[Dovecot] Mailbox directory permissions (LDA, 0600 -> 0660, virtual users)
Hello,
I have a quite common dovecot configuration with virtual users support:
- User configuration is stored in MySQL database.
- Mailboxes are owned by vmail:vmail with permission 0600 or drwx------.
Is it possible to change mailbox mode to 0660?
Dovecot version is 2.1.7 Part of SQL configuration:
user_query =
SELECT
CONCAT_WS('/', home, u.uid, d.domain_name, u.user_name) AS home,
500 AS uid,
500 AS gid
FROM users u
LEFT JOIN domains d ON u.domain_id = d.id
WHERE
u.user_name = '%n' AND
d.domain_name = '%d' AND
u.active = 1
Regards.
-- M.
On 17.9.2012, at 13.02, Marcin Hłybin wrote:
I have a quite common dovecot configuration with virtual users support:
- User configuration is stored in MySQL database.
- Mailboxes are owned by vmail:vmail with permission 0600 or drwx------.
Is it possible to change mailbox mode to 0660?
Yeah, although since they're already sharing UIDs I don't see much point? http://wiki2.dovecot.org/SharedMailboxes/Permissions anyway describes how it all works.
On 2012-09-17 14:46, Timo Sirainen wrote:
Yeah, although since they're already sharing UIDs I don't see much point?
I have a service running with different UID that must have full access to mail folders. UID/user is added to vmail group. That is why 0770 permission is desired.
-- M.
On 2012-09-17 14:46, Timo Sirainen wrote:
Yeah, although since they're already sharing UIDs I don't see much point? http://wiki2.dovecot.org/SharedMailboxes/Permissions anyway describes how it all works.
Already tested and it does not work. Directory structure is /home/mail/<uid>/<domain>/<user>
drwxr-xr-x 8 root root 4096 Sep 14 10:28 /home drwx--x--x 565 vmail vmail 53248 Sep 17 10:46 /home/mail drwxrwx--- 3 vmail vmail 4096 Sep 17 15:17 /home/mail/1234 drwx------ 3 vmail vmail 4096 Sep 17 15:17 /home/mail/1234/maildomain.com drwx------ 3 vmail vmail 4096 Sep 17 15:17 /home/mail/1234/maildomain.com/support
Two last directories for mailbox support@maildomain.com are created automatically after first e-mail comes to this address.
As you can see root directory has 0770 permissions (or 0711 if /home/mail is the root directory). Maybe additional configuration is needed to make it work?
-- M.
On 17.9.2012, at 16.25, Marcin Hłybin wrote:
On 2012-09-17 14:46, Timo Sirainen wrote:
Yeah, although since they're already sharing UIDs I don't see much point? http://wiki2.dovecot.org/SharedMailboxes/Permissions anyway describes how it all works.
Already tested and it does not work. Directory structure is /home/mail/<uid>/<domain>/<user>
drwxr-xr-x 8 root root 4096 Sep 14 10:28 /home drwx--x--x 565 vmail vmail 53248 Sep 17 10:46 /home/mail drwxrwx--- 3 vmail vmail 4096 Sep 17 15:17 /home/mail/1234 drwx------ 3 vmail vmail 4096 Sep 17 15:17 /home/mail/1234/maildomain.com drwx------ 3 vmail vmail 4096 Sep 17 15:17 /home/mail/1234/maildomain.com/support
Two last directories for mailbox support@maildomain.com are created automatically after first e-mail comes to this address.
As you can see root directory has 0770 permissions (or 0711 if /home/mail is the root directory). Maybe additional configuration is needed to make it work?
What's your mail_location setting? Note the "Permissions to new user directories" in the wiki, especially the last paragraph. When Dovecot doesn't know what permissions it should use, it defaults to 0700 to be safe.
On 2012-09-17 15:30, Timo Sirainen wrote:
What's your mail_location setting? Note the "Permissions to new user directories" in the wiki, especially the last paragraph. When Dovecot doesn't know what permissions it should use, it defaults to 0700 to be safe.
mail_location = maildir:~/Maildir
Maybe that's the point. What do you propose? I don't think I can use %d and %n as mentioned in documentation because in mailbox path I have additional user_id directory. Home directory is retrieved from database with this part: "CONCAT_WS('/', home, u.uid, d.domain_name, u.user_name) AS home"
-- M.
On 17.9.2012, at 16.40, Marcin Hłybin wrote:
On 2012-09-17 15:30, Timo Sirainen wrote:
What's your mail_location setting? Note the "Permissions to new user directories" in the wiki, especially the last paragraph. When Dovecot doesn't know what permissions it should use, it defaults to 0700 to be safe.
mail_location = maildir:~/Maildir
Maybe that's the point. What do you propose? I don't think I can use %d and %n as mentioned in documentation because in mailbox path I have additional user_id directory. Home directory is retrieved from database with this part: "CONCAT_WS('/', home, u.uid, d.domain_name, u.user_name) AS home"
Then your current possibilities are:
a) mkdir + chmod the directory when a new user is created
b) change Dovecot sources
participants (2)
-
Marcin Hłybin
-
Timo Sirainen