Join Log in
Score:0
bogdaN avatar Server

Roundcube webmail on Debian 11 bullseye - Could not save password

us flag
bogdaN

first question here, take me slow.

I have installed dovecot, postfix and Roundcube webmail in a VM to test a new mail server for the company I work for. All good until I try changing a password as a logged in user from roundcube settings->password.

What I have done:

  • Enabled password plugin in roundcube
  • Set the driver to "chpasswd" as my users are system users created with "useradd -m user password"
  • I have created a new file in sudoers.d and added this www-data ALL=NOPASSWD:/usr/sbin/chpasswd as I understand apache2 runs under www-data user and it need sudo privileges. Still after doing all these things, I get the same error "Could not save password"

No logs that I can find show me other information about the problem. If there is a specific log I should look into, please tell me and I will do. If any configuration should I provide to you, ask and I will provide. Thank you!

EDIT: auth.log shows this when using sudo -u www-data /usr/sbin/chpasswd

sudo: pam_unix(sudo:session): session opened for user www-data(uid=33) by (uid=0)
Feb  2 11:08:54 mail unix_chkpwd[7140]: check pass; user unknown
Feb  2 11:08:54 mail unix_chkpwd[7141]: check pass; user unknown
Feb  2 11:08:54 mail unix_chkpwd[7141]: password check failed for user (test2)
Feb  2 11:08:54 mail chpasswd[7139]: pam_unix(chpasswd:chauthtok): authentication failure; logname= uid=33 euid=33 tty= ruser= rhost=  user=test2
Feb  2 11:09:01 mail CRON[7144]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
Feb  2 11:09:01 mail CRON[7144]: pam_unix(cron:session): session closed for user root
Feb  2 11:09:05 mail sudo: pam_unix(sudo:session): session closed for user www-data
121
0 + 0
Score:0
nih avatar Server
in flag
nih

Check in config.inc.php how is logiin file or syslog

// LOGGING
$config['log_driver'] = 'file'; 
$config['syslog_facility'] = error.log;

then check syslog or roundcube log Dir for errors, if is file type of logging should be /var/www/html/roundcube/logs

Update: Probably user www-data don't have permissions for sudo or command to check:

sudo -u www-data /usr/sbin/chpasswd

Try this: https://www.tecmint.com/fix-passwd-authentication-token-manipulation-error-in-linux/

0 + 0
bogdaN avatar
us flag
bogdaN
I have checked roundcube/logs/errors.logs (I dont know how I missed this file) and found this entry: Unable to execute sudo /usr/sbin/chpasswd 2> /dev/null in /var/www/roundcube/plugins/password/drivers/chpasswd.php . Ok, now I need to interpret it. I gues it is a privilege problem.
0
Reply
bogdaN avatar
us flag
bogdaN
Further addition: The permissions problem may be for /dev/null file. Permissions on it look like this: crw-rw-rw- 1 root root 1 . I cannot see anything wrong with it. I will continue my troubleshooting
0
Reply
bogdaN avatar
us flag
bogdaN
After running that commant I get this: chpasswd: pam_chauthtok() failed, error: Authentication token manipulation error . And from my research I have found that it may be a permissions problem or maybe shadow or passwd file problem. I will continue my troubleshooting.
0
Reply
bogdaN avatar
us flag
bogdaN
I have tried that already, unfortunately no success. I will edit my question with other log information I have found.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.