[sork] Passwd Problems - Cannot Change password, no UPDATE applied
Simon Brereton
simon.brereton at dada.net
Fri Oct 23 16:11:39 UTC 2009
> -----Original Message-----
> From: sork-bounces at lists.horde.org [mailto:sork-bounces at lists.horde.org]
> On Behalf Of Eric Jon Rostetter
> Sent: Thursday, October 22, 2009 9:36 PM
> Quoting Simon Brereton <simon.brereton at dada.net>:
>
> > This is what appeared in the logs:
> >
> > Oct 22 22:29:49 HORDE [debug] [passwd] SQL Query by
> > Passwd_Driver_sql::_lookup(): SELECT Password FROM MailAccounts
> > WHERE EmailAdd = ? [on line 110 of
> > "/usr/share/horde3/passwd/lib/Driver/sql.php"]
> > Oct 22 22:29:49 HORDE [debug] [passwd] Current password returned
> > from DB as: [on line 121 of
> > "/usr/share/horde3/passwd/lib/Driver/sql.php"]
>
> Oh, that's bad. It appears to be returning nothing, but also not
> returning
> an error...
>
> Unless you set the "pass_col" wrong, this is rather a bad thing...
Pass_col can't be wrong - since the copying and pasting the query in mysql.log at a mysql prompt returns the correct result. Still I can't believe it's a code thing - someone else would have had an issue (even though I feel I'm the only one on this list apart from you) :)
> > friend pointed out that the ? is actually in the code!
>
> The question mark is normal. It does variable substitution (the passed
> variables are substituted in order into the string where the '?'
> characters
> are...).
Understood - thanks.
> > What's the next step?
>
> Hope someone else on this list can help more. I don't use sql, so I'm
> not a lot of help...
>
> If no one else replies, repost your configuration again, along with the
> sql logs, and the horde logs, and I'll see if I can't find something in
> them... But hopefully someone who uses sql for passwords will chip
> in...
I'm going to have to play a bit more. Your code appears to be right (if it wasn't this list would be more active ;) Which config do you need? The relevant backends.php? The passwd/config/conf.php? Here's everything I've got.
HORDE LOG (showing your debug code):
Oct 23 15:16:08 HORDE [debug] [] SQL Query by Prefs_sql::retrieve(): SELECT pref_scope, pref_name, pref_value FROM horde_prefs WHERE pref_uid =
? AND (pref_scope = ? OR pref_scope = 'horde') ORDER BY pref_scope [on line 137 of "/usr/share/horde3/lib/Horde/Prefs/sql.php"]
Oct 23 15:16:08 HORDE [debug] [passwd] SQL Query by Passwd_Driver_sql::_lookup(): SELECT Password FROM MailAccounts WHERE EmailAdd = ? [on line
110 of "/usr/share/horde3/passwd/lib/Driver/sql.php"]
Oct 23 15:16:08 HORDE [debug] [passwd] Current password returned from DB as: [on line 121 of "/usr/share/horde3/passwd/lib/Driver/sql.php"]
SQL LOG:
091023 15:16:08 3362 Connect root at localhost on
3362 Init DB horde
3362 Init DB horde
3362 Init DB horde
3362 Query SELECT pref_scope, pref_name, pref_value FROM horde_prefs WHERE pref_uid = 'simon at lydiard.net' AND (pref_scope = 'passwd' OR pref_scope = 'horde') ORDER BY pref_scope
3363 Connect postfix at localhost on
3363 Init DB Mail
3363 Init DB Mail
3363 Query SELECT Password FROM MailAccounts WHERE EmailAdd = 'simon at lydiard.net'
3362 Quit
3363 Quit
MYSQL CLI:
donald:~# mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 3370
Server version: 5.0.32-Debian_7etch8-log Debian etch distribution
mysql> use horde;
Database changed
mysql> SELECT pref_scope, pref_name, pref_value FROM horde_prefs WHERE pref_uid = 'simon at lydiard.net' AND (pref_scope = 'passwd' OR pref_scope = 'horde') ORDER BY pref_scope
-> ;
+------------+------------------+---------------------------------------------------------------+
| pref_scope | pref_name | pref_value |
+------------+------------------+---------------------------------------------------------------+
| horde | last_login | a:2:{s:4:"time";i:1256231586;s:4:"host";s:12:"38.104.167.6";} |
| horde | last_maintenance | 1256231586 |
+------------+------------------+---------------------------------------------------------------+
2 rows in set (0.02 sec)
mysql> use Mail
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> SELECT Password FROM MailAccounts WHERE EmailAdd = 'simon at lydiard.net';
+------------+
| Password |
+------------+
| -obscured- |
+------------+
1 row in set (0.00 sec)
Since I noticed that horde is being used with mysql user root, I changed the backend.php to make the sql query also root (though it looks like your code is correctly changing the user from what I see in the mysql log - and I have previously tried with the root user in the back-end). No joy. The mysql log is never going to tell us what it returned because the statement didn’t change the DB (and that would be in the bin file - which shows, correctly, nothing).
