rename leaves the original mailbox

[Alexey Shilin]

Hi!

We have a murder configuration.

I am trying to rename a mailbox on a new linux-oel-based backend.


#
localhost> rename user/shilin102 user/shilin105

localhost> renamemailbox: Permission denied

localhost> sam user/shilin102 shilin all

localhost> rename user/shilin102 user/shilin105
localhost>
##

Looks like everything is OK, but user/shilin105 is alive and well. Messages
are deleted from /var/spool/imap/user/shilin102 directory, but cyrus.*
files are there.



Dec 12 11:53:30 blackish imap[26910]: Expunged 1 messages from
user.shilin102
Dec 12 11:53:31 blackish imap[26910]: error renaming
/var/lib/imap/sieve/s/shilin102 to /var/lib/imap/sieve/s/shilin105: No such
file or directory
Dec 12 11:53:31 blackish imap[26910]: Deleted mailbox user.shilin102.Sent
Dec 12 11:53:32 blackish imap[26910]: cannot unlink
/var/lib/imap/user/s/shilin102.mboxkey: No such file or directory



/etc/imapd.conf



allowusermoves: 1

#


etc/cyrus.conf

##

  mupdatepush   cmd="ctl_mboxlist -m"

##

localhost> version
name   : Cyrus IMAPD
version: v2.3.16-Fedora-RPM-2.3.16-6.el6_2.5 2010/01/06 17:01:32
vendor : Project Cyrus
support-url: http://cyrusimap.web.cmu.edu
os : Linux
os-version : 3.8.13-44.1.5.el6uek.x86_64
environment: Built w/Cyrus SASL 2.1.23
 Running w/Cyrus SASL 2.1.23
 Built w/Berkeley DB 4.7.25: (July 22, 2010)
 Running w/Berkeley DB 4.7.25: (September 12, 2013)
 Built w/OpenSSL 1.0.0-fips 29 Mar 2010
 Running w/OpenSSL 1.0.0-fips 29 Mar 2010
 Built w/zlib 1.2.3
 Running w/zlib 1.2.3
 CMU Sieve 2.3
 TCP Wrappers
 mmap = shared
 lock = fcntl
 nonblock = fcntl
 idle = poll

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: saslauthd question

[Andrew Morgan]

On Thu, 11 Dec 2014, Patrick Goetz wrote:

> On 12/11/2014 12:45 PM, Andrew Morgan wrote:
>> I only have PAM files for "imap", "lmtp", and "sieve"
>> although I have other service names for some of them.
>>
>
> I don't understand why you have PAM files for lmtp and sieve, but most
> particularly lmtp.  lmtpd is just a local daemon that transfers stuff
> from your smtp server to cyrus.  Are you running cyrus and smtpd on
> different servers?  If so, what does the PAM lmtp configuration look like?
>
> I don't know anything about sieve, but thought the filters where all
> internal, too; hence not in need of authentication.

We have multiple smtp servers that accept incoming mail plus we run a 
Cyrus Murder cluster.  There is a lot of lmtp over the network happening. 
:)

The PAM configuration for lmtp, sieve, and imap is identical (auth against 
LDAP).

Andy

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

idled vs. notifyd ?

[Patrick Goetz]

In my previous debian-based cyrus install idled was commented out in 
cyrus.conf, while the notifyd service was set to run.  Not knowing any 
better, I just left it like this.

Now that I'm going over the entire configuration in great detail, I find 
out that idled would be pretty useful thing to have running (since we 
use mostly the Thunderbird MUA, which supports IDLE), while I'm not even 
sure what notifyd does.

Any clues?


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: saslauthd question

[Simon Matter]

> On 12/11/2014 12:45 PM, Andrew Morgan wrote:
>> I only have PAM files for "imap", "lmtp", and "sieve"
>> although I have other service names for some of them.
>>
>
> I don't understand why you have PAM files for lmtp and sieve, but most
> particularly lmtp.  lmtpd is just a local daemon that transfers stuff
> from your smtp server to cyrus.  Are you running cyrus and smtpd on
> different servers?  If so, what does the PAM lmtp configuration look like?

