Add non-root TODO v0.6.x
authormartin f. krafft <madduck@madduck.net>
Sun, 08 Apr 2012 00:02:00 +0200
branchv0.6.x
changeset 497 5b9a03762813
parent 496 17f2c5b5098e
child 498 419c929739fd
Add non-root TODO
TODO
--- a/TODO	Sat Apr 07 20:38:48 2012 +0000
+++ b/TODO	Sun Apr 08 00:02:00 2012 +0200
@@ -14,3 +14,19 @@
 Database:
    public.users.digestmd5: add "character varying(48)"
 	Outlook will love it. (`doveadm pw -s DIGEST-MD5.hex -p 1 -u 0`)
+
+- Non-root usage [madduck@madduck.net]:
+    - Provide /usr/share/vmm/vmm-{mkdirs,rmdirs,du} setuid wrappers that do
+      precisely what they have to and no more. The should probably even call
+      /usr/share/vmm/vmm-wrapper-helper as unprivileged user to parse the
+      arguments, match them with the database and obtain the actual data to
+      process, e.g. email@add.ress → home directory mapping from the DB, or
+      obtaining the set of precreatable maildirs from the config.
+
+    - configset and configure need root, it is questionable whether these
+      can/should be wrapped, as they will be disabled anyway for Debian, and
+      they are root-like activities (unlike day-to-day postmaster work).
+
+    - Pascal suggested to use hooks:
+      07 23:36 <Faxe> zwei config settings handle_dir in domain und account
+      07 23:37 <Faxe> und dann post-{domain,user}add scripte, die den wrapper aufrufen