authentication headaches
Hey everyone. I'm trying to set up a replacement server, moving from 2.0.17 to 2.2.6. The new machine is running FreeBSD 5.2.1 with the following (installed from ports): cyrus-imapd-2.2.6 cyrus-sasl-2.1.18_1 cyrus-sasl-saslauthd-2.1.18_2 The problem is that I am suddenly having a bear of a time getting authentication to work consistently. The current server running 2.0.17 answers plaintext on imap and imaps ports (143 and 993) and answers CRAM-MD5 as well. Problem is that Mutt and gkrellm work with CRAM-MD5 on SSL, and Netscape will only run plaintext on SSL. It appears that I still need to allow port 143 traffic because cyradm requires it, but I've no problem firewalling that off from the outside. Regardless, I'd really like to get CRAM-MD5 and plaintext over SSL (993) working for the same userid. It seems that now that I've logged in with plaintext, I can't do it with CRAM-MD5, because I keep getting this when I try: Jul 6 23:55:58 key2 imaps[6597]: starttls: SSLv2 with cipher DES-CBC3-MD5 (168/168 bits new) no authentication Jul 6 23:55:58 key2 imaps[6597]: Could not open db Jul 6 23:55:58 key2 imaps[6597]: Could not open db Jul 6 23:55:58 key2 imaps[6597]: no secret in database Jul 6 23:55:58 key2 imaps[6597]: badlogin: key2.keyslapper.org [10.8.20.7] CRAM-MD5 [SASL(-17): One time use of a plaintext password will enable requested mechanism for user: no secret in database] I still haven't figured out what database(s) imaps is trying to open, but I don't understand the last message either. When I go back to plaintext authentication, I get the following: Jul 6 23:57:36 key2 imaps[6598]: starttls: SSLv2 with cipher DES-CBC3-MD5 (168/168 bits new) no authentication Jul 6 23:57:36 key2 imaps[6598]: transitioning user leblanc to auxprop database Jul 6 23:57:36 key2 imaps[6598]: SASL error opening password file. Do you have write permissions? Jul 6 23:57:36 key2 imaps[6598]: Could not open db for write Jul 6 23:57:36 key2 imaps[6598]: setpass succeeded for leblanc Jul 6 23:57:36 key2 imaps[6598]: login: key2.keyslapper.org [10.8.20.7] leblanc plaintext+TLS User logged in So that works fine, but it still has problems opening a database. imapd is running as cyrus, but saslauthd is running as root. the sasldb2.db file is owned by root:wheel, and is set with no group access. Do I need to make the file group writeable? I thought the saslauthd process did the actual checking? And what is meant by "setpass succeeded"? This whole thing is driving me nuts. Personally, I'd just as soon have one single authentication point. Because of the way mail is filtered prior to delivery to the imap mailbox, every user (all of about 4 ids) will have a unix login anyway, but is it even possible to get CRAM-MD5 authentication using pwcheck in the backend? This system will be running samba, which has it's own authentication mechanism, but at least that can be tied to the /etc/passwd database. Is there anyway to tie imap authentication (with CRAM-MD5) to it as well? Thanks in advance. Lou -- Louis LeBlanc [EMAIL PROTECTED] Fully Funded Hobbyist, KeySlapper Extrordinaire :) http://www.keyslapper.org ԿԬ Fifth Law of Procrastination: Procrastination avoids boredom; one never has the feeling that there is nothing important to do. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: High availability ... again
The cyrus/replication would be amazing. Application level replication seems to be the best option if the setup is straight forward. How would we indicate our interest to the development team? How are updates and future development project priorities decided? Kevin > Hi, > > Etienne Goyer wrote: > >> Regarding IMAP replication, I have not found much but >> the work of >> David Carter at >> http://www-uxsup.csx.cam.ac.uk/~dpc22/cyrus/replication.html >> seem >> interesting. As far as I can tell, source to this >> implementation and >> current status are not available. Does somebody on the >> list use this >> solution or a similar one and could comment and the >> practicality of it >> ? Perhap