[POLL] Cyrus 2.2 virtdomains behavior (Was: global admin without defaultdomain?)

Ken Murchison ken at oceana.com
Mon Dec 29 19:25:18 EST 2003 


Igor Brezac wrote:
> On Mon, 29 Dec 2003, Ken Murchison wrote:
> 
> 
>>Ken Murchison wrote:
>>
>>
>>>Kendrick Vargas wrote:
>>>
>>>
>>>>Hi folks,
>>>>
>>>>I asked earlier how I could get users within the primary (default)
>>>>domain hashed into the domain/ subdirectories of the imap spool
>>>>instead of being right at the toplevel without any real domain
>>>>association. I was told that the defaultdomain option was meant to
>>>>ease the passage from version 2.1 to 2.2, so if I simply didn't set
>>>>it, I'd get the hashing all nice and pretty.
>>>>
>>>>Now I have a slightly different issue. I've finally gone back and set
>>>>things up in this manner. No defaultdomain setting. Users are hashed
>>>>in the domains as they should be, however I'd like to have a global
>>>>admin. The documents say I need the defaultdomain to have a global
>>>>admin. Why? Is there anyway to get around this?
>>>>
>>>>I'd like to have a global admin without having the defaultdomain set.
>>>>I don't really understand why that would be a requirement. Maybe this
>>>>behavior should be some sort of configurable flag. If someone could
>>>>point me in the direction to the source I could hack past to disable
>>>>this behavior, I'd greatly appreciate it.
>>>
>>>
>>>This has to do with the fact that the virtdomains code handles domains
>>>by login id and ip address simultaneously.  If you don't have a fully
>>>qualified user id, the code will do a reverse lookup on the ip address
>>>of the local NIC and add that domain.  The only way to prevent the
>>>appending of the domain is by setting a default domain.
>>>
>>>I could probably fix this by changing the code to only do virtdomains by
>>> one mechanism at a time, NOT both.  Since the 2.2 code recently added
>>>the ability to have enumerated config options, I could change the
>>>virtdomains option to be a tri-state variable, something like [ off,
>>>byuserid, byipaddress ].  As long as nobody is depending on the current
>>>behavior, I have no problem changing this.  Of course, if people do need
>>>the current bevavior, I could add a fourth state to handle this.
>>>
>>>I'd like to get some feedback from those of you that have been using the
>>>virtdomains code before I go and make any changes.
>>
>>I just committed some code to CVS which changes the virtdomains option
>>from a SWITCH to an ENUM having 3 options:
>>
>>off/no/0/false/f	(disabled)
>>userid			(fully qualified userids only)
>>on/yes/1/true/t		(current behavior)
>>
>>
>>What this means (hopefully) is that existing installations of 2.2 code
>>(whether virtdomains is enabled or not) should be unaffected.  Those
>>that don't want the reverse IP address lookup can use the "userid" option.
>>
> 
> 
> I have not checked the code, but how does this affect global admins?

If you set virtdomains:on it will behave like the current code.  If you 
set virtdomains:userid you can have a global admin without setting 
defaultdomain.

Like I said, you *shouldn't* notice any difference unless you switch 
from "on" to "userid".

-- 
Kenneth Murchison     Oceana Matrix Ltd.
Software Engineer     21 Princeton Place
716-662-8973 x26      Orchard Park, NY 14127
--PGP Public Key--    http://www.oceana.com/~ken/ksm.pgp

More information about the Info-cyrus mailing list