Bulk deletion of mailbox ACLs under Cyrus 2.4.4

Mark Cave-Ayland mark.cave-ayland at siriusit.co.uk
Sat Sep 3 07:50:11 EDT 2011


On 03/09/11 06:16, Bron Gondwana wrote:

>> Just for the archives: I managed to find an alternative solution to my
>> problem. I ended up analysing the output of ctl_mboxlist -d and then
>> writing a bit of perl to generate an output file with the same format
>> for just the mailboxes I was interested in changing but with no ACLs. I
>> then fed the resulting file into ctl_mboxlist -u and as if by magic the
>> job was done :)
>
> FYI - while that kinda works, it is slightly skanky, and leaves the
> mailboxes.db and the "backup copy of the ACL" in the mailbox header
> out of sync.  It's also going to break in future when the content
> of mailboxes.db changes.  It's also somewhat incompatible with
> replication, murder, etc.
>
> The correct way[tm] is to iterate over all the mailboxes and do a
> "setacl" for each one you want to change, probably using an external
> script that talks IMAP.

Hi Bron,

Thanks for the heads up. Does that mean I should invoke reconstruct on 
all the mailboxes whose permissions I've changed in this way in order to 
bring the backup ACLs back in line with the mailboxes.db changes?

Also is there any reason why cyradm couldn't be modified to accept 
wildcards for uids in order to remove all of them? It strikes me that 
this is almost a bug given that I can sam an entire mailbox hierarchy 
but not do the same with dam.


Many thanks,

Mark.

-- 
Mark Cave-Ayland - Senior Technical Architect
PostgreSQL - PostGIS
Sirius Corporation plc - control through freedom
http://www.siriusit.co.uk
t: +44 870 608 0063

Sirius Labs: http://www.siriusit.co.uk/labs


More information about the Info-cyrus mailing list