-/* $Cambridge: exim/src/src/transports/pipe.c,v 1.8 2005/10/13 13:21:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/transports/pipe.c,v 1.14 2009/11/16 19:50:39 nm4 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
*************************************************/
-/* Copyright (c) University of Cambridge 1995 - 2005 */
+/* Copyright (c) University of Cambridge 1995 - 2009 */
/* See the file NOTICE for conditions of use and distribution. */
#include "../exim.h"
#include "pipe.h"
+#ifdef HAVE_SETCLASSRESOURCES
+#include <login_cap.h>
+#endif
+
/* Options specific to the pipe transport. They must be in alphabetic
(void *)offsetof(pipe_transport_options_block, umask) },
{ "use_bsmtp", opt_bool,
(void *)offsetof(pipe_transport_options_block, use_bsmtp) },
+ #ifdef HAVE_SETCLASSRESOURCES
+ { "use_classresources", opt_bool,
+ (void *)offsetof(pipe_transport_options_block, use_classresources) },
+ #endif
{ "use_crlf", opt_bool,
(void *)offsetof(pipe_transport_options_block, use_crlf) },
{ "use_shell", opt_bool,
FALSE, /* timeout_defer */
FALSE, /* use_shell */
FALSE, /* use_bsmtp */
+ FALSE, /* use_classresources */
FALSE /* use_crlf */
};
+/*************************************************
+* Setup entry point *
+*************************************************/
+
+/* Called for each delivery in the privileged state, just before the uid/gid
+are changed and the main entry point is called. In a system that supports the
+login_cap facilities, this function is used to set the class resource limits
+for the user.
+
+Arguments:
+ tblock points to the transport instance
+ addrlist addresses about to be delivered (not used)
+ dummy not used (doesn't pass back data)
+ uid the uid that will be set (not used)
+ gid the gid that will be set (not used)
+ errmsg where to put an error message
+
+Returns: OK, FAIL, or DEFER
+*/
+
+static int
+pipe_transport_setup(transport_instance *tblock, address_item *addrlist,
+ transport_feedback *dummy, uid_t uid, gid_t gid, uschar **errmsg)
+{
+pipe_transport_options_block *ob =
+ (pipe_transport_options_block *)(tblock->options_block);
+
+addrlist = addrlist; /* Keep compiler happy */
+dummy = dummy;
+uid = uid;
+gid = gid;
+errmsg = errmsg;
+ob = ob;
+
+#ifdef HAVE_SETCLASSRESOURCES
+if (ob->use_classresources)
+ {
+ struct passwd *pw = getpwuid(uid);
+ if (pw != NULL)
+ {
+ login_cap_t *lc = login_getpwclass(pw);
+ if (lc != NULL)
+ {
+ setclassresources(lc);
+ login_close(lc);
+ }
+ }
+ }
+#endif
+
+return OK;
+}
+
+
+
/*************************************************
* Initialization entry point *
*************************************************/
pipe_transport_options_block *ob =
(pipe_transport_options_block *)(tblock->options_block);
+/* Set up the setup entry point, to be called in the privileged state */
+
+tblock->setup = pipe_transport_setup;
+
/* If pipe_as_creator is set, then uid/gid should not be set. */
if (tblock->deliver_as_creator && (tblock->uid_set || tblock->gid_set ||
"transport: %s%s", tblock->name, strerror(errno), tmsg);
}
+ /* Since the transport_filter timed out we assume it has sent the child process
+ a malformed or incomplete data stream. Kill off the child process
+ and prevent checking its exit status as it will has probably exited in error.
+ This prevents the transport_filter timeout message from getting overwritten
+ by the exit error which is not the cause of the problem. */
+
+ else if (transport_filter_timed_out)
+ {
+ killpg(pid, SIGKILL);
+ kill(outpid, SIGKILL);
+ }
+
/* Either the process completed, but yielded a non-zero (necessarily
positive) status, or the process was terminated by a signal (rc will contain
the negation of the signal number). Treat killing by signal as failure unless