How to move sasldb to another server?
ml at awinkelmann.de
Sat Nov 11 03:32:21 EST 2006
Am Saturday 11 November 2006 08:57 schrieb Martin Schweizer:
> > > I have two cyrus imapd server (all software has the same version)
> > > which uses sasldb for authentication. For failover reasons I would
> > > like to "copy" regulary the sasldb from the main server to the backup
> > > server. How can I do that? I did copied by hand but this works not.
> > Maybe you want to tell us, what "works not" means?
> ... means you can not login (pop3, imap oder squirrmail) if you use
> the copied file.
> > I would guess, you use the Hostname as Realm. This will change on the
> > other
> ... yea, I saw (with strings sasldb2.sb) that there are realms in the
> database. Probably that is the problem. Isn't it?
You can use "sasldblistusers" or "sasldblistusers2" to see the contents of
> > Server of course. You can solve this with setting servername in
> > imapd.conf to
> ... you mean I should turn on the main server name in the impad.conf
> from the backup server?
This is the easiest choice.
An entry in sasldb contains 3 or maybe 4 parts. Username, Realm, Password (and
Type: the "userPassword"). If your users uses only a Username, without
@domain-Part, the Hostname of the Server is used for this key. This is
servername in imapd.conf for Cyrus-Imapd.
Either create entries with:
# saslpasswd -cu domain.tld username
And tell your users to use "user at domain.tld" as Username. This should work on
both servers, then.
Or if you (have already) create(d) entries with:
# saslpasswd -c username
The Hostname of the Server is used and either your Users use
"username at host.domain.tld" as username or you have to change something
between the Source and Destination (Backup) Server. The easiest is to change
the servername (imapd.conf) of the Backup-Server to be equal the other. Then
Users can use "username" on both servers.
> > the Hostname of the Source-Server. Or change sasldb after copying. Or...
> ... what you mean with "change sasldb after copying"? Do something by hand?
If the databasetype is bdb, you can use db_dump/db_load
# db_dump -p /etc/sasldb2 | sed 's/host1\.domain\.tld/host2.domain.tld/' |
This is only an example, if you really want to use something like that, you
should work at least on the regexp in sed.
Or a little Perl-Script.
More information about the Cyrus-sasl