Cyrus::IMAP, referrals, murder, mailbox moves, etc.
Michael Bacon
baconm at duke.edu
Wed Mar 19 16:09:23 EST 2003
--On Wednesday, March 19, 2003 15:57:14 -0500 Ken Murchison
<ken at oceana.com> wrote:
> You should wait for a reply from Rob for definitive answers, but I'll
> get you started.
>
> ...
>
> > Should all of the ACLs be cleared on the old server before the
> > move starts, then restored when the move is finished, or is that taken
care
>
> You shouldn't have to change ACLs. The location of the mailbox has no
> effect on the ACL
I was actually thinking more along the lines of temporarily setting all
ACLs on the mailbox to "none" in order to make sure the user didn't corrupt
the mailbox with APPENDs or some such thing. But if it's getting somehow
locked for the move, I guess that isn't necessary.
> > Secondly, is there a way to get cyradm (or alternately,
Cyrus::IMAP::Admin)
> > to return the backend server where a mailbox is located? Or is there
some
>
> Yup.
>
> info <mailbox>
>
> It uses the IMAP ANNOTATEMORE extension for this. If you use 'info'
> without any args, it will show you any server annotations (motd,
> comment). You can use 'setinfo' to set either one of these.
That's certainly helpful -- info is in fact what I'm looking for. I
presume that's the same as the undocumented $client->getinfo() call in
Cyrus::IMAP::Admin?
Anyway, I think I see where I'm running afoul of cyradm. The code for
doing the referrals in Cyrus/IMAP/Admin.pm is something like this:
######
my $cyradm = Cyrus::IMAP::Admin->new($refserver, $port)
or die "cyradm: cannot connect to $refserver\n";
$cyradm->addcallback({-trigger => 'EOF',
-callback => \&_cb_ref_eof,
-rock => \$cyradm});
$cyradm->authenticate()
or die "cyradm: cannot authenticate to $refserver\n";
######
The problem is that for a lot of the things we do around here, we use some
of the undocumented arguments to authenticate(), because SASL has the nasty
habit of trying to do KERBEROS_IV before it does GSSAPI, which is almost
always not what we want it to do, although we have KERBEROS_IV support on
for older clients. Also, it tries to guess the UserID and AuthID, and
usually guesses it wrong for our purposes. However, when this calls
authenticate() from within the setaclmailbox() call, or whatever, it's
using all of the defaults. I wonder if it would be useful to store all of
the arguments passed into authenticate() in instance variables of the
$client object for later retrieval, perhaps with a getauthinfo() call, or
some such thing. Would we be the only ones who would find that useful, or
would that benefit others as well? (If so, I may get started on it...
Perhaps this should move over to cyrus-devel at some point...)
Thanks much,
Michael
More information about the Info-cyrus
mailing list