Bug 46892 – [4.3] Dovecot listener does not copy uid+gid, when moving files over filesystem boundaries

Bug 46892 - [4.3] Dovecot listener does not copy uid+gid, when moving files over filesystem boundaries


Summary:	[4.3] Dovecot listener does not copy uid+gid, when moving files over filesyst...

Status:	CLOSED FIXED

Product:	UCS
Classification:	Unclassified
Component:	Mail - Dovecot
Version:	UCS 4.2
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.3-0-errata
Assigned To:	Daniel Tröder
QA Contact:	Sönke Schwardt-Krummrich

URL:
Keywords:

Depends on:
Blocks:	46893
	Show dependency tree / graph

Reported:	2018-04-26 12:59 CEST by Daniel Tröder
Modified:	2018-05-09 14:21 CEST (History)
CC List:	0 users

See Also:
What kind of report is it?:	Bug Report
What type of bug is this?:	3: Simply Wrong: The implementation doesn't match the docu
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	4: A User would return the product
User Pain:	0.069
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Tröder

2018-04-26 12:59:04 CEST

Turns out shutil.move() → copytree() → copy2() → copystat() does not copy the uid and gid of files/dirs.

Add the required code to move_user_home() in mail/univention-mail-dovecot/modules/univention/mail/dovecot.py

Comment 1 Daniel Tröder

2018-04-27 10:19:08 CEST

[4.3-0] 64bd00c5c8 Bug #46892: set UID and GID on move target
[4.3-0] 32be370739 Bug #46892: changelog
[4.3-0] d027f5b125 Bug #46892: advisory

univention-mail-dovecot (4.0.0-9)

Comment 2 Daniel Tröder

2018-04-27 11:09:35 CEST

[4.3-0] bb4c6a82b9 Bug #46892: chown only if necessary
[4.3-0] 51e7d3bb09 Bug #46892: changelog
[4.3-0] e900f3a2aa Bug #46892: advisory update

univention-mail-dovecot (4.0.0-10)

Comment 3 Sönke Schwardt-Krummrich

2018-05-03 15:47:10 CEST

# dd if=/dev/zero of=/mailspool bs=1M count=500
# mkfs.ext4 /mailspool
# mount /mailspool /var/spool/dovecot/private/domainb.local
#

Delivered 10000 mails to abc@domaina.local and changed mailPrimaryAddress afterwards to abc@domainb.local
→ mails have been copied from /var/spool/dovecot/private/domaina.local/abc/Maildir
  to /var/spool/dovecot/private/domainb.local/abc/Maildir
  → with old package: files were owned by root:nogroup
  → with new package: files were owned by dovemail:dovemail

Moving 10.000 mails took less than 3 seconds inclusive recursive chown.

OK: code change
OK: functional change
OK: tests
FIXED: advisory

Comment 4 Quality Assurance

2018-05-04 16:44:06 CEST

--- mirror/ftp/4.3/unmaintained/4.3-0/source/univention-mail-dovecot_4.0.0-8A~4.3.0.201803011723.dsc
+++ apt/ucs_4.3-0-errata4.3-0/source/univention-mail-dovecot_4.0.0-10A~4.3.0.201804271106.dsc
@@ -1,6 +1,14 @@
-4.0.0-8A~4.3.0.201803011723 [Thu, 01 Mar 2018 17:23:49 +0100] Univention builddaemon <buildd@univention.de>:
+4.0.0-10A~4.3.0.201804271106 [Fri, 27 Apr 2018 11:06:51 +0200] Univention builddaemon <buildd@univention.de>:
 
   * UCS auto build. No patches were applied to the original source package
+
+4.0.0-10 [Fri, 27 Apr 2018 11:04:24 +0200] Daniel Troeder <troeder@univention.de>:
+
+  * Bug #46892: chown only if necessary
+
+4.0.0-9 [Fri, 27 Apr 2018 10:10:58 +0200] Daniel Troeder <troeder@univention.de>:
+
+  * Bug #46892: set UID and GID on move target
 
 4.0.0-8 [Thu, 01 Mar 2018 17:19:57 +0100] Daniel Troeder <troeder@univention.de>:

Comment 5 Arvid Requate

2018-05-09 14:21:14 CEST

<http://errata.software-univention.de/ucs/4.3/30.html>