Hello all,
I'm setting up an IMAP server with dovecot. I've set up system users
with PAM authentication and Maildir maiboxes.
I'd like to share mailboxes among them, but regardless of what I try, I
bump into filesystem permissions.
I want to have Maildirs created for new users with the right
permissions. I even changed "UMASK" in file /etc/login.defs from 022 to
002, but the Maildirs are still created with 700 permissions:
ls -l /home/ximplet2/
total 4
drwx------ 9 ximplet2 users 4096 Apr 12 19:10 Maildir
Really there's no better way than running "chmod -R g=u
/home/ximplet2/Maildir" and "chmod g+s /home/ximplet2/Maildir" for every
user? Really??
I read that, before v.2, Dovecot had a "umask" option to do precisely
want I need, but it was removed.
How are we supposed to use ACL with system users nowadays?
Rubeno
P.S: my doveconf -n:
# 2.2.31 (65cde28): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.19 (e5c7051)
# OS: Linux 4.4.0-119-generic x86_64 Ubuntu 16.04.4 LTS
auth_mechanisms = plain login
auth_verbose = yes
auth_verbose_passwords = plain
mail_access_groups = kundividantoj
mail_location = maildir:~/Maildir:LAYOUT=fs
mail_plugins = acl
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart
extracttext imapsieve vnd.dovecot.imapsieve
namespace {
list = yes
location = maildir:%%h/Maildir:INDEXPVT=~/Maildir/Komunujo/%%n
prefix = Komunujo/%%n/
subscriptions = no
type = shared
}
namespace inbox {
inbox = yes
location =
mailbox Malnetujo {
auto = subscribe
comment = Mesaĝoj ne finitaj nek senditaj
special_use = \Drafts
}
mailbox Rubujo {
auto = subscribe
autoexpunge = 120 days
comment = Ĉi tien iras la forviŝitaj mesaĝoj
special_use = \Trash
}
mailbox Senditujo {
auto = subscribe
special_use = \Sent
}
mailbox Spamujo {
auto = create
autoexpunge = 30 days
comment = Mesaĝoj markitaj kiel ne deziritaj
special_use = \Junk
}
prefix =
subscriptions = yes
type = private
}
passdb {
driver = pam
}
plugin {
acl = vfile
acl_shared_dict = file:/var/lib/dovecot/kundividitaj/shared-mailboxes
imapsieve_mailbox1_before =
file:/etc/dovecot/sieve/imapsieve/report-spam.sieve
imapsieve_mailbox1_causes = COPY FLAG
imapsieve_mailbox1_name = Spamujo
imapsieve_mailbox2_before =
file:/etc/dovecot/sieve/imapsieve/report-ham.sieve
imapsieve_mailbox2_causes = COPY
imapsieve_mailbox2_from = Spamujo
imapsieve_mailbox2_name = *
sieve = file:~/sieve;active=~/.dovecot.sieve
sieve_after = /etc/dovecot/sieve/final
sieve_extensions = +vnd.dovecot.pipe +vnd.dovecot.debug
sieve_global_extensions = +vnd.dovecot.pipe +vnd.dovecot.debug
sieve_pipe_bin_dir = /usr/bin
sieve_plugins = sieve_imapsieve sieve_extprograms
}
protocols = " imap lmtp sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
unix_listener auth-userdb {
group =
mode = 0777
user =
}
}
ssl = required
ssl_cert = </etc/ssl/certs/ssl-cert-snakeoil.pem
ssl_key = # hidden, use -P to show it
userdb {
driver = passwd
}
protocol lda {
mail_plugins = acl sieve
}
protocol imap {
mail_plugins = acl imap_acl imap_sieve
}
