[Dovecot] Symlink shared mailboxes and system_user extra field

[Thomas Hummel]

Hello,

I'm trying to set up, as explained in the wiki, shared mailboxes with symlink.
I'm running dovecot-1.1.8 with LDAP pass/userdb. The Maildir layout goes like this :

  /courriel/boites/foobar : Maildir of user foobar (nfs)
  /courriel/meta/foobar : control files of user foobar (nfs)
  /var/dovecot/indexes : indexes (locally stored)

I created :

  /courriel/boites/doveshared/.box/ : the Maildir I want to share
  /courriel/boites/foobar/.box -> /courriel/boites/doveshared/.box (symlink)
  /courriel/boites/foobaz/.box -> /courriel/boites/doveshared/.box (symlink)
 
  the unix and LDAP group doveshared, so /etc/group holds :

    doveshared:*:<gid>:foobar,foobaz

  the permissions on the real Maildir are ok for that group :  

    drwxrwx---  3 root  doveshared  4096 Jan 26 18:58 /courriel/boites/doveshared
    drwxrwx---  5 root  doveshared  4096 Jan 26 18:58 .box (in /courriel/boites)

  I made the userdb (prefetch) return the system_user extra_field (for now, I'm
  using an used LDAP attribute - I will create a new attribute in my schema
  later) :

    pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,,,uidNumber=userdb_uid,gidNumber=userdb_gid,shadowMax=userdb_system_user

  and it seems to be actually returned :

    Jan 27 09:34:10 munster3 dovecot: auth(default): ldap(foobar,157.99.64.42): result: uid(user)=foobar uidNumber(userdb_uid)=xxx gidNumber(userdb_gid)=xxx homeDirectory(userdb_home)=/home1/xxx/foobar userPassword(password)=<hidden> shadowMax(userdb_system_user)=380

But I can't subscribe to the mailbox :

  stat(/courriel/boites/doveshared/.box/tmp) failed: Permission denied (euid=xxx egid=<primary gid>)

as a matter of fact, the egid seems to be the primary gid.

What am I missing ?

Thanks.

-- 
Thomas Hummel 	    | Institut Pasteur
<hummel at pasteur.fr> | Pôle informatique - systèmes et réseau