table of contents
MAILDIRACL(1) | Double Precision, Inc. | MAILDIRACL(1) |
NAME¶
maildiracl - manage access control listsSYNOPSIS¶
maildiracl {-reset} {maildir}
maildiracl {-list} {maildir}
{INBOX[.folder]}
maildiracl {-set} {maildir}
{INBOX[.folder]} { [-]identifier} {[+/-]rights}
maildiracl {-delete} {maildir}
{INBOX[.folder]} { [-]identifier}
maildiracl {-compute} {maildir}
{INBOX[.folder]} { identifier...}
DESCRIPTION¶
maildiracl manages “access control lists” (or ACLs) of the Courier IMAP server maildir folders. Access control lists are used primarily to provide fine-grained control for accessing virtual shared folders via IMAP.ACL overview¶
ACLs provide a fine-grained mechanism for controlling access to shared folders. ACLs may be used to specify, for example, that user1 may only open and read the messages in the folder; and user2 can not only do that, but also delete messages, and create subfolders. Each folder maintains its own individual access control list, that specifies who can do what to the folder. An ACL is a list of “identifier” and “rights” pairs. Each “identifier” and “rights” pair means that an entity called “identifier” (using the UTF-8 character set) is allowed to do “rights” on this folder. “rights” consists of one or more letters, each letter signifies a particular action: aidentifier may modify this folder's ACLs.
c
identifier may create subfolders of this folder
(this includes renaming another folder as this folder's subfolders).
e
identifier may remove deleted messages from this
folder.
i
identifier may add messages to this folder (either
uploading them one by one, or copying messages from another folder).
l
identifier may actually see that this folder
exists. If identifier does not have the “l” right on this
folder, the folder is effectively invisible to identifier.
r
identifier may open this folder. Note that if
identifier knows the name of this folder, it can open it even if
identifier does not the “l” right on this folder.
s
identifier may mark messages in this folder as
seen, or unseen.
t
identifier may mark messages in this folder as
deleted, or undeleted.
w
identifier may change other status flags of
messages in this folder. May also add or remove custom keywords on individual
messages.
x
identifier may delete this folder (which includes
renaming this folder as another mailbox's subfoler.
An ACL entry of “-identifier” and “rights” is called
a “negative right”, which explicitly removes
“rights” from “identifier”. More than one
“identifier” is usually used to determine the actual rights
someone has for the given folder. The actual access rights are determined by
taking all rights from all applicable identifier, than subtracting any
negative rights, as specified in the following section.
Access rights on a given folder are computed by obtained the rights on the
following identifiers, then subtracting the negative rights on the same
identifiers:
owner
This access control list specifies that the folder's owner has complete control
over the mailbox (as well as the administrators, which have complete access to
every folder); everyone else can see it and open it, except for
“mary” who can see that the mailbox exists, but can't open it;
additionally, “john” can change the status and keywords of
individual messages (but not mark them as deleted/undeleted or seen/unseen,
which requires additional rights).
The owner of the maildir containing this folder. The
maildir's INBOX's ACL defaults to all rights for its owner. A new folder's ACL
is the same as its parent's ACL. In all cases, trying to remove the
“a” right from the owner (either directly or using a negative
right) results in an error.
anyone
This identifier refers literally to every userid. The
associated rights (or negative rights) are always used.
anonymous
This is a synonym from “anyone”.
user= loginid
Rights (or negative rights) for IMAP account
“loginid”.
Note
“loginid” is what's logged to syslog after a succesful login. In
some situations “loginid” is not exactly the actual login ID
used by the IMAP client.
group= name
Rights (or negative rights) for account group
“name”. Access rights are granted to an account group as a
whole. The account options feature of the Courier Authentication Library
specifies which account belongs to which account group. See courier-authlib's
documentation for more information.
administrators
This is an alias for
“group=administrators”. Accounts that are members of an account
group called “administrators” are considered administrative
accounts, and automatically receive all access rights on all accessible
folders.
Consider the following access control list:
owner aceilrstwx anyone lr user=john w -user=mary r administrators aceilrstwx
OPTIONS¶
maildiracl -reset maildir
This command resets access control lists in maildir which as a path to a
maildir. Under certain conditions, the files where a folder's ACLs are saved
may continue to exist after the folder is removed. The -reset options goes
through maildir and removes all stale ACL files for removed folders.
maildiracl -list maildir
folder
This command lists the access control lists set for folder. folder
must be either “INBOX” or
“INBOX.folder.subfolder”, which is the same naming convention
for the Courier IMAP server.
maildiracl -set maildir
folder identifier
rights
Puts identifier (which may begin with a minus sign to specify a negative
right) and rights in folder's access control list. Existing
rights for identifier (or identifier) are replaced by
rights unless “rights” begins with “+” or
“-”, which modifies the existing rights by adding or removing
from them accordingly. Some examples:
maildiracl -set /home/user1/Maildir INBOX.Sent user=john lr maildiracl -set /home/user2/Maildir INBOX.Notes anyone -r maildiracl -set /home/user3/Maildir INBOX.Private -user=tom +r
maildiracl -delete maildir
folder identifier
This command removes identifier from folder's access control list,
if it exists. Use “- identifier” to remove negative
rights.
maildiracl -compute maildir
folder
[identifier]+
This command takes a list of one or more identifiers. All access rights
for the identifiers are combined together, then any appropriate
negative rights are removed, and the result is printed on standard output. Use
the following procedure to compute access rights the same way as they are
computed by the Courier IMAP server:
maildiracl -compute /home/tom46/Maildir INBOX.Sent owner user=tom46
maildiracl -compute /home/john34/Maildir INBOX.Public user=tom46
IRREVOCABLE ACCESS RIGHTS¶
The owner of the mailbox must always have the “a” amd “l” access rights. The administrators group must always have all access rights to all folders. Attempts to set access control lists, that do not include these minimum access rights, will be rejected.BUGS¶
All identifiers are specified using the UTF-8 character set. All non-Latin letters in folder names are specified using the modified-UTF7 coding as used in IMAP. This implementation of access control lists is based on version 2 (or “ACL2”) of IMAP access control lists, which is a work-in-progress. The existing IMAP ACL, RFC 2086[2] is transparently implemented inside the ACL2 model. If history's of any guidance, ACL2 is subject to change at any time. Be sure to check the release notes when upgrading to a newer version of this software. The “ACL overview” portion of this manual page is a very brief summary of ACL2, which leaves out optional parts of ACL2 that are not implemented.SEE ALSO¶
maildirmake(1)[1], maildirkw(1)[3],AUTHOR¶
Sam VarshavchikAuthor
NOTES¶
[set
$man.base.url.for.relative.links]/maildirmake.html
- 2.
- RFC 2086
- 3.
- maildirkw(1)
[set
$man.base.url.for.relative.links]/maildirkw.html
08/25/2013 | Courier Mail Server |