What I needed for mailman like functioning while making postfix work with ldap was an attribute that stores content of type DN (Distinguished Name) i.e. a node address, or holding a data type that stores nothing but data of type that can hold address of the data type itself.
In openldap, I used a schemas called evolutionPerson and evolutionPersonList (available with my fedora openldap distribution by moving evolutionperson.schema in /usr/share/evolution-data-server-1.12/ to /etc/opanldap/schemas/). evolutionPerson is very similar to inetOrgPerson class, which stores basically everything that could ever be used to describe a person. The reason I chose evolutionPerson over inetOrgPerson was the availablity of the evolutionPersonList class. Its attributes are : mail, contact and listnName, where both mail and contact can contain more than one values. mail and listName attribute type is text, and contact attribute type is DN. contact’s were used to create groups, and mail’s were used to forward the email to a third party server. Here is a screenshot of the same in action :
The contact attribute worked like charm. If any contact attribute turns out to be another evolutionPersonList, it repeats the whole process again for it, collecting new mails from it, and if it turns out to be evolutionPerson, it takes its mail attribute. The whole process repeats itself, taking care that infinite loops do not get created. In the end, what we get a list of mail ids to which the mail has to be sent.
Now, I haven’t yet figured out how to add evolutionperson.schema to schema. So, what did I do for delta?? I simply created my own schema. For a user, I already had whatever I needed in inetOrgPerson. All I need was some sort of an inetOrgPersonList. So, here are the steps :
I am assuming you have already setup fedora directory server through the wonderful install scripts provided. (/usr/sbin/setup-ds-admin.pl and then /usr/sbin/setup-ds.pl)
Open Fedora Directory Server admin console : /usr/bin/fedora-idm-console
Under the server groups entry in the default view tree, select your directory server and open it, using the DN and password you provided earlier during the directory server setup.
Under the to configuration tab, select schema. Select Attributes in the right hand pane.
Create a new attribute by clicking on the new attribute button at the bottom of the right pane.
I needed two new attributes for my purpose :
contact : of type DN, multi valued.
listName : of type String, single valued.
The third multivalued attribute I needed, mail, already exists.
Now, under the Object Classes pane, create any number of Objects you nees, using the attributes you just now created, or the preexisting ones.
The one created was inetorgpersonlist having Required Attributes listName and objectClass, and Allowed Attributes contact and mail. That’s it!!
Allow people to put files in the public_html folder in their home directories and allow it to be seen through the web server of that server in this format : http://servername/~username/hisorherfiles
Most people use mod_userdir to allow ~username directories in their webservers. However, there is simple rewrite rule workaround that eliminates the need for mod_userdir. I needed this because we had the home directories on the server, but the users had no login accounts on the server and they needed their public_html to work.
MDA : Mail delivery agent : A Mail Delivery Agent (MDA) is software that delivers e-mail messages right after they’ve been accepted on a server, distributing them to recipients’ individual mailboxes. (Eg: dovecot)
MUA : Mail user agent : An e-mail client, aka Mail User Agent (MUA), aka email reader is a frontend computer program used to manage email. (Eg: gmail, evolution, horde, squirrelmail, Outlook Express.) Now that thats out of the way, lets get our hands dirty.
But again, not so fast. As with anything in linux, when you set off to configure something, you end up knowing much more than you bargained for. ;)
Aliases are mappings between one source name and one or many destination name (in mail).
Aliases can be found out from flat files in the form of mapping, from sql queries or from ldap (man ldap_table). The source itself can be in the destination.
Link to alias files is given in /etc/postfix/main.cf at line alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases.cf
Type /usr/sbin/postmap -q core@pragyan.org ldap:/etc/postfix/ldap-aliases.cf to see its effects.
The local_transport parameter corresponds to the mail delivery agent used.
