cyrus imap realm moves but sasl stays put

Ross Boylan ross at
Tue Jun 7 03:27:13 EDT 2011

Sorry: should have been "realm" not "real" in the subject!  And below...
On Mon, 2011-06-06 at 23:23 -0700, Ross Boylan wrote:
> I made a virtual machine whose disk was a writable snapshot of the disk
> from another VM.  After I changed the hostname, I was unable to login to
> cyrus imap until I created a new user in sasldb (with the new real).  It
"new realm"
> seems that sasldb kept the realm/hostname with which they were
> originally created, but the accounts in cyrus imap moved to the new
> hostname.  Could anyone help me understand what was going on?
> Here are more details about what I did.  The old vm was vm-lenny00; the
> new one was vm-migrate07.
> On the new vm, 
> # sasldblistusers2
> cyrus at vm-lenny00: userPassword
> ross at vm-lenny00: userPassword
> I tried explicitly qualifying the names I used to login to imap; when
> that didn't work I added this line to imapd.conf:
> loginrealms: vm-lenny00 vm-lenny00.kvm.lan
> At this point the logs indicate I was able to authenticate, but my mail
> clients (evolution and mutt) reported they couldn't find a mailbox.
> Then I did 
> # saslpasswd2 -c ross
> which created a ross at vm-migrate07 id in the sasldb.  I was able to login
> to imap, using an unqualified "ross" as my username.
> So the imap server acts as if the accounts formerly associated with
> ross at vm-lenny00 actually belong to ross at vm-migrate07.  In this case
> that's convenient, but I'm puzzled why it happened.
> sasl 2.1.22 with cyrus 2.2.13 on Debian Lenny.  imapd.conf includes
> allowplaintext: yes
> sasl_minimum_layer: 0
> loginrealms: vm-lenny00 vm-lenny00.kvm.lan
> sasl_pwcheck_method: auxprop
> No virtual domains options are set.
> Thanks.
> Ross

More information about the Info-cyrus mailing list