sqlite3: Error setting password using password plugin

[naidu]

I have a roundcube installation which uses sqlite3 database. I tried to enable the password plugin.

I see below error whenever I try to set the password:

[21-Mar-2017 13:00:31 +0100]: DB Error: [1] no such function: update_passwd (SQL Query: SELECT update_passwd('$1$LXeDlIT0$NGunS8gcCOSrKK2ZJ6RIW/', '[email protected]')) in /opt/www/webmail/program/lib/Roundcube/rcube_db.php on line 539 (POST /webmail/?_task=settings&_action=plugin.password-save)

The internet is full of using mysql as the database. I think I have to update the password change query in

/opt/www/webmail/plugins/password/config.inc.php

from

$sql = 'SELECT update_passwd(%c, %u)';

to

$sql = 'UPDATE mailaccount SET password=%c WHERE nname=%u LIMIT 1';

The UPDATE statement above is valid for mysql. What is the equivalent for sqlite3 database?

[SKaero]

You need to update the password in the mail server database not the Roundcube database.

[naidu]

Thank you for the hint.  I see that the password is stored as SHA512-CRYPT.

Which setting in config.inc.php should be changed so that the new password also uses the same crypto?  Is it

$config['password_algorithm'] = 'clear'; or
$config['password_crypt_hash'] = 'md5';

Using the correct one is necessary here I guess otherwise the later will break.

[naidu]

And the error has moved to below:

[21-Mar-2017 16:17:59 +0100]: <l9m5nfnk> DB Error: [14] unable to open database file (SQL Query: UPDATE users SET password='$1$c..7hjE.$bSFeqf.Y4D3nYZW3qZmSP1' WHERE address='[email protected]' LIMIT 1) in /opt/www/webmail/program/lib/Roundcube/rcube_db.php on line 539 (POST /webmail/?_task=settings&_action=plugin.password-save)

I verified that the db has 664 as the permission + www-data is the group owner.

[SKaero]

Are you setting the $config['password_db_dsn'] line?

[naidu]

Yes.  I did that. 

Then I received "Permission denied" error. 

When I looked the file permission, it was like:

-rw-r--r-- mail mail users.db.

I changed it to look like

-rw-rw-r-- mail www-data users.db

After this change, now the error is like I posted.

[SKaero]

The web server process that is running Roundcube will need to be able to access it. I can't really help with that since I don't know how your users on the server are setup.

[naidu]

The db path is mentioned like this:

$config['password_db_dsn'] = 'sqlite:////data/users.db.backup';

Does that look good?.  Also why I changed to www-data is because the rouncube db has same user as the owner of the file.

[naidu]

ps aux gives me below ouput.

--stripped --
www-data   575  0.0  0.1  65568  3292 ?        S    16:51   0:00 nginx: worker process
www-data   576  0.0  0.0  65184  1424 ?        S    16:51   0:00 nginx: worker process
mail       592  0.0  0.3 347908  7120 ?        S    16:51   0:00 php-fpm: pool admin
mail       593  0.0  0.3 347908  7120 ?        S    16:51   0:00 php-fpm: pool admin
www-data   594  0.0  0.8 354568 16284 ?        S    16:51   0:00 php-fpm: pool www
www-data   595  0.0  0.8 350452 16060 ?        S    16:51   0:00 php-fpm: pool www
--stripped --

Does this output gives you any clue?

I have also set the file permission to 666 but still get the same error.

[SKaero]

You'd want the user to be "mail" not "www-data" because php-fpm is running Roundcube. Nginx is just proxying the connection to php-fpm.

[naidu]

Thanks for the clarification. 
Irrespective of the user, my current permission of the database file looks like below:

-rw-rw-rw-.  1 mail     mail     16384 Mar 21 17:14 users.db.backup

Shouldn't this be sufficient?  But still get

[21-Mar-2017 17:25:51 +0100]: <l9m5nfnk> DB Error: [14] unable to open database file (SQL Query: UPDATE users SET password='$1$Sb9plsl.$PXloGNh/LkexEKwKwL7sj/' WHERE address='[email protected]' LIMIT 1) in /opt/www/webmail/program/lib/Roundcube/rcube_db.php on line 539 (POST /webmail/?_task=settings&_action=plugin.password-save)

[SKaero]

As far as I know thats fine, I don't use sqlite so I maybe missing something there.

[rm13]

I don't use sqlite either, but your probably do not want world read/write on that db file.