ACL group-override question

Peter Chiochetti pch at
Mon Jun 16 20:17:46 UTC 2014

Trying to get ACLs working, very basic setup:

Virtual users are put into different acl_group via passdb.

> u:{PLAIN}B::::::userdb_acl_groups=g

The global acl file restricts what they can do.

> * group-override=g
> * group=g lr

Shouldn't this mean, that the group rights override the user rights?

The effect that I see though is, that the user "u" then may not do 
anything, not even lookup and read.

The wiki text is not fully clear to me: It tells about disabling access 
fully (probably by specifying a non-existent group?). But this can only 
be one way to use group_override…


More information about the dovecot mailing list