1

Topic: Adding user to public folder confusion

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.3.2
- Deployed with iRedMail Easy or the downloadable installer? DOwnload
- Linux/BSD distribution name and version: CentOS 7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I am creating a public folder as per the documentation.  I added only one of my users (m@mydomain.com) to the ACL, yet now every users (appears to) have admin rights!

Am I misreading the output of the get command below?  Why when I add one "user", does the ACL have "usernames" for everyone on my server, with "ID" matching my username?

[root@mail public]# doveadm acl set -A "Public/TEST" "user=m@mydomain.com" admin
[root@mail public]# doveadm acl get -A "Public/TEST"
Username          ID                 Global Rights
d@mydomain.com     user=m@mydomain.com        admin
h@mydomain.com     user=m@mydomain.com        admin
k@mydomain.com     user=m@mydomain.com        admin
m@mydomain.com     user=m@mydomain.com        admin


Perhaps the documentation needs an update if the above is correct.  I just can't understand it.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Adding user to public folder confusion

With "-A" argument, this change will apply to all users. It should be removed.
I will update document immediately.

3

Re: Adding user to public folder confusion

Fixed. Document on our website will be synced in few minutes:
https://docs.iredmail.org/public.folder.html

4

Re: Adding user to public folder confusion

It seems to me the issue is the -A on the get command, not on the set.

The documentation still mentions -A on the get, but in my case that results in dozens of lines, one for each user, all saying that a single user has been granted access.

If you omit the -A on the get, it (the get) works as expected.