thr3ads.net - dovecot - [Dovecot] FreeBSD - dovecot: We couldn't drop root group privileges [Aug 2004]

If this information is useful, please help other people find it:
Share via:

Igor B. Bykhalo

2004-Aug-24 09:07 UTC

[Dovecot] FreeBSD - dovecot: We couldn't drop root group privileges

Hi,
I installed Dovecot on FreeBSD 4-STABLE machine
and have a problem.

MTA is postfix delivering to ~/Maildir, runs perfectly.

Dovecot is configured to use plaintext auth, config file
is at the end of this mail.

When trying to get mail via IMAP, I'm getting the following
errors:

/var/log/dovecot.log
> Aug 24 12:00:35 Info: Dovecot starting up
> Aug 24 12:00:51 Info: Login: goshik [193.233.44.234] 
/var/log/maillog
> Aug 24 12:00:51 banka dovecot: We couldn't drop root group privileges
> Aug 24 12:00:51 banka imap(goshik): child 2045 (imap) returned error 89
Am I missing something? What was done incorrectly?

Help please,
Igor

--------------------------------------------
/usr/local/etc/dovecot.conf
> ## Dovecot 1.0 configuration file
>
> #base_dir = /var/run/dovecot/
>
> protocols = imap pop3
> imap_listen = 193.233.44.213
> pop3_listen = 193.233.44.213
> ssl_disable = yes
>
> #disable_plaintext_auth = no
>
> #log_path > info_log_path = /var/log/dovecot.log
> #login_dir = /var/run/dovecot/login
> #login_chroot = yes
>
> login = imap
> login_user = dovecot
>
> login = pop3
>
> #max_mail_processes = 1024
> verbose_proctitle = yes
> #verbose_ssl = no
> #first_valid_uid = 500
> #last_valid_uid = 0
> first_valid_gid = 0
> #last_valid_gid = 0
> 
> valid_chroot_dirs = /var/mail
> #mail_chroot = 
> 
> default_mail_env = maildir:%h/Maildir
> 
> #mail_cache_fields = MessagePart
> #mail_never_cache_fields = 
> 
> client_workarounds = oe6-fetch-no-newmail outlook-idle outlook-pop3-no-nuls
> 
> #mail_full_filesystem_access = no
> #mail_max_flag_length = 50
> #mail_save_crlf = no
> #mail_read_mmaped = no
> 
> #maildir_stat_dirs = no
> maildir_copy_with_hardlinks = yes
> #maildir_check_content_changes = no
> 
> #umask = 0077
> 
> mail_drop_priv_before_exec = no
> 
> #imap_executable = /usr/local/libexec/dovecot/imap
> #imap_process_size = 256
> #imap_use_modules = no
> #imap_modules = /usr/local/lib/dovecot/imap
> 
> #pop3_executable = /usr/local/libexec/dovecot/pop3
> #pop3_process_size = 256
> #pop3_use_modules = no
> #pop3_modules = /usr/local/lib/dovecot/pop3
> 
> auth = default
> auth_mechanisms = plain
> #auth_realms > #auth_default_realm = 
> auth_userdb = passwd
> auth_passdb = passwd
> #auth_executable = /usr/local/libexec/dovecot/dovecot-auth
> #auth_process_size = 256
> auth_user = root
> #auth_chroot = 
> #auth_count = 1
> #auth_username_chars =
abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ01234567890.-_@
> #auth_anonymous_username = anonymous
> auth_verbose = yes
> 
> #auth = digest_md5
> #auth_methods = digest-md5
> #auth_realms = 
> #auth_userdb = passwd-file /etc/passwd.imap
> #auth_passdb = passwd-file /etc/passwd.imap
> #auth_user = imapauth
> #auth_chroot =

Igor B. Bykhalo

2004-Aug-24 15:52 UTC

head link

[Dovecot] (straced) FreeBSD - dovecot: We couldn't drop root group privileges

In addition to my previous mail:

