bcb4e51a409d94ae670de96afb8483a4f7855294Stephan Bosch/* Copyright (c) 2011-2018 Dovecot authors, see the included COPYING file */
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen#include "lib.h"
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen#include "restrict-access.h"
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen#include "mail-storage-service.h"
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen#include "mail-storage-settings.h"
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen#include "master-service.h"
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen#include "master-service-settings.h"
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen#include "master-connection.h"
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainenstatic struct master_connection *master_conn;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainenstatic struct mail_storage_service_ctx *storage_service;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainenstatic void client_connected(struct master_service_connection *conn)
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen{
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen if (master_conn != NULL) {
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen i_error("indexer-worker must be configured with client_limit=1");
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen return;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen }
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen master_service_client_connection_accept(conn);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen master_conn = master_connection_create(conn->fd, storage_service);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen}
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainenstatic void drop_privileges(void)
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen{
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen struct restrict_access_settings set;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen const char *error;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen /* by default we don't drop any privileges, but keep running as root. */
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen restrict_access_get_env(&set);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen if (set.uid != 0) {
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen /* open config connection before dropping privileges */
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen struct master_service_settings_input input;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen struct master_service_settings_output output;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
efe78d3ba24fc866af1c79b9223dc0809ba26cadStephan Bosch i_zero(&input);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen input.module = "mail";
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen input.service = "indexer-worker";
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen (void)master_service_settings_read(master_service,
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen &input, &output, &error);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen }
816d20be0cf95fc4eb1a8aa716639e73b8ba525eMartti Rannanjärvi restrict_access_by_env(RESTRICT_ACCESS_FLAG_ALLOW_ROOT, NULL);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen}
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainenint main(int argc, char *argv[])
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen{
5cba8fd913459269b521513e16e3afcbbd030ac5Timo Sirainen enum master_service_flags service_flags =
838d6a4751c3fbe17c3ec45c0e109629c4156815Timo Sirainen MASTER_SERVICE_FLAG_SEND_STATS |
5cba8fd913459269b521513e16e3afcbbd030ac5Timo Sirainen MASTER_SERVICE_FLAG_KEEP_CONFIG_OPEN;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen enum mail_storage_service_flags storage_service_flags =
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen MAIL_STORAGE_SERVICE_FLAG_USERDB_LOOKUP |
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen MAIL_STORAGE_SERVICE_FLAG_TEMP_PRIV_DROP |
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen MAIL_STORAGE_SERVICE_FLAG_NO_IDLE_TIMEOUT;
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen int c;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
5cba8fd913459269b521513e16e3afcbbd030ac5Timo Sirainen master_service = master_service_init("indexer-worker", service_flags,
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen &argc, &argv, "D");
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen while ((c = master_getopt(master_service)) > 0) {
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen switch (c) {
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen case 'D':
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen storage_service_flags |=
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen MAIL_STORAGE_SERVICE_FLAG_ENABLE_CORE_DUMPS;
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen break;
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen default:
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen return FATAL_DEFAULT;
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen }
9a4e08ad8a4cd4ee70e0c47e3e2eb1ee9f9a818dTimo Sirainen }
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen drop_privileges();
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen master_service_init_log(master_service, "indexer-worker: ");
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen storage_service = mail_storage_service_init(master_service, NULL,
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen storage_service_flags);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen restrict_access_allow_coredumps(TRUE);
d6b3cfd855c0eebed68be50d3111de1b5a6afeb0Timo Sirainen master_service_init_finish(master_service);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen master_service_run(master_service, client_connected);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen if (master_conn != NULL)
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen master_connection_destroy(&master_conn);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen mail_storage_service_deinit(&storage_service);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen master_service_deinit(&master_service);
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen return 0;
d9e404180ff26dbbaea68534a5f176765022b76bTimo Sirainen}