[Dovecot] ACL problem
Hey,
I seem to have a problem with ACLs. I'm trying to use them on shared folders those work fine without it. But as soon as I enable the plugin and create the dovecot-acl files, they disappear. I used strace to see if there's a problem with file permissions, but it looks like Dovecot doesn't even attempt to access the dovecot-acl file in the maildir, only the dovecot-acl-list files.
However, it does look for dovecot-acl files in users' home directories. Maybe the ACL plugin is enabled only for the private mailboxes, not for the public ones, but I want right the opposite. How can I achieve it?
Please find my dovecot config below.
Thanks,
cc
# 1.2.4: /etc/dovecot/dovecot.conf # OS: Linux 2.6.26-2-686 i686 Debian 5.0.4 log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps ssl: required ssl_cert_file: /etc/ssl/certs/imapd.pem ssl_key_file: /etc/ssl/private/imapd.key.pem login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mbox_write_locks: fcntl dotlock mail_plugins: acl namespace: type: private location: mbox:%h:INBOX=/var/mail/%u inbox: yes list: yes subscriptions: yes namespace: type: public separator: / prefix: Logs/ location: maildir:/data/mail/logs:LAYOUT=fs:INDEX=~/.imap- public/Logs:CONTROL=~/.imap-public/Logs list: yes auth default: passdb: driver: pam userdb: driver: passwd plugin: acl: vfile
On Tue, 2010-03-02 at 01:43 +0100, SZÉKELYI Szabolcs wrote:
Hey,
I seem to have a problem with ACLs. I'm trying to use them on shared folders those work fine without it. But as soon as I enable the plugin and create the dovecot-acl files, they disappear.
What disappears? The mailboxes?
I used strace to see if there's a problem with file permissions, but it looks like Dovecot doesn't even attempt to access the dovecot-acl file in the maildir, only the dovecot-acl-list files.
Did you try deleting the dovecot-acl-list file? That causes it to be rebuilt.
namespace: type: public separator: / prefix: Logs/ location: maildir:/data/mail/logs:LAYOUT=fs:INDEX=~/.imap- public/Logs:CONTROL=~/.imap-public/Logs list: yes
You should also add subscriptions=no, unless you want to force all users to have the same subscriptions for public mailboxes.
Hi Timo,
thanks for your reply.
On Tuesday 16 March 2010 20.52.51 Timo Sirainen wrote:
On Tue, 2010-03-02 at 01:43 +0100, SZÉKELYI Szabolcs wrote:
Hey,
I seem to have a problem with ACLs. I'm trying to use them on shared folders those work fine without it. But as soon as I enable the plugin and create the dovecot-acl files, they disappear.
What disappears? The mailboxes?
No, they stay in place. I mean they disappear from the folder list as seen on the IMAP client. It's not a client-side caching issue, I requested the folder list from the server using IMAP commands by hand (with telnet), and they don't show up if I enable ACLs.
I used strace to see if there's a problem with file permissions, but it looks like Dovecot doesn't even attempt to access the dovecot-acl file in the maildir, only the dovecot-acl-list files.
Did you try deleting the dovecot-acl-list file? That causes it to be rebuilt.
Yes, I deleted them before every check I did. The strange thing is that it never makes an attempt to open a file named dovecot-acl inside the shared folder's maildir. It tries to access dovecot-acl-list files however (which it shouldn't; it should look for such files in the control directory, right?).
namespace: type: public separator: / prefix: Logs/ location: maildir:/data/mail/logs:LAYOUT=fs:INDEX=~/.imap- public/Logs:CONTROL=~/.imap-public/Logs list: yes
You should also add subscriptions=no, unless you want to force all users to have the same subscriptions for public mailboxes.
Thanks, done, but ACLs still don't work as I expect.
Any other idea? If I disable the ACL plugin, everything works.
Thanks,
cc
On Tue, 2010-03-16 at 21:26 +0100, SZÉKELYI Szabolcs wrote:
I seem to have a problem with ACLs. I'm trying to use them on shared folders those work fine without it. But as soon as I enable the plugin and create the dovecot-acl files, they disappear.
What disappears? The mailboxes?
No, they stay in place. I mean they disappear from the folder list as seen on the IMAP client. It's not a client-side caching issue, I requested the folder list from the server using IMAP commands by hand (with telnet), and they don't show up if I enable ACLs.
Well, that's normal when you enable ACL plugin, because for public namespace the default ACLs is "no permissions".
I used strace to see if there's a problem with file permissions, but it looks like Dovecot doesn't even attempt to access the dovecot-acl file in the maildir, only the dovecot-acl-list files.
Did you try deleting the dovecot-acl-list file? That causes it to be rebuilt.
Yes, I deleted them before every check I did. The strange thing is that it never makes an attempt to open a file named dovecot-acl inside the shared folder's maildir. It tries to access dovecot-acl-list files however (which it shouldn't; it should look for such files in the control directory, right?).
No, all dovecot-acl* files are supposed to exist in maildir itself (because some people want to use per-user control dirs).
When there's no dovecot-acl-list file (in /data/mail/logs), it's supposed to build it by reading all dovecot-acl files.
You could also try out stuff by not LISTing mailboxes, but rather trying to manually SELECT one of the mailboxes that's supposed to exist. When you get that working, LIST is the next thing..
participants (2)
-
SZÉKELYI Szabolcs
-
Timo Sirainen