Disable user login for a few seconds ?
Hi all,
I need to move e-mail files of my users from one file system to another.
I use a MySQL backend on Dovecot 2.1.
How can I do to disable temporary an account while moving files ?
I have an "active" bit in my DB, but if I set it to 0, my MX servers are bouncing mails.
How can I do to disable temporary an account ? In fact, I need dovecot not to do any change on files...
I think I could change account password for a while, and reset it after migration, but it will disturb connected users.
Maybe I could chmod 0 files on my old file system during migration ? How Dovecot will act ?
Thank you :)
Flo
Am 04.07.2014 10:52, schrieb Florent B:
Hi all,
I need to move e-mail files of my users from one file system to another.
I use a MySQL backend on Dovecot 2.1.
How can I do to disable temporary an account while moving files ?
I have an "active" bit in my DB, but if I set it to 0, my MX servers are bouncing mails.
How can I do to disable temporary an account ? In fact, I need dovecot not to do any change on files...
I think I could change account password for a while, and reset it after migration, but it will disturb connected users.
Maybe I could chmod 0 files on my old file system during migration ? How Dovecot will act ?
Thank you :)
Flo
read about this
http://wiki2.dovecot.org/Authentication/RestrictAccess
and/or
if your user has static ip use firwall to reject ( be aware of nat )
and/or
change behave of sql active table with i.e postfix to tmp fail etc
i.e ( dont copy paste ,must fit to your postfix(sql)config !!! )
smtpd_recipient_restrictions = reject_unknown_recipient_domain, reject_non_fqdn_recipient, permit_mynetworks, check_recipient_access mysql:/etc/postfix/mysql_virtual_inactive_mailaddress.cf,
mysql_virtual_inactive_mailaddress.cf
... query = SELECT CONCAT('421 mailaddress %s is set in inactive mode') address FROM mailbox WHERE username='%s' AND active = '0'
be aware of all other involved postfix/sql tables where active = 0 is honored too, do hard testing before use in production
after all change password might be the most easy way for only seconds
Best Regards MfG Robert Schetterer
-- [*] sys4 AG
http://sys4.de, +49 (89) 30 90 46 64 Franziskanerstraße 15, 81669 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263 Vorstand: Patrick Ben Koetter, Marc Schiffbauer Aufsichtsratsvorsitzender: Florian Kirstein
On 07/04/2014 11:33 AM, Robert Schetterer wrote:
Am 04.07.2014 10:52, schrieb Florent B:
Hi all,
I need to move e-mail files of my users from one file system to another.
I use a MySQL backend on Dovecot 2.1.
How can I do to disable temporary an account while moving files ?
I have an "active" bit in my DB, but if I set it to 0, my MX servers are bouncing mails.
How can I do to disable temporary an account ? In fact, I need dovecot not to do any change on files...
I think I could change account password for a while, and reset it after migration, but it will disturb connected users.
Maybe I could chmod 0 files on my old file system during migration ? How Dovecot will act ?
Thank you :)
Flo
read about this
http://wiki2.dovecot.org/Authentication/RestrictAccess
and/or
if your user has static ip use firwall to reject ( be aware of nat )
and/or
change behave of sql active table with i.e postfix to tmp fail etc
i.e ( dont copy paste ,must fit to your postfix(sql)config !!! )
smtpd_recipient_restrictions = reject_unknown_recipient_domain, reject_non_fqdn_recipient, permit_mynetworks, check_recipient_access mysql:/etc/postfix/mysql_virtual_inactive_mailaddress.cf,
mysql_virtual_inactive_mailaddress.cf
... query = SELECT CONCAT('421 mailaddress %s is set in inactive mode') address FROM mailbox WHERE username='%s' AND active = '0'
be aware of all other involved postfix/sql tables where active = 0 is honored too, do hard testing before use in production
after all change password might be the most easy way for only seconds
Best Regards MfG Robert Schetterer
Thank you very much Robert.
I also had a look at "dsync" tool. But I think it handles only mails directory, and not all user's home (my users's home contains indexes, Maildir and sieve directories).
Am 04.07.2014 11:46, schrieb Florent B:
Thank you very much Robert.
I also had a look at "dsync" tool. But I think it handles only mails directory, and not all user's home (my users's home contains indexes, Maildir and sieve directories)
rsync --force --delete-after --devices --specials -tPrlpogEAX /home/ root@new:/home/ stop services rsync --force --delete-after --devices --specials -tPrlpogEAX /home/ root@new:/home/ start services
you have nearly zero downtime because rsync at the second run only transfers changed / new files and building the filelist is also much faster due OS caches
stop mail server daemons (you DO have a backup MX I hope if you only have one mail server), rsync, (or if theres not much, sshfs and "cp -a") start mail server daemons.
if this is a different machine, with new IP, hope you changed your DNS to TTL 0 - and did it at least 24 hours ago so changes are picked up right away (dont forget to reset TTL to 1D again)
On 7/4/14, Florent B florent@coppint.com wrote:
On 07/04/2014 11:33 AM, Robert Schetterer wrote:
Am 04.07.2014 10:52, schrieb Florent B:
Hi all,
I need to move e-mail files of my users from one file system to another.
I use a MySQL backend on Dovecot 2.1.
How can I do to disable temporary an account while moving files ?
I have an "active" bit in my DB, but if I set it to 0, my MX servers are bouncing mails.
How can I do to disable temporary an account ? In fact, I need dovecot not to do any change on files...
I think I could change account password for a while, and reset it after migration, but it will disturb connected users.
Maybe I could chmod 0 files on my old file system during migration ? How Dovecot will act ?
Thank you :)
Flo
read about this
http://wiki2.dovecot.org/Authentication/RestrictAccess
and/or
if your user has static ip use firwall to reject ( be aware of nat )
and/or
change behave of sql active table with i.e postfix to tmp fail etc
i.e ( dont copy paste ,must fit to your postfix(sql)config !!! )
smtpd_recipient_restrictions = reject_unknown_recipient_domain, reject_non_fqdn_recipient, permit_mynetworks, check_recipient_access mysql:/etc/postfix/mysql_virtual_inactive_mailaddress.cf,
mysql_virtual_inactive_mailaddress.cf
... query = SELECT CONCAT('421 mailaddress %s is set in inactive mode') address FROM mailbox WHERE username='%s' AND active = '0'
be aware of all other involved postfix/sql tables where active = 0 is honored too, do hard testing before use in production
after all change password might be the most easy way for only seconds
Best Regards MfG Robert Schetterer
Thank you very much Robert.
I also had a look at "dsync" tool. But I think it handles only mails directory, and not all user's home (my users's home contains indexes, Maildir and sieve directories).
participants (4)
-
Florent B
-
Nick Edwards
-
Reindl Harald
-
Robert Schetterer