[hcoop/debian/courier-authlib.git] / userdb / makeuserdb.html.in

<?xml version="1.0"?>
<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>makeuserdb</title><link rel="stylesheet" href="style.css" type="text/css"/><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"/><link rel="start" href="#makeuserdb" title="makeuserdb"/><link xmlns="" rel="stylesheet" type="text/css" href="manpage.css"/><meta xmlns="" name="MSSmartTagsPreventParsing" content="TRUE"/><link xmlns="" rel="icon" href="icon.gif" type="image/gif"/><!--

Copyright 1998 - 2007 Double Precision, Inc.  See COPYING for distribution
information.

--></head><body><div class="refentry" lang="en" xml:lang="en"><a id="makeuserdb" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>makeuserdb — create @userdb@</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">makeuserdb</code>  [-f <em class="replaceable"><code>filename</code></em>]</p></div><div class="cmdsynopsis"><p><code class="command">pw2userdb</code> </p></div><div class="cmdsynopsis"><p><code class="command">vchkpw2userdb</code>  [--vpopmailhome=<em class="replaceable"><code>dir</code></em>] [--todir=<em class="replaceable"><code>dir</code></em>]</p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id418905" shape="rect"> </a><h2>DESCRIPTION</h2><p>
<span class="command"><strong>makeuserdb</strong></span> creates <code class="filename">@userdb@.dat</code> from
the contents of <code class="filename">@userdb@</code>.
<code class="filename">@userdb@</code>'s contents are described later in this document.
<span class="application">Maildrop</span>,
<span class="application">Courier</span>, and other applications use
<code class="filename">@userdb@.dat</code> as a
substitute/complement for your system password file.
The usual purpose for
<code class="filename">@userdb@.dat</code> is to specify "virtual" accounts - accounts
that do
not have an associated system login.
Usually (but not necessarily) all virtual accounts share the same
system userid.
<code class="filename">@userdb@.dat</code> may also replace
your system password file. Because the system password file is a text file,
when there's a large number of accounts it will be significantly faster to
search
<code class="filename">@userdb.dat@</code>, which is a binary database,
instead of a flat text file that the system password file usually is.</p><p>
The <span class="command"><strong>makeuserdb</strong></span> command can be safely executed during
normal system activity.</p><p>
The <code class="option">-f</code> option creates
<code class="filename"><em class="replaceable"><code>filename</code></em>.dat</code> from
<code class="filename"><em class="replaceable"><code>filename</code></em></code>, instead of the
default <code class="filename">@userdb@.dat</code> from
<code class="filename">@userdb@</code>.</p><div class="refsect2" lang="en" xml:lang="en"><a id="id383715" shape="rect"> </a><h3>Format of <code class="filename">@userdb@</code></h3><p>
<code class="filename">@userdb@</code> is a plain text file that can be created using
any text editor. Blank lines are ignored. Lines that start with the #
character are comments, and are also ignored.
Other lines define properties of a single
"account", one line per account.
<code class="filename">@userdb@</code> may be a directory instead of a plain file.
In that case all files in <code class="filename">@userdb@</code> are essentially
concatenated, and are treated as a single file.
Each line takes the following format:</p><div class="blockquote"><blockquote class="blockquote"><div class="informalexample"><div class="literallayout"><p><em class="replaceable"><code>name</code></em><span class="token">&lt;TAB&gt;</span><em class="replaceable"><code>field</code></em>=<em class="replaceable"><code>value</code></em>|<em class="replaceable"><code>field</code></em>=<em class="replaceable"><code>value</code></em>...</p></div></div></blockquote></div><p><em class="replaceable"><code>name</code></em> is the account name.
<em class="replaceable"><code>name</code></em> MUST contain only lowercase characters 
If <span class="application">Courier</span> is
configured to treat lowercase and uppercase account names as
identical, <em class="replaceable"><code>name</code></em> is followed by exactly one tab
character, then a list of field/value pairs separated by vertical slashes.
<em class="replaceable"><code>field</code></em> is the name of the field,
<em class="replaceable"><code>value</code></em> is the field value.
Fields and values themself cannot contain slashes or control characters.
