[Dovecot] Confused about permissions needed for shared mailbox
Hello,
let me re-state, hopefully in clearer terms, what I tried to described in a previous thread :
With dovecot-1.1.8/Maildir/LDAP pass/userdb (prefetch), I'm trying to set up a Maildir ".box" shared in rw between 2 users in a "Public" namespace. I can't get it to work unless I chmod 777 everything, which obiously is not what I want.
am I correct thinking that the system_user userdb extra_field and unix permissions should be enough to achieve that and that ACLs is only if I want to fine tunes mailbox permissions ?
let's say that my public namespace prefix is Public/, that the .box/ maildir is in
/path/to/public/.box
and my 2 users belong to the doveshared unix group.
I thought it would be enough to have
drwxrws--- 3 root doveshared 4096 Jan 28 14:55 public drwxrws--- 3 root doveshared 4096 Jan 28 14:55 public/.box -rwxrws--- 1 root doveshared 0 Jan 26 18:25 public/.box/dovecot-shared
provided that my prefetch userdb returns system_user, as I think the following says in dovecot-ldap.conf :
pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,,,uidNumber=userdb_uid,gidNumber=userdb_gid,shadowMax=userdb_system_user
and providedt that in LDAP shadowMax: 80 (whatever value).
But this doesn't seem to work.
By the way : Am I supposed to have a dovecot-shared file in public as well (that is not only in public/.box) ?
- let's say I try ACLs with the same setup (anyone <all permissions> for starters)
would
pass_attrs = uid=user,userPassword=password,homeDirectory=userdb_home,,,uidNumber=userdb_uid,gidNumber=userdb_gid,shadowMax=userdb_system_user.title=userdb_acl_groups
and
title: group1,doveshared
be a correct setup ?
Do I need an dovecot-acl file only in .box or in public too ?
My understanding is that my setup doesn't work because for some reason, dovecot doesn't see my users secondary groups or doesnt take them into account...
Any thoughts which might help ?
-- Thomas Hummel | Institut Pasteur <hummel@pasteur.fr> | Pôle informatique - systèmes et réseau
On Wed, Jan 28, 2009 at 04:06:20PM +0100, Thomas Hummel wrote:
Please ignore this message, I will sum up what I did figure out in another thread.
-- Thomas Hummel | Institut Pasteur <hummel@pasteur.fr> | Pôle informatique - systèmes et réseau
participants (1)
-
Thomas Hummel