Home / user-116005

starfry's questions

Martin Hope
starfry
Asked: 2025-02-07 22:27:51 +0800 CST
  • 5

I'm trying to write an idempotent script for Linux (MIT kerberos) that applies a given keytab to /etc/krb5.keytab by merging with its existing content. On MacOS (which, I believe uses Heimdal) it's easy:

ktutil copy /tmp/ktnew /etc/krb5.keytab

If the key(s) in /tmp/ktnew are already in /etc/krb5.keytab then it doesn't change (this can be confirmed with before and after hashes).

The MIT version of ktutil seems to only work interactively and does not have an equivalent to copy. Using rkt and wkt appends (and, therefore, duplicates) rather than merges and is therefore not idempotent.

It it possible to do this idempotently (and non-interactively) using the MIT tools commonly found on Linux systems?

kerberos
Martin Hope
starfry
Asked: 2013-03-21 07:26:13 +0800 CST
  • 2

I have a pair of mail servers that are comprised mainly of Postfix, Procmail and Cyrus-IMAP and they both work fine. The IMAP servers are configured in a simple master/replica pair. All 'normal' mail is accepted by the master's Postfix which processes it through Procmail for delivery to the Cyrus-IMAP running on the same server. Both servers are capable of running like this but only the master actually receives external email.

At present, local accounts on either box send mail (for example, generated by cron jobs) through its local Postfix which is delivered locally to the Cyrus-IMAP on the same box.

However, Cyrus's replication doesn't like changes happening directly on the replica so I would prefer for the replica to deliver its local mail to be delivered to the master.

I see two ways of achieving this:

  • change the replica's local transport to deliver mail to Postfix on the master server

or

  • change the replica's procmail to deliver mail to Cyrus-IMAP on the master server.

There is a third way which is for the replica server to relay everything to the master server (i.e. both internal and external emails) but that seems somewhat unnecessary. I don't need to change how external mail is handled - it's ok for either box to send external email via its local Postfix which then relays it externally.

What I really would like to do is just change how internal emails are processed on the replica so that it delivers them to the master, either into Postfix or into the IMAP server there.

Existing, working, configuration of my local transport in postfix's master.cf:

procmail-local  unix  -       n       n       -       -       pipe
    flags=OR user=cyrus argv=/usr/bin/procmail -t -m RECIPIENT=${mailbox}
    SENDER=${sender} EXTENSION=${extension} /etc/procmailrc

Existing, working, configuration of delivery to Cyrus in procmailrc:

DELIVERMAIL="/usr/lib/cyrus/bin/deliver -r $SENDER -a $RECIPIENT $RECIPIENT
postfix
Martin Hope
starfry
Asked: 2013-02-13 03:27:04 +0800 CST
  • 1

I have a list of netbios workgroups that I can see with "net view" on Windows 7. One of these workgroups is there due to a typo error on another machine, that has since been corrected. I want to remove this stale entry.

I have tried:

nbtstat -R
nbtstat -RR

but when I redo "net view" the erroneous workgroup is still there.

How to I purge the cache that "net view" displays ?

windows