greetings,
i'd like to ask for a certain feature request. dovecot:maildir_uidlist_recreate() to set the gid of new files based on the parent directory group ownership and normally that's desired, an appropriate security method. on our server, we use directory permissions to more stringently isolate access between users and services. we have three group ids used for this, and i'll use my name as example.
Oct 05 13:44:30 imap(david): Error:fchown(/home/david/.maildir/dovecot-uidlist.tmp, -1, 497(net-mail)) failed: Operation not permitted (egid=1234(david), group based on /home/david/.maildir)
Colt log # ls -ld /home/ /home/david /home/david/public_html/ /home/david/.maildir /home/david/.maildir/cur|awk '{printf "%s %5s %9s %s\n", $1,$3,$4,$9}'
drwxr-xr-x root root /home/
drwx--x--- david net-all /home/david
drwxr-x--- david net-mail /home/david/.maildir
drwx------ david david /home/david/.maildir/cur
drwxr-x--- david net-web /home/david/public_html/the purpose of this is to prevent undesired access to personal files. users cannot 'cd' or 'ls' in other user's home directories, mail stores, or web files.
apache, procmail, dovecot et cetera, are in the appropriate groups and therefore have access needed to do file ops. however, they're limited to their appropriate stores.
as mentioned at the beginning, dovecot tries to match the gid of the parent directory for new files and normally, that's desired and expected behavior, but in our case. dovecot creates the file as uid/gid of the user, so the knob can either ignore the failure to set gid per the parent and not log it, or not attempt to set the gid per parent in the first place.
src/lib-storage/index/maildir/maildir-uidlist.c 1412: if (box->file_create_gid != (gid_t)-1 && fchown(fd, (uid_t)-1, box->file_create_gid) < 0) { if (errno == EPERM) { mail_storage_set_critical(box->storage, "%s", eperm_error_get_chgrp("fchown", temp_path, box->file_create_gid, box->file_create_gid_origin)); } else { mail_storage_set_critical(box->storage, "fchown(%s) failed: %m", temp_path); } }
to something like: ( "new_files_inherit_parent_gid = true" )
if (box->file_create_gid != -1 &&--> box->new_files_inherit_parent_gid) { fchown(fd, -1, box->file_create_gid) ... }
bool new_files_inherit_parent_gid [default true] could be added the following for example: src/lib-storage/mailbox-list-private.h:struct mailbox_list src/lib-storage/mail-storage-private.h:struct mailbox
this block of code appears in similar instances for a number of other occasions (and could be made a more global function), but not all files in ~/.maildir/* appear to use a function like this. the uidvalidity functions are a little different for example.
==
for a busy mail server, that's a lot of excess logging and pollution when trying to review nightly logs for issues :)
thank you for the consideration, -david