lazy_expunge mangles dovecot-acl-list

Christoph Bußenius busseniu at in.tum.de
Thu Jun 12 09:53:26 UTC 2014 

Hi,

I think I found a bug in Dovecot 2.1.17 and 2.2.13.

In our setup, sometimes ACLs stop working because "dovecot-acl-list" is 
replaced by an empty file.  We found that lazy_expunge is connected to this.

To reproduce, create ACLs for "user1" in a folder.  Put a mail in that 
folder and expunge it, so that the folder will be created in the
"expunged" namespace.

For instance,

# cat user1/mail/mailboxes/folder/dbox-Mails/dovecot-acl
user=user2 keilrwts

# cat user1/mail/dovecot-acl-list
1350914868 folder

# doveadm -f flow fetch -u "user1" 'guid' mailbox _EXPUNGED.\*

# ls -l user1/mail/dovecot-acl-list
-rw------- 1 vmail vmail 0 2014-06-12 11:40 user1/mail/dovecot-acl-list

You see that we have used doveadm to list the expunged namespace, which 
has emptied the "dovecot-acl-list" file.

Cheers,
Christoph




# 2.2.13: /usr/local/dovecot/etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-57-server x86_64 Ubuntu 10.04.4 LTS
disable_plaintext_auth = no
mail_gid = vmail
mail_location = mdbox:~/mail
mail_plugins = acl
mail_uid = vmail
namespace {
   inbox = no
   list = children
   location = mdbox:%%h/mail
   prefix = INBOX.shared.%%u.
   separator = .
   subscriptions = no
   type = shared
}
namespace default {
   inbox = yes
   location =
   prefix = INBOX.
   separator = .
   type = private
}
namespace expunged {
   hidden = yes
   list = no
   location = 
mdbox:~/mail:MAILBOXDIR=expunged:SUBSCRIPTIONS=expunged-subscriptions
   prefix = _EXPUNGED.
   separator = .
   subscriptions = yes
}
passdb {
   args = scheme=CRYPT username_format=%u 
/usr/local/dovecot/etc/dovecot/users
   driver = passwd-file
}
plugin {
   acl = vfile
   acl_shared_dict = file:/mail/shared-mailboxes
   lazy_expunge = _EXPUNGED.
}
protocols = imap pop3
service auth {
   unix_listener auth-userdb {
     group = vmail
     mode = 0660
   }
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
   args = /usr/local/dovecot/etc/dovecot/users
   driver = passwd-file
}
protocol imap {
   imap_client_workarounds = tb-extra-mailbox-sep
   mail_max_userip_connections = 20
   mail_plugins = acl imap_acl acl
}


-- 
Christoph Bußenius
Rechnerbetriebsgruppe Informatik und Mathematik
Technische Universität München

More information about the dovecot mailing list