[Dovecot] Question about folder sharing

Achim Gottinger achim at ag-web.biz
Fri Nov 8 03:50:33 EET 2013 

Hmm inheritance for Inbox subfolders is working now that i changed 
namespace inbox into namespace.

However the prefix INDEX thing does not look nice for shared folders 
they appear as shaler/username/INBOX/[foldername]

The docs mention:


    ACL Inheritance

Every time you create a new mailbox, it gets its ACLs from the parent 
mailbox. If you're creating a root-level mailbox, it uses the 
namespace's default ACLs. There is no actual inheritance, however: If 
you modify parent's ACLs, the child's ACLs stay the same. There is 
currently no support for ACL inheritance.

Namespace's default ACLs are read from "dovecot-acl" file in the 
namespace's mail root directory (e.g. /var/public/Maildir). Note that 
currently these default ACLs are used only when creating new mailboxes, 
they aren't used for mailboxes without ACLs.

What i do not understand where would i have to put an dovecot-acl for 
user default? My mail_home is /home/vmail/%u and mail root an subfolder 
mail inside. The dovecot-acl residing here is the one with the acl's for 
inbox and therefore only used for inboxe's subfolders.



Am 08.11.2013 01:25, schrieb Achim Gottinger:
> Hi,
>
> I run dovecot (2.1.7) on debian wheezy in conjuniction with postfix, 
> samba4 (as ldap backend) and sogo. I configured folder sharing but 
> have an few issues.
> With my current config users can share the inbox and other folders. If 
> the acl allows creatings subfolders this does work for all folders 
> beside inbox.
>
> What i want to archiev is the following:
>
> If an user shares his inbox, others should be able to create 
> subfolders and those should inherit the inboxe's acl. All subfolders 
> of inbox should appear as folders at root level and not as subfolders 
> of the inbox.
>
> I thought this can be done by setting the prefix of namespace inbox to 
> INBOX/. I did this and changed the IMAP Server Folder setting in 
> thunderbird to INBOX (like it was earlier when i used courier). Now 
> subfolders created at rootlevel or as subfolders of the inbox appear 
> on rootlevel in thunderbird but they do not inherit the acl's from 
> inbox. Is there an way to achive this?
>
> doveconf -n
>
> # 2.1.7: /etc/dovecot/dovecot.conf
> # OS: Linux 3.2.0-4-amd64 x86_64 Debian 7.2 ext4
> auth_debug = yes
> auth_gssapi_hostname = $ALL
> auth_krb5_keytab = /etc/dovecot/dovecot.keytab
> auth_master_user_separator = %
> auth_mechanisms = plain login gssapi
> auth_username_chars = 
> abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@%
> auth_username_format = %n
> auth_verbose = yes
> debug_log_path = syslog
> disable_plaintext_auth = no
> first_valid_gid = 998
> first_valid_uid = 998
> info_log_path = syslog
> mail_debug = yes
> mail_gid = 998
> mail_home = /home/vmail/%u
> mail_location = maildir:/home/vmail/%u/mail
> mail_plugins = acl
> mail_shared_explicit_inbox = no
> mail_uid = 998
> maildir_very_dirty_syncs = yes
> managesieve_notify_capability = mailto
> managesieve_sieve_capability = fileinto reject envelope 
> encoded-character vacation subaddress comparator-i;ascii-numeric 
> relational regex imap4flags copy include variables body enotify 
> environment mailbox date ihave
> namespace {
>   list = children
>   location = 
> maildir:/home/vmail/%%u/mail:INDEX=/home/vmail/%u/mail/shared/%%u
>   prefix = shared/%%u/
>   separator = /
>   subscriptions = no
>   type = shared
> }
> namespace inbox {
>   inbox = yes
>   location = maildir:/home/vmail/%u/mail
>   prefix =
>   separator = /
>   type = private
> }
> passdb {
>   args = /etc/dovecot/dovecot-ldap-passdb.conf.ext
>   driver = ldap
> }
> passdb {
>   args = /etc/dovecot/passwd.masterusers
>   driver = passwd-file
>   master = yes
> }
> plugin {
>   acl = vfile
>   acl_anyone = allow
>   acl_shared_dict = file:/home/vmail/.shared-mailboxes
>   sieve = ~/.dovecot.sieve
>   sieve_dir = ~/sieve
> }
> protocols = " imap lmtp sieve"
> service auth-worker {
>   user = $default_internal_user
> }
> service auth {
>   unix_listener /var/spool/postfix/private/auth {
>     group = postfix
>     mode = 0666
>     user = postfix
>   }
>   unix_listener auth-userdb {
>     group = vmail
>     mode = 0777
>     user = vmail
>   }
> }
> service imap-login {
>   inet_listener imap {
>     port = 143
>   }
>   inet_listener imaps {
>     port = 993
>     ssl = yes
>   }
> }
> service imap-postlogin {
>   executable = script-login /etc/dovecot/acl-groups.sh
>   user = $default_internal_user
> }
> service imap {
>   executable = imap imap-postlogin
> }
> service lmtp {
>   unix_listener /var/spool/postfix/private/dovecot-lmtp {
>     group = postfix
>     mode = 0666
>     user = postfix
>   }
> }
> service managesieve-login {
>   inet_listener sieve {
>     port = 4190
>   }
> }
> ssl_cert = </etc/easy-rsa/keys/dovecot.crt
> ssl_key = </etc/easy-rsa/keys/dovecot.key
> userdb {
>   args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
>   driver = ldap
> }
> userdb {
>   args = /etc/dovecot/dovecot-ldap-userdb-groups.conf.ext
>   driver = ldap
> }
> protocol imap {
>   imap_client_workarounds = delay-newmail
>   mail_plugins = acl imap_acl
> }
> protocol lmtp {
>   mail_plugins = acl sieve
> }
>

More information about the dovecot mailing list