Fields may be
specified in any order. Here are all the currently defined fields.  Note that
not every field is used by every application that reads
<code class="filename">@userdb@.dat</code>.</p><div class="blockquote"><blockquote class="blockquote"><p>
<em class="parameter"><code>uid</code></em> - <em class="replaceable"><code>value</code></em> is a (possibly)
unique numerical user ID for this account.</p><p>
<em class="parameter"><code>gid</code></em> - <em class="replaceable"><code>value</code></em> is a (possibly)
unique numerical group ID for this account.</p><p>
<em class="parameter"><code>home</code></em> - <em class="replaceable"><code>value</code></em> is the account's home
directory.</p><p>
<em class="parameter"><code>shell</code></em> - <em class="replaceable"><code>value</code></em> is the account's default
login shell.</p><p>
<em class="parameter"><code>systempw</code></em> - <em class="replaceable"><code>value</code></em> is the account's
password. See
<a class="ulink" href="userdbpw.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">userdbpw</span>(8)</span></a>
for details on how to set up this field.</p><p>
<em class="parameter"><code>pop3pw, esmtppw, imappw...</code></em> - <em class="replaceable"><code>value</code></em>
specifies a separate password used only for authenticating access using a
specific service, such as POP3, IMAP, or anything else. If not defined,
<em class="parameter"><code>systempw</code></em> is always used. This allows access to an account to be
restricted only to certain services, such as POP3, even if other services
are also enabled on the server.</p><p>
<em class="parameter"><code>mail</code></em> - <em class="replaceable"><code>value</code></em> specifies the location of
the account's Maildir mailbox. This is an optional field that is normally
used when <span class="command"><strong>userdb</strong></span> is used to provide aliases for other
mail accounts.  For example, one particular multi-domain E-mail
service configuration
that's used by both <span class="application">Qmail</span> and
<span class="application">Courier</span> servers is to deliver mail for a
mailbox in a virtual domain, such as "user@example.com", to a local mailbox
called "example-user".  Instead of requiring the E-mail account
holder to log in as
"example-user" to download mail from this account, a <span class="command"><strong>userdb</strong></span>
entry for "user@example.com" is set up with <em class="parameter"><code>mail</code></em> set to the
location of example-user's Maildir mailbox, thus hiding the internal
mail configuration from the E-mail account holder's view.</p><p>
<em class="parameter"><code>quota</code></em> - <em class="replaceable"><code>value</code></em> specifies the
maildir quota for the account's Maildir.
This has nothing to do with actual filesystem quotas.
<span class="application">Courier</span> has a
software-based Maildir quota enforcement
mechanism which requires additional setup and configuration.
See
<a class="ulink" href="maildirquota.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">maildirquota</span>(7)</span></a>
for additional information.</p></blockquote></div></div><div class="refsect2" lang="en" xml:lang="en"><a id="id384001" shape="rect"> </a><h3><code class="filename">@userdb@shadow.dat</code></h3><p>
All fields whose name ends with 'pw' will NOT copied to
<code class="filename">@userdb@.dat</code>. These fields will be copied to
<code class="filename">@userdb@shadow.dat</code>.
<span class="command"><strong>makeuserdb</strong></span> creates <code class="filename">@userdb@shadow.dat</code>
without any group and world permissions.
Note that <span class="command"><strong>makeuserdb</strong></span> reports an error
if <span class="command"><strong>@userdb@</strong></span> has any group
or world permissions.</p></div><div class="refsect2" lang="en" xml:lang="en"><a id="id428252" shape="rect"> </a><h3>CONVERTING <code class="filename">/etc/passwd</code>
and vpopmail to <code class="filename">@userdb@</code> format</h3><p>
<span class="command"><strong>pw2userdb</strong></span> reads the <code class="filename">/etc/passwd</code> and
<code class="filename">/etc/shadow</code> files and converts all entries to the
<code class="filename">@userdb@</code> format,
printing the result on standard output.
The output of <span class="command"><strong>pw2userdb</strong></span>
can be saved as <span class="command"><strong>@userdb@</strong></span> (or as some file in this
subdirectory).
Linear searches of <code class="filename">/etc/passwd</code> can
be very slow when you have
tens of thousands of accounts.
Programs like <span class="command"><strong>maildrop</strong></span> always look in
<code class="filename">@userdb@</code> first.
