Hi again,
I have some additional notes.
Lukas Haase wrote:
Timo Sirainen schrieb:
[...]
ACL_GROUPS=
groups $USER | tr ' ' ','export ACL_GROUPSI don't think ACL_GROUPS is supported by Dovecot v1.0.
I removed that part again and instead of using group=office I just enumerate all possible users in the ACL file:
anyone user=peter lrwstiek user=user1 lrwstiek user=user2 lrwstiek user=user3 lrwstiek user=user4 lrwstiek
Further things I forgot:
- In the homedirs the scenario is the same. The one user that has access to the files is the user peter itself and there I got no errors about reading the ACL files
- Reading succeeds when I set the directory (.Office) to 755
- For testing I wrote authenticated lrwstiek into the dovecot-acl which means that the problem can not depend on the ACL itself.
In the meantime I also tried something else: I added the user "dovecot" to the "office" group:
# id dovecot uid=107(dovecot) gid=106(dovecot) groups=51683(office),106(dovecot)
Now I can read the file too as user dovecot (su dovecot).
But I still get the message:
Dec 16 07:53:51 mail dovecot: IMAP(peter): acl vfile: no access to file /var/mail/shared/.Office/dovecot-acl
I just do not understand. The process runs as user peter and complains that it is unable to open the ACL file. But the file is definitively readable for user peter, as I checked with su. Also the error is gone when I set the directory to 755 ... that sounds really strange for me...
[...] It's because at startup Dovecot executes imap mail_executable as "dump-capability" user to find out what IMAP capabilities enabled plugins add. In your script you should probably check that if $USER=dump-capability, don't do anything special.
Hmm, I do not fully understand. You can see my whole script in the OP ... there is not done anything special, isnt it?
Thank you, non I understand! The message is because that user does not exist. When I add an if-clause it works.
Regards, Luke