How do I share folders ?
Hello dovecot,
First poster here. What I want : give a.chaouche@algerian-radio.dz list and read permissions on a.chaouche@backup.algerian-radio.dz. Let's just discuss sharing the inbox then I can do the same for subfolders, in any. a.chaouche@algerian-radio.dz and a.chaouche@backup.algerian-radio.dz are two different users. Details about the domains aren't relevant here I guess.
My dovecot configuration, what I believe to be the important parts :userdb { args = uid=vmail gid=vmail home=/var/vmail/%d/%n/ driver = static } namespace partage { location = maildir:%%h:INDEX=~/%%u prefix = shared.%%u. separator = . type = shared } mail_location = Maildir:~/ Both users can access their respective inboxes just fine, I only need to give a.chaouche@algerian-radio.dz access to a.chaouche@backup.algerian-radio.dz
Full output of doveconf -n : # 2.2.13: /etc/dovecot/dovecot.conf # OS: Linux 3.16.0-4-amd64 x86_64 Debian 8.3 auth_mechanisms = plain login debug_log_path = /var/log/dovecot.debug disable_plaintext_auth = no first_valid_uid = 100 log_path = /var/log/dovecot.log mail_debug = yes mail_location = Maildir:~/ mail_plugins = " quota acl" managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave namespace inbox { inbox = yes location = mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = INBOX. separator = . type = private } namespace partage { hidden = no location = maildir:%%h:INDEX=~/%%u prefix = shared.%%u. separator = . type = shared } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } plugin { acl = vfile quota = maildir:User quota quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u sieve = ~/.dovecot.sieve sieve_dir = ~/sieve } postmaster_address = root@algerian-radio.dz protocols = " imap lmtp sieve" service auth { unix_listener /var/spool/postfix/private/auth { mode = 0666 } } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0600 user = postfix } } ssl = no userdb { args = uid=vmail gid=vmail home=/var/vmail/%d/%n/ driver = static } protocol lmtp { mail_plugins = " quota acl sieve quota" } protocol lda { mail_plugins = " quota acl sieve" } protocol imap { mail_plugins = " quota acl imap_quota imap_acl" }
I don't know if it's possible to share folders with the doveadm acl command ? root@messagerie[10.10.10.20] ~ # doveadm acl debugĀ -u a.chaouche@algerian-radio.dz shared/a.chaouche@backup.algerian-radio.dz doveadm(a.chaouche@algerian-radio.dz): Error: Can't open mailbox shared/a.chaouche@backup.algerian-radio.dz: Mailbox doesn't exist: shared/a.chaouche@backup.algerian-radio.dz root@messagerie[10.10.10.20] ~ #
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 11 May 2016, chaouche yacine wrote:
namespace inbox {
prefix = INBOX. separator = .
^^^^^^^^
type = private } namespace partage { hidden = no location = maildir:%%h:INDEX=~/%%u prefix = shared.%%u.
^^^^^^^^^
separator = . type = shared }
looks fine for me,
I don't know if it's possible to share folders with the doveadm acl command ? root@messagerie[10.10.10.20] ~ # doveadm acl debugĀ -u a.chaouche@algerian-radio.dz shared/a.chaouche@backup.algerian-radio.dz doveadm(a.chaouche@algerian-radio.dz): Error: Can't open mailbox shared/a.chaouche@backup.algerian-radio.dz: Mailbox doesn't exist: shared/a.chaouche@backup.algerian-radio.dz
you are using the dot as separator, that is:
shared/a.chaouche@backup. should spell
shared.a.chaouche@backup.
However, because there are dots in the username, too, this probably won't work, because Dovecot probably picks up "a" as username.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBVzM9HHz1H7kL/d9rAQIGmwgAi7ga1a1Vv8HfvcAc6mIqxkBHdI5jL3MC YfMVwwuj7NJMjS8l/ouYxJCXdMn5k+sbRifwR/jyBcZtsvz3/ijkMx3RQyoq+LwZ r01Mxb4YR7ub5sNUIeIRtRcR/aNfDLNZb86PpDCHs2WKLU2atS5vVLmJWNiMaJNV MSG72OFKoLUJuRoSM26c2AH/f33WjuEinjjGMk481ezNBmZIuSWU2lJjmUXjfox9 BPzGRUkUKtlV9tkQjJUVjuwcfmvs+ChmTI3O2F37KWswP8zw0/EYXdyRpWCJso7F 8Ecrbu14cSHjisaerTQ4xko+ossPGoEE+Rh7XHuv8VDdNruur5AeVg== =DH0D -----END PGP SIGNATURE-----
Thanks Steffen. I went the quick'n'dirty way described at : http://wiki2.dovecot.org/SharedMailboxes/Symlinks and I must say it works fine as far as I have tested.
