Displaying 20 results from an estimated 700 matches similar to: "Understanding dovecot ACLs"
2008 Oct 15
2
imap segfaults in dovecot 1.2 on logout
Hi Timo,
when logging out like
a001 logout
the imap child dies from signal 11. The back trace looks like this:
Program received signal SIGSEGV, Segmentation fault.
0xb7ed4991 in strcasecmp () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt
#0 0xb7ed4991 in strcasecmp () from /lib/tls/i686/cmov/libc.so.6
#1 0x0806ab6c in command_unregister (name=0x815b9ab "LOGOUT") at commands.c:83
#2
2009 Feb 06
2
[patch] 'c' and 'd' in setacl
Hi Timo,
Hi *,
I just recognized that the new imap-acl plugin in dovecot 1.2 does not
know the obsolete rights 'd' and 'c' when setting. According to RFC
4314 section 2.1.1.:
If a client includes the "d" right in a rights list, then it MUST be
treated as if the client had included every member of the "delete"
right.
and
If a client includes
2008 Oct 15
1
deliver does not work with new shared namespaces in dovecot 1.2
Hi Timo,
checking my new userdb-checkpassword back end is stumbled across the
fact, that the new shared namespace definitions possible in dovecot stop
deliver from working. The log says:
Oct 15 14:37:43 burlywood3 <info> deliver(2 at burlywood3.rgb)[24502]: Namespace: type=shared, prefix=users/%%u/, sep=/, inbox=no, hidden=no, list=no, subscriptions=no
Oct 15 14:37:43 burlywood3
2009 Feb 11
1
v1.2: Can't subscribe to shared user folder
Hi *,
I stumbled across a small bug (missing feature?) in the new shared
name space stuff:
a001 list "" "*"
* LIST (\Noselect \HasChildren) "/" "user"
* LIST (\Noselect \HasChildren) "/" "user/bob at example.com"
* LIST (\HasChildren) "/" "INBOX"
* LIST (\HasNoChildren) "/" "INBOX/bar"
* LIST
2009 Mar 04
2
ACLs are applied recursively to sub mailboxes
Hi *,
The problem is most noticeable when a user shares his INBOX[0][1] with
others:
User A sets his INBOX acls to "eilprwtsd"
Now User B can see _all_ sub mailboxes and sub sub [...] mailboxes and
their contents of User A:
User A:
g getacl INBOX
* ACL "INBOX" "A at example.com" akxeilprwtscd "B at example.com" eilprwtsd "A at example.com"
2008 Oct 23
1
dovecot 1.2: SEGV in acl plugin when selecting a shared mailbox
Hi Timo,
there is a bug in the acl plugin (in head, _without_ our acl changes),
which causes an segfault on selecting a shared folder.
* OK [CAPABILITY ...] Dovecot ready.
x login 1 at example.com secret
x OK [CAPABILITY ...] Logged in
y select "users/2 at example.com/INBOX/bla"
- Peer has closed the GNUTLS connection
The dovecot.log shows a segfault:
[...] child 4507
2009 Feb 22
2
Shared mailbox documentation updated
http://wiki.dovecot.org/SharedMailboxes
Anything missing? Anything still need clarifying?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20090221/092eb9fe/attachment-0002.bin>
2008 Oct 17
2
1.2: Bug in listing of shared mailboxes with dot in user id
In dovecot 1.2 I can create a shared name space like this:
namespace shared {
separator = /
prefix = users/%%u/
location = Maildir:/PATH/TO/spool/%%u/maildir:INDEX=/PATH/TO/spool/%u/maildir/shared_idx
subscriptions = no
}
now, when I subscribe to a shared mailbox of another user with an dot in
the users id, like: users/2 at example.com/INBOX/foo and I list my
subscribed mailboxes I get:
2008 Oct 28
4
patch: list shared namespace
Hi,
I've been working on a patch for dovecot 1.2 from the Kolab branch
(http://hg.intevation.org/kolab/dovecot-1.2_kolab-branch/) that
implements listing of shared namespaces. I've got something that works
in some basic way but is still missing some pieces. See the attached
patch, which also contains some installation and configuration notes.
Implementation notes:
One of the main
2009 Feb 11
3
v1.2.beta1 released
http://dovecot.org/releases/1.2/beta/dovecot-1.2.beta1.tar.gz
http://dovecot.org/releases/1.2/beta/dovecot-1.2.beta1.tar.gz.sig
Largest changes since v1.1 can be found from
http://dovecot.org/doc/NEWS-1.2
Changes since alpha5:
- Added support for ESORT extension (also SORT .. RETURN (PARTIAL) from
CONTEXT=SORT that allows windowing SORT results)
- pop3: If client idles for 10 seconds, commit
2009 Feb 11
3
v1.2.beta1 released
http://dovecot.org/releases/1.2/beta/dovecot-1.2.beta1.tar.gz
http://dovecot.org/releases/1.2/beta/dovecot-1.2.beta1.tar.gz.sig
Largest changes since v1.1 can be found from
http://dovecot.org/doc/NEWS-1.2
Changes since alpha5:
- Added support for ESORT extension (also SORT .. RETURN (PARTIAL) from
CONTEXT=SORT that allows windowing SORT results)
- pop3: If client idles for 10 seconds, commit
2008 Nov 16
8
IMAP ACLs and global ACLs in v1.2
I just committed code for IMAP ACL support based on the code from Kolab
people. I did quite large changes though.
I also changed how global ACLs are handled. Previously local ACLs could
override global ACLs, but now that users are able to modify the ACLs I
think it should be the other way around. From what I've heard global
ACLs are typically added for things like 1) disallowing user from
2008 Oct 02
2
Bug in dovecot 1.2 dict
Hi Timo,
Hi *,
in 1.2 the dict server (tested with sqlite backend) is somewhat broken.
It bails out regularly with "Fatal: dict: Socket already exists: ..."
(looks like a race condition as it doesn't fail always).
We discovered that this new code in dict-server.c seems to be the problem:
server->fd = net_listen_unix_unlink_stale(path, 64);
if (server->fd == -1) {
if
2009 Feb 18
1
v1.2 can't set ACL to empty string
Hi *,
according to RfC4314 the rights argument to the setacl command might be
an empty string ("zero right characters"):
The third argument is a string containing an optional plus ("+") or
minus ("-") prefix, followed by zero or more rights characters.
existing clients (horde in particular) actually use this to remove all
rights from an user.
Currently
2009 Mar 04
2
v1.2: can't access other users shared INBOX
Hi *,
when a user A shares his INBOX with another user B, the user B can't
access its content:
User A:
g getacl INBOX
* ACL INBOX A at example.com lrswipkxtecda B at example.com lrswipkxtecd
g OK Completed
User B:
l list "" "*"
* LIST (\Noselect \HasChildren) "/" "user"
* LIST (\Noselect \HasChildren) "/" "user/A at
2008 Oct 09
1
dovecot 1.2: dict no longer really support DICT_ITERATE_FLAG_RECURSE
Hi,
In dovecot 1.1, I could use DICT_ITERATE_FLAG_RECURSE when iterating over a
dict to retrieve all entries that start with a given prefix. This doesn't
seem to work anymore in the new dict implementation in dovecot 1.2. Looking
at the SQL queries actually generated, it seems as if dovecot 1.1 used to
generate queries that use pattern matching (key LIKE "my/prefix/%") whereas
2008 Sep 05
2
Annotation plugin for dovecot
Hi,
as part of an effort to make dovecot usable as the IMAP component in the Kolab
Groupware system <http://kolab.org/>, we've started to develop a plugin that
implements the IMAP METADATA extension. The plugin is still under
development and development is focused on the plugin's use in Kolab, so it
will at first only implement what's immediately needed to achieve that
2008 Sep 08
4
ACL plugin
Hello,
I am working on implementing support for the RFC4314 ACL management commands
and responses in the ACL plugin included with dovecot 1.1.2. (I verified the
error persists with 1.1.3 though.) While the described objective is still in
the works, I have stumbled upon what I believe to be a critical issue with
the handling of negative rights in the present ACL plugin - to be precise,
the cache
2008 Oct 31
1
imap dump-capability fails Dovecot 1.1.6
Hi Timo,
Dovecot fails to start after upgrading from 1.1.4 to 1.1.6:
Fatal: userdb didn't return a home directory, but mail location used it
(%h): %h/mail:CONTROL=%h/control:INDEX=%h/index
Error: imap dump-capability process returned 89
Fatal: Invalid configuration in /etc/dovecot/dovecot.conf
Adding a fake home directory to args in
master-settings.c:get_imap_capability solved the problem
2008 Oct 07
2
Dovecot 1.1.x or 1.2, which way to go for Kolab Server?
Hi Timo,
Hi *,
was written the other day we started to use Dovecot 1.2 for our Kolab
with Dovecot project, but it turned out that there are quite a bunch of
issues with 1.2 (which is ok, as it hasn't even been announced as beta
till now).
We have a customer who should get a first test installation of Kolab
with Dovecot in the first week of September and for that we need the
features