Hello List,
I have created a shared folder in dovecot and am trying to use ACL's to
limit access to it and give users who do have access the ability to
create sub-directories and copy email to them. When I try to create a
sub-directory in the share using Outlook I get the following error:
"Cannot create the folder. The server responded: 'NOPERM] Permission
denied'." And, I get the following info in the dovecot server log:
2011-03-01 15:38:30.250214500 IMAP(test at whitehorsetc.com): Info: Loading
modules from directory: /usr/local/lib/dovecot/imap
2011-03-01 15:38:30.250399500 IMAP(test at whitehorsetc.com): Info: Module
loaded: /usr/local/lib/dovecot/imap/lib01_acl_plugin.so
2011-03-01 15:38:30.250402500 IMAP(test at whitehorsetc.com): Info: Module
loaded: /usr/local/lib/dovecot/imap/lib02_imap_acl_plugin.so
2011-03-01 15:38:30.250404500 IMAP(test at whitehorsetc.com): Info:
Effective uid=89, gid=89, home=/home/vpopmail/domains/whitehorsetc.com/test
2011-03-01 15:38:30.250407500 IMAP(test at whitehorsetc.com): Info: acl: No
acl_shared_dict setting - shared mailbox listing is disabled
2011-03-01 15:38:30.250422500 IMAP(test at whitehorsetc.com): Info:
Namespace: type=private, prefix=INBOX., sep=., inbox=yes, hidden=no,
list=yes, subscriptions=yes
2011-03-01 15:38:30.250425500 IMAP(test at whitehorsetc.com): Info:
maildir: data=~/Maildir
2011-03-01 15:38:30.250427500 IMAP(test at whitehorsetc.com): Info:
maildir++: root=/home/vpopmail/domains/whitehorsetc.com/test/Maildir,
index=, control=, inbox=/home/vpopmail/domains/whitehorsetc.com/test/Maildir
2011-03-01 15:38:30.250441500 IMAP(test at whitehorsetc.com): Info: acl:
initializing backend with data: vfile
2011-03-01 15:38:30.250443500 IMAP(test at whitehorsetc.com): Info: acl:
acl username = test at whitehorsetc.com
2011-03-01 15:38:30.250445500 IMAP(test at whitehorsetc.com): Info: acl:
owner = 1
2011-03-01 15:38:30.250447500 IMAP(test at whitehorsetc.com): Info: acl
vfile: Global ACL directory: (null)
2011-03-01 15:38:30.250515500 IMAP(test at whitehorsetc.com): Info:
Namespace: type=shared, prefix=projects., sep=., inbox=no, hidden=no,
list=yes, subscriptions=yes
2011-03-01 15:38:30.250518500 IMAP(test at whitehorsetc.com): Info:
maildir: data=/home/vpopmail/domains/whitehorsetc.com/projects
2011-03-01 15:38:30.250520500 IMAP(test at whitehorsetc.com): Info:
maildir++: root=/home/vpopmail/domains/whitehorsetc.com/projects,
index=, control=, inbox2011-03-01 15:38:30.250534500 IMAP(test at
whitehorsetc.com): Info: acl:
initializing backend with data: vfile
2011-03-01 15:38:30.250536500 IMAP(test at whitehorsetc.com): Info: acl:
acl username = test at whitehorsetc.com
2011-03-01 15:38:30.250538500 IMAP(test at whitehorsetc.com): Info: acl:
owner = 0
2011-03-01 15:38:30.250540500 IMAP(test at whitehorsetc.com): Info: acl
vfile: Global ACL directory: (null)
2011-03-01 15:38:30.250754500 imap-login: Info: Login:
user=<test at whitehorsetc.com>, method=PLAIN, rip=192.168.9.5,
lip=192.168.9.6
2011-03-01 15:38:30.254448500 IMAP(test at whitehorsetc.com): Info: acl
vfile: file
/home/vpopmail/domains/whitehorsetc.com/projects/.xxxxxx/dovecot-acl not
found
2011-03-01 15:39:10.998483500 IMAP(test at whitehorsetc.com): Info:
Disconnected: Logged out bytes=76/431
The second to the last line in the log indicates that there is no
'dovecot-acl' file in the directory I'm trying to create using
Outlook.
I'm not sure if this is the error and I'm not sure what I need to adjust
in order to create a directory using the email account.
My dovecot.conf file is as follows:
base_dir = /var/run/dovecot/
protocols = imap imaps
disable_plaintext_auth = no
log_path = /dev/stderr
info_log_path = /dev/stderr
log_timestamp = ""
ssl_cert_file = /var/qmail/control/servercert.pem
ssl_key_file = /var/qmail/control/servercert.pem
ssl_cipher_list = ALL:!LOW
verbose_ssl = yes
login_dir = /usr/local/var/run/dovecot/login
login_user = dovecot
login_process_per_connection = yes
login_processes_count = 3
login_max_processes_count = 128
login_greeting = Dovecot ready.
login_log_format_elements = user=<%umethod=%m rip=%r lip=%l %c
mail_location = maildir:~/Maildir
namespace private {
separator = .
prefix = INBOX.
inbox = yes
}
namespace shared {
separator = .
prefix = projects.
location = maildir:/home/vpopmail/domains/mydomain.com/shared/projects
}
mail_debug = yes
verbose_proctitle = yes
first_valid_uid = 89
last_valid_uid = 89
protocol imap {
mail_plugins = acl imap_acl
}
protocol pop3 {
}
protocol lda {
postmaster_address = postmaster at whitehorsetc.com
}
auth default {
mechanisms = plain login digest-md5 cram-md5
passdb vpopmail {
args }
userdb passwd {
}
userdb vpopmail {
}
user = vpopmail
count = 1
ssl_require_client_cert = no
}
dict {
}
plugin {
vfile = acl
}
In the share directory
(/home/vpopmail/domains/whitehorsetc.com.com/shared/projects) I created two
files: 'subscriptions' and 'dovecot-acl.' Listing this directory
yields the following:
drwx------ 2 vpopmail vchkpw 4096 Feb 17 08:57 cur
-rwxrwxrwx 1 vpopmail vchkpw 39 Mar 1 15:01 dovecot-acl
-rw------- 1 vpopmail vchkpw 0 Mar 1 15:51 dovecot-acl-list
drwx------ 2 vpopmail vchkpw 4096 Jan 28 14:48 new
-rw------- 1 vpopmail vchkpw 1 Mar 1 14:46 subscriptions
drwx------ 2 vpopmail vchkpw 4096 Feb 17 08:57 tmp
The file 'dovecot-acl-list' is created automatically when I open
Outlook.
In the file 'dovecot-acl' I have the following entry:
user=test at whitehorsetc.com lrwstipekxa
I also noticed that the 'projects' folder would not become visible in
Outlook until I manually created the 'subscriptions' file, opened it,
entered a <CR><LF>, and closed the file.
Without ACL support enabled all works as expected.
Any help would be appreciated.
Eric