Re: Permission problem
Previous versions of Cyrus used the 'd' permission for this. Cyrus now requires that you set the 'c' permission in your ACL... Hope that helps... -David Fuchs - Original Message - From: Marius Kirschner [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, April 30, 2001 8:08 PM Subject: Permission problem I've set up cyrus-imapd 2.0.12 last week and everything seems to be working okay (at least the sending and receiving part), except I have a permission problem. To be more exact, the admin can't delete mailboxes and the user can't create them. If I go into cyradm as admin I can create 'user.mailbox' or 'user.mailbox.whatever' but when I try to delete them I get a permission denied error. And, yes, I do grant myself delete access before trying to delete them. Also, as user when I try to create a mailbox I get also a permission denied error, however, as user I am able to delete mailboxes created by admin. All the /var/imap directories are owned by cyrus.cyrus and the rwx permissions are set as well, and imapd runs as cyrus. I've been trying to figure this out for days now but to no avail. I'd appreciate it if somebody could steer me in the right directions. FWIW, I'm running FreeBSD 4.3. Thanks, ---Marius
forking problem and SleepyCat
Hey guys, Regarding the forking problem that some of us seem to be having. I've been in touch with the SleepyCat support department. We discussed a few things about the problem and finally i sent him a copy of the cyrusdb_db3.c file.. At first the response was that maybe opening it read/write contantly could be the problem. Then i received the following email: -- One of our senior engineers reviewed Support Request #3838, and comments: Berkeley DB only transactionally protects the open if you're doing a DB_CREATE. Even if the Cyrus application is opening the file read/write, we don't need a transaction. I see from their source that they are always specifying DB_CREATE. I bet if they changed it to not specifying CREATE and only creating if necessary, the problem would probably go away. Regards, --keith -- Maybe somebody can comeup with change to the code that can implement this?? Greetings, Hugo -- That i'm paranoid doesn't mean they aren't out to get me! -- Hugo Trippaers (HT2-6BONE) ISION Internet BV System Engineer (RHCE) http://www.ision.nl [EMAIL PROTECTED]
Re: e with accent
+-- On Monday, April 30, 2001 16:11:02 +0200 Jean-Michel Doublet +[EMAIL PROTECTED] wrote: | Hi, | | i use cyrus-2.0.12 and when i send a mail with an é or è in the | suject, the é is replace with X. | | How can i fix this ? +-- Don't send any non-ascii characters. The problem is that the receiver has no way of knowing just which character set you meant. Is it encoded in iso8859-1, iso8859-15 or utf-8? You need to encode the characters in your subject as described in RFC2047 i.e. =?ISO-8859-1?Q?=e8=e9?= for èé. /Michael -- This space intentionally left non-blank.
configure can't find sasl_getprop (v. 2.0.13)
I want to upgrade from 1.6.24 to 2.0.13 but configure isn't able to find libsasl although I am using the library since many month with 1.6.24: checking for sasl_getprop in -lsasl... no My sasl libraries are in /usr/local/sasl/lib and I called configure with --with-sasl=/usr/local/sasl If I check libsasl.so.7.1.8 with nm I see the sasl_getprop symbol. Any hints? Werner
Re: configure can't find sasl_getprop (v. 2.0.13)
--On Tuesday, May 01, 2001 2:44 PM +0200 Werner Reisberger [EMAIL PROTECTED] wrote: I want to upgrade from 1.6.24 to 2.0.13 but configure isn't able to find libsasl although I am using the library since many month with 1.6.24: checking for sasl_getprop in -lsasl... no My sasl libraries are in /usr/local/sasl/lib and I called configure with --with-sasl=/usr/local/sasl If I check libsasl.so.7.1.8 with nm I see the sasl_getprop symbol. Any hints? Werner A new SASL library was released as beta at the end of last March. It was released as 1.5.27. In any the case, it has the sasl_getprop() function that you described. My question is this... Even though configure doesn't see sasl_getprop() in your SASL library, it shouldn't be disabling SASL as a whole... Are you still able to compile the IMAP server and get it to work? I would expect that to be the case (but may not be at the moment), especially since the latest SASL release was considered beta. Anyways, if you need the library, you can get it at the following location: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/BETA/cyrus-sasl-1.5.27.tar.gz Scott -- +-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-+ Scott W. Adkinshttp://www.cns.ohiou.edu/~sadkins/ UNIX Systems Engineer mailto:[EMAIL PROTECTED] ICQ 7626282 Work (740)593-9478 Fax (740)593-1944 +-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+=-=-=-=-=-=-=-=-+ CNS, HDL Center, Suite 301, Ohio University, Athens, OH 45701-2979
Re: 1.6.24 + STARTTLS + cyradm
On Tue, 1 May 2001 13:04:30 +0100, Richard Hopkins [EMAIL PROTECTED] (rh) writes: rh I've got 1.6.24 configured with SSL and can get a TLS session established rh using Mulberry without any problem. Does anybody have a listing of what clients support TLS? While I personally wouldn't mind freezing out all clients but Mulberry, I have a feeling a lynch mob would be after me. ;-) -- Amos
Cyrus IMAPd using PAM authentication under FreeBSD ...
