Different behavior of ACLs in MUA and doveadm
Thomas Leuxner
tlx at leuxner.net
Tue Sep 8 07:51:31 UTC 2015
* Thomas Leuxner <tlx at leuxner.net> 2014.12.31 22:10:
namespace {
list = yes
location = mdbox:/var/vmail/public:INDEXPVT=~/mdbox/public
prefix = Public/
separator = /
subscriptions = no
type = public
}
$ cat /var/vmail/conf.d/leuxner.net/global-acl
INBOX owner lrwstiekxap
Public/* group=PublicMailboxAdmins lrwsipk
Public/* anyone lr
Public/* authenticated lrws
$ doveadm mailbox create -u tlx at leuxner.net Public/Archive/Mailing-Lists/Dovecot/2015
doveadm(tlx at leuxner.net): Error: Can't create mailbox Public/Archive/Mailing-Lists/Dovecot/2015: Permission denied
$ doveadm acl get -u tlx at leuxner.net Public/Archive/Mailing-Lists/Dovecot
doveadm(tlx at leuxner.net): Error: Can't open mailbox Public/Archive/Mailing-Lists/Dovecot: Mailbox doesn't exist: Public/Archive/Mailing-Lists/Dovecot
ID Global Rights
I retested this issue after all the HG commits. Doveadm still treats the namespace/ACL differently compared to a MUA. While doveadm refuses to create the mailbox, the MUA succeeds. However I'd like to do all this scripted using doveadm ideally...
$ openssl s_client -connect host.domain.tld:143 -starttls imap
. OK Pre-login capabilities listed, post-login capabilities have more.
1 login tlx at leuxner.net <redacted>
* CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE NOTIFY SPECIAL-USE QUOTA ACL RIGHTS=texk
1 OK Logged in
2 list "Public/Archive" *
[...]
* LIST (\Noselect \HasChildren) "/" Public/Archive/Mailing-Lists/Dovecot
* LIST (\HasNoChildren \UnMarked) "/" Public/Archive/Mailing-Lists/Dovecot/2014
* LIST (\HasNoChildren \UnMarked) "/" Public/Archive/Mailing-Lists/Dovecot/2013
* LIST (\HasNoChildren \UnMarked) "/" Public/Archive/Mailing-Lists/Dovecot/2012
[...]
2 OK List completed (0.016 secs).
3 create "Public/Archive/Mailing-Lists/Dovecot/2015"
3 OK Create completed (0.006 secs).
4 list "Public/Archive" *
[...]
* LIST (\HasNoChildren) "/" Public/Archive/Mailing-Lists/Dovecot/2015
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20150908/5c2b9588/attachment.sig>
More information about the dovecot
mailing list