.\" -*- nroff -*- .TH CYRUS.CONF 5 "Project Cyrus" CMU .\" .\" Copyright (c) 1994-2008 Carnegie Mellon University. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in .\" the documentation and/or other materials provided with the .\" distribution. .\" .\" 3. The name "Carnegie Mellon University" must not be used to .\" endorse or promote products derived from this software without .\" prior written permission. For permission or any legal .\" details, please contact .\" Carnegie Mellon University .\" Center for Technology Transfer and Enterprise Creation .\" 4615 Forbes Avenue .\" Suite 302 .\" Pittsburgh, PA 15213 .\" (412) 268-7393, fax: (412) 268-7395 .\" innovation@andrew.cmu.edu * .\" 4. Redistributions of any form whatsoever must retain the following .\" acknowledgment: .\" "This product includes software developed by Computing Services .\" at Carnegie Mellon University (http://www.cmu.edu/computing/)." .\" .\" CARNEGIE MELLON UNIVERSITY DISCLAIMS ALL WARRANTIES WITH REGARD TO .\" THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY .\" AND FITNESS, IN NO EVENT SHALL CARNEGIE MELLON UNIVERSITY BE LIABLE .\" FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN .\" AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" .\" $Id: cyrus.conf.5,v 1.17 2010/01/06 17:01:51 murch Exp $ .SH NAME cyrus.conf \- Cyrus configuration file .SH DESCRIPTION \fB/etc/cyrus.conf\fR is the configuration file for the Cyrus \fBcyrmaster\fR process. It defines the startup procedures, services and events to be spawned by \fBcyrmaster\fR. .PP The \fB/etc/cyrus.conf\fR file consists of a series of entries divided into sections of the form .P .RS \fIsection\fR { .RS \fIname arguments .br ... .br ... .br ... \fR .RE } .RE .PP where \fIsection\fR is the name of the section, \fIname\fR is the name of the entry and \fIarguments\fR is the whitespace-separated list of arguments for the entry. .PP Blank lines and lines beginning with ``#'' are ignored. .SH SECTION DESCRIPTIONS The paragraphs below detail the three sections (\fBSTART\fR, \fBSERVICES\fR, \fBEVENTS\fR) that can be placed in the \fB/etc/cyrus.conf\fR file. The arguments that are available for each entry within the section are described, and each argument's default value is shown. .PP Arguments can appear in any order. Some arguments have no default value, these are listed with ``''. For string arguments, the value MUST be enclosed in double quotes. .SS START This section lists the processes to run before any \fBSERVICES\fR are spawned. This section is typically used to initialize databases and start long running daemons. .IP "\fBcmd=\fR" 5 The command (with options) to spawn as a child process. This string argument is required. .SS SERVICES This section is the heart of the \fB/etc/cyrus.conf\fR file. It lists the processes that should be spawned to handle client connections made on certain Internet/UNIX sockets. .IP "\fBbabysit=\fR0" 5 Integer value - if non-zero, will make sure at least one process is pre-forked, and will set the maxforkrate to 10 if it's zero. .IP "\fBcmd=\fR" 5 The command (with options) to spawn as a child process. This string argument is required. .IP "\fBlisten=\fR" 5 The UNIX or internet socket to listen on. This string field is required and takes one of the following forms: \fIpath\fR .br \fR[ \fIhost\fR \fB: \fR] \fIport\fR .br .sp where \fIpath\fR is the explicit (absolute) path to a UNIX socket, \fIhost\fR is either the hostname or bracket-enclosed IP address of a network interface, and \fIport\fR is either a port number or service name (as listed in \fB/etc/services\fR). .IP "\fBproto=\fRtcp" 5 The protocol used for this service (\fItcp\fR, \fItcp4\fR, \fItcp6\fR, \fIudp\fR, \fIudp4\fR, \fIudp6\fR). This string argument is optional. \fBtcp4\fR, \fBudp4\fR: These arguments are used to bind the service to IPv4 only. .br \fBtcp6\fR, \fBudp6\fR: These arguments are used to bind the service to IPv6 only, if the operating system supports this. .br \fBtcp\fR, \fBudp\fR: These arguments are used to bind to both IPv4 and IPv6 if possible. .IP "\fBprefork=\fR0" 5 The number of instances of this service to always have running and waiting for a connection (for faster initial response time). This integer value is optional. Note that if you are listening on multiple network types (i.e. ipv4 and ipv6) then one process will be forked for each address, causing twice as many processes as you might expect. .IP "\fBmaxchild=\fR-1" 5 The maximum number of instances of this service to spawn. A value of -1 means unlimited. This integer value is optional. .IP "\fBmaxfds=\fR256" 5 The maximum number of file descriptors to which to limit this process. This integer value is optional. .IP "\fBmaxforkrate=\fR0" 5 Maximum number of processes to fork per second - the master will insert sleeps to ensure it doesn't fork faster than this on average. .SS EVENTS This section lists processes that should be run at specific intervals, similar to cron jobs. This section is typically used to perform scheduled cleanup/maintenance. .IP "\fBcmd=\fR" 5 The command (with options) to spawn as a child process. This string argument is required. .IP "\fBperiod=\fR0" 5 The interval (in minutes) at which to run the command. This integer value is optional, but SHOULD be a positive integer > 10. .IP "\fBat=\fR" 5 The time (24-hour format) at which to run the command each day. If set to a valid time (0000-2359), period is automatically set to 1440. This string argument is optional. .SH EXAMPLE # example cyrus.conf START { recover cmd="ctl_cyrusdb -r" .br } SERVICES { imap cmd="imapd" listen="imap" prefork=1 imaps cmd="imapd -s" listen="imaps" prefork=0 lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" lmtp cmd="lmtpd" listen="localhost:lmtp" .br } EVENTS { checkpoint cmd="ctl_cyrusdb -c" period=30 delprune cmd="cyr_expire -E 3" at=0400 tlsprune cmd="tls_prune" at=0400 .br } .SH ACCESS CONTROL When TCP Wrappers is used to control access to Cyrus services, the \fIname\fR of the service entry should be used as the process name in the \fBhosts_access(5)\fR table. For instance, in the example above, "imap", "imaps", "lmtpunix" and "lmtp" would be used as the process names. This allows a single daemon such as imapd to be run in different modes or configurations (i.e., SSL and non-SSL enabled) yet still have separate access control rules. .SH SEE ALSO .PP \fBcyrmaster(8)\fR, \fBimapd(8)\fR, \fBpop3d(8)\fR, \fBlmtpd(8)\fR, \fBtimsieved(8)\fR, \fBidled(8)\fR, \fBnotifyd(8)\fR, \fBctl_cyrusdb(8)\fR, \fBctl_deliver(8)\fR, \fBtls_prune(8)\fR, \fBhosts_access(5)\fR