On 03/09/11 12:50, Mark Cave-Ayland wrote: > Thanks for the heads up. Does that mean I should invoke reconstruct on > all the mailboxes whose permissions I've changed in this way in order to > bring the backup ACLs back in line with the mailboxes.db changes? Sigh. So as soon as I ran reconstruct on the parts of the tree I had changed using my previous approach, it noticed that the backup ACLs weren't included in mailboxes.db and hence added them all back in again :/ Following on from your previous email, I ended up patching cyradm in order to allow a wildcard ACL deletion which worked really well, although some mailboxes were still confused to the point where I had to remove individual ACLs from the mailbox as a bulk deletion didn't work (I guess again this was confusion caused by a combination of different backup ACLs, reconstruct and mailboxes.db). Since these problem ACLs were removed, everything now works fine so I can recursively drop and rebuild all ACLs on our shared folder tree using a small bash script :) > Also is there any reason why cyradm couldn't be modified to accept > wildcards for uids in order to remove all of them? It strikes me that > this is almost a bug given that I can sam an entire mailbox hierarchy > but not do the same with dam. The perl code seemed reasonably easy to follow with a good API design and so the resulting patch is quite neat. I've created a new bug in bugzilla and attached the patch there as it would be very useful to have this included within the main cyrus codebase: https://bugzilla.cyrusimap.org/show_bug.cgi?id=3550. Many thanks, Mark. -- Mark Cave-Ayland - Senior Technical Architect PostgreSQL - PostGIS Sirius Corporation plc - control through freedom http://www.siriusit.co.uk t: +44 870 608 0063 Sirius Labs: http://www.siriusit.co.uk/labs ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
