[Dovecot] Inherited ACLs for mailboxes created by not-owner
Hi,
I have shared one of my mailboxes to another user providing him full rights to that mailbox.
$ doveadm acl get -u user1 doc
ID Global Rights
user=user2 admin create delete expunge insert lookup post read write write-deleted write-seen
When that user creates a new mailbox within the shared mailbox, the mailbox is successfully created but with an empty ACL.
$ doveadm acl get -u user1 doc/hallo ID Global Rights
According to the wiki, it should inherit the ACL from its parent, i.e. have full permissions for user2.
Dovecot logs the following errors when I access the parent folder the first time after the other user created the child mailbox:
dovecot: imap(user1): Error: Mailbox doc/hallo: Corrupted index, uidvalidity=0 dovecot: imap(user1): Error: Recent flags state corrupted for mailbox INBOX dovecot: imap(user1): Error: /home/dovecot/user1/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent dovecot: imap(user1): Error: Recent flags state corrupted for mailbox Sent dovecot: imap(user1): Error: /home/dovecot/user1/mailboxes/Sent/dbox-Mails/dovecot.index reset, view is now inconsistent dovecot: imap(user1): Error: /home/dovecot/user1/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent
This is on dovecot 2.1rc5.
-Michael
On 10.2.2012, at 14.13, Michael Stilkerich wrote:
I have shared one of my mailboxes to another user providing him full rights to that mailbox.
$ doveadm acl get -u user1 doc
Is "doc" the namespace prefix?
When that user creates a new mailbox within the shared mailbox, the mailbox is successfully created but with an empty ACL.
Creates how? With IMAP client?
According to the wiki, it should inherit the ACL from its parent, i.e. have full permissions for user2.
Works with me. dovecof -n output?
Dovecot logs the following errors when I access the parent folder the first time after the other user created the child mailbox:
dovecot: imap(user1): Error: Mailbox doc/hallo: Corrupted index, uidvalidity=0 dovecot: imap(user1): Error: Recent flags state corrupted for mailbox INBOX dovecot: imap(user1): Error: /home/dovecot/user1/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent
Are you trying to use per-user indexes? That's not going to work.
Hi Timo,
On 12-Feb-12 5:16, Timo Sirainen wrote:
On 10.2.2012, at 14.13, Michael Stilkerich wrote:
I have shared one of my mailboxes to another user providing him full rights to that mailbox.
$ doveadm acl get -u user1 doc
Is "doc" the namespace prefix?
No, 'doc' is the name of the shared parent mailbox under that the 2nd user created the new mailbox 'hallo'.
To clarify: user1 shares the mailbox 'doc' with max permissions to user2. user2 then creates a new mailbox under the parent 'doc'.
When that user creates a new mailbox within the shared mailbox, the mailbox is successfully created but with an empty ACL.
Creates how? With IMAP client?
Yes, using Thunderbird / Roundcube Webmail.
According to the wiki, it should inherit the ACL from its parent, i.e. have full permissions for user2.
Works with me. dovecof -n output?
The config is attached.
The IMAP-Client is signaled an error by dovecot, but the log file does not contain an error. At the filesystem level
- The mailbox was created as a sub folder of 'doc'.
- It contains nothing but an empty sub folder 'dbox-Mails'.
- It does specifically not contain an dovecot-acl file.
- The sharing user's (user1) dovecot-acl-list file was not updated to list the newly created subfolder.
- The acl dictionary 'shared-mailboxes' was also not touched, but this is probably correct since it already contains a record that user1 shares mailboxes to user2.
- When user1 accesses the new mailbox that user2 created, the below error gets logged and a dovecot.index.log file is created in the until then empty 'dbox-Mails' folder of the new mailbox.
Dovecot logs the following errors when I access the parent folder the first time after the other user created the child mailbox:
dovecot: imap(user1): Error: Mailbox doc/hallo: Corrupted index, uidvalidity=0 dovecot: imap(user1): Error: Recent flags state corrupted for mailbox INBOX dovecot: imap(user1): Error: /home/dovecot/user1/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent
Are you trying to use per-user indexes? That's not going to work.
I don't think so. I'm using dbox and thus have not added a custom :INDEX=... to the location.
-Michael
This should fix all your problems: http://hg.dovecot.org/dovecot-2.1/rev/ccad37bc242f
On 12-Feb-12 18:17, Timo Sirainen wrote:
This should fix all your problems: http://hg.dovecot.org/dovecot-2.1/rev/ccad37bc242f
Thanks Timo, it does :)
-Michael
participants (2)
-
Michael Stilkerich
-
Timo Sirainen