Mercurial > dovecot > original-hg > dovecot-1.2

changeset 8861:9d00503821d6 HEAD

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mail_privileged_group setting prevents core dumps - mention it in logging.
author Timo Sirainen <tss@iki.fi>
date Wed, 25 Mar 2009 15:38:57 -0400
parents 7bdc9d0bc9e6
children 2653007d906d
files src/master/child-process.c src/master/mail-process.c
diffstat 2 files changed, 7 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/src/master/child-process.c	Wed Mar 25 14:46:47 2009 -0400
+++ b/src/master/child-process.c	Wed Mar 25 15:38:57 2009 -0400
@@ -162,6 +162,10 @@
 			str_append(str, " (core not dumped - set mail_drop_priv_before_exec=yes)");
 			return;
 		}
+		if (*settings_root->defaults->mail_privileged_group != '\0') {
+			str_append(str, " (core not dumped - mail_privileged_group prevented it)");
+			return;
+		}
 #endif
 		str_append(str, " (core not dumped - is home dir set?)");
 		return;
--- a/src/master/mail-process.c	Wed Mar 25 14:46:47 2009 -0400
+++ b/src/master/mail-process.c	Wed Mar 25 15:38:57 2009 -0400
@@ -905,8 +905,9 @@
 	if (set->mail_drop_priv_before_exec) {
 		restrict_access_by_env(TRUE);
 		/* privileged GID is now only in saved-GID. if we want to
-		   preserve it accross exec, it needs to be temporarily
-		   in effective gid */
+		   preserve it across exec, it needs to be temporarily
+		   in effective gid. unfortunately this also causes kernel
+		   to think we're a setgid-program. */
 		restrict_access_use_priv_gid();
 	}