debian/patches/89_01_p_Delay-chdir-until-we-opened-the-main-config.patch

   1 Backport of 3de973a29de6852d61ba9bf1845835d08ca5a5ab
   2
   3 From: "Heiko Schlittermann (HS12-RIPE)" <hs@schlittermann.de>
   4 Date: Wed, 2 Mar 2016 22:07:45 +0100
   5 Subject: [PATCH] Delay chdir(/) until we opened the main config
   6
   7 --- a/doc/spec.txt
   8 +++ b/doc/spec.txt
   9 @@ -3361,8 +3361,6 @@ brief message about itself and exits.
  10      first file that exists is used. Failure to open an existing file stops Exim
  11      from proceeding any further along the list, and an error is generated.
  12
  13 -    The file names need to be absolute names.
  14 -
  15      When this option is used by a caller other than root, and the list is
  16      different from the compiled-in list, Exim gives up its root privilege
  17      immediately, and runs with the real and effective uid and gid set to those
  18 --- a/src/exim.c
  19 +++ b/src/exim.c
  20 @@ -3683,17 +3683,16 @@ init_lookup_list();
  21
  22  /* Read the main runtime configuration data; this gives up if there
  23  is a failure. It leaves the configuration file open so that the subsequent
  24 -configuration data for delivery can be read if needed. */
  25 +configuration data for delivery can be read if needed.
  26
  27 -/* To be safe: change the working directory to /. */
  28 -if (Uchdir("/") < 0)
  29 -  {
  30 -    perror("exim: chdir `/': ");
  31 -    exit(EXIT_FAILURE);
  32 -  }
  33 +NOTE: immediatly after opening the configuration file we change the working
  34 +directory to "/"! Later we change to $spool_directory. We do it there, because
  35 +during readconf_main() some expansion takes place already. */
  36
  37  readconf_main();
  38
  39 +/* Now in directory "/" */
  40 +
  41  if (cleanup_environment() == FALSE)
  42    log_write(0, LOG_PANIC_DIE, "Can't cleanup environment");
  43
  44 --- a/src/readconf.c
  45 +++ b/src/readconf.c
  46 @@ -2969,14 +2969,6 @@ while((filename = string_nextinlist(&lis
  47         != NULL)
  48    {
  49
  50 -  /* To avoid confusion: Exim changes to / at the very beginning and
  51 -   * and to $spool_directory later. */
  52 -  if (filename[0] != '/')
  53 -    {
  54 -    fprintf(stderr, "-C %s: only absolute names are allowed\n", filename);
  55 -    exit(EXIT_FAILURE);
  56 -  }
  57 -
  58    /* Cut out all the fancy processing unless specifically wanted */
  59
  60    #if defined(CONFIGURE_FILE_USE_NODE) || defined(CONFIGURE_FILE_USE_EUID)
  61 @@ -3030,6 +3022,15 @@ while((filename = string_nextinlist(&lis
  62    if (config_file != NULL || errno != ENOENT) break;
  63    }
  64
  65 +/* Now, once we found and opened our configuration file, we change the directory
  66 +to a safe place. Later we change to $spool_directory. */
  67 +
  68 +if (Uchdir("/") < 0)
  69 +  {
  70 +  perror("exim: chdir `/': ");
  71 +  exit(EXIT_FAILURE);
  72 +  }
  73 +
  74  /* On success, save the name for verification; config_filename is used when
  75  logging configuration errors (it changes for .included files) whereas
  76  config_main_filename is the name shown by -bP. Failure to open a configuration