Discussion:
Permissions for shared mail don't work
Damien Desfontaines
2014-10-12 08:50:24 UTC
Permalink
Good morning,

I'm using dovecot v.2.1.7 on Debian Sid, and the output of dovecot -n
is available here: http://paste.fulltxt.net/C-O

I'm trying to make the mailbox of (system) user "spam" available to
user "ted". I followed these instructions:
http://wiki2.dovecot.org/SharedMailboxes/Permissions
and it doesn't seem to work. To be more precise:
- I manually (and recursively) changed the permissions of all
files in ~spam/Mail to 660 (and 770 for the directories);
- I manually (and recursively) changed the group owner of everything
in ~spam/Mail to "mailperso", where "mailperso" is a group whose
users are spam and ted;
- I added ??mail_access_groups=mailperso?? into my dovecot config;
- and I restarted dovecot.

But still, when I send a new email to spam, it appears as being owned
by group "spam" and having permissions set to 600, so I can't access
it with user "ted". I also tried to set the setgid bit for ~spam/Mail,
it didn't change anything, and when I recursively set the setgid for
all subdirectories of ~spam/Mail, it gives new mails the correct group
(mailperso) but not the correct permissions.

Have I missed something, or is this a bug?

Thanks in advance and best regards,

Damien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141012/50aab9cf/attachment.sig>
Damien Desfontaines
2014-10-16 22:33:05 UTC
Permalink
Hello,

(Sorry if you already received this mail. I sent it without having
subscribed to the list, but I never got any confirmation; so I assumed
it has been filtered by the anti-spam or something.)

I'm using dovecot v.2.1.7 on Debian Sid, and the output of dovecot -n
is available here: http://paste.fulltxt.net/C-O

I'm trying to make the mailbox of (system) user "spam" available to
user "ted". I followed these instructions:
http://wiki2.dovecot.org/SharedMailboxes/Permissions
and it doesn't seem to work. To be more precise:
- I manually (and recursively) changed the permissions of all
files in ~spam/Mail to 660 (and 770 for the directories);
- I manually (and recursively) changed the group owner of everything
in ~spam/Mail to "mailperso", where "mailperso" is a group whose
users are spam and ted;
- I added ? mail_access_groups=mailperso ? into my dovecot config;
- and I restarted dovecot.

But still, when I send a new email to spam, it appears as being owned
by group "spam" and having permissions set to 600, so I can't access
it with user "ted". I also tried to set the setgid bit for ~spam/Mail,
it didn't change anything, and when I recursively set the setgid for
all subdirectories of ~spam/Mail, it gives new mails the correct group
(mailperso) but not the correct permissions.

Have I missed something, or is this a bug?

Thanks in advance and best regards,

Damien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141017/3c678ac9/attachment.sig>
Steffen Kaiser
2014-10-17 06:26:10 UTC
Permalink
Post by Damien Desfontaines
I'm trying to make the mailbox of (system) user "spam" available to
http://wiki2.dovecot.org/SharedMailboxes/Permissions
- I manually (and recursively) changed the permissions of all
files in ~spam/Mail to 660 (and 770 for the directories);
- I manually (and recursively) changed the group owner of everything
in ~spam/Mail to "mailperso", where "mailperso" is a group whose
users are spam and ted;
- I added ? mail_access_groups=mailperso ? into my dovecot config;
- and I restarted dovecot.
But still, when I send a new email to spam, it appears as being owned
by group "spam" and having permissions set to 600, so I can't access
it with user "ted". I also tried to set the setgid bit for ~spam/Mail,
it didn't change anything, and when I recursively set the setgid for
all subdirectories of ~spam/Mail, it gives new mails the correct group
(mailperso) but not the correct permissions.
Please post (here in the list)

ls -al ~spam/Mail ~spam/Mail/{new,cur}

- --
Steffen Kaiser
Damien Desfontaines
2014-10-17 21:40:57 UTC
Permalink
Hello,

Here it is: http://paste.fulltxt.net/Xzoq9v

You can actually see when I manually changed all permissions, around
October 12, and the fact that the messages received afterwards don't
have the correct permissions.

Best,

Damien
Post by Steffen Kaiser
Post by Damien Desfontaines
I'm trying to make the mailbox of (system) user "spam" available to
http://wiki2.dovecot.org/SharedMailboxes/Permissions
- I manually (and recursively) changed the permissions of all
files in ~spam/Mail to 660 (and 770 for the directories);
- I manually (and recursively) changed the group owner of everything
in ~spam/Mail to "mailperso", where "mailperso" is a group whose
users are spam and ted;
- I added ? mail_access_groups=mailperso ? into my dovecot config;
- and I restarted dovecot.
But still, when I send a new email to spam, it appears as being owned
by group "spam" and having permissions set to 600, so I can't access
it with user "ted". I also tried to set the setgid bit for ~spam/Mail,
it didn't change anything, and when I recursively set the setgid for
all subdirectories of ~spam/Mail, it gives new mails the correct group
(mailperso) but not the correct permissions.
Please post (here in the list)
ls -al ~spam/Mail ~spam/Mail/{new,cur}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141017/db0feffc/attachment-0001.sig>
Steffen
2014-10-18 13:05:58 UTC
Permalink
Post by Damien Desfontaines
Here it is: http://paste.fulltxt.net/Xzoq9v
You can actually see when I manually changed all permissions,
around October 12, and the fact that the messages received
afterwards don't have the correct permissions.
how do you deliver new messages to spam's INBOX?
Post by Damien Desfontaines
Post by Steffen Kaiser
Post by Damien Desfontaines
I'm trying to make the mailbox of (system) user "spam"
http://wiki2.dovecot.org/SharedMailboxes/Permissions and it
doesn't seem to work. To be more precise: - I manually (and
recursively) changed the permissions of all files in ~spam/Mail
to 660 (and 770 for the directories); - I manually (and
recursively) changed the group owner of everything in
~spam/Mail to "mailperso", where "mailperso" is a group whose
users are spam and ted; - I added ?
mail_access_groups=mailperso ? into my dovecot config; - and I
restarted dovecot.
But still, when I send a new email to spam, it appears as being
owned by group "spam" and having permissions set to 600, so I
can't access it with user "ted". I also tried to set the setgid
bit for ~spam/Mail, it didn't change anything, and when I
recursively set the setgid for all subdirectories of
~spam/Mail, it gives new mails the correct group (mailperso)
but not the correct permissions.
Please post (here in the list)
ls -al ~spam/Mail ~spam/Mail/{new,cur}
- --
Steffen
Damien Desfontaines
2014-10-18 13:07:58 UTC
Permalink
Post by Steffen
Post by Damien Desfontaines
Here it is: http://paste.fulltxt.net/Xzoq9v
You can actually see when I manually changed all permissions,
around October 12, and the fact that the messages received
afterwards don't have the correct permissions.
how do you deliver new messages to spam's INBOX?
By sending an e-mail to spam.whatever at desfontain.es??

(I'm not sure I understand the question?)

Damien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 213 bytes
Desc: Digital signature
URL: <http://dovecot.org/pipermail/dovecot/attachments/20141018/f9b2c008/attachment.sig>
Loading...