Running Cyrus Imap under a different user

Simon Matter simon.matter at invoca.ch
Wed Nov 3 15:02:21 EDT 2010 

> Thanx for the quick reply ;)
> Yes, environment is correctly exported.
> Maybe there is something I can tell to Linux so that it gives my
> environement to anyone
> changing user to myuser?

I'm not sure I understand correctly. I just tried it here like this:
- log in as root
- export some env vars
- start Cyrus as /usr/lib/cyrus-imapd/cyrus-master -C /etc/imapd.conf -M
/etc/cyrus.conf -p /var/run/cyrus-master.pid -d

Now, I check for those vars in /proc/[PID]/environ and see that the env
vars are still there, for master and for it childrens like imapd.

Did I miss what you mean?

Simon

> -= Mail sent through WebTop2 =-
> ----------------------------------------------------------------------------------
> Da: Simon Matter
> A: Gabriele Bulfon
> Cc: info-cyrus at lists.andrew.cmu.edu
> Data: 3 novembre 2010 17.56.52 CET
> Oggetto: Re: Running Cyrus Imap under a different user
> Hello,
> I need to run cyrus as a different user, because for some reason I don't
> want to touch system users.
> I've built all the cyrus stuff under this different user, also using the
> configure switches
> (--with-cyrus-user=myuser --with-cyrus-group=mygroup).
> I followed the documentation to prepare all the needed directories by
> changing cyrus into myuser
> and mail into mygroup.
> I tried starting the master daemon as myuser, but it seems it has not
> enough privileges
> to listen on standard ports and some other problems.
> So I tried starting the master as root.
> I think starting master as root is the correct way.
> To do this, the script (ran as myuser) do a sudo.
> The problem is that the new process will have a different environment than
> what my user has.
> Expecially, my environment has his own libs against which I compiled,
> different from the system ones.
> So how exactly does you environment look? Is it LD_LIBRARY_PATH which
> makes you cyrus use the correct libs?
> So, I prepared another script that prepares the environment and starts
> master.
> This way I could "sudo myscript".
> Master now runs, but then changes user to fork processes, and once again
> it seems to loose my environment:
> Nov  3 17:34:13 sl master[18963]: setrlimit: Unable to set file
> descriptors limit to -1: Operation not permitted
> Nov  3 17:34:13 sl master[18963]: retrying with 1024 (current max)
> Nov  3 17:34:13 sl master[18963]: process started
> Nov  3 17:34:13 sl master[18964]: about to exec /sonicle/bin/ctl_cyrusdb
> Nov  3 17:34:13 sl ctl_cyrusdb[18964]: incorrect version of Berkeley db:
> compiled against 4.8.30, linked against 4.3.29
> Nov  3 17:34:13 sl master[18963]: process 18964 exited, signaled to death
> by 11
> Nov  3 17:34:13 sl master[18963]: unable to setsocketopt(IP_TOS):
> Operation not supported
> Nov  3 17:34:13 sl master[18963]: ready for work
> Nov  3 17:34:13 sl master[18965]: about to exec /sonicle/bin/ctl_cyrusdb
> Nov  3 17:34:13 sl ctl_cyrusdb[18965]: incorrect version of Berkeley db:
> compiled against 4.8.30, linked against 4.3.29
> Nov  3 17:34:13 sl master[18963]: process 18965 exited, signaled to death
> by 11
> How can I solve this problem?
> Is there anyway to let the new processes have the correct environment?
> Hm, I didn't check whether Cyrus resets the environment but, stupid
> question, did you forget to export the vars in question?
> Simon
>

More information about the Info-cyrus mailing list