172
174
static const struct setting_define master_setting_defines[] = {
173
175
DEF(SET_STR, base_dir),
176
DEF(SET_STR, state_dir),
174
177
DEF(SET_STR, libexec_dir),
175
178
DEF(SET_STR, instance_name),
176
179
DEF(SET_STR, import_environment),
212
215
static const struct master_settings master_default_settings = {
213
216
.base_dir = PKG_RUNDIR,
217
.state_dir = PKG_STATEDIR,
214
218
.libexec_dir = PKG_LIBEXECDIR,
215
219
.instance_name = PACKAGE,
216
.import_environment = "TZ" ENV_SYSTEMD ENV_GDB,
220
.import_environment = "TZ DEBUG_OUTOFMEM" ENV_SYSTEMD ENV_GDB,
217
221
.protocols = "imap pop3 lmtp",
218
222
.listen = "*, ::",
219
223
.ssl = "yes:no:required",
496
500
for (i = 0; i < count; i++) {
497
501
struct service_settings *service = services[i];
499
if (*service->executable == '\0') {
500
*error_r = t_strdup_printf("service(%s): "
501
"executable is empty", service->name);
503
if (*service->protocol != '\0' &&
504
!str_array_find((const char **)set->protocols_split,
505
service->protocol)) {
506
/* protocol not enabled, ignore its settings */
504
if (*service->executable != '/') {
510
if (*service->executable != '/' &&
511
*service->executable != '\0') {
505
512
service->executable =
506
513
p_strconcat(pool, set->libexec_dir, "/",
507
514
service->executable, NULL);
553
if (*service->protocol != '\0' &&
554
str_array_find((const char **)set->protocols_split,
555
service->protocol)) {
560
if (*service->protocol != '\0') {
556
561
/* each imap/pop3/lmtp process can use up a connection,
557
562
although if service_count=1 it's only temporary */
558
563
if (service->service_count != 1 ||
708
713
(void)closedir(dirp);
711
bool master_settings_do_fixes(const struct master_settings *set)
717
mkdir_login_dir(const struct master_settings *set, const char *login_dir)
713
const char *login_dir, *empty_dir;
717
/* since base dir is under /var/run by default, it may have been
719
if (mkdir_parents(set->base_dir, 0755) < 0 && errno != EEXIST) {
720
i_error("mkdir(%s) failed: %m", set->base_dir);
723
/* allow base_dir to be a symlink, so don't use lstat() */
724
if (stat(set->base_dir, &st) < 0) {
725
i_error("stat(%s) failed: %m", set->base_dir);
728
if (!S_ISDIR(st.st_mode)) {
729
i_error("%s is not a directory", set->base_dir);
732
if ((st.st_mode & 0755) != 0755) {
733
i_warning("Fixing permissions of %s to be world-readable",
735
if (chmod(set->base_dir, 0755) < 0)
736
i_error("chmod(%s) failed: %m", set->base_dir);
739
/* Make sure our permanent state directory exists */
740
if (mkdir_parents(PKG_STATEDIR, 0750) < 0 && errno != EEXIST) {
741
i_error("mkdir(%s) failed: %m", PKG_STATEDIR);
745
login_dir = t_strconcat(set->base_dir, "/login", NULL);
746
722
if (settings_have_auth_unix_listeners_in(set, login_dir)) {
747
723
/* we are not using external authentication, so make sure the
748
724
login directory exists with correct permissions and it's
749
725
empty. with external auth we wouldn't want to delete
750
726
existing sockets or break the permissions required by the
752
mode_t mode = login_want_core_dumps(set, &gid) ? 0770 : 0750;
728
mode = login_want_core_dumps(set, &gid) ? 0770 : 0750;
753
729
if (safe_mkdir(login_dir, mode, master_uid, gid) == 0) {
754
730
i_warning("Corrected permissions for login directory "
755
731
"%s", login_dir);
758
734
unlink_sockets(login_dir, "");
760
736
/* still make sure that login directory exists */
761
if (mkdir(login_dir, 0755) < 0 && errno != EEXIST) {
762
i_error("mkdir(%s) failed: %m", login_dir);
737
if (mkdir(login_dir, 0755) < 0 && errno != EEXIST)
738
i_fatal("mkdir(%s) failed: %m", login_dir);
742
void master_settings_do_fixes(const struct master_settings *set)
744
const char *empty_dir;
747
/* since base dir is under /var/run by default, it may have been
749
if (mkdir_parents(set->base_dir, 0755) < 0 && errno != EEXIST)
750
i_fatal("mkdir(%s) failed: %m", set->base_dir);
751
/* allow base_dir to be a symlink, so don't use lstat() */
752
if (stat(set->base_dir, &st) < 0)
753
i_fatal("stat(%s) failed: %m", set->base_dir);
754
if (!S_ISDIR(st.st_mode))
755
i_fatal("%s is not a directory", set->base_dir);
756
if ((st.st_mode & 0755) != 0755) {
757
i_warning("Fixing permissions of %s to be world-readable",
759
if (chmod(set->base_dir, 0755) < 0)
760
i_error("chmod(%s) failed: %m", set->base_dir);
763
/* Make sure our permanent state directory exists */
764
if (mkdir_parents(set->state_dir, 0755) < 0 && errno != EEXIST)
765
i_fatal("mkdir(%s) failed: %m", set->state_dir);
767
mkdir_login_dir(set, t_strconcat(set->base_dir, "/login", NULL));
768
mkdir_login_dir(set, t_strconcat(set->base_dir, "/token-login", NULL));
767
770
empty_dir = t_strconcat(set->base_dir, "/empty", NULL);
768
771
if (safe_mkdir(empty_dir, 0755, master_uid, getegid()) == 0) {
769
772
i_warning("Corrected permissions for empty directory "
770
773
"%s", empty_dir);