Raskas’ blog

I really don’t like the configuration of perdition…

The configuration file (/etc/perdition/perdition.conf) is a collection of arguments the daemon will use when it is started. Seems pretty easy unless you start 4 daemons with that configuration file and every daemon has an other protocol to process (imap, imaps, pop3, pop3s).

This is what I want to accomplish:
From the outside you can connect through imap, imaps, pop3 or pop3s and perdition will make connection to the real server through imap or pop3. This way you only have to configure 1 certificate, and the traffic on the internel network is secure so it doesn’t have to be encrypted.

How I accomplished it:
I created my configuration file but very general, the specific stuff is placed in /etc/sysconfig/perdition. With specific stuff I mean the ssl_mode and the outgoing_port and maybe some others will folow. This makes it able to say that imap doesn’t need ssl (–ssl_mod none) and that the outgoing connection may not be secure (–outgoing_port 143).

This is not really documented, I found it in the mailinglist. So if you’re stuck with something, check the mailinglist maybe your answer is already there.

note to the developers: Isn’t it possible to split the configuration. 1 section for the general stuff and 4 sections for the daemon specific stuff. Or just 4 seperate configurationfiles, 1 file for each daemon… eg. perdition.imap.conf, …
It would make it much easier to configure.

Yesterday I worked with perdition. My mission was to let it get its information from an existing ldap tree.

There is not much documentation about the ldap configuration of perdition. ok it’s not much to configure, but if it doesn’t work it’s hard to find the problem.
There is this pdf document and this man page (scroll down till the LDAP part).

I included the perdition schema in my openldap configuration but I wasn’t able to add the perdition objectClass to my already configured objectClasses. It seems that the perditionPopmap objectClass is STRUCTURAL just like inetOrgPerson objectClass, and it is not possible to have 2 STRUCTURAL objectClasses. The solution is to change the perdition.schema and put AUXILIARY in stead of STRUCTURAL.

I got it all configured but I didn’t see any connection with my ldap. I put on the debugging and saw this message appearing in my log file.

dbserver_get: ldap_initialize: No such file or directory

If found in this mailinglist post that it is a bug, and it will be fixed in the next release, but it isn’t!
So let’s fix it ourself.

I downloaded the .src.rpm and installed it. Unpacked the perdition archive in the SOURCES directory, edited perdition/db/ldap/perditiondb_ldap.c and repacked the archive. Finally I’ve build the rpms from the .spec file.
This is the important part in the changed file, only the #IF line has changed.

        /* Open LDAP connection */
#if 0
// #if defined(LDAP_API_FEATURE_X_OPENLDAP) && (LDAP_API_VERSION > 2000)
        if (ldap_initialize(&connection, pldap_filter) != LDAP_SUCCESS) {
                VANESSA_LOGGER_DEBUG_ERRNO("ldap_initialize");
                goto leave;
        }
#else
        connection = ldap_init(lud->lud_host, lud->lud_port);
        if (!connection) {
                VANESSA_LOGGER_DEBUG_ERRNO("ldap_init");
                goto leave;
        }
#endif

When the new rpm’s are installed it just worked!

This is how my ldap-specific configuration looks like in the perdition.conf

M /usr/lib/libperditiondb_ldap.so
m "ldap://localhost/dc=x-tend,dc=be?uid,mailhost?sub?(uid=%s)?!BINDNAME=cn=Manager%2cdc=x-tend%2cdc=be,X-BINDPW=xxXXxx"