I was just wondering if any thought has been given to shared folders and how they might be implemented yet? True shared folders are compelling enough to our organization that I've been looking into moving to Cyrus from Courier, but transparent folder migration looks to be nearly impossible for more than a handful of accounts... so that leaves me back at hoping courier or dovecot can eventually do what we want.
We have a lot of organizations on campus that have a generic mail address such as "maintenance" of "physics." We don't like the idea of shared accounts (invariably either the mailbox gets forgotten about when a secretary changes, the password gets lost, or everyone on campus ends up with the password), so our policies require such generic accounts to be forwarded to a folder in a "real person's" account. This works well for us, but the users are clamoring for the ability to have more than one person access those folders.
The problem with Courier's shared folders is that one person owns the folder and while others can see that mailbox, only the owner has write access. This kills most of the utility of shared folders, except for use as announcement areas.
As I understand it, the reason Courier does it this way is that it uses the underlying unix permissions to control access to the mailbox. I'm thinking that even if dovecot uses the same concept for shared folders, it should be possible to allow multiple users to write to the folders if filesystem ACL support is used. At least ext3 and XFS both support ACL's, so there is a reasonable amount of support for them, and they would allow dovecot to give multiple users write access to the folders without having to manage it's own security system. The only issue would be that the delivery agent would have to make sure that that ACLs for a folder are kept consistent... I'm not even sure dovecot has to be ACL-aware.
Anyway, if there is a completely different plan in the works, that's great too, but I wanted to at least voice an opinion and offer a suggestion of how to make it work.
Thanks
DC
On Fri, 2003-10-17 at 19:28, D Canfield wrote:
I was just wondering if any thought has been given to shared folders and how they might be implemented yet?
Some, but I've thought of it as mostly post-1.0 feature.
The problem with Courier's shared folders is that one person owns the folder and while others can see that mailbox, only the owner has write access. This kills most of the utility of shared folders, except for use as announcement areas.
Really? I thought it wanted to set sticky bit to the directory so that others could write there and they would "own" their posts.
As I understand it, the reason Courier does it this way is that it uses the underlying unix permissions to control access to the mailbox. I'm thinking that even if dovecot uses the same concept for shared folders, it should be possible to allow multiple users to write to the folders if filesystem ACL support is used. At least ext3 and XFS both support ACL's, so there is a reasonable amount of support for them, and they would allow dovecot to give multiple users write access to the folders without having to manage it's own security system. The only issue would be that the delivery agent would have to make sure that that ACLs for a folder are kept consistent... I'm not even sure dovecot has to be ACL-aware.
Filesystem ACLs should work just fine at least with CVS code base. The only problem is that currently everyone's message flags would be shared as well. There would be two ways to allow private flags:
a) Do it like Courier with symlinking. Kind of ugly and some complain about it taking too much inodes.
b) Ignore maildir file flags and just use the flags in index files. Somewhat more easier to get corrupted.
b) would probably be quite easy to do. You'd just have to figure out somehow that the mailbox is shared (eg. some empty dovecot-shared file) and then you'd just add a few checks to code so that Dovecot wouldn't try to sync maildir flags.
Also I'm not sure how you'd set what permissions new mails would get. group+r or group+rw? Maybe take from the directory's mode?
Hmmm.. Is it really that easy? ACL extension itself could be supported later, but filesystem ACLs (even regular UNIX ones) with flags in index files would provide easy and quick way to get shared mailbox support :)
On Mon, 2003-10-20 at 08:25, Timo Sirainen wrote:
Hmmm.. Is it really that easy? ACL extension itself could be supported later, but filesystem ACLs (even regular UNIX ones) with flags in index files would provide easy and quick way to get shared mailbox support :)
Done in CVS (also latest in http://dovecot.fi/nightly/):
Create dovecot-shared file to maildir you want to share
dovecot-shared file permissions should be the same as you want to give to new mails (0640 or 0660 probably). Or should this be taken from new/ dir's mode instead? I'm not sure.
It's possible to specify which flags are shared between users and which are private. Currently I've just hardcoded \Seen flag to be private. Any suggestions where and how this should be configured? Maybe inside dovecot-shared file a list of flag names?
Custom flag names can't be private currently. This is a bit problematic situation if you want both private and shared custom flags since then there would have to be two .customflags files..
ANNOTATE extension supports accessing both shared and private message flags. We don't currently support ANNOTATE, but probably will later. This probably requires changing index files so that it contains both shared and private flags..
Timo Sirainen tss@iki.fi writes:
On Mon, 2003-10-20 at 08:25, Timo Sirainen wrote:
Hmmm.. Is it really that easy? ACL extension itself could be supported later, but filesystem ACLs (even regular UNIX ones) with flags in index files would provide easy and quick way to get shared mailbox support :)
Done in CVS (also latest in http://dovecot.fi/nightly/):
Makes me wonder what your release plans are.
I'm still running v0.99.10 with NAMESPACE patch + extension which sorta works but sometimes confuses Mozilla (known issue).
Should I hold my breath for the next version? :-)
-- Matthias Andree
Encrypt your mail: my GnuPG key ID is 0x052E7D95
On Tuesday, Oct 21, 2003, at 02:31 Europe/Helsinki, Matthias Andree wrote:
Done in CVS (also latest in http://dovecot.fi/nightly/):
Makes me wonder what your release plans are.
When it works. My logs are still showing some weird errors. There are also some other known bugs that I should fix and a few features that really have to be implemented.
On Tue, Oct 21, 2003 at 01:31:17AM +0200, Matthias Andree wrote:
Timo Sirainen tss@iki.fi writes:
On Mon, 2003-10-20 at 08:25, Timo Sirainen wrote:
Hmmm.. Is it really that easy? ACL extension itself could be supported later, but filesystem ACLs (even regular UNIX ones) with flags in index files would provide easy and quick way to get shared mailbox support :)
Done in CVS (also latest in http://dovecot.fi/nightly/):
Makes me wonder what your release plans are.
I'm still running v0.99.10 with NAMESPACE patch + extension which sorta works but sometimes confuses Mozilla (known issue).
still running 0.99.10-rc4 here too. I have to restart it now and again because of a file descriptor leak (which I believe has been fixed in later code), but it continues to do the job. I'd move to a later rev when the mbox code is working again, but there are no other glaring issues for me and no real pressure.
mm
participants (4)
-
D Canfield
-
Mark E. Mallett
-
Matthias Andree
-
Timo Sirainen