diff options
| -rwxr-xr-x | fripost | 255 |
1 files changed, 128 insertions, 127 deletions
@@ -13,8 +13,8 @@ fripost - Fripost.org handling utility for virtual hosting =head1 SYNOPSIS -B<fripost> [I<options>] { mkpass | add-user | search-user | user-passwd -| add-domain | search-domain | add-alias | search-alias } +B<fripost> [I<options>] { add-alias | add-domain | add-user | mkpass | +search-alias | search-domain | search-user | user-passwd } B<fripost> B<--man> @@ -22,38 +22,38 @@ B<fripost> B<--man> =over 4 -=item B<fripost> mkpass [I<password>] - -Create a random new password, and returns its hash. - -=item B<fripost> add-user [I<username>] [B<--password=>I<password>] +=item B<fripost> add-alias [B<--force>] [I<goto> [I<from>...]] -Add a new virtual mailbox. +Add a new virtual alias. -=item B<fripost> search-user [I<username>] +=item B<fripost> add-domain [B<--force>] [I<domain> [I<username>]] -List matching virtual users. +Add a new virtual domain. -=item B<fripost> user-passwd [I<username>] [B<--password=>I<password>] +=item B<fripost> add-user [I<username>] [B<--password=>I<password>] -Change user password. +Add a new virtual mailbox. -=item B<fripost> add-domain [B<--force>] [I<domain> [I<username>]] +=item B<fripost> mkpass [I<password>] -Add a new virtual domain. +Create a random new password, and returns its hash. =item B<fripost> search-domain [I<domain> [I<username>]] List matching virtual domains. -=item B<fripost> add-alias [B<--force>] [I<goto> [I<from>...]] +=item B<fripost> search-user [I<username>] -Add a new virtual alias. +List matching virtual users. =item B<fripost> search-alias [B<-f>|B<--from>] [B<-g>|B<--goto>] [I<address>] List matching virtual aliases. +=item B<fripost> user-passwd [I<username>] [B<--password=>I<password>] + +Change user password. + =back =head1 DESCRIPTION @@ -63,77 +63,6 @@ the following commands is required. =over 4 -=item B<fripost> mkpass [I<password>] - -C<mkpass> is used to generate a salted SHA-1 hash of the given -I<password>. If no argument is given, the password is randomly -generated, respecting Fripost's password policy. - -=item B<fripost> add-user [I<username>] [B<--password=>I<password>] - -C<add-user> is used to add a new virtual mailbox to the system, unless -B<--pretend> is set. -If I<username> or I<password> are not given, the user is prompted for -their value. -If I<username> is not fully qualified, the domain C<fripost.org> is -appended. -An error is raised if I<username> is already an existing virtual user or -alias. -If I<password> is given, is it used RAW (not hashed). -This can be useful if the user does not want to give the clear copy but -only a hash, for example. -Using this option disables the sending of credentials. - -=item B<fripost> search-user [I<username>] - -C<search-user> is used to -list virtual mailboxes whose username matches exactly I<username>. -Wildcards I<*> can appear in I<username>, to match zero or more characters. -If no I<username> is given, lists all existing mailboxes. - -If I<username> has no domain part, C<search-user> lists matching users for any -domains. -Otherwise, C<search-user> looks up the matching user parts for each matching -domain. -Because of these multiple searches, the use of wildcards on the domain -part of I<username> may be inefficient. - -=item B<fripost> user-passwd [I<username>] [B<--password=>I<password>] - -C<user-passwd> is used to change the password of I<username>, unless -B<--pretend> is set. -If I<username> or I<password> are not given, the user is prompted for -their value. -If I<username> is not fully qualified, the domain C<fripost.org> is appended. -An error is raised if I<username> is not an existing virtual user. -If I<password> is given, is it used RAW (not hashed). -This can be useful if the user does not want to give the clear copy but -only a hash, for example. -Using this option disables the sending of credentials. - -=item B<fripost> add-domain [B<--force>] [I<domain> [I<username>]] - -C<add-domain> is used add a new virtual domain to the system, unless -B<--pretend> is set. -If I<domain> is not given, the user is prompted for its