Here's what I did :
$ cd /var/vmail/algerian-radio.dz/a.chaouche/
$ ln -s /var/vmail/backup.algerian-radio.dz/a.chaouche/ .shared.a_chaouche@backup_algerian-radio_dz <---- change "." to "_"
If I didn't change the dots they would appear as subfolder separators to dovecot (Maildir++ specs ? )
If you do this then a.chaouche@algerian-radio.dz can do whatever he wants with a.chaouche@backup.algerian-radio.dz mailbox. We don't want this. We want him to only read the mail, not delete it. For this, he needs two permissions : reading of course and listing, because he needs to list the emails in order to choose which one he wants to read. If he doesn't have the listing permission then the MUA would get an error when it tries to list all the messages in the inbox.
We do this by adding a dovecot-acl file in the mailbox we want to share :
root@messagerie[10.10.10.20] /var/vmail/backup.algerian-radio.dz/a.chaouche # cat dovecot-acl user=a.chaouche@algerian-radio.dz lr root@messagerie[10.10.10.20] /var/vmail/backup.algerian-radio.dz/a.chaouche #
This says that user a.chaouche@algerian-radio.dz has the "l" right (listing) and the "r" right (reading).
You can make sure that it's setup as expected with the acl tool :
root@messagerie[10.10.10.20] ~ # doveadm acl get -u a.chaouche@algerian-radio.dz INBOX.shared.a_chaouche@backup_algerian-radio_dz ID Global Rights user=a.chaouche@algerian-radio.dz lookup read root@messagerie[10.10.10.20] ~ #
- No need for SQL tables
- No need for dictionary mappings
- No need for doveadm acl commands
Yassine.
From: Steffen Kaiser skdovecot@smail.inf.fh-brs.de To: chaouche yacine yacinechaouche@yahoo.com Cc: "dovecot@dovecot.org" dovecot@dovecot.org Sent: Wednesday, May 11, 2016 3:09 PM Subject: Re: How do I share folders ?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 11 May 2016, chaouche yacine wrote:
namespace inbox {
prefix = INBOX. separator = .
^^^^^^^^
type = private } namespace partage { hidden = no location = maildir:%%h:INDEX=~/%%u prefix = shared.%%u.
^^^^^^^^^
separator = . type = shared }
looks fine for me,
I don't know if it's possible to share folders with the doveadm acl command ? root@messagerie[10.10.10.20] ~ # doveadm acl debug -u a.chaouche@algerian-radio.dz shared/a.chaouche@backup.algerian-radio.dz doveadm(a.chaouche@algerian-radio.dz): Error: Can't open mailbox shared/a.chaouche@backup.algerian-radio.dz: Mailbox doesn't exist: shared/a.chaouche@backup.algerian-radio.dz
you are using the dot as separator, that is:
shared/a.chaouche@backup. should spell
shared.a.chaouche@backup.
However, because there are dots in the username, too, this probably won't work, because Dovecot probably picks up "a" as username.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBVzM9HHz1H7kL/d9rAQIGmwgAi7ga1a1Vv8HfvcAc6mIqxkBHdI5jL3MC YfMVwwuj7NJMjS8l/ouYxJCXdMn5k+sbRifwR/jyBcZtsvz3/ijkMx3RQyoq+LwZ r01Mxb4YR7ub5sNUIeIRtRcR/aNfDLNZb86PpDCHs2WKLU2atS5vVLmJWNiMaJNV MSG72OFKoLUJuRoSM26c2AH/f33WjuEinjjGMk481ezNBmZIuSWU2lJjmUXjfox9 BPzGRUkUKtlV9tkQjJUVjuwcfmvs+ChmTI3O2F37KWswP8zw0/EYXdyRpWCJso7F 8Ecrbu14cSHjisaerTQ4xko+ossPGoEE+Rh7XHuv8VDdNruur5AeVg== =DH0D -----END PGP SIGNATURE-----
There's also no need to create the shared namespace, so this part below is also unnecessary
namespace partage { location = maildir:%%h:INDEX=~/%%u prefix = shared.%%u. separator = . type = shared }
I've commented it out, restarted dovecot, sharing still works.
