Re: cyrus murder and some unclear things(cant create mailbox from frontend)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



If you want to use PAM (via saslauthd), then you shouldn't have to use 
saslpasswd2.  Like I said earlier, unless your IMAP client can do 
referrals, you only need the user credentials on the frontends.

If you're trying to delete a toplevel mailbox, you need to give the 
admin the 'c' right before you can delete the mailbox.


rupert wrote:
> i followed some howtos on the net and provides wit cyrus,
> it uses pam to store some stuff in a mysql 5.1 DB.
> i can only login with imtest when i create the user I created with 
> saslpasswd2 and "cm user.*"  also create this user in the DB,
> which was installed during the web-cyradmin installation.
> 
> Do I understand right that I have the db with the user accounts on the 
> frontend and the mailboxes on the backend, so I dont need any DB and 
> accounts in the sasldb1 on the backend?
> 
> Another point is that I cant delete any user with dm, it asks for a 
> password, when i enter the correct one it asks again until i enter a 
> wrong one..!
> 
> not an easy setup, but its making progress...
> 
> 
> 
> here are my config file:
> frontend/mupdater
> admins: cyrus cyrus-frontend cyrus-backend
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> #admins: cyrus
> sievedir: /var/lib/imap/sieve
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> 
> ##
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN LOGIN DIGEST-MD5
> sasl_auxprop_plugin: sasldb
> sasl_minimum_layer: 0
> sasl_auto_transition: no
> 
> #sasl_pwcheck_method: auxprop
> #sasl_auxprop_plugin: sasldb
> #sasl_auxprop_plugin: sql
> #sasl_sql_engine: mysql
> #sasl_sql_hostnames: localhost
> #sasl_sql_user: sqlpassword
> #sasl_sql_database: cyrus
> #sasl_sql_verbose: no
> #sasl_sql_select: SELECT password FROM cyrus_mail WHERE username = '%u' 
> AND active='1'
> #sasl_sql_usessl: 0
> #allowplaintext: yes
> 
> tls_cert_file: /etc/pki/cyrus-imapd/cyrus- imapd.pem
> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
> 
> postmaster: postmaster
> allowanonymouslogin: no
> allowplaintext: yes
> # servername: localhost
> autocreatequota: 10000
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> dracinterval: 0
> drachost: localhost
> sieve_maxscriptsize: 32
> sieve_maxscripts: 5
> #unixhierarchysep: yes
> #tls_ca_file:/var/lib/imap/server.pem
> #tls_cert_file:/var/lib/imap/server.pem
> #tls_key_file:/var/lib/imap/server.pem
> realm: mailfarm21.local
> ##################
> # MUPDATE Master #
> ##################
> servername: mail2.mailfarm21.local
> 
> 
> # hier kommt der backend server
> proxy_authname: cyrus-frontend
> mail1_password: secret
> proxy_password: secret
> #proxyservers: mail1.mailfarm21.local
> proxyd_disable_mailbox_referrals: 1
> 
> ## mupdate client?
> mupdate_server: mail2.mailfarm21.local
> mupdate_port: 3905
> mupdate_username: cyrus-frontend
> mupdate_authname: cyrus-frontend
> mupdate_password: secret
> 
> 
> 
> backend:
> 
> admins: cyrus cyrus-frontend cyrus-backend
> configdirectory: /var/lib/imap
> partition-default: /var/spool/imap
> 
> sievedir: /var/lib/imap/sieve
> sendmail: /usr/sbin/sendmail
> hashimapspool: true
> 
> tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
> 
> postmaster: postmaster
> allowanonymouslogin: no
> allowplaintext: yes
> servername: localhost
> autocreatequota: 10000
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> dracinterval: 0
> drachost: localhost
> sieve_maxscriptsize: 32
> sieve_maxscripts: 5
> #unixhierarchysep: yes
> #tls_ca_file:/var/lib/imap/server.pem
> #tls_cert_file:/var/lib/imap/server.pem
> #tls_key_file:/var/lib/imap/server.pem
> 
> ## sasl kram
> sasl_auxprop_plugin: sasldb
> sasl_pwcheck_method: saslauthd
> #sasl_pwcheck_method: auxprop
> sasl_mech_list: plain login DIGEST-MD5
> 
> 
> #################
> # mupdate slave #
> #################
> mupdate_server: mail2.mailfarm21.local
> mupdate_port: 3905
> mupdate_username: cyrus-backend
> mupdate_authname: cyrus-backend
> mupdate_password: secret
> #mupdate_config: unified
> 
> # frontendzugriff
> proxyservers: mail2.mailfarm21.local
> proxy_authname: cyrus-backend
> 
> # transfer between backends
> allowusermoves: yes
> allowsubscribes: yes
> 
> cyrus.conf
> 
> # standard standalone server implementation
> 
> START {
>   # do not delete this entry!
>   recover    cmd="ctl_cyrusdb -r"
> 
>   # this is only necessary if using idled for IMAP IDLE
>   idled        cmd="idled"
> #
> # resync the mailbox with the master at startup
> mupdatepush   cmd="ctl_mboxlist -m"
> }
> 
> # UNIX sockets start with a slash and are put into /var/lib/imap/sockets
> SERVICES {
>   # add or remove based on preferences
>   imap        cmd="imapd" listen="imap" prefork=5
>   imaps        cmd="imapd -s" listen="imaps" prefork=1
>   pop3        cmd="pop3d" listen="pop3" prefork=3
>   pop3s        cmd="pop3d -s" listen="pop3s" prefork=1
>   sieve        cmd="timsieved" listen="sieve" prefork=0
