On Thu, Aug 02, 2001 at 01:53:55PM -0700, Greg White wrote:
> On Thu, Aug 02, 2001 at 09:44:47AM -0400, Rudy Zung wrote:
> > On Wed, Aug 01, 2001 at 03:27:49PM -0700, Greg White wrote:
> > > On Wed, Aug 01, 2001 at 05:17:46PM -0400, Rudy Zung wrote:
> > > > [Don't remember if I've already posted this; sorry if it's a repeat.]
> > > >
> > > > Trying to run qmail with Maildir on a Slackware with AFS. The AFS is
> > > > installed and runs properly. Users' home volumes and Maildir are on AFS.
> > > > Qmail is generating temporary delivery errors; the mail never gets delivered.
> > >
> > > Seeing the temporary delivery errors would likely be helpful here.
> > > "What Do the Logs Say?"
> >
[...ellide...]
> Doing some digging, I found some folks discussing qmail and AFS, and
> discussing AFS/Kerberos tokens, and a workaround for same -- I presume
> that a token is required?
>
> A google search on qmail + AFS returned the hits very quickly, and they
> contained the basics of the workaround, from what it seemed to me. Not
> being an AFS user, I can't help you much more than that.
>
> The only other hits on that error message were quota-overfull, or
> unwritable homes, and such.
>
> Any qmail+AFS users care to step into the conversation at this point?
I tried google search as well but seemed to have come across a lot of hits
of emails from people where the RFC headers included the "with qmail" words
and the subject matter had something to do with AFS (but not necessarily
qmail with AFS.)
AFS imposes its own idea on the filesystem; you identity is authenticated
with Kerberos, which then issues you a token which is valid for
approximately 24 hours; the token basically "proves" that you are who you
claim to be by virtue of the fact that you knew the authentication password.
AFS also allows system:anyuser full access to files and directories;
system:anyuser is really basically anyone, including those without tokens.
I have tried setting the directory to essentially be unprotected and
accessible by all. Starting a tokenless session, I am able to touch(1) and
redirect echo(1) into files in the Maildir directory; so the problem that my
qmail has may not necessarily be a tokens thing (although once I get qmail
delivering, I will change it and require a token, and put in a cron job to
reauth the token on a periodic basis so that the qmail jobs will always have
a valid token.)
Best that I can guess, is that the error is generated in local.c; looks like
it performs a chdir(), and is doing some unlinks and hard links.
Anyway, thanks for looking into this.
--
...Ru (a low-cost superhero)
On, on! Blue skies. Think snow.
1740484I 998300172 076662 82968/A17215 045124P E286/184435
975-203608 11859 DS1160
