From fdaf2bbdd5cdae59602e33005cc7acf7d3c88f1a Mon Sep 17 00:00:00 2001
From: Timo Sirainen <tss@iki.fi>
Date: Sun, 25 May 2008 15:10:59 +0300
Subject: [PATCH] expire-tool: Fixed changing uid/gid.

--HG--
branch : HEAD
---
 src/plugins/expire/auth-client.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/plugins/expire/auth-client.c b/src/plugins/expire/auth-client.c
index 915a0fbfce..c460795b79 100644
--- a/src/plugins/expire/auth-client.c
+++ b/src/plugins/expire/auth-client.c
@@ -130,20 +130,24 @@ static void auth_parse_input(struct auth_connection *conn, const char *args)
 		return;
 	}
 
+	if (uid != conn->current_uid && conn->current_uid != 0) {
+		if (seteuid(0) != 0)
+			i_fatal("seteuid(0) failed: %m");
+		conn->current_uid = 0;
+	}
+
+	/* change GID */
+	restrict_access_by_env(FALSE);
+
 	/* we'll change only effective UID. This is a bit unfortunate since
 	   it allows reverting back to root, but we'll have to be able to
 	   access different users' mailboxes.. */
 	if (uid != conn->current_uid) {
-		if (conn->current_uid != 0) {
-			if (seteuid(0) != 0)
-				i_fatal("seteuid(0) failed: %m");
-		}
 		if (seteuid(uid) < 0)
 			i_fatal("seteuid(%s) failed: %m", dec2str(uid));
 		conn->current_uid = uid;
 	}
 
-	restrict_access_by_env(FALSE);
 	conn->return_value = 1;
 }
 
-- 
2.47.3