[Kolab-devel] Cyrus IMAP groups patch

Mathieu Parent math.parent at gmail.com
Thu Aug 26 20:05:33 CEST 2010


On Thu, Aug 26, 2010 at 5:22 PM, Gunnar Wrobel <wrobel at kolabsys.com> wrote:
> Back to the native ports: My impression would be that it is okay to
> follow Jeroens suggestion. At least as long as the groups always have
> an ID in mail format. Which they do at the moment. So chances to mix
> this up with system accounts are low. Do people agree? Thomas,
> Mathieu, do you think this is okay?

This is okay for the most common cases but you will need to apend
"@example.org". How will cross-domain ACL works then? Also some
implementations have uid!=mail, the GOsa one come to mind. Another
solution is to change libnss-ldap.conf with attributes mapping to have
uid=mail. The UNIX tools would work but this is little surprising to
do:

chown mathieu at example.org:mygroup at example.com /tmp/file

While searching some info I got "ptloader". This is the authorization
module for cyrus (SASL is the authentication one).

Some infos:
- http://cyrusimap.web.cmu.edu/imapd/man/imapd.conf.5.html ldap_* directives
- http://www.mail-archive.com/info-cyrus@lists.andrew.cmu.edu/msg38052.html
- some more on google

I don't have much time to investigate but this seems a better solution
(as I understand)

Regards

Mathieu Parent




More information about the devel mailing list