[Dovecot] you got chocolate in my peanut butter?!

Logan Shaw lshaw at emitinc.com
Fri Oct 13 19:19:19 UTC 2006 

On Fri, 13 Oct 2006, Timo Sirainen wrote:
> On Fri, 2006-10-13 at 10:20 -0500, Logan Shaw wrote:
>> On Sun, 8 Oct 2006, Timo Sirainen wrote:
>>> On Fri, 2006-09-29 at 11:11 -0500, Logan Shaw wrote:
>>>> [1]  Specifically, if getpwnam() returns a username that
>>>>       doesn't match what it was called with, dovecot calls
>>>>       i_fatal() whose output I assume will go to the log file.
>>>>       Since (a) the wrong messages got downloaded, and (b)
>>>>       I didn't see any "BROKEN NSS IMPLEMENTATION" message in
>>>>       the log file, I assume the check isn't firing.
>>
>>> I haven't before heard that this check wouldn't have caught the problem,
>>> but since I don't know what exactly the bug in nss_ldap is, I guess it's
>>> possible that sometimes the username is correct but the rest of the data
>>> (uid and home dir especially) isn't..
>>
>> Yeah, that's possible, but can it cause this problem?  I don't
>> think a wrong home directory can cause this problem in my case,
>> because I have the inboxes stored under /var/mail and I've
>> verified that the wrong messages were present in a mailbox
>> in /var/mail.  So the home directory isn't involved.

> Umm. I didn't before notice that you said that the messages actually
> were in the wrong user's INBOX.

Sorry, that wasn't very clear.  When I said "wrong messages",
I meant "messages in question".  The messages were in the
correct mailbox under /var/mail.

What I was getting at is that I verified the messages were
under /var/mail rather than under somebody's home directory.
That's relevant because if the messages are in /var/mail
then pw_dir can have the wrong value and it won't affect what
mailbox is opened.

>> So, I'm still confused.  :-)  Does dovecot translate to numeric
>> uid and then back again?

> No.

Hmm, then I'm at a loss to understand how wrong data from
nss_ldap (or from getpwnam(), that is) can cause what happened.
dovecot doesn't care what values are in pw_uid or pw_dir,
and dovecot checks that pw_name matches getpwnam()'s argument.

   - Logan

More information about the dovecot mailing list