Re: [exim] After upgrade to Exim 4.95 or 4.96: "setgroups: I…

Góra strony
Delete this message
Reply to this message
Autor: Lasse Törngren
Data:  
Dla: Martin D Kealey, exim-users
Temat: Re: [exim] After upgrade to Exim 4.95 or 4.96: "setgroups: Invalid argument"
Hello Martin,



I tried your patching of the code and I am getting this error:



The changed code in priv.c:



if (priv_euid == root_uid)

  {

  if (seteuid(priv_euid) != 0)

    log_write(0, LOG_PANIC_DIE, "seteuid(%d): %s", priv_euid, strerror(errno));

  if (setegid(priv_egid) != 0)

    log_write(0, LOG_PANIC_DIE, "setegid(%d): %s", priv_egid, strerror(errno)); 

  /*if (priv_ngroups > 0 && setgroups(priv_ngroups, priv_groups) != 0)*/

  if (priv_ngroups > 0 && setgroups(priv_ngroups, priv_groups) != 0

   

#ifndef OS_SETGROUPS_ZERO_DROPS_ALL

   && setgroups(0, NULL) != 0

#endif

   && setgroups(1, group_list) != 0)

 

    log_write(0, LOG_PANIC_DIE, "exim priv_restore setgroups: %s", strerror(errno));

  if (geteuid() != priv_euid)

    log_write(0, LOG_PANIC_DIE, "getdeuid() != %d", priv_euid);

  if (getegid() != priv_egid)

    log_write(0, LOG_PANIC_DIE, "getdegid() != %d", priv_egid);

  }



Error when compiling:



cc priv.c

priv.c:72:20: error: use of undeclared identifier 'group_list'; did you mean 'lookup_list'?

&& setgroups(1, group_list) != 0)

                   ^~~~~~~~~~


                   lookup_list


./globals.h:713:22: note: 'lookup_list' declared here

extern lookup_info **lookup_list;      /* Array of pointers to available lookups */


                     ^


1 error generated.

make[1]: *** [priv.o] Error 1

make: *** [all] Error 2



Best Regards

Lasse



Från: Martin D Kealey <martin@???>
Datum: tisdag 20 september 2022 04:44
Till: <exim-users@???>
Ämne: [exim] After upgrade to Exim 4.95 or 4.96: "setgroups: Invalid argument"



Lasse Törngren <lasse.torngren@???> wrote:



I am using a couple of Macs as servers, and has one server running MacOS

Mojave and Exim 4.94 without any issue.



I have tried to upgrade to Exim 4.95 on this machine, and to Exim 4.96 on

a new server that I am setting up with MacOS Big Sur. On both servers I get

Exim Panic with “setgroups: Invalid argument” at local (virtual) delivery.





Disclaimers:

1. There's currently no support for MacOS because there are no active

developers with access to that platform.

2. I don't have access to anything running MacOS, so I can only offer

general guidance.



If you know your way around C code and would like to help, I'd encourage

you to join the exim-dev list, and discuss a possible fix, with a view to

incorporating it in the next Exim release, and reinstating support for

MacOS.



The message “*setgroups: Invalid argument*” originates from one of the

functions `priv_drop_temp` and `priv_restore` in the source file `

src/src/priv.c`, which was a new addition for the 4.95 release. (I would

start by patching the messages so you can see which of those two functions

is failing.)



It might also be informative to explore the versions of those functions

implemented in sshd, and see if they've been patched to cope with setgroups

behaviour on MacOS.



In the meantime, if you write a wrapper that starts Exim with an empty

supplementary group set, that might alleviate some of the problems.



I note that in the source file `src/src/exim.c` circa line 3943 it has `

setgroups` gated thus:

```



#ifndef OS_SETGROUPS_ZERO_DROPS_ALL

    && setgroups(0, NULL) != 0


#endif

    && setgroups(1, group_list) != 0




```

which suggests that the same conditional logic should be applied in `

src/src/priv.c`.