quota-maildir.c revision cb07373a0afd4b0635e10a6757bd22e46dc9cf61
76b43e4417bab52e913da39b5f5bc2a130d3f149Timo Sirainen/* Copyright (c) 2006-2008 Dovecot authors, see the included COPYING file */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainenextern struct quota_backend quota_backend_maildir;
ab0d9eecd85f74acae18fe88529302e0776cc500Timo Sirainenstatic struct dotlock_settings dotlock_settings = {
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainenstatic int maildir_sum_dir(const char *dir, uint64_t *total_bytes,
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen const char *p;
b83f52b3ac3736d7f509db7ba80360d89f8a776dTimo Sirainen (dp->d_name[1] == '\0' || dp->d_name[1] == '.'))
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* ,S=nnnn[:,] */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* not in expected format, fallback to stat() */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen } else if (errno != ENOENT && errno != ESTALE) {
2b682d8d3661800f16aceaa45fa4de9b6b140a59Timo Sirainenmaildir_list_init(struct maildir_quota_root *root,
e392fcb39a06609af20a9e79017683f194de3ddeTimo Sirainen ctx->iter = mailbox_list_iter_init(mail_storage_get_list(storage), "*",
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainenstatic const char *
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainenmaildir_list_next(struct maildir_list_context *ctx, time_t *mtime_r)
a27e065f1a1f91c7fbdf7c2ea1c387441af0cbb3Timo Sirainen ctx->info = mailbox_list_iter_next(ctx->iter);
d23c747de9d33966483fbdd41f08ad7766da7c5cTimo Sirainen rule = quota_root_rule_find(ctx->root->root.set,
2b682d8d3661800f16aceaa45fa4de9b6b140a59Timo Sirainen /* mailbox not included in quota */
eddd9bf1a1369aea4a2715f6be1137da6d17d293Timo Sirainen path = mail_storage_get_mailbox_path(ctx->storage,
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* ignore if the directory got lost, stale or if it was
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen actually a file and not a directory */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen if (errno != ENOENT && errno != ESTALE && errno != ENOTDIR) {
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen i_error("stat(%s) failed: %m", str_c(ctx->path));
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainenstatic int maildir_list_deinit(struct maildir_list_context *ctx)
a27e065f1a1f91c7fbdf7c2ea1c387441af0cbb3Timo Sirainen int ret = mailbox_list_iter_deinit(&ctx->iter);
2b682d8d3661800f16aceaa45fa4de9b6b140a59Timo Sirainenmaildirs_check_have_changed(struct maildir_quota_root *root,
2b682d8d3661800f16aceaa45fa4de9b6b140a59Timo Sirainen struct mail_storage *storage, time_t latest_mtime)
ccb77e2f63626ec46e5745ef4f38baa8e8e504fcTimo Sirainen while (maildir_list_next(ctx, &mtime) != NULL) {
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainenstatic int maildirsize_write(struct maildir_quota_root *root, const char *path)
fea7b8b3fc182e415b1875d79587c0aa1adb09d7Timo Sirainen unsigned int i, count;
cb07373a0afd4b0635e10a6757bd22e46dc9cf61Timo Sirainen const char *p, *dir;
fea7b8b3fc182e415b1875d79587c0aa1adb09d7Timo Sirainen /* figure out what permissions we should use for maildirsize.
