Two major patches just landed crossdomains and reversacls
Nicola Nye
nicolan at fastmail.com
Mon Nov 16 18:17:55 EST 2015
What are the new option controls and where do they live, so I can
do the documentation magic?
On Mon, Nov 16, 2015, at 11:00 PM, Bron Gondwana via Cyrus-devel wrote:
> So this is what I've been working on for the past little bit, on and off
> - mostly in the last week - but I've been building the groundwork for
> ages.
>
> 1) cross domain support. It's an option, if you turn it on then admin
> users don't see any change, but non-admin users see all user folders with
> a domain attached, and can look across domains. Like this:
>
> . login brong at fastmail.com foo
>
> . list "" *
> * LIST (\HasChildren) "/" INBOX
> * LIST (\HasNoChildren) "/" INBOX/hello
> * LIST (\HasNoChildren) "/" INBOX/sub
> * LIST (\HasNoChildren) "/" user/brong at brong.net
> * LIST (\HasNoChildren) "/" user/ellie at fastmail.com/Lists/Cyrus
>
> That's in the regular namespace - it's the same in the altnamespace, the
> domain is attached after the username. EVERYONE has a domain, if they're
> in defaultdomain, that gets added too.
>
> 2) reverseacls. It's optional too, but only kinda. ctl_cyrusdb checks
> the option at startup and flicks the actual switch, which is a key called
> '$RACL' in mailboxes.db. Mailboxes.db now skips any key starting with $.
> All the actual reverse ACLs are subkeys of $RACL$ - read the commit
> message or code for the gory details.
>
> At the moment they don't support groups or the anyone ACL, sorry. I have
> a plan for supporting groups, but I need to understand more about how
> they're implemented in krb5 and ptsloader first.
>
> ---
>
> These come with a couple of Cassandane tests as well :)
>
> Bron.
>
> Bron.
>
>
> --
> Bron Gondwana
> brong at fastmail.fm
More information about the Cyrus-devel
mailing list