limit sharing ability to certain users
Simeon Ott
simeon.ott at onnet.ch
Tue Aug 7 14:00:19 EEST 2018
still the same…
root at buserver:/etc/dovecot# doveadm user test2 at onnet.ch
field valueuserdb lookup: user test2 at onnet.ch doesn't exist
relevant config output from doveconf -n
userdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
result_success = continue-ok
}
userdb {
args = username_format=%Lu /etc/dovecot/share.passwd
driver = passwd-file
result_failure = continue-ok
skip = notfound
}
but, did you read my last note anyway?
IMPORTANT NOTE: anyway.. even with this options set (acl and acl_globals_only) the user test at onnet.ch <mailto:test at onnet.ch> is still able to share its own folders?!
root at buserver:/etc/dovecot# doveadm user test at onnet.ch
field value
uid 5000
gid 5000
home /var/spool/postfix/virtual/onnet.ch/test/
mail maildir:~/Maildir
quota_rule *:bytes=1073741824
acl vfile:/etc/dovecot/dovecot-acl
acl_globals_only yes
root at buserver:/etc/dovecot# telnet localhost 143
Trying ::1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN AUTH=LOGIN] Dovecot ready.
. login test at onnet.ch *********
. OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS SPECIAL-USE BINARY MOVE QUOTA ACL RIGHTS=texk] Logged in
. SETACL Inbox test2 at onnet.ch lrwstipekxa
. OK Setacl complete.
. GETACL Inbox
* ACL Inbox test2 at onnet.ch akxeilprwtscd test at onnet.ch lrwstipekxacd
. OK Getacl completed.
Cheers
> On 7 Aug 2018, at 12:05, Aki Tuomi <aki.tuomi at dovecot.fi> wrote:
>
> Hmm. if you put it *after* the ldap userdb, it should not have prevented users from logging in.
>
> What happens if you do
> userdb {
> driver = passwd-file
> args = ....
> skip = notfound
> result_failure = continue-ok
> }
>
> Aki
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180807/454617d2/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3696 bytes
Desc: not available
URL: <https://dovecot.org/pipermail/dovecot/attachments/20180807/454617d2/attachment.p7s>
More information about the dovecot
mailing list