[Dovecot] Occasional fchown errors?
Hi:
I get the occasional error below. Is there something I don't have configured correctly? Or should I just ignore this? It is not always this file, sometimes it is the cache.lock file or the log.newlock file. I have a mail client running on my computer and my phone at the same time, could that have something to do with it?
Nov 10 08:32:59 rabbitbrush dovecot: IMAP(bob): fchown(/home/bob/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(bob), group based on /var/mail/bob)
From dovecot -n
# 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-25-generic i686 Ubuntu 10.04.1 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_write_locks: fcntl dotlock auth default: passdb: driver: pam userdb: driver: passwd
Thanks very much,
--
Knute Johnson
Use this patch, it fixes dovecot's ownership inheritance assumptions.
Colt ~ # cat
/usr/local/portage/net-mail/dovecot/files/dovecot-2.0.5-bad-permissions-inheritance.patch
--- src/lib-storage/mailbox-list.c.orig 2010-09-14 11:03:18.000000000 -0400
+++ src/lib-storage/mailbox-list.c 2010-10-14 15:20:15.000000000 -0400
@@ -25,6 +25,9 @@
#include
Hi:
I get the occasional error below. Is there something I don't have configured correctly? Or should I just ignore this? It is not always this file, sometimes it is the cache.lock file or the log.newlock file. I have a mail client running on my computer and my phone at the same time, could that have something to do with it?
Nov 10 08:32:59 rabbitbrush dovecot: IMAP(bob): fchown(/home/bob/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(bob), group based on /var/mail/bob)
From dovecot -n
# 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-25-generic i686 Ubuntu 10.04.1 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_write_locks: fcntl dotlock auth default: passdb: driver: pam userdb: driver: passwd
Thanks very much,
as a reminder if you didn't follow the thread. this only avoids inheritance assumption. if you have shared folders, they should be g+s to delegate (group) ownership. also, this is for 2.x -david On 11/10/2010 01:48 PM, David Ford wrote:
Use this patch, it fixes dovecot's ownership inheritance assumptions.
Colt ~ # cat /usr/local/portage/net-mail/dovecot/files/dovecot-2.0.5-bad-permissions-inheritance.patch
--- src/lib-storage/mailbox-list.c.orig 2010-09-14 11:03:18.000000000 -0400 +++ src/lib-storage/mailbox-list.c 2010-10-14 15:20:15.000000000 -0400 @@ -25,6 +25,9 @@ #include
#include #include +#include +#include +#include /* 20 * (200+1) < 4096 which is the standard PATH_MAX. Having these settings prevents malicious user from creating eg. "a/a/a/.../a" mailbox name and @@ -450,7 +453,7 @@ }
if (S_ISDIR(st.st_mode) && (st.st_mode & S_ISGID) != 0) { - /* directory's GID is used automatically for new + /* directory is sgid, so GID is used automatically for new files */ *gid_r = (gid_t)-1; } else if ((st.st_mode & 0070) >> 3 == (st.st_mode & 0007)) { @@ -460,8 +463,39 @@ } else if (getegid() == st.st_gid) { /* using our own gid, no need to change it */ *gid_r = (gid_t)-1; - } else { - *gid_r = st.st_gid; + } + + else { + /* test for unusable inheritance. logic sets fgid_me to st.gid + for unlikely case of lookup failure and we just fall through */ + int j, ngroups = 999; + gid_t *groups; + gid_t fgid_me = st.st_gid; + + groups = malloc(ngroups * sizeof (gid_t)); + if (groups != NULL) { + uid_t egid = getegid(); + struct passwd *pw = getpwuid(geteuid()); + if (pw != NULL) { + /* get pw entry for test using my current effective uid */ + if (getgrouplist(pw->pw_name, egid, groups, &ngroups) != -1) { + /* get list of group IDs my euid belongs to, ngroups + will be set to the number of groups I belong to */ + fgid_me = egid; + for (j = 0; j < ngroups; j++) { + /* enumerate list, test to see if i belong + to gid of parent directory */ + if (st.st_gid == groups[j]) { + /* if so, switch to parent gid */ + fgid_me = st.st_gid; + } + } + } + } + free(groups); + } + + *gid_r = fgid_me; } }
On 11/10/2010 01:34 PM, Knute Johnson wrote:
Hi:
I get the occasional error below. Is there something I don't have configured correctly? Or should I just ignore this? It is not always this file, sometimes it is the cache.lock file or the log.newlock file. I have a mail client running on my computer and my phone at the same time, could that have something to do with it?
