[Dovecot] RC7: BUG! and patch [Was: Re: rc7 bug? [Was: deliver LDA and INBOX location] (fwd)] (fwd)
Could someone confirm, please, that this bug report and its proposed fix are being checked?
- Is my analysis (message below) about right?
- Is my proposed patch (attached) about right?
- Is this being addressed for "rc8" (or whatever) and its successors?
Many thanks.
--
: David Lee I.T. Service : : Senior Systems Programmer Computer Centre : : Durham University : : http://www.dur.ac.uk/t.d.lee/ South Road : : Durham DH1 3LE : : Phone: +44 191 334 2752 U.K. :
---------- Forwarded message ---------- Date: Tue, 5 Sep 2006 16:40:00 +0100 (BST) From: David Lee t.d.lee@durham.ac.uk To: dovecot@dovecot.org Subject: [Dovecot] RC7: BUG! and patch [Was: Re: rc7 bug? [Was: deliver LDA and INBOX location] (fwd)]
On Tue, 5 Sep 2006, David Lee wrote:
Anyone had any thoughts on the item below? [see earlier in thread]
If the problem is with my config, I'd like to be guided towards how I might resolve it.
If it is a bug in rc7, it would be good to fix it, and I'd be happy to beta-test.
BUG in rc7 (and probably from much earlier).
The LDA 'deliver' fails to honour any uid (%i) setting in dovecot.conf. So delivery and reading happen in different places if 'default_mail_env' uses a '%i' variant. Clearly incorrect behaviour.
Attached is a draft of a patch which fixes the problem. Please could the patch be reviewed and, in some form, applied?
Thanks.
--
: David Lee I.T. Service : : Senior Systems Programmer Computer Centre : : Durham University : : http://www.dur.ac.uk/t.d.lee/ South Road : : Durham DH1 3LE : : Phone: +44 191 334 2752 U.K. :
David Lee wrote:
Could someone confirm, please, that this bug report and its proposed fix are being checked?
- Is my analysis (message below) about right?
- Is my proposed patch (attached) about right?
- Is this being addressed for "rc8" (or whatever) and its successors?
Timo said recently that since he's moved, and with his day job keeping him flat out at the moment, etc, there's not going to be a great deal of Dovecot activity until all of that settles. I expect you will get a resoponse from him on this at some stage, but don't be upset if it's not immediately right now.
Cheers, Pete
On Fri, 2006-09-15 at 14:59 +0100, David Lee wrote:
Could someone confirm, please, that this bug report and its proposed fix are being checked?
- Is my analysis (message below) about right?
- Is my proposed patch (attached) about right?
- Is this being addressed for "rc8" (or whatever) and its successors?
/* get user's details (in particular, the real uid) */upw = getpwnam(user);if (upw == NULL) {i_fatal("Couldn't lookup user's details (user=%s)", user);}uid = upw->pw_uid;
This is wrong, because it doesn't work with virtual users. The uid is already looked up from userdb and either it's the same as the user who's runnning deliver, or if deliver is run as root the privileges are dropped. In either case you can get the uid with just geteuid() call.
I think this should work (not tested though):
http://dovecot.org/list/dovecot-cvs/2006-September/006408.html
On Fri, 22 Sep 2006, Timo Sirainen wrote:
On Fri, 2006-09-15 at 14:59 +0100, David Lee wrote:
Could someone confirm, please, that this bug report and its proposed fix are being checked?
- Is my analysis (message below) about right?
- Is my proposed patch (attached) about right?
- Is this being addressed for "rc8" (or whatever) and its successors?
/* get user's details (in particular, the real uid) */upw = getpwnam(user);if (upw == NULL) {i_fatal("Couldn't lookup user's details (user=%s)", user);}uid = upw->pw_uid;This is wrong, because it doesn't work with virtual users. The uid is already looked up from userdb and either it's the same as the user who's runnning deliver, or if deliver is run as root the privileges are dropped. In either case you can get the uid with just geteuid() call.
I think this should work (not tested though):
http://dovecot.org/list/dovecot-cvs/2006-September/006408.html
Many thanks.
I (a dovecot newbie, so unaware of the "virtual user" subtleties) have just tried your version in our environment: it seems to fix the bug we had encountered.
--
: David Lee I.T. Service : : Senior Systems Programmer Computer Centre : : Durham University : : http://www.dur.ac.uk/t.d.lee/ South Road : : Durham DH1 3LE : : Phone: +44 191 334 2752 U.K. :
participants (3)
-
David Lee
-
Peter Fern
-
Timo Sirainen