By saving the system password file in
<code class="filename">@userdb@</code> it is possible to significantly reduce the
amount of
time it takes to look up this information.</p><p>
After saving the output of <span class="command"><strong>pw2userdb</strong></span>, you must still run
<span class="command"><strong>makeuserdb</strong></span> to create
<code class="filename">@userdb@.dat</code>.</p><p>
<span class="command"><strong>vchkpw2userdb</strong></span> converts a vpopmail-style
directory hierarchy to the <code class="filename">@userdb@</code> format.
This is an external virtual domain management package that's often used
with <span class="application">Qmail</span> servers.</p><p>
Generally, an account named 'vpopmail' is reserved for this purpose.
In
that account the file <code class="filename">users/vpasswd</code> has the same
layout as
<code class="filename">/etc/passwd</code>, and performs a similar function, except
that all userid in <code class="filename">users/vpasswd</code> have the same userid.
Additionally, the
<code class="filename">domains</code> subdirectory stores virtual accounts for
multiple domains.  For example,
<code class="filename">domains/example.com/vpasswd</code>
has the passwd file for the domain <em class="parameter"><code>example.com</code></em>.
Some systems also have a soft link, <em class="parameter"><code>domains/default</code></em>,
that points to a domain that's considered a "default" domain.</p><p>
The <span class="command"><strong>vchkpw2userdb</strong></span> reads all this information, and tries to
convert it into the <code class="filename">@userdb@</code> format.  The
<em class="parameter"><code>--vpopmailhost</code></em> option specifies the top level
directory, if it is
not the home directory of the vpopmail account.</p><p>
The <span class="command"><strong>vchkpw2userdb</strong></span> script prints the results on standard
output. If specified, the <em class="parameter"><code>--todir</code></em> option
tries to convert all
<code class="filename">vpasswd</code> files one at a time, saving each one
individually in <em class="replaceable"><code>dir</code></em>. For example:</p><div class="blockquote"><blockquote class="blockquote"><div class="informalexample"><div class="literallayout"><p><br clear="none"/>
mkdir @userdb@<br clear="none"/>
vchkpw2userdb --todir=@userdb@/vpopmail<br clear="none"/>
makeuserdb<br clear="none"/>
</p></div></div></blockquote></div><p>
It is still necessary to run <span class="command"><strong>makeuserdb</strong></span>, of course, to
create the binary database file <code class="filename">@userdb@.dat</code></p><p>
NOTE:  You are still required to create the <span class="command"><strong>@userdb@</strong></span> entry
which maps
system userids back to accounts,
"<em class="replaceable"><code>uid</code></em>=<span class="token">&lt;TAB&gt;</span><em class="replaceable"><code>name</code></em>",
if that's applicable. <span class="command"><strong>vchkpw2userdb</strong></span> will not do it for
you.</p><p>
NOTE:  <span class="command"><strong>makeuserdb</strong></span> may complain about duplicate entries, if
your "default" entries in <code class="filename">users/vpasswd</code> or
<code class="filename">domains/default/vpasswd</code> are the same as anything in any
other <code class="filename">@userdb@</code> file.  It is also likely that you'll end
up with duplicate, but distinct, entries for every account in the default
domain.  For
example, if your default domain is example.com, you'll end up with duplicate
entries - you'll have entries for both <em class="parameter"><code>user</code></em> and
<em class="parameter"><code>user@example.com</code></em>.</p><p>If you intend to maintain the master set of accounts using
vchkpw/vpopmail,
in order to avoid cleaning this up every time, you might want to consider
doing the following: run <span class="command"><strong>vchkpw2userdb</strong></span> once, using the
<em class="parameter"><code>--todir</code></em> option.
Then, go into the resulting directory, and
replace one of the redundant files with a soft link to
<code class="filename">/dev/null</code>.
This allows you to run
<span class="command"><strong>vchkpw2userdb</strong></span> without having to go in and
cleaning up again, afterwards.</p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id428564" shape="rect"> </a><h2>FILES</h2><div class="literallayout"><p><br clear="none"/>
<code class="filename">@userdb@</code><br clear="none"/>
<code class="filename">@userdb@.dat</code><br clear="none"/>
<code class="filename">@userdb@shadow.dat</code><br clear="none"/>
<code class="filename">@tmpdir@/userdb.tmp</code> - temporary file<br clear="none"/>
<code class="filename">@tmpdir@/userdbshadow.tmp</code> - temporary file<br clear="none"/>
</p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id428604" shape="rect"> </a><h2>BUGS</h2><p><span class="command"><strong>makeuserdb</strong></span> is a Perl script, and uses Perl's portable
locking.
