Hi Dave :) :) !!
Very very thankful for your help. Yep I have been looking at cyrus code (in master at least) and it seems that if the users don't send any command, the connection keeps alive at least, until the next command. When the user sends the next command and that one is, logout or another any command it seems to check almost at the beggining of the loop (in imapd.c at least):
/* Check for shutdown file */ if ( !imapd_userisadmin && imapd_userid && (shutdown_file(shut, sizeof(shut)) || userdeny(imapd_userid, config_ident, shut, sizeof(shut)))) { for (p = shut; *p == '['; p++); /* can't have [ be first char */ prot_printf(imapd_out, "* BYE [ALERT] %s\r\n", p); telemetry_rusage(imapd_userid); shut_down(0); }
So it seems it works this way. Anyway would be nice if we could have the confirmation about how this should be handled properly. I mean... if this is just the way or... if TERM could sent....
I'm going to check this feature too and try to get my bests for doing this appropriately.
Thanks a lot really Dave!!!!
Cheers!!
El 2021-10-19 12:04, Dave McMurtrie escribió: Hi, user_deny was intentionally implemented as a check near the top of the server's command loop. The idea was to accomplish exactly what you're looking for. It was to immediately affect all active connections as well as prevent new ones. full disclosure: I'm no longer actively involved in the Cyrus Project, so it's possible this bit of code has changed. Perhaps have a look at the code, or maybe some kind person who is actively involved can confirm this behavior still exists. On Tue, Oct 19, 2021 at 6:00 AM Egoitz Aurrekoetxea < egoitz@xxxxxxxxxx> wrote:
Good morning,
Thank you so much for your answer. For avoid new logins we can just modify the user auth database, for avoiding, you know, new logins.
The problem is, how to disconnect appropriately an already connected user which for instance, gets connected with IDLE or whatever way of keeping connection alive. Does user_deny.db handle, already logged in users too or just new logins?. The issue we are suffering is with already logged users.
Thanks a lot again :) :) . Any help very appreciated.
Cheers!!
El 2021-10-19 11:50, Dave McMurtrie escribió:
Hi,
You probably want to use the user_deny.db for this. This is the exact use case for which it was implemented.
https://www.cyrusimap.org/imap/reference/admin/sop/userdeny.html
hth,
Dave
On Mon, Oct 18, 2021 at 3:44 AM Egoitz Aurrekoetxea <egoitz@xxxxxxxxxx> wrote:
Good morning,
We have a feature that allows a user to kill all it's sessions. Imagine a cellphone gets stolen. The user could disconnect it's sessions from our interface.
It normally works fine. We just launch a kill TERM to the user's imap/pop processes mainly. But I have seen a couple of times, that after doing that, no user can later connect to it's mailbox. It's like, if something important would become locked... some important database or similar, by that killed processes that obviously as have become killed, won't unlock that hypothetical important database. Have you ever seen a behavior like the commented?.
Perhaps, does Cyrus have another "more elegant" way of logging out a user?.
Best regards,
Cyrus / Info / see discussions + participants + delivery options Permalink
------------------------------------------ Cyrus: Info Permalink: https://cyrus.topicbox.com/groups/info/Tdfb46db342104c8f-Md8870133a0db864a12c9d620 Delivery options: https://cyrus.topicbox.com/groups/info/subscription
|