[Dovecot] moving mail from private inbox to public folder kills the latter

Jerrale G jerrale at sheltoncomputers.com
Wed Aug 11 21:51:35 EEST 2010


  On 8/11/2010 2:45 PM, Tamas Kadar wrote:
> On 8/11/2010 7:32 PM, Jerrale G wrote:
>> On 8/11/2010 12:54 PM, Tamas Kadar wrote:
>>> On 8/11/2010 6:52 PM, Jerrale G wrote:
>>>> On 8/11/2010 12:49 PM, Tamas Kadar wrote:
>>>>> On 8/11/2010 6:45 PM, Jerrale G wrote:
>>>>>> On 8/11/2010 12:02 PM, Tamas Kadar wrote:
>>>>>>> Also, it's weird that the mail we have since we migrated to
>>>>>>> dovecot is
>>>>>>> either 700 or 755, most user's mailboxes are 777, so it 
>>>>>>> shouldn't be
>>>>>>> 700...
>>>>>>>
>>>>>>> (Yeah, I know, not very secure, however no user has shell access,
>>>>>>> only
>>>>>>> by mail)
>>>>>>>
>>>>>>> Best regrds
>>>>>>> Tamas
>>>>>>>
>>>>>>> On 8/11/2010 5:52 PM, Tamas Kadar wrote:
>>>>>>>> Hi
>>>>>>>>
>>>>>>>> I've ran into something rather nasty: if a user moves a mail from
>>>>>>>> its
>>>>>>>> inbox to a public folder, the folder becomes inaccessible for
>>>>>>>> others,
>>>>>>>> because the moved file will have the the permission 600 instead
>>>>>>>> of 777
>>>>>>>> (or 666) which the rest of the emails have in the folder.
>>>>>>>>
>>>>>>>> How can I change this behavior so when he moves the mail it
>>>>>>>> automatically becomes world-readable? Also why one mail kills the
>>>>>>>> whole
>>>>>>>> folder?
>>>>>>>>
>>>>>>>> Here's the error I get:
>>>>>>>> Error:
>>>>>>>> open(/home/_shared/projects/.Long.Folder/cur/1281535484.M3B5A7P15183Q0.mail_espell_com:2,Sb) 
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> failed: Permission denied (euid=1000(ktamas) egid=1000(ktamas)
>>>>>>>> missing
>>>>>>>> +r perm:
>>>>>>>> /home/_shared/projects/.Long.Folder/cur/1281535484.M3B5A7P15183Q0.mail_espell_com:2,Sb, 
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> euid is not dir owner)
>>>>>>>>
>>>>>>>> Thanks and best regards
>>>>>>>> Tamas
>>>>>>>
>>>>>> make sure you have the namespaces specified for the public 
>>>>>> folders so
>>>>>> that the correct permissions will be set.
>>>>>>
>>>>>> http://wiki.dovecot.org/Namespaces
>>>>>>
>>>>>> J. G.
>>>>>>
>>>>>> J. G.
>>>>>>
>>>>>
>>>>> I think I set it right, here are my namespaces:
>>>>>
>>>>> # User's mailbox
>>>>> namespace {
>>>>> inbox = yes
>>>>> location =
>>>>> prefix =
>>>>> separator = .
>>>>> type = private
>>>>> }
>>>>>
>>>>> # The public namespace
>>>>> namespace {
>>>>> location = maildir:/home/_shared/projects:INDEX=~/Maildir/_shared
>>>>> prefix = shared.
>>>>> separator = .
>>>>> subscriptions = no
>>>>> type = public
>>>>> }
>>>> That is fine as long as you don't have a mysql query, berkeley, or
>>>> passwd file looking up the user's homedir, password, and such as well.
>>>> If you do, take out the namespace for private as this will defined
>>>> another way.
>>>>
>>>> J. G.
>>>
>>> Users are authenticated through PAM. No SQL or BerkeleyDB involved. Do
>>> you mean that I should disable the private namespace and only define
>>> the public?
>>>
>>> Tamas
>> Yes, because you have it authenticated and defined by PAM or 
>> mail_location=
>>
>> J. G.
>
> I've just tried that, if I disable the first (private) namespace, 
> things break:
>
> Error: user ktamas: Initialization failed: namespace configuration 
> error: inbox=yes namespace missing
>
> Tamas

Create an account on PAM that everyone can read and write to, having the 
group as a supplemental; set this account as the public namespace, 
including the inbox.


-- 
<br><br><br><br>
<font face="Script" size='1.5'>Jerrale G.</font><br>
<font face="Script" size='2'>SC Senior Admin</font><br>



More information about the dovecot mailing list