Next message: Aleksandar Milivojevic: "Re: Can't create/move mailboxes in cyrus-murder configuration"
I'm experimenting with cyrus-murder. Made simple configuration (as
described in documentation). I can access mailboxes from frontends, so
that part is working.
However, I can't move mailboxes between two backends (using cyradm on
frontend). Same thing if I attempt to create mailbox from frontend
(however, I can create it on backend directly). For the later (mailbox
creation), I found conflicting information that it must be done from
frontends in some howtos, and that it must be done from backends in
others.
The test config I have basically looks like this. Two frontends, two
backends. First frontend is also mupdate master. Using RHEL4 packaged
cyrus-imapd 2.2.12.
On frontends, imapd.conf looks like this:
admins: cyrus murder
# How to get to mupdate master
mupdate_server: frontend1.milivojevic.org
mupdate_port: 3905
mupdate_authname: murder
mupdate_username: murder
mupdate_password: foobar
# How to get to backends
proxy_authname: murder
backend1_password: foobar
backend2_password: foobar
On Backends:
admins: cyrus
proxyservers: murder
# How to get to mupdate server
mupdate_server: frontend1.milivojevic.org
mupdate_port: 3905
mupdate_authname: murder
mupdate_username: murder
mupdate_password: foobar
# How to get to backends
# docs indicate this should be admin for mailbox moves to work?
proxy_authname: cyrus
backend1_password: foobar
backend2_password: foobar
The cyrus.conf file on backend is just the standard one. Nothing fancy
there. The only change is addition of 'mupdatepush cmd="ctl_mboxlist
-m"' to START section (as recommended in docs).
On the frontends, the SERVICES section looks like this. Frontend1 has
-m option for mupdate. Frontend2 doesn't have it.
SERVICES {
mupdate cmd="mupdate -m" listen=3905 prefork=1
imap cmd="proxyd" listen="imap" prefork=5
imaps cmd="proxyd -s" listen="imaps" prefork=1
pop3 cmd="pop3d" listen="pop3" prefork=3
pop3s cmd="pop3d -s" listen="pop3s" prefork=1
sieve cmd="timsieved" listen="sieve" prefork=0
lmtp cmd="lmtpproxyd" listen="/var/imap/socket/lmtp" prefork=0
}
When I connect to frontend1 (which is also master mupdate server), and
attempt to move mailbox (or create it), I can see in log files on the
backends that frontend connected and authenticated as user cyrus (and
that is all there is in log files). The commands I used were:
> rename user.foo user.foo backend2
renamemailbox: Operation is not supported on mailbox
> cm user.bar backend1
createmailbox: Permission denied
The log files on both backends show:
imap[30920]: accepted connection
master[31912]: about to exec /usr/lib/cyrus-imapd/imapd
imap[31912]: executed
imap[30920]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new)
no authentication
imap[30920]: login: frontend1.milivojevic.org [1.2.3.4] cyrus PLAIN+TLS
User logged in
On frontend I get:
imap[18381]: accepted connection
Fmaster[19098]: about to exec /usr/lib/cyrus-imapd/proxyd
imap[19098]: executed
imap[18381]: login: localhost.localdomain [127.0.0.1] cyrus plaintext
imap[18381]: Doing a peer verify
imap[18381]: verify error:num=18:self signed certificate
imap[18381]: received server certificate
imap[18381]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new)
no authentication
imap[18381]: Doing a peer verify
imap[18381]: verify error:num=18:self signed certificate
imap[18381]: received server certificate
imap[18381]: starttls: TLSv1 with cipher AES256-SHA (256/256 bits new)
no authentication
imap[18381]: PROTERR: end of file reached
master[18336]: process 18381 exited, status 0
The authentication is simplified for test environment. PLAIN and LOGIN
only, using saslauthd that reads /etc/shadow (all users exist on all
four servers, checked and rechecked that passwords are synced).
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
