Hello (Timo), yes, I know... maybe it's a bit far fetched, but I do have a use case. Would it be (reasonably easily) possible to implement IMAP ACL support for "imported" imapc namespaces/mailboxes? There is no local directory (like with the virtual plugin) yet... Greetings, Lutz -- Lutz Pre?ler <Lutz.Pressler at SerNet.DE> http://www.SerNet.DE/ SerNet Service Network GmbH, Bahnhofsallee 1b, D-37081 G?ttingen Tel.: +49-551-370000-2, FAX: +49-551-370000-9 AG G?ttingen, HRB 2816, GF: Dr. Johannes Loxen
On 13.9.2011, at 19.12, Lutz Pre?ler wrote:> yes, I know... maybe it's a bit far fetched, but I do have a use case. > Would it be (reasonably easily) possible to implement IMAP ACL > support for "imported" imapc namespaces/mailboxes? > There is no local directory (like with the virtual plugin) yet...You mean you'd want local ACLs that apply to imapc mailboxes? I think that should work. For example if you set: mail_location = imapc:~/imapc Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl "Proxying" remote IMAP ACLs isn't possible and I'm not sure how that could be nicely implemented.
Lutz Preßler
2011-Sep-13 16:58 UTC
[Dovecot] multiple "imapc namespaces" Re: imapc and imap_acl
On Tue, 13 Sep 2011, Lutz Pre?ler wrote:> On Di, 13 Sep 2011, Timo Sirainen wrote: > > mail_location = imapc:~/imapc > Oh, had not realized that a path argument is possible for imapc:. There are > even index file then...What about taking imapc parameters/credentials optionally from a file in this directory (like dovecot-virtual)? Lutz
Lutz Preßler
2011-Sep-15 10:46 UTC
[Dovecot] sharing of non-INBOX namespaces? Re: imapc and imap_acl
Hi, On Tue, 13 Sep 2011, Lutz Pre?ler wrote:> On Di, 13 Sep 2011, Timo Sirainen wrote: > > You mean you'd want local ACLs that apply to imapc mailboxes? > Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. > ACL support. > > I think that should work. For example if you set: > > > > mail_location = imapc:~/imapc > Oh, had not realized that a path argument is possible for imapc:. There are > even index file then... > > > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl > It almost works: > Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten > /dovecot-acl) failed: No such file or directory > After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL > succeeds.Ok, I thought I tested accessing the mailbox afterwards, too - but I probably had not. I have a more general problem now: shared mailboxes from any "non-INBOX" namespace are not available to other users. That's not only with virtual or imapc namespaces, but also tested with two Maildir ones: namespace personal { inbox = yes location = maildir:~/Maildir prefix = INBOX. type = private } namespace second { inbox = no location = maildir:~/Maildir2 prefix = INBOX.second. type = private } namespace others { type = shared separator = . prefix = INBOX.shared.%%u. location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u #location = maildir:/home/%%n/Maildir:INDEX=~/Maildir/shared/%%u subscriptions = no list = children } [...] I can as user1 SETACL INBOX.second.box ~user1/Maildir2/dovecot-acl-list contains "1316082286 box" ~user1/Maildir2/.box/dovecot-acl contains "user=testuser lrs" (as does ~user1/Maildir/.in2007/dovecot-acl) The shared mailboxes dict contains shared/shared-boxes/user/testuser/user1 1 But - as testuser - 0 list "" "*" * LIST (\HasChildren) "." "INBOX" * LIST (\HasNoChildren) "." "INBOX.test" * LIST (\HasNoChildren) "." "INBOX.second" * LIST (\Noselect \HasChildren) "." "INBOX.shared.user1" * LIST (\HasNoChildren) "." "INBOX.virtual" * LIST (\HasNoChildren) "." "INBOX.shared.user1.in2007" 0 OK List completed. INBOX.shared.user1.second.box is missing. Also 0 select INBOX.shared.user1.second.box * OK [CLOSED] Previous mailbox closed. 0 NO Mailbox doesn't exist: second.box Log shows then: Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /etc/dovecot/global-acls/INBOX.shared.user1.second.box not found Sep 15 12:39:48 host dovecot: imap(8796, testuser): Debug: acl vfile: file /home/user1/Maildir/.second.box/dovecot-acl not found ... not searching for the acl file correctly. Thought I tested this with earlier (2.0) versions. Changed group set up inbetween, but this does not seem relevant. Regards, Lutz
On Tue, 13 Sep 2011, Lutz Pre?ler wrote:> On Di, 13 Sep 2011, Timo Sirainen wrote: > > You mean you'd want local ACLs that apply to imapc mailboxes? > Yes, exactly. Great for "integrating" legacy IMAP servers without e.g. > ACL support.... but as long as imapc parameters are global that's of no real use, I just realized...> > I think that should work. For example if you set: > > > > mail_location = imapc:~/imapc > > Then for mailbox foo/bar the ACL file should be in ~/imapc/.foo.bar/dovecot-acl > It almost works: > Sep 13 18:37:58 hhh dovecot: imap(4482, uuu): Error: file_dotlock_open(/home/uuu/Maildir/gmail/.[Gmail].Alle Nachrichten > /dovecot-acl) failed: No such file or directory > After manually creating the ".[Gmail].Alle Nachrichten" directory, SETACL > succeeds.... so this does not really matter yet. Lutz
Reasonably Related Threads
- 2.1: imapc LIST problem / usage question
- unexpected LSUB / LIST (SUBSCRIBED) output Re: Panic: file mailbox-list-subscriptions.c: line 66 (mailbox_list_subscription_fill_one): assertion failed: (ns!= NULL && (ns->flags & NAMESPACE_FLAG_AUTOCREATED) != 0)
- imapc vs auth-userdb security
- Assertion failed with imapc after upgrading Dovecot from 2.1.7 to 2.2.9
- doveadm backup from gmail with imapc