M. Carter (if you read the list) could give us >> a status >> update for his particuliar project ? > > Interesting: this seems to do exacly what I was looking > for earlier, and > what many people do now with rsync or unison kind of > things. > I see that "The code has however been submitted back to > the Cyrus > maintainers." - as far as I'm concerned it would be a > valuable addition > to cyrus! (Or any other good (uni or bidirectional) > software spool > replication ;-)) > > Paul > > --- > Cyrus Home Page: http://asg.web.cmu.edu/cyrus > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu > List Archives/Info: > http://asg.web.cmu.edu/cyrus/mailing-list.html > --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: encoded packet size too big
On Tue, 6 Jul 2004, Rob Siemborski wrote: > On Tue, 6 Jul 2004, Andreas wrote: > > > Here I applied only the patch at the bugzilla entry below in order to fix the > > problem > > (cyrus-sasl-2.1.18): > > > > https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2457 > > This patch corresponds to revision 1.88. I'll have a closer look at the > changes in 1.89. After talking with Sam Hartman, it became apparent that MIT gets the implementation of gss_wrap_size_limit right and Heimdal gets it oh...so...wrong. I've committed a patch that should make this work in both cases, however. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
unable to login
Hello list, I have a Debian sid test machine running postfix 2.1.3/cyrus21+sasl. This used to work just fine, now this is what I get in /var/log/mail.log: Jul 6 23:58:32 mail cyrus/master[2205]: about to exec /usr/lib/cyrus/bin/imapd Jul 6 23:58:32 mail cyrus/imap[2205]: executed Jul 6 23:58:32 mail cyrus/imapd[2205]: accepted connection Jul 6 23:58:32 mail cyrus/imapd[2205]: badlogin: localhost[127.0.0.1] plaintext dudi SASL(-13): user not found: checkpass failed But: mail:~# testsaslauthd -u dudi -p my_password 0: OK "Success." mail:~# My /etc/imapd.conf has allowplaintext: yes and sasl_mech_list: PLAIN LOGIN as it should. Any hint what to look for? TIA Dudi
Re: encoded packet size too big
On Tue, 6 Jul 2004, Andreas wrote: Here I applied only the patch at the bugzilla entry below in order to fix the problem (cyrus-sasl-2.1.18): https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2457 This patch corresponds to revision 1.88. I'll have a closer look at the changes in 1.89. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: High availability ... again
Hi, Etienne Goyer wrote: Regarding IMAP replication, I have not found much but the work of David Carter at http://www-uxsup.csx.cam.ac.uk/~dpc22/cyrus/replication.html seem interesting. As far as I can tell, source to this implementation and current status are not available. Does somebody on the list use this solution or a similar one and could comment and the practicality of it ? Perhap M. Carter (if you read the list) could give us a status update for his particuliar project ? Interesting: this seems to do exacly what I was looking for earlier, and what many people do now with rsync or unison kind of things. I see that "The code has however been submitted back to the Cyrus maintainers." - as far as I'm concerned it would be a valuable addition to cyrus! (Or any other good (uni or bidirectional) software spool replication ;-)) Paul --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: encoded packet size too big
On Tue, Jul 06, 2004 at 08:21:13PM +0200, Jukka Salmi wrote: > Hi, > > the recent changes to plugins/gssapi.c between revisions 1.88 and 1.89 [2] > made the problem come back after it was solved by applying the diff between > 1.84 and 1.85. > > In short: using rev. 1.88 works fine for me; however, with rev. 1.89 > uploading sieve scripts larger than 4000 bytes fails with > > sieve[8083]: encoded packet size too big (4163 > 4096) Here I applied only the patch at the bugzilla entry below in order to fix the problem (cyrus-sasl-2.1.18): https://bugzilla.andrew.cmu.edu/show_bug.cgi?id=2457 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Open file limits
