Home > Computers > mail > courier > couriersharefolder | About

3 steps :

  1. create the index file in /etc/courier/shared.tmp/index
  2. call sharedindexinstall without any arguments, this will generate /etc/courier/shared/index
  3. give the necessary rights and permissions on the desired folder (or inbox) to the desired user (or users)
  4. *If* you are using roundcube as a webmail, don't forget to add this to your configuration file (usually that's /var/www/whereroundcubeis/config/config.inc.php)
$config['imap_force_ns'] = true;

This is especially necessary for MUAs like roundcube.

Create the index file

You should create it manually, don't rely on the output of authenumerate because it will print whatever is in your database if you have a virtual setup. In my case, I found that the previous admin(s) installed the components of the mail server with ISPConfig. I don't know if the fault is on ISPConfig or on the admins, but the data in the database isn't conforming to courier's standards, so relying on the output of authenumerate is a bad idea.

What is wrong with the database data ?

So here's an example output of the database

root@messagerie-secours[] ~ # cat /etc/courier/shared/index
ali.mellah@xxx    5000    5000    /var/vmail      /var/vmail/xxx/ali.mellah
a.chaouche@xxx    5000    5000    /var/vmail      /var/vmail/xxx/a.chaouche
root@messagerie-secours[] ~ # 

If you have an index file like that, you will find this type of lines in /var/log/mail.warn or /var/log/mail.err :

Jun  1 17:32:20 messagerie imapd-ssl: /etc/courier/shared/index(1): syntax error.
So what's the correct format then ?

Courier's documentation specifies that the last field should be the maildir path relative to the home field (second to last). So the right format should have been :

root@messagerie-secours[] ~ # cat /etc/courier/shared/index
ali.mellah@xxx    5000    5000    /var/vmail/xxx/      ali.mellah
a.chaouche@xxx    5000    5000    /var/vmail/xxx/      a.chaouche
root@messagerie-secours[] ~ # 
How do you go about creating the index file ?

You should not create the index file directly in /etc/courier/shared/. Instead, courier has a convention of reading the index file inside /etc/courier/shared.tmp/. So write the file to that location then invoke sharedindexinstall without any arguments. The index file should contain one line for each user wanting to share its folder or accessing another user's folder. The format is :

  userid \t uid \t gid \t homedir \t maildir 
  1. userid : this should be the same id you find in the syslog or mail.log (/var/log/mail.log) in the IMAP login messages.
  2. uid/gid : this should be the uid and gid of the system user. If you are in a virtual setup, all the IMAP users should have the same system username (vmail in my case) thus having the same uid and gid (vmail in my case has uid 5000 and gid 5000)
  3. homeidr : this is the home directory of the user. In my case, they all share the same homedir, only the maildirs are different.
  4. maildir : this should be a relative path to homedir, not a full path. If you do a full path courier will fail and log a line in /var/log/mail.err or /var/log/mail.warn

The fields are separated by tabs.

Set the necessary rights on individual folders

So if you want user ali.mellah have access to a.chaouche's "PRTG" folder, here's the syntax :

  maildiracl -set absolute/path/to/maildir "INBOX.Folder.subfolder" user=id_of_the_imap_user rightsflags

An example would be :

  maildiracl -set /var/vmail/xxx/a.chaouche/ "INBOX.PRTG" user=ali.mellah@xxx lr

Giving ali.mellah@xxx the right to list and read the content of the INBOX.PRTG folder inside a.chaouche@xxx mailbox.

You can see the rights of all users of a folder or inbox with maildiracl -list, like this :

root@messagerie-secours[] ~ # maildiracl -list /var/vmail/algerian-radio.dz/a.chaouche/ "INBOX.PRTG" 
owner   aceilrstwx
administrators  aceilrstwx
ali.mellah@algerian-radio.dz    lr
user=ali.mellah@algerian-radio.dz       lr
root@messagerie-secours[] ~ #

You can see the rights of a specific user on a folder with maildiracl -compute, like this :

root@messagerie-secours[] /home/serveur # maildiracl -compute /var/vmail/algerian-radio.dz/a.chaouche/ "INBOX.Flux audio" user=ali.mellah@algerian-radio.dz
root@messagerie-secours[] /home/serveur # 

Further information

can be found by reading maildiracl's man page.

Can you share subfolders recursively

maildiracl man page doesn't show a sign of recursivity. Also, specifying a "*" on the folder (like INBOX.*) doesn't seem to do that.

contact : @ychaouche yacinechaouche at yahoocom

QR Code
QR Code Create the index file (generated for current page)