I'm going to use the customised query to see - with your helpful debugger - if I can get the DB to return something. Anything. And go from there. In the meantime, if you have any suggestions - or if there's anyone else on this list who can chip in, that would be great!
passwd/config/conf.php:
donald:~# cat /usr/share/horde3/passwd/config/conf.php
<?php
/* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
// $Horde: passwd/config/conf.xml,v 1.12 2005/10/09 14:48:58 jan Exp $
$conf['menu']['apps'] = array('imp', 'passwd');
$conf['backend']['backend_list'] = 'shown';
$conf['user']['change'] = false;
$conf['user']['refused'] = array('root', 'bin', 'daemon', 'adm', 'lp', 'shutdown', 'halt', 'uucp', 'ftp', 'anonymous', 'nobody', 'httpd', 'operator', 'guest', 'diginext', 'bind', 'cyrus', 'courier', 'games', 'kmem', 'mailnull', 'man', 'mysql', 'news', 'postfix', 'sshd', 'tty', 'www');
$conf['password']['strengthtests'] = true;
$conf['hooks']['full_name'] = true;
$conf['hooks']['default_username'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['userdn'] = false;
/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */
?>
passwd/config/backends.php - the only live section:
328 $backends['sql'] = array(
329 'name' => 'Postfix',
330 'preferred' => '',
331 'password policy' => array(
332 'minLength' => 8,
333 'maxLength' => 18,
334 'minClasses' => 2,
335 'maxSpace' => 0,
336 'minUpper' => 1,
337 'minLower' => 1,
338 'minNumeric' => 1,
339 'minSymbols' => 1
340 ),
341 'driver' => 'sql',
342 'params' => array(
343 'phptype' => 'mysql',
344 'hostspec' => 'localhost',
345 'username' => 'postfix',
346 'password' => '-obscured-',
347 'encryption' => 'plain',
348 'database' => 'Mail',
349 'table' => 'MailAccounts',
350 'user_col' => 'EmailAdd',
351 'pass_col' => 'Password',
352 'show_encryption' => false,
353 // The following two settings allow you to specify custom queries for
354 // lookup and modify functions if special functions need to be
355 // performed. In places where a username or a password needs to be
356 // used, refer to this placeholder reference:
357 // %u -> gets substituted with the user
358 // %p -> gets substituted with the plaintext password
359 // %e -> gets substituted with the encrypted password
360 //
361 // 'query_lookup' => 'SELECT user_pass FROM horde_users WHERE user_uid = %u',
362 // 'query_modify' => 'UPDATE horde_users SET user_pass = %e WHERE user_uid = %u',
363 //'query_lookup' => 'SELECT Password FROM MailAccounts WHERE EmailAdd = %u',
364 //'query_modify' => 'UPDATE MailAccounts SET Password = %p WHERE EmailAdd = %u',
365 ));
More information about the sork
mailing list