Yassine.
----- Original Message ----- From: chaouche yacine yacinechaouche@yahoo.com To: "dovecot@dovecot.org" dovecot@dovecot.org Sent: Thursday, May 12, 2016 1:35 PM Subject: Re: How do I share folders ?
Thanks Steffen. I went the quick'n'dirty way described at : http://wiki2.dovecot.org/SharedMailboxes/Symlinks and I must say it works fine as far as I have tested.
Here's what I did :
$ cd /var/vmail/algerian-radio.dz/a.chaouche/
$ ln -s /var/vmail/backup.algerian-radio.dz/a.chaouche/ .shared.a_chaouche@backup_algerian-radio_dz <---- change "." to "_"
If I didn't change the dots they would appear as subfolder separators to dovecot (Maildir++ specs ? )
If you do this then a.chaouche@algerian-radio.dz can do whatever he wants with a.chaouche@backup.algerian-radio.dz mailbox. We don't want this. We want him to only read the mail, not delete it. For this, he needs two permissions : reading of course and listing, because he needs to list the emails in order to choose which one he wants to read. If he doesn't have the listing permission then the MUA would get an error when it tries to list all the messages in the inbox.
We do this by adding a dovecot-acl file in the mailbox we want to share :
root@messagerie[10.10.10.20] /var/vmail/backup.algerian-radio.dz/a.chaouche # cat dovecot-acl user=a.chaouche@algerian-radio.dz lr root@messagerie[10.10.10.20] /var/vmail/backup.algerian-radio.dz/a.chaouche #
This says that user a.chaouche@algerian-radio.dz has the "l" right (listing) and the "r" right (reading).
You can make sure that it's setup as expected with the acl tool :
root@messagerie[10.10.10.20] ~ # doveadm acl get -u a.chaouche@algerian-radio.dz INBOX.shared.a_chaouche@backup_algerian-radio_dz ID Global Rights user=a.chaouche@algerian-radio.dz lookup read root@messagerie[10.10.10.20] ~ #
- No need for SQL tables
- No need for dictionary mappings
- No need for doveadm acl commands
Yassine.
From: Steffen Kaiser skdovecot@smail.inf.fh-brs.de To: chaouche yacine yacinechaouche@yahoo.com Cc: "dovecot@dovecot.org" dovecot@dovecot.org Sent: Wednesday, May 11, 2016 3:09 PM Subject: Re: How do I share folders ?
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Wed, 11 May 2016, chaouche yacine wrote:
namespace inbox {
prefix = INBOX. separator = .
^^^^^^^^
type = private } namespace partage { hidden = no location = maildir:%%h:INDEX=~/%%u prefix = shared.%%u.
^^^^^^^^^
separator = . type = shared }
looks fine for me,
I don't know if it's possible to share folders with the doveadm acl command ? root@messagerie[10.10.10.20] ~ # doveadm acl debug -u a.chaouche@algerian-radio.dz shared/a.chaouche@backup.algerian-radio.dz doveadm(a.chaouche@algerian-radio.dz): Error: Can't open mailbox shared/a.chaouche@backup.algerian-radio.dz: Mailbox doesn't exist: shared/a.chaouche@backup.algerian-radio.dz
you are using the dot as separator, that is:
shared/a.chaouche@backup. should spell
shared.a.chaouche@backup.
However, because there are dots in the username, too, this probably won't work, because Dovecot probably picks up "a" as username.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBVzM9HHz1H7kL/d9rAQIGmwgAi7ga1a1Vv8HfvcAc6mIqxkBHdI5jL3MC YfMVwwuj7NJMjS8l/ouYxJCXdMn5k+sbRifwR/jyBcZtsvz3/ijkMx3RQyoq+LwZ r01Mxb4YR7ub5sNUIeIRtRcR/aNfDLNZb86PpDCHs2WKLU2atS5vVLmJWNiMaJNV MSG72OFKoLUJuRoSM26c2AH/f33WjuEinjjGMk481ezNBmZIuSWU2lJjmUXjfox9 BPzGRUkUKtlV9tkQjJUVjuwcfmvs+ChmTI3O2F37KWswP8zw0/EYXdyRpWCJso7F 8Ecrbu14cSHjisaerTQ4xko+ossPGoEE+Rh7XHuv8VDdNruur5AeVg== =DH0D -----END PGP SIGNATURE-----
participants (2)
-
chaouche yacine
-
Steffen Kaiser