Here is strace of dovecot-auth
> 8103  gettimeofday({1093361203, 316780}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=0,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=9,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL, revents=POLLIN}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 8, 4999) = 1
> 8103  gettimeofday({1093361207, 953058}, {0, 0}) = 0
> 8103  read(9, "\1\0\0\0\1\0\0\0\1\0\0\0\1\0\0\0", 4092) = 16
> 8103  write(9, "\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 20) =
20
> 8103  gettimeofday({1093361207, 953333}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=0,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=9,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL, revents=POLLIN}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 8, 362) = 1
> 8103  gettimeofday({1093361207, 953510}, {0, 0}) = 0
> 8103  read(9, "\2\0\0\0\1\0\0\0\20\0\0\0\0goshik\0cug83air",
4076) = 28
> 8103  geteuid(0x2821d7ac)               = 0
> 8103  stat("/etc/spwd.db", {st_mode=S_IFREG|0600, st_size=57344,
...}) = 0
> 8103  open("/etc/spwd.db", O_RDONLY)    = 13
> 8103  fcntl(13, F_SETFD, FD_CLOEXEC)    = 0
> 8103  read(13,
"\0\6\25a\0\0\0\2\0\0\4\322\0\0\20\0\0\0\0\f\0\0\1\0\0\0"..., 260) =
260
> 8103  lseek(13, 28672, SEEK_SET)        = 28672
> 8103  read(13,
"L\0\373\17\302\17\275\17u\17o\17\'\17\"\17\347\16\342\16"...,
4096) = 4096
> 8103  close(13)                         = 0
> 8103  write(9,
"\1\0\0\0\2\0\0\0\0\0\0\0\377\377\377\377\7\0\0\0", 20) = 20
> 8103  write(9, "goshik\0", 7)           = 7
> 8103  gettimeofday({1093361207, 956126}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=0,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL, revents=POLLIN}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=9,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 8, 359) = 1
> 8103  gettimeofday({1093361207, 956281}, {0, 0}) = 0
> 8103  recvfrom(0, "\10\0\0\0\1\0\0\0\336\37\0\0", 12, 0, NULL,
NULL) = 12
> 8103  geteuid(0x2821d7ac)               = 0
> 8103  stat("/etc/spwd.db", {st_mode=S_IFREG|0600, st_size=57344,
...}) = 0
> 8103  open("/etc/spwd.db", O_RDONLY)    = 13
> 8103  fcntl(13, F_SETFD, FD_CLOEXEC)    = 0
> 8103  read(13,
"\0\6\25a\0\0\0\2\0\0\4\322\0\0\20\0\0\0\0\f\0\0\1\0\0\0"..., 260) =
260
> 8103  lseek(13, 28672, SEEK_SET)        = 28672
> 8103  read(13,
"L\0\373\17\302\17\275\17u\17o\17\'\17\"\17\347\16\342\16"...,
4096) = 4096
> 8103  close(13)                         = 0
> 8103  write(0,
"\10\0\0\0\1\0\0\0\351\3\0\0\0\0\0\0\0\0\0\0\7\0\0\0\16"..., 67) = 67
> 8103  gettimeofday({1093361207, 960232}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=0,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=9,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL, revents=POLLIN}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 8, 355) = 1
> 8103  gettimeofday({1093361207, 960600}, {0, 0}) = 0
> 8103  read(9, "", 4048)                 = 0
> 8103  close(9)                          = 0
> 8103  gettimeofday({1093361207, 960834}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=0,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 7, 355) = 0
> 8103  gettimeofday({1093361208, 326562}, {0, 0}) = 0
> 8103  gettimeofday({1093361208, 326643}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=0,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 7, 0) = 0
> 8103  gettimeofday({1093361208, 326799}, {0, 0}) = 0
> 8103  gettimeofday({1093361208, 326888}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL,
revents=POLLIN}, {fd=0, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 7, 4999) = 1
> 8103  gettimeofday({1093361208, 620235}, {0, 0}) = 0
> 8103  accept(3, {sa_family=AF_UNIX, path=@}, [16]) = 9
> 8103  fcntl(9, F_GETFL)                 = 0x6 (flags O_RDWR|O_NONBLOCK)
> 8103  fcntl(9, F_SETFL, O_RDWR|O_NONBLOCK) = 0
> 8103  fstat(9, {st_mode=S_IFSOCK|0666, st_size=4, ...}) = 0
> 8103  lseek(9, 0, SEEK_CUR)             = -1 ESPIPE (Illegal seek)
> 8103  getsockname(9, {sa_family=AF_UNIX,
path="/var/run/dovecot/login/def0????     "}, [28]) = 0                                                                       
^^^^^^^^^^^^^^^^^
Oops!                                                                  
What's this?
> 8103  write(9, "\247\37\0\0\1\0\0\0", 8) = 8
> 8103  gettimeofday({1093361208, 620917}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=0,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=9,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL, revents=POLLIN}], 8, 4705) = 1
> 8103  gettimeofday({1093361208, 621073}, {0, 0}) = 0
> 8103  read(9, "\2320\0\0", 4096)        = 4
> 8103  gettimeofday({1093361208, 621228}, NULL) = 0
> 8103  poll([{fd=3, events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=0,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=12,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=7,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=8,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=10,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=11,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}, {fd=9,
events=POLLIN|POLLPRI|POLLERR|POLLHUP|POLLNVAL}], 8, 4704) = 0
And here is how paths in /var are looking:
> /var/mail:
> total 2
> -rw-------  1 dovecot  dovecot    0 23 Aug 20:32 dovecot
> drwxr-xr-x  2 goshik   network  512 24 Aug 18:34 goshik
> -rw-------  1 postfix  postfix    0 23 Aug 16:59 postfix
> 
> /var/run/dovecot/login:
> total 0
> srw-rw----  1 root  dovecot  0 24 Aug 18:58 default
I also straced dovecot process, but it showed no visible (to me) errors.

TIA,
Igor

Apparently Analagous Threads

Search for more apparently analagous threads

dovecot - Aug 2004 - FreeBSD - dovecot: We couldn't drop root group privileges

[Dovecot] FreeBSD - dovecot: We couldn't drop root group privileges

[Dovecot] (straced) FreeBSD - dovecot: We couldn't drop root group privileges

Apparently Analagous Threads