On 31.10.2008, Timo Sirainen wrote: > On Fri, 2008-10-31 at 08:32 +0100, Thorsten Vollmer wrote: [...] > > Adding a fake home directory to args in > > master-settings.c:get_imap_capability solved the problem for me, but > > there may be a more correct fix. > > Yes, that's the correct fix: > http://hg.dovecot.org/dovecot-1.1/rev/2fbd36039526
With the corresponding fix in dovecot-1.2 dovecot doesn't start anymore for
me:
setgid(65534) failed with euid=1001, gid=1001, egid=1001: Operation not
permitted
Error: imap dump-capability process returned 89
It turns out that rev 2fbd36039526 changed the indices in the args array that
some other code get_imap_capability relied on so that the uid and gid are not
overwritten properly when dovecot is not started as root. See this patch:
diff -r 281ef8e9863f src/master/master-settings.c
--- a/src/master/master-settings.c Fri Oct 31 18:03:39 2008 +0200
+++ b/src/master/master-settings.c Fri Oct 31 17:22:06 2008 +0100
@@ -636,8 +636,8 @@ static bool get_imap_capability(struct s
uid = geteuid();
if (uid != 0) {
/* use the current user */
- args[0] = t_strdup_printf("uid=%s", dec2str(uid));
- args[1] = t_strdup_printf("gid=%s", dec2str(getegid()));
+ args[1] = t_strdup_printf("uid=%s", dec2str(uid));
+ args[2] = t_strdup_printf("gid=%s", dec2str(getegid()));
}
if (pipe(fd) < 0) {
The Patch is not an attachment this time to avoid mailman breaking the openpgp
signature.
Regards,
Bernhard
--
Bernhard Herzog | ++49-541-335 08 30 | http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
signature.asc
Description: This is a digitally signed message part.
