Le 14 juil. 2013 à 18:54, Axel Luttgens a écrit :
[...]
Is this the expected behavior, to have quota-status switch to another user?
I should have added: "And to have it indefinitely running as that user?".
Notwithstanding the permission problems that come with that behavior (see my previous post), this doesn't seem to be fully right for a service intended to be a policy server for Postfix.
For example, let's consider the case of separate uid (or even uid/gid) for mail users. Suppose that the initial connection to quota-status happens for checking quota of user with uid 10001; if quota-status is configured to start as root, we know it will switch to user 10001 and stay running under that uid. Later, a query comes from Postfix for the quota of user with uid 100002. Unless quota-status hasn't fully dropped its root privileges but has just switched to user 10001 while still having the capability to switch to user 10002, I guess there could be a problem...
How exactly is quota-status supposed to behave in such a case?
TIA, Axel