Okay, I'm at a loss here, and hope someone has an idea of what I'm missing ... I installed cyrus-imapd and cyrus-sasl from ports under FreeBSD, that all appears to work great as long as I don't try and set sasl_pwcheck_method to PAM ... as soon as I set that, it fails. I'm trying to use the pam_smb_auth module, v1.9.8 ... Using it for ftpd, in /etc/pam.conf, it works great: == May 1 11:31:05 new-relay ftpd[45475]: unable to resolve symbol: pam_sm_authenticate May 1 11:31:05 new-relay ftpd[45475]: unable to resolve symbol: pam_sm_setcred May 1 11:31:05 new-relay ftpd[45475]: auth_pam: Module is unknown == and == demeter# ftp new-relay Connected to new-relay.acadiau.ca. 220 new-relay.acadiau.ca FTP server (Version 6.00LS) ready. Name (new-relay:root): marc 331 Password required for marc. Password: 230 User marc logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp == but if I try pop3: == demeter# telnet new-relay pop3 Trying 131.162.200.78... Connected to new-relay.acadiau.ca. Escape character is '^]'. +OK new-relay.acadiau.ca Cyrus POP3 v2.0.13 server ready user marc +OK Name is a valid mailbox pass X -ERR Invalid login === with the backend reporting, again: === May 1 11:32:33 new-relay pop3d[44673]: unable to resolve symbol: pam_sm_authenticate May 1 11:32:33 new-relay pop3d[44673]: unable to resolve symbol: pam_sm_setcred === both passwords I type in are the exact same, ftpd works, pop3 fails ... so I know that the pam module itself is working ... so the only thing I can think of is that *something* in the cyrus-imapd port is causing the failure ... cyrus-imap version is: cyrus-imapd-2.0.13 configure is set as: ./configure \ --with-cyrus-prefix=/usr/local/cyrus \ --with-cyrus-group=cyrus \ --with-sasl=/usr/local \ --with-dbdir=/usr/local \ --with-auth=unix \ --with-com_err \ --with-ucdsnmp=no \ --prefix=/usr/local i386--freebsd4.3 A bug, maybe, in 2.0.13? My pam.conf file looks like the following, in case I'm doing something obvious in there? login authsufficient pam_skey.so login authrequisite pam_cleartext_pass_ok.so login authrequiredpam_unix.so try_first_pass ftpdauthrequiredpam_smb_auth.so use_first_pass imapauthrequiredpam_smb_auth.so nolocal sieve authsufficient pam_unix.so sieve authrequiredpam_smb_auth.so use_first_pass pop authrequiredpam_smb_auth.so sshdauthsufficient pam_skey.so sshdauthrequiredpam_unix.so try_first_pass sshdsession requiredpam_permit.so csshd authrequiredpam_skey.so xserver authrequiredpam_permit.so xdm authrequiredpam_unix.so xdm account requiredpam_unix.so try_first_pass xdm session requiredpam_deny.so xdm password required pam_deny.so imapauthrequiredpam_unix.so try_first_pass pop3authrequiredpam_unix.so try_first_pass other authrequiredpam_unix.so try_first_pass other account requiredpam_unix.so try_first_pass Marc G. Fournier [EMAIL PROTECTED] Senior Systems AdministratorAcadia University These are my opinions, which are not necessarily shared by my employer
TLS works, STARTTLS doesn't (imap, v2.0.13)
