[Dovecot] Prohibit removing INBOX
floss at pbartels.info
floss at pbartels.info
Sun Apr 5 14:35:21 EEST 2009
Hello list,
I'm using dovecot 1.1.11 and I'm going to prohibit users to remove
their INBOX and some other directories in the mailbox root.
I used Access Control Lists (http://wiki.dovecot.org/ACL) to do this:
protocol imap {
mail_plugins = acl
}
plugin {
# With global ACLs in /etc/dovecot/acls/ directory:
acl = vfile:/etc/dovecot/acls
}
/etc/dovecot/acls/.DEFAULT:
owner lrwstie
/etc/dovecot/acls/INBOX/.DEFAULT
owner lrwstiekxa
Actually
- its not possible to create/remove directories under the mailbox root
- its possible to create directories under INBOX
- its NOT possible to remove directories under INBOX (This is my problem.)
I tried symlinks like:
/var/mail/.../INBOX/dovecot-acl -> /etc/dovecot/acls/INBOX/.DEFAULT
/var/mail/.../dovecot-acl -> /etc/dovecot/acls/.DEFAULT
But I think the symlink won't help because they doesn't change anything.
And even with the symlinks its not possible to remove directories under IBOX.
The documentation says:
> If a mailbox has both global and per-mailbox ACL file, both of them
> are read and the ACLs are merged. If there are any conflicts:
> * v1.0 and v1.1: The per-mailbox ACL file overrides global ACL file.
As far I can see it the documentation says nothing about merging ACLs
of subdirs. But it seems the given behavior is not wanted by the
dovecot design, because it seems it should be possible to override
ACLs for subdirs, also give more permissions than the upper dirs.
Is this a dovecot failure, do I miss something or is it really wanted
by dovecot this way?
My MUA (Evolution) says:
> Cannot delete folder "INBOX/test".
> Because "IMAP command failed: Permission denied".
It unsubscribes the folder but it not able to remove it.
Logs:
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /etc/dovecot/acls//.DEFAULT
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /var/mail/domain1.tld/address1/mail/dovecot-acl
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /etc/dovecot/acls/INBOX/.DEFAULT
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file
/var/mail/domain1.tld/address1/mail/INBOX/dovecot-acl
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /etc/dovecot/acls/INBOX/.DEFAULT
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file
/var/mail/domain1.tld/address1/mail/INBOX/dovecot-acl
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /etc/dovecot/acls/INBOX/.DEFAULT
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file
/var/mail/domain1.tld/address1/mail/INBOX/dovecot-acl
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /etc/dovecot/acls/INBOX/.DEFAULT
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file
/var/mail/domain1.tld/address1/mail/INBOX/dovecot-acl
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /etc/dovecot/acls/INBOX/.DEFAULT
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file
/var/mail/domain1.tld/address1/mail/INBOX/dovecot-acl
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /etc/dovecot/acls//.DEFAULT
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /var/mail/domain1.tld/address1/mail/dovecot-acl
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /etc/dovecot/acls//.DEFAULT
dovecot: 2009-04-05 13:21:22 Info: IMAP(address1 at domain1.tld): acl
vfile: reading file /var/mail/domain1.tld/address1/mail/dovecot-acl
Thanks in advance
Philipp Bartels
More information about the dovecot
mailing list