Dear list,
I am using dovecot 1.0.15 on Debian Lenny. I have a public folder, I use ACL / vfile (without public ACL), and I use maildir / vmail. Now I have two questions:
- http://wiki.dovecot.org/ACL states: "Mailboxes in public namespaces don't have owners, so by default no-one can access them." The same document, when explaining the meaning of the k flag in the ACLs, states: "Mailboxes can be created (or renamed) under this mailbox (there is no recursion, so creating a mailbox under this mailbox's child uses only the child's ACLs)"
I have placed an ACL (dovecot-ACL) at the root of the public namespace (all rights to anyone). The public namespace was appearing correctly in my IMAP client.
Then I have copied a large folder with hundreds of nested subfolders (nesting level > 3) from another account to the root of the public namespace.
According to the documentation mentioned above, this should not have been possible (if I got the docs right): The first nesting level of folder should have been created, but not the messages in them and for sure not the deeper nested folders. There is no dovecot-acl within a single of the first level folders (I have verified this), so no one should have access to them. Nevertheless, in addition to the succesful copy, I can see every folder and every message in my IMAP client, I can delete and so on.
Could some please explain if I got the docs wrong?
- If there really is no ACL recursion, how are we supposed to copy large folder structures (perhaps thousands of folders, nested to 5 levels deep) to a public namespace? Do we need to create all folders by hand, then place the dovecot-acl in each folder, and then copy the messages to each folder by hand? Do we need to switch to global ACLs so that we can establish a master user for doing the act of filling the public space? Or is there a dovecot module which, immediately after creating a folder, looks into the parent folder of the new folder and copies the dovecot-acl from the parent folder to the new folder?
Currently, I am very happy that dovecot didn't what it should do according to my understanding of the documentation (since I really needed to copy this folder structure to the public namespace), but on the other hand, I am a bit puzzled now not knowing if the documentation is wrong, my understanding of it is wrong or the source code is wrong :-)
Thanks you very much for any help,
Peter
Here is the output of dovecot -n:
# 1.0.15: /etc/dovecot/dovecot.conf base_dir: /var/run/dovecot/ log_path: /var/log/dovecot.log info_log_path: /var/log/dovecot-info.log log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps listen: 192.168.20.23 ssl_cert_file: /etc/dovecot/imap-ssl.home.omeganet.de.crt ssl_key_file: /etc/dovecot/imap-ssl.home.omeganet.de.key ssl_parameters_regenerate: 24 ssl_cipher_list: ALL:!LOW login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login login_processes_count: 1 login_max_processes_count: 32 max_mail_processes: 32 mail_privileged_group: mail mail_location: maildir:~/Maildir mail_cache_fields: mail_never_cache_fields: mail_plugins: acl namespace: type: private inbox: yes namespace: type: public prefix: Archive. location: maildir:/home/vmail/archive:INDEX=~/Maildir/archive auth default: cache_size: 1 cache_ttl: 600 worker_max_count: 4 passdb: driver: passwd-file args: /etc/dovecot/passdb userdb: driver: static args: uid=vmail gid=vmail home=/home/vmail/%u socket: type: listen master: path: /var/run/dovecot/auth-master mode: 384 user: root plugin: acl: vfile
-- GMX DSL: Internet, Telefon und Entertainment für nur 19,99 EUR/mtl.! http://portal.gmx.net/de/go/dsl02