Re: question on autch cache parameters
Fixed: http://hg.dovecot.org/dovecot-2.2/rev/b7f7ad2bc4d0
> On 05 Aug 2015, at 17:30, matthias lay wrote:
>
> Hi list,
>
> I have a question on auth caching in 2.2.18.
>
> I am using acl_groups for a master user, appended in a static userdb file
>
> # snip ###
> master@uma:{SHA}=::userdb_acl_groups=umareadmaster
> allow_nets=127.0.0.1
> # snap ###
>
> and use this group in a global ACL file.
> I discovered this only works on first NOT-cached login
>
>
>
> environment in imap-postlogin script on first login:
>
>
> AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c
> MASTER_USER=master@uma
> SPUSER=private/pdf
> LOCAL_IP=127.0.0.1
> USER=pdf
> AUTH_USER=master@uma
> PWD=/var/run/dovecot
> USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
> SHLVL=1
> HOME=/var/data/vmail/private/pdf
> ACL_GROUPS=umareadmaster
> IP=127.0.0.1
> _=/usr/bin/env
>
>
> on the second cached login it looks like this
>
>
> AUTH_TOKEN=12703b11932f233520f6d4b33559c33aeb1cfc7f
> MASTER_USER=master@uma
> SPUSER=private/pdf
> LOCAL_IP=127.0.0.1
> USER=pdf
> AUTH_USER=master@uma
> PWD=/var/run/dovecot
> USERDB_KEYS=HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
> SHLVL=1
> HOME=/var/data/vmail/private/pdf
> IP=127.0.0.1
> _=/usr/bin/env
>
> so the ACL_GROUPS is gone.
>
> is this intended to be like that.
> so groups not included in cache and I have to find another approach?
>
> anybody else encountered similar problems with some auth Variables and
> caching?
>
>
> Greetz Matze
Re: question on autch cache parameters[Bug]
hi again,
On Thu, 27 Aug 2015 14:37:59 +0300
Teemu Huovila wrote:
>
> However, I am unable to reproduce this. Could you post your doveconf
> -n please? Im especially interested in your passdb and userdb
> configurations and auth-cache settings.
>
just reproduced the bug with a fresh clean 2.2.18 install
ldap userdb an 2 masterusers with the ACL_GROUP attribut in passwd file
env output in imap-postlogin
first login:
AUTH_TOKEN=4adba75022f765fc3215ac5243337fd99adfdbf5
MASTER_USER=master2
SPUSER=private/johnd
LOCAL_IP=127.0.0.1
USER=johnd
AUTH_USER=master2
PWD=/run/dovecot
USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
SHLVL=1
HOME=/home/vmail/private/johnd
ACL_GROUPS=umareadmaster
IP=127.0.0.1
_=/usr/bin/env
logout and next login:
AUTH_TOKEN=83d7ede27b4fbc4de2abad58e84e65ac1073e4ec
MASTER_USER=master2
SPUSER=private/johnd
LOCAL_IP=127.0.0.1
USER=johnd
AUTH_USER=master2
PWD=/run/dovecot
USERDB_KEYS=HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
SHLVL=1
HOME=/home/vmail/private/johnd
IP=127.0.0.1
_=/usr/bin/env
##
% doveconf -n:
# 2.2.18: /etc/dovecot/dovecot.conf
# OS: Linux 3.12.44-gentoo x86_64 Gentoo Base System release 2.2
auth_cache_negative_ttl = 30 mins
auth_cache_size = 10 k
auth_master_user_separator = *
auth_use_winbind = yes
auth_username_chars =
auth_verbose = yes
log_path = /var/log/dovecot.log
mail_gid = vmail
mail_home = /home/vmail/private/%u
mail_location = maildir:~/Maildir:LAYOUT=fs:INBOX=~/Maildir/INBOX
mail_uid = vmail
namespace {
inbox = yes
location =
mailbox Sent {
auto = subscribe
special_use = \Sent
}
prefix =
separator = /
subscriptions = yes
type = private
}
namespace {
hidden = no
inbox = no
list = children
location =
maildir:/home/vmail/public/%%Lu/Maildir:LAYOUT=fs:INBOX=/home/vmail/public/%%Lu/Maildir/INBOX
