[Dovecot] Dovecot chgrp actions on new files/folders

fakessh at fakessh.eu fakessh at fakessh.eu
Thu Oct 14 20:54:05 EEST 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Le 14.10.2010 19:49, David Ford a écrit :
>  Timo,
> 
> I did further study of the user/group permissions.  Applying the below
> patch will make no difference to virtually everyone out there.  Those
> that have default uid/gid ownership won't see any change as the gid
> already matches so the fchown() action won't be attempted.  Those that
> have sgid will still see the normal expected fchown() enforced by the
> kernel which becomes a duplicated action by dovecot.  In the last case,
> those with an unknown 3rd party gid were used to seeing fchown()
> failures and those will now go away.  It is only this third group that
> will see anything change as all other cases are already handled.  Anyone
> who wishes to create new files with another group ID should make their
> directories sgid or stgid as per normal filesystem ACL semantics.  The
> original net effect of this only turns on an fchown() that will fail and
> emit numerous error messages.  This patch fixes that.  Technically the
> fchown is unneccessary extra code already since any directory that is
> sgid or stgid will have ownership enforced by the kernel already.
> 
> I simply made it #if 0 below, the correct patch would be to delete the
> extraneous block.
> 
> --- src/lib-storage/mailbox-list.c.orig 2010-09-14 11:03:18.000000000 -0400
> +++ src/lib-storage/mailbox-list.c      2010-10-08 13:02:54.000000000 -0400
> @@ -450,7 +450,7 @@
>                 } 
> 
>                 if (S_ISDIR(st.st_mode) && (st.st_mode & S_ISGID) != 0) {
> -                       /* directory's GID is used automatically for new
> +                       /* directory is sgid, so GID is used
> automatically for new
>                            files */
>                         *gid_r = (gid_t)-1;
>                 } else if ((st.st_mode & 0070) >> 3 == (st.st_mode &
> 0007)) {
> @@ -460,9 +460,13 @@
>                 } else if (getegid() == st.st_gid) {
>                         /* using our own gid, no need to change it */
>                         *gid_r = (gid_t)-1;
> -               } else {
> +               }
> +#if 0
> +#warning this code makes dovecot attempt to chgrp files to wrong
> ownership 
> +               else {
>                         *gid_r = st.st_gid;
>                 }
> +#endif
>         }
> 
>         if (name == NULL) {
> 



 Timo, I think this patch should be commiter


<anonymous>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iD8DBQFMt0O9tXI/OwkhZKcRAlyZAJ4qWsCEjknuckDNAgSXA6gRb+dFxgCgg1cw
ty1a2H9zif955FLuxMBNE3c=
=CKzb
-----END PGP SIGNATURE-----

More information about the dovecot mailing list