I have just installed Cyrus IMAP 2.0.13 on Sparc Solaris 7. I'm trying to make an IMAP connection with TLS using Mac Eudora 5.1. If I use the alternate port (993) setting, I can get a connection. If I try to use STARTTLS (which both Cyrus and Eudora 5.1 claim to support) I get a STARTTLS failure. Any ideas? I have some debug output (I set the debugging level to 5 in tls.c). Here it is with imaps (port 993): May 1 10:48:50 emaildev master[16761]: about to exec /usr/local/cyrus/bin/imapd May 1 10:48:50 emaildev service-imaps[16761]: executed May 1 10:48:50 emaildev imapd[16761]: accepted connection May 1 10:48:50 emaildev imapd[16761]: starting TLS engine May 1 10:48:50 emaildev imapd[16761]: TLS engine: cannot load CA data May 1 10:48:50 emaildev imapd[16761]: setting up TLS connection May 1 10:48:50 emaildev imapd[16761]: SSL_accept:before/accept initialization May 1 10:48:50 emaildev imapd[16761]: SSL_accept:SSLv3 read client hello A May 1 10:48:50 emaildev imapd[16761]: SSL_accept:SSLv3 write server hello A May 1 10:48:50 emaildev imapd[16761]: SSL_accept:SSLv3 write certificate A May 1 10:48:50 emaildev imapd[16761]: SSL_accept:SSLv3 write server done A May 1 10:48:50 emaildev imapd[16761]: SSL_accept:SSLv3 flush data May 1 10:48:51 emaildev imapd[16761]: SSL_accept:SSLv3 read client key exchange A May 1 10:48:51 emaildev imapd[16761]: SSL_accept:SSLv3 read finished A May 1 10:48:51 emaildev imapd[16761]: SSL_accept:SSLv3 write change cipher spec A May 1 10:48:51 emaildev imapd[16761]: SSL_accept:SSLv3 write finished A May 1 10:48:51 emaildev imapd[16761]: SSL_accept:SSLv3 flush data May 1 10:48:51 emaildev imapd[16761]: starttls: TLSv1 with cipher DES-CBC3-SHA (192/192 bits) no authentication ... Here it is connecting on port 143 and using STARTTLS: May 1 10:50:30 emaildev master[16775]: about to exec /usr/local/cyrus/bin/imapd May 1 10:50:30 emaildev service-imap[16775]: executed May 1 10:50:30 emaildev imapd[16775]: accepted connection May 1 10:50:30 emaildev imapd[16775]: starting TLS engine May 1 10:50:30 emaildev imapd[16775]: TLS engine: cannot load CA data May 1 10:50:30 emaildev imapd[16775]: setting up TLS connection May 1 10:50:30 emaildev imapd[16775]: SSL_accept:before/accept initialization May 1 10:50:30 emaildev imapd[16775]: SSL_accept:SSLv3 read client hello A May 1 10:50:30 emaildev imapd[16775]: SSL_accept:SSLv3 write server hello A May 1 10:50:30 emaildev imapd[16775]: SSL_accept:SSLv3 write certificate A May 1 10:50:30 emaildev imapd[16775]: SSL_accept:SSLv3 write certificate request A May 1 10:50:30 emaildev imapd[16775]: SSL_accept:SSLv3 write server done A May 1 10:50:30 emaildev imapd[16775]: SSL_accept:SSLv3 flush data May 1 10:50:30 emaildev imapd[16775]: SSL3 alert read:warning:no certificate May 1 10:50:30 emaildev imapd[16775]: SSL3 alert write:fatal:unexected_message May 1 10:50:30 emaildev imapd[16775]: SSL_accept:error in SSLv3 read client certificate B May 1 10:50:30 emaildev last message repeated 1 time May 1 10:50:30 emaildev imapd[16775]: STARTTLS failed: lmrmac2.ctd.ornl.gov[160.91.170.73] May 1 10:50:30 emaildev imapd[16775]: Connection reset by peer, closing connection May 1 10:50:30 emaildev master[5017]: process 16775 exited, status 0 -- Larry M. Rosenbaum [EMAIL PROTECTED] Bldg 4500-N, Room E-218 865 574-8155 phone PO Box 2008, MS 6271865 241-4000 fax Oak Ridge, TN 37831-6271 Oak Ridge National Laboratory, Network Computing Services group
