ACLs, public folders, group:, saslauthd, LDAP, etc.

Derek P. Moore derekm at
Fri Feb 20 03:46:53 EST 2004

Howdy, again,

Another problem, another email.  This problem I've yet to solve.

I've got series of mailboxes (straycat.*) and I want to use the group: mechanism
to set the ACLs for these mailboxes, as this seems the most elegant solution. 
I thought to myself, "I'll just add all the users to a POSIX group, do a quick
'sam straycat.* group:straycats lrsip', and it'll be all good."  Not so.

I'm storing all system configuration information (or as much as I can) in LDAP,
and I'm using nss_ldap.  Authentication is through saslauthd against Kerberos. 
In fact, here's my imapd.conf:

  configdirectory: /var/lib/imap
  partition-default: /var/spool/imap
  admins: cyrus
  sievedir: /var/lib/imap/sieve
  sendmail: /usr/sbin/sendmail
  hashimapspool: true
  sasl_keytab: /etc/mail/cyrus-imapd.keytab
  sasl_pwcheck_method: saslauthd
  sasl_mech_list: LOGIN PLAIN
  tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
  tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
  unix_group_enable: true

Pretty simple.

Anyways, I've got the group added to LDAP, and 'id user' is showing that
getgrent(3) sees the 'straycats' group.  However, setting the 'group:straycats'
ACL seems to have only one effect...  I now get a ton of the following in

  Feb 20 02:25:05 germ imap[7298]: could not find auxprop plugin, was
  searching for '[all]'

Any help?  Thanks.


[ derek p. moore ]-------------------[ ]
[ derekm at ]----------------------------[ bfd2 fad6 1014 80c9 aaa8 ]
[ ]-------------------[ a4a0 f449 3461 a443 51b9 ]

This message was sent using IMP, the Internet Messaging Program.
Home Page:
List Archives/Info:

More information about the Info-cyrus mailing list