AJ wrote: Hi, Can anyone share experiences with running out of open files on Linux? I am using a 2.4.26 kernel, and the system wide open file limit is rather large. Do I need to set anything other than this? The default limit of 1024 is in effect for both cyrus and root. Thanks. AJ # cat /proc/sys/fs/file-nr 25301 109265532 The three numbers represent allocated filehandles, free fh, and max fh. If cyrus needs more filehandles than max fh, the kernel will refuse to give it any more, and you will get a "too many open files" error. The above numbers are from a system with 375 concurrent imapd processes. If allocated fh starts getting close to max fh, you need to increase the max. The RedHat default max is pretty low (8192), at least it was when I was running Cyrus on RedHat boxes (RH 7.2, 7.3). Maybe they've changed the default since then. On Debian Woody systems, you have a little more room by default (32768). This will all become moot with the 2.6 kernel, but I'm not ready to run 2.6 on my production mail server yet. :-) Add something like this to a boot script: echo 65536 > /proc/sys/fs/file-max -Jules --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html -- Jules Agee System Administrator Pacific Coast Feather Co. [EMAIL PROTECTED] x284 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: encoded packet size too big
Hi, the recent changes to plugins/gssapi.c between revisions 1.88 and 1.89 [2] made the problem come back after it was solved by applying the diff between 1.84 and 1.85. In short: using rev. 1.88 works fine for me; however, with rev. 1.89 uploading sieve scripts larger than 4000 bytes fails with sieve[8083]: encoded packet size too big (4163 > 4096) Regards, Jukka [2] https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/gssapi.c.diff?r1=1.88&r2=1.89 Jukka Salmi --> info-cyrus (2004-07-05 15:58:28 +0200): > Jukka Salmi --> info-cyrus (2004-07-01 23:33:16 +0200): > > When authenticating with GSSAPI I can't upload Sieve script larger > > than about 4k bytes: > > To be more accurate, it's "larger than 4000 bytes". > > > > sieve[7228]: encoded packet size too big (4107 > 4096) > > Applying [1] solved my problem... [...] > [1] > https://bugzilla.andrew.cmu.edu/cgi-bin/cvsweb.cgi/src/sasl/plugins/gssapi.c.diff?r1=1.84&r2=1.85 -- bashian roulette: $ ((RANDOM%6)) || rm -rf ~ --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Vanishing quota information
> Simon Matter wrote: > >> >>Update: >>Just found out they are also vanishing without running quota -f. Just >>normal operation. > >Just to clarify, do you mean normal operation of the quota command (no >-f option), or normal operation of the server? I mean normal operation of the server, no quota call involved. The affected mailboxes are just randmon, it happens now and then and I don't see anything in the logs (I don't have extensive logging enabled on this production server). It's really difficult to find a way to reproduce it - at least now I don't know how. >>> >>>So this problem has magically gone away? >> >> >> No, not really. >> There were two independant quota bugs in my cyrus-imapd rpms. The first >> was from the cyrus-imapd sources, which you have fixed in CVS and I >> included the patch into the rpms. The second was in a patch I include in >> the rpms which is not part of the cyrus distribution. This patch has >> also >> been fixed by it's author and I updated the rpms this morning. In the >> end >> everything seems to work fine now. > > Which patch is this? It's the deletemailbox+rmquota patch which has already been discussed on this list. --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
sieve vacation and lmtp
