ACL group vs. owner question
A hopefully simple question regarding the use of ACLs - the spirit being of taking away most permissions first and then adding them back selectively:
In the global ACL declaration I have:
The owner is put into the SYS group via userdb extra field in static passwd file ("archiv" is a system user, but pam is disabled for the server):
archiv:::::::userdb_acl_groups=SYS
Still, the group permissions do not get applied:
My question: Shouldn't this work? (In a stock setup.)
PS: when I add "* group-override=SYS" to /etc/dovecot/dovecot-acl the user will not even be able to list INBOX.
PPS: As an aside, the setup also switches any sytem or /virtual/ users during login in local.conf:
Thank you in advance
-- peter
- Peter Chiochetti <pch@myzel.net> 2014.06.22 14:48:
What version is this? There used to be a bug in versions before 2.2.13 where only the first matching ACL line was applied. From the looks this could be the case here as only 'lr' is applied.
http://hg.dovecot.org/dovecot-2.2/rev/7a08a481c133
Regards Thomas
Am 2014-06-22 15:09, schrieb Thomas Leuxner:
Thomas, thank you for your interest. This is with 2.2.13, after the mentioned bug was corrected.
As nobody seems to know, whether such should work in stock dovecot, I guess I will have to take out all my config and try myself :(
-- peter
participants (2)
-
Peter Chiochetti
-
Thomas Leuxner