resistance is obsolete ™ ;-)
Home
About
Applications
Support
Mailinglists
Docs
Manual
Docs Plone
Snippets
FAQ
Mailinglists
Screenshots
Developers
SOGo
GroupDAV

Configuring Cyrus on SuSE 8.2

Unlike Debian, SuSE 8.2 doesn't come with a working Cyrus installation and requires quite a lot of tweaks to get working ...

A: Install Cyrus Package

Don't remember any surprises on this front ;-)

B: Starting and Connecting Cyrus

Let the trouble start: after the installation Cyrus came up just fine. But connecting using OGo or telnet localhost imap gave no response - the Cyrus server just "hung".
Took some time to discover the reason in /var/log/messages: 

Jan 20 10:49:41 dogbert master[15023]: about to exec /usr/lib/cyrus/bin/ctl_cyrusdb
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: checkpointing cyrus databases
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: DBERROR db4: /var/lib/imap/db/__db.001: Permission denied
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: DBERROR: dbenv->open '/var/lib/imap/db' failed: Permission denied
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: DBERROR: init /var/lib/imap/db: cyrusdb error
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: done checkpointing cyrus databases

Well, of course SuSE wants to sell email servers and support, so they apparently "forgot" to prepare correct permissions in the Cyrus package ;-)
So to go on we did: 

chown -R cyrus /var/lib/imap

Then, restart Cyrus and it allowed connections, that is, it showed the proper greeting: 

dogbert:/etc # telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK dogbert Cyrus IMAP4 v2.1.12 server ready

Why does SuSE provide broken Cyrus packages in a version *8.2*?
Why does the startscript report a successfully started Cyrus if it isn't and blocks connecting clients as well as consumes file descriptors?
Well, and finally: why don't I remove that distri and install Debian? ;-)

C: Configuration for sasldb Authentication

Since I prepared that for a development system, I wanted to use the sasldb file instead of saslauthd/PAM which is configured per default on SuSE 8.2.
Now while Debian provides a pretty well commented and formatted imapd.conf, the SuSE config only contained a few lines with some default parameters.
Anyway, after reading the saslauthd manpage: 

sasldb (All platforms)
Authenticate against the SASL authentication database. Note
that this is probabally not what you want to be using, and is
even disabled at compile-time by default. If you want to use
sasldb with the SASL library, you probably want to use the
pwcheck_method of "auxprop" along with the sasldb auxprop plu-
gin instead.

and then adding the mentioned lines to /etc/imapd.conf:

#sasl_pwcheck_method: saslauthd
#hh:
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb

it was finally using the SASL database:

dogbert:/etc # telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK dogbert Cyrus IMAP4 v2.1.12 server ready
1 login "helge" "blah"
1 OK User logged in

BTW: the password for a sasldb user is set using the saslpasswd utility.

D: Next surprise: Permissions still mixed up

With the setup above OGo could successfully authenticate the login. Being an empty mailbox, OGo tries to create the default folders automagically, that is, INBOX, Trash and the like.
But this was still mixed up due to permission problems of the Cyrus package: 

Jan 20 12:37:17 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:17 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:18 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:18 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:19 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:19 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeSentFolder]]: Couldn't find/create sentFolder

OGo looped not being able to create its folder (can be considered a minor OGo bug ...). Well, of course this was due to more permission issues with the SuSE RPM: 

Jan 20 13:43:31 dogbert imapd[17044]: skiplist: checkpointed /var/lib/imap/mailboxes.db (1 record, 204 bytes) in 0 seconds
Jan 20 13:43:31 dogbert imapd[17044]: IOERROR: creating directory /var/spool/imap/user: Permission denied

for my dev-installation I solved this using: 

dogbert:/etc # chmod g+w /var/spool/imap

... which finally gave me a working Cyrus.

So ...

Not really sure how a regular admin is supposed to deal with all those unnecessary problems.
I would suggest anyone not to install Cyrus like above but rather switch to Debian. This will also give you reliable updates ;-)

We welcome your feedback!
 		Trademarks.  
This site is sponsored by
SKYRIX Software AG
ZideOne GmbH
MDlink