I did some more testing and it looks like "public" really means "public" !
For example:
$ id stephen uid=501(stephen) gid=100(users) groups=100(users),10(wheel),1000(cs)
Normally stephen should have rwx access to the following directory:
$ ls -ald /usr/mail/public/cs drwxrwx--- 4 cs cs 4096 Mar 11 07:22 /usr/mail/public/cs
But dovecot it insists
Mar 11 09:59:23 scacifs02-lnx dovecot: IMAP(stephen): opendir(/usr/mail/public/cs) failed: Permission denied
Id I change the permissions:
$ ls -ald /usr/mail/public/cs drwxrwxr-x 4 cs cs 4096 Mar 11 07:22 /usr/mail/public/cs
it now fails at:
Mar 11 10:07:02 scacifs02-lnx dovecot: IMAP(stephen): opendir(/usr/mail/public/cs/mail) failed: Permission denied
If I change the permission on that directory
$ ls -lad /usr/mail/public/cs/mail drwxrwxr-x 3 cs cs 4096 Mar 10 22:07 /usr/mail/public/cs/mail
Mar 11 10:14:12 scacifs02-lnx dovecot: IMAP(stephen): opendir(/usr/mail/public/cs/mail/.Incoming) failed: Permission denied
one more level
$ ls -lad /usr/mail/public/cs/mail/.Incoming drwxrwxr-x 5 cs cs 4096 Mar 10 21:01 /usr/mail/public/cs/mail/.Incoming
Mar 11 10:16:45 scacifs02-lnx dovecot: IMAP(stephen): opendir(/usr/mail/public/cs/mail/.Incoming/new) failed: Permission denied
and again:
$ ls -lA /usr/mail/public/cs/mail/.Incoming total 12 drwxrwxr-x 2 cs cs 4096 Mar 10 21:01 cur -rw-rw---- 1 cs cs 0 Mar 10 21:01 dovecot-shared drwxrwxr-x 2 cs cs 4096 Mar 10 21:01 new drwxrwxr-x 2 cs cs 4096 Mar 10 21:01 tmp
Now I try to move a mail into the Incoming folder:
Mar 11 10:20:50 scacifs02-lnx dovecot: IMAP(stephen): open(/usr/mail/public/cs/mail/.Incoming/tmp/1236792050.M931023P1390.scacifs02-lnx.totalflood.com) failed: Permission denied
The only two ways I can get public folders to work is to
set the directory perms to 777.
make sure all user have the same primary group and make that groups for the public folder.
Neither of the above are particularly desirable nor practical. Is there another way?