dovecot-2.2: lib-storage: With temporary privilege dropping, swi...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.2/rev/2470bb9106b0
changeset: 16624:2470bb9106b0
user:      Timo Sirainen <tss at iki.fi>
date:      Tue Jul 30 13:26:07 2013 +0300
description:
lib-storage: With temporary privilege dropping, switch to root before doing config lookup.
This fixes the problem of not having enough permissions to connect to the
config socket.

diffstat:

 src/lib-storage/mail-storage-service.c |  11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)

diffs (28 lines):

diff -r 0cab916b28c6 -r 2470bb9106b0 src/lib-storage/mail-storage-service.c
--- a/src/lib-storage/mail-storage-service.c	Tue Jul 30 13:09:52 2013 +0300
+++ b/src/lib-storage/mail-storage-service.c	Tue Jul 30 13:26:07 2013 +0300
@@ -967,6 +967,16 @@
 	int ret = 1;
 
 	user_pool = pool_alloconly_create("mail storage service user", 1024*6);
+	flags = mail_storage_service_input_get_flags(ctx, input);
+
+	if ((flags & MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP) != 0 &&
+	    geteuid() != 0) {
+		/* we dropped privileges only temporarily. switch back to root
+		   before reading settings, so we'll definitely have enough
+		   permissions to connect to the config socket. */
+		if (seteuid(0) < 0)
+			i_fatal("seteuid(0) failed: %m");
+	}
 
 	if (mail_storage_service_read_settings(ctx, input, user_pool,
 					       &user_info, &set_parser,
@@ -977,7 +987,6 @@
 		return -1;
 	}
 
-	flags = mail_storage_service_input_get_flags(ctx, input);
 	if ((flags & MAIL_STORAGE_SERVICE_FLAG_NO_LOG_INIT) == 0 &&
 	    !ctx->log_initialized) {
 		/* initialize logging again, in case we only read the