1 Topic by surixx

  • surixx
  • surixx
  • Member
  • Offline
  • Registered: 2016-01-18
  • Posts: 25

Topic: Issue in Doveadm permission for public folders .

==== Required information ====
- iRedMail version (check /etc/iredmail-release):   iRedMail-0.9.4
- Linux/BSD distribution name and version:  Ubuntu 14.04 (Trusty Thar)
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  mysql  Ver 14.14 Distrib 5.5.47, for debian-linux-gnu (x86_64) using readline 6.3
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? no Std Iredamin.
- Related log if you're reporting an issue:
====

Hello All, i have implemented public folders with the below tutorial.

http://www.iredmail.org/forum/topic1054 … hange.html

Everything was working fine initially. As I gave permission to public folders, i started noticing that it was not taking up the permission that had given by me. for ex, i type,
sudo doveadm acl set -A "Public/Research" "user=postmaster<at>g****bs.biz" lookup read write insert delete create

and postmaster should have all permission in "Research" public folder. its not the case. also the permission is not getting applied to sub folders in public folder. Kindly guide me to configure the permission correctly,  If I'm wrong with my command.

my ultimate ambition is to allow all users to subscribe any folder, view, insert, create sub folders, in public folders, but they should not delete any mails. Except for postmaster who can also delete mails along with said permissions.

Thank you in advance.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Issue in Doveadm permission for public folders .

Could you please turn on debug mode in Dovecot to get some detailed/debug message? It's hard for us to help without related log. Reference: http://www.iredmail.org/docs/debug.dovecot.html

Also, it's a good idea to run "doveadm" with "-D" flag to turn on verbose logging. e.g.:

doveadm -D acl ...

3 Reply by surixx

  • surixx
  • surixx
  • Member
  • Offline
  • Registered: 2016-01-18
  • Posts: 25

Re: Issue in Doveadm permission for public folders .

ZhangHuangbin wrote:

Could you please turn on debug mode in Dovecot to get some detailed/debug message? It's hard for us to help without related log. Reference: http://www.iredmail.org/docs/debug.dovecot.html

Also, it's a good idea to run "doveadm" with "-D" flag to turn on verbose logging. e.g.:

doveadm -D acl ...

Hi Zhang! I have enabled debugging mode in Dovecot. Also i will run the doveadm with -D flag, and i shall try giving the permission again. Pls tell me from where can i help you with the logs.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Issue in Doveadm permission for public folders .

It's better to try it with steps below:

*) Turn on debug mode in Dovecot. Restart Dovecot service.
*) Create a new public folder.
*) Set permission with 'doveadm -D', and save all terminal output.
*) Try to access the public folder with webmail, and verify the permission settings. Extract all log from Dovecot log file and save them in a plain text file.

We need all terminal output of 'doveadm -D', and all log in Dovecot log file.

Note: you may want to replace the real email address in log with a fake one, e.g. use 'example.com' as domain name. And there might be some plain passwords logged in Dovecot log file, replace it with a fake one, e.g. '123456'.

5 Reply by surixx

  • surixx
  • surixx
  • Member
  • Offline
  • Registered: 2016-01-18
  • Posts: 25

Re: Issue in Doveadm permission for public folders .

surixx wrote:
ZhangHuangbin wrote:

Could you please turn on debug mode in Dovecot to get some detailed/debug message? It's hard for us to help without related log. Reference: http://www.iredmail.org/docs/debug.dovecot.html

Also, it's a good idea to run "doveadm" with "-D" flag to turn on verbose logging. e.g.:

doveadm -D acl ...

Hi Zhang! I have enabled debugging mode in Dovecot. Also i will run the doveadm with -D flag, and i shall try giving the permission again. Pls tell me from where can i help you with the logs.


(Edit) Hi Zhang! PFB the command and output of the doveadm user along with -D flag!

sudo doveadm -D acl set "Public/Finance_Accounts" "user=arthiregina@gojobs.biz" lookup read insert create
doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mailbox_alias_plugin.so
doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so
doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message)
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_sieve_plugin.so
doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message)
doveadm(root): Debug: Effective uid=2000, gid=2000, home=/home/suresh
doveadm(root): Debug: Quota root: name=user backend=dict args=:proxy::quotadict
doveadm(root): Debug: Quota rule: root=user mailbox=* bytes=1073741824 messages=0
doveadm(root): Debug: Quota warning: bytes=1073741824 (100%) messages=0 reverse=no command=quota-warning 100 root
doveadm(root): Debug: Quota warning: bytes=1020054732 (95%) messages=0 reverse=no command=quota-warning 95 root
doveadm(root): Debug: Quota warning: bytes=966367641 (90%) messages=0 reverse=no command=quota-warning 90 root
doveadm(root): Debug: Quota warning: bytes=912680550 (85%) messages=0 reverse=no command=quota-warning 85 root
doveadm(root): Debug: Quota grace: root=user bytes=107374182 (10%)
doveadm(root): Debug: dict quota: user=root, uri=proxy::quotadict, noenforcing=0
doveadm(root): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/home/suresh/Maildir/:INDEX=/home/suresh/Maildir/
doveadm(root): Debug: maildir++: root=/home/suresh/Maildir, index=, indexpvt=, control=, inbox=/home/suresh/Maildir, alt=
doveadm(root): Debug: Namespace : /home/suresh/Maildir doesn't exist yet, using default permissions
doveadm(root): Debug: Namespace : Using permissions from /home/suresh/Maildir: mode=0700 gid=default
doveadm(root): Error: user root: Initialization failed: Namespace '': mkdir(/home/suresh/Maildir) failed: Permission denied (euid=2000(vmail) egid=2000(vmail) missing +w perm: /home/suresh, dir owned by 1000:1000 mode=0755)
doveadm(root): Fatal: User init failed

6 Reply by surixx

  • surixx
  • surixx
  • Member
  • Offline
  • Registered: 2016-01-18
  • Posts: 25

Re: Issue in Doveadm permission for public folders .

