Re: [Dovecot] I stream read - stale NFS file handle (reboot of server)
Original Message by Edgar
I was part of the discussion group for NFSv4 spec
the short comings of v2 and v3 have been fixed
I'm a bit surprised by this. Which discussion group?
The RFC, one for NFSv4.0
NFSD (v2/v3) is stateless other than the information provided by
mountd (mount requests) and lockd (file locking).
NFS is stateless save the state information remembered by statd. After all,
that's the whole point of statd (and the NLM grace period).
NFS v2/v3 has no concept of locking so a external protocol was added,
still keeping NFS v2/v3 stateless.
A long time ago FileSystemHandle would stay the same between reboots
and you wouldn't get this problem other than on an individual file.
My XNFS says:
7.1.3 Stateless Servers and Idempotency
[...]
With a few exceptions, rebooting the server must not invalidate
distributed state information.
(with the exceptions being unstable writes, teporary files etc.)
Yes the spec says this, and at first everyone implemented it this way,
and then everyone changed it due to Security issues, maybe no-one went
back and updated the spec. The FileSystemHandle (ie File Handle at the
top of exported file system) is now changed on every-reboot, unless your
in a Cluster configuration.
To handle deleted files which are in use by NFS clients some servers
rename them to .nfs* because if one client deleted and other clients
where accessing the file then they would get Stale NFS handle.
This rename takes place on the client on a REMOVE, not on the server.
Cf. either McKusick et. al. or RFC 1813, 3.3.12, IMPLEMENTATION.
Bad sentence the client deletes the file, and if it is still in use at
the time the client goes to delete it, it is renamed instead .nfs
Once in a while a NFS server will do find $dir -type f -name .nfs\*
-mtime +7 -mount -exec rm -f {} \; to clean up.
Do you have any reference for that?
http://www.google.com.au/search?hl=enq=%2Bfind+%22%2B-name+.nfs*%22+%2Brm+%2Bmtime
http://www.google.com.au/search?hl=enq=nfsfind #can be found in shell
scripts e.g. nfsfind
Look at your crontabs on your nfs server.
The above find and remove .nfs files on a server is a cleanup, e.g.
client crashes before a in-use file is deleted
If you do not get the Stale File Handle error when the server
reboots, it most likely means the FileSystemHandle is not changing
between reboots
I.e., it conforms to the specs.
The specs had problems
but then you may have more security issues.
Could you please elaborate on this secutity issues?
NFSD (v2/3) is stateless and trusts the security information (UDP, RPC
requests using AUTH_UNIX) from the NFS client . The client is
effectively responsible for the security when talking to a NFSv2/3
client. (NFSv4 does too (the default is AUTH_SYS,AUTH_UNIX) unless you
setup the security to use RPCSEC_GSS or AUTH_DH). The first step taken
by a NFSv2/3 client is to get the FileHandle for an exported path from
mountd which checks the access lists for the NFS share, this FileHandle
is used to talk to NFSD for the top of the export/shared path.
Cheers.
[Dovecot] Dovecot 2.0 b13e01d82083
Hello, I was trying to compile Dovecot 2.0 b13e01d82083, and I found this when doing make: Making all in lib test -f UnicodeData.txt || wget http://www.unicode.org/Public/UNIDATA/UnicodeData.txt /bin/sh: wget: not found I think it's probably not the best idea to assume everyone has wget installed. Perhaps it is installed by default on linux, but probably not on all other platforms. Why not just include the UnicodeData.txt file? Best Regards smime.p7s Description: S/MIME Cryptographic Signature
Re: [Dovecot] sieve vacation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 18 Mar 2010, Lampa wrote: Is there any hope that will be any hack in future to allow reply for all addresses? I've _my_ vision of how :addresses should be extended on my TODO list, but active Dovecot development is currently a bit down the list. I'm planning this: :addresses me - -or, depending on complexity- :addresses m...@* to match addresses of a predefined domain list, but with the given local part. Regards, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBS6IL4L+Vh58GPL/cAQJIwwf8DWODw5xZ/y6nzpoAcfsRNzdu8gYgthbh WSXsh7/s6KNB1EWF3bAPZA7RjZKxB2EOQp5VcQETdjrpRyBNnsWyMnV9o/pqSWue JG4qirUIKZLEMFYVO+FPBJIpBbVcP5mXJXP2KSnHQxBV1I7akE+7a2hX3bxPxXct y0Onmhu5jJ62ifGlyBCAstYNC9RRRCw/TEz99xeVEhILzUOBiziVTsePZJIi1lTy 0jVVaMY2RP9qmirX3OiSR2UdEEAuLMkBFDsD0OxxATzn3xm+jwhvnSheKIbZ7MYn p5wwnNy0FSISlxbURiSJThIeFqBD6ZSjccfUTKpcMs05zmWvfDyseA== =35SN -END PGP SIGNATURE-
[Dovecot] RTFM: Manual pages for Dovecot v2.0
Hello Dovecot admins. I've started writing manual pages for Dovecot v2.0. I'm sure they are not perfect yet. I'd like to ask you all to read the manual pages. It would be nice to get some ideas/suggestions/improvements. So that that the Dovecot v2.0.0 release could be distributed with /fine manuals/. The manual pages are available at: http://wiki2.dovecot.org/ManPages This is also the intended place for 'discussions' about the man pages. Regards, Pascal -- The trapper recommends today: cafebabe.1007...@localdomain.org
[Dovecot] Shared mailboxes basics
Hello Timo,
I'm trying to set up shared mailboxes with dovecot-1.2.11/Maildir. I previsouly
used public namespaces with 1.1+ to somehow implement them but I'm looking at
the real ones now. I've read the Wiki but I'm still confused or not 100% sure
about the following (basic) points :
1. Namespaces prefixes
My understanding is that a namespace prefix is just an escape mechanism for the
client to access the mailboxes this namespace holds. So the real location is
_only_ defined by the location directive, independently of what the prefix
is. So, for example, If you've got :
prefix=foo/bar/
location=maildir:/some/folder/%u
mailboxes are physically in /some/folder/%u, not in /foo/bar/some/folder/%u or
something
am I correct ?