Perl's documentation notes that certain combinations of locking options may
not work with some networks.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id428619" shape="rect"> </a><h2>SEE ALSO</h2><p>
<a class="ulink" href="userdb.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">userdb</span>(8)</span></a>,
<a class="ulink" href="maildrop.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">maildrop</span>(8)</span></a>,
<a class="ulink" href="courier.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">courier</span>(8)</span></a>,
<a class="ulink" href="maildirquota.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">maildirquota</span>(7)</span></a>.
</p></div></div></body></html>
Commit	Line	Data
d9898ee8	1	<?xml version="1.0"?>
8d138742	2	<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/><title>makeuserdb</title><link rel="stylesheet" href="style.css" type="text/css"/><meta name="generator" content="DocBook XSL Stylesheets V1.73.2"/><link rel="start" href="#makeuserdb" title="makeuserdb"/><link xmlns="" rel="stylesheet" type="text/css" href="manpage.css"/><meta xmlns="" name="MSSmartTagsPreventParsing" content="TRUE"/><link xmlns="" rel="icon" href="icon.gif" type="image/gif"/><!--
d9898ee8	3
	4	Copyright 1998 - 2007 Double Precision, Inc. See COPYING for distribution
	5	information.
	6
8d138742 CE	7	--></head><body><div class="refentry" lang="en" xml:lang="en"><a id="makeuserdb" shape="rect"> </a><div class="titlepage"/><div class="refnamediv"><h2>Name</h2><p>makeuserdb — create @userdb@</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="cmdsynopsis"><p><code class="command">makeuserdb</code> [-f <em class="replaceable"><code>filename</code></em>]</p></div><div class="cmdsynopsis"><p><code class="command">pw2userdb</code> </p></div><div class="cmdsynopsis"><p><code class="command">vchkpw2userdb</code> [--vpopmailhome=<em class="replaceable"><code>dir</code></em>] [--todir=<em class="replaceable"><code>dir</code></em>]</p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id418905" shape="rect"> </a><h2>DESCRIPTION</h2><p>
8d138742 CE	8	<span class="command"><strong>makeuserdb</strong></span> creates <code class="filename">@userdb@.dat</code> from
d9898ee8	9	the contents of <code class="filename">@userdb@</code>.
	10	<code class="filename">@userdb@</code>'s contents are described later in this document.
	11	<span class="application">Maildrop</span>,
	12	<span class="application">Courier</span>, and other applications use
	13	<code class="filename">@userdb@.dat</code> as a
	14	substitute/complement for your system password file.
	15	The usual purpose for
	16	<code class="filename">@userdb@.dat</code> is to specify "virtual" accounts - accounts
	17	that do
	18	not have an associated system login.
	19	Usually (but not necessarily) all virtual accounts share the same
	20	system userid.
	21	<code class="filename">@userdb@.dat</code> may also replace
	22	your system password file. Because the system password file is a text file,
	23	when there's a large number of accounts it will be significantly faster to
	24	search
	25	<code class="filename">@userdb.dat@</code>, which is a binary database,
	26	instead of a flat text file that the system password file usually is.</p><p>
8d138742	27	The <span class="command"><strong>makeuserdb</strong></span> command can be safely executed during
d9898ee8	28	normal system activity.</p><p>
	29	The <code class="option">-f</code> option creates
	30	<code class="filename"><em class="replaceable"><code>filename</code></em>.dat</code> from
	31	<code class="filename"><em class="replaceable"><code>filename</code></em></code>, instead of the
	32	default <code class="filename">@userdb@.dat</code> from
8d138742	33	<code class="filename">@userdb@</code>.</p><div class="refsect2" lang="en" xml:lang="en"><a id="id383715" shape="rect"> </a><h3>Format of <code class="filename">@userdb@</code></h3><p>
d9898ee8	34	<code class="filename">@userdb@</code> is a plain text file that can be created using
	35	any text editor. Blank lines are ignored. Lines that start with the #
	36	character are comments, and are also ignored.
