Edit roundcube main config.inc.php
and add the plugin name 'password' to the plugins array() as shown below, to activate the plugin:
// List of active plugins (in plugins/ directory)
$config['plugins'] = array('password');
You may also note down the DSN used by roundcube to connect to the 'roundcube' mysql database $config['db_dsnw'] = 'mysql://user:pass@localhost/roundcube'
cd into .../roundcube_www_root/plugins/password/
and create config.inc.php
# cp config.inc.php.dist config.inc.php
# vi config.inc.php
Edit the following lines in the password plugin's config.inc.php
:
<?php
$config['password_driver'] = 'sql';
$config['password_confirm_current'] = true;
$config['password_minimum_length'] = 8;
$config['password_require_nonalpha'] = false;
$config['password_log'] = false;
$config['password_login_exceptions'] = null;
// If the server is accessed via fqdn, replace localhost by the fqdn:
$config['password_hosts'] = array('127.0.0.1');
$config['password_force_save'] = true;
// SQL Driver options
$config['password_db_dsn'] = 'mysql://user:pass@localhost/maildb';
// SQL Update Query with encrypted password using random 8 character salt
$config['password_query'] = 'UPDATE users SET crypt=ENCRYPT(%p,CONCAT(_utf8\'$5$\',RIGHT(MD5(RAND()),8),_utf8\'$\')) WHERE id=%u LIMIT 1';
...
To use SHA-512
password hashes instead of SHA-256
, set the $id$
to $6$
(see also man 3 crypt
):
$config['password_query'] = 'UPDATE users SET crypt=ENCRYPT(%p,CONCAT(_utf8\'$6$\',RIGHT(MD5(RAND()),8),_utf8\'$\')) WHERE id=%u LIMIT 1';
See .../plugins/password/README
and .../plugins/password/config.inc.php.dist
for more info.
Assuming you will use the same mysql user for the password plugin to update the password, you have to GRANT SELECT and UPDATE privileges on the table 'users' in 'maildb' to the 'roundcube' mysql user:
# mysql -u root -p
mysql > GRANT SELECT,UPDATE ON maildb.users TO 'roundcube'@'localhost';
mysql > FLUSH PRIVILEGES;
mysql > quit
#
That's it. If you encounter problems, tail the roundcube error log:
# tail -f ../../logs/error