ZhangHuangbin wrote:

It's better to try it with steps below:

*) Turn on debug mode in Dovecot. Restart Dovecot service.
*) Create a new public folder.
*) Set permission with 'doveadm -D', and save all terminal output.
*) Try to access the public folder with webmail, and verify the permission settings. Extract all log from Dovecot log file and save them in a plain text file.

We need all terminal output of 'doveadm -D', and all log in Dovecot log file.

Note: you may want to replace the real email address in log with a fake one, e.g. use 'example.com' as domain name. And there might be some plain passwords logged in Dovecot log file, replace it with a fake one, e.g. '123456'.

Hi zhang!
PFA the terminal output of the file. I shall attach dovecot logs sooner.

Post's attachments

doveadm msg.txt 27.98 kb, 1 downloads since 2016-03-22 

You don't have the permssions to download the attachments of this post.

7 Reply by surixx

  • surixx
  • surixx
  • Member
  • Offline
  • Registered: 2016-01-18
  • Posts: 25

Re: Issue in Doveadm permission for public folders .

surixx wrote:
surixx wrote:
ZhangHuangbin wrote:

Could you please turn on debug mode in Dovecot to get some detailed/debug message? It's hard for us to help without related log. Reference: http://www.iredmail.org/docs/debug.dovecot.html

Also, it's a good idea to run "doveadm" with "-D" flag to turn on verbose logging. e.g.:

doveadm -D acl ...

Hi Zhang! I have enabled debugging mode in Dovecot. Also i will run the doveadm with -D flag, and i shall try giving the permission again. Pls tell me from where can i help you with the logs.


(Edit) Hi Zhang! PFB the command and output of the doveadm user along with -D flag!

sudo doveadm -D acl set "Public/Finance_Accounts" "user=arthiregina@gojobs.biz" lookup read insert create
doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib01_acl_plugin.so
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib10_quota_plugin.so
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/lib20_mailbox_alias_plugin.so
doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/modules/doveadm
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_acl_plugin.so
doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message)
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_quota_plugin.so
doveadm(root): Debug: Module loaded: /usr/lib/dovecot/modules/doveadm/lib10_doveadm_sieve_plugin.so
doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/modules/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message)
doveadm(root): Debug: Effective uid=2000, gid=2000, home=/home/suresh
doveadm(root): Debug: Quota root: name=user backend=dict args=:proxy::quotadict
doveadm(root): Debug: Quota rule: root=user mailbox=* bytes=1073741824 messages=0
doveadm(root): Debug: Quota warning: bytes=1073741824 (100%) messages=0 reverse=no command=quota-warning 100 root
doveadm(root): Debug: Quota warning: bytes=1020054732 (95%) messages=0 reverse=no command=quota-warning 95 root
doveadm(root): Debug: Quota warning: bytes=966367641 (90%) messages=0 reverse=no command=quota-warning 90 root
doveadm(root): Debug: Quota warning: bytes=912680550 (85%) messages=0 reverse=no command=quota-warning 85 root
doveadm(root): Debug: Quota grace: root=user bytes=107374182 (10%)
doveadm(root): Debug: dict quota: user=root, uri=proxy::quotadict, noenforcing=0
doveadm(root): Debug: Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:/home/suresh/Maildir/:INDEX=/home/suresh/Maildir/
doveadm(root): Debug: maildir++: root=/home/suresh/Maildir, index=, indexpvt=, control=, inbox=/home/suresh/Maildir, alt=
doveadm(root): Debug: Namespace : /home/suresh/Maildir doesn't exist yet, using default permissions
doveadm(root): Debug: Namespace : Using permissions from /home/suresh/Maildir: mode=0700 gid=default
doveadm(root): Error: user root: Initialization failed: Namespace '': mkdir(/home/suresh/Maildir) failed: Permission denied (euid=2000(vmail) egid=2000(vmail) missing +w perm: /home/suresh, dir owned by 1000:1000 mode=0755)
doveadm(root): Fatal: User init failed

PFA the dovecot log file. since it is huge i have RAR'ed it.

Post's attachments

dovecot.rar 228.52 kb, 1 downloads since 2016-03-22 

You don't have the permssions to download the attachments of this post.

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Issue in Doveadm permission for public folders .

No error in doveadm output and dovecot log. Public Folder is supposed to work as expected.

Warning: It's too lazy that you just throw the whole big log file to me, you should extract log related to your testing then paste here, not ask me to extract it from a big log file. I will ignore these posts in the future (unless it's covered with a paid support ticket).

9 Reply by surixx

  • surixx
  • surixx
  • Member
  • Offline
  • Registered: 2016-01-18
  • Posts: 25

Re: Issue in Doveadm permission for public folders .

Hi Zhang! Appreciate your timely help and support! (Also your straightforward reply! smile . Now only i realize that i have bothered you to go thru a big file. Though, Before I took out terminal record, I logged off cleared the terminal and then i took out the file. Also I was unsure of the dovecot log file. hence i had to post it all. in future i shall make sure your workload is decreased. thanks for the continuous support and beg your pardon again!

10 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Issue in Doveadm permission for public folders .

Thanks for your understanding, forgive me if you feel i'm rude or not polite. The less workload you push to me, the easier and happier to help. smile

11 Reply by surixx

  • surixx
  • surixx
  • Member
  • Offline
  • Registered: 2016-01-18
  • Posts: 25

Re: Issue in Doveadm permission for public folders .

No problem Zhang! its only a language you write lines with. But as a support guy i can understand your feeling to shed all the extra work and focus on results. so no issues! smile