[Dovecot] Confused about permissions needed for shared mailbox
Thomas Hummel
hummel at pasteur.fr
Wed Jan 28 17:06:20 EET 2009
Hello,
let me re-state, hopefully in clearer terms, what I tried to described in a previous thread :
With dovecot-1.1.8/Maildir/LDAP pass/userdb (prefetch), I'm trying to set up a
Maildir ".box" shared in rw between 2 users in a "Public" namespace. I can't
get it to work unless I chmod 777 everything, which obiously is not what I
want.
1) am I correct thinking that the system_user userdb extra_field and unix
permissions should be enough to achieve that and that ACLs is only if I want to
fine tunes mailbox permissions ?
2) let's say that my public namespace prefix is Public/, that the .box/ maildir is in
/path/to/public/.box
and my 2 users belong to the doveshared unix group.
I thought it would be enough to have
drwxrws--- 3 root doveshared 4096 Jan 28 14:55 public
drwxrws--- 3 root doveshared 4096 Jan 28 14:55 public/.box
-rwxrws--- 1 root doveshared 0 Jan 26 18:25 public/.box/dovecot-shared
provided that my prefetch userdb returns system_user, as I think the following says in dovecot-ldap.conf :
pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,,,uidNumber=userdb_uid,gidNumber=userdb_gid,shadowMax=userdb_system_user
and providedt that in LDAP shadowMax: 80 (whatever value).
But this doesn't seem to work.
By the way : Am I supposed to have a dovecot-shared file in public as well
(that is not only in public/.box) ?
3) let's say I try ACLs with the same setup (anyone <all permissions> for starters)
would
pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,,,uidNumber=userdb_uid,gidNumber=userdb_gid,shadowMax=userdb_system_user.title=userdb_acl_groups
and
title: group1,doveshared
be a correct setup ?
Do I need an dovecot-acl file only in .box or in public too ?
My understanding is that my setup doesn't work because for some reason, dovecot
doesn't see my users secondary groups or doesnt take them into account...
Any thoughts which might help ?
--
Thomas Hummel | Institut Pasteur
<hummel at pasteur.fr> | Pôle informatique - systèmes et réseau
More information about the dovecot
mailing list