prefix = public/%%u/ separator = /
subscriptions = no
type = shared
}
passdb {
args = /etc/dovecot/master-users1
driver = passwd-file
master = yes
}
passdb {
args = /etc/dovecot/master-users2
driver = passwd-file
master = yes
}
service auth {
unix_listener auth-client {
group =
mode = 0600
user = $default_internal_user
}
unix_listener auth-login {
group =
mode = 0600
user = $default_internal_user
}
unix_listener auth-master {
group =
mode = 0600
user = $default_internal_user
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = $default_internal_user
}
unix_listener login/login {
group =
mode = 0666
user = $default_internal_user
}
user = $default_internal_user
}
service imap-login {
inet_listener imap {
port = 143
}
}
service imap-postlogin {
executable = script-login /usr/libexec/dovecot/imap-postlogin
user = vmail
}
service imap {
executable = imap imap-postlogin
}
ssl_cert =
auth_master_user_separator = *
# Example master user passdb using passwd-file. You can use any passdb
though. passdb {
driver = passwd-file
master = yes
args = /etc/dovecot/master-users1
# Unless you're using PAM, you probably still want the destination
user to # be looked up from passdb that it really exists. pass=yes
does that. #pass = yes
}
passdb {
driver = passwd-file
master = yes
args = /etc/dovecot/master-users2
# Unless you're using PAM, you probably still want the destination
user to # be looked up from passdb that it really exists. pass=yes
does that. #pass = yes
}
###
% cat /etc/dovecot/master-users1
master1:{SHA}xxx=::userdb_acl_groups=umareadmaster
allow_nets=127.0.0.1
master2 is the same.
Greetz
Re: question on autch cache parameters
hi teemu,
thx for your reply.
the user is a masteruser that hast a static passwd file. this is where
the ACL_GROUPS is applied
cat /etc/dovecot/passwd.masteruser
master@uma:{SHA}ojN+jsbELZbRJeRb0qj9+MMjPUs=::userdb_acl_groups=umareadmaster
allow_nets=127.0.0.1
##
* the standard lookup method for users is ldap. only masterusers are in
static user/passdbs
* auth cache is enabled
I cant post my whole conf but will paste the parts you requested.
if its not enough for you to reproduce, I will setup a clean instance
and reproduce it there.
##
# 2.2.16: /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.7
# OS: Linux 3.15.10-dist i686
auth_cache_negative_ttl = 30 mins
auth_cache_size = 10 k
auth_master_user_separator = *
snip
default namespace: (maildir gets overwritten by ldap lookup on most
users)
namespace {
hidden = no
inbox = no
list = children
location =
maildir:/var/data/vmail/public/%%Lu/Maildir:LAYOUT=fs:INBOX=/var/data/vmail/public/%%Lu/Maildir/INBOX
prefix = public/%%u/ separator = /
subscriptions = no
type = shared
}
userdb {
args = uid=vmail gid=vmail home=/var/data/vmail/public/%Ln
driver = static
}
protocol imap {
imap_client_workarounds = tb-extra-mailbox-sep
mail_plugins = acl notify mailbox_alias imap_acl
ssl = yes
ssl_cert = wrote:
> Hello
>
> Thank you for your report. We really appreciate it, especially when
> you can pinpoint a commit.
>
> However, I am unable to reproduce this. Could you post your doveconf
> -n please? Im especially interested in your passdb and userdb
> configurations and auth-cache settings.
>
> br,
> Teemu Huovila
>
>
> On 08/06/2015 01:07 PM, matthias lay wrote:
> > hi timo,
> >
> > I checked out the commit causing this.