Hello All, I've installed the following applications: cyrus-imapd-2.2.3 cyrus-sasl-2.1.18 postfix-2.0.18-20040205 with TLS openLDAP, amavisd-new, clamav, spamassassin. on a FreeBSD 5.2. I need to use the vacation on sieve, and I can't do it working. no vacation messages were received somewhere, I read that vacation feature need lmtp to work, no pipe ! also I've modified the /etc/postfix/master.cf (I left in comments the actual parameters) (See part of master.cf, next) With this config I got some warning messages in the logs (see maillog, next) and delivery, out of order! Questions: What can be wrong ? is there a conflict with the lmtp connection to amavis ? Perhaps, lmtp is not necessary ? Of course, I could send more informations on demand Thanks in advance for your responses Philippe master.cf ... lmtp unix - - n - - lmtp .. smtp-amavis unix - - n - 2 lmtp -o smtp_data_done_timeout=1200 .. #cyrus unix - n n - - pipe # user=cyrus argv=/usr/local/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user} cyrus unix - n n - - lmtp user=cyrus argv=/usr/local/cyrus/bin/deliver -l /var/log/maillog Jul 6 13:02:25 idefix3 postfix/qmgr[88094]: BF2B12849B: from=<[EMAIL PROTECTED]>, size=923, nrcpt=1 (queue active) Jul 6 13:02:25 idefix3 postfix/lmtp[88118]: 83D7228496: to=<[EMAIL PROTECTED]>, orig_to=, relay=127.0.0.1[1 27.0.0.1], delay=6, status=sent (250 2.6.0 Ok, id=87547-05, from MTA: 250 Ok: queued as BF2B12849B) Jul 6 13:02:25 idefix3 postfix/qmgr[88094]: 83D7228496: removed Jul 6 13:02:25 idefix3 postfix/lmtp[88122]: fatal: unexpected command-line argument: user=cyrus Jul 6 13:02:26 idefix3 postfix/local[88121]: warning: premature end-of-input on private/cyrus socket while reading in put attribute name Jul 6 13:02:26 idefix3 postfix/master[582]: warning: process /usr/libexec/postfix/lmtp pid 88122 exit status 1 Jul 6 13:02:26 idefix3 postfix/local[88121]: warning: private/cyrus socket: malformed response Jul 6 13:02:26 idefix3 postfix/master[582]: warning: /usr/libexec/postfix/lmtp: bad command startup -- throttling --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: What is the fulldirhash algorithm??
Unfortunately, they're not. Howver, Gary Mills sent me a snippet of perl code (thank you Gary!) that implements the algorithm and will do the trick. -- Rob --On Tuesday, July 06, 2004 12:27:59 PM -0400 Ken Murchison <[EMAIL PROTECTED]> wrote: > Rob Tanner wrote: > > > I need to move a number of mailboxes onto a system runng Cyrus IMAP4 > > v2.2.3 with fulldirhash. > > If both servers are running 2.2, then you can move mailboxes between servers > using the cyradm XFER command and not have to worry about doing things by > hand. > > -- > Kenneth Murchison Oceana Matrix Ltd. > Software Engineer 21 Princeton Place > 716-662-8973 x26 Orchard Park, NY 14127 > --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp > -- Rob Tanner UNIX Services Manager Linfield College, McMinnville OR --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Open file limits
Right now 2.2.3, but I am looking to either stay with that or go to 2.2.7 when it's released. Thanks. AJ Quoting Rob Siemborski <[EMAIL PROTECTED]>: On Mon, 5 Jul 2004, AJ wrote: Hi, Can anyone share experiences with running out of open files on Linux? I am using a 2.4.26 kernel, and the system wide open file limit is rather large. Do I need to set anything other than this? The default limit of 1024 is in effect for both cyrus and root. What version of cyrus are you running? -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Open file limits
On Mon, 5 Jul 2004, AJ wrote: > Hi, >Can anyone share experiences with running out of open files on Linux? > I am using a 2.4.26 kernel, and the system wide open file limit is > rather large. Do I need to set anything other than this? The default > limit of 1024 is in effect for both cyrus and root. I put the following into my /etc/init.d/cyrus startup script: # Crank up the file limits ulimit -n 209708 ulimit -u 2048 Andy --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: What is the fulldirhash algorithm??
Rob Tanner wrote: I need to move a number of mailboxes onto a system runng Cyrus IMAP4 v2.2.3 with fulldirhash. If both servers are running 2.2, then you can move mailboxes between servers using the cyradm XFER command and not have to worry about doing things by hand. -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: What is the fulldirhash algorithm??
