dovecot-2.0: master: Give better error messages if UNIX uid/gid ...

dovecot at dovecot.org dovecot at dovecot.org
Thu Jul 9 20:26:05 EEST 2009 

details:   http://hg.dovecot.org/dovecot-2.0/rev/771097ddce48
changeset: 9597:771097ddce48
user:      Timo Sirainen <tss at iki.fi>
date:      Thu Jul 09 13:26:00 2009 -0400
description:
master: Give better error messages if UNIX uid/gid is too high/low.

diffstat:

1 file changed, 22 insertions(+), 7 deletions(-)
src/master/service-process.c |   29 ++++++++++++++++++++++-------

diffs (56 lines):

diff -r d5637a78d263 -r 771097ddce48 src/master/service-process.c
--- a/src/master/service-process.c	Wed Jul 08 18:12:43 2009 -0400
+++ b/src/master/service-process.c	Thu Jul 09 13:26:00 2009 -0400
@@ -25,6 +25,8 @@
 #include "service-process-notify.h"
 #include "service-process.h"
 
+#include <grp.h>
+#include <pwd.h>
 #include <stdlib.h>
 #include <unistd.h>
 #include <fcntl.h>
@@ -150,23 +152,36 @@ static int validate_uid_gid(struct maste
 			    const char *user)
 {
 	if (uid == 0) {
-		i_error("Logins with UID 0 not permitted (user %s)", user);
+		i_error("User %s not allowed to log in using UNIX UID 0 "
+			"(root logins are never allowed)", user);
 		return FALSE;
 	}
 
 	if (uid < (uid_t)set->first_valid_uid ||
 	    (set->last_valid_uid != 0 && uid > (uid_t)set->last_valid_uid)) {
-		i_error("Logins with UID %s (user %s) not permitted "
-			"(see first_valid_uid in config file)",
-			dec2str(uid), user);
+		struct passwd *pw;
+
+		pw = getpwuid(uid);
+		i_error("User %s not allowed to log in using too %s "
+			"UNIX UID %s%s (see first_valid_uid in config file)",
+			user,
+			uid < (uid_t)set->first_valid_uid ? "low" : "high",
+			dec2str(uid), pw == NULL ? "" :
+			t_strdup_printf("(%s)", pw->pw_name));
 		return FALSE;
 	}
 
 	if (gid < (gid_t)set->first_valid_gid ||
 	    (set->last_valid_gid != 0 && gid > (gid_t)set->last_valid_gid)) {
-		i_error("Logins for users with primary group ID %s (user %s) "
-			"not permitted (see first_valid_gid in config file).",
-			dec2str(gid), user);
+		struct group *gr;
+
+		gr = getgrgid(gid);
+		i_error("User %s not allowed to log in using too %s "
+			"UNIX GID %s%s (see first_valid_gid in config file)",
+			user,
+			gid < (gid_t)set->first_valid_gid ? "low" : "high",
+			dec2str(gid), gr == NULL ? "" :
+			t_strdup_printf("(%s)", gr->gr_name));
 		return FALSE;
 	}

More information about the dovecot-cvs mailing list