On Fri, Sep 16, 2016, at 10:59 AM, ellie timoney via Cyrus-devel wrote:
> I think idled ought to become_cyrus itself. It shouldn't continue
> running as root even if it was started as root.
The attached patch seems to resolve this for me. Karl, does it help in
your case?
It's against the current cyrus-imapd-2.5 from git, but should apply
cleanly to the 2.5.7 sources as well.
Cheers,
ellie
diff --git a/imap/idled.c b/imap/idled.c
index 8850ce1..03ea4c3 100644
--- a/imap/idled.c
+++ b/imap/idled.c
@@ -273,6 +273,10 @@ int main(int argc, char **argv)
pid_t pid;
char *alt_config = NULL;
+ if ((geteuid()) == 0 && (become_cyrus(/*is_master*/0) != 0)) {
+ fatal("must run as the Cyrus user", EC_USAGE);
+ }
+
p = getenv("CYRUS_VERBOSE");
if (p) verbose = atoi(p) + 1;
