Hello everybody,
we're using shared mailboxes as an archive to which
everyone has full rights, set with doveadm. The rights
look like this:
doveadm acl get -u [email protected] shared/[email protected]
ID Global Rights
[email protected] admin create delete expunge insert lookup \
post read write write-deleted write-seen
Looking at this i would this i would think i should be able to
move an existing folder to shared/[email protected]. But i get
a "permission denied".
A rawlog session from trying to copy looks like this:
1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY
THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT
CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES
WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE NOTIFY ACL RIGHTS=texk] Logged in
* ID ("name" "Dovecot")
2 OK ID completed (0.001 + 0.000 secs).
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags
permitted.
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1510573115] UIDs valid
* OK [UIDNEXT 1] Predicted next UID
3 OK [READ-WRITE] Select completed (0.005 + 0.000 + 0.004 secs).
* MYRIGHTS shared/[email protected]/IT-Sachen/blablub lrwstipekxacd
4 OK Myrights completed (0.001 + 0.000 secs).
+ idling
* OK Still here
5 OK Idle completed (4.007 + 4.006 + 4.006 secs).
6 OK NOOP completed (0.001 + 0.000 secs).
+ idling
7 OK Idle completed (42.014 + 42.013 + 42.013 secs).
8 OK List completed (0.015 + 0.000 + 0.014 secs).
9 OK Close completed (0.001 + 0.000 secs).
10 NO [NOPERM] Permission denied (0.005 + 0.000 + 0.004 secs).
I don't understand why there's a permission denied because doveadm tells
something else.
The shared mailbox folder ist the inbox of the account [email protected]
What has to be changed that it's possible to save messages or to create folders
in resp. under a shared inbox, or is this not possible?
Any suggestion is welcome.
Tia
Thomas
My configuration:
# 2.2.33.2 (d6601f4ec): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.21 (92477967)
# OS: Linux 2.6.32-696.13.2.el6.x86_64 x86_64 CentOS release 6.9 (Final) ext4
auth_debug = yes
auth_debug_passwords = yes
auth_master_user_separator = *
auth_mechanisms = plain login
auth_verbose = yes
disable_plaintext_auth = no
doveadm_password = # hidden, use -P to show it
doveadm_port = 12345
imap_max_line_length = 2 M
mail_debug = yes
mail_location = maildir:/export/home/imap/%Lu/Maildir
mail_plugins = acl mail_log notify
mailbox_idle_check_interval = 10 secs
mailbox_list_index = yes
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress
comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace {
hidden = no
ignore_on_failure = no
inbox = no
list = children
location = maildir:%%h/Maildir:INDEXPVT=%h/shared/%%u
prefix = shared/%%u/
separator = /
subscriptions = yes
type = shared
}
namespace inbox {
hidden = no
inbox = yes
list = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix = INBOX/
separator = /
type = private
}
passdb {
args = /etc/dovecot/master-users
driver = passwd-file
master = yes
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
plugin {
acl = vfile:/etc/dovecot/global-acls:cache_secs=300
acl_shared_dict = file:/export/home/shared-db/shared-mailboxes
mail_log_events = append delete undelete expunge copy mailbox_delete
mailbox_rename flag_change
mail_log_fields = uid box msgid size from flags
mail_replica = tcp:mail2.example.com
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
sieve_global = /var/lib/dovecot/sieve/global/
sieve_user_log = ~/.dovecot.sieve.log
}
protocols = imap pop3 lmtp sieve
service aggregator {
fifo_listener replication-notify-fifo {
mode = 0666
user = vmail
}
unix_listener replication-notify {
mode = 0666
user = vmail
}
}
service auth {
unix_listener /var/spool/postfix/private/auth {
mode = 0666
}
unix_listener auth-userdb {
group = vmail
mode = 0660
user = vmail
}
}
service config {
unix_listener config {
user = vmail
}
}
service doveadm {
inet_listener {
port = 12345
}
user = vmail
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
process_limit = 500
process_min_avail = 20
}
service imap {
executable = imap postlogin
}
service lmtp {
inet_listener lmtp {
address = 127.0.0.1
port = 24
}
}
service managesieve-login {
inet_listener sieve {
port = 4190
}
inet_listener sieve_deprecated {
port = 2000
}
}
}
service pop3-login {
inet_listener pop3s {
port = 995
ssl = yes
}
}
service pop3 {
executable = pop3 postlogin
}
service postlogin {
executable = script-login -d rawlog
}
service replicator {
unix_listener replicator-doveadm {
mode = 0666
}
}
ssl = required
ssl_cert = </etc/pki/dovecot/certs/mail2.example.com.crt_chain
ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!EXPORT
ssl_key = # hidden, use -P to show it
ssl_protocols = !SSLv3 !SSLv2
syslog_facility = local6
userdb {
args = /etc/dovecot/dovecot-ldap-userdb.conf.ext
driver = ldap
}
protocol lmtp {
mail_plugins = acl mail_log notify sieve
}
protocol imap {
mail_max_userip_connections = 100
mail_plugins = acl mail_log notify imap_acl
rawlog_dir = /tmp/rawlog/%u
}
