shared folder name or public folder with mail address

Tobias Kirchhofer collect at shift.agency
Fri Feb 14 15:23:41 EET 2020 

On 14 Feb 2020, at 14:05, Armin Schindler wrote:

> On 2/14/20 11:44 AM, Tobias Kirchhofer wrote:
>> On 14 Feb 2020, at 11:06, Armin Schindler wrote:
>>
>>     Hello!

[…]

>> For our new setup (planned with CentOS 8, waiting for the official 
>> repo for the latest dovecot
>> version…) we have a prototype on Debian base with the latest 
>> version of Dovecot. In opposite to our
>> current solution we will implement global acls with user and groups 
>> from LDAP. This is very nice.
>
> Wow, thanks. This seem to be exactly what I need to go on.
> Our base system is a Univention UCS, so LDAP users and groups is what 
> we already have working :-)
>
> With your elements I think we really could have the cyrus shared 
> folders with dovecot by
> using a namespace of
>  type=public
> but with
>  prefix=shared/
> (we might use type=shared with prefix=usershared/ later).

There is not something like one way do to this. You could also make your 
life easier and choose to create a „Share user“ which is only there 
to share folders. This will then be Dovecot „Shared folders“ shared 
by this pseudo user to other users. You then could use Roundcube or such 
to maintain acl with this pseudo user. But we did not follow this path 
then for reasons i cannot remember anymore :)

For each Public folder we have a defined namespace. „Newsletter“, 
„Client1“, „Client2“ etc. We have many, around 30 or so. ACL 
goes on this namespace (namespace/*). I guess ACL are first match. Each 
namespace has its own prefix. (eq. prefix = Newsletter/, prefix = 
Client1 etc.) User can subscribe namespace by namespace acl assumed.

But as i sad - by writing this i get nervous, cause i now that you must 
immerse deeply with this topic. Otherwise you will not get happy :)

Tobias

> Or is the idea of just *one* public folder with name "shared" and with
> subdirs for different "projects/departments/topics" not working as 
> expected?
>
> ACL is something I didn't look at yet. Is it possible to set different 
> permissions
> for the folders in the public prefix like /shared/dir1 , /shared/dir2 
> , etc.
> or even for sub-subfolders?
> Global ACLs aren't neccessary when using folder acls, right?
>
> Armin
[…]


-- 
collect at shift.agency

More information about the dovecot mailing list