On 2014-11-13 12:29, Ron Leach wrote:
List, good afternoon,
We are at the planning stage of wanting to migrate from an existing installation onto a new machine, and also to change from system users to virtual users. May I check that our ideas for user id are correct?
I am not sure whether we will encounter a 'permissions' and 'user id' problem when moving from a system-user scheme to a virtual scheme. We use Maildir, and the maildirs at the moment are in their users' linux /home directories.
After reading the wiki, we think that the 'single system user for vmail' arrangement, ie just one system user to manage all the mail for all virtual users, will work for us. I think that means that the permissions on all our existing 'system-user-oriented' maildirs will have to be changed (in the new machine) so that they are owned by the 'single-system-user', such as 'vmail'.
One thought was to first copy the existing maildirs into the new virtual user file system tree, and then, second, change the owners and permissions on the maildirs and directories and messages to permit control by 'vmail'. From the point of view of transferring all the mail files, is that all we would have to do? (Of course, we would also have to create the virtual users and their passwords, and arrange the appropriate password lookups etc, but that's not the direct topic of this post. And that arrangement has to be compatible with the MTA, as well.)
That is what I did with a system account that I migrated a few months back and it worked out well.
If we do copy the maildirs and change the permissions, does all the metadata that the clients, or Dovecot, use to detect new, existing, or downloaded mail remain valid? Or should we use a different approach?
Hopefully someone with more experience will chime in and answer the particulars re metadata, but I did just what you're talking about and didn't have any problems; granted I was working with a test account with minimal data. I went from a setup like you described where I had /home/user/Maildir and migrated that content to /var/vmail/domain/user/Maildir and set the new system account as the user:group recursively. That setup has been working fine since. I initially made the mistake of leaving out the 'Maildir' subdirectory for the content, but after receiving some advice here on the list I corrected that mistake.