From: Timo Sirainen Date: Sat, 21 Feb 2009 22:46:35 +0000 (-0500) Subject: Create all mail/index files'/dirs' permissions based on the mailbox directory. X-Git-Tag: 1.2.beta2~64 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b82d6d7f02734007c129fa25bc876049c8d9bdde;p=thirdparty%2Fdovecot%2Fcore.git Create all mail/index files'/dirs' permissions based on the mailbox directory. --HG-- branch : HEAD --- diff --git a/src/lib-storage/index/cydir/cydir-storage.c b/src/lib-storage/index/cydir/cydir-storage.c index 7af9bf98e8..26a6d7316b 100644 --- a/src/lib-storage/index/cydir/cydir-storage.c +++ b/src/lib-storage/index/cydir/cydir-storage.c @@ -135,7 +135,7 @@ static int create_cydir(struct mail_storage *storage, const char *path) mode_t mode; gid_t gid; - mailbox_list_get_dir_permissions(storage->list, &mode, &gid); + mailbox_list_get_dir_permissions(storage->list, NULL, &mode, &gid); if (mkdir_parents_chown(path, mode, (uid_t)-1, gid) < 0 && errno != EEXIST) { if (!mail_storage_set_error_from_errno(storage)) { diff --git a/src/lib-storage/index/dbox/dbox-storage.c b/src/lib-storage/index/dbox/dbox-storage.c index d29dfb72d1..3d14489552 100644 --- a/src/lib-storage/index/dbox/dbox-storage.c +++ b/src/lib-storage/index/dbox/dbox-storage.c @@ -155,7 +155,7 @@ static int create_dbox(struct mail_storage *storage, const char *path) mode_t mode; gid_t gid; - mailbox_list_get_dir_permissions(storage->list, &mode, &gid); + mailbox_list_get_dir_permissions(storage->list, NULL, &mode, &gid); if (mkdir_parents_chown(path, mode, (uid_t)-1, gid) < 0 && errno != EEXIST) { if (!mail_storage_set_error_from_errno(storage)) { diff --git a/src/lib-storage/index/index-storage.c b/src/lib-storage/index/index-storage.c index d6e4aa90f5..0887d0bcd3 100644 --- a/src/lib-storage/index/index-storage.c +++ b/src/lib-storage/index/index-storage.c @@ -447,21 +447,28 @@ void index_storage_mailbox_init(struct index_mailbox *ibox, const char *name, bool move_to_memory) { struct mail_storage *storage = ibox->storage; + struct mailbox *box = &ibox->box; + gid_t dir_gid; i_assert(name != NULL); - ibox->box.storage = storage; - ibox->box.name = p_strdup(ibox->box.pool, name); - ibox->box.open_flags = flags; - if (ibox->box.file_create_mode == 0) { - ibox->box.file_create_mode = 0600; - ibox->box.dir_create_mode = 0700; - ibox->box.file_create_gid = (gid_t)-1; + box->storage = storage; + box->name = p_strdup(box->pool, name); + box->open_flags = flags; + if (box->file_create_mode == 0) { + mailbox_list_get_permissions(box->storage->list, name, + &box->file_create_mode, + &box->file_create_gid); + mailbox_list_get_dir_permissions(box->storage->list, name, + &box->dir_create_mode, + &dir_gid); + mail_index_set_permissions(ibox->index, box->file_create_mode, + box->file_create_gid); } - p_array_init(&ibox->box.search_results, ibox->box.pool, 16); - array_create(&ibox->box.module_contexts, - ibox->box.pool, sizeof(void *), 5); + p_array_init(&box->search_results, box->pool, 16); + array_create(&box->module_contexts, + box->pool, sizeof(void *), 5); ibox->keep_recent = (flags & MAILBOX_OPEN_KEEP_RECENT) != 0; ibox->keep_locked = (flags & MAILBOX_OPEN_KEEP_LOCKED) != 0; diff --git a/src/lib-storage/index/maildir/maildir-storage.c b/src/lib-storage/index/maildir/maildir-storage.c index 71ea3bc913..cd55eb4496 100644 --- a/src/lib-storage/index/maildir/maildir-storage.c +++ b/src/lib-storage/index/maildir/maildir-storage.c @@ -501,7 +501,8 @@ maildir_mailbox_open(struct mail_storage *_storage, const char *name, if (strcmp(name, "INBOX") == 0 && (_storage->ns->flags & NAMESPACE_FLAG_INBOX) != 0) { /* INBOX always exists */ - mailbox_list_get_dir_permissions(_storage->list, &mode, &gid); + mailbox_list_get_dir_permissions(_storage->list, NULL, + &mode, &gid); if (create_maildir(_storage, path, mode, gid, TRUE) < 0) return NULL; return maildir_open(storage, "INBOX", flags); @@ -520,7 +521,8 @@ maildir_mailbox_open(struct mail_storage *_storage, const char *name, /* tmp/ directory doesn't exist. does the maildir? */ if (stat(path, &st) == 0) { /* yes, we'll need to create the missing dirs */ - mailbox_list_get_dir_permissions(_storage->list, &mode, &gid); + mailbox_list_get_dir_permissions(_storage->list, name, + &mode, &gid); if (create_maildir(_storage, path, mode, gid, TRUE) < 0) return NULL; @@ -591,7 +593,7 @@ static int maildir_mailbox_create(struct mail_storage *_storage, st.st_mode & 0666, st.st_gid) < 0) return -1; } else { - mailbox_list_get_dir_permissions(_storage->list, + mailbox_list_get_dir_permissions(_storage->list, NULL, &st.st_mode, &st.st_gid); if (create_maildir(_storage, path, st.st_mode, st.st_gid, FALSE) < 0) diff --git a/src/lib-storage/index/mbox/mbox-storage.c b/src/lib-storage/index/mbox/mbox-storage.c index 416258898d..12fb02a595 100644 --- a/src/lib-storage/index/mbox/mbox-storage.c +++ b/src/lib-storage/index/mbox/mbox-storage.c @@ -733,7 +733,8 @@ static int mbox_mailbox_create(struct mail_storage *_storage, const char *name, p = directory ? path + strlen(path) : strrchr(path, '/'); if (p != NULL) { p = t_strdup_until(path, p); - mailbox_list_get_dir_permissions(_storage->list, &mode, &gid); + mailbox_list_get_dir_permissions(_storage->list, NULL, + &mode, &gid); if (mkdir_parents_chown(p, mode, (uid_t)-1, gid) < 0 && errno != EEXIST) { if (!mail_storage_set_error_from_errno(_storage)) { diff --git a/src/lib-storage/list/mailbox-list-fs.c b/src/lib-storage/list/mailbox-list-fs.c index d4ae5015db..a296a8eb72 100644 --- a/src/lib-storage/list/mailbox-list-fs.c +++ b/src/lib-storage/list/mailbox-list-fs.c @@ -287,7 +287,7 @@ static int fs_list_rename_mailbox(struct mailbox_list *list, /* create the hierarchy */ p = strrchr(newpath, '/'); if (p != NULL) { - mailbox_list_get_dir_permissions(list, &mode, &gid); + mailbox_list_get_dir_permissions(list, NULL, &mode, &gid); p = t_strdup_until(newpath, p); if (mkdir_parents_chown(p, mode, (uid_t)-1, gid) < 0 && errno != EEXIST) { diff --git a/src/lib-storage/list/subscription-file.c b/src/lib-storage/list/subscription-file.c index c1589071b5..e34ec63272 100644 --- a/src/lib-storage/list/subscription-file.c +++ b/src/lib-storage/list/subscription-file.c @@ -111,8 +111,8 @@ int subsfile_set_subscribed(struct mailbox_list *list, const char *path, dotlock_set.timeout = SUBSCRIPTION_FILE_LOCK_TIMEOUT; dotlock_set.stale_timeout = SUBSCRIPTION_FILE_CHANGE_TIMEOUT; - mailbox_list_get_permissions(list, &mode, &gid); - mailbox_list_get_dir_permissions(list, &dir_mode, &gid); + mailbox_list_get_permissions(list, NULL, &mode, &gid); + mailbox_list_get_dir_permissions(list, NULL, &dir_mode, &gid); fd_out = file_dotlock_open_mode(&dotlock_set, path, 0, mode, (uid_t)-1, gid, &dotlock); if (fd_out == -1 && errno == ENOENT) { diff --git a/src/lib-storage/mailbox-list.c b/src/lib-storage/mailbox-list.c index 6bd7a2fdc2..29e0219cdb 100644 --- a/src/lib-storage/mailbox-list.c +++ b/src/lib-storage/mailbox-list.c @@ -261,19 +261,19 @@ mailbox_list_get_namespace(const struct mailbox_list *list) return list->ns; } -void mailbox_list_get_permissions(struct mailbox_list *list, +void mailbox_list_get_permissions(struct mailbox_list *list, const char *name, mode_t *mode_r, gid_t *gid_r) { const char *path; struct stat st; - if (list->file_create_mode != (mode_t)-1) { + if (list->file_create_mode != (mode_t)-1 && name == NULL) { *mode_r = list->file_create_mode; *gid_r = list->file_create_gid; return; } - path = mailbox_list_get_path(list, NULL, MAILBOX_LIST_PATH_TYPE_DIR); + path = mailbox_list_get_path(list, name, MAILBOX_LIST_PATH_TYPE_DIR); if (stat(path, &st) < 0) { if (!ENOTFOUND(errno)) { mailbox_list_set_critical(list, "stat(%s) failed: %m", @@ -303,7 +303,7 @@ void mailbox_list_get_permissions(struct mailbox_list *list, list->file_create_gid = st.st_gid; } - if ((list->flags & MAILBOX_LIST_FLAG_DEBUG) != 0) { + if ((list->flags & MAILBOX_LIST_FLAG_DEBUG) != 0 && name == NULL) { i_info("Namespace %s: Using permissions from %s: " "mode=0%o gid=%ld", list->ns->prefix, path, (int)list->file_create_mode, @@ -316,11 +316,12 @@ void mailbox_list_get_permissions(struct mailbox_list *list, } void mailbox_list_get_dir_permissions(struct mailbox_list *list, + const char *name, mode_t *mode_r, gid_t *gid_r) { mode_t mode; - mailbox_list_get_permissions(list, &mode, gid_r); + mailbox_list_get_permissions(list, name, &mode, gid_r); /* add the execute bit if either read or write bit is set */ if ((mode & 0600) != 0) mode |= 0100; diff --git a/src/lib-storage/mailbox-list.h b/src/lib-storage/mailbox-list.h index 118a7e3251..61d9e92032 100644 --- a/src/lib-storage/mailbox-list.h +++ b/src/lib-storage/mailbox-list.h @@ -142,14 +142,15 @@ mailbox_list_get_flags(const struct mailbox_list *list) ATTR_PURE; struct mail_namespace * mailbox_list_get_namespace(const struct mailbox_list *list) ATTR_PURE; -/* Returns the mode and GID that should be used when creating new global files - to the mailbox list root directories. (gid_t)-1 is returned if it's not - necessary to change the default */ -void mailbox_list_get_permissions(struct mailbox_list *list, +/* Returns the mode and GID that should be used when creating new files to + the specified mailbox, or to mailbox list root if name is NULL. (gid_t)-1 is + returned if it's not necessary to change the default gid. */ +void mailbox_list_get_permissions(struct mailbox_list *list, const char *name, mode_t *mode_r, gid_t *gid_r); /* Like mailbox_list_get_permissions(), but add execute-bits for mode if either read or write bit is set (e.g. 0640 -> 0750). */ void mailbox_list_get_dir_permissions(struct mailbox_list *list, + const char *name, mode_t *mode_r, gid_t *gid_r); /* Returns TRUE if the name doesn't contain any invalid characters. diff --git a/src/plugins/acl/acl-backend-vfile-acllist.c b/src/plugins/acl/acl-backend-vfile-acllist.c index 3acee29feb..6e333c24b8 100644 --- a/src/plugins/acl/acl-backend-vfile-acllist.c +++ b/src/plugins/acl/acl-backend-vfile-acllist.c @@ -187,7 +187,7 @@ int acl_backend_vfile_acllist_rebuild(struct acl_backend_vfile *backend) /* Build it into a temporary file and rename() over. There's no need to use locking, because even if multiple processes are rebuilding the file at the same time the result should be the same. */ - mailbox_list_get_permissions(list, &mode, &gid); + mailbox_list_get_permissions(list, NULL, &mode, &gid); fd = safe_mkstemp(path, mode, (uid_t)-1, gid); if (fd == -1) { if (errno == EACCES) { diff --git a/src/plugins/acl/acl-backend-vfile.c b/src/plugins/acl/acl-backend-vfile.c index 82990058d6..33d40015b7 100644 --- a/src/plugins/acl/acl-backend-vfile.c +++ b/src/plugins/acl/acl-backend-vfile.c @@ -846,7 +846,8 @@ static int acl_backend_vfile_update_begin(struct acl_object_vfile *aclobj, int fd; /* first lock the ACL file */ - mailbox_list_get_permissions(_aclobj->backend->list, &mode, &gid); + mailbox_list_get_permissions(_aclobj->backend->list, _aclobj->name, + &mode, &gid); fd = file_dotlock_open_mode(&dotlock_set, aclobj->local_path, 0, mode, (uid_t)-1, gid, dotlock_r); if (fd == -1) { diff --git a/src/plugins/quota/quota-maildir.c b/src/plugins/quota/quota-maildir.c index 719348c68e..da9dd70ab0 100644 --- a/src/plugins/quota/quota-maildir.c +++ b/src/plugins/quota/quota-maildir.c @@ -238,8 +238,9 @@ static int maildirsize_write(struct maildir_quota_root *root, const char *path) for (i = 0; i < count; i++) { if ((storages[i]->ns->flags & NAMESPACE_FLAG_INBOX) != 0) { mailbox_list_get_permissions(storages[i]->ns->list, - &mode, &gid); + NULL, &mode, &gid); mailbox_list_get_dir_permissions(storages[i]->ns->list, + NULL, &dir_mode, &dir_gid); break; }