From 5e98fd3ad97542a40c8b1e8da1fb1030187f24b6 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Wed, 14 Mar 2012 09:25:53 +0100
Subject: [PATCH] Grant group write perm

---
 root/etc/e-smith/events/actions/dovecot-acl | 10 +++++-----
 smeserver-dovecot.spec                      |  2 +-
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/root/etc/e-smith/events/actions/dovecot-acl b/root/etc/e-smith/events/actions/dovecot-acl
index 27010cc..b7ab93f 100644
--- a/root/etc/e-smith/events/actions/dovecot-acl
+++ b/root/etc/e-smith/events/actions/dovecot-acl
@@ -56,22 +56,22 @@ sub set_acl {
     my $user = shift;
     die "Missing username\n" unless ($user);
     die "Couldn't find $user"."'s home dir\n" unless (-e "/home/e-smith/files/users/$user");
+    find(\&dirperm,  "/home/e-smith/files/users/$user/Maildir");
     die "Error applying permissions to $user 's Maildir\n" unless (
         # sharedmailbox group needs read / write access on Maildir
         system('/usr/bin/setfacl',
                '-R',
                '-m',
-               'g:sharedmailbox:rwX,d:g:sharedmailbox:rwX',
+               'u::rwX,g::rwX,g:sharedmailbox:rwX,d,u::rwX,d:g::rwX,d:g:sharedmailbox:rwX',
                "/home/e-smith/files/users/$user/Maildir") == 0 &&
         # Grant sharedmailbox group permission to go through
-        # the home dir so it can access the Maildir, but let it read
-        # anything else
+        # the home dir so it can access the Maildir, but don't let it read
+        # anything (except the Maildir)
         system('/usr/bin/setfacl',
                '-m',
                'g:sharedmailbox:x',
                "/home/e-smith/files/users/$user") == 0
     );
-    find(\&sgid,  "/home/e-smith/files/users/$user/Maildir");
 }
 
 # The kernel will handle group perms when a user
@@ -79,7 +79,7 @@ sub set_acl {
 # This will prevent dovecot errors, see 
 # http://wiki2.dovecot.org/SharedMailboxes/Permissions and
 # http://wiki2.dovecot.org/Errors/ChgrpNoPerm
-sub sgid {
+sub dirperm {
     system('/bin/chmod',
            'g+s',
            "$_") if (-d);
diff --git a/smeserver-dovecot.spec b/smeserver-dovecot.spec
index 1fb3b4d..ab6d00e 100644
--- a/smeserver-dovecot.spec
+++ b/smeserver-dovecot.spec
@@ -1,5 +1,5 @@
 %define version 0.1
-%define release 0.beta26
+%define release 0.beta28
 %define name smeserver-dovecot