After trying and failing to do the same thing, I'm also curious about this. Do ACLs simply not work with shared folders? If so, what's the point of ACLs? Only shared resources need access control in the first place.
--Jeff
On Thu, Aug 17, 2006 at 12:24:35PM +0300, typus vulgaris wrote:
Hi, all!
I'm new to dovecot but trying to setup read-only public folders for different user groups.
My goal is to create several public folder such as sales, operation etc with per user index.
But I have some problem which I can't resolve with Google and Dovecot.Org.
Now users can see and subscribe to test folder "share", but I can't block ability to delete messages via ACL.
Here is file system permissions:
public/.share ]> ls -la total 12 drwxrwx--- 5 share mail 512 17 авг 12:17 . drwxrwx--- 6 root mail 512 17 авг 11:04 .. drwxrwx--- 2 share mail 512 17 авг 11:18 cur -rwxrwx--- 1 root mail 21 17 авг 10:36 dovecot-acl -rwxrwx--- 1 root mail 0 16 авг 17:56 dovecot-shared drwxrwx--- 2 share mail 512 17 авг 11:17 new drwxrwx--- 2 share mail 512 17 авг 11:17 tmp
my dovecot-acl file:
public/.share ]> cat dovecot-acl owner lr user=typ lr
But user typ can delete messages. But ACL seems working because if I remove letter 'l' from typ's setting he cannot see the folder.
Here is my config: ----------8<------------ protocols = imap ssl_disable = yes disable_plaintext_auth = no shutdown_clients = yes log_path = /var/log/dovecot/sys.log info_log_path = /var/log/dovecot/info.log login_process_size = 64 verbose_proctitle = yes first_valid_gid = 0 mail_extra_groups = mail default_mail_env = mbox:/var/mail/%u:INDEX=/home/user/%u:INBOX=/var/mail/%u namespace private { separator = / prefix = location = maildir:/home/user/%u/.maildir inbox = yes } namespace public { separator = / prefix = Public/ location = maildir:/home/user/public:CONTROL=/home/user/%u/public/control:INDEX=/home/user/%u/public/index hidden = no inbox = no } mbox_read_locks = fcntl mbox_write_locks = dotlock fcntl mbox_lock_timeout = 300 mbox_very_dirty_syncs = yes umask = 0007 protocol imap { listen = 192.168.101.1:143 mail_plugins = acl imap_client_workarounds = delay-newmail outlook-idle }
protocol pop3 { pop3_uidl_format = %08Xu%08Xv pop3_client_workarounds = outlook-no-nuls oe-ns-eoh } auth default { mechanisms = plain passdb pam { } userdb passwd { } user = root } plugin { } -----------------8<--------------
-- typus vulgaris