The create access right (cyrus-imapd 2.2.6)
According to the documentation, the c access right on mailboxes should mean... create - The user may create new sub-mailboxes of the mailbox, or delete or rename the current mailbox Setting a negative c access right on a mailbox should therefore mean that it can't be removed or renamed, nor should it be possible to create sub-mailboxes under it. This is mostly true with version 2.2.6 (maybe earlier versions?), except that it is possible to create sub-mailboxes... localhost lam user.xxx.fredb xxx lrswipda localhost dm user.xxx.fredb deletemailbox: Permission denied localhost rename user.xxx.fredb user.xxx.fredc renamemailbox: Permission denied localhost cm user.xxx.fredb.a localhost Some mistake, surely? Cheers, Richard Hopkins, Information Services, Computer Centre, University of Bristol, Bristol, BS8 1UD, UK Tel +44 117 928 7859 Fax +44 117 929 1576 --- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
Re: imsp and sasl config
--On Friday, November 28, 2003 9:19 AM + Richard Hopkins [EMAIL PROTECTED] wrote: Hi Phil... --On Thursday, November 27, 2003 7:29 PM + Phil Chambers [EMAIL PROTECTED] wrote: I made a major typing blunder when I sent this message before! I missed sasl. out when I copied my options entries, so that is not my solution. Please take another look: I have had a very old IMSP version (pre-SASL) running for years without any problems. I am trying to get a new version running which uses SASL. No problem building it, but I can't work out what options to put in /var/imsp/options! I am using saslauthd and that is working fine for my IMAP and POP processes with allowplaintext: yes sasl_pwcheck_method: saslauthd sasl_mech_list: plain in /etc/imapd.conf. I have the following in my /var/imsp/options: imsp.sasl.allowplaintext N + imsp.sasl.pwcheck_method N saslauthd imsp.sasl.mech_list n (plain) but I get no mechanism available when I try to login to IMSP with plain text password. (CAPABILITY shows AUTH=PLAIN) What should my IMSP options be please? (First off I'll mention that you have to use version 1 of SASL with IMSP, just in case.) The only SASL related entry I have in my imsp.options file is... imsp.sasl.allowplaintext N + I then have the pwcheck method stuff in the file /usr/local/lib/imsp.options, as in... pwcheck_method: saslauthd Apologies. That should read /usr/local/lib/sasl/imspd.conf, not /usr/local/lib/imsp.options Richard
Re: imsp and sasl config
--On Friday, November 28, 2003 11:37 AM + Richard Hopkins [EMAIL PROTECTED] wrote: --On Friday, November 28, 2003 9:19 AM + Richard Hopkins [EMAIL PROTECTED] wrote: Hi Phil... --On Thursday, November 27, 2003 7:29 PM + Phil Chambers [EMAIL PROTECTED] wrote: I made a major typing blunder when I sent this message before! I missed sasl. out when I copied my options entries, so that is not my solution. Please take another look: I have had a very old IMSP version (pre-SASL) running for years without any problems. I am trying to get a new version running which uses SASL. No problem building it, but I can't work out what options to put in /var/imsp/options! I am using saslauthd and that is working fine for my IMAP and POP processes with allowplaintext: yes sasl_pwcheck_method: saslauthd sasl_mech_list: plain in /etc/imapd.conf. I have the following in my /var/imsp/options: imsp.sasl.allowplaintext N + imsp.sasl.pwcheck_method N saslauthd imsp.sasl.mech_list n (plain) but I get no mechanism available when I try to login to IMSP with plain text password. (CAPABILITY shows AUTH=PLAIN) What should my