value. -By default, C<add-domain> prompts for the owner(s) of the new -domain; Use the empty string I<''> in the command line to create a -"global" domain, only managed by Fripost's administrators. -An error is raised if I<domain> is an existing virtual domain unless -B<--force> is set, in which case -I<username> is simply added to the list of managers. - -=item B<fripost> search-domain [I<domain> [I<username>]] - -C<search-domain> is used to list virtual domains matching exactly I<domain>, -and whose owner is I<username>. -Wildcards I<*> can appear in I<domain>, to match zero or more characters. -If no I<username> is given, list all domains matching I<domain>, regardless -of the owner; If I<owner> is the empty string I<''>, list only the non -self-managed domains. -If neither I<domain> nor I<owner> are given, C<search-domain> lists -all existing virtual domains. - =item B<fripost> add-alias [B<--force>] [I<goto> [I<from>...]] C<add-alias> is used to add a new virtual alias to the system, unless @@ -170,6 +99,39 @@ I<goto2>, emails to I<user>@I<domain> will be redirected to BOTH I<goto> and I<goto2>. Note that C<add-alias> forbids the creation of such multi-recipient aliases, unless B<--force> is set. +=item B<fripost> add-domain [B<--force>] [I<domain> [I<username>]] + +C<add-domain> is used add a new virtual domain to the system, unless +B<--pretend> is set. +If I<domain> is not given, the user is prompted for its value. +By default, C<add-domain> prompts for the owner(s) of the new +domain; Use the empty string I<''> in the command line to create a +"global" domain, only managed by Fripost's administrators. +An error is raised if I<domain> is an existing virtual domain unless +B<--force> is set, in which case +I<username> is simply added to the list of managers. + +=item B<fripost> add-user [I<username>] [B<--password=>I<password>] + +C<add-user> is used to add a new virtual mailbox to the system, unless +B<--pretend> is set. +If I<username> or I<password> are not given, the user is prompted for +their value. +If I<username> is not fully qualified, the domain C<fripost.org> is +appended. +An error is raised if I<username> is already an existing virtual user or +alias. +If I<password> is given, is it used RAW (not hashed). +This can be useful if the user does not want to give the clear copy but +only a hash, for example. +Using this option disables the sending of credentials. + +=item B<fripost> mkpass [I<password>] + +C<mkpass> is used to generate a salted SHA-1 hash of the given +I<password>. If no argument is given, the password is randomly +generated, respecting Fripost's password policy. + =item B<fripost> search-alias [B<-f>|B<--from>] [B<-g>|B<--goto>] [I<address>] C<search-alias> is used to list virtual aliases whose value or target @@ -181,21 +143,53 @@ To list matching aliases (resp., targets) only, use the flag B<-f> If no I<address> is given, C<search-alias> lists all existing virtual aliases. +=item B<fripost> search-domain [I<domain> [I<username>]] + +C<search-domain> is used to list virtual domains matching exactly I<domain>, +and whose owner is I<username>. +Wildcards I<*> can appear in I<domain>, to match zero or more characters. +If no I<username> is given, list all domains matching I<domain>, regardless +of the owner; If I<owner> is the empty string I<''>, list only the non +self-managed domains. +If neither I<domain> nor I<owner> are given, C<search-domain> lists +all existing virtual domains. + +=item B<fripost> search-user [I<username>] + +C<search-user> is used to +list virtual mailboxes whose username matches exactly I<username>. +Wildcards I<*> can appear in I<username>, to match zero or more characters. +If no I<username> is given, lists all existing mailboxes. + +If I<username> has no domain part, C<search-user> lists matching users for any +domains. +Otherwise, C<search-user> looks up the matching user parts for each matching +domain. +Because of these multiple searches, the use of wildcards on the domain +part of I<username> may be inefficient. + +=item B<fripost> user-passwd [I<username>] [B<--password=>I<password>] + +C<user-passwd> is