Denny Schierz
2011-Jun-22 11:19 UTC
[Dovecot] Change passwd backend over cron: what happens if changes while reading?
hi, I want to use two backends f?r DoveCot. One generated file from the LDAP tree, and the real LDAP. The first backend is generated from a cronjob thats reads the whole ldap server and converts them into a DoveCot passwd file. I red in the Wiki, if the user password isn't correct, than DoveCot asks the second backend (LDAP). Is this correct? Because, the the user can change his password, but Cron generates only every hour the file. So the password in the passwd-file isn't correct, until Cron runs again. The second, what happens, if Dovecot reads the file and in the same moment, Cron generate the new file? Does he change to the second backend? Or do I (the user) get an error? cu denny -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20110622/1008abab/attachment-0002.bin>
Phil Turmel
2011-Jun-22 18:24 UTC
[Dovecot] Change passwd backend over cron: what happens if changes while reading?
Hi Denny, On 06/22/2011 07:19 AM, Denny Schierz wrote:> I want to use two backends f?r DoveCot. One generated file from the LDAP > tree, and the real LDAP. > > The first backend is generated from a cronjob thats reads the whole ldap > server and converts them into a DoveCot passwd file.OK.> I red in the Wiki, if the user password isn't correct, than DoveCot asks > the second backend (LDAP). Is this correct? Because, the the user can > change his password, but Cron generates only every hour the file. So the > password in the passwd-file isn't correct, until Cron runs again.I don't know this.> The second, what happens, if Dovecot reads the file and in the same > moment, Cron generate the new file? Does he change to the second > backend? Or do I (the user) get an error?I do know this. If the cron job is writing directly to the passwd file, you will have opportunities where dovecot can see a partial file. I don't know what will happen for sure in this case, but you might trigger rare bugs. You should make your cron job write to a temporary new file, close it, then rename it to the correct name. This will atomically replace the old version with the update. If dovecot has the file open when you do this, it will carry on with the prior copy (delete will be deferred until the file is closed). Dovecot will see the changes the next time it opens the file.> > cu dennyHTH, Phil
Possibly Parallel Threads
- Re: Adding a new virtual block device to a guest
- ldapsearch dump for passwd file: base64 encoded passwords
- 1.2.14 --- auth(default) Error: LDAP: Connection lost to LDAP server, reconnecting
- LDAP + mail_location: Get "%d" from customfield
- Cyrus Virtual Domains: Domain migration from Cyrus