[Dovecot] Why dovecot does not want to read my acl file?
Lukas Haase
lukashaase at gmx.at
Thu Dec 17 03:55:51 EET 2009
Hello,
Timo Sirainen wrote:
> On Wed, 2009-12-16 at 14:36 -0500, Timo Sirainen wrote:
>
>>> drwxrwx--- 5 root office 4096 Dec 15 15:53 .Office
>> Why are your files and directories owned by root, instead of peter?
>
> Oh right, kind of stupid question. I already forgot we were talking
> about shared mailboxes. :)
>
> But anyway, the problem has to do with userdb not returning those UNIX
> groups that you expect.
Oh, ok I think there is a point which I do not understand. What has the
userdb to do with UNIX rights? As far as I understood from the wiki
there are two levels:
* UNIX rights. The mailboxes need to just have the correct *UNIX*
permission in order to access the files in the needed way (read or
write). So IMO this could also be achieved with, say, POSIX ACLs (setfacl)
* Internal access system based on the ACLs plugin. I disabled this part
temporarily.
I am working with UNIX systems for over 10 years now and until now I
always debugged permission errors that way. It is the first time that "a
user belongs to a group but does not belong to the group" ... what I
want to day with that: A user belongs to a group or not, that is part of
the operating systems and must not be different through different
application, mustn't it? That must be the same over the whole operating
system and until now, this was always the case.
So far I also do not understand what the userdb has to do with that. The
userdb is just for *internal* users of the application (dovecot) and has
nothing to do with the access system from the operating system or the
system users/groups.
> Perhaps you should just set:
>
> mail_access_groups = office
In fact I do not want to do this because the plan is to have an
arbitrary amount of groups on the system with different members,
permissions and folders.
Regards,
Luke
More information about the dovecot
mailing list