Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
MAILDIRACL(1)		    Double Precision, Inc.		 MAILDIRACL(1)

NAME
       maildiracl - manage access control lists

SYNOPSIS

       maildiracl {-reset} {maildir}

       maildiracl {-list} {maildir} {INBOX[.folder]}

       maildiracl {-set} {maildir} {INBOX[.folder]} {[-]identifier}
		  {[+/-]rights}

       maildiracl {-delete} {maildir} {INBOX[.folder]} {[-]identifier}

       maildiracl {-compute} {maildir} {INBOX[.folder]}	{identifier...}

DESCRIPTION
       maildiracl manages "access control lists" (or ACLs) of the Courier IMAP
       server maildir folders. Access control lists are	used primarily to
       provide fine-grained control for	accessing virtual shared folders via
       IMAP.

	   Note

	   The Courier IMAP server server implements two types of shared
	   folders: filesystem permission-based	shared folders,	as well	as
	   virtual shared folders based	on IMAP	access control lists. Use the
	   maildiracl command to set up	access control lists for virtual
	   shared folders. Use the maildirmake(1)[1], command to implement
	   shared folders based	on filesystem permissions.

	   See the Courier IMAP	server documentation for additional
	   information on setting up virtual shared folders.

   ACL overview
       ACLs provide a fine-grained mechanism for controlling access to shared
       folders.	ACLs may be used to specify, for example, that user1 may only
       open and	read the messages in the folder; and user2 can not only	do
       that, but also delete messages, and create subfolders.

       Each folder maintains its own individual	access control list, that
       specifies who can do what to the	folder.	An ACL is a list of
       "identifier" and	"rights" pairs.	Each "identifier" and "rights" pair
       means that an entity called "identifier"	(using the UTF-8 character
       set) is allowed to do "rights" on this folder.  "rights"	consists of
       one or more letters, each letter	signifies a particular action:

       a
	   identifier may modify this folder's ACLs.

       c
	   identifier may create subfolders of this folder (this includes
	   renaming another folder as this folder's subfolders).

       e
	   identifier may remove deleted messages from this folder.

       i
	   identifier may add messages to this folder (either uploading	them
	   one by one, or copying messages from	another	folder).

       l
	   identifier may actually see that this folder	exists.	If identifier
	   does	not have the "l" right on this folder, the folder is
	   effectively invisible to identifier.

       r
	   identifier may open this folder. Note that if identifier knows the
	   name	of this	folder,	it can open it even if identifier does not the
	   "l" right on	this folder.

       s
	   identifier may mark messages	in this	folder as seen,	or unseen.

       t
	   identifier may mark messages	in this	folder as deleted, or
	   undeleted.

       w
	   identifier may change other status flags of messages	in this
	   folder. May also add	or remove custom keywords on individual
	   messages.

       x
	   identifier may delete this folder (which includes renaming this
	   folder as another mailbox's subfoler.

       Negative	rights

	   An ACL entry	of "-identifier" and "rights" is called	a "negative
	   right", which explicitly removes "rights" from "identifier".	More
	   than	one "identifier" is usually used to determine the actual
	   rights someone has for the given folder. The	actual access rights
	   are determined by taking all	rights from all	applicable identifier,
	   than	subtracting any	negative rights, as specified in the following
	   section.

       Identifiers

	   Access rights on a given folder are computed	by obtained the	rights
	   on the following identifiers, then subtracting the negative rights
	   on the same identifiers:

	   owner
	       The owner of the	maildir	containing this	folder.	The maildir's
	       INBOX's ACL defaults to all rights for its owner. A new
	       folder's	ACL is the same	as its parent's	ACL. In	all cases,
	       trying to remove	the "a"	right from the owner (either directly
	       or using	a negative right) results in an	error.

	   anyone
	       This identifier refers literally	to every userid. The
	       associated rights (or negative rights) are always used.

	   anonymous
	       This is a synonym from "anyone".

	   user=loginid
	       Rights (or negative rights) for IMAP account "loginid".

		   Note
		   "loginid" is	what's logged to syslog	after a	succesful
		   login. In some situations "loginid" is not exactly the
		   actual login	ID used	by the IMAP client.

	   group=name
	       Rights (or negative rights) for account group "name". Access
	       rights are granted to an	account	group as a whole. The account
	       options feature of the Courier Authentication Library specifies
	       which account belongs to	which account group. See
	       courier-authlib's documentation for more	information.

	   administrators
	       This is an alias	for "group=administrators". Accounts that are
	       members of an account group called "administrators" are
	       considered administrative accounts, and automatically receive
	       all access rights on all	accessible folders.