2. Other Users mailboxes
RFC234 states that shared mailboxes (which they call Other Users mailboxes)
are mailboxes from the Personal Namespaces of other users.
Dovecot's Wiki takes as an example :
# User's private mail location.
mail_location = maildir:~/Maildir
# You need to create also a private namespace:
namespace private {
separator = /
prefix =
#location defaults to mail_location.
inbox = yes
}
namespace shared {
separator = /
prefix = shared/%%u/
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
subscriptions = no
list = children
}
and states :
This creates a shared/ namespace under which each user's mailboxes are.
My understanding is that
# User's private mail location.
mail_location = maildir:~/Maildir
and
location = maildir:%%h/Maildir
implies that mailboxes in both the private and the shared/ namespace are
physically in the same location (under the $HOME/Maildir directory of the
user who shares his mailbox) . Am I correct ?
I tried the following set up :
namespace private {
separator = /
location =
maildir:/courriel/boites/%u:CONTROL=/courriel/meta/%u:INDEX=/var/dovecot-test/indexes/%1u/%u
inbox = yes
hidden = no
list = yes
subscriptions = yes
}
namespace shared {
separator = /
prefix = #shared/%%u/
location =
maildir:/courriel/boites/%%u:INDEX=/var/dovecot-test/indexes/%1u/%u/shared/%%u
subscriptions = no
list = yes # will try children later
}
the user doveimap has the following mailboxes :
# pwd
/courriel/boites
# ls -l doveimap
total 64
drwx-- 5 doveimap Invites 4096 Oct 23 13:38 .Trash
drwxr-xr-x 5 doveimap Invites 4096 Oct 27 17:00 .sous
drwxr-xr-x 5 doveimap Invites 4096 Oct 27 17:00 .sous.arbo
drwxr-xr-x 5 doveimap Invites 4096 Oct 27 17:00 .sous.arbo.rescence
drwx-- 5 doveimap Invites 4096 Oct 23 13:43 .testcopy
drwx-- 2 doveimap Invites 4096 Mar 15 17:08 cur
drwx-- 2 doveimap Invites 4096 Mar 15 17:07 new
drwx-- 2 doveimap Invites 4096 Mar 15 17:07 tmp
I can perform for instance :
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE STARTTLS
AUTH=PLAIN] Dovecot test ready.
x login doveimap
x OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE SORT
SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT IDLE CHILDREN
NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT
SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in
1 setacl INBOX dovepop rl
1 OK Setacl complete.
But isn't a client like Thunderbird (3.0.3) supposed to
. show me the #shared (even if no one shares mailboxes to me) folder
(because of list = yes )?
. let me share, let's say the .sous.arbo mailbox ? If yes, how ? Or should I
first pre-set some acl files ???
For now, it says : This is a personnal mail folder. It is not shared.
Thanks
--
Thomas Hummel | Institut Pasteur
hum...@pasteur.fr | Pôle informatique - systèmes et réseau
Re: [Dovecot] GlusterFs - Any new progress reports?
On 2010-02-17, Ed W li...@wildgooses.com wrote: Anyone had success using some other clustered/HA filestore with dovecot who can share their experience? (OCFS/GFS over DRBD, etc?) We´ve been using IBM´s GPFS filesystem on (currently) seven x-series servers running RHEL4 and RHEL5, all SAN-attached all serving the same filesystem for probably 4 years now. This systems serves POP/IMAP/Webmail to ~700.000 mail accounts. Webmail is sticky, while POP/IMAP is being distributed over all the servers by HAproxy. It´s been working very well. There´s been some minor issues with dovecots locking that forced us to be less parallell in the deliveries than we wanted to, but that´s probably our own fault for being quite back-level on dovecot. The biggest pain is doing file backups of the maildirs... -jf
[Dovecot] mail_save_crlf Semantics
Hi, It's not clear from the configuration when CR/LF conversion happens with mail_save_crlf set. Does this only happen with appends, or do all mails handled by Dovecot always get converted when opened? Cheers, Sabahattin smime.p7s Description: S/MIME cryptographic signature
