Bulk deletion of mailbox ACLs under Cyrus 2.4.4

[Mark Cave-Ayland]

On 03/09/11 12:50, Mark Cave-Ayland wrote:

> Thanks for the heads up. Does that mean I should invoke reconstruct on
> all the mailboxes whose permissions I've changed in this way in order to
> bring the backup ACLs back in line with the mailboxes.db changes?

Sigh. So as soon as I ran reconstruct on the parts of the tree I had 
changed using my previous approach, it noticed that the backup ACLs 
weren't included in mailboxes.db and hence added them all back in again :/

Following on from your previous email, I ended up patching cyradm in 
order to allow a wildcard ACL deletion which worked really well, 
although some mailboxes were still confused to the point where I had to 
remove individual ACLs from the mailbox as a bulk deletion didn't work 
(I guess again this was confusion caused by a combination of different 
backup ACLs, reconstruct and mailboxes.db). Since these problem ACLs 
were removed, everything now works fine so I can recursively drop and 
rebuild all ACLs on our shared folder tree using a small bash script :)

> Also is there any reason why cyradm couldn't be modified to accept
> wildcards for uids in order to remove all of them? It strikes me that
> this is almost a bug given that I can sam an entire mailbox hierarchy
> but not do the same with dam.

The perl code seemed reasonably easy to follow with a good API design 
and so the resulting patch is quite neat. I've created a new bug in 
bugzilla and attached the patch there as it would be very useful to have 
this included within the main cyrus codebase: 
https://bugzilla.cyrusimap.org/show_bug.cgi?id=3550.


Many thanks,

Mark.

-- 
Mark Cave-Ayland - Senior Technical Architect
PostgreSQL - PostGIS
Sirius Corporation plc - control through freedom
http://www.siriusit.co.uk
t: +44 870 608 0063

Sirius Labs: http://www.siriusit.co.uk/labs