expire-tool: Fixed changing uid/gid.

author Timo Sirainen <tss@iki.fi>

Sun, 25 May 2008 12:10:59 +0000 (15:10 +0300)

committer Timo Sirainen <tss@iki.fi>

Sun, 25 May 2008 12:10:59 +0000 (15:10 +0300)
author Timo Sirainen <tss@iki.fi>
Sun, 25 May 2008 12:10:59 +0000 (15:10 +0300)
committer Timo Sirainen <tss@iki.fi>
Sun, 25 May 2008 12:10:59 +0000 (15:10 +0300)
diff --git a/src/plugins/expire/auth-client.c b/src/plugins/expire/auth-client.c

index 915a0fbfced8c1f309a6c2fbef0795dffc606d4a..c460795b79241b886f237660b3e837f9f38ff2ca 100644 (file)
--- a/src/plugins/expire/auth-client.c
+++ b/src/plugins/expire/auth-client.c
@@ -130,20 +130,24 @@ static void auth_parse_input(struct auth_connection *conn, const char *args)
                 return;
         }
  
+       if (uid != conn->current_uid && conn->current_uid != 0) {
+               if (seteuid(0) != 0)
+                       i_fatal("seteuid(0) failed: %m");
+               conn->current_uid = 0;
+       }
+
+       /* change GID */
+       restrict_access_by_env(FALSE);
+
         /* we'll change only effective UID. This is a bit unfortunate since
            it allows reverting back to root, but we'll have to be able to
            access different users' mailboxes.. */
         if (uid != conn->current_uid) {
-               if (conn->current_uid != 0) {
-                       if (seteuid(0) != 0)
-                               i_fatal("seteuid(0) failed: %m");
-               }
                 if (seteuid(uid) < 0)
                         i_fatal("seteuid(%s) failed: %m", dec2str(uid));
                 conn->current_uid = uid;
         }
  
-       restrict_access_by_env(FALSE);
         conn->return_value = 1;
  }
author	Timo Sirainen <tss@iki.fi>
	Sun, 25 May 2008 12:10:59 +0000 (15:10 +0300)
committer	Timo Sirainen <tss@iki.fi>
	Sun, 25 May 2008 12:10:59 +0000 (15:10 +0300)