Mercurial > dovecot > core-2.2
changeset 19892:2dfbb1ffd0a9
doveadm-server: Drop privileges only temporarily when running mail commands.
This allows running mail commands for multiple users within the same doveadm
connection.
| author | Timo Sirainen <timo.sirainen@dovecot.fi> |
|---|---|
| date | Mon, 29 Feb 2016 13:02:40 +0200 |
| parents | e8bcb0600fb6 |
| children | c5941257db02 |
| files | src/doveadm/doveadm-mail.c src/doveadm/doveadm-mail.h |
| diffstat | 2 files changed, 8 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/doveadm/doveadm-mail.c Mon Feb 29 10:31:37 2016 +0200 +++ b/src/doveadm/doveadm-mail.c Mon Feb 29 13:02:40 2016 +0200 @@ -584,6 +584,10 @@ if (ctx->cur_username == NULL) i_fatal_status(EX_USAGE, "USER environment is missing and -u option not used"); + if (!ctx->cli) { + /* we may access multiple users */ + ctx->service_flags |= MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP; + } memset(&cctx, 0, sizeof(cctx)); cctx.username = ctx->cur_username; @@ -631,6 +635,7 @@ ctx = doveadm_mail_cmdline_init(cmd); ctx->full_args = (const void *)(argv + 1); + ctx->cli = TRUE; getopt_args = "AF:S:u:"; /* keep context's getopt_args first in case it contains '+' */ @@ -1000,6 +1005,7 @@ array_append_zero(&pargv); mctx->args = array_idx(&pargv, 0); mctx->full_args = mctx->args; + mctx->cli = cctx->cli; doveadm_mail_cmd_exec(mctx, wildcard_user); doveadm_mail_cmd_free(mctx);
--- a/src/doveadm/doveadm-mail.h Mon Feb 29 10:31:37 2016 +0200 +++ b/src/doveadm/doveadm-mail.h Mon Feb 29 13:02:40 2016 +0200 @@ -97,6 +97,8 @@ unsigned int iterate_single_user:1; /* We're going through all users (not set for wildcard usernames) */ unsigned int iterate_all_users:1; + /* Running from CLI doveadm (not doveadm-server) */ + unsigned int cli:1; }; struct doveadm_mail_cmd {