IMSP options be please? (First off I'll mention that you have to use version 1 of SASL with IMSP, just in case.) The only SASL related entry I have in my imsp.options file is... imsp.sasl.allowplaintext N + I then have the pwcheck method stuff in the file /usr/local/lib/imsp.options, as in... pwcheck_method: saslauthd Apologies. That should read /usr/local/lib/sasl/imspd.conf, not /usr/local/lib/imsp.options Richard And more apologies! There is a version of IMSP (1.7) out which supports SASLv2 (released August 2003) after all (although I've not looked at it myself, yet). See the cyrus-announce archive for details. (What I wrote above applies to v1.6a3) Richard
Re: problems with imap and imsp installation
For Solaris systems (7 and 8; not doing 9 yet) we now routinely install (usually Sun packages, but some from source)... autoconf bc automake bison flex gcc gdbm gzip m4 make perl tcl tcp_wrappers zlib ...which tends to make life much easier building other softare. For Cyrus IMSP you do need SASL v1, but this can be installed alongside SASL v2, so you can have your IMAP using v2 and IMSP using v1. When cofiguring IMSP v1.6a3, you will get an error cat: cannot open ./config.h.in but can safely ignore this in my experience. Richard --On Thursday, June 26, 2003 10:53 AM -0500 Ted Fines [EMAIL PROTECTED] wrote: Phil, The SASL/IMAP/IMSP installation is about as difficult as any I have run across. While the amount of work on Project Cyrus is very impressive, thorough documentation of it just doesn't seem to be available. If you do manage to get a SASL/IMAP/IMSP installation running, maybe you'd care to put together a nice HOW-TO for the rest of us? I gave up trying to use the new IMSP that uses SASL. I simply could not get it to compile on ANY platform (Solaris, Linux, FreeBSD were tried). I use an older version with a patch that allows it to authenticate to the imap server. Still, the imsp daemon crashed very frequently on Solaris 8. I recompiled it -- exactly the same way -- on FreeBSD, and it is very stable. Just try to get it all working with LDAP too! You wrote: Surely, thousands of people must have installed the cyrus imap/imsp combination on Solaris 8 without anything like this trouble? I think that's optimistic. The number of imsp installations *might* be in the triple digits, but I doubt even that. I have absolutely to quantitative data to back up that statement, of course! :) You can get autoconf, autoheader, etc. packages from http://www.sunfreeware.com, but you probably already knew that. Ted --On Thursday, June 26, 2003 4:26 PM +0100 Phil Chambers [EMAIL PROTECTED] wrote: I have just installed a new Sun box running Solaris 8 and expected that installing the cyrus IMAP and IMSP packages would be simple! First I installed BerkleyDB.3.3 and Perl and they went OK. Then I picked up cyrus-sasl -2.1.13 and installed that once I sorted out the --with-... and --disable-... options I needed. Not too bad. Then cyrus-imapd-2.1.13 and that seemed to install OK, again, once I had sorted out the configure options I needed. The IMAP and POP server side seem to run and respond to telnet connections and imtest worked. I then tried to use cyradm to add some users and that is where it went downhill! I get the following Can't load '/usr/perl5/site_perl/5.005/sun4-solaris/auto/Cyrus/IMAP/IMAP.so' for module Cyrus::IMAP: ld.so.1: perl: fatal: relocation error: file /usr/perl5/site_perl/5.005/sun4-solaris/auto/Cyrus/IMAP/IMAP.so: symbol sasl_client_init: referenced symbol not found at /usr/perl5/5.00503/sun4-solaris/DynaLoader.pm line 169. at /usr/perl5/site_perl/5.005/sun4-solaris/Cyrus/IMAP/Admin.pm line 44 BEGIN failed--compilation aborted at /usr/perl5/site_perl/5.005/sun4-solaris/Cyrus/IMAP/Admin.pm line 44. BEGIN failed--compilation aborted at /usr/perl5/site_perl/5.005/sun4-solaris/Cyrus/IMAP/Shell.pm line 60. BEGIN failed--compilation aborted. As far as I can make out, this is a dynamic library problem, but I have completely failed to find a cure for it. Help with that will be most welcome. I then moved on to IMSP and downloaded cyrus-imspd-v1.6a3 and tried to build that. This failed because there is no config.h.in present! I looked at v1.5.28 and that has the same problem. On further reading I found that both these versions need version 1.5.x of sasl. I had just installed 2.1.13 because that is what IMAP needs! So I downloaded cyrusimsp from cvs to get a version which would work with 2.1.13. It now seems I need autoconf (and aclocal and autoheader?) before I can make more progress with that. Will this never end? Surely, thousands of people must have installed the cyrus imap/imsp combination on Solaris 8 without anything like this trouble? Phil. --- Phil Chambers ([EMAIL PROTECTED]) University of Exeter Richard Hopkins, Information Services, Computer Centre, University of Bristol, Bristol, BS8 1UD, UK Tel +44 117 928 7859 Fax +44 117 929 1576
Re: Cyrus - PAM? - Win2K authentication
--On Friday, July 12, 2002 12:25 PM -0400 Ken Murchison [EMAIL PROTECTED] wrote: Chris Wiegand wrote: Is it possible to configure cyrus to authenticate (via PAM, possibly) against a Win2000 Active Directory/Domain? We are currently usin pam_smb to auth against a NT4 box. I haven't tried it with 2000 yet, we are upgrading in the next few weeks. We've been using pam_smb against a 2000 box for our Cyrus authentication for a while, but have terrible problems with it from time to time. So, I thought about trying pam_krb5 instead. I had hoped that (with the necessary underlying OS configuration done - verified by being able to login using telnet and ftp) it would simply be a case of changing the references to pam_smb in the pam.conf file (Cyrus platform is Solaris 8) to pam_krb5 and away we'd go. Not so, though; authentication always fails and what I see logged is... Jan 9 12:57:15 tench PAM: [ID 705685 auth.debug] PAM-KRB5: pam_sm_authenticate Jan 9 12:57:15 tench PAM: [ID 729219 auth.debug] PAM-KRB5: pam_sm_auth prompting for password Jan 9 12:57:15 tench PAM: [ID 427203 auth.debug] pam_authenticate: error Authentication failed ...logged Does anyone know what the problem(s) might be? Cheers, Richard Hopkins, Information Services, Computer Centre, University of Bristol, Bristol, BS8 1UD, UK Tel +44 117 928 7859 Fax +44 117 929 1576
Re: Shared address books problemmoving from MD imspd to Cyrus imspd
There is an incompatibility here, Alan. With MD's imsp, the list of shared address books appear in the file abooks at the top of the imsp hierarchy and the ACLs on the books appear in files in the individual user's imsp directories (of the form abookacl.user.abook). With Cyrus imsp, the ACLs appear in the top level abooks file. e.g fsx# pwd /var/imsp fsx# cat abooks ccabc.newbook ccabc lrswipcda ccxyz lr group:agroup lr We're in a similar situation to yourselves. We'll be asking our users to re-share their shared address books when we make the change. Cheers, Richard --On Wednesday, January 30, 2002 10:22 PM + Alan Thew [EMAIL PROTECTED] wrote: We currently run MD's imsp and a number of users have shared address books. We want to move to the Cyrus imsp (1.6a3) for a number of reasons: SASL We have the source Better Mulberry support We find that the shared address books are not visible when using the Cyrus server (and using exactly the same data as MD's). Do we need to add ACLs to the abooks file or is the problem more complex? Thanks to anyone who has any ideas/suggestions. -- Alan Thew [EMAIL PROTECTED] Computing Services,University of Liverpool Fax: +44 151 794-4442 Richard Hopkins, Information Services, Computer Centre, University of Bristol, Bristol, BS8 1UD, UK Tel +44 117 928 7859 Fax +44 117 929 1576 RFC-822: [EMAIL PROTECTED]
Re: Webmail Client
SilkyMail from Cyrusoft http://www.cyrusoft.com/silkymail/ is well worth a look. On Fri, 14 Sep 2001 08:38:01 -0300 Rehuel Lobato de Mesquita [EMAIL PROTECTED] wrote: Hey guys Can anyone recommend an open source yahoo/hotmail-like mail client? Rehuel Richard Hopkins, Information Services, Computer Centre, University of Bristol, Bristol, BS8 1UD, UK Tel +44 117 928 7859 Fax +44 117 929 1576 RFC-822: [EMAIL PROTECTED]
Re: deliver bus error core dump
fcntl(5, F_SETLKW, 0xFFBEDC08) = 0 open(/var/imap/deliverdb/deliver-q.lock, O_RDWR|O_CREAT, 0666) = 6 fcntl(6, F_SETLKW, 0xFFBECAF0) = 0 close(6)= 0 close(8)Err#9 EBADF close(7)Err#9 EBADF close(5)= 0 open(/var/imap/deliverdb/deliver-c.lock, O_RDWR|O_CREAT, 0666) = 5 fcntl(5, F_SETLKW, 0xFFBEDC08) = 0 open(/var/imap/deliverdb/deliver-q.lock, O_RDWR|O_CREAT, 0666) = 6 fcntl(6, F_SETLKW, 0xFFBECAF0) = 0 close(6)= 0 close(8)Err#9 EBADF close(7)Err#9 EBADF close(5)= 0 open(/var/imap/deliverdb/deliver-d.lock, O_RDWR|O_CREAT, 0666) = 5 fcntl(5, F_SETLKW, 0xFFBEDC08) = 0 open(/var/imap/deliverdb/deliver-q.lock, O_RDWR|O_CREAT, 0666) = 6 fcntl(6, F_SETLKW, 0xFFBECAF0) = 0 close(6)= 0 close(8)Err#9 EBADF close(7)Err#9 EBADF close(5)= 0 open(/var/imap/deliverdb/deliver-e.lock, O_RDWR|O_CREAT, 0666) = 5 fcntl(5, F_SETLKW, 0xFFBEDC08) = 0 open(/var/imap/deliverdb/deliver-q.lock, O_RDWR|O_CREAT, 0666) = 6 [stuff deleted] open(/var/imap/deliverdb/deliver-y.lock, O_RDWR|O_CREAT, 0666) = 5 fcntl(5, F_SETLKW, 0xFFBEDC08) = 0 open(/var/imap/deliverdb/deliver-q.lock, O_RDWR|O_CREAT, 0666) = 6 fcntl(6, F_SETLKW, 0xFFBECAF0) = 0 close(6)= 0 close(8)Err#9 EBADF close(7)Err#9 EBADF close(5)= 0 open(/var/imap/deliverdb/deliver-z.lock, O_RDWR|O_CREAT, 0666) = 5 fcntl(5, F_SETLKW, 0xFFBEDC08) = 0 open(/var/imap/deliverdb/deliver-q.lock, O_RDWR|O_CREAT, 0666) = 6 [...] Then, if I send another mail to the user whose name begins with q deliver -E 2 no longer works. /usr/local/imap/imapd/bin/deliver -E 2 Bus Error (core dumped) Regards, Nicolas Richard Hopkins, Information Services, Computer Centre, University of Bristol, Bristol, BS8 1UD, UK Tel +44 117 928 7859 Fax +44 117 929 1576 RFC-822: [EMAIL PROTECTED]
Re: Cyrus IMSP and Simeon/Execmail
I sent this update to the list on March 28th, but it (along with others?) didn't seem to make it. So, here it is... I've done quite a lot more looking into this problem of mine. Things are *not* as catastrophic as I initially thought. The crashing of the IMSP daemon is dependent on what's in the global options file. I first looked at upgrading to Cyrus imsp a while back. Initially, I was having real troubles getting authentication to work (before I discovered the magic /usr/local/lib/sasl/imspd.conf requirement). While I was investigating, I at some point added the lines... imsp.sasl.plain.PAM imsp.sasl.login.PAM to my global options file. These are the entries which cause imspd to die when given a "get imsp.*" or "get *". When I remove them, all is well. Thanks to all who responded to my initial message. Cheers... On Tue, 27 Mar 2001 08:24:30 -0800 Rob Tanner [EMAIL PROTECTED] wrote: Me too! MessagingDirect's contract support sucks, and getting the next release out the door always seems to be more important than supporting the current version (and we should pay good money for the privilege of their ignoring problems) Besides, their stuff is proprietary and not near as flexible. Getting off my soap-box, cyrus-imsp v1.6a3 seems to have problems (at least on Solaris), although I've never had a problem with segfaults. You might look for inconsistent libraries. Typically, the segfaults are caused by more than one version of BerkeleyDB libs on the system. But as your not doing authentication at the point of the segfault, I can't see how your immediate problem could be related to Berkeley in particular. If all else fails, my other suggestion is to use imspd v1.6a2. Most of the intentional changes between v1.6a2 and v1.6a3 are related to LDAP support (which is now broken, but works fine in v1.6a2). As far as the unintentional changes... well, maybe you just found one. For myself, especially since the LDAP support is critical for me, v1.6a2 was the solution. Now, if someone could only tell me how to get imspd to run out of inetd so I can run it as user "cyrus" instead of "root", I'd be tickled pink. -- Rob --On Tuesday, March 27, 2001 10:37:02 AM +0100 Richard Hopkins [EMAIL PROTECTED] wrote: Along with quite a number of others, I guess, I'm now actively looking at upgrading from ESYS/Execmail/MessagingDirect (whatever the heck they are called now) IMSP and IMAP to Cyrus. I have a problem with Simeon and Execmail interworking with the Cyrus IMSP server which seems pretty much identical to what was described back in April 1996 - see below - in a nutshell, no address book problems, no option saving problems, but unable to load options. I've done some tracing, and what I see is that when Execmail issues a "tag get imsp.*" command, Cyrus imspd dies. Using telnet as my client, I see... * OK Cyrus IMSP version 1.6a3 ready . get common.* * OPTION common.date "Tue, 27 Mar 2001 10:10:38 +0100" [READ-ONLY] * OPTION common.delivery.hosts "(stingray.cse.bris.ac.uk)" [READ-ONLY] * OPTION common.domain bris.ac.uk [READ-ONLY] * OPTION common.from "" [READ-ONLY] * OPTION common.sent.mailbox sentmail [READ-ONLY] . OK get completed . get imsp.* Connection closed by foreign host. At the server end (running imspd under "truss"), I see... read(5, " . g e t c o m m o n".., 4096) = 16 time() = 985684238 poll(0xFFBE8920, 1, 3) = 1 write(5, " * O P T I O N c o m".., 295) = 295 poll(0xFFBE9920, 1, 180)(sleeping...) poll(0xFFBE9920, 1, 180)= 1 read(5, " . g e t i m s p . *".., 4096) = 14 Incurred fault #6, FLTBOUNDS %pc = 0xFF136DCC siginfo: SIGSEGV SEGV_MAPERR addr=0x Received signal #11, SIGSEGV [caught] siginfo: SIGSEGV SEGV_MAPERR addr=0x sigaction(SIGSEGV, 0xFFBE9518, 0xFFBE9598) = 0 getpid()= 7202 [7201] kill(7202, SIGSEGV) = 0 Received signal #11, SIGSEGV [default] siginfo: SIGSEGV pid=7202 uid=0 *** process killed *** This does appear to be a bug in the cyrus server and is obviously catastophic to my plans to upgrade. Is there any possibility of a fix? Cheers... _ _ _ _ __ _ _ _ _ /\_\_\_\_\/\_\ /\_\_\_\_\_\ /\/_/_/_/_/ /\/_/ \/_/_/_/_/_/ QUIDQUID LATINE DICTUM SIT, /\/_/__\/_/ __/\/_//\/_/ PROFUNDUM VIDITUR /\/_/_/_/_/ /\_\ /\/_//\/_/ /\/_/ \/_/ /\/_/_/\/_//\/_/ (Whatever is said in Latin \/_/ \/_/ \/_/_/_/_/ \/_/ appears profound) Rob Tanner UNIX and