[Dovecot] error running indexer-worker as non-root user
Mike Abbott
michael.abbott at apple.com
Mon Feb 11 21:32:21 EET 2013
Using dovecot-2.1.15 if I run indexer-worker as a non-root user it fails with an error:
Feb 11 13:06:47 indexer-worker: Error: user foobar: Error reading configuration: net_connect_unix(/var/run/dovecot/config) failed: Permission denied
This is what I added to 10-master.conf:
service indexer-worker {
user = _dovecot
}
The wiki says it should work:
<http://wiki2.dovecot.org/Services>
indexer-worker
[...]
• user=root, but the privileges are (temporarily) dropped to the mail user's privileges after userdb lookup. If only a single UID is used, user can be set to the mail UID for higher security, because the process can't gain root privileges anymore.
And the code says it should work:
<src/indexer/indexer-worker.c>
static void drop_privileges(void)
{
[...]
if (set.uid != 0) {
/* open config connection before dropping privileges */
Of course the config socket is locked down as it should be:
srw------- 1 root daemon 0 Feb 11 13:06 /var/run/dovecot/config
Here's where the error comes from:
2 libdovecot.0.dylib 0x00000001019612a0 master_service_settings_read + 2168
3 libdovecot.0.dylib 0x000000010196193e master_service_settings_cache_read + 294
4 libdovecot-storage.0.dylib 0x000000010185d9ad mail_storage_service_read_settings + 510
5 libdovecot-storage.0.dylib 0x000000010185da5d mail_storage_service_lookup + 96
6 libdovecot-storage.0.dylib 0x000000010185f06a mail_storage_service_lookup_next + 42
7 indexer-worker 0x00000001018101a1 master_connection_input + 335
8 libdovecot.0.dylib 0x0000000101972455 io_loop_call_io + 46
9 libdovecot.0.dylib 0x000000010197343e io_loop_handler_run + 214
10 libdovecot.0.dylib 0x0000000101972600 io_loop_run + 77
11 libdovecot.0.dylib 0x00000001019601ef master_service_run + 24
12 indexer-worker 0x000000010180ff17 main + 490
13 libdyld.dylib 0x00007fff89d2f7b5 start + 1
Is this a bug or am I configuring it incorrectly? Thanks.
More information about the dovecot
mailing list