From oleg@lath.rinet.ru  Mon Jul 21 16:37:55 2003
Return-Path: <oleg@lath.rinet.ru>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3650F37B401; Mon, 21 Jul 2003 16:37:55 -0700 (PDT)
Received: from lath.rinet.ru (lath.rinet.ru [195.54.192.90])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 9E7D943F75; Mon, 21 Jul 2003 16:37:54 -0700 (PDT)
	(envelope-from oleg@lath.rinet.ru)
Received: by lath.rinet.ru (Postfix, from userid 222)
	id 22CD42EF9; Tue, 22 Jul 2003 03:37:53 +0400 (MSD)
Message-Id: <20030721233753.22CD42EF9@lath.rinet.ru>
Date: Tue, 22 Jul 2003 03:37:53 +0400 (MSD)
From: Oleg Bulyzhin <oleg@rinet.ru>
Reply-To: Oleg Bulyzhin <oleg@rinet.ru>
To: FreeBSD-gnats-submit@freebsd.org
Cc: gshapiro@freebsd.org
Subject: [PATCH] bug in mail.local can cause unnecessary mail delivery delays
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         54731
>Category:       bin
>Synopsis:       [PATCH] bug in mail.local can cause unnecessary mail delivery delays
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    gshapiro
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jul 21 16:40:13 PDT 2003
>Closed-Date:    Thu Oct 30 15:06:34 PST 2003
>Last-Modified:  Thu Oct 30 15:06:34 PST 2003
>Originator:     Oleg Bulyzhin
>Release:        FreeBSD 4.8-RELEASE i386
>Organization:
Cronyx Plus LLC (RiNet ISP)
>Environment:
System: FreeBSD lath.rinet.ru 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Sat Apr 5 12:35:16 MSD 2003 root@lath.rinet.ru:/lh/obj/lh/src/sys/lath i386

	All sendmail versions (including 8.12.9) are affected.
	(This bug affects systems without maillock(). Not sure about
	 systems where maillock() exists).
>Description:
	During mailbox locking mail.local creates lock file (usually
	/var/log/mboxname.lock). Under certain circumstances mail.local is
	unable to remove this lock file after delivery attempt, thus next
	mail delivery (handled by other mail.local process) can be delayed
	for up to LOCKTO_RM seconds (5min).

	Here is explanation:
	First, mail.local creates lock file using super-user privileges.
	Before delivery attempt mail.local drops privileges by calling
	setreuid() (mail.local.c:1073). Then, in various error checking
	code, goto err0 & goto err1 are used (mail.local.c:1087 1103 1148 1165)
	If any of this errors appears, mail.local will be unable to remove
	lock file, cause it calls unlockmbox() (mail.local.c:1231) having
	euid == uid of mbox owner (while lock file owned by root).
	Thus unlink call (mail.local.c:1398) will fail.

	Next mail.local process will be unable to deliver mail until lock
	file expires (expire time LOCKTO_RM seconds).

>How-To-Repeat:
	It's not easy to repeat it with original mail.local cause those
	error which can lead to this problem are quite rare. (actually,
	i never seen any of em). Problem was noticed when i tested slightly
	modified mail.local (simple implementation of mailbox size limit).
>Fix:
	There is misplaced setreuid(0,0) call: we need super-user priveleges
	neither for truncating (mail.local.c:1228) mailbox no for closing
	(mail.local.c:1230) it. But we need those priveleges for removing
	root-owned lock file.

--- mail.local.c.orig	Mon Mar  3 20:31:13 2003
+++ mail.local.c	Tue Jul 22 03:28:05 2003
@@ -1220,7 +1220,6 @@
 	{
 		mailerr("450 4.2.0", "%s: %s", path, sm_errstring(errno));
 err3:
-		(void) setreuid(0, 0);
 #ifdef DEBUG
 		fprintf(stderr, "reset euid = %d\n", (int) geteuid());
 #endif /* DEBUG */
@@ -1228,7 +1227,8 @@
 			(void) ftruncate(mbfd, curoff);
 err1:		if (mbfd >= 0)
 			(void) close(mbfd);
-err0:		unlockmbox();
+err0:		(void) setreuid(0, 0);
+		unlockmbox();
 		return;
 	}
 

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->gshapiro 
Responsible-Changed-By: gshapiro 
Responsible-Changed-When: Sun Aug 31 18:24:31 PDT 2003 
Responsible-Changed-Why:  
Assign to sendmail maintainer 

http://www.freebsd.org/cgi/query-pr.cgi?pr=54731 
State-Changed-From-To: open->patched 
State-Changed-By: gshapiro 
State-Changed-When: Sun Aug 31 18:57:29 PDT 2003 
State-Changed-Why:  
The issue has been fixed in the sendmail project's CVS repo.  Thanks 
for the patch.  When 8.12.10 is released, it will be imported to 
the HEAD of FreeBSD's repo and later MFC'ed to RELENG_4. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=54731 
State-Changed-From-To: patched->closed 
State-Changed-By: gshapiro 
State-Changed-When: Thu Oct 30 15:06:18 PST 2003 
State-Changed-Why:  
sendmail 8.12.10 has been MFC'ed to RELENG_4. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=54731 
>Unformatted:
