Michal Soltys
2021-Jul-06 16:40 UTC
[bug 2.3.15] seeing user-shared mailboxes across different storage types requires manual change to subscriptions
Hi,
While I was checking old bug I once reported (that one seems to be
fixed, https://www.dovecot.org/list/dovecot/2017-January/106593.html) I
discovered another issue happening under current version when user
sharing his mailbox (with Maildir storage) is not visible under user
using mdbox (or sdbox, also tested) - unless subscriptions file is
manually adjusted (after subscribing).
Consider following config:
# 2.3.15 (0503334ab1): /etc/dovecot/dovecot.conf
# OS: Linux 5.12.14-arch1-1 x86_64 Arch Linux btrfs
# Hostname: hakai
auth_debug = yes
auth_mechanisms = plain login
disable_plaintext_auth = no
first_valid_uid = 1
listen = *
mail_debug = yes
mail_gid = dovecot
mail_location = maildir:/var/mail1/%n/Maildir
mail_plugins = acl
mail_uid = dovecot
namespace {
inbox = yes
location prefix separator = /
type = private
}
namespace shared1 {
inbox = no
list = yes
location = maildir:%%h/Maildir/
prefix = shared1/%%n/
separator = /
subscriptions = no
type = shared
}
namespace shared2 {
inbox = no
list = yes
location = mdbox:%%h/mdbox/
prefix = shared2/%%n/
separator = /
subscriptions = no
type = shared
}
passdb {
args = /etc/dovecot/local-maildir
driver = passwd-file
}
passdb {
args = /etc/dovecot/local-mdbox
driver = passwd-file
}
plugin {
acl = vfile
acl_shared_dict = file:/var/mail-data/shared-database/shared-mailboxes.db
}
protocols = imap
service auth {
unix_listener auth-userdb {
group = mail
mode = 0660
user = dovecot
}
user = dovecot
}
service imap-login {
inet_listener imap {
address = *
port = 143
}
inet_listener imaps {
address = *
port = 993
}
user = dovecot
}
service imap {
executable = /usr/lib/dovecot/imap
}
userdb {
driver = prefetch
}
userdb {
args = /etc/dovecot/local-maildir
driver = passwd-file
}
userdb {
args = /etc/dovecot/local-mdbox
driver = passwd-file
}
protocol imap {
mail_max_userip_connections = 100
mail_plugins = acl imap_acl
}
/etc/dovecot/local-maildir:
user1:{PLAIN}test:::user1:/var/mail1/user1::userdb_mail=maildir:/var/mail1/user1/Maildir
userdb_home=/var/mail1/user1
user2:{PLAIN}test:::user2:/var/mail1/user2::userdb_mail=maildir:/var/mail1/user2/Maildir
userdb_home=/var/mail1/user2
/etc/dovecot/local-mdbox:
user3:{PLAIN}test:::user3:/var/mail2/user3::userdb_mail=mdbox:/var/mail2/user3/mdbox
userdb_home=/var/mail2/user3
There are two shared namespaces - shared1 for Maildir mailboxes and
shared2 for mdbox ones. 'user1' is sharing his 'qwer' folder to
user3.
doveadm mailbox create -u user1 -s qwer
doveadm acl add -u user1 qwer user=user3 read lookup
doveadm mailbox subscribe -u user3 shared1/user1/qwer
This produces subscriptions file such as:
14:44 # cat /var/mail2/user3/mdbox/subscriptions
V 2
Trash
shared1 user1 qwer
With all that in place, 'qwer' won't be visible to user3. But if we
change the 'shared1 user1 qwer' to shared1/user1/qwer - then everything
will be working fine.
Sharing mdbox folder to maildir user (user3 -> user1) as well as maildir
to maildir (user1 -> user2) works without issues.