On Tue, Jul 06, 2004 at 08:08:19AM -0700, Rob Tanner wrote: > >I need to move a number of mailboxes onto a system runng Cyrus IMAP4 >v2.2.3 with fulldirhash. Adding them to the mailboxes database is not >a problem. But what I need to know is where to put them, and that's >decided by the hashing algorithm. I could probably figure it out by >digging through the source code, but if someone could lay it out in a >sentence or two, that would save me oodles of time, and I'd appreciate >it. The best way to do this is to do it through IMAP, and let the server calculate the hash characters and update various databases. However, here's a bit of perl that describes the full hash algorithm: $n = 0; foreach my $b (split(/ */, $name)) { $n = (($n << 3) ^ ($n >> 5)) ^ ord($b); } $h = chr(ord('A') + ($n % 23)); -- -Gary Mills--Unix Support--U of M Academic Computing and Networking- --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Vanishing quota information
Simon Matter wrote: Update: Just found out they are also vanishing without running quota -f. Just normal operation. Just to clarify, do you mean normal operation of the quota command (no -f option), or normal operation of the server? I mean normal operation of the server, no quota call involved. The affected mailboxes are just randmon, it happens now and then and I don't see anything in the logs (I don't have extensive logging enabled on this production server). It's really difficult to find a way to reproduce it - at least now I don't know how. So this problem has magically gone away? No, not really. There were two independant quota bugs in my cyrus-imapd rpms. The first was from the cyrus-imapd sources, which you have fixed in CVS and I included the patch into the rpms. The second was in a patch I include in the rpms which is not part of the cyrus distribution. This patch has also been fixed by it's author and I updated the rpms this morning. In the end everything seems to work fine now. Which patch is this? -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: What is the fulldirhash algorithm??
Rob Tanner wrote: I need to move a number of mailboxes onto a system runng Cyrus IMAP4 v2.2.3 with fulldirhash. Adding them to the mailboxes database is not a problem. But what I need to know is where to put them, and that's decided by the hashing algorithm. I could probably figure it out by digging through the source code, but if someone could lay it out in a sentence or two, that would save me oodles of time, and I'd appreciate it. Take a look at dir_hash_c() in either lib/util.c or tools/rehash -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
What is the fulldirhash algorithm??
I need to move a number of mailboxes onto a system runng Cyrus IMAP4 v2.2.3 with fulldirhash. Adding them to the mailboxes database is not a problem. But what I need to know is where to put them, and that's decided by the hashing algorithm. I could probably figure it out by digging through the source code, but if someone could lay it out in a sentence or two, that would save me oodles of time, and I'd appreciate it. Thanks, Rob -- Rob Tanner UNIX Services Manager Linfield College, McMinnville OR
Re: ANNOTATEMORE Patch submission
On Mon, 5 Jul 2004, Stephan Buys wrote: The second patch is optional, and more of a suggestion from the Kolab developers. This will add support for /vendor/* to ANNOTATEMORE. Maybe it is worthwhile considering this option, it should not have any foreseeable negative impact on the server, and going forward it would add a lot of flexibility to the ANNOTAMORE function, thus speeding up adoption thereoff. Please attach this to our bugzilla. I don't have time to review it thouroughly now and I don't want it to get lost. We're not going to commit the first patch, this should just be fixed the right way. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Cyradm from cyrus-imapd-2.2.6 - compile error
