[OpenAFS] Re: AFS & Maildir
Noel Burton-Krahn
noel@bkbox.com
Tue, 16 Dec 2003 10:06:01 -0800
Hi David,
No I don't mind, and sure, I can tell you how to get qmail working under
AFS.
qmail invokes qmail-local for local deliveries. So, I replaced qmail-local
with a script that gets AFS permissions first:
1. Create a "maild" AFS user.
2. Make sure "maild" can list, create, and delete files in user's Maildirs
find ~user/Maildir -type d | xargs fs setacl -acl maild:lid -dir
3. qmail-local will need to read the "maild" password to get AFS tokens
before delivering. I suppose you could do this with a krb5 keytab file, but
I just put the raw password in a root-readable file
echo maild-password > /var/qmail/cache/maild-password
chmod 0400 /var/qmail/cache/maild-password
4. finally, make a wrapper around qmail-local
cd /var/qmail/bin
mv qmail-local qmail-local.orig
cat >qmail-local <<EOF
#! /bin/sh
set -eu
kinit maild </var/qmail/cache/maild-password
aklog -setpag
exec /var/qmail/bin/qmail-local.orig
EOF
chmod a+x qmail-local
I use Krb5 and OpenAFS under Debian. Check out www.bkbox.com.
--Noel
----- Original Message -----
From: "David Stubbs" <david.stubbs@idessa.com>
To: <noel@bkbox.com>
Sent: Tuesday, December 16, 2003 1:35 AM
Subject: AFS & Maildir
> Hi noel,
>
> I hope that you don't mind the intrusion, I spotted a thread on an
> OpenAFS mailing list. In the thread you mention that you have patched
> qmail to deliver to maildir on an AFS system, using rename instead of
> link. I was just wondering if you would consider sharing you patch with
> me/my company. As we have just setup and OpenAFS system, that houses
> our home directory, then we found out that we could not use our qmail
> system to deliver on to the AFS system. :-(
>
> I look forward to your reply,
>
> Thanks
> David Stubbs.
>
>