Hi, first of all for forgive me for my english.
I have several questions.
1. There are 2 user/passwd databases in my setup - ldap and mysql. when i
login into one user with telnet 127.0.0.1 143 and share inbox to some users -
records in dict-file apears? but if i delete some acls - records indict-file
stays same.
2. I see in error.log such errors. can somebody explain what do dovecot list
shared folder (what files is looking for, how it see variables %u and %%u, ...)
Aug 26 15:44:19 imap(jack(a)badmltd.dn.ua): Error: Namespace 'shared//':
mkdir(/var/run/dovecot/user-not-found/(a)badmltd.dn.ua) failed: Permission
denied (euid=47(mailnull) egid=12(mail) missing +w perm: /var/run/dovecot,
euid is not dir owner)
Aug 26 15:44:53 imap(admin(a)badmltd.dn.ua): Error: Namespace 'shared/shared/':
mkdir(/var/run/dovecot/user-not-found/shared(a)badmltd.dn.ua) failed: Permission
denied (euid=47(mailnull) egid=12(mail) missing +w perm: /var/run/dovecot,
euid is not dir owner)
Aug 26 15:44:56 imap(test(a)badmltd.dn.ua): Error: Namespace 'shared/shared/':
mkdir(/var/run/dovecot/user-not-found/shared(a)badmltd.dn.ua) failed: Permission
denied (euid=47(mailnull) egid=12(mail) missing +w perm: /var/run/dovecot,
euid is not dir owner)
Aug 26 15:46:36 imap(jack(a)badmltd.dn.ua): Error: Namespace 'shared//':
mkdir(/var/run/dovecot/user-not-found/(a)badmltd.dn.ua) failed: Permission
denied (euid=47(mailnull) egid=12(mail) missing +w perm: /var/run/dovecot,
euid is not dir owner)
Aug 26 15:48:04 imap(jack(a)badmltd.dn.ua): Error: Namespace 'shared//':
mkdir(/var/run/dovecot/user-not-found/(a)badmltd.dn.ua) failed: Permission
denied (euid=47(mailnull) egid=12(mail) missing +w perm: /var/run/dovecot,
euid is not dir owner)
*********************debug.log*******************
Aug 26 15:48:03 auth: Debug: master out: USER 1 jack(a)badmltd.dn.ua
home=/var/spool/vmail/domains/badmltd.dn.ua/jack uid=47 gid=12
Aug 26 15:48:03 imap: Debug: Loading modules from directory: /usr/lib/dovecot
Aug 26 15:48:03 imap: Debug: Module loaded:
/usr/lib/dovecot/lib01_acl_plugin.so
Aug 26 15:48:03 imap: Debug: Module loaded:
/usr/lib/dovecot/lib02_imap_acl_plugin.so
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: Effective uid=47, gid=12,
home=/var/spool/vmail/domains/badmltd.dn.ua/jack
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: Namespace : type=private,
prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: maildir++:
root=/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir, index=, control=,
inbox=/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: initializing backend
with data: vfile
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: acl username =
jack(a)badmltd.dn.ua
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: owner = 1
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: Global ACL
directory: (null)
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: Namespace : type=shared,
prefix=shared/%n/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: shared:
root=/var/run/dovecot, index=, control=, inbox=
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: initializing backend
with data: vfile
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: acl username =
jack(a)badmltd.dn.ua
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: owner = 0
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: Global ACL
directory: (null)
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: file
/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/.Trash/dovecot-acl not
found
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: file
/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/.&BB4EQgQ,BEAEMAQyBDsENQQ9BD0ESwQ1-/dovecot-
acl not found
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: file
/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/.Sent/dovecot-acl not
found
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: file
/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/.&BCcENQRABD0EPgQyBDgEOgQ4-/dovecot-
acl not found
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: file
/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/dovecot-acl not found
