Hi, i'm answer myself to give other people an hint which has an similar problem (or better say similar "none experiences" with dovecot).
Am 30.06.2011 12:01, schrieb Udo Lembke:
Hi, i'm a dovecot-newbie and also new at this mailinglist. I'm try to configure an mailserver with dovecot2, postfix and postfixadmin. At this time i struggle with acl and shared namespace. ...
At this time i'm know a little bit more (it's allways good to read the doku). I change my layout to: privat mailbox, privat archive area and public shared area (because of trouble to see shared folder from other accounts). The public shared area are symlinked below the archiv-area: ls -lsa archiv/example.org/test4/ insgesamt 16 4 drwx------ 3 dovecot dovecot 4096 5. Jul 11:40 . 4 drwx------ 3 dovecot dovecot 4096 5. Jul 11:27 .. 4 drwx------ 2 dovecot dovecot 4096 5. Jul 11:27 archiv 4 -rw------- 1 dovecot dovecot 108 5. Jul 11:40 dovecot-acl-list 0 lrwxrwxrwx 1 root root 16 5. Jul 11:27 public -> /var/data/public
The problem is, that the acls are not reconiced - the acl should forbid an access, but access is possible.
This show the telnet imap-session: . list "" "*"
- LIST (\HasNoChildren) "/" "Drafts"
- LIST (\HasNoChildren) "/" "Spam"
- LIST (\HasNoChildren) "/" "Sent"
- LIST (\HasNoChildren) "/" "Trash"
- LIST (\HasNoChildren) "/" "INBOX"
- LIST (\Noselect \HasChildren) "/" "public"
- LIST (\Noselect \HasChildren) "/" "archiv/test4@example.org"
- LIST (\Noselect \HasChildren) "/" "archiv/test4@example.org/public"
- LIST (\Noselect \HasChildren) "/" "archiv/test4@example.org/public/kunde_2"
- LIST (\HasNoChildren) "/" "archiv/test4@example.org/public/kunde_2/Kundenmails"
- LIST (\Noselect \HasChildren) "/" "archiv/test4@example.org/public/kunde_3"
- LIST (\HasNoChildren) "/" "archiv/test4@example.org/public/kunde_3/Kundenmails"
- LIST (\Noselect \HasNoChildren) "/" "archiv/test4@example.org/archiv" . OK List completed.
During the listing i got the the error: Jul 05 12:21:41 imap(test4@example.org): Debug: acl: No lookup right to mailbox: public/kunde_2 Jul 05 12:21:41 imap(test4@example.org): Debug: acl: No lookup right to mailbox: public/kunde_2/Kundenmails Jul 05 12:21:41 imap(test4@example.org): Debug: acl: No lookup right to mailbox: public/kunde_3 Jul 05 12:21:41 imap(test4@example.org): Debug: acl: No lookup right to mailbox: public/kunde_3/Kundenmails
This ist right, but why was the mailboxes showed (and also full accessible)? The acl-files: cat public/dovecot-acl #anyone lr
cat public/kunde_2/dovecot-acl user=ulembke@example.org lrwstipeka user=test3@example.org lrwstipeka
cat public/kunde_2/Kundenmails/dovecot-acl user=test3@example.org akeilprwts user=ulembke@example.org akeilprwts
cat public/kunde_3/dovecot-acl user=ulembke@example.org lrwstipeka user=test2@example.org lrwstipeka anyone
The acl-entry in the config: plugin { acl = vfile } # To let users LIST mailboxes shared by other users, Dovecot needs a # shared mailbox dictionary. For example: plugin { acl_shared_dict = file:/var/data/dovecot/shared-mailboxes/%u }
I have read, that acl_shared_dict with an sql-backend work better like vfile. Use anybody normal vfile for that?
The public-namespace: namespace { type = public separator = / prefix = "public/" location = maildir:/var/data/public:INDEX=/var/data/indexes/public/%u:LAYOUT=fs inbox = no hidden = no subscriptions = no list = yes }
The other config should the same like in the first post.
Any hint?
Best regards
Udo (perhaps i stick to cyrus)