cyradm - Cyrus administration shell, alter ego of
Cyrus::IMAP::Shell
$ cyradm [--user user] [--[no]rc] [--systemrc file] [--userrc file] \
> [--port n] [--auth mechanism] [--tlskey keyfile] [--notls] \
> [--cafile cacertfile] [--cadir cacertdir] \
> [--server] server
but possibly
$ perl -MCyrus::IMAP::Shell -e 'run("myscript")'
or even (not recommended)
use Cyrus::IMAP::Admin::Shell;
run('myscriptname');
This module implements cyradm in Perl. It is a shell around
Cyrus::IMAP::Admin. Commands are provided in both Tcl-compatible forms and
GNU-style long option forms.
- "authenticate" ["--minssf" N]
["--maxssf" N] ["--mechanisms" list]
["--service" name] ["--tlskey" keyfile]
["--notls"] ["--cafile" cacertfile]
["--capath" cacertdir] [user]
- "auth" ["--minssf" N] ["--maxssf"
N] ["--mechanisms" list] ["--service"
name] ["--tlskey" keyfile] ["--notls"]
["--cafile" cacertfile] ["--capath"
cacertdir] [user]
- "login" ["--minssf" N] ["--maxssf"
N] ["--mechanisms" list] ["--service"
name] ["--tlskey" keyfile] ["--notls"]
["--cafile" cacertfile] ["--capath"
cacertdir] [user]
- Authenticate to server. You must already be connected to a server and
Cyrus imapd will refuse to allow you to re-authenticate once you have
authenticated once.
- "chdir" directory
- "cd" directory
- Change directory. A "pwd" builtin is not
provided, but the default command action will run
"pwd" from a shell if invoked.
- "createmailbox" ["--partition" partition]
["--specialuse" specialuse] mailbox
- "create" ["--partition" partition]
["--specialuse" specialuse] mailbox
- "create" ["--specialuse" specialuse]
mailbox partition
- "cm" ["--partition" partition]
["--specialuse" specialuse] mailbox
- "cm" ["--specialuse" specialuse] mailbox
partition
- Create a mailbox on the default or a specified partition. Both old-style
and getopt-style usages are accepted (combining them will produce an
error). Optionally assign a special use to the mailbox.
- "deleteaclmailbox" mailbox id [...]
- "deleteacl" mailbox id [...]
- "dam" mailbox id [...]
- Remove ACLs from the specified mailbox.
- "deletemailbox" mailbox
- "delete" mailbox
- "dm" mailbox
- Delete the specified mailbox.
Administrators do not have implicit delete rights on
mailboxes. Use the setaclmailbox command to grant the
"x" permission to your principal if
you need to delete a mailbox you do not own.
- "disconnect"
- "disc"
- Disconnect from the current server. The prompt will revert to
"cyradm>".
- "exit" [number]
- "quit" [number]
- Exit cyradm, optionally with a specific exit status; the exit
status of the last command will be used if one is not specified.
- help [command]
- ? [command]
- Show help for "command" or all
commands.
- "getmetadata" [mailbox]
- "getmd" [mailbox]
- Display mailbox/server metadata
- "info" [mailbox]
- Display the mailbox/server annotations.
- "listaclmailbox" mailbox
- "listacl" mailbox
- "lam" mailbox
- List ACLs on the specified mailbox.
- "listmailbox" ["--subscribed"]
["--specialuse"] [pattern [reference]]
- "list" ["--subscribed"] ["--specialuse"]
[pattern [reference]]
- "lm" ["--subscribed"] ["--specialuse"]
[pattern [reference]]
- List all, or all subscribed or special-use, mailboxes matching the
specified pattern. The pattern may have embedded wildcards
'*' or '%', which match
anything or anything except the separator character, respectively.
Mailboxes returned will be relative to the specified reference
if one is specified. This allows a mailbox list to be limited to a
particular hierarchy.
In some cases when the '%' wildcard is
used to end a pattern, it may match an entry which is not a mailbox but
which contains other mailboxes. In this case, the entry will be
parenthesized to indicate that it is a root for other mailboxes, as
opposed to a mailbox itself.
- "listquota" root
- "lq" root
- List quotas on specified root. If the specified mailbox path does not have
a quota assigned, an error will be raised; see listquotaroot for a
way to find the quota root for a mailbox.
- "listquotaroot" mailbox
- "lqm" mailbox
- "lqr" mailbox?
- show quota roots and quotas for mailbox
- "mboxconfig" ["--private"] mailbox
attribute value
- "mboxcfg" ["--private"] mailbox
attribute value
- Set mailbox metadata, optionally set the private instead of the shared
version of the metadata. A value of "none" will remove the
attribute.
The currently supported attributes are:
- "comment"
- Sets a comment or description associated with the mailbox.
- "expire"
- Sets the number of days after which messages will be expired from the
mailbox.
- "news2mail"
- Sets an email address to which messages injected into the server via NNTP
will be sent.
- "pop3showafter"
- Sets a time (in RFC3501 format, for example "6-Jan-2011 11:45:32
+1100") which specifies a cutoff date such that POP3 fetching of the
folder does not see messages whose internaldate is before or equal to the
date.
- "sharedseen"
- Enables the use of a shared \Seen flag on messages rather than a per-user
\Seen flag. The 's' right in the mailbox ACL still controls whether a user
can set the shared \Seen flag.
- "sieve"
- Indicates the name of the global sieve script that should be run when a
message is delivered to the shared mailbox (not used for personal
mailboxes).
- "squat"
- Indicates that the mailbox should have a squat index created for it.
- "/explicit/annotation"
- Sets the annotation /explicit/annotation on mailbox to
value.
- "renamemailbox" ["--partition" partition]
oldname newname
- "rename" ["--partition" partition]
oldname newname
- "renm" ["--partition" partition] oldname
newname
- "renamemailbox" oldname newname
[partition]
- "rename" oldname newname [partition]
- "renm" oldname newname [partition]
- Rename the specified mailbox, optionally moving it to a different
partition. Both old-style and getopt-style usages are accepted; combining
them will produce an error.
- server [--noauthenticate]
[server]
- connect
[--noauthenticate] [server]
- servername
[--noauthenticate] [server]
- With no arguments, show the current server. With an argument, connect to
that server. It will prompt for automatic login unless the
"--noauthenticate" option is specified.
(This may change; in particular, either automatic authentication will be
removed or all "authenticate" options
will be added.)
When connected to a server, the cyradm prompt changes
from "cyradm>" to
"servername>", where
servername is the fully qualified domain name of the connected
server.
- "setaclmailbox" mailbox id rights
[id rights ...]
- "setacl" mailbox id rights [id
rights ...]
- "sam" mailbox id rights [id
rights ...]
- Set ACLs on a mailbox. The ACL may be one of the special strings
"none",
"read"
("lrs"),
"post"
("lrsp"),
"append"
("lrsip"),
"write"
("lrswipkxten"),
"delete"
("lrxten"), or
"all"
("lrswipkxten"), or any combinations of
the ACL codes:
- l
- Lookup (mailbox is visible to LIST/LSUB, SUBSCRIBE mailbox)
- r
- Read (SELECT/EXAMINE the mailbox, perform STATUS)
- s
- Seen (set/clear \SEEN flag via STORE, also set \SEEN flag during
APPEND/COPY/FETCH BODY[...])
- w
- Write flags other than \SEEN and \DELETED
- i
- Insert (APPEND, COPY destination)
- p
- Post (send mail to mailbox)
- k
- Create mailbox (CREATE new sub-mailboxes, parent for new mailbox in
RENAME)
- x
- Delete mailbox (DELETE mailbox, old mailbox name in RENAME)
- t
- Delete messages (set/clear \DELETED flag via STORE, also set \DELETED
flag during APPEND/COPY)
- e
- Perform EXPUNGE and expunge as part of CLOSE
- a
- Administer (SETACL/DELETEACL/GETACL/LISTRIGHTS)
- n
- Add, delete or modify annotations
- "setinfo" attribute value
- Set server metadata. A value of "none" will remove the
attribute. The currently supported attributes are:
- "motd"
- Sets a "message of the day". The message gets displayed as an
ALERT after authentication.
- "comment"
- Sets a comment or description associated with the server.
- "admin"
- Sets the administrator email address for the server.
- "shutdown"
- Sets a shutdown message. The message gets displayed as an ALERT and all
users are disconnected from the server (subsequent logins are
disallowed).
- "expire"
- Sets the number of days after which messages will be expired from the
server (unless overridden by a mailbox annotation).
- "squat"
- Indicates that all mailboxes should have a squat indexes created for them
(unless overridden by a mailbox annotation).
- "setmetadata" [--private] mailbox [annotation]
value
- "setmd" [--private] mailbox [annotation]
value
- Set metadata on mailbox, where <annotation> is one of
[comment|expire|news2mail|pop3showafter|sharedseen|sieve|specialuse|
squat|/<explicit annotation>].
Note that flags with a leading backslash must be escaped with
an additional backslash. For example:
setmetadata --private Spam specialuse "\\Junk"
Note, too, that "private" annotations are private to the
user currently authenticated as, not necessarily the owner of the mailbox.
To set annotations for another user you must authorize as that user.
In addition to the use of optional flag --private, one may
use a more explicit syntax, prefixing the annotation with '/shared/' or
'/private/' as in this example:
setmetadata Spam /private/specialuse "\\Junk"
- "setquota" root resource value
[resource value ...]
- "sq" root resource value [resource
value ...]
- Set a quota on the specified root, which may or may not be an actual
mailbox. The only resource understood by Cyrus is
"STORAGE". The value may be the
special string "none" which will remove
the quota.
- "version"
- "ver"
- Display the version info of the current server.
- "xfermailbox" ["--partition" partition]
mailbox server
- "xfer" ["--partition" partition] mailbox
server
- "xfermailbox" mailbox server
[partition]
- "xfer" mailbox server [partition]
- Transfer (relocate) the specified mailbox to a different server. Both
old-style and getopt-style usages are accepted; combining them will
produce an error.
GNU-style long options must be given in their entirety; Tcl-style
options may be abbreviated.
Tcl-style options are provided as a compatibility feature. They
will probably go away in the future.
Multiple commands can be given on a line, separated by
';' characters.
All commands set an exit status, which at present is not
useful.
Unknown commands are passed to a subshell for execution.
The Tcl version of cyradm is used for scripting as well as
interactively. While this is possible to a limited extent by use of the
"run" method, scripting would normally be
done with "Cyrus::IMAP::Admin", which is
far more flexible than either interactive
"cyradm" or the Tcl scripting mechanism
for Cyrus.
cyradm understands /bin/sh-style redirection: any
command can have its standard or error output redirected, with all
sh-style redirections (except
"<>") supported. It does not
currently understand pipes or backgrounding.
If the "Term::Readline::Perl" or
"Term::Readline::GNU" modules are
available, cyradm will use it.
An alias facility is implemented internally, but no access is
currently provided to it. This will change, if only to allow some of the
predefined aliases to be removed if they conflict with useful shell
commands.
Brandon S. Allbery, allbery@ece.cmu.edu