imap userdb Fatal setuid errors
Aki Tuomi
aki.tuomi at open-xchange.com
Mon May 27 07:37:53 EEST 2019
> On 24 May 2019 17:11 Steven Smith via dovecot <dovecot at dovecot.org> wrote:
>
>
> I’m trying to configure dovecot lmtp in multi-user mode. My error logs are filled with messages saying that an imap process cannot do a setuid to another user:
>
> > May 21 22:28:46 imap(pid 17441 user myuser): Fatal: setuid(512(myuser) from userdb lookup) failed with euid=501(adminuser): Operation not permitted (This binary should probably be called with process user set to 512(myuser) instead of 501(adminuser))
>
> I see that others have had similar issues, but I am not able to apply any of the fixes or workarounds to solve this issue (e.g. setting libexec/dovecot/imap as setuid-root). I’ve also tried other fixes like setting the permissions to 0777 on the userdb auth for postfix smtpd.
>
> According to the code (restrict-access.c, linked below), it appears that when a user authenticates, an imap worker process is launched that has the bid of the authenticator. When another user authenticates, this last process is used, but it does not have the permissions to perform a setuid to the new user, resulting in the Fatal error that appears in the logs.
>
> Is this a bug, or a configuration issue? I’ve posted my doveconf below.
>
> Any pointers would be greatly appreciated.
>
> Steve
>
service imap {
client_limit = 16
process_limit = 200
process_min_avail = 6
service_count = 0
}
This causes the imap process to be reused, but it cannot change it's personality anymore. Also we *do not* recommend this configuration at all. You are putting multiple connections inside an single-threaded binary which can become "stuck" for other users when single user performs long-lasting operations.
Try this:
service imap {
process_limit = 200
process_min_avail = 6
}
Aki
More information about the dovecot
mailing list