used to change the password of I<username>, unless +B<--pretend> is set. +If I<username> or I<password> are not given, the user is prompted for +their value. +If I<username> is not fully qualified, the domain C<fripost.org> is appended. +An error is raised if I<username> is not an existing virtual user. +If I<password> is given, is it used RAW (not hashed). +This can be useful if the user does not want to give the clear copy but +only a hash, for example. +Using this option disables the sending of credentials. + =back =head1 OPTIONS =over 8 -=item B<--pretend> - -Dry-run all operations that is, do not modify the virtual lookup tables. -But still queries the LDAP server to ensure that the modification would -be safe. (For instance, ensure that a new user is not already existing.) - -=item B<--server_host=>I<host> +=item B<--base_dn=>I<basedn> -The LDAP URI to connect to. +The root DN for every communication to the LDAP server. Overrides the value read from the configuration file (see B<CONFIGURATION>) if present. @@ -212,20 +206,9 @@ The password to to bind with. Overrides the value read from the configuration file (see B<CONFIGURATION>) if present. -=item B<--base_dn=>I<basedn> - -The root DN for every communication to the LDAP server. -Overrides the value read from the configuration file (see -B<CONFIGURATION>) if present. - -=item B<--sign>[B<=>I<name>] +=item B<-d>, B<--debug> -Use I<name> as the key to sign all non-empty emails. If I<name> is empty -or not given, use the first key found in the secret keyring, see -B<gpg>(1). A running gpg-agent is required if the private key is -protected by a passphrase. -Overrides the value read from the configuration file (see -B<CONFIGURATION>) if present. +Debug mode. =item B<encrypt=>{I<never>|I<may>|I<secure>} @@ -243,13 +226,31 @@ B<CONFIGURATION>) if present. If one of the I<may> or I<secure> encryption level is chosen, encrypt for the user ID I<name>. -=item B<-v>, B<--verbose> +=item B<--pretend> -Verbose mode. +Dry-run all operations that is, do not modify the virtual lookup tables. +But still queries the LDAP server to ensure that the modification would +be safe. (For instance, ensure that a new user is not already existing.) -=item B<-d>, B<--debug> -Debug mode. +=item B<--server_host=>I<host> + +The LDAP URI to connect to. +Overrides the value read from the configuration file (see +B<CONFIGURATION>) if present. + +=item B<--sign>[B<=>I<name>] + +Use I<name> as the key to sign all non-empty emails. If I<name> is empty +or not given, use the first key found in the secret keyring, see +B<gpg>(1). A running gpg-agent is required if the private key is +protected by a passphrase. +Overrides the value read from the configuration file (see +B<CONFIGURATION>) if present. + +=item B<-v>, B<--verbose> + +Verbose mode. =back @@ -261,14 +262,14 @@ Valid keys include: =over 4 -=item I<server_host> - -The LDAP URI to connect to. Defaults to C<ldap://127.0.0.1:389>. - =item I<admin_email> The I<From:> e-mail address to use. Defaults to C<admin@fripost.org>. +=item I<base_dn> + +The root DN for every communication to the LDAP server. + =item I<bind_dn> The Distinguished Name (DN) to bind to the LDAP directory. @@ -278,17 +279,6 @@ The Distinguished Name (DN) to bind to the LDAP directory. The password to to bind with. -=item I<base_dn> - -The root DN for every communication to the LDAP server. - -=item I<sign> - -The key used to sign all non-empty emails. If no key is given, -use the first one found in the secret keyring, see B<gpg>(1). -A running gpg-agent is required if the private key is -protected by a passphrase. - =item I<encrypt> Tells whether non-empty emails should be encrypted. @@ -299,6 +289,17 @@ keyring. I<secure> will disallow the sending of all non-empty clear emails (not recommended). +=item I<server_host> + +The LDAP URI to connect to. Defaults to C<ldap://127.0.0.1:389>. + +=item I<sign> + +The key used to sign all non-empty emails. If no key is given, +use the first one found in the secret keyring, see B<gpg>(1). +A running gpg-agent is required if the private key is +protected by a passphrase. + =back =cut |