The default with postfix is local. The problem with local is that is requires local users and hence, a posixAccount schema to be an objectClass of every mail account. Rejected. Btw local also has to ability of mail forwarding to a user. i.e. if mailbox of user user1 is user1@gmail.com (user forwarding), then local will also forward to user1@gmail.com. By default, it assumes the uid of the user it is delivering mail to while delvering mail.
Next is virtual. This is the one used. Virtual accepts users who are system users. But virtual (for security purposes) does not forward to hosts other than the localhost. So how do we forward to external hosts? virtual forwards in case the mails are aliases. So we simply put the gmail address as the entry of one of the aliases of the mail. If virtual MDA is used then whose uid does it use? (because the uid of the user himself doesn’t exist on the system). Another parameter value has to be used :
Excellent notes are available in /usr/share/doc/postfix-2.4.3/README_FILES/LDAP_README.
Any “map” parameter value, like alias_maps, can be either given a flat mapping file name, or a .cf file, with tells it what to do to get the mapping, in this format : protocol:filename. Eg.
mbox is a format for storing mails. It is the default format used in postfix and dovecot. This is a line from dovecot conf : mail_location = mbox:/var/spool/mail/virtual/PragyanMail/%u:INBOX=/var/spool/mail/virtual/%u
The first part (mbox:/var/spool/mail/virtual/PragyanMail/%u:INBOX=/var/spool/mail/virtual/%u) refers to the user’s mail folder, which contains all his mail folders (Trash, drafts, sent mail.. ) (the user’s mail folders are files in mbox format)
The second part (mbox:/var/spool/mail/virtual/PragyanMail/%u:INBOX=/var/spool/mail/virtual/%u) refers to the one specific user folder (i.e. server file) which postfix writes to, that is his INBOX. (All other folders are written to and handled by the IMAP client - dovecot.) Other variables which could have been used for specifying this are : %u - username, %n - user part in user@domain, same as %u if there’s no domain, %d - domain part in user@domain, %h - home directory etc.
A virtual user can specify his mail folder to be anywhere. So, the following is a security config for postfix INBOX files :
virtual_mailbox_base = /var/spool/mail/virtual
Also chmod g+s /usr/bin/procmail for it to be able to create mail directories
User mailboxes virtual_mailbox_maps - mapping between mailaddress (user1@pragyan.org) and mailbox location (/var/spool/mail/virtual/user1). A confirmation that the mail address corresponds to a real virtual user. For mail to be delivered, this entry needs to be there, which contains the mailbox address. This is but only a one to one mapping. (Ignores all following values) local_recipient_maps = $virtual_mailbox_maps This line is required whenever the local_transport is changed to something else. (in this case to virtual)
The final main.cf entry that fits it all : virtual_mailbox_base = /var/spool/mail/virtual . A file with the name that is a result of the previous query (uid), gets created in this directory as the inbox of the user. Workflow is mailid → getaliases → Use alias result to get mail ids → deliver. That is, first alaises get processed, then accountsmap.
Only yesterday I was having a discussion with Purnima on the way while escorting her to the station. How should you spend your life such that you have no regrets about it in your death bed?
I haven’t figured out the answer for myself yet.
I tend to try to achieve as much as possible. But why?
A part of the answer is my thirst for knowledge, my unending desire to make sure things work and another part is, I fear, to make others look up to me. But this again conflicts with my notion of not having a role model. Why do what others have done before? How does that make your life worthwhile? And by worthwhile I mean precious, non replaceable.
In other words, I tell myself it doesn’t matter what others think of me. But I it still does matter to me what others think.
As for the question what makes one life complete/worthwhile/not regrettable, will blog about it when the answer comes to me.
Having gone through the hell of installing an LDAP server once, I thought I could I could install the openldap server on the old server that we had to shift to.
Anshu had already broken his head on it and was at the verge of losing his sanity. And so i stepped in.
