[Dovecot] [Dovecot-news] v2.0.beta4 released

Rainer Weikusat rweikusat at mssgmbh.com
Wed Mar 24 21:40:03 EET 2010


Timo Sirainen <tss at iki.fi> writes:
> On Wed, 2010-03-24 at 14:31 +0100, Renaud Allard wrote:
>
>> In my (autoconverted) config, I have:
>> service auth {
>>   unix_listener /var/run/dovecot/auth-client {
>
> Could you send me your original dovecot.conf? Also what $prefix was it
> compiled into?
>
> Anyway, you probably should remove /var/run/dovecot/ from the above
> path. But it should have done that automatically, so I'm not really sure
> what's going on.

If this is supposed to be done by the fix_file_listener_paths routine
in master-settings.c, it won't:

-------------
array_foreach(l, sets) {
	struct file_listener_settings *set = *sets;

	expand_user(&set->user, master_set);
	if (*set->path != '/') {
		set->path = p_strconcat(pool, master_set->base_dir, "/",
                                                set->path, NULL);
	} else if (strncmp(set->path, master_set->base_dir,
                           base_dir_len) == 0 &&
                           set->path[base_dir_len] == '/') {
	 		i_warning("You should remove base_dir prefix from "
			          "unix_listener: %s", set->path);
	}
        
	array_append(all_listeners, &set->path, 1);
}
-------------

Based on reading through the code, I believe what's going on here is
as follows: Listening on auth-client is something the program does by
default. Because of the leading base_dir, the duplicates checking code
in setting_link_add (lib-settings/settings-parser.c) doesn't detect
that the explicit definition above is actually a duplicate
definition. Because of the duplicate, the routine which is supposed to
create 'unix listener sockets' will try to create the same socket
twice which causes the observed failure.

Removing the base_dir prefix will cause the duplicate definition to be
dropped. But this means that the OP will have to live with the default
permissions for the auth-client socket which are 0600 and not 0666 as
he wanted them to be. A better idea might be to support 'merging'
duplicate socket definitions so that the second one would change the
permissions for the first. This could be implemented with the help of
an optional 'merge function pointer' in the list definition which
would be called with the old and new 'property records' when a
duplicate has been found. A related idea would be to also add an
optional fixup routine pointer which could be used to do string
transformations on the input data prior to the duplicates check.

NB: Each factual claim in this text is a conjecture.


More information about the dovecot mailing list