[Dovecot] problems with shared mailboxes and other general issues

Thu Jun 10 03:16:30 EEST 2010

I'm also having beginner's troubles with shared mailboxes with dovecot 
1.2.11.

I've used the TestInstallation instructions for connecting to the imap 
port via openssl and issuing the setacl/getacl commands.  Those appear 
to be fine.

I'm having real difficulty with the acl_shared_dict configuration.  I'd 
prefer to just use a flat file, as I don't anticipate using shared 
folders very frequently.  I don't need a database and would greatly 
prefer not to have a dependency on our database service.  So, with this 
setting:

acl_shared_dict = file:/private/dovecot/var/etc/shared-mailboxes

The '../var/etc' directory is something like 755.  I have to create the 
file first and make it 666.  When it is updated, ownership & permissions 
are changed such that the user giving acl permissions then owns the file 
and it's 600.  I tried setting it back to 644 afterward, so other users 
could read it, but they tried setting a lock in that dir as well.

I tried this:

acl_shared_dict = 
file:/private/dovecot/var/etc/shared-list/shared-mailboxes-%u

Then I made shared-list have '1777' permissions.  Permissions-wise, this 
will now work, including locks, but I'm guessing this is just plain 
wrong and I still can't verify access.

My second choice was to use sqlite for this acl_shared_dict, but, even 
though I compiled dovecot with sqlite support and 'ldd' shows that 
'../libexec/dict' is linked against sqlite libraries, when I tried this 
config:

acl_shared_dict = sqlite:/private/dovecot/etc/acl-shared-dict.conf

I get this, and dovecot fails to start up.

EUnknown dict module: sqlite

I question whether I can use sqlite for acl_shared_dict.

Furthermore, in this vein, I don't really know what the shared namespace 
should even look like.  I've been trying the imap commands LIST and 
MYRIGHTS to verify access, but there are simply no examples.  I'd rather 
expect this to work:

x myrights shared/fromuser/folder

but all I get is mailbox doesn't exist.  I know 'shared' is the 
namespace, but I just don't know how it should really be referred to.

Personally, I can live without the acl_shared_dict (from what I 
understand).  I don't need to see the shared path for subscription, I'd 
just manually add the folder path to the .subscriptions file for the 
handful of users that need it.  I just don't think it's working, though.

On a related note, I thought I'd increase debugging to see if that 
helped out any.  When I change 'mail_debug' to 'yes', as soon as I issue 
the imap login command, it logs some stuff, then kicks me out.

Jun 09 15:57:53 IMAP(tom2): Info: acl: initializing backend with data: vfile
Jun 09 15:57:53 IMAP(tom2): Info: acl: acl username = tom2
Jun 09 15:57:53 IMAP(tom2): Info: acl: owner = 1
Jun 09 15:57:53 dovecot: Error: child 6000 (imap) killed with signal 11 
(core dumps disabled)

I would assume this error is causing my problems, but for all I know, it 
could be a side-effect of verbose debugging -- to just terminate.  I see 
nothing about that in the docs, though.  imap works fine without verbose 
logging, so I'm baffled.

I have been frustrated by the shared namespace documentation.  I've been 
through it again and again, but haven't found the answers I've been 
looking for.

Here is the relevant configuration:

namespace shared {
    location = mbox:%%h/mail/shared:INDEX=%%h/mail/shared/.imap
    # everything else defaults
}

protocol imap {
   mail_plugins = quota imap_quota acl imap_acl
}

protocol lda {
   mail_plugins = acl
}

plugin {
  acl = vfile
  acl_shared_dict = 
file:/private/dovecot/var/etc/shared-list/shared-mailboxes-%u
}