Gabriel Ambuehl writes:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> Hello Ken,
>
> Tuesday, June 05, 2001, 12:00:35 PM, you wrote:
>
>>> What about an customizable number of read only machines of which
>>> vpopmail chooses one, by round robin, for example?
>> I guess we could do that. It would be easier to impliment a
>> list of servers and go down the list untill one is found
>> that accepts the connection.
>
> I'm not entirely sure how bind does it, but it does either this
> or a selects a random server out of multiple ones for round robin
> DNS.
> Hence the point of round robin, the above should do the job of
> spreading the load among multiple slaves...
I don't think we need to have round robin slave connections.
What the mysql replication people kind of assume is that there
is a slave server on each machine. And that makes alot of
sense connection wise.
If the slave is on your local machine, then the connection
to the mysql slave is done via unix sockets. Much lighter
weight and faster. Otherwise the connection is done across
the network which means tcp/ip gets involved.
>> Onjre (spelling?) has a patch to get the information from
>> a environment variables. Which sounds good but I can see
>> some problems with it, primarily it adds another level
>> of complexity in running the command line programs. Users
>> and shell programs would have to set thier environment
>> variables. Or perhaps a mix of the two, if an environment
>> variable is set, use that, otherwise use the compiled one.
> But how do you want to solve this issue when using environment
> variables? Those are either user specific or world readable,
> AFAIK (except for the possibility to use temporary ones which are set
> only for the process but this would result in decreased performance).
> I also think it would be a bit of a performance penalty to
> parse the environment variables every time vchkpw gets invoked
> (probably even more so for a configuration file) so a compile time
> specification that stores the passwords in the binary file might
> actually be the better solution but then you still need a solution to
> the fact that some compilers seem to leave strings from compile time
> strings in the binary...
As far as I can see there is no safe way to protect the strings
in the binary.
I don't think the getenv(3) call is very computationally expensive.
It is basicly a lookup in memory.
We could set the environment variables in the qmail startup scripts
for pop, smtp and delivery.
Ondrej's idea was to have it as a configuration option.
>
>> Anyone have any thoughts about this? It would be great
>> to be able to compile one binary and use it on multiple
>> machines with different mysql server auth info.
>
> ACK. But I don't think that can be done in a safe way (except with
> the
> above mentioned process specific environment variables) when we want
> to
> have the ability of using arbitrary /etc/passwd users for vpopmail
> domains (which is a feature we don't use, for example)[1].
>
>
>
>
> Best regards,
> Gabriel
> [1] To have this to work, I assume some part of the mailserver needs
> to be running suid 0 so it can later suid to the appropriate user...
> Now would it be possible, to gather the info out of a uid0 chmod 400
> configuration file before the rights are dropped?
> b
By the time vdelivermail is called, qmail has already set the
uid/gid of qmail-local. So vdelivermail wouldn't be able to
read the file.
It looks like we should go with optional environment variables
and keep in the compiled vmysql.h info too.
Ken
