cyr_dbtool

Manage Cyrus databases

Synopsis

cyr_dbtool [ -C config-file ] [ -c ] [ -N ] [ -n ] [ -R ] [ -S ] [ -T ] [ -t ]
        db-file db-backend action [ key ] [ value ]

Description

cyr_dbtool is used to manage a cyrusdb file. The usable actions are:

show [<prefix>]

get <key>

set <key> <value>

delete <key>

consistent

repack

damage

batch

You may omit key or key/value and specify one per line on stdin. Keys are terminated by tab or newline, values are terminated by newline.

Running without any options will list the available database backends and usable actions.

The consistent action runs a consistency check on the DB by calling 'myconsistent' on it.

The repack action will compress the database by removing stale data on backends which support it. It's a NOOP otherwise.

The damage action makes the file dirty and then crashes, so it will need to be repaired. It's useful for testing crash recovery speed.

The batch action takes commands as bastrings on stdin, and writes results back out as bastrings.

cyr_dbtool reads its configuration options out of the imapd.conf(5) file unless specified otherwise by -C.

Note

Note that the file locations are NOT read out of the configuration file, and must be supplied on the command line.

Tip

The format of all Cyrus databases is detailed in the distribution in file doc/internal/database-formats.html. Please consult that for details.

Options

-C config-file: Use the specified configuration file config-file rather than the default imapd.conf(5).

-c, --convert: Convert the database file if the specified format on the command line doesn't match the database file's format.

-N, --no-checksum: When reading, don't check checksums, and if the database supports it, create with a NULL checksum engine.

-n, --create: Create the database file if it doesn't already exist.

-R, --readonly: Open the database readonly. Even if --create is specified, will not create a database if it doesn't exists (since that needs writing)

-S, --no-sync: If the backend supports it, don't fsync on commit (DANGEROUS). Useful for benchmarking.

-T, --use-transaction: Use a transaction to do the action (most especially for 'show') - the default is to run without transactions

-t, --no-transaction: A noop, since no transaction is already the default.

Examples

This series of examples address manipulating the user_deny.db database, which is used to deny users access to specific services. This is typically a Cyrus "flat" format database.

user_deny.db is indexed by userid and each record contains the database version number (currently 2), a list of "wildmat" patterns specifying Cyrus services to be denied, and a text message to be displayed to the user upon denial. The service names to be matched are those as used in cyrus.conf(5). cyr_deny(8) provides more convenient way to manage user_deny.db.

Note

Given that keys are tab-delimited, these examples use the notation <tab> to indicate the tab character. When entering this via the command line, remember to escape tabs. In a normal shell, one can do so with <ctrl-v> (^v). The sequence "<ctrl-v><ctrl-i>" (^v^i) works well to enter tab characters.

cyr_dbtool /var/lib/imap/user_deny.db flat baduser "2<tab>pop3,imap<tab>Denied"

Deny the user 'baduser' access to imap and pop3.

Subsequent login attempts by this user would result in authentication failures, and log entries like this:

# grep baduser /var/log/mail.log
Sep 19 14:34:57 cyrushost cyrus/imap[635]: fetching user_deny.db entry for 'baduser'
Sep 19 14:34:57 cyrushost cyrus/imap[635]: user 'baduser' denied access to service 'imap'
Sep 19 14:34:57 cyrushost cyrus/imap[635]: badlogin: cyrus.example.org [192.168.190.14] plaintext baduser SASL(-14): authorization failure: user 'baduser' is denied access to service 'imap'
Sep 19 14:38:21 cyrushost cyrus/imap[816]: badlogin: cyrus.example.org [192.168.190.14] plaintext baduser SASL(-13): authentication failure: checkpass failed

cyr_dbtool /var/lib/imap/user_deny.db flat show

Show all current database records.

baduser 2       pop3,imap       Denied

cyr_dbtool /var/lib/imap/user_deny.db flat get baduser

Get the current database record(s) for user 'baduser'.

2       pop3,imap       Denied

Files

/etc/imapd.conf