[Dovecot] New global ACL mailbox pattern feature in HG

Timo Sirainen tss at iki.fi
Wed May 7 14:12:50 UTC 2014


On 15.2.2014, at 22.13, Thomas Leuxner <tlx at leuxner.net> wrote:

> * Thomas Leuxner <tlx at leuxner.net> 2014.02.10 08:51:
> 
>>>> Public/* group=PublicMailboxAdmins lrwsik
>>>> 
>>>> yields an error (Public/ Namespace) while 'Public*' works:
>>>> $ doveadm mailbox create -u tlx at leuxner.net "Public/Test"
>>>> $ doveadm(tlx at leuxner.net): Error: Can't create mailbox Public/Test: Permission denied
>>> 
>>> I think that's correct behavior? The "k" right needs to be for the parent "Public", while Public/* only matches its children.
>> 
>> I see. Wouldn't "Public" also let's say undesirably apply to mailboxes in the user context then, e.g. someone creates a "Public" folder in his INBOX? I'm asking as I only want to apply the ACL to a namespace.
> 
> Following the http://wiki2.dovecot.org/ACL example of wildcard patters it appears 'Public/*' is completely ignored. I tested with a new mailbox and the only entry applied is the 'Public*' one:
> 
> $ cat global-acl
> INBOX owner lrwstiekxap
> Public* group=PublicMailboxAdmins lrwsik
> Public/* anyone lr
> Public/* authenticated lrws

http://hg.dovecot.org/dovecot-2.2/rev/7a08a481c133 should help here?



More information about the dovecot mailing list