> >
> > its this one:
> >
> > http://hg.dovecot.org/dovecot-2.2/diff/5e445c659f89/src/auth/auth-request.c#l1.32
> >
> >
> > if I move this block back as it was. everything is fine
> >
> >
> > diff -r a46620d6e0ff -r 5e445c659f89 src/auth/auth-request.c
> > --- a/src/auth/auth-request.c Tue May 05 13:35:52 2015 +0300
> > +++ b/src/auth/auth-request.c Tue May 05 14:16:31 2015 +0300
> > @@ -618,30 +627,28 @@
> >auth_request_want_skip_passdb(request, next_passdb))
> > next_passdb = next_passdb->next;
> >
> > + if (*result == PASSDB_RESULT_OK) {
> > + /* this passdb lookup succeeded, preserve its
> > extra fields */
> > + auth_fields_snapshot(request->extra_fields);
> > + request->snapshot_have_userdb_prefetch_set =
> > + request->userdb_prefetch_set;
> > + if (request->userdb_reply != NULL)
> > +
> > auth_fields_snapshot(request->userdb_reply);
> > + } else {
> > + /* this passdb lookup failed, remove any extra
> > fields it set */
> > + auth_fields_rollback(request->extra_fields);
> > + if (request->userdb_reply != NULL) {
> > +
> > auth_fields_rollback(request->userdb_reply);
> > + request->userdb_prefetch_set =
> > +
> > request->snapshot_have_userdb_prefetch_set;
> > + }
> > + }
> > +
> > if (passdb_continue && next_passdb != NULL) {
> > /* try next passdb. */
> > request->passdb = next_passdb;
> > request->passdb_password = NULL;
> >
> > - if (*result == PASSDB_RESULT_OK) {
> > - /* this passdb lookup succeeded, preserve
> > its extra
> > - fields */
> > -
> > auth_fields_snapshot(request->extra_fields);
> > - request->snapshot_have_userdb_prefetch_set
> > =
> > - request->userdb_prefetch_set;
> > - if (request->userdb_reply != NULL)
> > -
> > auth_fields_snapshot(request->userdb_reply);
> > - } else {
> > - /* this passdb lookup failed, remove any
> > extra fields
> > - it set */
> > -
> > auth_fields_rollback(request->extra_fields);
> > - if (request->userdb_reply != NULL) {
> > -
> > auth_fields_rollback(request->userdb_reply);
> > - request->userdb_prefetch_set =
> > -
> > request->snapshot_have_userdb_prefetch_set;
> > - }
> > - }
> > -
> > if (*result == PASSDB_RESULT_USER_UNKNOWN) {
> > /* remember that we did at least one
> > successful passdb lookup */
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > On 08/05/2015 05:33 PM, matthias lay wrote:
> >> just tested against dovecot 2.2.15
> >>
> >> everythings works fine. so might be a bug introduced between
> >> 2.2.16 and 2.2.18
> >>
> >>
> >>
> >>
> >>
> >> On 08/05/2015 04:30 PM, matthias lay wrote:
> >>> Hi list,
> >>>
> >>> I have a question on auth caching in 2.2.18.
> >>>
> >>> I am using acl_groups for
Re: question on autch cache parameters
Hello
Thank you for your report. We really appreciate it, especially when you can
pinpoint a commit.
However, I am unable to reproduce this. Could you post your doveconf -n please?
Im especially interested in your passdb and
userdb configurations and auth-cache settings.
br,
Teemu Huovila
On 08/06/2015 01:07 PM, matthias lay wrote:
> hi timo,
>
> I checked out the commit causing this.