I found a solution: In cyrus-imapd-2.2.6/perl/imap/Makefile.PL replace the line: my $SASL_LIB = $ENV{SASL_LIB} || "-lsasl2"; with my $SASL_LIB = $ENV{SASL_LIB} || "-lsasl2 -ldb"; and then recomplile. I had this problem with some past versions so I belive a patch could be included. victor wrote: I try: "cd /home/victor/mail/cyrus-imapd-2.2.6/perl/imap" "perl Makefile.PL" "make" and when I do "make test" the error is: "Can't load '/home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so' " "IMAP.so: undefined symbol: db_version"... The detailed error is down here. Thank you. rm -f blib/arch/auto/Cyrus/IMAP/IMAP.so LD_RUN_PATH="" gcc -shared -L/usr/local/lib IMAP.o -o blib/arch/auto/Cyrus/IMAP/IMAP.so ../../lib/libcyrus.a ../../lib/libcyrus_min.a -lsasl2 -lssl -lcrypto chmod 755 blib/arch/auto/Cyrus/IMAP/IMAP.so PERL_DL_NONLAZY=1 /usr/bin/perl5.8.3 "-MExtUtils::Command::MM" "-e" "test_harness(0, 'blib/lib', 'blib/arch')" t/*.t t/01-imclientCan't load '/home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so' for module Cyrus::IMAP: /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so: undefined symbol: db_version at /usr/lib/perl5/5.8.3/i386-linux-thread-multi/DynaLoader.pm line 229. at t/01-imclient.t line 51 Compilation failed in require at t/01-imclient.t line 51. BEGIN failed--compilation aborted at t/01-imclient.t line 51. t/01-imclientdubious Test returned status 255 (wstat 65280, 0xff00) Scalar found where operator expected at (eval 153) line 1, near "'int' $__val" (Missing operator before $__val?) t/02-admin...Can't load '/home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so' for module Cyrus::IMAP: /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so: undefined symbol: db_version at /usr/lib/perl5/5.8.3/i386-linux-thread-multi/DynaLoader.pm line 229. at /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/lib/Cyrus/IMAP/Admin.pm line 44 Compilation failed in require at /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/lib/Cyrus/IMAP/Admin.pm line 44. BEGIN failed--compilation aborted at /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/lib/Cyrus/IMAP/Admin.pm line 44. Compilation failed in require at t/02-admin.t line 51. BEGIN failed--compilation aborted at t/02-admin.t line 51. t/02-admin...dubious Test returned status 255 (wstat 65280, 0xff00) FAILED--2 test scripts could be run, alas--no output ever seen make: *** [test_dynamic] Error 255 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Open file limits
On Mon, 5 Jul 2004, AJ wrote: Hi, Can anyone share experiences with running out of open files on Linux? I am using a 2.4.26 kernel, and the system wide open file limit is rather large. Do I need to set anything other than this? The default limit of 1024 is in effect for both cyrus and root. What version of cyrus are you running? -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Vanishing quota information
> Simon Matter wrote: >>>Simon Matter wrote: >>> >>> >>>Simon Matter wrote: >>> >>> q2:open("/var/spool/imap/q/user/442vk/Drafts/cyrus.header", O_RDWR) = 4 q2:open("/var/spool/imap/q/user/442vk/Sent/cyrus.header", O_RDWR) = 4 q2:open("/var/spool/imap/q/user/442vk/Trash/cyrus.header", O_RDWR) = 4 q2:open("/var/lib/imap/quota/q/user.442vk", O_RDWR) = 736 q2:stat64("/var/lib/imap/quota/q/user.442vk", {st_mode=S_IFREG|0600, st_size=15, ...}) = 0 q2:unlink("/var/lib/imap/quota/q/user.442vk") = 0 Any ideas? >>> >>> >>>I believe we have fixed both issues in CVS. You need to fetch the >>>latest lib/cyrusdb_quotalegacy.c and imap/quota.c >> >>Thank you very much, my most affected server seems to run fine now >> with >>the patches. > >Hmm, quota are still vanishing again when running quota -f. So it > seems >there is still something wrong. Update: Just found out they are also vanishing without running quota -f. Just normal operation. >>> >>>Just to clarify, do you mean normal operation of the quota command (no >>>-f option), or normal operation of the server? >> >> >> I mean normal operation of the server, no quota call involved. >> The affected mailboxes are just randmon, it happens now and then and I >> don't see anything in the logs (I don't have extensive logging enabled >> on >> this production server). It's really difficult to find a way to >> reproduce >> it - at least now I don't know how. > > So this problem has magically gone away? No, not really. There were two independant quota bugs in my cyrus-imapd rpms. The first was from the cyrus-imapd sources, which you have fixed in CVS and I included the patch into the rpms. The second was in a patch I include in the rpms which is not part of the cyrus distribution. This patch has also been fixed by it's author and I updated the rpms this morning. In the end everything seems to work fine now. Simon --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Cyradm from cyrus-imapd-2.2.6 - compile error
