[Dovecot] bug: no initgroup() after login (was Re: Dovecot shared mailbox folder problem)

Steffen Kaiser skdovecot at smail.inf.fh-bonn-rhein-sieg.de
Fri Jul 6 12:29:14 EEST 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 4 Jul 2007, Steffen Kaiser wrote:

Hello,

after adding plenty of i_info()'s into:

./src/lib/restrict-access.c
./src/imap/main.c
./src/master/mail-process.c

I found out what the basic problem is, although not why the access to 
Maildir was successful - it should have been denied, too.

OK, attached there are these files:

- - logging_only.log, a logfile with added logging only.
- - setRESTRICT_USERfromUSER.log: a logfile, where in src/imap/main.c the 
missing env var RESTRICT_USER is set from the env var USER.
- - the patch I used to do the logging and the change.
- - the dovecot -n output.

The problem is that there is _no_ single call to restrict_access_set_env() 
with the user argument set, hence, the env var RESTRICT_USER is never set, 
but the only call to initgroups() in ./src/lib/restrict-access.c is 
invoked only, if RESTRICT_USER is present.
Effectly: No secondary groups of the user are added to the process never.

In my situation:
# id dvtest3
uid=30004(dvtest3) gid=30006(dvtest3) groups=30006(dvtest3),30004(spamd)
# ls -aln ~dvtest3/Maildir/
drwxrwx--- 6 31045 30004 4096 2007-07-06 08:34 ./
drwxrwx--- 2 31045 30004 4096 2007-07-06 08:28 cur/

The access to Maildir/cur fails, because the secondary group 30004
is never added to the process. Surprisingly stat(Maildir) succeeds.

I experimented with "drop_priv_before_exec" and "add_extra_groups" settings,
if they make any difference, but found none.

Maybe the problem is the 1st call to restrict_access_set_env():

dovecot: Jul 06 10:48:00 Info: ska: restrict_access_set_env(): user =

The user parameter is empty, but not NULL.
I added some more logging, the uid/gid is 30004/30006 - that data of
dvtest3. Maybe the problem is that in create_mail_process()
when doing:

 	/* setup environment - set the most important environment first
 	   (paranoia about filling up environment without noticing) */
 	restrict_access_set_env(system_user, uid, gid, chroot_dir,
 				set->first_valid_gid, set->last_valid_gid,
 				set->mail_extra_groups);

system_user is not set.

This is true for both local and LDAP users.

Bye,

- -- 
Steffen Kaiser
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBRo4LbC9SORjhbDpvAQL/6wf+KFu4a8f1j9GhLC/aaS+rn0f+/D2kYX5g
npq/VPv7mt3Y4+s8xbAf3d3xl/TsH1wgZYx/g7uVpBae54vStcpOPum/yTCasohd
8B+1qJqYDztckpjTKTIfcIZvZWP7vcqALVdmPFcAgWx/wkWiSTKGpYW4JnhloFE8
6q2pEcvnj1k+TpHCxTm22c8w1MMUXKaeiLttxWZcg/VlZdShR+MWpArKgSqwXDlc
8XA05tzAO9xDDl+02zx0ysnp41n/i3n82bGWJFaNtpzurgf82ytVTI5WznrJwVSs
+xzrOLmw2C8PJSB8Ur0Lg1HHSu+QuOn4+OcU4Rz8jc6jVeG5SfJJEg==
=xbQF
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: noInitgroup.tgz
Type: application/x-gtar
Size: 4907 bytes
Desc: 
Url : http://dovecot.org/pipermail/dovecot/attachments/20070706/81ff3a4b/attachment.gtar

More information about the dovecot mailing list