[Dovecot] Group ACL
Timo Sirainen
tss at iki.fi
Sat Nov 5 18:44:06 EET 2011
On Thu, 2011-10-06 at 08:38 -0700, Daniel L. Miller wrote:
> Using Dovecot 2.0, LDAP userdb & passdb, with prefetch:
>
> hosts = myhost.mydomain
> dn = cn=x,cn=y
> dnpass = xyz123
> auth_bind = yes
> auth_bind_userdn = uid=%n,ou=users,dc=x
> ldap_version = 3
> base = ou=Users, dc=x
> user_attrs = =home=/var/mail/%d/%n, \
> =mail=mdbox:/var/mail/%d/%n/mdbox, \
> =uid=vmail, \
> =gid=mail
Would be good to put acl_groups here also so non-prefetch stuff has
access to it also.
> user_filter = (&(objectClass=inetOrgPerson)(mail=%u))
>
> pass_attrs = mail=user, \
> userPassword=password, \
> =userdb_home=/var/mail/%d/%n, \
> =userdb_mail=mdbox:/var/mail/%d/%n/mdbox, \
> =userdb_uid=vmail, \
> =userdb_gid=mail, \
> =userdb_acl_groups='allshared'
I think the problem may simply be those '' characters in there. You're
now in "'allshared'" group rather than in "allshared" group.. If that
doesn't help:
> I have added permissions for "$allshared" to a mailbox's Inbox. It does
> not appear in the shared folders list. Other mailboxes, with explicit
> permission for a given username, work fine. What am I doing wrong?
1. Make sure that acl_groups setting is enabled for that user by setting
mail_debug=yes and looking at the log:
imap: Debug: Added userdb setting: plugin/acl_groups=allshared
2. Check with: doveadm acl debug -u user <shared mailbox>
More information about the dovecot
mailing list