Hello all,

As part of the system I'm cobbling together, I have a need for sharing folders between users. I've followed the various pieces of documentation and seem to have something working but have encountered an odd issue.

When user1 shares a folder with user2, then on first access user2 gets a "permission denied" error when trying to access the folder. If I immediately try to access the folder again, then everything is okay. The logs talk about the index.pvt files being inconsistent, which seems to result in the error the first time but allows access the second.

I've searched the mailing lists and it seems that this was seen a few years ago and is due to the index files being empty but there didn't seem to be a resolution.

At the moment, I am filing messages into folders under INBOX, which means that the INBOX itself is empty (though I've seen the same behaviour if I put some messages in there as well).

Can anyone suggest a fix/workaround? I've included my config and some log entries below. In the logs, the "tester@..." user is trying to access the folder "INBOX/tester2" shared by "foo123@...".

(Bonus question: can anyone suggest a mail client that allows easy access to shared folders? For the life of me I can't see how to do it in Thunderbird, so I'm using a python script at the moment.)

Thanks in advance,

Felix

# 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.7.2 ()
# OS: Linux 5.10.16.3-microsoft-standard-WSL2 x86_64 Ubuntu 20.04.3 LTS overlay
# Hostname: ptm-dovecot-5b466fb667-gk6f7
auth_debug = yes
auth_debug_passwords = yes
auth_master_user_separator = *
auth_username_chars =
auth_verbose = yes
dict {
  acl = pgsql:/etc/dovecot/conf.d/dovecot-dict-sql.conf.ext
}
disable_plaintext_auth = no
log_path = /dev/stderr
mail_debug = yes
mail_location = maildir:/home/vmail/%u
mail_plugins = acl
master_user_separator = *
namespace {
  inbox = yes
  location =
  prefix =
  separator = /
  type = private
}
namespace {
  list = children
  location = maildir:/home/vmail/%%u:INDEXPVT=~/Maildir/shared/%%u
  prefix = shared/%%u/
  separator = /
  subscriptions = no
  type = shared
}
passdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
plugin {
  acl = vfile:/etc/dovecot/dovecot-acl:cache_secs=6
  acl_defaults_from_inbox = yes
  acl_shared_dict = proxy::acl
  sieve_default = /etc/dovecot/conf.d/user-to-folder.sieve
}
protocols = imap lmtp
service auth {
  unix_listener auth-userdb {
    group = vmail
    mode = 0600
    user = vmail
  }
  user = root
}
service lmtp {
  inet_listener lmtp {
    address = 0.0.0.0
    port = 24
  }
}
userdb {
  args = /etc/dovecot/conf.d/dovecot-sql.conf.ext
  driver = sql
}
protocol lmtp {
  log_path = /home/vmail/dovecot-deliver.log
  mail_plugins = acl sieve
  postmaster_address = admin@mydomain.com
}
protocol imap {
  mail_plugins = acl imap_acl
}


Log output:

Nov 03 14:38:27 : Debug: acl: initializing backend with data: vfile:/etc/dovecot/dovecot-acl:cache_secs=6
Nov 03 14:38:27 : Debug: acl: acl username = tester@dovecot.mydomain.com
Nov 03 14:38:27 : Debug: acl: owner = 1
Nov 03 14:38:27 : Debug: acl vfile: Global ACL file: /etc/dovecot/dovecot-acl
Nov 03 14:38:27 : Debug: Namespace : type=shared, prefix=shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no location=maildir:/home/vmail/%u:INDEXPVT=~/Maildir/shared/%u
Nov 03 14:38:27 : Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt=
Nov 03 14:38:27 : Debug: acl: initializing backend with data: vfile:/etc/dovecot/dovecot-acl:cache_secs=6
Nov 03 14:38:27 : Debug: acl: acl username = tester@dovecot.mydomain.com
Nov 03 14:38:27 : Debug: acl: owner = 0
Nov 03 14:38:27 : Debug: acl vfile: Global ACL file: /etc/dovecot/dovecot-acl
Nov 03 14:38:27 : Debug: Mailbox INBOX: Mailbox opened because: SELECT
Nov 03 14:38:27 : Debug: acl vfile: file /home/vmail/tester@dovecot.mydomain.com/dovecot-acl not found
Nov 03 14:38:27 : Debug: Namespace : /home/vmail/tester@dovecot.mydomain.com doesn't exist yet, using default permissions
Nov 03 14:38:27 : Debug: Namespace : Using permissions from /home/vmail/tester@dovecot.mydomain.com: mode=0700 gid=default
Nov 03 14:38:27 : Debug: acl vfile: file /home/vmail/tester@dovecot.mydomain.com/dovecot-acl not found
Nov 03 14:38:27 : Debug: auth-master: userdb lookup(foo123@dovecot.mydomain.com): Started userdb lookup
Nov 03 14:38:27 : Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb: Connecting
Nov 03 14:38:27 : Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb: Client connected (fd=18)
Nov 03 14:38:27 auth: Debug: master in: USER 1 foo123@dovecot.mydomain.com service=imap
Nov 03 14:38:27 auth: Debug: sql(foo123@dovecot.mydomain.com): Performing userdb lookup
Nov 03 14:38:27 auth: Debug: sql(foo123@dovecot.mydomain.com): SELECT home, uid, gid FROM users WHERE userid = 'foo123' AND domain = 'dovecot.mydomain.com'
Nov 03 14:38:27 auth: Debug: sql(foo123@dovecot.mydomain.com): Finished userdb lookup
Nov 03 14:38:27 auth: Debug: userdb out: USER 1 foo123@dovecot.mydomain.com home=/tmp/foo123 uid=5000 gid=5001
Nov 03 14:38:27 : Debug: auth-master: userdb lookup(foo123@dovecot.mydomain.com): auth USER input: foo123@dovecot.mydomain.com home=/tmp/foo123 uid=5000 gid=5001
Nov 03 14:38:27 : Debug: auth-master: userdb lookup(foo123@dovecot.mydomain.com): Finished userdb lookup (username=foo123@dovecot.mydomain.com home=/tmp/foo123 uid=5000 gid=5001)
Nov 03 14:38:27 : Debug: maildir++: root=/home/vmail/foo123@dovecot.mydomain.com, index=, indexpvt=/tmp/foo123/Maildir/shared/foo123@dovecot.mydomain.com, control=, inbox=/home/vmail/foo123@dovecot.mydomain.com, alt=
Nov 03 14:38:27 : Debug: acl: initializing backend with data: vfile:/etc/dovecot/dovecot-acl:cache_secs=6
Nov 03 14:38:27 : Debug: acl: acl username = foo123@dovecot.mydomain.com
Nov 03 14:38:27 : Debug: acl: owner = 1
Nov 03 14:38:27 : Debug: acl vfile: Global ACL file: /etc/dovecot/dovecot-acl
Nov 03 14:38:27 : Debug: maildir++: root=/home/vmail/foo123@dovecot.mydomain.com, index=, indexpvt=/tmp/tester/Maildir/shared/foo123@dovecot.mydomain.com, control=, inbox=/home/vmail/foo123@dovecot.mydomain.com, alt=
Nov 03 14:38:27 : Debug: acl: initializing backend with data: vfile:/etc/dovecot/dovecot-acl:cache_secs=6
Nov 03 14:38:27 : Debug: acl: acl username = tester@dovecot.mydomain.com
Nov 03 14:38:27 : Debug: acl: owner = 0
Nov 03 14:38:27 : Debug: acl vfile: Global ACL file: /etc/dovecot/dovecot-acl
Nov 03 14:38:27 : Debug: Mailbox shared/foo123@dovecot.mydomain.com/INBOX: Mailbox opened because: SELECT
Nov 03 14:38:27 : Debug: acl vfile: reading file /home/vmail/foo123@dovecot.mydomain.com/dovecot-acl
Nov 03 14:38:27 : Error: /tmp/tester/Maildir/shared/foo123@dovecot.mydomain.com/.INBOX/dovecot.index.pvt reset, view is now inconsistent
Nov 03 14:38:27 : Debug: Namespace shared/: Using permissions from : mode=0700 gid=default
Nov 03 14:38:27 : Debug: acl vfile: file /home/vmail/foo123@dovecot.mydomain.com/.INBOX.tester2/dovecot-acl not found
Nov 03 14:38:27 : Error: /tmp/tester/Maildir/shared/foo123@dovecot.mydomain.com/.INBOX/dovecot.index.pvt view is inconsistent
Nov 03 14:38:27 : Debug: Mailbox shared/foo123@dovecot.mydomain.com/INBOX/tester2: Mailbox opened because: SELECT
Nov 03 14:38:27 : Error: /tmp/tester/Maildir/shared/foo123@dovecot.mydomain.com/.INBOX.tester2/dovecot.index.pvt reset, view is now inconsistent
Nov 03 14:38:28 : Error: /tmp/tester/Maildir/shared/foo123@dovecot.mydomain.com/.INBOX.tester2/dovecot.index.pvt view is inconsistent
Nov 03 14:38:28 : Debug: Mailbox shared/foo123@dovecot.mydomain.com/INBOX/tester2: UID 1: Opened mail because: prefetch
Nov 03 14:38:28 : Debug: Mailbox shared/foo123@dovecot.mydomain.com/INBOX/tester2: UID 1: Opened mail because: access
Nov 03 14:38:28 : Debug: Mailbox shared/foo123@dovecot.mydomain.com/INBOX/tester2: UID 1: Opened mail because: full mail
Nov 03 14:38:28 : Info: FETCH failed: Permission denied in=360 out=2880 deleted=0 expunged=0 trashed=0 hdr_count=0 hdr_bytes=0 body_count=1 body_bytes=857