[Dovecot] Post-login scripting with mail_drop_priv_before_exec in dovecot2
Hi,
I'm in the process of upgrading from dovecot v1.1 to dovecot 2. We fetch uid/gid user information from a database and also use post-login scripting with mail_drop_priv_before_exec = yes which means the postlogin script is executed with the permissions of the user we have found in the database.
According to the dovecot2 wiki page, to get this behaviour in version 2 we have to set the post-login script to run as root and then su to the user. This seems a bit of a strange (and insecure as you might forget) way of doing this. Are there any other options, such as fetching a certain column name from the database to set the value of service imap-postlogin { user } or setting something like user = $user in the configuration? (or is the configuration only read at startup so such dynamic configuration can't be done in the service section?)
Cheers,
Mark
On Mon, 2011-05-09 at 16:19 +0300, Mark Zealey wrote:
I'm in the process of upgrading from dovecot v1.1 to dovecot 2. We fetch uid/gid user information from a database and also use post-login scripting with mail_drop_priv_before_exec = yes which means the postlogin script is executed with the permissions of the user we have found in the database.
According to the dovecot2 wiki page, to get this behaviour in version 2 we have to set the post-login script to run as root and then su to the user. This seems a bit of a strange (and insecure as you might forget) way of doing this. Are there any other options, such as fetching a certain column name from the database to set the value of service imap-postlogin { user } or setting something like user = $user in the configuration? (or is the configuration only read at startup so such dynamic configuration can't be done in the service section?)
There is no good way to do this. Maybe you should replace your post-login script with a Dovecot plugin that runs on mail_user_created hook and then calls your script with system().
On Mon, 2011-05-09 at 19:45 +0300, Timo Sirainen wrote:
On Mon, 2011-05-09 at 16:19 +0300, Mark Zealey wrote:
I'm in the process of upgrading from dovecot v1.1 to dovecot 2. We fetch uid/gid user information from a database and also use post-login scripting with mail_drop_priv_before_exec = yes which means the postlogin script is executed with the permissions of the user we have found in the database.
According to the dovecot2 wiki page, to get this behaviour in version 2 we have to set the post-login script to run as root and then su to the user. This seems a bit of a strange (and insecure as you might forget) way of doing this. Are there any other options, such as fetching a certain column name from the database to set the value of service imap-postlogin { user } or setting something like user = $user in the configuration? (or is the configuration only read at startup so such dynamic configuration can't be done in the service section?)
There is no good way to do this. Maybe you should replace your post-login script with a Dovecot plugin that runs on mail_user_created hook and then calls your script with system().
Oh, actually I think you can simply give -d parameter to script-login..
participants (2)
-
Mark Zealey
-
Timo Sirainen