> 
>   # these are only necessary if receiving/exporting usenet via NNTP
> #  nntp        cmd="nntpd" listen="nntp" prefork=3
> #  nntps        cmd="nntpd -s" listen="nntps" prefork=1
> 
>   # at least one LMTP is required for delivery
> #  lmtp        cmd="lmtpd" listen="lmtp" prefork=0
>   lmtpunix    cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
> 
>   # this is only necessary if using notifications
> #  notify    cmd="notifyd" listen="/var/lib/imap/socket/notify" 
> proto="udp" prefork=1
> 
> #
> mupdate       cmd="/usr/lib/cyrus-imapd/mupdate" listen="3905" prefork=1
> fud cmd="fud" proto="udp" listen="4201" profork=0 maxchilds=10
> 
> }
> 
> EVENTS {
>   # this is required
>   checkpoint    cmd="ctl_cyrusdb -c" period=30
> 
>   # this is only necessary if using duplicate delivery suppression,
>   # Sieve or NNTP
>   delprune    cmd="cyr_expire -E 3" at=0400
> #delprune      cmd="ctl_deliver -E 3" period=1440
>   # this is only necessary if caching TLS sessions
>   tlsprune    cmd="tls_prune" at=0400
> 
>   # Squat failed, helps
>     squatter      cmd="squatter -r user" period=1440
> }
> 
> On Jan 11, 2008 2:30 PM, Ken Murchison <murch@xxxxxxxxxxxxxx 
> <mailto:murch@xxxxxxxxxxxxxx>> wrote:
> 
>     rupert wrote:
>      > another questions is:
>      > does the mysql database have to be on both machines or does the
>     frontend
>      > cyrus get its data from the backend and doesnt store anything
>     inside its
>      > local DB?
> 
>     What MySQL database?  For authentication?  All user credentials need to
>     be verified on the frontends.  If you IMAP client(s) support referrals,
>     then they might also authenticate directly on the backends.  Otherwise,
>     only the "murder" user authenticates on the backends.
> 
> 
> 
>      > I created a new domain and user on the backend with web-cyradm and on
>      > the frontend/mupdate i can get the data with lm, but I cant
>     connect with
>      > a mail client.
>      >
>      > On Jan 11, 2008 1:13 PM, Rupertt <rupertt@xxxxxxxxx
>     <mailto:rupertt@xxxxxxxxx>
>      > <mailto: rupertt@xxxxxxxxx <mailto:rupertt@xxxxxxxxx>>> wrote:
>      >
>      >     Ken Murchison wrote:
>      >>     rupert wrote:
>      >>
>      >>>     Hello first,
>      >>>     I was able to set up an murder cluster with one backend and
>     a frontend
>      >>>     which also acts as a mupdate server.
>      >>>     i could get the mailbox accounts from the backend, which was a
>      >>>     standalone before.
>      >>>     I read that now the murder is running i should "only"
>     create accounts on
>      >>>     the frontend and dont do anything manually on the backend,
>     right?
>      >>>
>      >>>     When I now create a user with web-cyradm on the frontend it
>     creates the
>      >>>     entry in the DB, but the logfile says:
>      >>>
>      >>>     Jan 11 12:34:02 mail2 mupdate[2166]: cmd_set(fd:18, user.ralf)
>      >>>     Jan 11 12:34:02 mail2 imap[2183]: mupdate NO response:
>     mailbox already
>      >>>     exists
>      >>>     Jan 11 12:34:02 mail2 imap[2183]: MUPDATE: can't reserve
>     mailbox entry
>      >>>     for 'user.ralf'
>      >>>     Jan 11 12:34:02 mail2 imap[2183]: autocreateinbox: User
>     ralf, INBOX
>      >>>     failed. unable to reserve mailbox on mupdate server
>      >>>
>      >>>
>      >>>     when i try to add the user with "cm ralf" i get a
>     permission denied
>      >>>     error in the cyradm console.
>      >>>
>      >>>     i could add a new mailbox on the backend by hand and when I
>     do a "lm" on
>      >>>     the frontend the new account gets listed there.
>      >>>
>      >>>     So how can I proceed?
>      >>>
>      >>     Toplevel mailboxes MUST be created on the backend.
>      >>
>      >>
>      >>
>      >     you mean like "ralf", well i tried "user.ralf" and it still
>     does not
>      >     work.
>      >
>      >     this is my current list:
>      >
>      >     sam (\HasNoChildren)            user.sigi (\HasChildren)
>      >     testuser (\HasNoChildren)         user.sigi.Sent (\HasNoChildren)
>      >     user.box1 (\HasNoChildren)        user.sigi.Trash
>     (\HasNoChildren)
>      >     user.jon (\HasNoChildren)         user.tb0001 (\HasNoChildren)
>      >     user.roy (\HasChildren)           user.test1 (\HasNoChildren)
>      >     user.roy.Sent (\HasNoChildren)    user.test2 (\HasNoChildren)
>      >     user.roy.Trash (\HasNoChildren)   user.testuser (\HasNoChildren)
>      >
>      >
>      >
>      >
> 
> 
>     --
>     Kenneth Murchison
>     Systems Programmer
>     Project Cyrus Developer/Maintainer
>     Carnegie Mellon University
> 
> 
> 
> ------------------------------------------------------------------------
> 
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html


-- 
Kenneth Murchison
Systems Programmer
Project Cyrus Developer/Maintainer
Carnegie Mellon University
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux