Discussion:
[Dovecot] "doveadm mailbox create" oddities
Andre
2010-10-07 07:14:15 UTC
Permalink
Hi to all!

I?m trying to understand the usage of "doveadm mailbox create?.
If I do, as root:

# doveadm mailbox create -u __public__ sys/test
doveadm(__public__): Error: Can't create mailbox sys/test: Permission denied

but if I do:

# doveadm mailbox create -u __public__ test

every thing is OK.

?sys" is a shared maildir folder, that is visible in the client as "#Public/sys?.
__public__ is the user that owns Public folders, here is the complete details:

userdb: __public__
uid : 10002
gid : 8
home : /var/mail/domainname/__public__
mail : maildir:~/maildir:INBOX=~/maildir/INBOX:LAYOUT=fs:INDEX=~/indexes/


Do I have to add root with proper permissions to ACL?

TIA
Andre
Timo Sirainen
2010-10-14 17:40:39 UTC
Permalink
Post by Andre
# doveadm mailbox create -u __public__ sys/test
doveadm(__public__): Error: Can't create mailbox sys/test: Permission denied
Assuming you have a sys/ namespace prefix for a public namespace, then I
guess this fails because the default ACL prevents all accesses.
Post by Andre
# doveadm mailbox create -u __public__ test
every thing is OK.
And this works because "" is a private namespace and its default ACL
gives admin access.
Post by Andre
?sys" is a shared maildir folder, that is visible in the client as "#Public/sys?.
Shouldn't you have used "#Public/sys/test" as the mailbox name then?
Post by Andre
userdb: __public__
uid : 10002
gid : 8
home : /var/mail/domainname/__public__
mail : maildir:~/maildir:INBOX=~/maildir/INBOX:LAYOUT=fs:INDEX=~/indexes/
This doesn't really tell me what mailboxes other people then see. The
same __public__/maildir/ is the other users' #Public/sys/ namespace?
Then shouldn't it work if you just create "test" and it shows up to
others as #Public/sys/test?

Anyway .. dovecot -n output would have been helpful. I've done too much
guessing above.
Post by Andre
Do I have to add root with proper permissions to ACL?
No.
Andrea Mistrali
2010-10-15 07:31:19 UTC
Permalink
Post by Timo Sirainen
Post by Andre
# doveadm mailbox create -u __public__ sys/test
doveadm(__public__): Error: Can't create mailbox sys/test: Permission denied
Assuming you have a sys/ namespace prefix for a public namespace, then I
guess this fails because the default ACL prevents all accesses.
Post by Andre
# doveadm mailbox create -u __public__ test
every thing is OK.
And this works because "" is a private namespace and its default ACL
gives admin access.
Post by Andre
?sys" is a shared maildir folder, that is visible in the client as "#Public/sys?.
Shouldn't you have used "#Public/sys/test" as the mailbox name then?
Post by Andre
userdb: __public__
uid : 10002
gid : 8
home : /var/mail/domainname/__public__
mail : maildir:~/maildir:INBOX=~/maildir/INBOX:LAYOUT=fs:INDEX=~/indexes/
This doesn't really tell me what mailboxes other people then see. The
same __public__/maildir/ is the other users' #Public/sys/ namespace?
Then shouldn't it work if you just create "test" and it shows up to
others as #Public/sys/test?
Anyway .. dovecot -n output would have been helpful. I've done too much
guessing above.
Post by Andre
Do I have to add root with proper permissions to ACL?
No.
You?re right, I should give you definitions for namespaces.

Here it is:

namespace {
inbox = no
list = children
location = maildir:/var/mail/%d/__public__/maildir/:LAYOUT=fs:INDEX=~/indexes/public/
prefix = "#Public/"
separator = /
subscriptions = no
type = public
}

so, #Public (/var/mail/domainname/__public__) is the ?root? of my namespace, ?sys? is a folder inside #Public.

Anyway, I?ve solved putting correct permissions in ACLs. One thing: I did not find anywhere informations about the necessity to put an ACL even on ?root? of namespace. I?ve added a proper dovecot-acl file in /var/mail/domainname/__public__ and wverything started to work.

Anyway, thanks again for your effort in deciphering my previous post :) and thanks for the great program dovecot is!

Andre

Loading...