acl_group not working not working correctly

Leander Schäfer info at netocean.de
Sat Oct 1 00:39:58 UTC 2016


Any idea?

Am 17.09.16 um 00:44 schrieb Leander Schäfer:
> Hi,
>
> I'm trying to setup group based ACLs coming from OpenLDAP. My setup 
> doesn't require a POSIX Group match. In the Dovecot configuration file 
> I have this: "user_attrs = [...], mailAclGroups=acl_groups" as well as 
> "acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300". The 
> user has "public" in the LDAP attribute "mailAclGroups". It seems to 
> get everything right. I checked with doveadm - and I see public ist 
> listed as expected:
>
> cat /var/log/debug.log
> [...]
> Sep 16 23:39:04 WM-01 dovecot: auth: Debug: client passdb out: 
> OK       1       user=leander at mydomain.localdomain acl_groups=public
> [...]
>
> cat /usr/local/etc/dovecot/global-acls
> INBOX owner lrwstipekxa
> Drafts owner lrwstipeka
> Sent owner lrwstipeka
> Spam owner lrwstipeka
> Trash owner lrwstipeka
> Public authenticated l
> Public group-override=public lrwstipekx
> Public/* group-override=public lrwstipekx
>
>
> doveadm mailbox list -u leander at mydomain.localdomain
> Drafts
> Sent
> Trash
> Spam
> Shared
> Public
> Public/Service Center
> Shared/test at mydomain.localdomain
> Shared/test at mydomain.localdomain/Drafts
> Shared/test at mydomain.localdomain/Sent
> Shared/test at mydomain.localdomain/Trash
> Shared/test at mydomain.localdomain/Spam
> INBOX
>
>
> But here comes the strange thing: telnet equal to Thunderbird:
> . LIST "" "*"
> * LIST (\HasNoChildren \Drafts) "/" Drafts
> * LIST (\HasNoChildren \Sent) "/" Sent
> * LIST (\HasNoChildren \Trash) "/" Trash
> * LIST (\HasNoChildren \Junk) "/" Spam
> * LIST (\Noselect \HasChildren) "/" Shared
> * LIST (\HasChildren) "/" Shared/test at mydomain.localdomain
> * LIST (\HasNoChildren) "/" Shared/test at mydomain.localdomain/Drafts
> * LIST (\HasNoChildren) "/" Shared/test at mydomain.localdomain/Sent
> * LIST (\HasNoChildren) "/" Shared/test at mydomain.localdomain/Trash
> * LIST (\HasNoChildren) "/" Shared/test at mydomain.localdomain/Spam
> * LIST (\HasNoChildren) "/" INBOX
> . OK List completed (0.000 + 0.000 + 0.092 secs).
>
>
> Public and Public/* shoul be listed as well, but it isn't. Any idea 
> why it is behaving like this?
> Thanks
>
> Best regards
> Leander Schäfer



More information about the dovecot mailing list