[Dovecot] Index corruption

Gregory Bond gnb at itga.com.au
Mon Oct 18 06:19:58 EEST 2004


Timo Sirainen wrote:

> I'd suggest grabbing 1.0-test49 from http://dovecot.org/test/ and 
> trying if it works better.


Wow, reply at 3am!

I can't get the imapd from this release to start up.  No matter what I 
do, I'm getting this error:

    auth(default): We couldn't drop root group privileges (wanted=1, 
gid=0, egid=0)

even before it asks for username.

I've tried starting from inetd, starting from from dovecot, setting 
first_valid_gid = 0, 1 or 2


Looking at the logic in lib/restrict-access.c I'm not sure why or how 
this can be failing.  gid=1 so setgid() must have succeeded at the top 
of restrict_access_by_env():
        if (gid != 0 && (gid != getgid() || gid != getegid())) {
                if (setgid(gid) != 0)

and uid must be != 0, else this test fails:
        if (setuid(0) == 0) {
                        if (uid == 0)
                                i_fatal("Running as root isn't permitted");
                        i_fatal("We couldn't drop root privileges");

so how does this test:
        if (getgid() == 0 || getegid() == 0 || setgid(0) == 0) {
ever get to be true?



More information about the dovecot mailing list