[Dovecot] Shared maildirs

Charles Marcus CMarcus at Media-Brokers.com
Tue Jan 31 19:41:20 EET 2006 

>>>> Yes, it will be nice if/when you get around to supporting the 
>>>> ability for Users to Share their own folders, but all I care 
>>>> about is official support (not a 'kludge') via administrator 
>>>> assigning the ACLs.

>>> OK, that at least comes within a month. I'm not exactly sure yet 
>>> what would be the best way to configure them though. One 
>>> possibility would be some global /etc/dovecot-acls.conf and
>>> another would be per-mailbox dovecot-acls file. Or perhaps both
>>> could be supported.. Suggestions welcome :)

>> Well, although IANAP, I like the idea of both - especially if the 
>> global file can 'include' other individual files (group and/or 
>> individual mailbox files?) - this would make it easier to manage
>> acls, especially in larger settings.

> Actually, I would prefer having one ACL configuration per folder. 
> There you could also store any other folder-specific settings, say 
> "have flags per user" vs. "share flags among users" or "inherit 
> settings to (newly created?) sub-folders" or "may create 
> sub-folders".
>
> A system-wide configuration is hard to maintain, if it applies to
> every folder.

Hmmm... well, I don't see anywhere where I suggested that. In fact, I 
sort of took for granted that ACLs would be configurable on a per folder 
basis. All I suggested was a way to implement it using a Global .conf 
file, but with the ability to 'include' other .conf files, to make it 
easier to maintain in a large environment.

Ok, to get some more detail... what I am interested in is two-fold - 
seen flags, and ACLs. The following is just a wish-list. I don't know if 
IMAP ACLs are actually capable of all of the described behavior.

1. 'Seen' flags (I know there are more - but these are the only ones I 
need to be able to configure) - I need to be able to set these as 'Per 
User', on a per Folder basis. If this option is *not* set on a folder, 
then the server should maintain the seen state - any user can change it, 
and all will see the new state.

It wouldn't matter to me which was the default behavior - ie, if I had 
to set seen='per user', or seen='server'.

2. 'Hide Unreadable' Global flag - if I set it, then users should not 
even see shared folders that they don't have at least read-only perms. 
Samba does this really well with shares - any folders inside a share are 
invisible to users who don't have perms to open them.

3. ACLs - ability to set user and group ACLs on a per folder (or per 
group of folders) basis.

Do IMAP ACLs support the ability to set whether a user can add new 
folders or not (assuming they have read/write perms), and if they are 
allowed to, whether the ACLs should propogate to (be inherited by) any 
new sub-folders or not?

Hope this made sense...

-- 

Best regards,

Charles

More information about the dovecot mailing list