Fix listing a named queue by a non-admin user. Bug 2398

[exim.git] / src / src / exim.c

diff --git a/src/src/exim.c b/src/src/exim.c
index 2dbc41162513504d9c5df13b8815df743b6a0e8d..1aa32b26986a5e41718409b876767bc6305f71b0 100644 (file)
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -690,6 +690,7 @@ of chown()/fchown().  See src/functions.h for more explanation */
 int
 exim_chown_failure(int fd, const uschar *name, uid_t owner, gid_t group)
 {
+int saved_errno = errno;  /* from the preceeding chown call */
 #if 1
 log_write(0, LOG_MAIN|LOG_PANIC,
   __FILE__ ":%d: chown(%s, %d:%d) failed (%s)."
@@ -701,7 +702,6 @@ log_write(0, LOG_MAIN|LOG_PANIC,
    See Bug 2391
    HS 2019-04-18 */
 
-int saved_errno = errno;  /* from the preceeding chown call */
 struct stat buf;
 
 if (0 == (fd < 0 ? stat(name, &buf) : fstat(fd, &buf)))
@@ -711,9 +711,9 @@ if (0 == (fd < 0 ? stat(name, &buf) : fstat(fd, &buf)))
 }
 else log_write(0, LOG_MAIN|LOG_PANIC, "Stat failed on %s: %s", name, strerror(errno));
 
+#endif
 errno = saved_errno;
 return -1;
-#endif
 }
 
 
@@ -934,6 +934,9 @@ fprintf(fp, "Support for:");
 #ifdef EXPERIMENTAL_PIPE_CONNECT
   fprintf(fp, " Experimental_PIPE_CONNECT");
 #endif
+#ifdef EXPERIMENTAL_TLS_RESUME
+  fprintf(fp, " Experimental_TLS_resume");
+#endif
 fprintf(fp, "\n");
 
 fprintf(fp, "Lookups (built-in):");
@@ -3190,22 +3193,23 @@ for (i = 1; i < argc; i++)
     /* -q[f][f][l][G<name>]: Run the queue, optionally forced, optionally local
     only, optionally named, optionally starting from a given message id. */
 
-    if (*argrest == 0 &&
-        (i + 1 >= argc || argv[i+1][0] == '-' || mac_ismsgid(argv[i+1])))
-      {
-      queue_interval = 0;
-      if (i+1 < argc && mac_ismsgid(argv[i+1]))
-        start_queue_run_id = argv[++i];
-      if (i+1 < argc && mac_ismsgid(argv[i+1]))
-        stop_queue_run_id = argv[++i];
-      }
+    if (!(list_queue || count_queue))
+      if (*argrest == 0
+        && (i + 1 >= argc || argv[i+1][0] == '-' || mac_ismsgid(argv[i+1])))
+       {
+       queue_interval = 0;
+       if (i+1 < argc && mac_ismsgid(argv[i+1]))
+         start_queue_run_id = argv[++i];
+       if (i+1 < argc && mac_ismsgid(argv[i+1]))
+         stop_queue_run_id = argv[++i];
+       }
 
     /* -q[f][f][l][G<name>/]<n>: Run the queue at regular intervals, optionally
     forced, optionally local only, optionally named. */
 
-    else if ((queue_interval = readconf_readtime(*argrest ? argrest : argv[++i],
-                                               0, FALSE)) <= 0)
-      exim_fail("exim: bad time value %s: abandoned\n", argv[i]);
+      else if ((queue_interval = readconf_readtime(*argrest ? argrest : argv[++i],
+                                                 0, FALSE)) <= 0)
+       exim_fail("exim: bad time value %s: abandoned\n", argv[i]);
     break;
 
 
@@ -4192,6 +4196,7 @@ if (!unprivileged &&                      /* originally had root AND */
 else
   {
   int rv;
+  DEBUG(D_any) debug_printf("dropping to exim gid; retaining priv uid\n");
   rv = setgid(exim_gid);
   /* Impact of failure is that some stuff might end up with an incorrect group.
   We track this for failures from root, since any attempt to change privilege