If you do lmtp over the network, you may want to authenticate who can
deliver mails. Otherwise you can just use "lmtpd -a" if the environment is
considered secure.

>
> I don't know anything about sieve, but thought the filters where all
> internal, too; hence not in need of authentication.

Sieve rules have to be managed per user, and therefore you need
authentication. The server itself doesn't need to auth anything to run the
filters.

Regards,
Simon


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: saslauthd question

[Patrick Goetz]

On 12/11/2014 12:45 PM, Andrew Morgan wrote:
> I only have PAM files for "imap", "lmtp", and "sieve"
> although I have other service names for some of them.
>

I don't understand why you have PAM files for lmtp and sieve, but most 
particularly lmtp.  lmtpd is just a local daemon that transfers stuff 
from your smtp server to cyrus.  Are you running cyrus and smtpd on 
different servers?  If so, what does the PAM lmtp configuration look like?

I don't know anything about sieve, but thought the filters where all 
internal, too; hence not in need of authentication.


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: saslauthd question

[Dan White]

On 12/11/14 12:34 -0600, Patrick Goetz wrote:
>Surely someone on this list will know the answer to this question.
>
>Given sasl_pwcheck_method: saslauthd, with authentication mechanism=pam
>
>I'm trying to track down how saslauthd knows that the cyrus PAM service
>file is called imap; i.e. /etc/pam.d/imap.
>
>Is this just built in?  I can't find a configuration for it anywhere.

saslauthd receives the service name via the unix domain socket protocol
exchange - see the OVERVIEW section in saslauthd-main.c.

The glue layer (libsasl2) provides the service name to saslauthd based on
what it's given in the call to sasl_server_new (See the manpage). Cyrus
imapd hard codes the service names, and they are not configurable. Grep
through the cyrus imap source for that function call to determine which pam
file to configure for each service.

-- 
Dan White

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: saslauthd question

[Andrew Morgan]

On Thu, 11 Dec 2014, Patrick Boutilier wrote:

> On 12/11/2014 02:34 PM, Patrick Goetz wrote:
>> Surely someone on this list will know the answer to this question.
>> 
>> Given sasl_pwcheck_method: saslauthd, with authentication mechanism=pam
>> 
>> I'm trying to track down how saslauthd knows that the cyrus PAM service
>> file is called imap; i.e. /etc/pam.d/imap.
>> 
>> Is this just built in?  I can't find a configuration for it anywhere.
>> 
>> 
>> 
>> 
>> Cyrus Home Page: http://www.cyrusimap.org/
>> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
>> To Unsubscribe:
>> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
>> 
>
>
> Harcoded in imapd.c
>
> if (sasl_server_new("imap", config_servername 
>

I thought the PAM name was taken from the service name in /etc/cyrus.conf, 
but my own configuration seems to indicate that it must be hardcoded for 
each service.  I only have PAM files for "imap", "lmtp", and "sieve" 
although I have other service names for some of them.

I guess it's just the imapd.conf config variables that are allowed to be 
prefixed with the service name.

Andy

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: saslauthd question

[Patrick Boutilier]

On 12/11/2014 02:34 PM, Patrick Goetz wrote:

Surely someone on this list will know the answer to this question.

Given sasl_pwcheck_method: saslauthd, with authentication mechanism=pam

I'm trying to track down how saslauthd knows that the cyrus PAM service
file is called imap; i.e. /etc/pam.d/imap.

Is this just built in?  I can't find a configuration for it anywhere.




Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus




Harcoded in imapd.c

if (sasl_server_new("imap", config_servername 
<>
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

saslauthd question

[Patrick Goetz]

Surely someone on this list will know the answer to this question.

Given sasl_pwcheck_method: saslauthd, with authentication mechanism=pam

I'm trying to track down how saslauthd knows that the cyrus PAM service 
file is called imap; i.e. /etc/pam.d/imap.

Is this just built in?  I can't find a configuration for it anywhere.




Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus