Kerberos weirdness when upgradring 2.1.15 -> 2.2.3
ian at stacken.kth.se
Sat Jun 5 19:23:08 EDT 2004
I just upgraded our IMAP machine from cyrus-imapd 2.1.15 to 2.2.3, using
SASL 2.1.15 in both cases. For some reason I can't see any mail folders
other than those public when using cross-realm Kerberos authentication.
"loginuseacl: yes" is set in imapd.conf, user at OTHER-REALM has all rights
on my folders, and my realm and OTHER-REALM cross-authenticate.
I'm trying the following:
(here, iand02 at NADA.KTH.SE is the user at my other realm)
$ imtest -m gssapi -u iand02 at NADA.KTH.SE imap.stacken.kth.se
/* GSSAPI negotiation */
S: A01 OK Success (privacy protection)
Security strength factor: 56
C1 LIST "*" "*"
* LIST (\HasChildren) "." "shared"
* LIST (\HasChildren) "." "shared.passepartout"
* LIST (\HasNoChildren) "." "shared.passepartout.announce"
* LIST (\HasNoChildren) "." "user.ian.shared"
* LIST (\HasNoChildren) "." "user.owe.public"
C1 OK Completed (0.000 secs 6 calls)
^CC: Q01 LOGOUT
I should be able to see folders under user.ian, all having
iand02 at NADA.KTH.SE lrswipcda" set.
What broke in the move from 2.1.15 to 2.2.3?
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus