Cannot xfer or rename mailbox in murder

Nic Bernstein nic at onlight.com
Fri May 4 08:32:13 EDT 2012


In trying to bring up a murder with 2.4.10, I am encountering a problem 
I just cannot seem to get past.  I've got a Mupdate master, 2 backends 
and 2 frontends.  Everyone seems to be exchanging mailboxes.db info just 
fine, but I cannot move a mailbox (user inbox) from the original backend 
(used to be single, standalone system) to the second backend.

Here is sample cyradm session, first to a frontend:

    # cyradm -user cyradmin mail
    Password:
    mail>  xfer user.nic mailbox.wi
    xfermailbox: bad parameters to function

    mail>  rename user.nic user.nic mailbox.wi
    renamemailbox: The remote Server(s) denied the operation

and to the backend holding the mailbox to be moved:

    # cyradm -user cyradmin mailbox
    Password:
    mailbox>  xfer user.nic mailbox.wi
    xfermailbox: The remote Server(s) denied the operation

    mailbox>  rename user.nic user.nic mailbox.wi
    renamemailbox: The remote Server(s) denied the operation

Here are protocol traces from the hosts involved:
 From the first session:

    On host<mail>
    ---------- cyradmin Fri May  4 07:01:01 2012

    <1336132861<4 RLIST "" ""
    >1336132861>* LIST (\Noselect) "." ""
    4 OK Completed (0.000 secs)
    <1336132870<5 XFER user.nic mailbox.wi
    >1336132871>5 NO bad parameters to function
    <1336132898<6 RENAME user.nic user.nic mailbox.wi
    >1336132898>6 NO The remote Server(s) denied the operation

    On host<mailbox.wi>
    ---------- murder Fri May  4 07:01:10 2012

    <1336132871<Q01 LOGOUT
    >1336132871>* BYE LOGOUT received
    Q01 OK Completed

    On host<postman>  (with clock drift)
    ---------- postman Fri May  4 07:03:26 2012

    <1336133006<X0 ACTIVATE {8+}
    user.nic {26+}
    mailbox.occinc.com!default {63+}
    nic	lrswipcda	admin	d	cyrus	lrswipkxtea	cyradmin	lrswipkxtecda	
    >1336133006>X0 OK "done"
    <1336133006<Q01 LOGOUT
    >1336133006>Q01 OK "bye-bye"

And from the second:

    On host<mailbox.wi>
    ---------- murder Fri May  4 07:14:51 2012

    <1336133691<Q01 SETQUOTA {9+}
    +user.nic (STORAGE 3500000)
    >1336133691>Q01 NO Permission denied
    <1336133691<Q01 LOGOUT
    >1336133691>* BYE LOGOUT received
    Q01 OK Completed
    ---------- murder Fri May  4 07:15:00 2012

    <1336133700<Q01 SETQUOTA {9+}
    +user.nic (STORAGE 3500000)
    >1336133700>Q01 NO Permission denied
    <1336133700<Q01 LOGOUT
    >1336133700>* BYE LOGOUT received
    Q01 OK Completed

    On host<postman>  (again with clock drift)
    ---------- postman Fri May  4 07:16:38 2012

    <1336133798<X0 ACTIVATE {8+}
    user.nic {26+}
    mailbox.occinc.com!default {63+}
    nic	lrswipcda	admin	d	cyrus	lrswipkxtea	cyradmin	lrswipkxtecda	
    >1336133798>X0 OK "done"
    <1336133798<Q01 LOGOUT
    >1336133798>Q01 OK "bye-bye"

So it looks to me like the ACL is not being transferred, and the entire 
operation is buggered from there on.  Right?  What's the fix to this?  
Is there some overarching ACL which I'm missing?

Here are the pertinent (sanitized) portions of the configurations from 
both backends:

    # mailbox - main backend
    admins: cyrus cyradmin
    allowplaintext: yes
    sasl_pwcheck_method: saslauthd
    sasl_mech_list: PLAIN
    sasl_minimum_layer: 0
    sasl_auto_transition: no
    servername: mailbox.example.com
    proxyservers: cyradmin murder
    allowusermoves: true
    idlemethod: idled
    allowallsubscribe: true
    altnamespace: true
    defaultacl: anyone lrsip
    mupdate_server: postman.example.com
    mupdate_username: postman
    mupdate_authname: postman
    mupdate_password: password1
    proxy_authname: murder
    proxy_password: password2
    force_sasl_client_mech: PLAIN
    postman_mechs: PLAIN
    mailbox_mechs: PLAIN
    serverlist: mailbox mailbox.wi
    ----------------------

    # mailbox.wi - new backend
    admins: cyrus cyradmin
    allowplaintext: yes
    sasl_pwcheck_method: saslauthd
    sasl_mech_list: PLAIN LOGIN
    sasl_minimum_layer: 0
    sasl_auto_transition: no
    servername: mailbox.wi.example.com
    allowallsubscribe: true
    duplicatesuppression: true
    expunge_mode: delayed
    proxyservers: cyradmin murder
    allowusermoves: true
    mupdate_server: postman.example.com
    mupdate_username: postman
    mupdate_authname: postman
    mupdate_password: password1
    proxy_authname: murder
    proxy_password: password2
    force_sasl_client_mech: PLAIN
    postman_mechs: PLAIN
    mailbox_mechs: PLAIN
    serverlist: mailbox mailbox.wi

For what it's worth, all authentication is via saslauthd with LDAP.  I 
am able to create new mailboxes on the new backend, and access them via 
all frontends, etc.   I am just not able to transfer mailboxes, which is 
kind of the critical part of this whole effort (distribute mail from 
centralized location to remote sites).

Any assistance would be greatly appreciated.

Best regards,
     -nic

-- 
Nic Bernstein                             nic at onlight.com
Onlight, Inc.                             www.onlight.com
219 N. Milwaukee St., Suite 2a            v. 414.272.4477
Milwaukee, Wisconsin  53202

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20120504/4ecb237a/attachment.html 


More information about the Info-cyrus mailing list