Hi,

I'm trying to setup group based ACLs coming from OpenLDAP. My setup doesn't require a POSIX Group match. In the Dovecot configuration file I have this: "user_attrs = [...], mailAclGroups=acl_groups" as well as "acl = vfile:/usr/local/etc/dovecot/global-acls:cache_secs=300". The user has "public" in the LDAP attribute "mailAclGroups". It seems to get everything right. I checked with doveadm - and I see public ist listed as expected:


cat /var/log/debug.log
[...]
Sep 16 23:39:04 WM-01 dovecot: auth: Debug: client passdb out: OK 1 user=leander@mydomain.localdomain acl_groups=public
[...]

cat /usr/local/etc/dovecot/global-acls
INBOX owner lrwstipekxa
Drafts owner lrwstipeka
Sent owner lrwstipeka
Spam owner lrwstipeka
Trash owner lrwstipeka
Public authenticated l
Public group-override=public lrwstipekx
Public/* group-override=public lrwstipekx


doveadm mailbox list -u leander@mydomain.localdomain
Drafts
Sent
Trash
Spam
Shared
Public
Public/Service Center
Shared/test@mydomain.localdomain
Shared/test@mydomain.localdomain/Drafts
Shared/test@mydomain.localdomain/Sent
Shared/test@mydomain.localdomain/Trash
Shared/test@mydomain.localdomain/Spam
INBOX


But here comes the strange thing: telnet equal to Thunderbird:
. LIST "" "*"
* LIST (\HasNoChildren \Drafts) "/" Drafts
* LIST (\HasNoChildren \Sent) "/" Sent
* LIST (\HasNoChildren \Trash) "/" Trash
* LIST (\HasNoChildren \Junk) "/" Spam
* LIST (\Noselect \HasChildren) "/" Shared
* LIST (\HasChildren) "/" Shared/test@mydomain.localdomain
* LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Drafts
* LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Sent
* LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Trash
* LIST (\HasNoChildren) "/" Shared/test@mydomain.localdomain/Spam
* LIST (\HasNoChildren) "/" INBOX
. OK List completed (0.000 + 0.000 + 0.092 secs).


Public and Public/* shoul be listed as well, but it isn't. Any idea why it is behaving like this?
Thanks

Best regards
Leander Schäfer

Reply via email to