doveadm acl set negative rights not supported?

[Peter Benko]

Hi all,

Although noone answered, I figured out how to set negative rights via doveadm. You should not prefix the username with '-' (as you should do in a normal IMAP setacl command). Instead you should specify the *rights* starting with a '-'. There are two problems with this:

1. The '-username' version runs smoothly and does not throw any errors. However, it does *not* set negative rights. It adds a useless entry for a user named '-username'

2. If you try to specify the rights with a '-', such as '-writeseen', doveadm throws an error like this:
set: invalid option -- 'w'

So the solution is to add '--' to the command line signaling the end of the options:

sudo -u vmail doveadm acl set -u user at domain -- "Spam" user=user at domain -write-seen

Regards,

Peter


Peter Benko <pbopbo at freemail.hu> írta:
>Hi all,
>
>I'm trying to set an ACL with negative rights. I have no problems setting it with standard IMAP commands, but I'm unable to do it with the doveadm acl command.
>
>I tried:
>
>sudo -u vmail doveadm acl set -u "user at domain" Spam user="-user at domain" lookup
>(notice the "-" before the username)
>
>Unfortunately, this adds a (positive) ACL for the user named "-user at domain" instead of adding a negative one for the user "user at domain".
>
>Am I messing up something or is negative ACL support missing from doveadm? I have not seen anything in the docs about this...
>
>Regards,
>
>Peter
>