Thank you! Yes, doing the following steps: - ctl_mboxlist -d > file.txt - stopping the backend cyrus - removing mailboxes.db, - starting cyrus - ctl_mboxlist -u < file.editted.txt does mean I can run "imtest -a cyrus-frontend -u simon store-101" (i.e. against the backend) successfully and SELECT the INBOX. However, if I restart the backend at this point, I get the old entries back again in addition to the fixed entries. Given this cluster isn't yet in production, I've just stopped the entire cluster, deleted mailboxes.db from everything and "rm -rf ${partition-default}/*" in case there was something bad lurking around from previous experiments. But it's still the case that if I "cm user.simon" on the frontend with cyradm, the mailboxes.db on the backend appears as "... 1 store-101...!default..." So for some reason I'm not getting correct mailbox location information created on the backends. I've included my cyrus.conf files and the murder master's imapd.conf below in case there's something wrong I've put in any of those. Cheers Simon ===================== Backend/frontend cyrus.conf START { recover cmd="ctl_cyrusdb -r" idled cmd="idled" #the next line is only present on the backend mupdatepush cmd="ctl_mboxlist -m" } SERVICES { imap cmd="imapd" listen="imap" proto="tcp4" prefork=2 imaps cmd="imapd -s" listen="imaps" proto="tcp4" prefork=5 pop3 cmd="pop3d" listen="pop3" proto="tcp4" prefork=2 pop3s cmd="pop3d -s" listen="pop3s" proto="tcp4" prefork=2 sieve cmd="timsieved" listen="sieve" proto="tcp4" prefork=2 mupdate cmd="mupdate" listen="3905" proto="tcp4" prefork=2 fud cmd="fud" listen="4201" proto="udp4" prefork=1 maxchild=10 lmtp cmd="lmtpd -a" listen="127.0.0.1:2003" prefork=1 } EVENTS { checkpoint cmd="ctl_cyrusdb -c" period=30 delprune cmd="cyr_expire -D 3 -E 3 -X 3" at=0400 tlsprune cmd="tls_prune" at=0400 } ====================== Murder master /etc/cyrus.conf START { recover cmd="ctl_cyrusdb -r" idled cmd="idled" } SERVICES { mupdate cmd="mupdate -m" listen="mupdate" prefork=1 } EVENTS { checkpoint cmd="ctl_cyrusdb -c" period=30 delprune cmd="cyr_expire -D 3 -E 3 -X 3" at=0400 tlsprune cmd="tls_prune" at=0400 } ====================== Murder master /etc/imapd.conf admins: cyrus cyrus-frontend allowplaintext: true configdirectory: /var/lib/imap duplicate_db: skiplist improved_mboxlist_sort: true lmtp_downcase_rcpt: true normalizeuid: true partition-default: /var/spool/imap ptscache_db: skiplist sasl_mech_list: DIGEST-MD5 PLAIN LOGIN sasl_pwcheck_method: auxprop sievedir: /var/lib/imap/sieve statuscache_db: skiplist tlscache_db: skiplist tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt tls_cert_file: /etc/ssl/certs/wildcard.pem tls_key_file: /etc/ssl/certs/wildcard.pem unix_group_enable: false > imapd is trying to proxy because the entry "1 > store-101.internal.example.com" tells it that it's remote, even though it > is not. Theoretically this would work correctly with a unified murder > configuration, where any machine can proxy for another, but it isn't > implemented. The mailbox entry on the backend should look like; > > user.simon 0 default simon lrswipkxtecda > > I'm not sure how the mailbox list ended up with entries like that on your > backend. Are you running mupdate there? There should probably be a > warning in the docs about not starting mupdate on a backend, if there > isn't > already. To fix it, you may need to dump the db to text, use sed/awk/perl > (pick your favorite) and change all the "1 servername!default" to "0 > default", remove the old db and reload it. Hope that helps. > > -Brian > > On Mon, 26 Apr 2010 12:44:35 +0100 (BST), "Simon Beale" > <simon@xxxxxxxxxxxx> > wrote: >> I'm having problems with getting the backend responding correctly in a >> murder cluster (using Simon Matter's 2.3.16 rpm built on CentOS 5.4). > I've >> got it so that I can run cyradm and issue 'cm user.simon' on the > frontend, >> see it make the mailbox on the backend, and doing 'ctl_mboxlist -d' on >> murder, frontend and backend all list the relevant backend location: >> >> user.simon 1 store-101.internal.example.com!default simon >> lrswipkxtecda >> >> >> However, when I run imtest and login on the frontend: >> . LIST "" "*" >> * LIST (\HasNoChildren) "." "INBOX" >> . OK Completed (0.000 secs 2 calls) >> . SELECT INBOX >> . NO Server(s) unavailable to complete operation >> >> >> Looking at the output of strace and syslogs on the backend, it appears >> that the backend is trying to make a new TLS connection back to itself >> rather than directly answering the incoming SELECT. >> >> Apr 26 13:24:09 store-101 imap[26128]: accepted connection >> Apr 26 13:24:09 store-101 master[26615]: about to exec >> /usr/lib/cyrus-imapd/imapd >> Apr 26 13:24:09 store-101 imap[26128]: login: >> switch-101.internal.example.com [10.10.10.37] simon DIGEST-MD5 User > logged >> in >> Apr 26 13:24:09 store-101 imap[26615]: executed >> Apr 26 13:24:09 store-101 imap[26615]: accepted connection >> Apr 26 13:24:09 store-101 master[26616]: about to exec >> /usr/lib/cyrus-imapd/imapd >> Apr 26 13:24:09 store-101 imap[26616]: executed >> Apr 26 13:24:09 store-101 imap[26615]: skiplist: checkpointed >> /var/lib/imap/tls_sessions.db (1124 records, 206900 bytes) in 0 seconds >> Apr 26 13:24:09 store-101 imap[26615]: imapd:Loading hard-coded DH >> parameters >> Apr 26 13:24:09 store-101 imap[26615]: SSL_accept() incomplete -> wait >> Apr 26 13:24:09 store-101 imap[26128]: Doing a peer verify >> Apr 26 13:24:09 store-101 imap[26128]: Doing a peer verify >> Apr 26 13:24:09 store-101 imap[26128]: received server certificate >> Apr 26 13:24:09 store-101 imap[26128]: starttls: TLSv1 with cipher >> DHE-RSA-AES256-SHA (256/256 bits new client) no authentication >> Apr 26 13:24:09 store-101 imap[26615]: SSL_accept() succeeded -> done >> Apr 26 13:24:09 store-101 imap[26615]: starttls: TLSv1 with cipher >> DHE-RSA-AES256-SHA (256/256 bits new) no authentication >> Apr 26 13:24:09 store-101 imap[26128]: couldn't authenticate to backend >> server: no mechanism available >> >> Can anyone help me work out why the backend appears to be attempting to >> proxy onwards rather than answering the SELECT itself? >> >> =================== >> Backend imapd.conf: >> >> admins: cyrus cyrus-frontend >> allowallsubscribe: true >> allowplaintext: true >> allowusermoves: true >> configdirectory: /var/lib/imap >> delete_mode: delayed >> duplicate_db: skiplist >> expunge_mode: delayed >> hashimapspool: true >> improved_mboxlist_sort: true >> lmtp_downcase_rcpt: true >> mupdate_authname: cyrus-frontend >> mupdate_password: ******** >> mupdate_server: switch-102.internal.example.com >> mupdate_username: cyrus-frontend >> normalizeuid: true >> partition-default: /var/spool/imap >> proxyservers: cyrus-frontend >> ptscache_db: skiplist >> sasl_mech_list: PLAIN LOGIN DIGEST-MD5 >> sasl_pwcheck_method: auxprop >> servername: store-101.internal.example.com >> sievedir: /var/lib/imap/sieve >> statuscache_db: skiplist >> tlscache_db: skiplist >> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt >> tls_cert_file: /etc/ssl/certs/wildcard.pem >> tls_key_file: /etc/ssl/certs/wildcard.pem >> unix_group_enable: false >> >> >> ==================== >> Frontend imapd.conf: >> >> admins: cyrus >> allowplaintext: false >> allowusermoves: true >> configdirectory: /var/lib/imap >> delete_mode: delayed >> duplicate_db: skiplist >> expunge_mode: delayed >> improved_mboxlist_sort: true >> lmtp_downcase_rcpt: true >> mupdate_authname: cyrus-frontend >> mupdate_password: ******** >> mupdate_server: switch-102.internal.example.com >> mupdate_username: cyrus-frontend >> normalizeuid: true >> partition-default: /var/spool/imap >> proxy_authname: cyrus-frontend >> proxyd_disable_mailbox_referrals: true >> proxy_password: ******** >> ptscache_db: skiplist >> sasl_mech_list: PLAIN >> sasl_pwcheck_method: auxprop saslauthd >> serverlist: store-101.internal.example.com >> servername: switch-101.internal.example.com >> sieve_allowreferrals: false >> sievedir: /var/lib/imap/sieve >> sieveusehomedir: 0 >> statuscache_db: skiplist >> tlscache_db: skiplist >> tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt >> tls_cert_file: /etc/ssl/certs/wildcard.pem >> tls_key_file: /etc/ssl/certs/wildcard.pem >> unix_group_enable: false >> >> >> ---- >> Cyrus Home Page: http://cyrusimap.web.cmu.edu/ >> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki >> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html > ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html