Unlike Debian, SuSE 8.2 doesn't come with a working Cyrus installation and requires quite a lot of tweaks to get working ...
A: Install Cyrus Package
Don't remember any surprises on this front ;-)
B: Starting and Connecting Cyrus
Let the trouble start: after the installation Cyrus came up just fine. But connecting
using OGo or telnet localhost imap gave no response - the Cyrus server just "hung".
Took some time to discover the reason in /var/log/messages:
Jan 20 10:49:41 dogbert master[15023]: about to exec /usr/lib/cyrus/bin/ctl_cyrusdb
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: checkpointing cyrus databases
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: DBERROR db4: /var/lib/imap/db/__db.001: Permission denied
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: DBERROR: dbenv->open '/var/lib/imap/db' failed: Permission denied
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: DBERROR: init /var/lib/imap/db: cyrusdb error
Jan 20 10:49:41 dogbert ctl_cyrusdb[15023]: done checkpointing cyrus databases
Well, of course SuSE wants to sell email servers and support, so they apparently
"forgot" to prepare correct permissions in the Cyrus package ;-)
So to go on we did:
chown -R cyrus /var/lib/imap
Then, restart Cyrus and it allowed connections, that is, it showed the proper
greeting:
dogbert:/etc # telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK dogbert Cyrus IMAP4 v2.1.12 server ready
Why does SuSE provide broken Cyrus packages in a version *8.2*?
Why does the startscript report a successfully started Cyrus if it isn't and blocks
connecting clients as well as consumes file descriptors?
Well, and finally: why don't I remove that distri and install Debian? ;-)
C: Configuration for sasldb Authentication
Since I prepared that for a development system, I wanted to use the sasldb
file instead of saslauthd/PAM which is configured per default on SuSE 8.2.
Now while Debian provides a pretty well commented and formatted
imapd.conf, the SuSE config only contained a few
lines with some default parameters.
Anyway, after reading the saslauthd manpage:
sasldb (All platforms)
Authenticate against the SASL authentication database. Note
that this is probabally not what you want to be using, and is
even disabled at compile-time by default. If you want to use
sasldb with the SASL library, you probably want to use the
pwcheck_method of "auxprop" along with the sasldb auxprop plu-
gin instead.
and then adding the mentioned lines to /etc/imapd.conf:
#sasl_pwcheck_method: saslauthd
#hh:
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin: sasldb
it was finally using the SASL database:
dogbert:/etc # telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK dogbert Cyrus IMAP4 v2.1.12 server ready
1 login "helge" "blah"
1 OK User logged in
BTW: the password for a sasldb user is set using the saslpasswd utility.
D: Next surprise: Permissions still mixed up
With the setup above OGo could successfully authenticate the login. Being an
empty mailbox, OGo tries to create the default folders automagically, that is,
INBOX, Trash and the like.
But this was still mixed up due to permission problems of the Cyrus package:
Jan 20 12:37:17 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:17 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:18 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:18 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:19 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeInboxFolder]]: Couldn't find/create inbox
Jan 20 12:37:19 OpenGroupware [16513]: WARNING[-[NGImap4Context initializeSentFolder]]: Couldn't find/create sentFolder
OGo looped not being able to create its folder (can be considered a minor OGo bug ...). Well, of course this was due to more permission issues with the SuSE RPM:
Jan 20 13:43:31 dogbert imapd[17044]: skiplist: checkpointed /var/lib/imap/mailboxes.db (1 record, 204 bytes) in 0 seconds
Jan 20 13:43:31 dogbert imapd[17044]: IOERROR: creating directory /var/spool/imap/user: Permission denied
for my dev-installation I solved this using:
dogbert:/etc # chmod g+w /var/spool/imap
... which finally gave me a working Cyrus.
So ...
Not really sure how a regular admin is supposed to deal with all those
unnecessary problems.
I would suggest anyone not to install Cyrus like above but rather switch to
Debian. This will also give you reliable updates ;-)