Chris Wakelin wrote: > Andrey Panin wrote: >>> I've applied the patch to Dovecot 1.1.7 (with minor change to >>> configure.in) on Solaris 10 sparc 64-bit but Dovecot fails on startup >>> >>> dovecot: Dec 18 12:45:47 Info: Dovecot v1.1.7 starting up >>> dovecot: Dec 18 12:45:47 Fatal: auth(default): initgroups(root, 0) >>> failed: Not owner >>> dovecot: Dec 18 12:45:47 Fatal: Auth process died too early - shutting down >>> >>> The same config with vanilla Dovecot 1.1.7 works fine, so I'm guessing >>> it dropped too many privileges. >> Can you try running "ppriv -D dovecot" to determine which privilege is >> missing ? >>
Aha! I found out why that didn't work; needs "-e". # ppriv -D -e dovecot dovecot[19610]: missing privilege "ALL" (euid = 65534, syscall = 23) needed at setuid+0x98 dovecot[19610]: missing privilege "proc_setid" (euid = 65534, syscall = 46) needed at setgid+0x9c imap[19610]: missing privilege "ALL" (euid = 65534, syscall = 23) needed at setuid+0x98 # ppriv -D -s +proc_setid -e dovecot dovecot[19632]: missing privilege "ALL" (euid = 65534, syscall = 23) needed at setuid+0x98 Fatal: We couldn't drop root group privileges (wanted=65534, gid=0, egid=0) Error: imap dump-capability process returned 89 Fatal: Invalid configuration in dovecot.conf I'm confused as to whether the list in capabilities-solaris.c is privileges to drop or privileges to set? Best Wishes, Chris -- --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+- Christopher Wakelin, c.d.wake...@reading.ac.uk IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439 Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
