[Dovecot] IMAP, Shared folders, symlinks and permissions

Nigel Allen prosmart at jamesons.com.au
Mon May 12 09:51:35 EEST 2008 


Greetings

Using FC7, dovecot-1.0.3-6.fc6 and maildir

I have a recurring problem with permissions.

We have a (real) account on the system called "custs". Within the email 
account for custs there exists some 300 folders, one for each customer.

This worked okay originally with mbox. Everyone had access to their own 
email folders and they all had access to the "custs" account. They only 
problem is that to find one folder (customers)'s emails, you had to 
scroll through 300+ folders.

For the people who need access to all of the custs' folders, there was 
no problem (apart from a real estate one of scrolling which sometimes 
caused people to drag and drop into the wrong folders).

The problem is that around 16 staff need only access to a subset of 
customers (i.e. the ones they manage - around 20 each) while the rest of 
the staff need access to the lot.

What we did was to convert everything to Maildir so that we could use 
symlinks.

So far so good.

We created symlinks from /home/custs/Maildir/customer1 to 
/home/manager1/Maildir/customer1 and from /home/custs/Maildir/customer2 
to /home/manager2/Maildir/customer2.

Again, so far, so good. Manager 1 gets access to Customer 1 and Manager 
2 gets access to Customer 2.

The problem comes when someone who ONLY has access to the "custs" 
account drops an email into Customer 1. The file dovecot-uidlist gets 
created and suddenly Manager 1 cannot see the folder.

We changed (in desperation) the group owner of custs/Maildir to "common" 
(which everyone is a member of) and did a chmod g+s from the 
custs/Maildir down. e even set the permissions of the custs/Maildir/* to 
777 to watch what was happening.

It appears that the permissions on the file dovecot-uidlist is set to 
600 every time someone drops an email into the folder. Then when someone 
else tries to access the folder they get a "permission denied" error on 
dovecot-uidlist.

Can anyone explain to me how to:

Change the way dovecot creates the dovecot-uid files so that the 
permissions are set to 660 or 666
or
Set this up better so that we can share all these folders.

Any suggestions, questions, comments will be (very) gratefully accepted.

Rgds

Nigel.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the dovecot mailing list