ACL hide folders

Peter Chiochetti pch at myzel.net
Mon Dec 2 16:31:26 EET 2019 

Am 02.12.19 um 13:35 schrieb Peter Chiochetti via dovecot:
> After updating from 2.2.22 to 2.2.33 rsp 2.3.8 my ACLs went bust.
> 
> Below line in the global acl file hides all folders except INBOX for all 
> users
> 
>> * group=ALL
> 
> Next reenable certain folders, eg:
> 
>> Sent group=ALL lrwsi
> 
> This made anyone see "Sent" in 2.2.22, but no longer so in 2.2.33
> 
> 
> Any ideas how to have it like before?
> 
> 

PS: my setup is a little contrived, but perhaps, this can be seen more 
widely? Attached acl-debug output; I suppose, it clearly states, the 
mailbox is visible in LIST - connecting with telnet I can select the 
mailbox and fetch messages, though it does not appear in LIST

-- 
peter
-------------- next part --------------
# doveadm -D acl debug -u NN Sent
doveadm(NN): Debug: auth-master: userdb lookup(NN): Started userdb lookup
doveadm(NN): Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb: Connecting
doveadm(NN): Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb: Client connected (fd=10)
doveadm(NN): Debug: auth-master: userdb lookup(NN): auth USER input: crew acl_groups=ALL,GRP uid=1001 gid=1001 home=/home/crew blocking=no
doveadm(NN): Debug: auth-master: userdb lookup(NN): Finished userdb lookup (username=crew acl_groups=ALL,GRP uid=1001 gid=1001 home=/home/crew blocking=no)
doveadm(NN): Debug: changed username to crew
doveadm(NN): Debug: Added userdb setting: plugin/acl_groups=ALL,GRP
doveadm(NN): Debug: Added userdb setting: plugin/blocking=no
doveadm(NN): Debug: Effective uid=1001, gid=1001, home=/home/crew
doveadm(NN): Debug: acl: No acl_shared_dict setting - shared mailbox listing is disabled
doveadm(NN): Debug: Namespace inbox: type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/Maildir
doveadm(NN): Debug: maildir++: root=/home/crew/Maildir, index=, indexpvt=, control=, inbox=/home/crew/Maildir, alt=
doveadm(NN): Debug: acl: initializing backend with data: vfile:/etc/dovecot/dovecot-acl
doveadm(NN): Debug: acl: acl username = crew
doveadm(NN): Debug: acl: owner = 1
doveadm(NN): Debug: acl: group added: ALL
doveadm(NN): Debug: acl: group added: GRP
doveadm(NN): Debug: acl vfile: Global ACL file: /etc/dovecot/dovecot-acl
doveadm(NN): Info: Mailbox 'Sent' is in namespace ''
doveadm(NN): Info: Mailbox path: /home/crew/Maildir/.Sent
doveadm(NN): Info: All message flags are shared across users in mailbox
doveadm(NN): Debug: Mailbox 'Sent' matches global ACL pattern '*'
doveadm(NN): Debug: Mailbox 'Sent' matches global ACL pattern '*'
doveadm(NN): Debug: Mailbox 'Sent' matches global ACL pattern '*'
doveadm(NN): Debug: Mailbox 'Sent' matches global ACL pattern '*'
doveadm(NN): Debug: Mailbox 'Sent' matches global ACL pattern 'Sent'
doveadm(NN): Info: User crew has rights: lookup read write write-seen insert
doveadm(NN): Info: Mailbox in user's private namespace
doveadm(NN): Info: Mailbox Sent is visible in LIST
doveadm(NN): Debug: auth-master: conn unix:/var/run/dovecot/auth-userdb: Disconnected: Connection closed (fd=10)

More information about the dovecot mailing list