#!/bin/bash # info: change mail account password # options: USER DOMAIN ACCOUNT PASSWORD # # example: v-change-mail-account-password admin mydomain.tld user p4$$vvOrD # # This function changes email account password. #----------------------------------------------------------# # Variables & Functions # #----------------------------------------------------------# # Argument definition user=$1 domain=$2 domain_idn=$2 account=$3 password=$4 HIDE=4 # Includes # shellcheck source=/etc/hestiacp/hestia.conf source /etc/hestiacp/hestia.conf # shellcheck source=/usr/local/hest # shellcheck source=/usr/local/hestia/func/main.sh source $HESTIA/func/main.sh # shellcheck source=/usr/local/hestia/func/domain.sh source $HESTIA/func/domain.sh # load config file source_conf "$HESTIA/conf/hestia.conf" # Additional argument formatting format_domain format_domain_idn # TODO: $domain_idn not used in this script - maybe $domain should be converted to $doman_idn ? #----------------------------------------------------------# # Verifications # #----------------------------------------------------------# check_args '4' "$#" 'USER DOMAIN ACCOUNT PASSWORD' is_format_valid 'user' 'domain' 'account' is_system_enabled "$MAIL_SYSTEM" 'MAIL_SYSTEM' is_object_valid 'user' 'USER' "$user" is_object_unsuspended 'user' 'USER' "$user" is_object_valid 'mail' 'DOMAIN' "$domain" is_object_unsuspended 'mail' 'DOMAIN' "$domain" is_object_valid "mail/$domain" 'ACCOUNT' "$account" is_object_unsuspended "mail/$domain" 'ACCOUNT' "$account" is_password_valid # Perform verification if read-only mode is enabled check_hestia_demo_mode #----------------------------------------------------------# # Action # #----------------------------------------------------------# # Generating hashed password if [ -n "$(doveadm pw -l | grep BLF-CRYPT)" ]; then set +H # disable ! style history substitution md5="$(doveadm pw -s BLF-CRYPT -p "$password")" elif [ -n "$(doveadm pw -l | grep ARGON2ID)" ]; then # Fall back on Argon2id if bcrypt is not available set +H # disable ! style history substitution md5="$(doveadm pw -s ARGON2ID -p "$password")" else # Fall back on MD5 if neither bcrypt nor argon2id is available salt=$(generate_password "$PW_MATRIX" "8") md5="{MD5}$($BIN/v-generate-password-hash md5 $salt <<< $password)" fi if [[ "$MAIL_SYSTEM" =~ exim ]]; then quota=$(get_object_value "mail/$domain" 'ACCOUNT' "$account" '$QUOTA') if [ "$quota" = 'unlimited' ]; then quota=0 fi sed -i "/^$account:/d" $HOMEDIR/$user/conf/mail/$domain/passwd str="$account:$md5:$user:mail::$HOMEDIR/$user:${quota}:userdb_quota_rule=*:storage=${quota}M" echo "$str" >> $HOMEDIR/$user/conf/mail/$domain/passwd fi #----------------------------------------------------------# # Hestia # #----------------------------------------------------------# # Update md5 update_object_value "mail/$domain" 'ACCOUNT' "$account" '$MD5' "$md5" # Logging $BIN/v-log-action "$user" "Info" "Mail" "Mail account password changed (Account: $account@$domain)." log_event "$OK" "$ARGUMENTS" exit