Nov 10 08:32:59 rabbitbrush dovecot: IMAP(bob): fchown(/home/bob/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(bob), group based on /var/mail/bob)
From dovecot -n
# 1.2.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-25-generic i686 Ubuntu 10.04.1 LTS log_timestamp: %Y-%m-%d %H:%M:%S protocols: imaps ssl_cert_file: /etc/ssl/certs/ssl-cert-snakeoil.pem ssl_key_file: /etc/ssl/private/ssl-cert-snakeoil.key login_dir: /var/run/dovecot/login login_executable: /usr/lib/dovecot/imap-login mail_privileged_group: mail mail_location: mbox:~/mail:INBOX=/var/mail/%u mbox_write_locks: fcntl dotlock auth default: passdb: driver: pam userdb: driver: passwd
Thanks very much,
On 2010-11-10 13:48:13 -0500, David Ford wrote:
Use this patch, it fixes dovecot's ownership inheritance assumptions. [snip]
he is using 1.2.9 and your patch is for 2.0, would your patch work for 1.2.9 aswell.
you want to attach the patch and not paste it inline. your mail client mangled the lines.
darix
-- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org
hmm. yes, that might be sensible of me :} i haven't touched 1.x in so long, i have no idea if it's applicable. my understanding from Timo is that it's been this way for quite some time so it would likely be easy to massage into place.
it's linked at http://stuph.org/dovecot-2.0.5-bad-permissions-inheritance.patch and attached.
-d
On 11/10/2010 01:54 PM, Marcus Rueckert wrote:
On 2010-11-10 13:48:13 -0500, David Ford wrote:
Use this patch, it fixes dovecot's ownership inheritance assumptions. [snip]
he is using 1.2.9 and your patch is for 2.0, would your patch work for 1.2.9 aswell.
you want to attach the patch and not paste it inline. your mail client mangled the lines.
darix
Timo,
i'm stuck with no time for studying code at the moment. is there a quick/easy way to check if this is a personal or shared mailbox we are working under? i can then update my patch so it works for both cases.
-david
On 11/10/2010 01:58 PM, David Ford wrote:
hmm. yes, that might be sensible of me :} i haven't touched 1.x in so long, i have no idea if it's applicable. my understanding from Timo is that it's been this way for quite some time so it would likely be easy to massage into place.
it's linked at http://stuph.org/dovecot-2.0.5-bad-permissions-inheritance.patch and attached.
-d
On 11/10/2010 01:54 PM, Marcus Rueckert wrote:
On 2010-11-10 13:48:13 -0500, David Ford wrote:
Use this patch, it fixes dovecot's ownership inheritance assumptions. [snip]
he is using 1.2.9 and your patch is for 2.0, would your patch work for 1.2.9 aswell.
you want to attach the patch and not paste it inline. your mail client mangled the lines.
darix
On Wed, 2010-11-10 at 14:01 -0500, David Ford wrote:
Timo,
i'm stuck with no time for studying code at the moment. is there a quick/easy way to check if this is a personal or shared mailbox we are working under? i can then update my patch so it works for both cases.
Well, you could check if list->ns->type is NAMESPACE_PRIVATE or something else. But then again, some people have created shared mailboxes by symlinking them into private namespace, and then it's pretty much impossible to know if it's shared or not.
yes, my mind has been churning on path dereference resolution and efficiency since i made this version of the patch. thank you.
-david
On 11/10/2010 02:13 PM, Timo Sirainen wrote:
Timo,
i'm stuck with no time for studying code at the moment. is there a quick/easy way to check if this is a personal or shared mailbox we are working under? i can then update my patch so it works for both cases. Well, you could check if list->ns->type is NAMESPACE_PRIVATE or something else. But then again, some people have created shared mailboxes by symlinking them into private namespace, and then it's
On Wed, 2010-11-10 at 14:01 -0500, David Ford wrote: pretty much impossible to know if it's shared or not.
On Wed, 2010-11-10 at 10:34 -0800, Knute Johnson wrote:
Nov 10 08:32:59 rabbitbrush dovecot: IMAP(bob): fchown(/home/bob/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(bob), group based on /var/mail/bob)
chmod 0600 /var/mail/*
Normal installations don't need them to be 0660.
On 11/10/2010 10:53 AM, Timo Sirainen wrote:
On Wed, 2010-11-10 at 10:34 -0800, Knute Johnson wrote:
Nov 10 08:32:59 rabbitbrush dovecot: IMAP(bob): fchown(/home/bob/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(bob), group based on /var/mail/bob)
chmod 0600 /var/mail/*
Normal installations don't need them to be 0660.
Thanks, I'll try that.
knute...
On 11/10/2010 9:07 PM, Knute Johnson wrote:
On 11/10/2010 10:53 AM, Timo Sirainen wrote:
On Wed, 2010-11-10 at 10:34 -0800, Knute Johnson wrote:
Nov 10 08:32:59 rabbitbrush dovecot: IMAP(bob): fchown(/home/bob/mail/.imap/INBOX/dovecot.index.tmp, -1, 8(mail)) failed: Operation not permitted (egid=1000(bob), group based on /var/mail/bob)
chmod 0600 /var/mail/*
Normal installations don't need them to be 0660.
Thanks, I'll try that.
knute...
That seems to have fixed it.
Thanks,
knute...
participants (5)
-
Charles Marcus
-
David Ford
-
Knute Johnson
-
Marcus Rueckert
-
Timo Sirainen