maildir.c mods:msg_info("TESTING1 set_eugid: euid %ld egid %ld", (long) usr_attr.uid, (long) usr_attr.gid);
set_eugid(usr_attr.uid, usr_attr.gid);
msg_info("TESTING2 set_eugid: euid %ld egid %ld", (long) usr_attr.uid,
(long) usr_attr.gid);
Nov 30 22:21:55 sunsaturn postfix/virtual[53617]: deliver_maildir[3]: recip te...@test2.com deliver te...@test2.com Nov 30 22:21:55 sunsaturn postfix/virtual[53617]: TESTING1 set_eugid: euid 2003 egid 2001 Nov 30 22:21:55 sunsaturn postfix/virtual[53617]: set_eugid: euid 2003 egid 2001 Nov 30 22:21:55 sunsaturn postfix/virtual[53617]: TESTING2 set_eugid: euid 2003 egid 2001 Nov 30 22:21:55 sunsaturn postfix/virtual[53617]: set_eugid: euid 125 egid 125
Appears to be a freebsd issue with GID from what I can see if this works for linux users.
Either way I was hoping for a mod on maildir.c for initial create of directory as root.
Can debug gid issue more if you like to get freebsd to play nice, but uid is only thing that will matter regardless for permissions, but be nice to fix anyways.
Dan. On Tue, 30 Nov 2010, Dan wrote:
#####################Chmod 755 mkdir problem#########################Ok enabling "virtual -v" and nuking /website/vuser with chmod 755 on it we have: Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: deliver_mailbox[2]: recip te...@test2.com deliver te...@test2.com Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_get_active: attempting to connect to host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful connection to host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful query from host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_lookup: retrieved 1 rows Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: maps_find: virtual_mailbox_maps: mysql:/usr/local/etc/postfix/mysql_mailbox.cf(0,lock|no_regsub|no_proxy|no_unauth): te...@test2.com = test2.com/test2/Maildir/ Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: mail_addr_find: te...@test2.com -> test2.com/test2/Maildir/ Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_get_active: attempting to connect to host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful connection to host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful query from host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_lookup: retrieved 1 rows Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: maps_find: virtual_uid_maps: mysql:/usr/local/etc/postfix/mysql_uids.cf(0,lock|no_regsub|no_proxy|no_unauth): te...@test2.com = 2003 Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: mail_addr_find: te...@test2.com -> 2003 Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_get_active: attempting to connect to host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful connection to host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql: successful query from host unix:/tmp/mysql.sock Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: dict_mysql_lookup: retrieved 1 rows Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: maps_find: virtual_gid_maps: mysql:/usr/local/etc/postfix/mysql_gids.cf(0,lock|no_regsub|no_proxy|no_unauth): te...@test2.com = 2001 Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: mail_addr_find: te...@test2.com -> 2001 Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: deliver_mailbox[2]: set user_attr: /website/vuser/test2.com/test2/Maildir/, uid = 2003, gid = 2001 Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: deliver_maildir[3]: recip te...@test2.com deliver te...@test2.com Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: set_eugid: euid 2003 egid 2001 Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: set_eugid: euid 125 egid 125 Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: warning: maildir access problem for UID/GID=2003/2001: create maildir file /website/vuser/test2.com/test2/Maildir/tmp/1291172927.P25625.sunsaturn.com: Permission denied Nov 30 21:08:47 sunsaturn postfix/virtual[25625]: warning: perhaps you need to create the maildirs in advance#####################Chmod 777 GID problem######################### lets go back to chmod 777 /website/vuser and check GID issues:Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: deliver_mailbox[2]: recip te...@test2.com deliver te...@test2.com Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_get_active: attempting to connect to host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful connection to host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful query from host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_lookup: retrieved 1 rows Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: maps_find: virtual_mailbox_maps: mysql:/usr/local/etc/postfix/mysql_mailbox.cf(0,lock|no_regsub|no_proxy|no_unauth): te...@test2.com = test2.com/test2/Maildir/ Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: mail_addr_find: te...@test2.com -> test2.com/test2/Maildir/ Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_get_active: attempting to connect to host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful connection to host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful query from host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_lookup: retrieved 1 rows Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: maps_find: virtual_uid_maps: mysql:/usr/local/etc/postfix/mysql_uids.cf(0,lock|no_regsub|no_proxy|no_unauth): te...@test2.com = 2003 Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: mail_addr_find: te...