setting acl on autocreate folders
ellie timoney
ellie at fastmail.com
Fri May 11 01:33:34 EDT 2018
Looks like "postman" from a skim of the source, and I believe this is
the same user as when connecting via a UNIX socket:
https://github.com/cyrusimap/cyrus-imapd/blob/15c812df6a020414a2e8863fe1afdfa3273a7bad/imap/lmtpengine.c#L993-L1005
But I would welcome correction from someone who knows, I'm just looking
at the code.
Cheers,
ellie
On Fri, May 11, 2018, at 3:20 PM, Anatoli wrote:
> Hi Ellie,
>
> Chen's question made me recheck the docs and now I have a doubt.
> Could you please clarify under what user the LMTP-delivered mails
> enters Cyrus when "-a" option is used over TCP with lmtpd (i.e. lmtp
> cmd="lmtpd -a" listen="127.0.0.1:2004")?>
> The documentation
> (https://cyrusimap.org/imap/concepts/overview_and_concepts.html#local-mail-transfer-protocol-lmtp)
> says:>
>
>> For final delivery via *LMTP over a TCP socket, it is necessary to
>> use LMTP AUTH*. This is accomplished using SASL to authenticate the
>> delivering user. If your mail server is performing delivery via LMTP
>> AUTH (that is, using a SASL mechanism), you will want their
>> authentication id to be an LMTP admins (either via the admins
>> imapd.conf option or via the <service>_admins option, typically
>> lmtp_admins).>>
>> Alternatively you may deliver via *LMTP to a unix domain socket*,
>> and *the connection will be preauthenticated as an administrative
>> user* (and access control is accomplished by controlling access to
>> the socket).>
> But it doesn't say anything about the "-a:*Preauthorize connections
> initiated on an internet socket*, instead of requiring LMTP AUTH."
> (https://www.cyrusimap.org/imap/reference/manpages/systemcommands/lmtpd.html#cmdoption-lmtpd-a)
> .>
> Thanks,
> Anatoli
>
> *From:* Ellie Timoney
> *Sent:* Friday, May 11, 2018 00:46
> *To:* Info-cyrus
> *Subject:* Re: setting acl on autocreate folders
>
>
> Hi Chen,
>
>> So, the question : is it possible to set specific ACLs on autocreated
>> folders ? (i.e., ACLs, different from those defined by defaultacl in
>> imapd.conf).
>>
> I believe the autocreate mechanism has no particular knowledge of ACLs
> all all. It just uses the standard Cyrus policy for assigning them,
> with no way to override it. Cheers, ellie On Wed, May 9, 2018, at
> 6:37 PM, Chentao Credungtao via Info-cyrus wrote:
>
>> Hello, This question has been asked twice before by different users,
>> but no answer has ever be given. In 2012 :
>> https://www.spinics.net/lists/info-cyrus/msg14612.html In 2016 :
>> https://www.spinics.net/lists/info-cyrus/msg17385.html I guess the
>> answer is NO, but just the same I thought i'd asked again to be sure.
>> So, the question : is it possible to set specific ACLs on autocreated
>> folders ? (i.e., ACLs, different from those defined by defaultacl in
>> imapd.conf). Thanks, Chen ---- Cyrus Home Page:
>> http://www.cyrusimap.org/ List Archives/Info:
>> http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe:
>> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
>>
> ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info:
> http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
>>
> ----
> Cyrus Home Page: http://www.cyrusimap.org/
> List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/> To Unsubscribe:
> https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20180511/34bfb925/attachment.html>
More information about the Info-cyrus
mailing list