fea7b8b3fc182e415b1875d79587c0aa1adb09d7Timo Sirainen use the inbox namespace's permissions if possible. */
fea7b8b3fc182e415b1875d79587c0aa1adb09d7Timo Sirainen storages = array_get(&root->root.quota->storages, &count);
fea7b8b3fc182e415b1875d79587c0aa1adb09d7Timo Sirainen for (i = 0; i < count; i++) {
fea7b8b3fc182e415b1875d79587c0aa1adb09d7Timo Sirainen if ((storages[i]->ns->flags & NAMESPACE_FLAG_INBOX) != 0) {
fea7b8b3fc182e415b1875d79587c0aa1adb09d7Timo Sirainen mailbox_list_get_permissions(storages[i]->ns->list,
8887bf3757d51d73887dd20b1db3334d867d3817Timo Sirainen dotlock_settings.use_excl_lock = getenv("DOTLOCK_USE_EXCL") != NULL;
8da095519878426b012058e6f331a669f327f47fTimo Sirainen dotlock_settings.nfs_flush = getenv("MAIL_NFS_STORAGE") != NULL;
fea7b8b3fc182e415b1875d79587c0aa1adb09d7Timo Sirainen fd = file_dotlock_open_mode(&dotlock_settings, path,
cb07373a0afd4b0635e10a6757bd22e46dc9cf61Timo Sirainen /* the control directory doesn't exist yet? create it */
cb07373a0afd4b0635e10a6757bd22e46dc9cf61Timo Sirainen if (mkdir_parents(dir, 0700) < 0 && errno != EEXIST) {
cb07373a0afd4b0635e10a6757bd22e46dc9cf61Timo Sirainen fd = file_dotlock_open_mode(&dotlock_settings, path,
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* someone's just in the middle of updating it */
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen i_error("file_dotlock_open(%s) failed: %m", path);
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen if (write_full(fd, str_data(str), str_len(str)) < 0) {
b83f52b3ac3736d7f509db7ba80360d89f8a776dTimo Sirainen /* keep the fd open since we might want to update it later */
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen i_error("file_dotlock_replace(%s) failed: %m", path);
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainenstatic void maildirsize_recalculate_init(struct maildir_quota_root *root)
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainenstatic int maildirsize_recalculate_storage(struct maildir_quota_root *root,
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen const char *dir;
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen while ((dir = maildir_list_next(ctx, &mtime)) != NULL) {
bd7b1a9000b12349e2a99bb43b3ce8b96a18e92bTimo Sirainenstatic void maildirsize_rebuild_later(struct maildir_quota_root *root)
bd7b1a9000b12349e2a99bb43b3ce8b96a18e92bTimo Sirainen /* FIXME: can't unlink(), because the limits would be lost. */
bd7b1a9000b12349e2a99bb43b3ce8b96a18e92bTimo Sirainen i_error("unlink(%s) failed: %m", root->maildirsize_path);
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainenstatic int maildirsize_recalculate_finish(struct maildir_quota_root *root,
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* maildir didn't change, we can write the maildirsize file */
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen ret = maildirsize_write(root, root->maildirsize_path);
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainenstatic int maildirsize_recalculate(struct maildir_quota_root *root)
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen unsigned int i, count;
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen /* count mails from all storages */
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen storages = array_get(&root->root.quota->storages, &count);
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen for (i = 0; i < count; i++) {
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen if (maildirsize_recalculate_storage(root, storages[i]) < 0) {
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen /* check if any of the directories have changed */
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen for (i = 0; i < count; i++) {
2b682d8d3661800f16aceaa45fa4de9b6b140a59Timo Sirainen ret = maildirs_check_have_changed(root, storages[i],
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen return maildirsize_recalculate_finish(root, ret);
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainenmaildir_parse_limit(const char *str, uint64_t *bytes_r, uint64_t *count_r)
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen const char *const *limit;
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainen unsigned long long value;
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainen /* 0 values mean unlimited */
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainen for (limit = t_strsplit(str, ","); *limit != NULL; limit++) {
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen switch (pos[0]) {
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainenstatic int maildirsize_parse(struct maildir_quota_root *root,
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainen uint64_t message_bytes_limit, message_count_limit;
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainen unsigned int line_count = 0;
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainen /* first line contains the limits */
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainen (void)maildir_parse_limit(lines[0], &message_bytes_limit,
3851ad9fcb25635f02b46d44586742ef1081876bTimo Sirainen /* truncate too high limits to signed 64bit int range */
b1678954f83e1059b981e2def52a70054fa71399Timo Sirainen if (root->root.bytes_limit == (int64_t)message_bytes_limit &&
b1678954f83e1059b981e2def52a70054fa71399Timo Sirainen root->root.count_limit == (int64_t)message_count_limit) {
3851ad9fcb25635f02b46d44586742ef1081876bTimo Sirainen /* limits haven't changed */
d23c747de9d33966483fbdd41f08ad7766da7c5cTimo Sirainen } else if (root->root.set->force_default_rule) {
2d71e0ea3006576961b47d91d564d31771676624Timo Sirainen /* we know the limits and they've changed.
