From owner-freebsd-bugs@FreeBSD.ORG Mon Jul 21 16:40:15 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2494F37B401 for ; Mon, 21 Jul 2003 16:40:15 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2BB0F43FAF for ; Mon, 21 Jul 2003 16:40:14 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h6LNeEUp022753 for ; Mon, 21 Jul 2003 16:40:14 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h6LNeEa9022752; Mon, 21 Jul 2003 16:40:14 -0700 (PDT) Resent-Date: Mon, 21 Jul 2003 16:40:14 -0700 (PDT) Resent-Message-Id: <200307212340.h6LNeEa9022752@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Oleg Bulyzhin Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3650F37B401; Mon, 21 Jul 2003 16:37:55 -0700 (PDT) Received: from lath.rinet.ru (lath.rinet.ru [195.54.192.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E7D943F75; Mon, 21 Jul 2003 16:37:54 -0700 (PDT) (envelope-from oleg@lath.rinet.ru) Received: by lath.rinet.ru (Postfix, from userid 222) id 22CD42EF9; Tue, 22 Jul 2003 03:37:53 +0400 (MSD) Message-Id: <20030721233753.22CD42EF9@lath.rinet.ru> Date: Tue, 22 Jul 2003 03:37:53 +0400 (MSD) From: Oleg Bulyzhin To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: gshapiro@FreeBSD.org Subject: bin/54731: [PATCH] bug in mail.local can cause unnecessary mail delivery delays X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Oleg Bulyzhin List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jul 2003 23:40:15 -0000 >Number: 54731 >Category: bin >Synopsis: [PATCH] bug in mail.local can cause unnecessary mail delivery delays >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Jul 21 16:40:13 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Oleg Bulyzhin >Release: FreeBSD 4.8-RELEASE i386 >Organization: Cronyx Plus LLC (RiNet ISP) >Environment: System: FreeBSD lath.rinet.ru 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Sat Apr 5 12:35:16 MSD 2003 root@lath.rinet.ru:/lh/obj/lh/src/sys/lath i386 All sendmail versions (including 8.12.9) are affected. (This bug affects systems without maillock(). Not sure about systems where maillock() exists). >Description: During mailbox locking mail.local creates lock file (usually /var/log/mboxname.lock). Under certain circumstances mail.local is unable to remove this lock file after delivery attempt, thus next mail delivery (handled by other mail.local process) can be delayed for up to LOCKTO_RM seconds (5min). Here is explanation: First, mail.local creates lock file using super-user privileges. Before delivery attempt mail.local drops privileges by calling setreuid() (mail.local.c:1073). Then, in various error checking code, goto err0 & goto err1 are used (mail.local.c:1087 1103 1148 1165) If any of this errors appears, mail.local will be unable to remove lock file, cause it calls unlockmbox() (mail.local.c:1231) having euid == uid of mbox owner (while lock file owned by root). Thus unlink call (mail.local.c:1398) will fail. Next mail.local process will be unable to deliver mail until lock file expires (expire time LOCKTO_RM seconds). >How-To-Repeat: It's not easy to repeat it with original mail.local cause those error which can lead to this problem are quite rare. (actually, i never seen any of em). Problem was noticed when i tested slightly modified mail.local (simple implementation of mailbox size limit). >Fix: There is misplaced setreuid(0,0) call: we need super-user priveleges neither for truncating (mail.local.c:1228) mailbox no for closing (mail.local.c:1230) it. But we need those priveleges for removing root-owned lock file. --- mail.local.c.orig Mon Mar 3 20:31:13 2003 +++ mail.local.c Tue Jul 22 03:28:05 2003 @@ -1220,7 +1220,6 @@ { mailerr("450 4.2.0", "%s: %s", path, sm_errstring(errno)); err3: - (void) setreuid(0, 0); #ifdef DEBUG fprintf(stderr, "reset euid = %d\n", (int) geteuid()); #endif /* DEBUG */ @@ -1228,7 +1227,8 @@ (void) ftruncate(mbfd, curoff); err1: if (mbfd >= 0) (void) close(mbfd); -err0: unlockmbox(); +err0: (void) setreuid(0, 0); + unlockmbox(); return; } >Release-Note: >Audit-Trail: >Unformatted: