
##########
**cyradm**
##########


.. DO NOT EDIT cyradm.rst: Autogenerated by tools/perl2rst from cyrus-imapd\perl\imap\IMAP\Shell.pm

.. cyrusman:: cyradm(8)

.. _imap-reference-manpages-systemcommands-cyradm:

****
NAME
****


Cyrus::IMAP::Shell - Perl version of cyradm


********
SYNOPSIS
********



.. code-block:: perl

   $ cyradm [--user authid] [--authz authzid] [--[no]rc] [--systemrc file] [--userrc file] \
   > [--port n] [--auth mechanism] [--server] server


but possibly


.. code-block:: perl

   $ perl -MCyrus::IMAP::Shell -e 'run("myscript")'


or even (not recommended)


.. code-block:: perl

   use Cyrus::IMAP::Admin::Shell;
 
   run('myscriptname');



***********
DESCRIPTION
***********


This module implements \ **cyradm**\  in Perl.  It is a shell around
`Cyrus::IMAP::Admin <http://search.cpan.org/search?query=Cyrus%3a%3aIMAP%3a%3aAdmin&mode=module>`_.  Commands are provided in both Tcl-compatible
forms and GNU-style long option forms.

The \`\`cyradm\`\` utility is a simple command line for performing common
administrative tasks on a Cyrus IMAP server, written in Perl.

The cyradm utility can either be executed from a client where it has been
installed and connect to the server via IMAP or it can be executed
locally via a shell on the server.

cyradm understands /bin/sh-style redirection: any command can have its 
standard or error output redirected, with all sh-style redirections 
(except \<\>) supported. It does not currently understand pipes or 
backgrounding.

If the `Term::Readline::Perl <http://search.cpan.org/search?query=Term%3a%3aReadline%3a%3aPerl&mode=module>`_ or `Term::Readline::GNU <http://search.cpan.org/search?query=Term%3a%3aReadline%3a%3aGNU&mode=module>`_ modules are 
available, cyradm will use it.


**********************
COMMAND-LINE ARGUMENTS
**********************



- \ ``--u``\ , \ ``--user``\  \ *user*\ 
 
 Authenticate with the specified username.
 


- \ ``--authz``\  \ *user*\ 
 
 Authorize the connection as being the specified username.
 


- \ ``--norc``\ , \ ``--rc``\ 
 
 (Do not) load the configuration files.
 


- \ ``--systemrc``\  \ *file*\ 
 
 Use the system configuration file specified.
 


- \ ``--userrc``\  \ *file*\ 
 
 Use the user configuration file specified.
 


- \ ``--port``\  \ *port*\ 
 
 Connect to the \*server\* specified on the port specified.
 


- \ ``--auth``\  \ *mechanism*\ 
 
 Use the mechanism specified to authenticate. One of PLAIN, LOGIN, DIGEST-MD5, etc.
 


- \ ``--help``\ 
 
 Show a help message about these command-line options.
 


- \ ``--version``\ 
 
 Display the version of Cyrus IMAP the current \`\`cyradm\`\` command is a part of.
 


- \ ``--server``\  \ *server*\ 
 
 The server address to connect to.
 



********
COMMANDS
********


.. _imap-reference-manpages-systemcommands-cyradm-authenticate:

authenticate
============


\ **authenticate**\  [\ ``--minssf``\  \ *N*\ ] [\ ``--maxssf``\  \ *N*\ ] [\ ``--mechanisms``\  \ *list*\ ] [\ ``--service``\  \ *name*\ ] [\ ``--tlskey``\  \ *keyfile*\ ] [\ ``--notls``\ ] [\ ``--cafile``\  \ *cacertfile*\ ] [\ ``--capath``\  \ *cacertdir*\ ] \ *user*\ 

Authenticate to server.  You must already be connected to a server and
Cyrus imapd will refuse to allow you to re-authenticate once you have
authenticated once.

aliases: \ ``auth``\ , \ ``login``\ 

.. _imap-reference-manpages-systemcommands-cyradm-chdir:


chdir
=====


\ **chdir**\  \ *directory*\ 

Change directory.  A \ ``pwd``\  builtin is not provided, but the default command
action will run \ ``pwd``\  from a shell if invoked.

aliases: \ ``cd``\ 

.. _imap-reference-manpages-systemcommands-cyradm-createmailbox:


createmailbox
=============


\ **createmailbox**\  [\ ``--partition``\  \ *partition*\ ] [\ ``--specialuse``\  \ *specialuse*\ ] \ *mailbox*\ 

\ **createmailbox**\  [\ ``--specialuse``\  \ *specialuse*\ ] \ *mailbox*\  \ *partition*\ 

Create a mailbox on the default or a specified partition.  Both old-style
and getopt-style usages are accepted (combining them will produce an error).
Optionally assign a special use to the mailbox.

New mailboxes inherit the ACL permissions of
their parent mailbox, except for top-level mailboxes such as the user's
INBOX. Mailboxes that are the user's INBOX are assigned all to the
corresponding user.


- Example Usage
 
 
 .. code-block:: perl
 
      localhost> :command:`cm user.john`
      localhost> :command:`lm`
      user.john (\HasNoChildren)
      localhost> :command:`lam user.john`
      john lrswipkxtecda
 
 
 Note that in the above example, the \ ``unixhierarchysep``\  setting in
 imapd.conf is set to \ ``0``\ . When using the UNIX
 hierarchy separator, the \ ``/``\  (forward slash) character would be
 used as the hierarchy separator, and the example would look as
 follows:
 


- Example Usage with \ ``unixhierarchysep: 1``\ 
 
 
 .. code-block:: perl
 
      localhost> :command:`cm user/john`
      localhost> :command:`lm`
      user/john (\HasNoChildren)
      localhost> :command:`lam user/john`
      john lrswipkxtecda
 
 


- Note
 
 The above examples use the unqualified, shorthand user
 identifier john as the mailbox name.
 
 With the use of virtual domains, controlled through the
 \ ``virtdomains``\  setting in imapd.conf(5).
 


aliases: \ ``cm``\ , \ ``create``\ 

.. _imap-reference-manpages-systemcommands-cyradm-deleteaclmailbox:


deleteaclmailbox
================


\ **deleteaclmailbox**\  \ *mailbox*\  \ *id*\  [...]

Remove ACLs from the specified mailbox.

aliases: \ ``delteacl``\ , \ ``dam``\ 

.. _imap-reference-manpages-systemcommands-cyradm-deletemailbox:


deletemailbox
=============


\ **deletemailbox**\  \ *mailbox*\ 

Delete the specified mailbox.

Administrators do not have implicit delete rights on mailboxes.  Use the
`setaclmailbox`_ command to grant the \ ``x``\  permission to your
principal if you need to delete a mailbox you do not own.

aliases: \ ``delete``\ , \ ``dm``\ 

.. _imap-reference-manpages-systemcommands-cyradm-disconnect:


disconnect
==========


\ **disconnect**\ 

Disconnect from the current server.  The prompt will revert to \ ``cyradm>``\ . 
This does not quit cyradm.

aliases: \ ``disc``\ 

.. _imap-reference-manpages-systemcommands-cyradm-exit:


exit
====


\ **exit**\  [\ *number*\ ]

Exit \ ``cyradm``\ , optionally with a specific exit status; the exit status of the
last command will be used if one is not specified.

aliases: \ ``quit``\ 

.. _imap-reference-manpages-systemcommands-cyradm-help:


help
====


\ **help**\  [command]

Show help for \ ``command``\  or all commands.

aliases: \ ``?``\ 

.. _imap-reference-manpages-systemcommands-cyradm-getmetadata:


getmetadata
===========


\ **getmetadata**\  [\ *mailbox*\ ]

Display mailbox/server metadata

aliases: \ ``getmd``\ 

.. _imap-reference-manpages-systemcommands-cyradm-info:


info
====


\ **info**\  [\ *mailbox*\ ]

Display the mailbox/server annotations.

.. _imap-reference-manpages-systemcommands-cyradm-listaclmailbox:


listaclmailbox
==============


\ **listaclmailbox**\  \ *mailbox*\ 

List ACLs on the specified mailbox.

aliases: \ ``lam``\ , \ ``listacl``\ 

.. _imap-reference-manpages-systemcommands-cyradm-listmailbox:


listmailbox
===========


\ **listmailbox**\  [\ ``--subscribed``\ ] [\ ``--specialuse``\ ] [\ *pattern*\  [\ *reference*\ ]]

List all, or all subscribed or special-use, mailboxes matching the specified
pattern.  The pattern may have embedded wildcards \ ``'\*'``\  or \ ``'%'``\ , which
match anything or anything except the separator character, respectively.

Mailboxes returned will be relative to the specified reference if one
is specified.  This allows a mailbox list to be limited to a particular
hierarchy.

In some cases when the \ ``'%'``\  wildcard is used to end a pattern, it may
match an entry which is not a mailbox but which contains other mailboxes.
In this case, the entry will be parenthesized to indicate that it is a
root for other mailboxes, as opposed to a mailbox itself.

aliases: \ ``list``\ , \ ``lm``\ 

.. _imap-reference-manpages-systemcommands-cyradm-listquota:


listquota
=========


\ **listquota**\  \ *root*\ 

List quotas on specified root.  If the specified mailbox path does not have
a quota assigned, an error will be raised; see `listquotaroot`_ for a way to
find the quota root for a mailbox.

aliases: \ ``lq``\ 

.. _imap-reference-manpages-systemcommands-cyradm-listquotaroot:


listquotaroot
=============


\ **listquotaroot**\  \ *mailbox*\ 

Show quota roots and quotas for mailbox

aliases: \ ``lqm``\ , \ ``lqr``\ 

.. _imap-reference-manpages-systemcommands-cyradm-mboxconfig:


mboxconfig
==========


\ **mboxconfig**\  [\ ``--private``\ ] \ *mailbox*\  \ *attribute*\  \ *value*\ 

Set mailbox metadata, optionally set the private instead of the shared
version of the metadata. A value of "none" will remove the attribute.

The currently supported attributes are:


- \ ``comment``\  \ *description*\ 
 
 Sets a comment or description associated with the mailbox.
 


- \ ``expire``\  \ *days*\ 
 
 Sets the number of days after which messages will be expired from the mailbox.
 


- \ ``news2mail``\  \ *address*\ 
 
 Sets an email address to which messages injected into the server via NNTP
 will be sent.
 


- \ ``pop3showafter``\  \ *time*\ 
 
 Sets a time (in RFC3501 format, for example "6-Jan-2011 11:45:32 +1100")
 which specifies a cutoff date such that POP3 fetching of the folder does
 not see messages whose internaldate is before or equal to the date.
 


- \ ``sharedseen``\  \ *true|false*\ 
 
 Enables the use of a shared \Seen flag on messages rather than a
 per-user \Seen flag.  The 's' right in the mailbox ACL still controls
 whether a user can set the shared \Seen flag.
 


- \ ``sieve``\  \ *scriptname*\ 
 
 Indicates the name of the global sieve script that should be run when
 a message is delivered to the shared mailbox (not used for personal
 mailboxes).
 


- \ ``squat``\  \ *true|false*\ 
 
 Indicates that the mailbox should have a squat index created for it.
 


aliases: \ ``mboxcfg``\ 

.. _imap-reference-manpages-systemcommands-cyradm-reconstruct:


reconstruct
===========


\ **reconstruct**\  [\ ``-r``\ ] \ *mailbox*\ 

Reconstruct the specified mailbox, optionally recursing and reconstructing child mailboxes if the \ ``-r``\  flag is given.

For more information see reconstruct(8).

.. _imap-reference-manpages-systemcommands-cyradm-renamemailbox:


renamemailbox
=============


\ **renamemailbox**\  [\ ``--partition``\  \ *partition*\ ] \ *oldname*\  \ *newname*\ 

\ **renamemailbox**\  \ *oldname*\  \ *newname*\  [\ *partition*\ ]

Rename the specified mailbox, optionally moving it to a different partition.
Both old-style and getopt-style usages are accepted; combining them will
produce an error.

aliases: \ ``rename``\ , \ ``renm``\ 

.. _imap-reference-manpages-systemcommands-cyradm-server:


server
======


\ **server**\ 

\ **server**\  \ *[--noauthenticate]*\  \ *[server]*\ 

With no arguments, show the current server.  With an argument, connect to that
server.  It will prompt for automatic login unless the \ ``--noauthenticate``\ 
option is specified.  (This may change; in particular, either automatic
authentication will be removed or all `authenticate`_ options will be added.)

When connected to a server, \ **cyradm**\ 's prompt changes from \ ``cyradm>``\  to
\ ``servername>``\ , where \ *servername*\  is the fully qualified domain name
of the connected server.

aliases: \ ``connect``\ , \ ``servername``\ 

.. _imap-reference-manpages-systemcommands-cyradm-setaclmailbox:


setaclmailbox
=============


\ **setaclmailbox**\  \ *mailbox*\  \ *id*\  \ *rights*\  [\ *id*\  \ *rights*\  ...]

Set ACLs on a mailbox.  The ACL may be one of the special strings \ ``none``\ ,
\ ``read``\  (\ ``lrs``\ ), \ ``post``\  (\ ``lrsp``\ ), \ ``append``\  (\ ``lrsip``\ ), \ ``write``\ 
(\ ``lrswipkxte``\ ), \ ``delete``\  (\ ``lrxte``\ ), or \ ``all``\  (\ ``lrswipkxte``\ ), or
any combinations of the ACL codes:


- \ **l**\ 
 
 Lookup (mailbox is visible to LIST/LSUB, SUBSCRIBE mailbox)
 


- \ **r**\ 
 
 Read (SELECT/EXAMINE the mailbox, perform STATUS)
 


- \ **s**\ 
 
 Seen (set/clear \SEEN flag via STORE, also set \SEEN flag during APPEND/COPY/FETCH BODY[...])
 


- \ **w**\ 
 
 Write flags other than \SEEN and \DELETED
 


- \ **i**\ 
 
 Insert (APPEND, COPY destination)
 


- \ **p**\ 
 
 Post (send mail to mailbox)
 


- \ **k**\ 
 
 Create mailbox (CREATE new sub-mailboxes, parent for new mailbox in RENAME)
 


- \ **x**\ 
 
 Delete mailbox (DELETE mailbox, old mailbox name in RENAME)
 


- \ **t**\ 
 
 Delete messages (set/clear \DELETED flag via STORE, also set \DELETED flag during APPEND/COPY)
 


- \ **e**\ 
 
 Perform EXPUNGE and expunge as part of CLOSE
 


- \ **a**\ 
 
 Administer (SETACL/DELETEACL/GETACL/LISTRIGHTS)
 


aliases: \ ``setacl``\ , \ ``sam``\ 

.. _imap-reference-manpages-systemcommands-cyradm-setinfo:


setinfo
=======


\ **setinfo**\  \ *attribute*\  \ *value*\ 

Set server metadata.  A value of "none" will remove the attribute.
The currently supported attributes are:


- \ ``motd``\  \ *message*\ 
 
 Sets a "message of the day".  The message gets displayed as an ALERT upon
 connection.
 


- \ ``comment``\  \ *note*\ 
 
 Sets a comment or description associated with the server.
 


- \ ``admin``\  \ *address*\ 
 
 Sets the administrator email address for the server.
 


- \ ``shutdown``\  \ *message*\ 
 
 Sets a shutdown message.  The message gets displayed as an ALERT and
 all users are disconnected from the server (subsequent logins are disallowed).
 


- \ ``expire``\  \ *days*\ 
 
 Sets the number of days after which messages will be expired from the
 server (unless overridden by a mailbox annotation).
 


- \ ``squat``\  \ *true|false*\ 
 
 Indicates that all mailboxes should have a squat indexes created for
 them (unless overridden by a mailbox annotation).
 


.. _imap-reference-manpages-systemcommands-cyradm-setmetadata:


setmetadata
===========


\ **setmetadata**\  [--private] mailbox [\ *annotation*\ ] \ *value*\ 

Set metadata on mailbox, where \ *annotation*\  is one of
[comment|expire|news2mail|pop3showafter|sharedseen|sieve|specialuse|
squat|/<explicit annotation>].

