On Mon, 2009-11-16 at 13:54 +0000, Peter wrote:
drwxr-xr-x 3 root root 21 2009-11-16 13:36 /home drwxrwx--x 3 nobody maildir 21 2009-11-16 13:36 /home/mail
I would expect a user logging in to have their mail directory created automatically with the same permissions (but not necessarily the same group).
If the group isn't copied, what use is it to copy the group's permissions?
I don't think Dovecot should copy the parent directory's permissions when creating mail root dirs. It just seems too dangerous. I know some people are using 01777 permission root directories, and that really shouldn't be copied.
I've tried pre-creation of /home/mail/adomain, /home/mail/adomain/auser and /home/mail/adomain/auser/Maildir in each case with permissions 0770 but in each case subsequent subdirectories and files are 0700/0600.
Pre-creation (e.g. in post-login script) of /home/mail/adomain/auser/Maildir should work, and in my testing it does:
~/Maildir3% ls -la total 40 drwxrwxrwx 5 timo timo 4096 2009-11-23 16:46 ./ drwxr-xr-x 82 timo timo 12288 2009-11-23 16:41 ../ drwxrwxrwx 2 timo timo 4096 2009-11-23 16:46 cur/ -rw-rw-rw- 1 timo timo 64 2009-11-23 16:46 dovecot-uidlist -rw-r--r-- 1 timo timo 8 2009-11-23 16:46 dovecot-uidvalidity -rw-r--r-- 1 timo timo 0 2009-11-23 16:46 dovecot-uidvalidity.4b0b02ad -rw-rw-rw- 1 timo timo 412 2009-11-23 16:46 dovecot.index.log drwxrwxrwx 2 timo timo 4096 2009-11-23 16:46 new/ drwxrwxrwx 2 timo timo 4096 2009-11-23 16:46 tmp/
Looks like the dovecot-uidvalidity* permissions aren't correct, I'll fix those.