@test2.com -> 2003 Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_get_active: attempting to connect to host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful connection to host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql: successful query from host unix:/tmp/mysql.sock Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: dict_mysql_lookup: retrieved 1 rows Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: maps_find: virtual_gid_maps: mysql:/usr/local/etc/postfix/mysql_gids.cf(0,lock|no_regsub|no_proxy|no_unauth): te...@test2.com = 2001 Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: mail_addr_find: te...@test2.com -> 2001 Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: deliver_mailbox[2]: set user_attr: /website/vuser/test2.com/test2/Maildir/, uid = 2003, gid = 2001 Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: deliver_maildir[3]: recip te...@test2.com deliver te...@test2.com Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: set_eugid: euid 2003 egid 2001 Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: set_eugid: euid 125 egid 125 Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: 6FE80119C5B: to=<te...@test2.com>, relay=virtual, delay=0.06, delays=0.03/0.02/0/0.01, dsn=2.0.0, status=sent (delivered to maildir) Nov 30 21:13:24 sunsaturn postfix/virtual[25712]: deliver_request_final: send: "" 0src/virtual/mailbox.c:deliver_maildir(): set_eugid(usr_attr.uid, usr_attr.gid); /* Creates files, writes data, ... */I can only think there is an issue here with usr_attr.gid for GID problem.For creating initial directory it should set_eugid(0,0); create directory then change permissions on it because how are we suppose to not 777 the directory if everytime it creates a new file in there its owned by uid 2002 then 2003 then 2004 and so on...Code is fine way it is except for initial creation. Another note: I beleive you made a typo?src/virtual/mailbox.c:deliver_maildir():should be src/virtual/maildir.c:deliver_maildir(): Lets modify src/virtual/maildir.c to just touch a /tmp/file after set_eugid(usr_attr.uid, usr_attr.gid); by placing system("/usr/bin/touch /tmp/gid_debug.txt"); right after and see what /tmp/gid_debug.txt looks like. sunsaturn:/usr/ports/mail/postfix-current# echo test|mail te...@test2.com sunsaturn:/usr/ports/mail/postfix-current# ls -al /tmp/gid* -rw------- 1 2003 wheel 0 Nov 30 21:54 /tmp/gid_debug.txt sunsaturn:/usr/ports/mail/postfix-current# so we definately have an issue with usr_attr.gid here somewhere. for your own reference: sunsaturn:/website/vuser# tmp=$(mktemp /tmp/test.XXXXXX) sunsaturn:/website/vuser# chown 2003:2001 "$tmp" sunsaturn:/website/vuser# ls -l "$tmp" -rw------- 1 2003 vuser 0 Nov 30 21:19 /tmp/test.Kev8V1 sunsaturn:/website/vuser# rm "$tmp" Dan. On Tue, 30 Nov 2010, Victor Duchovni wrote:On Tue, Nov 30, 2010 at 07:39:39PM -0600, Dan wrote:virtual_gid_maps = mysql:$config_directory/mysql_gids.cf virtual_minimum_uid = 2002 virtual_uid_maps = mysql:$config_directory/mysql_uids.cf Mysql relevant table entries: email domain maildir te...@test.com test2.com test2.com/test2/Maildir/ uid gid 2003 2001And in /etc/group, what is group 2001?Now lets chmod 777 /website/vuser so that it can create directories under UID/GID=2003/2001 as it wants but in fact see that gid never is 2001. Gid 2001 under my system is vuser: sunsaturn:~# grep 2001 /etc/group vuser:*:2001:Prove this by posting the output of: # tmp=$(mktemp /tmp/test.XXXXXX) # chown 2003:2001 "$tmp" # ls -l "$tmp" # rm "$tmp"sunsaturn:~# chmod 777 /website/vuser; cd /website/vuserNever use world-writable directories in this context.Nov 30 19:28:03 sunsaturn postfix/virtual[23237]: DC276119C60: to=<te...@test2.com>, relay=virtual, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (delivered to maildir) Nov 30 19:29:03 sunsaturn postfix/virtual[23237]: 3EA8C119C56: to=<te...@test2.com>, relay=virtual, delay=372, delays=372/0/0/0, dsn=2.0.0, status=sent (delivered to maildir)-rw------- 1 2003 postfix 347 Nov 30 19:28 test2.com/test2/Maildir/new/1291166883.V59Ib97008M906598.sunsaturn.com -rw------- 1 2003 postfix 347 Nov 30 19:29 test2.com/test2/Maildir/new/1291166943.V59Ib97001M911353.sunsaturn.comWell Postfix asks the operating system nicely by setting its effective uid and gid. If the operating system does not cooperate, you need to find out why. src/virtual/mailbox.c:deliver_mailbox(): /* Look up the mailbox owner rights. Defer in case of trouble. */ uid_res = mail_addr_find(virtual_uid_maps, state.msg_attr.user, IGNORE_EXTENSION); if (uid_res == 0) { /* error handling */ }if ((n = atol(uid_res)) < var_virt_minimum_uid) { /* error handling */ }usr_attr.uid = (uid_t) n; /* Look up the mailbox group rights. Defer in case of trouble. */ gid_res = mail_addr_find(virtual_gid_maps, state.msg_attr.user, IGNORE_EXTENSION); if (gid_res == 0) { /* error handling */ } if ((n = atol(gid_res)) <= 0) { /* error handling */ } usr_attr.gid = (gid_t) n; if (msg_verbose) msg_info("%s[%d]: set user_attr: %s, uid = %u, gid = %u", myname, state.level, usr_attr.mailbox, (unsigned) usr_attr.uid, (unsigned) usr_attr.gid); You can configure "virtual -v" in master.cf to see the uid/gid logged. /* Deliver to mailbox or to maildir. */ #define LAST_CHAR(s) (s[strlen(s) - 1]) if (LAST_CHAR(usr_attr.mailbox) == '/') *statusp = deliver_maildir(state, usr_attr); else *statusp = deliver_mailbox_file(state, usr_attr); src/virtual/mailbox.c:deliver_maildir(): set_eugid(usr_attr.uid, usr_attr.gid); /* Creates files, writes data, ... */ set_eugid(var_owner_uid, var_owner_gid); -- Viktor.