>
> its this one:
>
> http://hg.dovecot.org/dovecot-2.2/diff/5e445c659f89/src/auth/auth-request.c#l1.32
>
>
> if I move this block back as it was. everything is fine
>
>
> diff -r a46620d6e0ff -r 5e445c659f89 src/auth/auth-request.c
> --- a/src/auth/auth-request.c Tue May 05 13:35:52 2015 +0300
> +++ b/src/auth/auth-request.c Tue May 05 14:16:31 2015 +0300
> @@ -618,30 +627,28 @@
> auth_request_want_skip_passdb(request, next_passdb))
> next_passdb = next_passdb->next;
>
> + if (*result == PASSDB_RESULT_OK) {
> + /* this passdb lookup succeeded, preserve its extra fields */
> + auth_fields_snapshot(request->extra_fields);
> + request->snapshot_have_userdb_prefetch_set =
> + request->userdb_prefetch_set;
> + if (request->userdb_reply != NULL)
> + auth_fields_snapshot(request->userdb_reply);
> + } else {
> + /* this passdb lookup failed, remove any extra fields it set */
> + auth_fields_rollback(request->extra_fields);
> + if (request->userdb_reply != NULL) {
> + auth_fields_rollback(request->userdb_reply);
> + request->userdb_prefetch_set =
> + request->snapshot_have_userdb_prefetch_set;
> + }
> + }
> +
> if (passdb_continue && next_passdb != NULL) {
> /* try next passdb. */
> request->passdb = next_passdb;
> request->passdb_password = NULL;
>
> - if (*result == PASSDB_RESULT_OK) {
> - /* this passdb lookup succeeded, preserve its extra
> -fields */
> - auth_fields_snapshot(request->extra_fields);
> - request->snapshot_have_userdb_prefetch_set =
> - request->userdb_prefetch_set;
> - if (request->userdb_reply != NULL)
> - auth_fields_snapshot(request->userdb_reply);
> - } else {
> - /* this passdb lookup failed, remove any extra fields
> -it set */
> - auth_fields_rollback(request->extra_fields);
> - if (request->userdb_reply != NULL) {
> - auth_fields_rollback(request->userdb_reply);
> - request->userdb_prefetch_set =
> -
> request->snapshot_have_userdb_prefetch_set;
> - }
> - }
> -
> if (*result == PASSDB_RESULT_USER_UNKNOWN) {
> /* remember that we did at least one successful
> passdb lookup */
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> On 08/05/2015 05:33 PM, matthias lay wrote:
>> just tested against dovecot 2.2.15
>>
>> everythings works fine. so might be a bug introduced between 2.2.16 and
>> 2.2.18
>>
>>
>>
>>
>>
>> On 08/05/2015 04:30 PM, matthias lay wrote:
>>> Hi list,
>>>
>>> I have a question on auth caching in 2.2.18.
>>>
>>> I am using acl_groups for a master user, appended in a static userdb file
>>>
>>> # snip ###
>>> master@uma:{SHA}=::userdb_acl_groups=umareadmaster
>>> allow_nets=127.0.0.1
>>> # snap ###
>>>
>>> and use this group in a global ACL file.
>>> I discovered this only works on first NOT-cached login
>>>
>>>
>>>
>>> environment in imap-postlogin script on first login:
>>>
>>>
>>> AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c
>>> MASTER_USER=master@uma
>>> SPUSER=private/pdf
>>> LOCAL_IP=127.0.0.1
>>> USER=pdf
>>> AUTH_USER=master@uma
>>> PWD=/var/run/dovecot
>>> USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
>>> SHLVL=1
>>> HOME=/var/data/vmail/private/pdf
>>> ACL_GROUPS=umareadmaster
>>> IP=127.0.0.1
>>> _=/usr/bin/env
>>>
>>>
>>> on the second cached login it looks like this
>>>
>>>
>>> AUTH_TOKEN=12703b11932f233520f6d4b33559c33aeb1cfc7f
>>> MASTER_USER=master@uma
>>> SPUSER=private/pdf
>>> LOCAL_IP=127.0.0.1
>>> USER=pdf
>>> AUTH_USER=master@uma
>>> PWD=/var/run/dovecot
>>> USERDB_KEYS=HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
>>> SHLVL=1
>>> HOME=/var/data/vmail/private/pdf
>>> IP=127.0.0.1
>>> _=/usr/bin/env
>>>
>>> so the ACL_GROUPS is gone.
