Maildir permissions on creation?
Von Random
von at vdrandom.org
Fri Dec 26 11:40:20 UTC 2014
Yes, and it is not my use case, sadly. ACLs are meant for imap, not filesystem access and mail_access_groups is also useless for some reason. It just does not change anything. Probably because I don't use mail_location and variables when I provide path for home. (It's stored as is in a database on mailbox creation.)
26.12.2014, 12:07, "Tobi" <tobster at brain-force.ch>:
> Have you checked the dovecot wiki for 'filepermissions in shared mailboxes' ?
> Explains how dovecot set ACL when creating mailboxes
>
> Am 26. Dezember 2014 09:37:37 MEZ, schrieb Von Random <von at vdrandom.org>:
>> Err, my bad, of course 0640 on files in case of setgid on directories.
>>
>> 26.12.2014, 11:36, "Von Random" <von at vdrandom.org>:
>>> The main reason is that I don't want to provide backup user with
>> unnecessary write permissions within maildirs and mail user within
>> backup logs dir. I was talking about mail_user:mail_group 0750 on dirs
>> and 0640 on files. (Or, possibly, mail_user:backup_group 2750 and
>> 2640.)
>>> 26.12.2014, 11:19, "Tobi" <tobster at brain-force.ch>:
>>>> Whats the reason you do not want to use default dovecot user. Your
>> idea would assume that at least the group must have write access. For
>> me a no-go on mailboxes.
>>>> Am 24. Dezember 2014 13:21:15 MEZ, schrieb Von Random
>> <von at vdrandom.org>:
>>>>> Hello.
>>>>>
>>>>> In my configuration dovecot reads home from mysql and uses no
>> variables
>>>>> within it. It uses Maildir++ storage with virtual users. I also
>> happen
>>>>> to use LMTP.
>>>>>
>>>>> I want to use a backup solution that does not involve running
>> itself as
>>>>> root. Neither do I want to run it as dovecot's mail user.
>>>>>
>>>>> And there lies the problem: dovecot creates maildirs with 0700 and
>>>>> files within them inherit that set of permissions. And there seems
>> to
>>>>> be no sane way to control it. I think I've figured out what to
>> patch in
>>>>> order to change that default, but if possible, I'd like to avoid
>> doing
>>>>> that.
>>>>>
>>>>> tl;dr: is it possible to change the default set of permissions for
>> new
>>>>> maildirs created by dovecot?
>>>> - --
>>>> Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail
>> gesendet.
>>>>>> -----BEGIN PGP SIGNATURE-----
>>>>>> Version: APG v1.1.1
>>>>>>
>>>>>> iQI7BAEBCgAlBQJUnRoiHhxUb2JpIDx0b2JzdGVyQGJyYWluLWZvcmNlLmNoPgAK
>>>>>> CRA1HOYlqGik5L9iD/9FIE2JzWfB7fWJEbI3vVg+ar4LRGwW1xNIf8ahlytPbsmH
>>>>>> D9dFP3kWpJH6TO41AksNjz/FxHcUqSrlsKYTFUsDZCyb9Zyxd8Jv+dH04FwUzw+y
>>>>>> kq+ayoylnTN7Q8mQnqkUpWEuYd5ohWbbUUSguwzN8Zd1T4jCFR9/Lvu0cweE6meu
>>>>>> mBGwvXBbfBP4El+mAM2lKnoMXQpMycS6aX7FwQ/fBaoWSkzg/2az69UtqG6LLF67
>>>>>> ZhJkbn17cpT3y/l/2nV5urdcFVh8RoSXNuYyMN4r7IDKQ6BPsneD+839LS9X/gP/
>>>>>> QMuo5nO5xdx4q1bT9gtv1zz5eKAJ1f3R2oPZyxdpiV5PruSY3J3kvu0cF0aJvQF6
>>>>>> +s0iDsoDBcueB6JEUnYAarteWvBvxRnqb8ytju1xbIEkKLZtaS8Gf2cpZ8eA+Ha/
>>>>>> D0zkYfq7bt+Ra7BY6Qh7XMfiN5z9eWe5RqOmVLZRLf9N75U6wWa+fmXpvlqEtGNV
>>>>>> pKsgif/ivCHiA24+JSJ1PBRjwO36Tu4MsSlT2WnkvyFBQzFzg9T00fl+uTXzgNEz
>>>>>> SBta2wmXk9XVJ9mPzfNrAaAA3+T6H90Sj1CbRt7NZx30UdwYoIL5XXEtnG0p1XdS
>>>>>> moe91H2UE+NT+jgj7emAOLxJf86vIwiHCqI0Zl/7wVNJEnKBXJP5WIHcdEDEHg==
>>>>>> =Tl/z
>>>>>> -----END PGP SIGNATURE-----
>
> - --
> Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
> -----BEGIN PGP SIGNATURE-----
> Version: APG v1.1.1
>
> iQI7BAEBCgAlBQJUnSVbHhxUb2JpIDx0b2JzdGVyQGJyYWluLWZvcmNlLmNoPgAK
> CRA1HOYlqGik5GvTEACYhFfqS5hK4rAoHCzDd5vFwCLIE/ESheJhREbpewE4k7Nq
> BGR1hKygYeAnj3w1CB9R4sgRBOTHSpRuIzk1ZMId5UuQOBxy8ukRzA5xiAoP22lw
> AxB6Ek7e7VLz0998GmoN7uw1t5tczR1SkHscs0XfuBCBJrvo79DHYs7CP18oDTic
> m5NVJS0MZzJGWPSDGwN6WPwRbLZMTZHc79h+WTmYz9Fzet2As71npvP0PiLd4hQP
> xMlgUXCF1vXTUPUGf/NtQfy/xjaww4sEMqOxpigjLLMmnz+OFPo9Mar0uWvNBCgq
> 3rTUqAUaMcLS8ANyvqzPXXba67dl+rNYuK33tWom+H17JzNf1rdYKxtc7IVQgm/E
> RfYhIejH9yQR0/8CHw+ySF3mJdiQsZHMKL4PwXhRzp9OuOU8RZts1bve8pJEHGSr
> ZQjqjiNB/DyE0s9uNh94U58mwGT8FKHQPR52EPF2WyNlyet1aYUCNQlXm2Qe+3FI
> k4D4eJpRfWIHS5x7NALuwrki+/OqFvDphzKCTmhIC2Qa8UnKvxaS9VccW2Z5D9R9
> PHoOb2pgm5bIOUtsWUCykDiTwh5IA0jReoGPRlXmFK/tuhHawdrbfUlQ/YrVAX8w
> p+FhchB5e5LNnBOjIXDB9c+viuobF3qo3uoOqjAwGTkEqIdwsiswCUPfjZJD+A==
> =XfBH
> -----END PGP SIGNATURE-----
More information about the dovecot
mailing list