2d71e0ea3006576961b47d91d564d31771676624Timo Sirainen the file must be rewritten. */
3851ad9fcb25635f02b46d44586742ef1081876bTimo Sirainen /* we're using limits from the file. */
d23c747de9d33966483fbdd41f08ad7766da7c5cTimo Sirainen quota_root_recalculate_relative_rules(root->root.set);
ba3f68dfb8475299f43125c3e86985a713013c5dTimo Sirainen /* no quota lines. rebuild it. */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* rest of the lines contains <bytes> <count> diffs */
0563ad5c7f179554623682f6fd7b98596901b49fTimo Sirainen for (lines++; *lines != NULL; lines++, line_count++) {
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen if (sscanf(*lines, "%lld %d", &bytes_diff, &count_diff) != 2)
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* corrupted */
b1678954f83e1059b981e2def52a70054fa71399Timo Sirainen if ((total_bytes > _root->bytes_limit && _root->bytes_limit != 0) ||
b1678954f83e1059b981e2def52a70054fa71399Timo Sirainen (total_count > _root->count_limit && _root->count_limit != 0)) {
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* we're over quota. don't trust these values if the file
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen contains more than the initial summary line, or if the file
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen is older than 15 minutes. */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen st.st_mtime < ioloop_time - MAILDIRSIZE_STALE_SECS)
0223007c8a72339fe40a732710203afb82f108a6Timo Sirainenstatic int maildirsize_open(struct maildir_quota_root *root)
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen i_error("close(%s) failed: %m", root->maildirsize_path);
0223007c8a72339fe40a732710203afb82f108a6Timo Sirainen root->fd = nfs_safe_open(root->maildirsize_path, O_RDWR | O_APPEND);
0223007c8a72339fe40a732710203afb82f108a6Timo Sirainen i_error("open(%s) failed: %m", root->maildirsize_path);
7be291ff7fcb7d10a5f96db00282a40287b471c5Timo Sirainenstatic bool maildirsize_has_changed(struct maildir_quota_root *root)
7be291ff7fcb7d10a5f96db00282a40287b471c5Timo Sirainen nfs_flush_file_handle_cache(root->maildirsize_path);
7be291ff7fcb7d10a5f96db00282a40287b471c5Timo Sirainen nfs_flush_attr_cache_unlocked(root->maildirsize_path);
ed22384e18b005c6a518478c515e7bfdb9e110eeTimo Sirainen return root->last_size != st2.st_size || st1.st_ino != st2.st_ino ||
0223007c8a72339fe40a732710203afb82f108a6Timo Sirainenstatic int maildirsize_read(struct maildir_quota_root *root)
0223007c8a72339fe40a732710203afb82f108a6Timo Sirainen unsigned int i, size;
4c5272b168b4d71a95a08d48cc5b29cd7b27f193Timo Sirainen /* @UNSAFE */
0223007c8a72339fe40a732710203afb82f108a6Timo Sirainen (ret = read(root->fd, buf + size, sizeof(buf)-1 - size)) != 0) {
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen i_error("read(%s) failed: %m", root->maildirsize_path);
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* error / recalculation needed. */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* file is smaller than 5120 bytes, which means we can use it */
0563ad5c7f179554623682f6fd7b98596901b49fTimo Sirainen /* skip the last line if there's no LF at the end. Remove the last LF
0563ad5c7f179554623682f6fd7b98596901b49fTimo Sirainen so we don't get one empty line in the strsplit. */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen while (size > 0 && buf[size-1] != '\n') size--;
0563ad5c7f179554623682f6fd7b98596901b49fTimo Sirainen /* If there are any NUL bytes, the file is broken. */
0563ad5c7f179554623682f6fd7b98596901b49fTimo Sirainen for (i = 0; i < size; i++) {
0223007c8a72339fe40a732710203afb82f108a6Timo Sirainen maildirsize_parse(root, root->fd, t_strsplit(buf, "\n")) > 0)
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* broken file / need recalculation */
3851ad9fcb25635f02b46d44586742ef1081876bTimo Sirainenstatic bool maildirquota_limits_init(struct maildir_quota_root *root)
7ca2a9f1cca63cbc2ebffc185c7e5a2b32bc2780Timo Sirainen i_warning("quota maildir: No maildir storages, "
7ca2a9f1cca63cbc2ebffc185c7e5a2b32bc2780Timo Sirainen "ignoring quota.");