	   Consider the	following access control list:

	       owner	      aceilrstwx
	       anyone	      lr
	       user=john      w
	       -user=mary     r
	       administrators aceilrstwx

	   This	access control list specifies that the folder's	owner has
	   complete control over the mailbox (as well as the administrators,
	   which have complete access to every folder);	everyone else can see
	   it and open it, except for "mary" who can see that the mailbox
	   exists, but can't open it; additionally, "john" can change the
	   status and keywords of individual messages (but not mark them as
	   deleted/undeleted or	seen/unseen, which requires additional
	   rights).

OPTIONS

       maildiracl -reset maildir

       This command resets access control lists	in maildir which as a path to
       a maildir. Under	certain	conditions, the	files where a folder's ACLs
       are saved may continue to exist after the folder	is removed. The	-reset
       options goes through maildir and	removes	all stale ACL files for
       removed folders.

	   Note

	   The Courier IMAP server normally performs this maintenance function
	   automatically. It is	not necessary to run this command under	normal
	   conditions.

       maildiracl -list	maildir	folder

       This command lists the access control lists set for folder.  folder
       must be either "INBOX" or "INBOX.folder.subfolder", which is the	same
       naming convention for the Courier IMAP server.

       maildiracl -set maildir folder identifier rights

       Puts identifier (which may begin	with a minus sign to specify a
       negative	right) and rights in folder's access control list. Existing
       rights for identifier (or identifier) are replaced by rights unless
       "rights"	begins with "+"	or "-",	which modifies the existing rights by
       adding or removing from them accordingly. Some examples:

	   maildiracl -set /home/user1/Maildir INBOX.Sent user=john lr

	   maildiracl -set /home/user2/Maildir INBOX.Notes anyone -r

	   maildiracl -set /home/user3/Maildir INBOX.Private -user=tom +r

	   Note

	   Observe that	the last command revokes the "r" right from "tom", by
	   adding it as	a negative right.

       maildiracl -delete maildir folder identifier

       This command removes identifier from folder's access control list, if
       it exists. Use "-identifier" to remove negative rights.

       maildiracl -compute maildir folder [identifier]+

       This command takes a list of one	or more	identifiers. All access	rights
       for the identifiers are combined	together, then any appropriate
       negative	rights are removed, and	the result is printed on standard
       output. Use the following procedure to compute access rights the	same
       way as they are computed	by the Courier IMAP server:

	   maildiracl -compute /home/tom46/Maildir INBOX.Sent owner user=tom46

       This command computes access rights "tom46" has on his own folder.

	   maildiracl -compute /home/john34/Maildir INBOX.Public user=tom46

       This command computes access rights "tom46" has on "john34"'s folder.

IRREVOCABLE ACCESS RIGHTS
       The owner of the	mailbox	must always have the "a" amd "l" access
       rights. The administrators group	must always have all access rights to
       all folders. Attempts to	set access control lists, that do not include
       these minimum access rights, will be rejected.

BUGS
       All identifiers are specified using the UTF-8 character set.

       All non-Latin letters in	folder names are specified using the
       modified-UTF7 coding as used in IMAP.

       This implementation of access control lists is based on version 2 (or
       "ACL2") of IMAP access control lists, which is a	work-in-progress. The
       existing	IMAP ACL, RFC 2086[2] is transparently implemented inside the
       ACL2 model.

       If history's of any guidance, ACL2 is subject to	change at any time. Be
       sure to check the release notes when upgrading to a newer version of
       this software. The "ACL overview" portion of this manual	page is	a very
       brief summary of	ACL2, which leaves out optional	parts of ACL2 that are
       not implemented.

SEE ALSO
       maildirmake(1)[1], maildirkw(1)[3],

AUTHOR
       Sam Varshavchik
	   Author

NOTES
	1. maildirmake(1)
	   http://www.courier-mta.org/maildirmake.html

	2. RFC 2086
	   http://www.rfc-editor.org/rfc/rfc2086.txt

	3. maildirkw(1)
	   http://www.courier-mta.org/maildirkw.html

Courier	Mail Server		  11/04/2020			 MAILDIRACL(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=maildiracl&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help