[Dovecot] [IDEA] Shared Folders via LDAP Lookups
Hi All,
We've been thinking a lot about the 2 different ways dovecot implements shares; namespaces and symlinks.
We currently use the symlink version for our clients and they use the create_dovecot_shares.pl tool we did at:
Our idea is either in the namespace declaration or if a folder has a dovecot-shared file/symlink, have a ldap lookup defined in say, dovecot-ldap-shares.conf or dovecot-ldap.conf, that queries a dn and looks for memberUID or a group dn, then those uids/groups can get into the IMAP maildir.
Obviously the original folder would need to be owned by some predefined user, e.g dovecot etc.
Then it's just a simple matter of adding a new memberUID/group to the share listing.
We can do a custom dovecot.schema if needed (for say a dovecotShare attribute etc.), as long as we get dovecot a Private Enterprise Number from:
http://www.iana.org/cgi-bin/enterprise.pl
If Timo hasn't already got one, but I can't see one in:
http://www.iana.org/assignments/enterprise-numbers
Thoughts?
-- Kind Regards,
Gavin Henry. Managing Director.
T +44 (0) 1224 279484 M +44 (0) 7930 323266 F +44 (0) 1224 824887 E ghenry@suretecsystems.com
Open Source. Open Solutions(tm).
On Thu, 2006-11-30 at 14:55 +0000, Gavin Henry wrote:
I guess this could work as a simpler ACL plugin backend, if you only needed "all access" vs. "none access". Or the ACLs could be defined in LDAP as well. I'd rather not touch LDAP more than I have to, though. :)
I was also going to add support for defining multiple groups in dovecot-auth (either as plain names or name=GID lists to give access to multiple GIDs). Once that works, it's also possible to support group ACLs in the vfile ACL backend too.
On Sun, 2006-12-03 at 09:51 -0500, Charles Marcus wrote:
I'm not sure if the next version of Dovecot is called 1.2 or 2.0. :) In either case.. Well, it's not really a priority for me right now. The priority currently is to get the stuff working well that I've already mostly implemented to CVS HEAD.. Not sure what happens after that. :)
participants (3)
-
Charles Marcus
-
Gavin Henry
-
Timo Sirainen