Re: Backend attempting to proxy to itself?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



imapd is trying to proxy because the entry "1
store-101.internal.example.com" tells it that it's remote, even though it
is not.  Theoretically this would work correctly with a unified murder
configuration, where any machine can proxy for another, but it isn't
implemented.  The mailbox entry on the backend should look like;

user.simon      0    default simon lrswipkxtecda

I'm not sure how the mailbox list ended up with entries like that on your
backend.  Are you running mupdate there?  There should probably be a
warning in the docs about not starting mupdate on a backend, if there isn't
already.  To fix it, you may need to dump the db to text, use sed/awk/perl
(pick your favorite) and change all the "1 servername!default" to "0
default", remove the old db and reload it.   Hope that helps. 

-Brian
 
On Mon, 26 Apr 2010 12:44:35 +0100 (BST), "Simon Beale"
<simon@xxxxxxxxxxxx>
wrote:
> I'm having problems with getting the backend responding correctly in a
> murder cluster (using Simon Matter's 2.3.16 rpm built on CentOS 5.4).
I've
> got it so that I can run cyradm and issue 'cm user.simon' on the
frontend,
> see it make the mailbox on the backend, and doing 'ctl_mboxlist -d' on
> murder, frontend and backend all list the relevant backend location:
> 
> user.simon      1 store-101.internal.example.com!default simon    
> lrswipkxtecda
> 
> 
> However, when I run imtest and login on the frontend:
> . LIST "" "*"
> * LIST (\HasNoChildren) "." "INBOX"
> . OK Completed (0.000 secs 2 calls)
> . SELECT INBOX
> . NO Server(s) unavailable to complete operation
> 
> 
> Looking at the output of strace and syslogs on the backend, it appears
> that the backend is trying to make a new TLS connection back to itself
> rather than directly answering the incoming SELECT.
> 
> Apr 26 13:24:09 store-101 imap[26128]: accepted connection
> Apr 26 13:24:09 store-101 master[26615]: about to exec
> /usr/lib/cyrus-imapd/imapd
> Apr 26 13:24:09 store-101 imap[26128]: login:
> switch-101.internal.example.com [10.10.10.37] simon DIGEST-MD5 User
logged
> in
> Apr 26 13:24:09 store-101 imap[26615]: executed
> Apr 26 13:24:09 store-101 imap[26615]: accepted connection
> Apr 26 13:24:09 store-101 master[26616]: about to exec
> /usr/lib/cyrus-imapd/imapd
> Apr 26 13:24:09 store-101 imap[26616]: executed
> Apr 26 13:24:09 store-101 imap[26615]: skiplist: checkpointed
> /var/lib/imap/tls_sessions.db (1124 records, 206900 bytes) in 0 seconds
> Apr 26 13:24:09 store-101 imap[26615]: imapd:Loading hard-coded DH
> parameters
> Apr 26 13:24:09 store-101 imap[26615]: SSL_accept() incomplete -> wait
> Apr 26 13:24:09 store-101 imap[26128]: Doing a peer verify
> Apr 26 13:24:09 store-101 imap[26128]: Doing a peer verify
> Apr 26 13:24:09 store-101 imap[26128]: received server certificate
> Apr 26 13:24:09 store-101 imap[26128]: starttls: TLSv1 with cipher
> DHE-RSA-AES256-SHA (256/256 bits new client) no authentication
> Apr 26 13:24:09 store-101 imap[26615]: SSL_accept() succeeded -> done
> Apr 26 13:24:09 store-101 imap[26615]: starttls: TLSv1 with cipher
> DHE-RSA-AES256-SHA (256/256 bits new) no authentication
> Apr 26 13:24:09 store-101 imap[26128]: couldn't authenticate to backend
> server: no mechanism available
> 
> Can anyone help me work out why the backend appears to be attempting to
> proxy onwards rather than answering the SELECT itself?
> 
> ===================
> Backend imapd.conf:
> 
> admins:                 cyrus cyrus-frontend
> allowallsubscribe:      true
> allowplaintext:         true
> allowusermoves:         true
> configdirectory:        /var/lib/imap
> delete_mode:            delayed
> duplicate_db:           skiplist
> expunge_mode:           delayed
> hashimapspool:          true
> improved_mboxlist_sort: true
> lmtp_downcase_rcpt:     true
> mupdate_authname:       cyrus-frontend
> mupdate_password:       ********
> mupdate_server:         switch-102.internal.example.com
> mupdate_username:       cyrus-frontend
> normalizeuid:           true
> partition-default:      /var/spool/imap
> proxyservers:           cyrus-frontend
> ptscache_db:            skiplist
> sasl_mech_list:         PLAIN LOGIN DIGEST-MD5
> sasl_pwcheck_method:    auxprop
> servername:             store-101.internal.example.com
> sievedir:               /var/lib/imap/sieve
> statuscache_db:         skiplist
> tlscache_db:            skiplist
> tls_ca_file:            /etc/pki/tls/certs/ca-bundle.crt
> tls_cert_file:          /etc/ssl/certs/wildcard.pem
> tls_key_file:           /etc/ssl/certs/wildcard.pem
> unix_group_enable:      false
> 
> 
> ====================
> Frontend imapd.conf:
> 
> admins:                 cyrus
> allowplaintext:         false
> allowusermoves:         true
> configdirectory:        /var/lib/imap
> delete_mode:            delayed
> duplicate_db:           skiplist
> expunge_mode:           delayed
> improved_mboxlist_sort: true
> lmtp_downcase_rcpt:     true
> mupdate_authname:       cyrus-frontend
> mupdate_password:       ********
> mupdate_server:         switch-102.internal.example.com
> mupdate_username:       cyrus-frontend
> normalizeuid:           true
> partition-default:      /var/spool/imap
> proxy_authname:         cyrus-frontend
> proxyd_disable_mailbox_referrals:       true
> proxy_password:         ********
> ptscache_db:            skiplist
> sasl_mech_list:         PLAIN
> sasl_pwcheck_method:    auxprop saslauthd
> serverlist:             store-101.internal.example.com
> servername:             switch-101.internal.example.com
> sieve_allowreferrals:   false
> sievedir:               /var/lib/imap/sieve
> sieveusehomedir:        0
> statuscache_db:         skiplist
> tlscache_db:            skiplist
> tls_ca_file:            /etc/pki/tls/certs/ca-bundle.crt
> tls_cert_file:          /etc/ssl/certs/wildcard.pem
> tls_key_file:           /etc/ssl/certs/wildcard.pem
> unix_group_enable:      false
> 
> 
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux