Heh heh heh. Whoops.
I've spent a few hours digging around in the source and nearly posted a
kludge of a patch I'd written to give a kind of half-baked attempt at
getting group-usable subscriptions files. Then I came across something in the
source........
In the config file, do something like the following:
namespace public {
separator = /
prefix = Public/
location = maildir:/home/public/Maildir:CONTROL=%h/Maildir/Public
inbox = no
hidden = no
}
Notice the "CONTROL=" part of the location line. This tells dovecot
where to store "control" files (of which the "subscriptions"
file is one). As you can see I have told it to put the control files in each
user's home space. This means not only are there going to be no permission
problems, but each user can have separate subscriptions (because everyone is
using their own "subscriptions" file).
Of course I could also have set the CONTROL dir to be something like
"/home/public/Maildir/control/%u" so they would all be stored in one
place, but I prefer the idea of having it in the user's home folder.
After searching the wiki I don't see the CONTROL option explained anywhere.
Is there any chance someone could add that in somehow (a link from the
SharedFolders page would be extremely useful also).
Channing - you were very nearly right there.
Many thanks everyone,
Mark Lidstone
IT Administrator
BMT Nigel Gee & Associates Ltd
Floors 1-3, Building 14,
Shamrock Quay,
William Street,
Southampton
SO14 5QL
UK
Tel: 023 8022 6655
Fax: 023 8022 8855
Visit Our Website: <http://www.ngal.co.uk>
-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org]On
Behalf Of Mark Lidstone
Sent: 22 March 2006 08:50
To: Curtis Maloney
Cc: dovecot at dovecot.org
Subject: RE: [Dovecot] Shared namespaces
Hi Curtis,
Aye, I have read the wiki. I was pretty surprised this wasn't covered to be
honest.
Well, I've tried playing with the umask setting (thanks for the suggestion
Channing) and changing the index locations (thanks Curtis), but no joy.
I'm just about to start digging into the source to see if it's something
I can sort out myself.
Many thanks everyone,
Mark Lidstone
-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org]On
Behalf Of Curtis Maloney
Sent: 19 March 2006 22:51
To: Mark Lidstone
Cc: dovecot at dovecot.org
Subject: Re: [Dovecot] Shared namespaces
Mark Lidstone wrote:> Hi all,
>
> I logged with Thunderbird as user 1 and everything seems to work fine.
However, when I logged in as user 2 I was getting all kinds of errors. On
checking the permissions of /home/public/Maildir/subscriptions it was
user1:user1 with mode 600.
Just a thought, but have you tried setting the INDEX location in the
default_mail_env ? I'm not certain, but I believe the subscriptions file is
included in the INDEX set, and by setting its location elsewhere, you would
prevent it from being inside the Maildir. This would prevent ownership
hijacking, AND let everyone have their own subscriptions.
I'm not certain of this, so either someone else can fill in the details, or
you
could check the source (and please report your findings:)
> To be perfectly honest, I'd ideally like to give people separate
subscription settings anyway. I thought about symlinking the folders in, but
that makes it a manual process to add new folders to everyone's maildirs.
Of course, I'm assuming you've read the Wiki (it looks like you have...)
--
Curtis Maloney
cmaloney at cardgate.net
CONFIDENTIAL
The information contained in this e-mail and any attachment is
confidential. It is intended only for the named addressee(s). If you
are not the named addressee please notify the sender immediately and
do not disclose, copy or distribute the contents to any other person
other than the intended addressee(s).
VIRUSES
The contents of an attachment to this e-mail may contain software
viruses which could damage your own computer system. While BMT Nigel Gee
and Associates Ltd has taken every reasonable precaution to minimise
this risk, we cannot accept liability for any damage which you sustain
as a result of software viruses. You should carry out your own virus
checks before opening the attachment.
CONFIDENTIAL
The information contained in this e-mail and any attachment is
confidential. It is intended only for the named addressee(s). If you
are not the named addressee please notify the sender immediately and
do not disclose, copy or distribute the contents to any other person
other than the intended addressee(s).
VIRUSES
The contents of an attachment to this e-mail may contain software
viruses which could damage your own computer system. While BMT Nigel Gee
and Associates Ltd has taken every reasonable precaution to minimise
this risk, we cannot accept liability for any damage which you sustain
as a result of software viruses. You should carry out your own virus
checks before opening the attachment.
On Wed, 22 Mar 2006, Mark Lidstone wrote: How do you get the permissions of the mails the right way? Bye, -- Steffen Kaiser
Hi Steffen,
I'm using procmail as my LDA and postfix as my MTA. Also, in my case I need
all email to any email address at my domain starting with "pr" then
some numbers to go into these folders. The reason for this is I'm trying to
setup an open-source replacement for our mail-enabled Exchange Public Folders at
the moment (can you believe you can't search sub-folders in Exchange Public
Folders?!).
First I created a fake user with it's own group:
adduser public_folders
Next, I added all the relevant users to that group:
usermod -G public_folders john_smith
usermod -G public_folders jon_doe
Next, in /home/public_user/.procmailrc I put the following:
MAILDIR=/home/public_folders/Maildir
# If any mail gets through to this account without having a project number
address,
# put it in an "Unfiled" folder.
DEFAULT=$MAILDIR/.Unfiled/new
* # This line just gets me the project number (also makes sure the preceding
letters
* # are uppercase - otherwise we could end up with separate folders for pr123,
Pr123,
* # pR123 and PR123.
* PROJECT_NUM=`formail -xTo: | egrep -o [pP][rR][0-9]+ | tr '[a-z]'
'[A-Z]'`
# This is not absolutely necessary, but I prefer to keep logs so I can see
where
# emails have been stored if anything goes missing.
LOGFILE=$MAILDIR/procmail.log
# This UMASK setting is basically what you're looking for, Steffen. The
mail files
# on the disk are stored with mode 660.
UMASK=007
# Because these are public folders receiving a lot of mail, I've put in a
big message
# ID cache.
:0 Wh: msgid.log
|formail -D 2097152 $MAILDIR/msgid.cache
* # Notice that regexps in .procmailrc are case insensitive unless you specify
otherwise
* :0 H
* * ^To: .*PR[0-9]+ at mydomain\.tld
* {
* PROJECT_FOLDER=$MAILDIR/.Projects.${PROJECT_NUM}
*
* # Here I basically check if the folder exists. If not it's created with
mode
* # 770 - this is also important.
* :0 Wic:
* * ? test ! -d ${PROJECT_FOLDER}
* # Make all the subfolders, or they will be made by dovecot when the first
user
* # tries to look in there messing up the permissions on that folder.
* |mkdir -m 770 -p ${PROJECT_FOLDER}/new;\
* mkdir -m 770 ${PROJECT_FOLDER}/cur;\
* mkdir -m 770 ${PROJECT_FOLDER}/tmp
*
* # And here I finally store the email
* :0:
* ${PROJECT_FOLDER}
* }
Make sure the file has mode 0600 public_folders:public_folders or procmail will
ignore it.
Next, I had to set the following permission on the public_folders home folder:
chmod 770 /home/public_folders
Next, I put the following namespace into /usr/local/etc/dovecot.conf:
namespace public {
separator = /
prefix = Public/
location =
maildir:/home/public_folders/Maildir:INDEX=%h/Maildir/public_folders/indexes:CONTROL=%h/Maildir/public_folders/control
inbox = no
hidden = no
}
Next, I made sure the relevant folder structure existed with the right
permissions (I cheated and did this as root):
cd /home/public_folders
mkdir -p Maildir/new
cd Maildir
mkdir cur
mkdir tmp
mkdir -p .Unfiled/new
mkdir .Unfiled/cur
mkdir .Unfiled/tmp
for file in `find`; do
chown public_folders:public_folders $file
if [ -d $file ]; then
chmod 770 $file
else
chmod 660 $file
fi
done
*Next, I made a file called /etc/postfix/virtual.pcre with the following
content:
*
* /^[pP][rR][0-9]+ at mydomain\.tld/ public_folders at localhost
*
*And finally I put the following into /etc/postfix/main.cf:
*
* virtual_alias_maps = pcre:/etc/postfix/virtual.pcre, hash:/etc/postfix/virtual
Then I restarted postfix and away I went. Now when someone sends an email to
"pr123 at mydomain.tld" it gets put into the relevant project folder
under the "public _folders" maildir.
If you don't need the automated project filing, ignore the lines with a * at
the start.
I hope someone finds this helpful.
Many thanks,
Mark Lidstone
IT Administrator
BMT Nigel Gee & Associates Ltd
Floors 1-3, Building 14,
Shamrock Quay,
William Street,
Southampton
SO14 5QL
UK
Tel: 023 8022 6655
Fax: 023 8022 8855
Visit Our Website: <http://www.ngal.co.uk>
-----Original Message-----
From: dovecot-bounces at dovecot.org [mailto:dovecot-bounces at dovecot.org]On
Behalf Of Steffen Kaiser
Sent: 23 March 2006 08:29
To: dovecot at dovecot.org
Subject: RE: [Dovecot] Shared namespaces - solved
On Wed, 22 Mar 2006, Mark Lidstone wrote:
How do you get the permissions of the mails the right way?
Bye,
--
Steffen Kaiser
CONFIDENTIAL
The information contained in this e-mail and any attachment is
confidential. It is intended only for the named addressee(s). If you
are not the named addressee please notify the sender immediately and
do not disclose, copy or distribute the contents to any other person
other than the intended addressee(s).
VIRUSES
The contents of an attachment to this e-mail may contain software
viruses which could damage your own computer system. While BMT Nigel Gee
and Associates Ltd has taken every reasonable precaution to minimise
this risk, we cannot accept liability for any damage which you sustain
as a result of software viruses. You should carry out your own virus
checks before opening the attachment.