First I checked /etc/openldap/slapd.conf, line by line. Everything was fine. ldapadd -W -x -D "cn=Manager,dc=pragyan,dc=org" -f base.ldif **invalid credentials (49)**
slappasswd Enter password: {SHA}xyxzsdf;alskjdf;lasjdf;lajd I put the password in slapd.conf
tried again. **invalid credentials (49)**
Changed the rootdn in slapd.conf **invalid credentials (49)**
Uninstalled openldap-server, openldap-client, db4utils rpm -e --nodeps openldap-server openldap-client db4utils etc... Reinstalled all of these from yum yum install openldap-server openldap-client db4utils etc... Reconfigured slapd.conf **invalid credentials (49)**
I started making strange sounds, started laughing without reason.
Opened a website listing down installation steps, followed them line by line **invalid credentials (49)**
Thats when I remembered Fedora Directory Server. (It wasn’t fully developed when I was implementing LDAP in Fedora 7, so didn’t use it then).
To my pleasant surprise they have the concept of “install scripts”. I felt like a king when the script asked me, “What would you like your domain root to be? Usually, you should keep it the same as your fully qualified domain name”. A smile appeared on my face. I knew the meaning of true happiness then.
Why it is the biggest mistake of your lifetime to go out with a member of the website development team of one of the most spectacular technical festivals in India..
Springtime is here- a season of new beginnings, love, laughter and happiness. A great situation for budding relationships you may think. But will the blossom stand the frost of the web team lab of NIT Trichy. I can assure you that it is a trial by fire.
This doesn’t happen only to nerd types or programming fanatics, it can happen to anyone.. cos that s the kind of single minded devotion that Pragyan demands from all those who work for it.
The guy I am dating is normal, that is, as far as guys g.. which isn’t saying too much..:) but he seems to have gotten stuck in a sorta time warp.. with selective memory loss.. Imagine our stone age ancestors.. the times when shaving razors and bath soaps were out of fashion. Waiting in front of the campus main block for a couple of minutes can magically transport you back.. No prizes for guessing what my boy friend’s selective amnesia includes.. For starters.. FOOD, HYGIENE, SLEEP and also most importantly ME..
A day in my life would illustrate this better..
7:30 am Respective Hostels ME: “Hey!! GET UP.. u r gonna be late.. 8:30 class.. anyway when did u sleep yesterday” HIM:” I dunno.. three.. four.. “ SILENCE ME: “ GET UP.. Don t go back to sleep” HIM:”Watever…Yawwnn”
8:30 am Class ME: (SMS) “ u get here now.. u cant bunk more than four classes” HIM.. no reply.. dashes in when teacher is about to lock the door”
12:10 pm ME: “Lunch??” HIM: “ Oh.. sorry I have a meeting at one.. very important.. how about dinner… say sevenish, canteen?” ME:”K..”
7:15 pm Canteen Me:(Thinking)” I ‘ll wait a while and then call” 7:30pm Me: (Calling) His phone:”Error in network connection”,” number busy” 7:45 pm Me: (SMS) U plan on coming or no.. try again to call Finally..” The number you are trying to reach is currently switched off” 8:15 pm HIM :”I am really sorry. Didnt mean to.. i was giving ppl work.. then jus wen i was coming out i met X.. I had to talk to him.. “ Phone rings.. HIM(on the phone):”Yeah tell me.. blaaah blaah blaah..” Finally five minutes of peace.. we eat in silence.. then suddenly HIM:”Server ke liye kuch karna padega” Me:(THINKING) “ Can he pls stop thinking abt work for a while..”
10:00 pm ON phone HIM: “I am busy.. can i call u later??” Me: “cool” 12:00 am DITTO 1:00 am ME:” U better sleep if you want to attend class tomorrow..” 4:00 am HIM:” I am going to sleep now..” ME:”HMMM..” doze off and put the phone down..
and another brand new day with the same old routine begins..
Well all relationships need a trial; we are serving our internships now.. And maybe it s all for a reason:)
It was a great journey form Trichy to here. Me and Ankit came together. We caught Rockfort express from Trichy and reached Chennai around 5:30 in the morning. Once we got down the train, we leisurely checked the time for our next train - Gareeb Rath. We had to go from Chennai Egmore station to Chennai Central station to catch the train. And the time for the departure of the train wasss…. 6:10 am.
