[Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl

Thu Sep 15 13:46:41 EEST 2011

Hi,

On Tue, 13 Sep 2011, Lutz Preßler wrote:
> On Di, 13 Sep 2011, Timo Sirainen wrote:
> > You mean you'd want local ACLs that apply to imapc mailboxes?
> Yes, exactly. Great for "integrating" legacy IMAP servers without e.g.
> ACL support.
> > I think that should work. For example if you set:
> > 
> > mail_location = imapc:~/imapc
> Oh, had not realized that a path argument is possible for imapc:. There are
> even index file then...
> > 
> > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl
> It almost works:
> Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten
> /dovecot-acl) failed: No such file or directory
> After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL
> succeeds.
Ok, I thought I tested accessing the mailbox afterwards, too - but I probably
had not.
I have a more general problem now: shared mailboxes from any "non-INBOX"
namespace are not available to other users. That's not only with virtual or
imapc namespaces, but also tested with two Maildir ones:

namespace personal {
  inbox = yes
  location = maildir:~/Maildir
  prefix = INBOX.
  type = private
}

namespace second {
  inbox = no
  location = maildir:~/Maildir2
  prefix = INBOX.second.
  type = private
}

namespace others {
  type = shared
  separator = .
  prefix = INBOX.shared.%%u.
  location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u
  #location = maildir:/home/%%n/Maildir:INDEX=~/Maildir/shared/%%u
  subscriptions = no
  list = children
}

[...]

I can as user1 SETACL INBOX.second.box

~user1/Maildir2/dovecot-acl-list contains "1316082286 box"
~user1/Maildir2/.box/dovecot-acl contains "user=testuser lrs"
(as does ~user1/Maildir/.in2007/dovecot-acl)
The shared mailboxes dict contains 
  shared/shared-boxes/user/testuser/user1
  1

But - as testuser -
0 list "" "*"
* LIST (\HasChildren) "." "INBOX"
* LIST (\HasNoChildren) "." "INBOX.test"
* LIST (\HasNoChildren) "." "INBOX.second"
* LIST (\Noselect \HasChildren) "." "INBOX.shared.user1"
* LIST (\HasNoChildren) "." "INBOX.virtual"
* LIST (\HasNoChildren) "." "INBOX.shared.user1.in2007"
0 OK List completed.

INBOX.shared.user1.second.box is missing. Also

0 select INBOX.shared.user1.second.box
* OK [CLOSED] Previous mailbox closed.
0 NO Mailbox doesn't exist: second.box

Log shows then:
Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /etc/dovecot/global-acls/INBOX.shared.user1.second.box not found
Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /home/user1/Maildir/.second.box/dovecot-acl not found

... not searching for the acl file correctly.

Thought I tested this with earlier (2.0) versions. Changed group set up
inbetween, but this does not seem relevant.

Regards,
 Lutz