file directly
         ($name, $shell) = (getpwnam_file($user, $passwdfile_plaintext))[0,8];
      }
   }
   return 0 if ($shell eq '');

   my $validshell = 0;
   if (open(ES, "/etc/shells")) {
      while(<ES>) {
         chomp;
         if( $shell eq $_ ) {
            $validshell = 1; last;
         }
      }
      close(ES);
   }
   return 0 if (!$validshell);

   return 1;
}

1;


-------------------  以上 auth_pam_cobalt.pl 代码完结 ---------------------

设置 sessions 目录的权限为所有用户 0771

chown -R root.mail * 
chmod 0771 /home/openwebmail/cgi-bin/openwebmail/etc/sessions

4) Disable CGIWrap

cd cgi-bin/openwebmail

Edit .htaccess to contain:

AddHandler cgi-script .pl

5) Create missing config file

Edit /home/openwebmail/cgi-bin/openwebmail/etc/dbm.conf to contain:

dbm_ext                 .pag 
dbmopen_ext             none 
dbmopen_haslock         yes

6) Fix the main configuration file

cd /home/openwebmail/cgi-bin/openwebmail/etc 
mv openwebmail.conf openwebmail.conf.orig

Edit openwebmail.conf to contain:

# Open WebMail configuration file 

# # This file contains just the overrides from defaults/openwebmail.conf, 
# please make all changes to this file. 

# # This file sets options for all domains and all users. 
# To set options on per domain basis, please put them in sites.conf/domainname 
# To set options on per user basis, please put them in users.conf/username 

# # Please refer to openwebmail.conf.help for the description of each 
option  domainnames             
auto domainnames_override    yes  
auth_module             auth_pam_cobalt.pl  
mailspooldir            /var/spool/mail  
ow_cgidir               /home/openwebmail/cgi-bin/openwebmail 
ow_cgiurl               /openwebmail-cgi 
ow_htmldir              /home/openwebmail/data/openwebmail 
ow_htmlurl              /openwebmail  
logfile                 /var/log/openwebmail.log  
enable_viruscheck       no 
enable_spamcheck        no 
enable_learnspam        no  
default_iconset         Default 
default_fscharset       none  
<default_signature> </default_signature> 
<page_footer> </page_footer>  
use_homedirspools       yes 
homedirspoolname        mbox 
spellcheck              /usr/bin/ispell 
default_language        en 
timeoffset              auto

7) Run the init script

 /home/openwebmail/cgi-bin/openwebmail/openwebmail-tool.pl --init

發佈留言