[Dovecot] Inherited ACLs for mailboxes created by not-owner

Michael Stilkerich ms at mike2k.de
Sun Feb 12 14:14:03 EET 2012 

Hi Timo,

On 12-Feb-12 5:16, Timo Sirainen wrote:
> On 10.2.2012, at 14.13, Michael Stilkerich wrote:
>
>> I have shared one of my mailboxes to another user providing him full rights to
>> that mailbox.
>>
>> $ doveadm acl get -u user1 doc
>
> Is "doc" the namespace prefix?

No, 'doc' is the name of the shared parent mailbox under that the 2nd
user created the new mailbox 'hallo'.

To clarify: user1 shares the mailbox 'doc' with max permissions to 
user2. user2 then creates a new mailbox under the parent 'doc'.

>> When that user creates a new mailbox within the shared mailbox, the mailbox is successfully
>> created but with an empty ACL.
>
> Creates how? With IMAP client?

Yes, using Thunderbird / Roundcube Webmail.

>> According to the wiki, it should inherit the ACL from its parent, i.e. have
>> full permissions for user2.
>
> Works with me. dovecof -n output?

The config is attached.

The IMAP-Client is signaled an error by dovecot, but the log file does 
not contain an error. At the filesystem level

- The mailbox was created as a sub folder of 'doc'.
- It contains nothing but an empty sub folder 'dbox-Mails'.
- It does specifically not contain an dovecot-acl file.
- The sharing user's (user1) dovecot-acl-list file was not updated to
   list the newly created subfolder.
- The acl dictionary 'shared-mailboxes' was also not touched, but this
   is probably correct since it already contains a record that user1
   shares mailboxes to user2.
- When user1 accesses the new mailbox that user2 created, the below
   error gets logged and a dovecot.index.log file is created in the
   until then empty 'dbox-Mails' folder of the new mailbox.

>> Dovecot logs the following errors when I access the parent folder the first time
>> after the other user created the child mailbox:
>>
>> dovecot: imap(user1): Error: Mailbox doc/hallo: Corrupted index, uidvalidity=0
>> dovecot: imap(user1): Error: Recent flags state corrupted for mailbox INBOX
>> dovecot: imap(user1): Error: /home/dovecot/user1/mailboxes/INBOX/dbox-Mails/dovecot.index reset, view is now inconsistent
>
> Are you trying to use per-user indexes? That's not going to work.

I don't think so. I'm using dbox and thus have not added a custom 
:INDEX=... to the location.

-Michael
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: dovecot.conf
URL: <http://dovecot.org/pipermail/dovecot/attachments/20120212/458222cc/attachment-0004.pl>

More information about the dovecot mailing list