Mercurial > dovecot > core-2.2
changeset 10006:a425ba46a64c HEAD
lib-index: Take MAIL_INDEX_OPEN_FLAG_READONLY more seriously.
Don't do any filesystem changes to the index when it's set, even if
corrupted index files are detected.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Thu, 08 Oct 2009 20:10:49 -0400 |
parents | 910059d94bbc |
children | c862648185b8 |
files | src/lib-index/mail-cache.c src/lib-index/mail-index-map-read.c src/lib-index/mail-index-write.c src/lib-index/mail-index.c src/lib-index/mail-transaction-log-file.c src/lib-index/mail-transaction-log.c src/lib-index/mailbox-list-index.c |
diffstat | 7 files changed, 36 insertions(+), 15 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-index/mail-cache.c Thu Oct 08 20:09:20 2009 -0400 +++ b/src/lib-index/mail-cache.c Thu Oct 08 20:10:49 2009 -0400 @@ -29,11 +29,17 @@ function, cache->filepath); } +static void mail_cache_unlink(struct mail_cache *cache) +{ + if (!cache->index->readonly) + (void)unlink(cache->filepath); +} + void mail_cache_set_corrupted(struct mail_cache *cache, const char *fmt, ...) { va_list va; - (void)unlink(cache->filepath); + mail_cache_unlink(cache); /* mark the cache as unusable */ cache->hdr = NULL; @@ -225,18 +231,18 @@ if (hdr->version != MAIL_CACHE_VERSION) { /* version changed - upgrade silently */ - (void)unlink(cache->filepath); + mail_cache_unlink(cache); return FALSE; } if (hdr->compat_sizeof_uoff_t != sizeof(uoff_t)) { /* architecture change - handle silently(?) */ - (void)unlink(cache->filepath); + mail_cache_unlink(cache); return FALSE; } if (hdr->indexid != cache->index->indexid) { /* index id changed - handle silently */ - (void)unlink(cache->filepath); + mail_cache_unlink(cache); return FALSE; } if (hdr->file_seq == 0) {
--- a/src/lib-index/mail-index-map-read.c Thu Oct 08 20:09:20 2009 -0400 +++ b/src/lib-index/mail-index-map-read.c Thu Oct 08 20:10:49 2009 -0400 @@ -433,7 +433,7 @@ ret = mail_index_sync_map(&index->map, type, TRUE); } - } else if (ret == 0) { + } else if (ret == 0 && index->readonly) { /* make sure we don't try to open the file again */ if (unlink(index->filepath) < 0 && errno != ENOENT) mail_index_set_syscall_error(index, "unlink()");
--- a/src/lib-index/mail-index-write.c Thu Oct 08 20:09:20 2009 -0400 +++ b/src/lib-index/mail-index-write.c Thu Oct 08 20:10:49 2009 -0400 @@ -188,7 +188,7 @@ i_assert(index->log_locked); - if (!mail_index_map_has_changed(map)) + if (!mail_index_map_has_changed(map) || index->readonly) return; if (hdr->base_header_size < sizeof(*hdr)) {
--- a/src/lib-index/mail-index.c Thu Oct 08 20:09:20 2009 -0400 +++ b/src/lib-index/mail-index.c Thu Oct 08 20:10:49 2009 -0400 @@ -580,7 +580,7 @@ const char *path; int last_errno = 0; - if (MAIL_INDEX_IS_IN_MEMORY(index)) + if (MAIL_INDEX_IS_IN_MEMORY(index) || index->readonly) return 0; /* main index */ @@ -737,8 +737,11 @@ index->indexid = 0; index->map->hdr.flags |= MAIL_INDEX_HDR_FLAG_CORRUPTED; - if (unlink(index->filepath) < 0 && errno != ENOENT && errno != ESTALE) - mail_index_set_syscall_error(index, "unlink()"); + if (!index->readonly) { + if (unlink(index->filepath) < 0 && + errno != ENOENT && errno != ESTALE) + mail_index_set_syscall_error(index, "unlink()"); + } } void mail_index_fchown(struct mail_index *index, int fd, const char *path)
--- a/src/lib-index/mail-transaction-log-file.c Thu Oct 08 20:09:20 2009 -0400 +++ b/src/lib-index/mail-transaction-log-file.c Thu Oct 08 20:10:49 2009 -0400 @@ -31,7 +31,8 @@ file->corrupted = TRUE; file->hdr.indexid = 0; - if (!MAIL_TRANSACTION_LOG_FILE_IN_MEMORY(file)) { + if (!MAIL_TRANSACTION_LOG_FILE_IN_MEMORY(file) && + !file->log->index->readonly) { /* indexid=0 marks the log file as corrupted */ unsigned int offset = offsetof(struct mail_transaction_log_header, indexid); @@ -354,8 +355,7 @@ static ssize_t mail_transaction_log_file_read_header(struct mail_transaction_log_file *file) { - ssize_t pos; - int ret; + ssize_t pos, ret; memset(&file->hdr, 0, sizeof(file->hdr)); @@ -643,6 +643,13 @@ i_assert(!MAIL_INDEX_IS_IN_MEMORY(index)); + if (file->log->index->readonly) { + mail_index_set_error(index, + "Can't create log file %s: Index is read-only", + file->filepath); + return -1; + } + /* With dotlocking we might already have path.lock created, so this filename has to be different. */ old_mask = umask(index->mode ^ 0666); @@ -697,7 +704,10 @@ if (ret == 0) { /* corrupted */ - if (unlink(file->filepath) < 0 && errno != ENOENT) { + if (file->log->index->readonly) { + /* don't delete */ + } else if (unlink(file->filepath) < 0 && + errno != ENOENT) { mail_index_set_error(file->log->index, "unlink(%s) failed: %m", file->filepath);
--- a/src/lib-index/mail-transaction-log.c Thu Oct 08 20:09:20 2009 -0400 +++ b/src/lib-index/mail-transaction-log.c Thu Oct 08 20:10:49 2009 -0400 @@ -58,7 +58,8 @@ return; } - if (st.st_mtime + MAIL_TRANSACTION_LOG2_STALE_SECS <= ioloop_time) { + if (st.st_mtime + MAIL_TRANSACTION_LOG2_STALE_SECS <= ioloop_time && + !log->index->readonly) { if (unlink(log->filepath2) < 0 && errno != ENOENT) { mail_index_set_error(log->index, "unlink(%s) failed: %m", log->filepath2);
--- a/src/lib-index/mailbox-list-index.c Thu Oct 08 20:09:20 2009 -0400 +++ b/src/lib-index/mailbox-list-index.c Thu Oct 08 20:10:49 2009 -0400 @@ -88,7 +88,8 @@ int mailbox_list_index_set_corrupted(struct mailbox_list_index *index, const char *str) { - (void)unlink(index->filepath); + if (!index->mail_index->readonly) + (void)unlink(index->filepath); mailbox_list_index_file_close(index); i_error("Corrupted mailbox list index file %s: %s",