[Dovecot] Problem with dovecot-acl was not solved
Problems with acl in dovecot-1.2.15 was not solved! See my configs below.
And I see the new bug - still something wrong with configs: cat dovecot-acl: user=t1 lrwsti #user=oper-olegs lrwsti #user=oper-antona lrwsti user=operdss lr #user=operdss lrwsti
User t1 can't create subfolers in inbox. He can only create subfolders in the first levels: Inbox test3 test4 Outbox Sent Trash Test1 - test folder created by t1 user
Folders test3 and test4 can't be deleted by t1 - why? Owner of the test3 and test4 - annother user, but but with group rights everething is fine.
User operdss also can create folders in the same level with such permissions. What's wrong?
imap:/home/t1/Maildir# ls -la total 252 drwxrws--- 35 t1 mshare 4096 2010-10-07 15:59 . drwxr-sr-x 3 root mail 4096 2010-09-22 16:02 .. drwxrws--- 5 t1 mshare 4096 2010-09-15 12:28 .&BB0ENQQ2BDUEOwQwBEIENQQ7BEwEPQQwBE8- &BD8EPgRHBEIEMA- drwxrws--- 2 t1 mshare 4096 2010-10-07 15:41 cur -rw-rw---- 1 t1 mshare 15 2010-10-07 15:59 dovecot-acl -rw-rw---- 1 t1 mshare 383 2010-10-07 15:59 dovecot-acl-list -rw-r----- 1 root mshare 12288 2010-10-07 15:59 .dovecot-acl.swp -rw-rw---- 1 operolegs mshare 1144 2010-09-24 12:16 dovecot.index -rw-rw---- 1 t1 mshare 41984 2010-10-07 11:48 dovecot.index.cache -rw-rw---- 1 t1 mshare 26380 2010-10-07 15:41 dovecot.index.log -rw-rw---- 1 operantona mshare 17 2010-09-23 16:41 dovecot-keywords -rw-rw---- 1 operantona mshare 1941 2010-09-27 10:46 dovecot-uidlist -rw-rw---- 1 t1 mshare 8 2010-10-07 15:45 dovecot-uidvalidity -rw-rw---- 1 t1 mshare 0 2010-09-22 10:54 dovecot-uidvalidity.4c99a838 drwxrws--- 5 t1 mshare 4096 2010-09-23 15:52 .Drafts drwxrws--- 5 t1 mshare 4096 2010-09-22 11:44 .INBOX.1 drwxrws--- 5 t1 mshare 4096 2010-09-28 16:39 .INBOX.processed drwxrws--- 5 operolegs mshare 4096 2010-09-27 17:14 .INBOX.!processed_olegs drwxrws--- 5 t1 mshare 4096 2010-09-23 15:30 .INBOX.test drwxrws--- 5 operdss mshare 4096 2010-09-28 16:39 .INBOX.test1 drwxrws--- 5 operdss mshare 4096 2010-10-05 15:33 .INBOX.test10 drwxrws--- 5 operdss mshare 4096 2010-10-06 16:42 .INBOX.test11 drwxrws--- 5 operdss mshare 4096 2010-10-07 10:35 .INBOX.test12 drwxrws--- 5 operdss mshare 4096 2010-10-07 11:26 .INBOX.test13 drwxrws--- 5 t1 mshare 4096 2010-09-28 16:39 .INBOX.test2 drwxrws--- 5 operdss mshare 4096 2010-09-29 13:52 .INBOX.test3 drwxrws--- 5 operdss mshare 4096 2010-09-29 13:52 .INBOX.test4 drwxrws--- 5 operdss mshare 4096 2010-09-29 15:56 .INBOX.test5 drwxrws--- 5 operdss mshare 4096 2010-09-29 15:57 .INBOX.test6 drwxrws--- 5 operdss mshare 4096 2010-09-29 15:57 .INBOX.test7 drwxrws--- 5 operdss mshare 4096 2010-09-29 16:43 .INBOX.test8 drwxrws--- 5 t1 mshare 4096 2010-10-05 15:30 .INBOX.test9 drwxrws--- 5 t1 mshare 4096 2010-09-28 17:24 .INBOX.tmp drwxrws--- 2 t1 mshare 4096 2010-09-27 10:46 new drwxrws--- 5 t1 mshare 4096 2010-10-07 11:48 .Sent drwxrws--- 5 operdss mshare 4096 2010-09-29 15:55 .Sent.test -rw-rw---- 1 operdss mshare 418 2010-10-07 15:44 subscriptions drwxrws--- 5 t1 mshare 4096 2010-09-15 12:17 .Templates drwxrws--- 5 operdss mshare 4096 2010-10-07 15:42 .test16 drwxrws--- 5 operdss mshare 4096 2010-10-07 15:45 .test17 drwxrws--- 2 t1 mshare 4096 2010-09-27 10:46 tmp drwxrws--- 5 t1 mshare 4096 2010-10-07 15:42 .Trash drwxrws--- 5 t1 mshare 4096 2010-09-23 15:30 .Trash.11 drwxrws--- 5 operantona mshare 4096 2010-09-23 16:39 .Trash.&BD4EMQRABDAEMQQ+BEIEMAQ9BD4-_antona drwxrws--- 5 t1 mshare 4096 2010-10-07 15:42 .Trash.test16 drwxrws--- 5 operdss mshare 4096 2010-09-29 16:01 .Trash.test8
===================================================================== Old bug in new version 1.2.15:
I have a problem with dovecot-acl. Some of our users need to use the same Mailbox with all folders: Inbox (with subfolders), Outbox, Send and Deleted, (some users need in full righs, some - readonly) so I choosed Symlinking mailboxes and tried to use dovecot-acl file.
