Question on ACL's
Ken Murchison
ken at oceana.com
Fri Jan 30 12:57:10 EST 2004
Jason Williams wrote:
> Morning everyone,
>
> I've been working on implementing Bulletin Boards over here for our
> company which will allow our users to be able to "share" a folder and
> post/move messages into the folder for other users to view.
>
> Creating the actual mailbox is no problem. The question lies when
> assigning the ACL's to the mailbox in order to allow users to view and
> post to the mailbox/bulletin board.
>
> For example, I did the following:
>
> I created a mailbox:
> user.loanofficers
> and
> user.loanofficers.announce
First off, is there a reason why you are using a personal mailbox as a
bulletin board? Is there actually a loanofficer user? If not, you
could just create loanofficers.announce (notice the lack of user.)
> I then proceeded to setup my acl's.
>
> I added:
>
> anyone lr
> and
> jwilliams p
>
> Which, from what I thought, would allow anyone the ability to list and
> read and the user jwilliams the ability to post.
> Well, it didn't work out that way.
>
> When I was trying to post to the list, even though my MTA showed it
> being delivered to the mailbox, the user jwilliams could not view it in
> his mozilla client.
>
> After playing with the ACL's a bit, the only way I could get the user
> jwilliams to be able to see messages and post messages to
> user.loanofficer.announce was to set the following acl's:
>
> anyone lrp
>
> I completely removed the acl's for the my account (jwilliams). Once I
> did that, I was able to see the messages and post to the list.
>
> Now, my question is why are the acl's not working for the user
> jwilliams? That account does exist in the sasldb2.
The ACL for jwilliams will only work if the MTA authenticates to lmtpd
(or passes the AUTH= keyword) as jwilliams, otherwise lmtpd assumes that
the user is anonymous.
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
More information about the Info-cyrus
mailing list