Somewhere I read (or thought I read) that it was important to ensure that a user was not logged in when his mailbox was transferred between backends in a Murder setup, otherwise there was a risk of mailbox corruption. Is this true or have I been reading the tabloids again? Context: I have several shiny new backends with 2.3 that I have ready to replace our old 2.2 backends. We have something like 70,000 mailboxes to move, which will obviously be something done in nightly batches over a period of weeks. Our current obstacle is having to ensure that the mailbox is not open, because that requires: notifying the user that his e-mail will be unavailable for a period of time, locking the user's account (which locks him out of everything else unless we work up some Cyrus-specific solution, like some PAM magic), checking all the front-ends to verify that he's not logged in (this is iffy, because the proc/<username> files are all we've got and some of those are left-overs from crashes and lack of housekeeping), doing the transfer, and then undoing all of this. Alternately, if there is only a small risk of mailbox corruption, it may be better to just do the transfers late at night and accept having to do a handful of mailbox reconstructs. Is this what other people have done? Wil
Attachment:
signature.asc
Description: This is a digitally signed message part
---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