cat dovecot-acl: user=t1 lrwsti user=operolegs lrwsti user=operantona lrwsti user=operdss lr
User operdss have lrwsti rights in this shared mailbox unstead of lr! But if I comment out other users in the dovecot-acl:
#user=t1 lrwsti #user=operolegs lrwsti #user=operantona lrwsti user=operdss lr
User operdss have lr rights. Whats wrong? It seems, that dovecot-acl is working only for one user and for one line in config. How can I fix it?
=== Here is my configs.
imap:/usr/local/dovecot# /usr/local/dovecot/sbin/dovecot -n # 1.2.15: /etc/dovecot/dovecot.conf # OS: Linux 2.6.26-2-686 i686 Debian 5.0.6 log_path: /var/log/dovecot.log log_timestamp: %Y-%m-%d %H:%M:%S disable_plaintext_auth: no login_dir: /usr/local/dovecot-1.2.15/var/run/dovecot/login login_executable: /usr/local/dovecot-1.2.15/libexec/dovecot/imap-login mail_privileged_group: mail mail_plugins: acl imap_acl auth default: debug: yes passdb: driver: pam userdb: driver: passwd
imap:~# ls -l /home/t1/Maildir lrwxrwxrwx 1 root root 21 2010-09-22 16:03 /home/t1/Maildir -> /var/mail/720/Maildir imap:~# ls -l /home/operolegs/Maildir lrwxrwxrwx 1 root root 21 2010-09-23 16:00 /home/operolegs/Maildir -> /var/mail/720/Maildir imap:~# ls -l /home/operantona/Maildir lrwxrwxrwx 1 root root 21 2010-09-23 16:00 /home/operantona/Maildir -> /var/mail/720/Maildir imap:~# ls -l /home/operdss/Maildir lrwxrwxrwx 1 root root 16 2010-09-28 16:32 /home/operdss/Maildir -> /home/t1/Maildir
imap:/home/t1/Maildir# ls -l total 112 drwxrws--- 2 t1 mshare 4096 2010-09-27 10:46 cur -rw-rw---- 1 t1 mshare 99 2010-09-29 15:56 dovecot-acl -rw-rw---- 1 operdss mshare 312 2010-09-29 16:43 dovecot-acl-list -rw-rw---- 1 operolegs mshare 1144 2010-09-24 12:16 dovecot.index -rw-rw---- 1 t1 mshare 41984 2010-09-28 16:39 dovecot.index.cache -rw-rw---- 1 t1 mshare 25068 2010-09-28 16:38 dovecot.index.log -rw-rw---- 1 operantona mshare 17 2010-09-23 16:41 dovecot-keywords -rw-rw---- 1 operantona mshare 1941 2010-09-27 10:46 dovecot-uidlist -rw-rw---- 1 t1 mshare 8 2010-09-29 16:43 dovecot-uidvalidity -rw-rw---- 1 t1 mshare 0 2010-09-22 10:54 dovecot-uidvalidity.4c99a82f drwxrws--- 2 t1 mshare 4096 2010-09-27 10:46 new -rw-rw---- 1 operdss mshare 327 2010-09-29 16:43 subscriptions drwxrws--- 2 t1 mshare 4096 2010-09-27 10:46 tmp
dovecot packages - dovecot-1.2.15
Linux: Debian Lenny up2date
On Thu, 2010-10-07 at 17:11 +0400, dss wrote:
Problems with acl in dovecot-1.2.15 was not solved! See my configs below.
And I see the new bug - still something wrong with configs: cat dovecot-acl: user=t1 lrwsti
User t1 can't create subfolers in inbox. He can only create subfolders in the first levels:
Creation rights are taken from parent mailbox's 'k' right. Above I guess is dovecot-acl to INBOX. So because user=t1 doesn't have 'k' right there, he can't create anything below INBOX.
Folders test3 and test4 can't be deleted by t1 - why? Owner of the test3 and test4 - annother user, but but with group rights everething is fine.
Deletion right is 'x', which is taken from the mailbox's ACLs (not parent's).
User operdss also can create folders in the same level with such permissions. What's wrong?
I'm not completely sure what you mean by this. These are symlinked mailboxes, so Dovecot treats them as if they were user's own mailboxes.
participants (2)
-
dss
-
Timo Sirainen