Michal Soltys
2021-Jul-29 15:04 UTC
[bug 2.3.15] seeing user-shared mailboxes across different storage types requires manual change to subscriptions
On 7/6/21 6:40 PM, Michal Soltys wrote:> Hi, > > While I was checking old bug I once reported (that one seems to be > fixed, https://www.dovecot.org/list/dovecot/2017-January/106593.html) I > discovered another issue happening under current version when user > sharing his mailbox (with Maildir storage) is not visible under user > using mdbox (or sdbox, also tested) - unless subscriptions file is > manually adjusted (after subscribing). > > Consider following config: > > # 2.3.15 (0503334ab1): /etc/dovecot/dovecot.conf > # OS: Linux 5.12.14-arch1-1 x86_64 Arch Linux btrfs > # Hostname: hakai > auth_debug = yes > auth_mechanisms = plain login > disable_plaintext_auth = no > first_valid_uid = 1 > listen = * > mail_debug = yes > mail_gid = dovecot > mail_location = maildir:/var/mail1/%n/Maildir > mail_plugins = acl > mail_uid = dovecot > namespace { > ? inbox = yes > ? location > ? prefix > ? separator = / > ? type = private > } > namespace shared1 { > ? inbox = no > ? list = yes > ? location = maildir:%%h/Maildir/ > ? prefix = shared1/%%n/ > ? separator = / > ? subscriptions = no > ? type = shared > } > namespace shared2 { > ? inbox = no > ? list = yes > ? location = mdbox:%%h/mdbox/ > ? prefix = shared2/%%n/ > ? separator = / > ? subscriptions = no > ? type = shared > } > passdb { > ? args = /etc/dovecot/local-maildir > ? driver = passwd-file > } > passdb { > ? args = /etc/dovecot/local-mdbox > ? driver = passwd-file > } > plugin { > ? acl = vfile > ? acl_shared_dict = > file:/var/mail-data/shared-database/shared-mailboxes.db > } > protocols = imap > service auth { > ? unix_listener auth-userdb { > ??? group = mail > ??? mode = 0660 > ??? user = dovecot > ? } > ? user = dovecot > } > service imap-login { > ? inet_listener imap { > ??? address = * > ??? port = 143 > ? } > ? inet_listener imaps { > ??? address = * > ??? port = 993 > ? } > ? user = dovecot > } > service imap { > ? executable = /usr/lib/dovecot/imap > } > userdb { > ? driver = prefetch > } > userdb { > ? args = /etc/dovecot/local-maildir > ? driver = passwd-file > } > userdb { > ? args = /etc/dovecot/local-mdbox > ? driver = passwd-file > } > protocol imap { > ? mail_max_userip_connections = 100 > ? mail_plugins = acl imap_acl > } > > /etc/dovecot/local-maildir: > > user1:{PLAIN}test:::user1:/var/mail1/user1::userdb_mail=maildir:/var/mail1/user1/Maildir > userdb_home=/var/mail1/user1 > user2:{PLAIN}test:::user2:/var/mail1/user2::userdb_mail=maildir:/var/mail1/user2/Maildir > userdb_home=/var/mail1/user2 > > /etc/dovecot/local-mdbox: > > user3:{PLAIN}test:::user3:/var/mail2/user3::userdb_mail=mdbox:/var/mail2/user3/mdbox > userdb_home=/var/mail2/user3 > > There are two shared namespaces - shared1 for Maildir mailboxes and > shared2 for mdbox ones. 'user1' is sharing his 'qwer' folder to user3. > > doveadm mailbox create -u user1 -s qwer > doveadm acl add -u user1 qwer user=user3 read lookup > doveadm mailbox subscribe -u user3 shared1/user1/qwer > > This produces subscriptions file such as: > > 14:44 # cat /var/mail2/user3/mdbox/subscriptions > V?????? 2 > > Trash > shared1??? user1??? qwer > > With all that in place, 'qwer' won't be visible to user3. But if we > change the 'shared1??? user1??? qwer' to shared1/user1/qwer - then > everything will be working fine. > > Sharing mdbox folder to maildir user (user3 -> user1) as well as maildir > to maildir (user1 -> user2) works without issues.So any ideas about it ? Should I just assume that this kind of usage (cross-storage sharing) is a corner-case and overall should be avoided ? I noticed potential other issue, where certain control/index files from users were created across the storage as well - for example, for the configuration as above, user3 (nominally under /var/mail2/ tree) would also end with: 15:31 # ls -laR /var/mail1/user3/ /var/mail1/user3/: total 0 drwx------ 1 dovecot dovecot 14 Jul 29 15:14 . drwxr-xr-x 1 dovecot dovecot 30 Jul 29 15:14 .. drwx------ 1 dovecot dovecot 76 Jul 29 15:14 Maildir /var/mail1/user3/Maildir: total 4 drwx------ 1 dovecot dovecot 76 Jul 29 15:14 . drwx------ 1 dovecot dovecot 14 Jul 29 15:14 .. -rw------- 1 dovecot dovecot 0 Jul 29 15:14 dovecot-acl-list -rw------- 1 dovecot dovecot 288 Jul 29 15:14 dovecot.list.index.log