Aug 26 15:48:03 auth: Debug: master in: USER 1 zakaz(a)badmltd.dn.ua
service=lib-storage
Aug 26 15:48:03 auth: Debug: sql(zakaz(a)badmltd.dn.ua): SELECT home, uid, gid
FROM users WHERE id = 'zakaz' AND active = 'Y'
Aug 26 15:48:03 auth: Debug: master out: USER 1 zakaz(a)badmltd.dn.ua
home=/var/spool/vmail/domains/badmltd.dn.ua/zakaz uid=47 gid=12
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: auth input:
zakaz(a)badmltd.dn.ua home=/var/spool/vmail/domains/badmltd.dn.ua/zakaz uid=47
gid=12
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: maildir++:
root=/var/spool/vmail/domains/badmltd.dn.ua/zakaz/Maildir,
index=/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/shared/zakaz(a)badmltd.dn.ua,
control=, inbox=/var/spool/vmail/domains/badmltd.dn.ua/zakaz/Maildir
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: initializing backend
with data: vfile
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: acl username =
jack(a)badmltd.dn.ua
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: owner = 0
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: Global ACL
directory: (null)
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: reading file
/var/spool/vmail/domains/badmltd.dn.ua/zakaz/Maildir/dovecot-acl
Aug 26 15:48:03 auth: Debug: master in: USER 2 test(a)badmltd.dn.ua
service=lib-storage
Aug 26 15:48:03 auth: Debug: sql(test(a)badmltd.dn.ua): SELECT home, uid, gid
FROM users WHERE id = 'test' AND active = 'Y'
Aug 26 15:48:03 auth: Debug: ldap(test(a)badmltd.dn.ua): user search:
base=dc=Donetsk, dc=Office, dc=badm, dc=com scope=subtree
filter=(&(objectclass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))
(mail=test(a)badmltd.dn.ua)) fields=
Aug 26 15:48:03 auth: Debug: ldap(test(a)badmltd.dn.ua): result:
objectClass(?unknown?)= cn(?unknown?)= givenName(?unknown?)=
distinguishedName(?unknown?)= instanceType(?unknown?)= whenCreated(?unknown?)=
whenChanged(?unknown?)= displayName(?unknown?)= uSNCreated(?unknown?)=
uSNChanged(?unknown?)= name(?unknown?)= objectGUID(?unknown?)=
userAccountControl(?unknown?)= primaryGroupID(?unknown?)=
objectSid(?unknown?)= sAMAccountName(?unknown?)= sAMAccountType(?unknown?)=
userPrincipalName(?unknown?)= objectCategory(?unknown?)=
dSCorePropagationData(?unknown?)= lastLogonTimestamp(?unknown?)=
mail(?unknown?)=
Aug 26 15:48:03 auth: Debug: master out: USER 2 test(a)badmltd.dn.ua
home=/var/spool/vmail/domains/badmltd.dn.ua/test
mail=/var/spool/vmail/domains/badmltd.dn.ua/test/Maildir
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: auth input:
test(a)badmltd.dn.ua home=/var/spool/vmail/domains/badmltd.dn.ua/test
mail=/var/spool/vmail/domains/badmltd.dn.ua/test/Maildir
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: maildir++:
root=/var/spool/vmail/domains/badmltd.dn.ua/test/Maildir,
index=/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/shared/test(a)badmltd.dn.ua,
control=, inbox=/var/spool/vmail/domains/badmltd.dn.ua/test/Maildir
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: initializing backend
with data: vfile
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: acl username =
jack(a)badmltd.dn.ua
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl: owner = 0
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: Global ACL
directory: (null)
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: reading file
/var/spool/vmail/domains/badmltd.dn.ua/test/Maildir/.kde/dovecot-acl
Aug 26 15:48:03 auth: Debug: master in: USER 3 @badmltd.dn.ua
service=lib-storage
Aug 26 15:48:03 auth: Debug: sql((a)badmltd.dn.ua): SELECT home, uid, gid FROM
users WHERE id = '' AND active = 'Y'
Aug 26 15:48:03 auth: Debug: ldap((a)badmltd.dn.ua): user search:
base=dc=Donetsk, dc=Office, dc=badm, dc=com scope=subtree
filter=(&(objectclass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2))
(mail=(a)badmltd.dn.ua)) fields=
Aug 26 15:48:03 auth: Debug: master out: NOTFOUND 3
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: auth input:
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: maildir++:
root=/var/run/dovecot/user-not-found/(a)badmltd.dn.ua, index=, control=,
inbox=/var/run/dovecot/user-not-found/(a)badmltd.dn.ua
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: Namespace shared//:
Permission lookup failed from /var/run/dovecot/user-not-found/(a)badmltd.dn.ua
Aug 26 15:48:03 imap(jack(a)badmltd.dn.ua): Debug: Namespace shared//: Using
permissions from /var/run/dovecot/user-not-found/(a)badmltd.dn.ua: mode=0700
gid=-1
Aug 26 15:48:04 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: file
/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/.shared.test.kde/dovecot-
acl not found
Aug 26 15:48:04 imap(jack(a)badmltd.dn.ua): Debug: acl vfile: file
/var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir/.shared.zakaz.INBOX/dovecot-
acl not found
Aug 26 15:48:08 imap(jack(a)badmltd.dn.ua): Debug: Namespace : Using permissions
from /var/spool/vmail/domains/badmltd.dn.ua/jack/Maildir: mode=0720 gid=-1
my setup:
dovecot -n
# 2.0.0: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.33.8-149.fc13.i686.PAE i686 Fedora release 13 (Goddard) ext4
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
debug_log_path = /var/log/dovecot/debug.log
disable_plaintext_auth = no
first_valid_gid = 12
first_valid_uid = 47
info_log_path = /var/log/dovecot/info.log
log_path = /var/log/dovecot/dovecot.log
mail_access_groups = mail
mail_debug = yes
mail_gid = 12
mail_location = maildir:/var/spool/vmail/domains/%d/%n/Maildir
mail_plugins = acl
mail_uid = 47
mbox_write_locks = fcntl
namespace {
inbox = yes
location =
prefix =
separator = /
type = private
}
namespace {
list = children
location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
prefix = shared/%%n/
separator = /
subscriptions = no
type = shared
}
passdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
acl = vfile
acl_shared_dict = file:/tmp/shared-mailboxes
}
postmaster_address = postmaster(a)badmltd.dn.ua
protocols = imap pop3
service auth-worker {
user = $default_internal_user
}
service auth {
unix_listener auth-userdb {
mode = 0666
user = mailnull
}
}
ssl_cert = </etc/pki/dovecot/certs/dovecot.pem
ssl_key = </etc/pki/dovecot/private/dovecot.pem
userdb {
args = /etc/dovecot/dovecot-sql.conf.ext
driver = sql
}
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
verbose_proctitle = yes
protocol lda {
debug_log_path = /var/log/dovecot/delivery-debug.log
info_log_path = /var/log/dovecot/delivery-info.log
log_path = /var/log/dovecot/delivery.log
}
protocol imap {
imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
mail_plugins = $mail_plugins imap_acl
}
# cat /tmp/shared-mailboxes
shared/shared-boxes/user/admin@badmltd.dn.ua/test@badmltd.dn.ua
1
shared/shared-boxes/user/admin@badmltd.dn.ua/zakaz@badmltd.dn.ua
1
shared/shared-boxes/user/jack@badmltd.dn.ua/zakaz@badmltd.dn.ua
1
shared/shared-boxes/user/test@badmltd.dn.ua/zakaz@badmltd.dn.ua
1
shared/shared-boxes/user/jack@badmltd.dn.ua/test@badmltd.dn.ua
1
# cat /etc/dovecot/dovecot-sql.conf.ext
driver = mysql
connect = host=localhost dbname=****** user=**** password=*****
default_pass_scheme=plain
password_query = SELECT passwd as password FROM users WHERE id = '%n' AND
active = 'Y'
user_query = SELECT home, uid, gid FROM users WHERE id = '%n' AND active = 'Y'
#password_query = SELECT crypt as password FROM users WHERE id = '%n' AND
domain = '%d' AND active = 'Y'
#user_query = SELECT home, uid, gid FROM users WHERE id = '%n' AND domain =
'%d' AND active = 'Y'
# cat /etc/dovecot/dovecot-ldap.conf.ext
hosts = 10.1.11.3:3268 172.27.1.2:3268
dn = cn=****,cn=Users,dc=****,dc=Office,dc=****,dc=com
dnpass = *****
auth_bind = yes
ldap_version = 3
base = dc=*****k, dc=Office, dc=****, dc=com
deref = searching
scope = subtree
user_attrs =
=home=/var/spool/vmail/domains/%d/%n,=mail=/var/spool/vmail/domains/%d/%n/Maildir
user_filter = (&(objectclass=user)(!
(userAccountControl:1.2.840.113556.1.4.803:=2))(mail=%u))
pass_filter = (&(objectclass=user)(!
(userAccountControl:1.2.840.113556.1.4.803:=2))(mail=%u))
# cat /var/spool/vmail/domains/badmltd.dn.ua/zakaz/Maildir/dovecot-acl
user=admin(a)badmltd.dn.ua lrws
user=jack(a)badmltd.dn.ua lrws
user=test(a)badmltd.dn.ua lrws