I try: "cd /home/victor/mail/cyrus-imapd-2.2.6/perl/imap" "perl Makefile.PL" "make" and when I do "make test" the error is: "Can't load '/home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so' " "IMAP.so: undefined symbol: db_version"... The detailed error is down here. Thank you. rm -f blib/arch/auto/Cyrus/IMAP/IMAP.so LD_RUN_PATH="" gcc -shared -L/usr/local/lib IMAP.o -o blib/arch/auto/Cyrus/IMAP/IMAP.so ../../lib/libcyrus.a ../../lib/libcyrus_min.a -lsasl2 -lssl -lcrypto chmod 755 blib/arch/auto/Cyrus/IMAP/IMAP.so PERL_DL_NONLAZY=1 /usr/bin/perl5.8.3 "-MExtUtils::Command::MM" "-e" "test_harness(0, 'blib/lib', 'blib/arch')" t/*.t t/01-imclientCan't load '/home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so' for module Cyrus::IMAP: /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so: undefined symbol: db_version at /usr/lib/perl5/5.8.3/i386-linux-thread-multi/DynaLoader.pm line 229. at t/01-imclient.t line 51 Compilation failed in require at t/01-imclient.t line 51. BEGIN failed--compilation aborted at t/01-imclient.t line 51. t/01-imclientdubious Test returned status 255 (wstat 65280, 0xff00) Scalar found where operator expected at (eval 153) line 1, near "'int' $__val" (Missing operator before $__val?) t/02-admin...Can't load '/home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so' for module Cyrus::IMAP: /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/arch/auto/Cyrus/IMAP/IMAP.so: undefined symbol: db_version at /usr/lib/perl5/5.8.3/i386-linux-thread-multi/DynaLoader.pm line 229. at /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/lib/Cyrus/IMAP/Admin.pm line 44 Compilation failed in require at /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/lib/Cyrus/IMAP/Admin.pm line 44. BEGIN failed--compilation aborted at /home/victor/mail/cyrus-imapd-2.2.6/perl/imap/blib/lib/Cyrus/IMAP/Admin.pm line 44. Compilation failed in require at t/02-admin.t line 51. BEGIN failed--compilation aborted at t/02-admin.t line 51. t/02-admin...dubious Test returned status 255 (wstat 65280, 0xff00) FAILED--2 test scripts could be run, alas--no output ever seen make: *** [test_dynamic] Error 255 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Importing mbox to Cyrus
On Sun, 4 Jul 2004, Allen Unueco wrote: > I have just installed Cyrus IMAP for the first time, everything went > very smoothly and I was up and running any major problems. > > I'm moving from a mbox based mail system to Cyrus and I'm having some > difficulty moving the old mail. > > I've found a few mbox2imap scripts and but none of them work completely. > The one from http://teyandei.net/projects worked the best, but on the > two large mbox files I've tried both exited out with an error during > imap.append() claiming the email had a bad header. I wish I could get > some more detailed info regarding the 'bad header' but thats all I get. > > I'm starting the think that the mbox, some which are quite old, may have been > muddied up by email clients over the years. > > I've seen headers (Status, X-Status,X-Keywords,X-UID,X-Sender-Ip) in the > middle of emails and other strange things. Mozilla/Thunderbird were > totally happy with these mbox files and I'm not sure how some of these > things were introduced. > > One of my thoughts was to clean the mbox files. I was working on some > scripts to remove the 'funny' things I've found. And was just wondering > if perhaps someone else has gone through this same process and might > know of some good tools to use. > > Has anyone had these problems before? What is the best way to bring > legacy email into Cyrus? Anyone know of some good mbox repair/cleaning > tools? Allen, In attempting a similar process, I'm using the "formail" program from the procmail distribution to clean up mailboxes when I get that error. The syntax is pretty simple: mv mbox mbox.bad ; /usr/local/bin/formail -ds < mbox.bad > mbox Then I use mailutil from the pine distribution like: mailutil copy|append /path/to/username.mboxfile \ {cyrus-server/novalidate-cert/authuser=admin/user=user}user.username I'm sure it's not fool proof, but it has done an OK job for me so far. Good luck. -- Andrew --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Vanishing quota information
