On Sun, 2007-10-28 at 09:25 -0400, Adam McDougall wrote:
> > userdb passwd {
> > args = system_user=
> > }
This works only with v1.1. v1.0 just ignores it.
> Looks like it overrides the system_user with empty value and Dovecot
> ends up calling initgroups(""). I'm not sure what that does, if
> anything. This fixes it: http://hg.dovecot.org/dovecot/rev/7f2501b3e993
>
> Upon some further testing, this patch doesn't seem to do anything, because
> for some reason 1.1 allows me to login when I am in too many groups, but
> 1.0 fails (this is where I saw the errors), and both versions seem to act the
> same
> with or without the patch. When I use mail_executable to run a shell script
> to
> report group membership, on both servers I still see the full list when using
> system_user= and mail_extra_groups but I don't see the group I set in
> mail_extra_groups.
> I'm not sure what to think, is there a good place to stick in some debugging?
Have you set mail_drop_priv_before_exec=yes? If not, it should still be
running as root in your mail_executable. If it's "no", I'm not really
sure..
auth_debug=yes at least shows what auth process sends to master. It
should show empty system_user.
signature.asc
Description: This is a digitally signed message part