Note that \ *value*\  with a leading backslash must be escaped with an
additional backslash.  For example:



.. code-block:: perl

   setmetadata --private Spam specialuse "\\Junk"


Note, too, that "private" annotations are private to the user currently
authenticated as, not necessarily the owner of the mailbox.  To set
annotations for another user you must authorize as that user.

In addition to the use of optional flag \ **--private**\ , one may use a more
explicit syntax, prefixing the annotation with '/shared/' or '/private/'
as in this example:



.. code-block:: perl

   setmetadata Spam /private/specialuse "\\Junk"


aliases: \ ``setmd``\ 

.. _imap-reference-manpages-systemcommands-cyradm-setquota:


setquota
========


\ **setquota**\  \ *root*\  \ *resource*\  \ *value*\  [\ *resource*\  \ *value*\  ...]

Set a quota on the specified root, which may or may not be an actual
mailbox. The \ *resources*\  understood by \ **Cyrus**\  are \ ``STORAGE``\ ,
\ ``MESSAGE``\ , \ ``X-NUM-FOLDERS``\  and \ ``X-ANNOTATION-STORAGE``\ .  The storage
units are, as defined in RFC 2087, groups of 1024 octets (i.e.
Kilobytes). The \ *value*\  may be the special string \ ``none``\  which will
remove the quota.

aliases: \ ``sq``\ 

.. _imap-reference-manpages-systemcommands-cyradm-subscribe:


subscribe
=========


\ **subscribe**\  \ *mailbox*\ 

Subscribe to the given mailbox.

.. _imap-reference-manpages-systemcommands-cyradm-unsubscribe:


unsubscribe
===========


\ **unsubscribe**\  \ *mailbox*\ 

Unsubscribe to the given mailbox.

.. _imap-reference-manpages-systemcommands-cyradm-version:


version
=======


\ **version**\ 

Display the version info of the current server.

aliases: \ ``ver``\ 

.. _imap-reference-manpages-systemcommands-cyradm-xfermailbox:


xfermailbox
===========


\ **xfermailbox**\  [\ ``--partition``\  \ *partition*\ ] \ *mailbox*\  \ *server*\ 

\ **xfermailbox**\  \ *mailbox*\  \ *server*\  [\ *partition*\ ]

Transfer (relocate) the specified mailbox to a different server.
Both old-style and getopt-style usages are accepted; combining them will
produce an error.

aliases: \ ``xfer``\ 



*****
NOTES
*****


GNU-style long options must be given in their entirety; Tcl-style options
may be abbreviated.

Tcl-style options are provided as a compatibility feature.  They will
probably go away in the future.

Multiple commands can be given on a line, separated by \ ``';'``\  characters.

All commands set an exit status, which at present is not useful.

Unknown commands are passed to a subshell for execution.

The Tcl version of \ **cyradm**\  is used for scripting as well as interactively.
While this is possible to a limited extent by use of the \ ``run``\  method,
scripting would normally be done with \ ``Cyrus::IMAP::Admin``\ , which is far
more flexible than either interactive \ ``cyradm``\  or the Tcl scripting
mechanism for Cyrus.

\ **cyradm**\  understands \ **/bin/sh**\ -style redirection:  any command can have
its standard or error output redirected, with all \ **sh**\ -style redirections
(except \ ``<>``\ ) supported.  It does not currently understand pipes
or backgrounding.

If the \ ``Term::Readline::Perl``\  or \ ``Term::Readline::GNU``\  modules are
available, \ **cyradm**\  will use it.

An alias facility is implemented internally, but no access is currently
provided to it.  This will change, if only to allow some of the predefined
aliases to be removed if they conflict with useful shell commands.


******
AUTHOR
******


Brandon S. Allbery, allbery@ece.cmu.edu


********
SEE ALSO
********


Cyrus::IMAP::Admin,
Term::ReadLine,
sh(1), perl(1), imapd(8), imapd.conf(5), reconstruct(8)

:cyrusman:`imapd(8)`, :cyrusman:`imapd.conf(5)`, :cyrusman:`reconstruct(8)`.

