OK, gurus, I've spent the last 2 days crawling through all of the posts and web postings regarding shared folders, and I simply cannot get it to work. I'm sure that there is something simple that I've overlooked, but cannot for the life of me see it :)
Here's my current config:
# 2.2.9: /etc/dovecot/dovecot.conf
# OS: Linux 3.16.0-46-generic x86_64 Ubuntu 14.04.3 LTS xfs
auth_mechanisms = plain login
debug_log_path = /var/log/debug.log
listen = *
mail_gid = mail
mail_location =
mdbox:/mail/data/private/%n:INDEX=/mail/index/private/%n
mail_plugins = acl notify mail_log stats
mail_privileged_group = mail
namespace {
list = children
location =
mdbox:/mail/data/shared/%%n:INDEXPVT=/mail/index/private/%n/shared_indices/%%n
prefix = Shared/%%n/
separator = /
subscriptions = no
type = shared
}
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
separator = /
type = private
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
acl = vfile
acl_shared_dict = file:/mail/dict/shared-mailboxes
autocreate = Trash
autocreate2 = Spam
autocreate3 = Drafts
autocreate4 = Junk
autosubscribe = Trash
autosubscribe2 = Spam
autosubscribe3 = Drafts
autosubscribe4 = Junk
mail_log_events = delete undelete expunge copy mailbox_delete
mailbox_rename flag_change append
mail_log_fields = uid box msgid size subject
stats_refresh = 30 secs
stats_track_cmds = yes
}
protocols = " imap lmtp"
service auth {
unix_listener /var/spool/postfix/private/auth {
user = postfix
}
}
service dict {
unix_listener dict {
group = mail
mode = 0600
user = root
}
}
service imap-login {
process_min_avail = 5
service_count = 0
}
service imap {
process_limit = 4096
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
service stats {
fifo_listener stats-mail {
group = mail
mode = 0660
user = root
}
}
ssl_ca = </etc/dovecot/thawte2.crt
ssl_cert = </etc/dovecot/dovecot2.pem
ssl_key = </etc/dovecot/private/solaray-sunglasses.com.key
userdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocol lmtp {
postmaster_address = postmaster@solaray-sunglasses.com
}
protocol imap {
mail_plugins = acl notify mail_log stats imap_acl imap_stats
}
All of our users are "real" (no virtual users or domains) and only a single domain supported. We have a user, rself, that is attempting to share his inbox with a few others that also need access to it. So the corresponding ACL files:
root@srv56:/mail/data/shared/rself# ls -la /mail/data/shared/rself/
total 20
drwx------ 4 rself mail 79 Aug 24 15:22 .
drwxrwx--- 7 mail mail 71 Aug 24 16:01 ..
-rw------- 1 rself mail 17 Aug 24 15:22 dovecot-acl-list
drwx------ 10 rself mail 130 Aug 24 12:28 mailboxes
drwx------ 2 rself mail 12288 Aug 25 16:25 storage
-rw------- 1 rself mail 70 Aug 24 12:28 subscriptions
And the contents of dovecot-acl-list:
root@srv56:/mail/data/shared/rself# cat dovecot-acl-list
1440447778 INBOX
root@srv56:/mail/data/shared/rself#
And the mailbox-specific files:
root@srv56:/mail/data/shared/rself/mailboxes/INBOX/dbox-Mails#
ls -la
total 4
drwx------ 2 rself mail 24 Aug 25 08:16 .
drwx------ 3 rself mail 23 Aug 24 12:28 ..
-rw------- 1 rself mail 24 Aug 24 15:22 dovecot-acl
root@srv56:/mail/data/shared/rself/mailboxes/INBOX/dbox-Mails#
Content:
root@srv56:/mail/data/shared/rself/mailboxes/INBOX/dbox-Mails#
cat dovecot-acl
user=musrey akxeilprwts
root@srv56:/mail/data/shared/rself/mailboxes/INBOX/dbox-Mails#
Now, the global ACL dictionary (just a flat file, not enough users to justify SQL :)
root@srv56:~# ls -la /mail/dict/
total 12
drwxrwxr-x 2 root mail 4096 Aug 24 18:05 .
drwxr-xr-x 5 root root 4096 Aug 23 08:51 ..
-rw-r--r-- 1 rself mail 40 Aug 24 18:05 shared-mailboxes
And contents:
root@srv56:~# cat /mail/dict/shared-mailboxes
shared/shared-boxes/user/musrey/rself
1
root@srv56:~#
So, as far as I can tell from my RTFM activities, I think the configuration is correct. Now, I go to attempt to check the ACL using doveadm, and I get this:
root@srv56:~# doveadm acl debug -u musrey Shared/rself/INBOX
doveadm(musrey): Error: Can't open mailbox Shared/rself/INBOX:
Mailbox doesn't exist: Shared/rself/INBOX
root@srv56:~#
WTH, over? So, not thinking this is an ACL issue, but simply a namespace issue - either I have the shared namespace configured incorrectly, or I'm using it incorrectly in attempting to identify rself's INBOX when trying to verify that the ACL is working. So, I thought to myself, let's try a mailbox list, so I executed
root@srv56:~# doveadm mailbox list -u musrey
ACT!
ACT!/General
AES Outdoors
AES Outdoors/Christy
AES Outdoors/Gwen
.... (many, many mailboxes in here - I should probably eliminate
some of them :)
VMWare
Watchguard
Xata Corporation
Xata Corporation/Mike Brossman
Xata Corporation/Mike Uremovich
INBOX
root@srv56:~#
But no "Shared" or "rself" to be found.
Help, please. I'm quickly going bald over this one.
--
*Mark Usrey* Director of Information Technologies
*Solaray LLC Solaray LLC* 620 S. Linden Sapulpa, Ok 74066 (918) 227-0722 Ext. 527
participants (1)
-
Mark Usrey