[Dovecot] Newbie Basic ACL issue

Muhammad Yousuf Khan sirtcp at gmail.com
Fri Nov 30 18:20:10 EET 2012


i can not impliment a basic acl to a /public/.News folder. however
with out ACL it works great but after implementing acl "Public" folder
can be seen while subscribing but i can not create folder inside it
nor i can view already created ".News" folder.

when i restart dovecot it shows me some thing like this

root at mailsrv:/public/.News# /etc/init.d/dovecot restart
Restarting IMAP/POP3 mail server: dovecotILoading modules from
directory: /usr/lib/dovecot/modules/imap
IModule loaded: /usr/lib/dovecot/modules/imap/lib01_acl_plugin.so
IModule loaded: /usr/lib/dovecot/modules/imap/lib02_imap_acl_plugin.so
IEffective uid=65534, gid=65534, home=/tmp
Iacl: No acl_shared_dict setting - shared mailbox listing is disabled



root at mailsrv:/public/.News# dovecot -n
# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-5-amd64 x86_64 Debian 6.0.6
log_timestamp: %Y-%m-%d %H:%M:%S
ssl_cert_file: /etc/ssl/certs/postfix.pem
ssl_key_file: /etc/ssl/private/postfix.key
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_location: maildir:~/Maildir:INBOX=~/Maildir/:INDEX=~/Maildir/index
mail_debug: yes
mbox_write_locks: fcntl dotlock
mail_plugins: acl imap_acl
namespace:
  type: private
  separator: /
  inbox: yes
  list: yes
  subscriptions: yes
namespace:
  type: public
  separator: /
  prefix: Public/
  location: maildir:/public:INDEX=/public/index
  list: yes
  subscriptions: yes
lda:
  mail_plugins: acl
auth default:
  mechanisms: plain login
  passdb:
    driver: pam
  userdb:
    driver: passwd
  socket:
    type: listen
    client:
      path: /var/spool/postfix/private/auth
      mode: 432
      user: postfix
      group: postfix
plugin:
  acl: vfile



as i read in few howto's that "dovecot-acl" file should be placed in
the mail publish folder like in my case "/public/.News/dovecot-acl"

here is the output of my file
root at mailsrv:/public/.News# cat dovecot-acl
owner lrwstipekxa
anyone= lr


now after this implimentation i can see the folder "Public" in
subscription now when i try to create a new folder inside ".News"
folder via outlook 2007 it says "cannot move the item. the server
responded: 'NOPERM] Permission denied"

i think i am messed up permission

actually i have 2 users  "tom" and "fmaster"

both doing the same thing.

weather i write this "anyone lrwstpekxa" or "user=tom lrwstpekxa"  it
does the same for both user

what i want is just a simple thing. i want tom to be the owner of
.News and fmaster has read only. so he can only read the news but can
not delete even can not change the flag to read or unread.

Note: both are system users (not virtual users)

Nov 30 20:50:42 mailsrv dovecot: IMAP(fmaster):
open(/public/.News/dovecot-uidlist) failed: Permission denied
Nov 30 20:50:42 mailsrv dovecot: IMAP(fmaster):
open(/public/.News/dovecot-uidlist) failed: Permission denied
Nov 30 20:54:45 mailsrv dovecot: IMAP(fmaster):
open(/public/index/.News/dovecot.index.log) failed: Permission denied
(euid=1001(fmaster) egid=1001(fmaster) missing +w perm:
/public/index/.News/dovecot.index.log)
Nov 30 20:54:50 mailsrv dovecot: IMAP(fmaster):
open(/public/index/.News/dovecot.index.log) failed: Permission denied
(euid=1001(fmaster) egid=1001(fmaster) missing +w perm:
/public/index/.News/dovecot.index.log)

i thought its a system level permission issue so i pass this command
"chmod 777 /public -R"
but still i receive the same outlook error but no errors in /var/log/mail.err.

please hell me what kind of user right should be on the .News folder.
for example, tom or root which one should have the "rwx" rights on the
folder.
and what kind of changes should i made in deovecot-acl

any help, tip would be highly appreciated.




Thanks,



More information about the dovecot mailing list