Re: UC Davis Cyrus Incident September 2007

2007-10-18 Thread Robert Mueller 

> Actually, I don't see a deadlock situation at all... I am guessing that
> theorettically, it is possible... but the "ln -sf" option makes the
> overwriting of the symlink an atomic action (as much as it can), which

Not a "deadlock" situation, but a possible "file doesn't exist" error.
In the Unix/POSIX world, symlink will not overwrite an existing file
(man 3 symlink), but rename will do so (man 3 rename), and it will do it
atomically.

So, as an strace shows, this isn't atomic.

$ touch b
$ strace ln -fs a b
...
symlink("a", "b")   = -1 EEXIST (File exists)
unlink("b") = 0
symlink("a", "b")   = 0
...

But this is:

$ ln -fs a b.tmp
$ strace mv b.tmp b
...
rename("b.tmp", "b")= 0
...

Rob

--
[EMAIL PROTECTED]
Sign up at http://fastmail.fm for fast, ad free, IMAP accessible email


Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: mbox to cyrus migration

2007-10-18 Thread Alain Spineux 
Some mail client (like thunderbird) store mailboxes in mbox format.
You can create an empty folder in any non imap account, replace the
empty file by your
dump, start your MUA, check if your mail are ok.
Then configure your imap account and drag&drop into it.
You can see the result in seconds.

If you mailbox is very big or you have lot of mailboxes to migrate,
command line tool become more interesting. Hope someone else will help
you in this case. Did you googled for "mbox imap migration or
conveetion" ?

Regards.

On 10/18/07, Mike Zupan <[EMAIL PROTECTED]> wrote:
> Are there any toold to migrate a mbox to cyrus mailbox? I have a mbox dumb
> from a dbmail mailbox and need to put it on a cyrus mailbox
>
> Any tools or pointers?
>
> Thanks
> Mike
>
> 
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info:
> http://asg.web.cmu.edu/cyrus/mailing-list.html
>


-- 
Alain Spineux
aspineux gmail com
May the sources be with you

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: mbox to cyrus migration

2007-10-18 Thread Dmitriy Kirhlarov 
Mike Zupan wrote:
> Are there any toold to migrate a mbox to cyrus mailbox? I have a mbox 
> dumb from a dbmail mailbox and need to put it on a cyrus mailbox
> 
> Any tools or pointers?

http://www.linux-france.org/prj/imapsync

WBR.
Dmitriy

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

mbox to cyrus migration

2007-10-18 Thread Mike Zupan 
Are there any toold to migrate a mbox to cyrus mailbox? I have a mbox dumb
from a dbmail mailbox and need to put it on a cyrus mailbox

Any tools or pointers?

Thanks
Mike

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: UC Davis Cyrus Incident September 2007

2007-10-18 Thread Scott Adkins 

--On Thursday, October 18, 2007 9:58 AM +0200 Pascal Gienger <[EMAIL 
PROTECTED]> wrote:


Scott Adkins <[EMAIL PROTECTED]> wrote:


Meanwhile, we hacked around this in a very cool way.  We copied the imapd
process 60 times (assuming average of 12,000 processes, shooting for 200
processes per executable, that is 60 individual executables).  These were
named /usr/cyrus/bin/imapd_001 through /usr/cyrus/bin/imapd_060.  We then
symlinked the "imapd" binary to imapd_001.  We then wrote a cron job that
ran once a minute and relinked the imapd symlink to the next numbered
executable,


And how did you solve the problem of the "deadlock" resulting in deleteing the 
symbolic link, setting the new one? Between these
events an exec of imapd would break resulting in an error to the customer.

Funny hack though.


Actually, I don't see a deadlock situation at all... I am guessing that
theorettically, it is possible... but the "ln -sf" option makes the
overwriting of the symlink an atomic action (as much as it can), which
is why it seems to work.  I stress tested this as much as I could prior
to putting it into production, simulating tons of users logging in and
out of the server while rotating the symlink as fast as I could.  There
was not one case of a connection failure at any point during the test.

There are other factors that are involved too... Process re-use keeps a
lot of problems to a minimum... We don't use preforking, but I imagine
that preforking would further reduce any possibilities of deadlocking.
Users coming into the system would be funneled to a socket associated
with an IMAP process that has already been running for a bit, so it is
clean from their perspective.

The only issue is actually between master and imapd, and I don't know what
master does if it tries to spawn an imapd and it fails... it may just try
again... I dounbt it just out-right refused the incoming connection.  I
need to look at the source code to understand it better.

Scott
--
+---+
 Scott W. Adkins   Work (740)593-9478 Fax (740)593-1944
  UNIX Systems Engineer 
+---+
PGP Public Key 

pgpPAbPHC07cU.pgp
Description: PGP signature

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: running cyradm commands from a script

2007-10-18 Thread Marcelo Maraboli 

Glennie Vignarajah wrote:
> Le Monday 15 October 2007, Jessi Berkelhammer(Jessi Berkelhammer 
> <[EMAIL PROTECTED]>) a écrit:
> 
> 
> Hello,
> 
>> Ideally, I could use shell scripts to create a file with the
>> cyradm commands, and run those. Is there a way to do this so it
>> doesn't require the password to be entered interactively?
> 
> 
> Try something like this
> cyradm -u MY_LOGIN -w MY_PASSWORD MY_HOST << CYRADMSCRIPT
> lm
> lam user.*
> CYRADMSCRIPT
> Hope this helps!


the easiest way to do this is to use the EXPECT language...

script for adding users from command-line:

---
#!/usr/local/bin/expect -f
#
# usage: cyrus-adduser.exp john.doe
#
set user [lindex $argv 0]
#
#
spawn /usr/local/bin/cyradm -u cyrus localhost
expect "assword:"
send "your_password\r"
expect "host>"
#
send "cm user/$user \r"
expect "host>"
#
send "sq user/$user 153600\r"
expect "host>"
#
send "exit\r"
expect eof
#



regards,
-- 
MSc. Marcelo Maraboli Rosselott
Jefe Area de Redes y Comunicaciones  (Network & UNIX Systems Engineer)
Ingeniero Civil Electronico, CISSP  (MSc., Electronic Engineer, CISSP)

Direccion Central de Servicios Computacionales (DCSC)
Universidad Tecnica Federico Santa Maria phone: +56 32 2654071
Chile.http://www.usm.cl http://elqui.dcsc.utfsm.cl

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: tls self-signed certificates

2007-10-18 Thread Nik Conwell 

On Oct 17, 2007, at 9:55 PM, Craig White wrote:

> OK - what I discovered was that TLS works with this setup (telnet
> localhost 143)
>
> IMAP/SSL doesn't seem to work when you 'telnet localhost 993' but on a
> client that is forgiving for self-signed certificates, it does  
> actually
> work. So much for my testing methodology.

Try this to access an IMAP/SSL server via the command line:

openssl s_client -connect hostname:port

-nik


Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Re: UC Davis Cyrus Incident September 2007

2007-10-18 Thread Pascal Gienger 
Scott Adkins <[EMAIL PROTECTED]> wrote:

> Meanwhile, we hacked around this in a very cool way.  We copied the imapd
> process 60 times (assuming average of 12,000 processes, shooting for 200
> processes per executable, that is 60 individual executables).  These were
> named /usr/cyrus/bin/imapd_001 through /usr/cyrus/bin/imapd_060.  We then
> symlinked the "imapd" binary to imapd_001.  We then wrote a cron job that
> ran once a minute and relinked the imapd symlink to the next numbered
> executable,

And how did you solve the problem of the "deadlock" resulting in deleteing 
the symbolic link, setting the new one? Between these events an exec of 
imapd would break resulting in an error to the customer.

Funny hack though.

Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html