	37	Other lines define properties of a single
	38	"account", one line per account.
	39	<code class="filename">@userdb@</code> may be a directory instead of a plain file.
	40	In that case all files in <code class="filename">@userdb@</code> are essentially
	41	concatenated, and are treated as a single file.
	42	Each line takes the following format:</p><div class="blockquote"><blockquote class="blockquote"><div class="informalexample"><div class="literallayout"><p><em class="replaceable"><code>name</code></em><span class="token"><TAB></span><em class="replaceable"><code>field</code></em>=<em class="replaceable"><code>value</code></em>\|<em class="replaceable"><code>field</code></em>=<em class="replaceable"><code>value</code></em>...</p></div></div></blockquote></div><p><em class="replaceable"><code>name</code></em> is the account name.
	43	<em class="replaceable"><code>name</code></em> MUST contain only lowercase characters
	44	If <span class="application">Courier</span> is
	45	configured to treat lowercase and uppercase account names as
	46	identical, <em class="replaceable"><code>name</code></em> is followed by exactly one tab
	47	character, then a list of field/value pairs separated by vertical slashes.
	48	<em class="replaceable"><code>field</code></em> is the name of the field,
	49	<em class="replaceable"><code>value</code></em> is the field value.
	50	Fields and values themself cannot contain slashes or control characters.
	51	Fields may be
	52	specified in any order. Here are all the currently defined fields. Note that
	53	not every field is used by every application that reads
	54	<code class="filename">@userdb@.dat</code>.</p><div class="blockquote"><blockquote class="blockquote"><p>
	55	<em class="parameter"><code>uid</code></em> - <em class="replaceable"><code>value</code></em> is a (possibly)
	56	unique numerical user ID for this account.</p><p>
	57	<em class="parameter"><code>gid</code></em> - <em class="replaceable"><code>value</code></em> is a (possibly)
	58	unique numerical group ID for this account.</p><p>
	59	<em class="parameter"><code>home</code></em> - <em class="replaceable"><code>value</code></em> is the account's home
	60	directory.</p><p>
	61	<em class="parameter"><code>shell</code></em> - <em class="replaceable"><code>value</code></em> is the account's default
	62	login shell.</p><p>
	63	<em class="parameter"><code>systempw</code></em> - <em class="replaceable"><code>value</code></em> is the account's
	64	password. See
8d138742	65	<a class="ulink" href="userdbpw.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">userdbpw</span>(8)</span></a>
d9898ee8	66	for details on how to set up this field.</p><p>
	67	<em class="parameter"><code>pop3pw, esmtppw, imappw...</code></em> - <em class="replaceable"><code>value</code></em>
	68	specifies a separate password used only for authenticating access using a
	69	specific service, such as POP3, IMAP, or anything else. If not defined,
	70	<em class="parameter"><code>systempw</code></em> is always used. This allows access to an account to be
	71	restricted only to certain services, such as POP3, even if other services
	72	are also enabled on the server.</p><p>
	73	<em class="parameter"><code>mail</code></em> - <em class="replaceable"><code>value</code></em> specifies the location of
	74	the account's Maildir mailbox. This is an optional field that is normally
8d138742	75	used when <span class="command"><strong>userdb</strong></span> is used to provide aliases for other
d9898ee8	76	mail accounts. For example, one particular multi-domain E-mail
	77	service configuration
	78	that's used by both <span class="application">Qmail</span> and
	79	<span class="application">Courier</span> servers is to deliver mail for a
	80	mailbox in a virtual domain, such as "user@example.com", to a local mailbox
	81	called "example-user". Instead of requiring the E-mail account
	82	holder to log in as
8d138742	83	"example-user" to download mail from this account, a <span class="command"><strong>userdb</strong></span>
d9898ee8	84	entry for "user@example.com" is set up with <em class="parameter"><code>mail</code></em> set to the
	85	location of example-user's Maildir mailbox, thus hiding the internal
	86	mail configuration from the E-mail account holder's view.</p><p>
	87	<em class="parameter"><code>quota</code></em> - <em class="replaceable"><code>value</code></em> specifies the
	88	maildir quota for the account's Maildir.
