Gentoo Archives: gentoo-user

From: Matt Harrison <iwasinnamuknow@×××××××××.com>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] courier imap over nfs
Date: Sun, 01 Aug 2010 23:12:39
Message-Id: 4C55FF20.2030100@genestate.com
In Reply to: Re: [gentoo-user] courier imap over nfs by kashani
1 -----BEGIN PGP SIGNED MESSAGE-----
2 Hash: SHA1
3
4 Hi, thanks for the replies guys
5
6 On 01/08/2010 18:17, kashani wrote:
7 > On 8/1/2010 8:06 AM, Matt Harrison wrote:
8 >> Just wondering if anyone has any experience with courier-imap
9 >> serving mailboxes over
10 >> NFS. From googling around it seems courier should support remote
11 >> homedirs but I can't
12 >> get it working.
13 >>
14 >> My user authenticates according to the logs, but the client reports
15 >> invalid
16 >> credentials. Remove the NFS home directory and it works again.
17 >>
18 >> Any help would be appreciated, otherwise I'm going to have to
19 >> install courier-imap on
20 >> solaris, and I really don't feel like that :P
21 >>
22 >
23 > I'd suspect UID/GID mismatches somewhere. Make sure the machine
24 > delivering the email, the home dirs, and the machine running
25 > courier-imap all see .maildir as the same user account. You may want
26 > to put Courier-imap into verbose or debug mode as well.
27 > I'd also look at your NFS config to see if you're doing any
28 > squashes into other UIDs. And just for the hell of it, never use
29 > mbox over NFS. The locking will kill you on a busy system.
30 >
31 > kashani
32 >
33 Ok, the machine that is serving the home directories never gets
34 accessed directly by the users, the UIDs/GIDs are set on creation at
35 the client end. The users have no problems at all using the home
36 directory via a shell on any client machine, so I believe permissions
37 are ok.
38
39 Also, I was a bit misleading when I spoke about mailboxes, we are
40 using Maildir. I just said mailboxes as a term to encompass the mail
41 folders serverd by imap for each account :)
42
43 I've tried to put courier-imap into debug mode (level 1) and I get
44 what appears to be a successful authentication from pam, but the mail
45 clients still don't like it:
46
47 authdaemond: received auth request, service=imap, authtype=login
48 authdaemond: authpam: trying this module
49 authdaemond: authpam: sysusername=matt, sysuserid=<null>,
50 sysgroupid=100, homedir=/home/matt, address=matt, fullname=,
51 maildir=<null>, quota=<null>, options=<null>
52 genesis authdaemond: pam_service=imap, pam_username=matt
53 genesis authdaemond: dopam successful
54 genesis authdaemond: Authenticated: sysusername=matt,
55 sysuserid=<null>, sysgroupid=100, homedir=/home/matt address=matt,
56 fullname=, maildir=<null>, quota=<null>, options=<null>
57
58 The only difference in the logs is that an NFS user ends with the
59 above snippet, whereas a normal user goes on to log the imap connection:
60
61 imapd-ssl: LOGIN, user=matt, ip=[xxx.xxx.xxx.xxx], port=[3276],
62 protocol=IMAP
63
64 On 01/08/2010 18:19, Stroller wrote:
65 > Have you considered dovecot?
66 >
67 > Stroller.
68 >
69 I haven't, no. Not for any reason other than I hit upon courier first
70 and I has always worked pretty well until now. Is there a large
71 advantage to using dovecot for imap over nfs? Or were you implying
72 that it would be easier to setup on solaris?
73
74 On 01/08/2010 19:10, Alex Schuster wrote:
75 > Are your users in more than 16 groups? NFS only manages up to 16, which
76 > once gave me weird side effects.
77 >
78 > Wonko
79 No we're not using that many groups, and just to be sure I created a
80 test user in only one group and it still have me the problem :(
81
82 Grateful for the input guys, and for any more light you can shed on
83 this :)
84
85 thanks
86
87 Matt
88 -----BEGIN PGP SIGNATURE-----
89 Version: GnuPG v1.4.10 (MingW32)
90 Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
91
92 iEYEARECAAYFAkxV/yAACgkQdG+qMRd5kKpSEACaAlXaCNCD8wizWJ2Nb0Rvtd+u
93 NTgAoLHObEBfdk3Mbvt7EkXcAG4jSu8W
94 =TeFA
95 -----END PGP SIGNATURE-----

Replies

Subject Author
Re: [gentoo-user] courier imap over nfs Stroller <stroller@××××××××××××××××××.uk>