Hi, we tested a wrapper around the open() function, which rewrites the error code to EACCES in case the mailbox is from a snapshot and which we load with LD_PRELOAD. (See https://www.samanbarghi.com/blog/2014/09/05/how-to-wrap-a-system-call-libc-function-in-linux/) Unfortunately that was not successful, so we added a wrapper around access(), which does the job (you could even skip the open()-wrapper).
So the below mentioned code snippet is not the only one to be modified ;) Best regards Damian > Am 29.06.2021 um 12:29 schrieb Aki Tuomi <[email protected]>: > > Hi! > > This is on our backlog already as DOP-2294, lets see if we get it forward at > some point. > > Aki > >> On 29/06/2021 12:48 Bucher, Dr. Damian <[email protected]> wrote: >> >> >> Hi, >> >> we ran into a problem, while using filesystem snapshots on a >> GPFS-filesystem. With this we want to give the users the opportunity to >> restore Mailboxes from this snapshots in case they deleted mail by accident. >> >> For each snapshot we create a namespace via a postlogin skript (with >> INDEX=MEMORY to avoid writing index files to a ro filesystem). The snapshot >> are of course read only. >> When accessing the mailboxes in the namespaces, dovecot generates an error >> (ro filesystem): >> Error: Mailbox #backup20/Mail/deleted-messages: open() failed with mbox: >> Read-only file system >> >> >> We tracked that down to a problem in src/lib-storage/index/mbox/mbox-file.c >> (yes, we are still using mbox ;) ) >> >> fd = open(mailbox_get_path(&mbox->box), >> mbox_is_backend_readonly(mbox) ? O_RDONLY : O_RDWR); >> if (fd == -1 && errno == EACCES && !mbox->backend_readonly) { >> mbox->backend_readonly = TRUE; >> fd = open(mailbox_get_path(&mbox->box), O_RDONLY); >> } >> >> Here the mailbox is opened and it is checked wether the file is ro or rw. >> Since the snapshot contains the original file permissions, the file is of >> course rw, but the filesystem is ro. >> Unfortunately the code only checks for file permissions (errno == EACCES), >> which doesn’t catch our error condition (FS ro). >> >> We think that exchanging this to (errno == EACCESS || errno == EROFS) would >> catch the file system ro error correctly and set the readonly flag correctly >> and open the mailbox ro. >> (this probably hast to be done for other mailbox formats in the >> corresponding files too) >> >> What do you think? Is there a chance to implement that in an upcoming >> release? >> >> Best regards >> Damian >> >> — >> Postmaster@WWU >> WWU IT >> Westfälische Wilhelms-Universität (WWU) Münster >> Röntgenstr. 7-13, 48149 Münster >> >> mailto:[email protected] — Westfälische Wilhelms-Universität (WWU) Münster WWU IT Dr. Damian Bucher Abt. 6.2 Systemdienste Röntgenstr. 7-13, 48149 Münster Tel.: +49 251 83-31658 Fax: +49 251 8393331658 mailto:[email protected] Website: www.uni-muenster.de/it
smime.p7s
Description: S/MIME cryptographic signature
