cyrus imap realm moves but sasl stays put
Ross Boylan
ross at biostat.ucsf.edu
Tue Jun 7 03:27:13 EDT 2011
Sorry: should have been "realm" not "real" in the subject! And below...
Ross
On Mon, 2011-06-06 at 23:23 -0700, Ross Boylan wrote:
> I made a virtual machine whose disk was a writable snapshot of the disk
> from another VM. After I changed the hostname, I was unable to login to
> cyrus imap until I created a new user in sasldb (with the new real). It
"new realm"
> seems that sasldb kept the realm/hostname with which they were
> originally created, but the accounts in cyrus imap moved to the new
> hostname. Could anyone help me understand what was going on?
>
> Here are more details about what I did. The old vm was vm-lenny00; the
> new one was vm-migrate07.
>
> On the new vm,
> # sasldblistusers2
> cyrus at vm-lenny00: userPassword
> ross at vm-lenny00: userPassword
>
> I tried explicitly qualifying the names I used to login to imap; when
> that didn't work I added this line to imapd.conf:
> loginrealms: vm-lenny00 vm-lenny00.kvm.lan
>
> At this point the logs indicate I was able to authenticate, but my mail
> clients (evolution and mutt) reported they couldn't find a mailbox.
>
> Then I did
> # saslpasswd2 -c ross
> which created a ross at vm-migrate07 id in the sasldb. I was able to login
> to imap, using an unqualified "ross" as my username.
>
> So the imap server acts as if the accounts formerly associated with
> ross at vm-lenny00 actually belong to ross at vm-migrate07. In this case
> that's convenient, but I'm puzzled why it happened.
>
> sasl 2.1.22 with cyrus 2.2.13 on Debian Lenny. imapd.conf includes
> allowplaintext: yes
> sasl_minimum_layer: 0
> loginrealms: vm-lenny00 vm-lenny00.kvm.lan
> sasl_pwcheck_method: auxprop
>
> No virtual domains options are set.
>
> Thanks.
> Ross
>
More information about the Info-cyrus
mailing list