	89	This has nothing to do with actual filesystem quotas.
	90	<span class="application">Courier</span> has a
	91	software-based Maildir quota enforcement
	92	mechanism which requires additional setup and configuration.
	93	See
8d138742 CE	94	<a class="ulink" href="maildirquota.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">maildirquota</span>(7)</span></a>
8d138742 CE	95	for additional information.</p></blockquote></div></div><div class="refsect2" lang="en" xml:lang="en"><a id="id384001" shape="rect"> </a><h3><code class="filename">@userdb@shadow.dat</code></h3><p>
d9898ee8	96	All fields whose name ends with 'pw' will NOT copied to
	97	<code class="filename">@userdb@.dat</code>. These fields will be copied to
	98	<code class="filename">@userdb@shadow.dat</code>.
8d138742	99	<span class="command"><strong>makeuserdb</strong></span> creates <code class="filename">@userdb@shadow.dat</code>
d9898ee8	100	without any group and world permissions.
8d138742 CE	101	Note that <span class="command"><strong>makeuserdb</strong></span> reports an error
	102	if <span class="command"><strong>@userdb@</strong></span> has any group
	103	or world permissions.</p></div><div class="refsect2" lang="en" xml:lang="en"><a id="id428252" shape="rect"> </a><h3>CONVERTING <code class="filename">/etc/passwd</code>
d9898ee8	104	and vpopmail to <code class="filename">@userdb@</code> format</h3><p>
8d138742	105	<span class="command"><strong>pw2userdb</strong></span> reads the <code class="filename">/etc/passwd</code> and
d9898ee8	106	<code class="filename">/etc/shadow</code> files and converts all entries to the
	107	<code class="filename">@userdb@</code> format,
	108	printing the result on standard output.
8d138742 CE	109	The output of <span class="command"><strong>pw2userdb</strong></span>
8d138742 CE	110	can be saved as <span class="command"><strong>@userdb@</strong></span> (or as some file in this
d9898ee8	111	subdirectory).
	112	Linear searches of <code class="filename">/etc/passwd</code> can
	113	be very slow when you have
	114	tens of thousands of accounts.
8d138742	115	Programs like <span class="command"><strong>maildrop</strong></span> always look in
d9898ee8	116	<code class="filename">@userdb@</code> first.
	117	By saving the system password file in
	118	<code class="filename">@userdb@</code> it is possible to significantly reduce the
	119	amount of
	120	time it takes to look up this information.</p><p>
8d138742 CE	121	After saving the output of <span class="command"><strong>pw2userdb</strong></span>, you must still run
8d138742 CE	122	<span class="command"><strong>makeuserdb</strong></span> to create
d9898ee8	123	<code class="filename">@userdb@.dat</code>.</p><p>
8d138742	124	<span class="command"><strong>vchkpw2userdb</strong></span> converts a vpopmail-style
d9898ee8	125	directory hierarchy to the <code class="filename">@userdb@</code> format.
	126	This is an external virtual domain management package that's often used
	127	with <span class="application">Qmail</span> servers.</p><p>
	128	Generally, an account named 'vpopmail' is reserved for this purpose.
	129	In
	130	that account the file <code class="filename">users/vpasswd</code> has the same
	131	layout as
	132	<code class="filename">/etc/passwd</code>, and performs a similar function, except
	133	that all userid in <code class="filename">users/vpasswd</code> have the same userid.
	134	Additionally, the
	135	<code class="filename">domains</code> subdirectory stores virtual accounts for
	136	multiple domains. For example,
	137	<code class="filename">domains/example.com/vpasswd</code>
	138	has the passwd file for the domain <em class="parameter"><code>example.com</code></em>.
	139	Some systems also have a soft link, <em class="parameter"><code>domains/default</code></em>,
	140	that points to a domain that's considered a "default" domain.</p><p>
8d138742	141	The <span class="command"><strong>vchkpw2userdb</strong></span> reads all this information, and tries to
d9898ee8	142	convert it into the <code class="filename">@userdb@</code> format. The
	143	<em class="parameter"><code>--vpopmailhost</code></em> option specifies the top level
	144	directory, if it is
	145	not the home directory of the vpopmail account.</p><p>
8d138742	146	The <span class="command"><strong>vchkpw2userdb</strong></span> script prints the results on standard
d9898ee8	147	output. If specified, the <em class="parameter"><code>--todir</code></em> option
	148	tries to convert all
	149	<code class="filename">vpasswd</code> files one at a time, saving each one
	150	individually in <em class="replaceable"><code>dir</code></em>. For example:</p><div class="blockquote"><blockquote class="blockquote"><div class="informalexample"><div class="literallayout"><p><br clear="none"/>
	151	mkdir @userdb@<br clear="none"/>
	152	vchkpw2userdb --todir=@userdb@/vpopmail<br clear="none"/>
	153	makeuserdb<br clear="none"/>
	154	</p></div></div></blockquote></div><p>
8d138742	155	It is still necessary to run <span class="command"><strong>makeuserdb</strong></span>, of course, to
d9898ee8	156	create the binary database file <code class="filename">@userdb@.dat</code></p><p>
8d138742	157	NOTE: You are still required to create the <span class="command"><strong>@userdb@</strong></span> entry
d9898ee8	158	which maps
	159	system userids back to accounts,
	160	"<em class="replaceable"><code>uid</code></em>=<span class="token"><TAB></span><em class="replaceable"><code>name</code></em>",
8d138742	161	if that's applicable. <span class="command"><strong>vchkpw2userdb</strong></span> will not do it for
d9898ee8	162	you.</p><p>
8d138742	163	NOTE: <span class="command"><strong>makeuserdb</strong></span> may complain about duplicate entries, if
d9898ee8	164	your "default" entries in <code class="filename">users/vpasswd</code> or
	165	<code class="filename">domains/default/vpasswd</code> are the same as anything in any
	166	other <code class="filename">@userdb@</code> file. It is also likely that you'll end
	167	up with duplicate, but distinct, entries for every account in the default
	168	domain. For
	169	example, if your default domain is example.com, you'll end up with duplicate
	170	entries - you'll have entries for both <em class="parameter"><code>user</code></em> and
	171	<em class="parameter"><code>user@example.com</code></em>.</p><p>If you intend to maintain the master set of accounts using
	172	vchkpw/vpopmail,
	173	in order to avoid cleaning this up every time, you might want to consider
8d138742	174	doing the following: run <span class="command"><strong>vchkpw2userdb</strong></span> once, using the
d9898ee8	175	<em class="parameter"><code>--todir</code></em> option.
	176	Then, go into the resulting directory, and
	177	replace one of the redundant files with a soft link to
	178	<code class="filename">/dev/null</code>.
	179	This allows you to run
8d138742 CE	180	<span class="command"><strong>vchkpw2userdb</strong></span> without having to go in and
8d138742 CE	181	cleaning up again, afterwards.</p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id428564" shape="rect"> </a><h2>FILES</h2><div class="literallayout"><p><br clear="none"/>
d9898ee8	182	<code class="filename">@userdb@</code><br clear="none"/>
	183	<code class="filename">@userdb@.dat</code><br clear="none"/>
	184	<code class="filename">@userdb@shadow.dat</code><br clear="none"/>
	185	<code class="filename">@tmpdir@/userdb.tmp</code> - temporary file<br clear="none"/>
	186	<code class="filename">@tmpdir@/userdbshadow.tmp</code> - temporary file<br clear="none"/>
8d138742	187	</p></div></div><div class="refsect1" lang="en" xml:lang="en"><a id="id428604" shape="rect"> </a><h2>BUGS</h2><p><span class="command"><strong>makeuserdb</strong></span> is a Perl script, and uses Perl's portable
d9898ee8	188	locking.
d9898ee8	189	Perl's documentation notes that certain combinations of locking options may
8d138742 CE	190	not work with some networks.</p></div><div class="refsect1" lang="en" xml:lang="en"><a id="id428619" shape="rect"> </a><h2>SEE ALSO</h2><p>
	191	<a class="ulink" href="userdb.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">userdb</span>(8)</span></a>,
	192	<a class="ulink" href="maildrop.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">maildrop</span>(8)</span></a>,
	193	<a class="ulink" href="courier.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">courier</span>(8)</span></a>,
	194	<a class="ulink" href="maildirquota.html" target="_top" shape="rect"><span class="citerefentry"><span class="refentrytitle">maildirquota</span>(7)</span></a>.
d9898ee8	195	</p></div></div></body></html>