Simon Matter wrote: Simon Matter wrote: Simon Matter wrote: q2:open("/var/spool/imap/q/user/442vk/Drafts/cyrus.header", O_RDWR) = 4 q2:open("/var/spool/imap/q/user/442vk/Sent/cyrus.header", O_RDWR) = 4 q2:open("/var/spool/imap/q/user/442vk/Trash/cyrus.header", O_RDWR) = 4 q2:open("/var/lib/imap/quota/q/user.442vk", O_RDWR) = 736 q2:stat64("/var/lib/imap/quota/q/user.442vk", {st_mode=S_IFREG|0600, st_size=15, ...}) = 0 q2:unlink("/var/lib/imap/quota/q/user.442vk") = 0 Any ideas? I believe we have fixed both issues in CVS. You need to fetch the latest lib/cyrusdb_quotalegacy.c and imap/quota.c Thank you very much, my most affected server seems to run fine now with the patches. Hmm, quota are still vanishing again when running quota -f. So it seems there is still something wrong. Update: Just found out they are also vanishing without running quota -f. Just normal operation. Just to clarify, do you mean normal operation of the quota command (no -f option), or normal operation of the server? I mean normal operation of the server, no quota call involved. The affected mailboxes are just randmon, it happens now and then and I don't see anything in the logs (I don't have extensive logging enabled on this production server). It's really difficult to find a way to reproduce it - at least now I don't know how. So this problem has magically gone away? -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Open file limits
> Can anyone share experiences with running out of open files on Linux? >I am using a 2.4.26 kernel, and the system wide open file limit is >rather large. Do I need to set anything other than this? The default >limit of 1024 is in effect for both cyrus and root. Off the top of my head, there are four main areas where you run into trouble (only three relevent to linux): 1. total open fd's in the system 2. user fd limits (ulimit - typically 1024) 3. the select() call (typically 1024) 4. old stdio implementations (256) The first two you probably know about, although you may not know about the third and fouth. The select() function usually has a limit of 1024 file descriptors - this is because it uses an implementation-defined bitmap to signal interest and status of each file descriptor. The FD_SETSIZE constant (defined in ) tells you the size of the bitmap. The fourth will bite you on what I'll rudely call "legacy" unix systems, eg Solaris. I haven't checked versions after Solaris 8, but the fd field in the stdio structure was traditionally an unsigned char value, and in the bad old days, apps would mess around inside this structure. Presumably because they have customers with grungy old apps, Sun has retained this historical anacronism. -- Andrew McNamara, Senior Developer, Object Craft http://www.object-craft.com.au/ --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Vanishing quota information
>> Simon Matter wrote: >>> For the vanishing quota problem, it seems that the problem is from a >>> bug >>> in one of the patches I include in my rpms, not from cyrus-imapd >>> itself. >>> I'll provide more information after further investigation. >> >> So you're saying that current CVS works fine for quota -f? > > Yes, the CVS version works fine now. Everything seems fine now, I don't have anymore quota related problems. Updated rpms will be available later today. Simon --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: Open file limits
Have you tried "ulimit" command? --- DO DUC HUY Opensource team Network and Media Department Centre for Development of Information Technology - CDiT Viet Nam Posts & Telecommunications Corporation Address: 4th Floor, VCCI Building, 9 Dao Duy Anh str, Dongda dist, Hanoi Tel: (+84) 04-5.742.879 Fax: (+84) 04-5.742.857 Mobi: 0912 22 34 00 --- - Original Message - From: "AJ" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, July 05, 2004 5:50 PM Subject: Open file limits > Hi, >Can anyone share experiences with running out of open files on Linux? > I am using a 2.4.26 kernel, and the system wide open file limit is > rather large. Do I need to set anything other than this? The default > limit of 1024 is in effect for both cyrus and root. > > Thanks. > AJ > --- > Cyrus Home Page: http://asg.web.cmu.edu/cyrus > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html