>>>
>>> is this intended to be like that.
>>> so groups not included in cache and I have to find another approach?
>>>
>>> anybody else encountered similar problems with some auth Variables and
>>> caching?
>>>
>>
Re: question on autch cache parameters
hi timo,
I checked out the commit causing this.
its this one:
http://hg.dovecot.org/dovecot-2.2/diff/5e445c659f89/src/auth/auth-request.c#l1.32
if I move this block back as it was. everything is fine
diff -r a46620d6e0ff -r 5e445c659f89 src/auth/auth-request.c
--- a/src/auth/auth-request.c Tue May 05 13:35:52 2015 +0300
+++ b/src/auth/auth-request.c Tue May 05 14:16:31 2015 +0300
@@ -618,30 +627,28 @@
auth_request_want_skip_passdb(request, next_passdb))
next_passdb = next_passdb->next;
+ if (*result == PASSDB_RESULT_OK) {
+ /* this passdb lookup succeeded, preserve its extra fields */
+ auth_fields_snapshot(request->extra_fields);
+ request->snapshot_have_userdb_prefetch_set =
+ request->userdb_prefetch_set;
+ if (request->userdb_reply != NULL)
+ auth_fields_snapshot(request->userdb_reply);
+ } else {
+ /* this passdb lookup failed, remove any extra fields it set */
+ auth_fields_rollback(request->extra_fields);
+ if (request->userdb_reply != NULL) {
+ auth_fields_rollback(request->userdb_reply);
+ request->userdb_prefetch_set =
+ request->snapshot_have_userdb_prefetch_set;
+ }
+ }
+
if (passdb_continue && next_passdb != NULL) {
/* try next passdb. */
request->passdb = next_passdb;
request->passdb_password = NULL;
- if (*result == PASSDB_RESULT_OK) {
- /* this passdb lookup succeeded, preserve its extra
- fields */
- auth_fields_snapshot(request->extra_fields);
- request->snapshot_have_userdb_prefetch_set =
- request->userdb_prefetch_set;
- if (request->userdb_reply != NULL)
- auth_fields_snapshot(request->userdb_reply);
- } else {
- /* this passdb lookup failed, remove any extra fields
- it set */
- auth_fields_rollback(request->extra_fields);
- if (request->userdb_reply != NULL) {
- auth_fields_rollback(request->userdb_reply);
- request->userdb_prefetch_set =
-
request->snapshot_have_userdb_prefetch_set;
- }
- }
-
if (*result == PASSDB_RESULT_USER_UNKNOWN) {
/* remember that we did at least one successful
passdb lookup */
On 08/05/2015 05:33 PM, matthias lay wrote:
> just tested against dovecot 2.2.15
>
> everythings works fine. so might be a bug introduced between 2.2.16 and
> 2.2.18
>
>
>
>
>
> On 08/05/2015 04:30 PM, matthias lay wrote:
>> Hi list,
>>
>> I have a question on auth caching in 2.2.18.
>>
>> I am using acl_groups for a master user, appended in a static userdb file
>>
>> # snip ###
>> master@uma:{SHA}=::userdb_acl_groups=umareadmaster
>> allow_nets=127.0.0.1
>> # snap ###
>>
>> and use this group in a global ACL file.
>> I discovered this only works on first NOT-cached login
>>
>>
>>
>> environment in imap-postlogin script on first login:
>>
>>
>> AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c
>> MASTER_USER=master@uma
>> SPUSER=private/pdf
>> LOCAL_IP=127.0.0.1
>> USER=pdf
>> AUTH_USER=master@uma
>> PWD=/var/run/dovecot
>> USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
>> SHLVL=1
>> HOME=/var/data/vmail/private/pdf
>> ACL_GROUPS=umareadmaster
>> IP=127.0.0.1
>> _=/usr/bin/env
>>
>>
>> on the second cached login it looks like this
>>
>>
>> AUTH_TOKEN=12703b11932f233520f6d4b33559c33aeb1cfc7f
>> MASTER_USER=master@uma
>> SPUSER=private/pdf
>> LOCAL_IP=127.0.0.1
>> USER=pdf
>> AUTH_USER=master@uma
>> PWD=/var/run/dovecot
>> USERDB_KEYS=HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
>> SHLVL=1
>> HOME=/var/data/vmail/private/pdf
>> IP=127.0.0.1
>> _=/usr/bin/env
>>
>> so the ACL_GROUPS is gone.