Can't find com_err.h
I'm trying to compile cyrus-imapd-2.0.13 on a Redhat 6.2.3 system and am running into the following problem. The compilation is barfing while in ../cyrus-imapd-2.0.13/imap with the complaint that com_err.h can't be found. Can anyone give me a clue here? I don't find this header file on ANY of our Redhat systems. I tried 2.0.12 but had the same problem. I have compiled 2.0.12 successfully before, so this has me scratching my head. Thanks for any help. -- Rolfe Tessem| Lucky Duck Productions, Inc. [EMAIL PROTECTED] | 96 Morton Street (212) 463-0029 | New York, NY 10014
Re: forking problem and SleepyCat
Spark [EMAIL PROTECTED] writes: Maybe somebody can comeup with change to the code that can implement this?? ok, the change is in cvs. I also included a diff below. Please let us know if this makes things any better (or worse). Walter === RCS file: /afs/andrew.cmu.edu/system/cvs/src/cyrus/lib/cyrusdb_db3.c,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- cyrusdb_db3.c 2001/01/02 05:53:47 1.16 +++ cyrusdb_db3.c 2001/05/01 18:31:45 1.17 @@ -91,12 +91,14 @@ static int init(const char *dbdir, int myflags) { -int r; +int r, do_retry = 1; int flags = 0; assert(!dbinit); -if (myflags CYRUSDB_RECOVER) flags |= DB_RECOVER; +if (myflags CYRUSDB_RECOVER) { + flags |= DB_RECOVER | DB_CREATE; +} if ((r = db_env_create(dbenv, 0)) != 0) { syslog(LOG_ERR, DBERROR: db_appinit failed: %s, db_strerror(r)); @@ -130,7 +132,8 @@ #endif /* what directory are we in? */ -flags |= DB_CREATE | DB_INIT_LOCK | DB_INIT_MPOOL | + retry: +flags |= DB_INIT_LOCK | DB_INIT_MPOOL | DB_INIT_LOG | DB_INIT_TXN; #if DB_VERSION_MINOR 0 r = dbenv-open(dbenv, dbdir, flags, 0644); @@ -138,6 +141,26 @@ r = dbenv-open(dbenv, dbdir, NULL, flags, 0644); #endif if (r) { +if (do_retry (r == ENOENT)) { + /* Per sleepycat Support Request #3838 reporting a performance problem: + + Berkeley DB only transactionally protects the open if you're + doing a DB_CREATE. Even if the Cyrus application is opening + the file read/write, we don't need a transaction. I see + from their source that they are always specifying DB_CREATE. + I bet if they changed it to not specifying CREATE and only + creating if necessary, the problem would probably go away. + +Given that in general the file should exist, we optimize the most +often case: the file exists. So, we add DB_CREATE only if we fail +to open the file and thereby avoid doing a stat(2) needlessly. Sure, it +should be cached by why waste the cycles anyway? + */ + flags |= DB_CREATE; + do_retry = 0; + goto retry; +} + syslog(LOG_ERR, DBERROR: dbenv-open '%s' failed: %s, dbdir, db_strerror(r)); return CYRUSDB_IOERROR;