[Kolab-devel] permissions for sieve to store user flags

Timotheus Pokorra timotheus at pokorra.de
Mon Sep 2 11:46:17 CEST 2013 

Hello,
I finally found the solution.
The sieve scripts are run with user firstname^lastname at kolab.yourdomain.org.
So adding the acl w for that user makes my scenario work.

for example:
cyradm --user cyrus-admin localhost
setacl user/admin.admin at servers.jiffybox.net admin^admin at servers.jiffybox.net w

Perhaps it helps someone else as well,
  Timotheus

On 28 August 2013 15:01, Timotheus Pokorra <timotheus at pokorra.de> wrote:
> Hello,
> I wonder if somebody has an idea about this:
> How can I give the sieve process w acl permissions to write user defined
> flags?
>
> Here the full story:
> I am trying to add a plugin to roundcube that stores labels or flags with
> the emails.
>
> I modified the message_label plugin to store IMAP4flags similar to
> Thunderbird.
> https://github.com/tpokorra/message_label/tree/message_label_tbits
>
> Then I modified the managesieve plugin to support user defined labels.
> But I noticed that the user defined label is not applied.
> First I thought the reason is that cyrus sieve does not support imap4flags
> yet:
> https://lists.kolab.org/pipermail/devel/2011-September/012965.html
>
> But it does store the user defined flags fine through roundcube:
> https://github.com/roundcube/roundcubemail/blob/master/program/lib/Roundcube/rcube_imap_generic.php#L1950
>
> Then I found out that the problem is a permissions problem.
> http://git.cyrusimap.org/cyrus-imapd/tree/imap/append.c#n811
> The user that is setting the user flag needs to have write permissions.
> That fits the description at
> http://cyrusimap.web.cmu.edu/docs/cyrus-imapd/2.4.8/overview.php#aclrt
> for w: The user may modify flags and keywords other than "Seen" and
> "Deleted" (which are controlled by other sets of rights).
>
> The question is:
> which user is used by sieve to set the flags?
> I could then use http://www.php.net/manual/en/function.imap-setacl.php to
> set the acl for that user.
>
> Or am I completely on the wrong track?
>
> Thanks for any suggestions!
>
> Timotheus

More information about the devel mailing list