On Thu, 2009-12-17 at 10:55 +0900, Lukas Haase wrote:
But anyway, the problem has to do with userdb not returning those UNIX groups that you expect.
Oh, ok I think there is a point which I do not understand. What has the userdb to do with UNIX rights? As far as I understood from the wiki there are two levels:
- UNIX rights. The mailboxes need to just have the correct *UNIX* permission in order to access the files in the needed way (read or write). So IMO this could also be achieved with, say, POSIX ACLs (setfacl)
Right. The issue has to do with what UNIX rights Dovecot sets for the process. In a previous mail you said you used:
userdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf
The question is what fields does LDAP return? When you're using ldap, Dovecot doesn't directly use /etc/group or NSS equivalent to figure out what groups a users belong to. If you want Dovecot to do that, you need to return system_user=<username> field from userdb.
So far I also do not understand what the userdb has to do with that. The userdb is just for *internal* users of the application (dovecot)
Exactly.
and has nothing to do with the access system from the operating system or the system users/groups.
But you want Dovecot to interact with operating system's users/groups, so you need to tell Dovecot how to do that.