I walked as fast as I could to keep pace with the nervous Ankit, carrying my ridiculously heavy prehistoric suitcase. When we reached the exit of the station, we were in such a hurry, that we agreed to an autowala when he quoted the price Rs. 50. We got into the auto and the auto took us to the station. When he stopped, he stopped in the main road. He said it would be faster if we got off here and walked to the entrance of the station, saying something in tamil-english of which I could catch only the following : “round, longer, less time, entrance, route”. We got off, and found out none of us had Rs. 50 change. I took out Rs. 100 and asked him to please find change from somewhere. He got off, went to few autowalas, then came back running, got into the auto, and drove off as fast as lightning. Ankit was cursing him. This is the first time I got bagged so openly.
We went into the station, found our train, got in at around 6am. Ankit got off to get breakfast, which consisted of 2 sandwiches, 2 garlic chicken puffs, and 2 simple chicken puffs. We ate it at around 6:30 am. It was delicious. Gareeb Rath was a strange train. It had 84 seats instead of the normal 72 seats. They achieved this by mounting 3 seats in the side berth instead of the normal 2. The journey was quite smooth. We spent the whole day configuring his laptop. First we repartitioned his hard-disk to backup all his data. Ended up using all the utilities which I had burnt up for purnima into CD’s. Then installed Windows XP, then installed Linux Fedora 8, then setup all his repositories.
Then around 7 pm, we watched the movie Amityville. We put down all the curtains and turned off all lights. The compartment was almost like a movie theatre. We watched the whole movie, which I discovered after watching for the first 10 minutes I had already watched.
The train was 3 and a half hours late. Mom came to recieve me at H.Nizamuddin station. We cought a Delhi-Mumbai train to go back to Faridabad.
On the way I discovered that the hols won’t be as free as I assumed them to be when Mom started laying out my time table in front of me.. “ Tuesday Mama’s birthday, tomorrow movie, Wednesday back, Thursday carpenter”…. Gimme a break!
Tomorrow’s plan of watching “I am Legend”, starring Will Smith, got preponed to today, and I am writing this blog after coming back from the movie from SRS plaza - PVR.
It was the best trip of my life. We stayed there 3 days (3rd dec to 5th dec) in a guest house that Saurabh Shirolkar (a.k.a. Badri) had booked for us. We got a really nice deal. After that (5th dec) I went to my tayaji’s (Jayant Rai) house to stay there for 1 day. The next day on 6th dec, I left.
The first day we went to a commercial beach where we paraglided. After paragliding we all came back to the beach and I and Cyber did water biking and the others did something known as a “banana flip”. After that, a few of us went for a walk along the beach. I stayed behind. When they came back they said they saw three topless babes. I cursed at them for not taking a pic.
After that we went to a second more peaceful beach and had a nice time. All of us had rented Activa’s for transportation. Activa’s are tourists’ primary transportation in Goa as all other means are simply maddeningly unaffordable.
The second day we went to Chapora fort. The same place where the movie “Dil Chahata Hai “ shot 2 scenes. It was a nice climb. The view from along the route was simply breath taking. I took a lot of pics.
The 3rd day we had a great time at the beach playing football. Then I went with my friends sharing the cab with them and they dropped my at my tayiji’s place (Navneet Rai). Around 2 o’clock their daughter Megha came back from school. She is studying in 12th std and is really fond of reading. She want’s to become a journalist and has taken art’s stream in her 12th in Goa board.
We got along really well. That night, tayiji took me to the market and bought me two pants and also a shirt for my brother. Jayant tayaji took me to the station in his car on the second day. I bid them good bye. On my way back to Trichy I had a 9hr stop at Bangalore. I bought new Creative earphones in Bangalore. In the evening I went caught the train to Erode from where I took the train to Trichy, from where I am currently writing this blog.
