#!/bin/bash # Fix PostfixAdmin Password Hashing Configuration # This script fixes the dovecot password hashing error in PostfixAdmin # Author: Email Server Setup Script set -euo pipefail # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # No Color WEBROOT="/var/www/postfixadmin" CONFIG_FILE="$WEBROOT/config.local.php" error() { echo -e "${RED}ERROR: $1${NC}" >&2 exit 1 } info() { echo -e "${BLUE}INFO: $1${NC}" } success() { echo -e "${GREEN}SUCCESS: $1${NC}" } warning() { echo -e "${YELLOW}WARNING: $1${NC}" } # Check if running as root if [[ $EUID -ne 0 ]]; then error "This script must be run as root" fi # Check if config file exists if [[ ! -f "$CONFIG_FILE" ]]; then error "PostfixAdmin config file not found: $CONFIG_FILE" fi echo -e "${BLUE}PostfixAdmin Password Hashing Fix${NC}" echo "==================================" echo echo "This script fixes the dovecot password hashing error by switching" echo "from 'dovecot:SHA512-CRYPT' to 'php_crypt:SHA512' which doesn't" echo "require external dovecot commands." echo # Create backup backup_file="$CONFIG_FILE.backup.$(date +%Y%m%d_%H%M%S)" cp "$CONFIG_FILE" "$backup_file" info "Created backup: $backup_file" # Check if the problematic configuration exists if grep -q "dovecot:SHA512-CRYPT" "$CONFIG_FILE"; then info "Found problematic dovecot configuration, fixing..." # Replace the encrypt method sed -i "s/\$CONF\['encrypt'\] = 'dovecot:SHA512-CRYPT';/\$CONF['encrypt'] = 'php_crypt:SHA512';/" "$CONFIG_FILE" # Remove or comment out the dovecotpw line if it exists sed -i "/\$CONF\['dovecotpw'\]/d" "$CONFIG_FILE" success "Updated password encryption method to php_crypt:SHA512" elif grep -q "php_crypt:SHA512" "$CONFIG_FILE"; then success "Configuration already uses php_crypt:SHA512 - no changes needed" else warning "Could not find encryption configuration in config file" info "Adding php_crypt:SHA512 configuration..." # Add the encryption method before the closing PHP tag sed -i '/^?>/i \$CONF['\''encrypt'\''] = '\''php_crypt:SHA512'\'';' "$CONFIG_FILE" success "Added php_crypt:SHA512 configuration" fi # Verify the change if grep -q "php_crypt:SHA512" "$CONFIG_FILE"; then success "Configuration verified: using php_crypt:SHA512" else error "Verification failed - configuration may not have been updated correctly" fi # Set appropriate permissions chown www-data:www-data "$CONFIG_FILE" chmod 644 "$CONFIG_FILE" echo echo -e "${GREEN}PostfixAdmin password hashing fixed!${NC}" echo echo -e "${BLUE}What this script did:${NC}" echo "• Changed encryption from 'dovecot:SHA512-CRYPT' to 'php_crypt:SHA512'" echo "• Removed dovecotpw command dependency" echo "• Created a backup of your original config" echo "• Set appropriate file permissions" echo echo -e "${BLUE}What this means:${NC}" echo "• PostfixAdmin will use PHP's built-in crypt() function" echo "• No dependency on external dovecot commands" echo "• Passwords will still be SHA512-CRYPT compatible with Dovecot" echo "• The setup wizard should now work properly" echo echo -e "${YELLOW}Next steps:${NC}" echo "• Refresh your PostfixAdmin setup page" echo "• The password hashing error should be resolved" echo "• Continue with the setup wizard" echo echo -e "${YELLOW}Note: If you need to revert these changes,${NC}" echo -e "${YELLOW}restore the backup file: $backup_file${NC}"