From 456e3cf1a6333eec28468c34d75ebcb6d723b71f Mon Sep 17 00:00:00 2001 From: Timo Sirainen Date: Sun, 25 May 2008 01:52:17 +0300 Subject: [PATCH] mbox: If INBOX creation fails because of EACCES, try with privileged group enabled. --HG-- branch : HEAD --- dovecot-example.conf | 2 +- src/lib-storage/index/mbox/mbox-storage.c | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/dovecot-example.conf b/dovecot-example.conf index b9c07d4e2c..e9a2e40bb9 100644 --- a/dovecot-example.conf +++ b/dovecot-example.conf @@ -270,7 +270,7 @@ #mail_gid = # Group to enable temporarily for privileged operations. Currently this is -# used only for creating mbox dotlock files when creation fails for INBOX. +# used only with INBOX when either its initial creation or dotlocking fails. # Typically this is set to "mail" to give access to /var/mail. #mail_privileged_group = diff --git a/src/lib-storage/index/mbox/mbox-storage.c b/src/lib-storage/index/mbox/mbox-storage.c index 04061392a3..3b2b0189cf 100644 --- a/src/lib-storage/index/mbox/mbox-storage.c +++ b/src/lib-storage/index/mbox/mbox-storage.c @@ -4,6 +4,7 @@ #include "ioloop.h" #include "array.h" #include "istream.h" +#include "restrict-access.h" #include "mkdir-parents.h" #include "unlink-directory.h" #include "home-expand.h" @@ -472,6 +473,12 @@ static int verify_inbox(struct mail_storage *storage) /* make sure inbox file itself exists */ fd = open(inbox_path, O_RDWR | O_CREAT | O_EXCL, 0660); + if (fd == -1 && errno == EACCES) { + /* try again with increased privileges */ + (void)restrict_access_use_priv_gid(); + fd = open(inbox_path, O_RDWR | O_CREAT | O_EXCL, 0660); + restrict_access_drop_priv_gid(); + } if (fd != -1) (void)close(fd); else if (errno == ENOTDIR && -- 2.47.3