>>
>> is this intended to be like that.
>> so groups not included in cache and I have to find another approach?
>>
>> anybody else encountered similar problems with some auth Variables and
>> caching?
>>
>>
>> Greetz Matze
>>
>
Re: question on autch cache parameters
just tested against dovecot 2.2.15
everythings works fine. so might be a bug introduced between 2.2.16 and
2.2.18
On 08/05/2015 04:30 PM, matthias lay wrote:
> Hi list,
>
> I have a question on auth caching in 2.2.18.
>
> I am using acl_groups for a master user, appended in a static userdb file
>
> # snip ###
> master@uma:{SHA}=::userdb_acl_groups=umareadmaster
> allow_nets=127.0.0.1
> # snap ###
>
> and use this group in a global ACL file.
> I discovered this only works on first NOT-cached login
>
>
>
> environment in imap-postlogin script on first login:
>
>
> AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c
> MASTER_USER=master@uma
> SPUSER=private/pdf
> LOCAL_IP=127.0.0.1
> USER=pdf
> AUTH_USER=master@uma
> PWD=/var/run/dovecot
> USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
> SHLVL=1
> HOME=/var/data/vmail/private/pdf
> ACL_GROUPS=umareadmaster
> IP=127.0.0.1
> _=/usr/bin/env
>
>
> on the second cached login it looks like this
>
>
> AUTH_TOKEN=12703b11932f233520f6d4b33559c33aeb1cfc7f
> MASTER_USER=master@uma
> SPUSER=private/pdf
> LOCAL_IP=127.0.0.1
> USER=pdf
> AUTH_USER=master@uma
> PWD=/var/run/dovecot
> USERDB_KEYS=HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
> SHLVL=1
> HOME=/var/data/vmail/private/pdf
> IP=127.0.0.1
> _=/usr/bin/env
>
> so the ACL_GROUPS is gone.
>
> is this intended to be like that.
> so groups not included in cache and I have to find another approach?
>
> anybody else encountered similar problems with some auth Variables and
> caching?
>
>
> Greetz Matze
>
0x7BCC653A.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
question on autch cache parameters
Hi list,
I have a question on auth caching in 2.2.18.
I am using acl_groups for a master user, appended in a static userdb file
# snip ###
master@uma:{SHA}=::userdb_acl_groups=umareadmaster
allow_nets=127.0.0.1
# snap ###
and use this group in a global ACL file.
I discovered this only works on first NOT-cached login
environment in imap-postlogin script on first login:
AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c
MASTER_USER=master@uma
SPUSER=private/pdf
LOCAL_IP=127.0.0.1
USER=pdf
AUTH_USER=master@uma
PWD=/var/run/dovecot
USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
SHLVL=1
HOME=/var/data/vmail/private/pdf
ACL_GROUPS=umareadmaster
IP=127.0.0.1
_=/usr/bin/env
on the second cached login it looks like this
AUTH_TOKEN=12703b11932f233520f6d4b33559c33aeb1cfc7f
MASTER_USER=master@uma
SPUSER=private/pdf
LOCAL_IP=127.0.0.1
USER=pdf
AUTH_USER=master@uma
PWD=/var/run/dovecot
USERDB_KEYS=HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER
SHLVL=1
HOME=/var/data/vmail/private/pdf
IP=127.0.0.1
_=/usr/bin/env
so the ACL_GROUPS is gone.
is this intended to be like that.
so groups not included in cache and I have to find another approach?
anybody else encountered similar problems with some auth Variables and
caching?
Greetz Matze
