fws
/
smeserver-dovecot
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Dovecot integration on SME Server. This has been merged in SME Server and is only kept here for history
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 Commits
3 Branches
8 Tags
872 KiB
Tag: Branch: Tree: 405eb1157d
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '405eb1157d'
${ noResults }
smeserver-dovecot/root/etc/e-smith/events/actions/dovecot-acl

89 lines
2.8 KiB
Raw Blame History

#!/usr/bin/perl -w
use esmith::ConfigDB;
use esmith::AccountsDB;
use File::Find;
my $c = esmith::ConfigDB->open || die "Couldn't open ConfigDB\n";
my $a = esmith::AccountsDB->open_ro || die "Couldn't open AccountsdDB\n";
my $dovecot = $c->get('dovecot');
die "couldn't find dovecot service\n" unless ($dovecot);
my $event = $ARGV[0];
# SharedMailboxes disabled ?
if (($dovecot->prop('SharedMailbox') || 'disabled') eq 'disabled'){
if (($dovecot->prop('SharedMailboxAcl') || 'yes') ne 'no'){
foreach my $user ($a->users){
my $name = $user->key;
die "Error removing SharedMailbox ACLs ($name"."'s Maildir)\n" unless (
system('/usr/bin/setfacl',
'-R',
'-x',
'g:sharedmailbox',
"/home/e-smith/files/users/$name") == 0 &&
system('/bin/chmod',
'-R',
'g-s',
"/home/e-smith/files/users/$name/Maildir") == 0
);
}
}
$dovecot->set_prop('SharedMailboxAcl','no');
exit(0);
}
# If SharedMailbox is enabled
# Set the correct ACL during user creation
if ($event && $event eq 'user-create'){
my $user = $ARGV[1];
set_acl($user);
}
if (($dovecot->prop('SharedMailboxAcl') || 'no') ne 'yes'){
# ACL for existing users haven't been set yet
foreach my $user ($a->users){
my $name = $user->key;
set_acl($name);
}
$dovecot->set_prop('SharedMailboxAcl','yes');
}
# Set ACL on a user's Maildir
sub set_acl {
my $user = shift;
die "Missing username\n" unless ($user);
die "Couldn't find $user"."'s home dir\n" unless (-e "/home/e-smith/files/users/$user");
find(\&dirperm, "/home/e-smith/files/users/$user/Maildir");
die "Error applying permissions to $user 's Maildir\n" unless (
# sharedmailbox group needs read / write access on Maildir
system('/usr/bin/setfacl',
'-R',
'-m',
'u::rwX,g::rwX,o::rX,g:sharedmailbox:rwX,d:u::rwX,d:g::rwX,d:g:sharedmailbox:rwX,d:o::rX',
"/home/e-smith/files/users/$user/Maildir") == 0 &&
# Grant sharedmailbox group permission to go through
# the home dir so it can access the Maildir, but don't let it read
# anything (except the Maildir)
system('/usr/bin/setfacl',
'-m',
'g:sharedmailbox:x',
"/home/e-smith/files/users/$user") == 0
);
}
# The kernel will handle group perms when a user
# create a dir in another user's Maildir (if IMAP ACL allows it)
# This will prevent dovecot errors, see
# http://wiki2.dovecot.org/SharedMailboxes/Permissions and
# http://wiki2.dovecot.org/Errors/ChgrpNoPerm
sub dirperm {
system('/bin/chmod',
'g+s',
"$_") if (-d);
}