Hi,
i ve got a problem with
recursive acl, using not a vfile global backend.
( no default acl)
In my understanding
every folder(directory)
needs a seperate dovecot-acl
files with permissions.
This works fine, but my tests showed
using a shared namespace
like i.e.
namespace shared {
separator = /
prefix = "users/%d/"
location = dbox:/usr/local/virtual/%d/
inbox = no
list = yes
subscriptions = yes
hidden = no
}
and have dovecot-acl in
usr/local/virtual/%d/ with
authenticated l
which means lookup, leads
that all folders and subfolders
of /usr/local/virtual/%d/%u/
are imap browseable, which means
its recursive somekind.
( people will not like seeing folder names of their mailboxes until they
dont gave permissions explicit to others)
In my meaning this shouldnt be so
only names of ( names of directories) at /usr/local/virtual/%d/%u/
should be shown , subfolders in them should only be
imap browseable if there is another dovecot-acl in them which permits
lookup
i may fail here , anyone which has some enlightment for me outside?
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
On Mon, 2008-07-21 at 14:35 +0200, Robert Schetterer wrote:> namespace shared {..> In my meaning this shouldnt be so > only names of ( names of directories) at /usr/local/virtual/%d/%u/ > should be shown , subfolders in them should only be > imap browseable if there is another dovecot-acl in them which permits > lookupI think the problem here is what Dovecot uses as the default permissions. See if it helps if you change it to a "namespace private"? But this kind of a configuration is something that isn't really even supposed to be supported yet. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20080721/6b2e838e/attachment-0002.bin>
Hi Timo, Timo Sirainen schrieb:> On Mon, 2008-07-21 at 14:35 +0200, Robert Schetterer wrote: >> namespace shared { > .. >> In my meaning this shouldnt be so >> only names of ( names of directories) at /usr/local/virtual/%d/%u/ >> should be shown , subfolders in them should only be >> imap browseable if there is another dovecot-acl in them which permits >> lookup > > I think the problem here is what Dovecot uses as the default > permissions. See if it helps if you change it to a "namespace private"?there should not be a default permission until there is no global vfile with default ( or until its hardcoded somewhere) i cant think of a default vfile acl in virtual setups which might fixes this problem in total yet ( related to the present acl design ) i will try private namespace but it should work with shared namespace in the future> > But this kind of a configuration is something that isn't really even > supposed to be supported yet. >i understand this, no problem , this is a testing setup i am playing around and look whats possible thx for your work on dove, and quick reply -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria