Nigel Allen
2008-May-12 06:51 UTC
[Dovecot] IMAP, Shared folders, symlinks and permissions
Greetings Using FC7, dovecot-1.0.3-6.fc6 and maildir I have a recurring problem with permissions. We have a (real) account on the system called "custs". Within the email account for custs there exists some 300 folders, one for each customer. This worked okay originally with mbox. Everyone had access to their own email folders and they all had access to the "custs" account. They only problem is that to find one folder (customers)'s emails, you had to scroll through 300+ folders. For the people who need access to all of the custs' folders, there was no problem (apart from a real estate one of scrolling which sometimes caused people to drag and drop into the wrong folders). The problem is that around 16 staff need only access to a subset of customers (i.e. the ones they manage - around 20 each) while the rest of the staff need access to the lot. What we did was to convert everything to Maildir so that we could use symlinks. So far so good. We created symlinks from /home/custs/Maildir/customer1 to /home/manager1/Maildir/customer1 and from /home/custs/Maildir/customer2 to /home/manager2/Maildir/customer2. Again, so far, so good. Manager 1 gets access to Customer 1 and Manager 2 gets access to Customer 2. The problem comes when someone who ONLY has access to the "custs" account drops an email into Customer 1. The file dovecot-uidlist gets created and suddenly Manager 1 cannot see the folder. We changed (in desperation) the group owner of custs/Maildir to "common" (which everyone is a member of) and did a chmod g+s from the custs/Maildir down. e even set the permissions of the custs/Maildir/* to 777 to watch what was happening. It appears that the permissions on the file dovecot-uidlist is set to 600 every time someone drops an email into the folder. Then when someone else tries to access the folder they get a "permission denied" error on dovecot-uidlist. Can anyone explain to me how to: Change the way dovecot creates the dovecot-uid files so that the permissions are set to 660 or 666 or Set this up better so that we can share all these folders. Any suggestions, questions, comments will be (very) gratefully accepted. Rgds Nigel. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Nigel Allen wrote:> Can anyone explain to me how to: > > Change the way dovecot creates the dovecot-uid files so that the > permissions are set to 660 or 666 > or > Set this up better so that we can share all these folders. >According to the wiki, http://wiki.dovecot.org/SharedMailboxes , I think you need to create a dovecot-shared file with the permissions that you want. I never tried this, though. Anders.