From: Timo Sirainen Date: Mon, 31 Aug 2009 23:44:49 +0000 (-0400) Subject: master: If process uid/gid is too high, refer to last_valid_* settings instead of... X-Git-Tag: 2.0.alpha1~202 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0ef40aa9ca6084393fe0a56feac2cf801e8b52f0;p=thirdparty%2Fdovecot%2Fcore.git master: If process uid/gid is too high, refer to last_valid_* settings instead of first_valid_*. Based on patch by Pascal Volk. --HG-- branch : HEAD --- diff --git a/src/master/service-process.c b/src/master/service-process.c index fe2fc38213..4e09b4d40f 100644 --- a/src/master/service-process.c +++ b/src/master/service-process.c @@ -166,27 +166,29 @@ static void validate_uid_gid(struct master_settings *set, uid_t uid, gid_t gid, if (uid < (uid_t)set->first_valid_uid || (set->last_valid_uid != 0 && uid > (uid_t)set->last_valid_uid)) { struct passwd *pw; + bool low = uid < (uid_t)set->first_valid_uid; pw = getpwuid(uid); i_fatal("User %s not allowed to log in using too %s " - "UNIX UID %s%s (see first_valid_uid in config file)", - user, - uid < (uid_t)set->first_valid_uid ? "low" : "high", + "UNIX UID %s%s (see %s in config file)", + user, low ? "low" : "high", dec2str(uid), pw == NULL ? "" : - t_strdup_printf("(%s)", pw->pw_name)); + t_strdup_printf("(%s)", pw->pw_name), + low ? "first_valid_uid" : "last_valid_uid"); } if (gid < (gid_t)set->first_valid_gid || (set->last_valid_gid != 0 && gid > (gid_t)set->last_valid_gid)) { struct group *gr; + bool low = gid < (gid_t)set->first_valid_gid; gr = getgrgid(gid); i_fatal("User %s not allowed to log in using too %s primary " - "UNIX group ID %s%s (see first_valid_gid in config file)", - user, - gid < (gid_t)set->first_valid_gid ? "low" : "high", + "UNIX group ID %s%s (see %s in config file)", + user, low ? "low" : "high", dec2str(gid), gr == NULL ? "" : - t_strdup_printf("(%s)", gr->gr_name)); + t_strdup_printf("(%s)", gr->gr_name), + low ? "first_valid_gid" : "last_valid_gid"); } }