e394583a7c1121599799a35f205bf237f6a1ee04Timo Sirainenstatic int maildirquota_refresh(struct maildir_quota_root *root)
d23c747de9d33966483fbdd41f08ad7766da7c5cTimo Sirainen if (root->root.set->default_rule.bytes_limit == 0 &&
d23c747de9d33966483fbdd41f08ad7766da7c5cTimo Sirainen root->root.set->default_rule.count_limit == 0) {
2d71e0ea3006576961b47d91d564d31771676624Timo Sirainen /* no quota */
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainenstatic int maildirsize_update(struct maildir_quota_root *root,
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* We rely on O_APPEND working in here. That isn't NFS-safe, but it
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen isn't necessarily that bad because the file is recreated once in
a8fcd55e88550ebb905249825bdb1eec7b9667ffTimo Sirainen a while, and sooner if corruption causes calculations to go
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen over quota. This is also how Maildir++ spec specifies it should be
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen if (write_full(root->fd, str, strlen(str)) < 0) {
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen /* deleted/replaced already, ignore */
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainenstatic struct quota_root *maildir_quota_alloc(void)
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainenstatic void maildir_quota_deinit(struct quota_root *_root)
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen struct maildir_quota_root *root = (struct maildir_quota_root *)_root;
d23c747de9d33966483fbdd41f08ad7766da7c5cTimo Sirainenmaildir_quota_parse_rule(struct quota_root_settings *root_set ATTR_UNUSED,
12dc81583d1958cb301a617e19fbd40e8d376397Timo Sirainen if (!maildir_parse_limit(str, &bytes, &count)) {
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainenmaildir_quota_root_storage_added(struct quota_root *_root,
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen struct maildir_quota_root *root = (struct maildir_quota_root *)_root;
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen control_dir = mail_storage_get_mailbox_control_dir(storage, "");
ccd44abfe14f51cc1f6d8c0ec1aa6dc31242e2d3Timo Sirainenmaildir_quota_storage_added(struct quota *quota, struct mail_storage *storage)
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen unsigned int i, count;
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen roots = array_get_modifiable("a->roots, &count);
3ccfcf0856958cb9208a9fc51c3bdf13c58ad52aTimo Sirainen for (i = 0; i < count; i++) {
3fe44a0df5a0bdd80c495f79cbf0e384441d6fccTimo Sirainen if (roots[i]->backend.name == quota_backend_maildir.name)
ccd44abfe14f51cc1f6d8c0ec1aa6dc31242e2d3Timo Sirainen maildir_quota_root_storage_added(roots[i], storage);
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainenstatic const char *const *
43d32cbe60fdaef2699d99f1ca259053e9350411Timo Sirainenmaildir_quota_root_get_resources(struct quota_root *root ATTR_UNUSED)
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen static const char *resources_both[] = {
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainenmaildir_quota_get_resource(struct quota_root *_root, const char *name,
cb951d3282610a9a0960230865bc5f3e3347b203Timo Sirainen struct maildir_quota_root *root = (struct maildir_quota_root *)_root;
5a001dd0848310e9ed6622442329ff346b189257Timo Sirainen if (strcmp(name, QUOTA_NAME_STORAGE_BYTES) == 0) {
5a001dd0848310e9ed6622442329ff346b189257Timo Sirainen } else if (strcmp(name, QUOTA_NAME_MESSAGES) == 0) {
e394583a7c1121599799a35f205bf237f6a1ee04Timo Sirainen /* no limits */
63af428111bdf1975b06da83f98d072210514a36Timo Sirainen /* even though we don't really care about the limits in here ourself,
63af428111bdf1975b06da83f98d072210514a36Timo Sirainen we do want to make sure the header gets updated if the limits have
63af428111bdf1975b06da83f98d072210514a36Timo Sirainen changed. also this makes sure the maildirsize file is created if
63af428111bdf1975b06da83f98d072210514a36Timo Sirainen it doesn't exist. */