[Dovecot] linuxconf migration story

[Thanos Chatziathanassiou]

O/H Timo Sirainen έγραψε:
> On Mon, 2009-01-12 at 21:21 +0200, Thanos Chatziathanassiou wrote:
>   
>>>> - Is there something to configure to get rid of this ?
>>>>     
>>>>         
>>> Where are IMAP's non-INBOX mailboxes located? The index files should be
>>> in the same directory.
>>>   
>>>       
>> Since this is a (previous) linuxconf installation, they are located in 
>> ``/vhome/<domain>/home/<user>''
>> This is an NFS mounted directory in my case.
>>     
>
> Are there multiple servers accessing it or just one? If just one there
> are really no problems. If multiple then there might be problems, but it
> still might be better to keep them on NFS.
>   
There are 4 servers with linux-vs in front.
I moved the index files to NFS and things seem to work fine.
Maybe use the persistent (-p) option on LVS ?
>   
>> Would I want to store the indexes there after disabling mmap(), using 
>> fcntl locks and adding ``mail_privileged_group = mail'' to dovecot.conf ?
>>     
>
> mmap disabling is good, fcntl locks are the default but why would you
> need the mail_privileged_group? http://wiki.dovecot.org/NFS anyway lists
> the issues.
>   
I clearly misunderstood the use of mail_privileged_group, that's why.
As for the locks, as of linux 2.6.13 there's flock emulation via fcntl 
for nfs, but I don't suppose there's any benefit in it.
>   
>>>> Also, I have written a somewhat sloppy patch to determine the domain 
>>>> from the server's IP. That way it is not necessary to persuade all users 
>>>> to switch to logging in as ``user at domain'' (which I've tried with very 
>>>> limited success).
>>>> Would this be the correct place to post the patch and discuss ?
>>>>     
>>>>         
>>> Go ahead and post it. But I'm not sure if it really belongs to Dovecot
>>> itself, since it's possible to do with several passdbs already (at least
>>> SQL and checkpassword).
>>>   
>>>       
>> Attached. Rather crude though...
>>     
>
> Ah, reverse DNS lookups again. 
I didn't come across any relevant discussion in the list archives or I 
would have spared you the details
> I really hate the blocking DNS lookups.
> Especially when DNS server happens to be answering really slowly you
> start getting these weird hangs that are difficult to debug.. Some day
> I'm thinking about including some asynchronous DNS lookup library with
> Dovecot that could do these lookups.
>   
You're probably right, however there is some justification: If the user 
bothered to use user at domain login, the code would never execute (and 
consequently block). In essence, we can either do this or fail the login 
right away. And DNS is running on localhost and authoritative for the 
zone in question, so any delay should be quite small.
I understand that its usefulness in general is questionable though...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3237 bytes
Desc: S/MIME Cryptographic Signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20090114/d90500bc/attachment-0001.bin