[Dovecot] newbie with dovecot acls needs a little help :-)
hy all,
i'm trying to make an acl so a local unix user 'sie' can access exalead mboxes. my exalead mboxes are stored in : /opt/exalead/mail/sie/
mailboxes are automatically created every week like sie.2007.W17 for the 17th week of the year.
how can i do this ? i've tried several things but none succedded.
dovecot version 1.0.rc15
# /etc/dovecot.conf ddIEffective uid=65534, gid=65534 ddILoading modules from directory: /usr/lib64/dovecot/imap ddIModule loaded: /usr/lib64/dovecot/imap/lib01_acl_plugin.so log_path: /var/log/dovecot.log info_log_path: /var/log/dovecot-info.log protocols: imap imaps login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/imap-login login_greeting_capability: yes mail_extra_groups: exalead mail_location: mbox:/opt/exalead/mail mail_debug: yes mail_plugins: acl auth default: verbose: yes debug: yes passdb: driver: pam userdb: driver: passwd userdb: driver: prefetch socket: type: listen client: master: path: /var/run/dovecot/auth-master mode: 384 user: exalead group: exalead
thanks for your help
-- Rachid Zarouali Administrateur Systèmes/Applications AFNIC rachid.zarouali@nic.fr 01.39.30.83.47
On Wed, 2007-04-25 at 18:49 +0200, Rachid Zarouali wrote:
hy all,
i'm trying to make an acl so a local unix user 'sie' can access exalead mboxes. my exalead mboxes are stored in : /opt/exalead/mail/sie/ .. mail_extra_groups: exalead mail_location: mbox:/opt/exalead/mail
A bit late, but if you haven't figured out anything yet:
ACL plugin can only be used to remove permissions that would otherwise be given by filesystem permissions. So I guess your problem is that whatever user is trying to access the sie mboxes doesn't have permission to do so. Is it really enough to have users in exalead group to be able to access the mboxes? Anything in Dovecot's logs?
On Fri, May 11, 2007 at 04:22:46PM +0300, Timo Sirainen wrote:
On Wed, 2007-04-25 at 18:49 +0200, Rachid Zarouali wrote:
hy all,
i'm trying to make an acl so a local unix user 'sie' can access exalead mboxes. my exalead mboxes are stored in : /opt/exalead/mail/sie/ .. mail_extra_groups: exalead mail_location: mbox:/opt/exalead/mail
A bit late, but if you haven't figured out anything yet:
ACL plugin can only be used to remove permissions that would otherwise be given by filesystem permissions. So I guess your problem is that whatever user is trying to access the sie mboxes doesn't have permission to do so. Is it really enough to have users in exalead group to be able to access the mboxes? Anything in Dovecot's logs? well here is how i tricked it:
i checked the umask for the exalead account is : 0002 i made sie member of the exalead group in his $HOME dir , i made a symlink to /opt/exalead/mail/sie/ for the mail dir. this way, the sie user will have it's own dovecot index and log files and can access the imap mailboxes readonly mode.
checking dovecot logs everything works well and using mutt i can access the mailboxes in readonly mode.
-- Rachid Zarouali Administrateur Systèmes/Applications AFNIC rachid.zarouali@nic.fr 01.39.30.83.47
participants (2)
-
Rachid Zarouali
-
Timo Sirainen