paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-11-06 06:53:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

email_mirror_server: chown the logfile before dropping privileges.

Browse Source 
This prevents the logger from failing due to an old, root-owned,
logfile already existing.
This commit is contained in:
Alex Vandiver
2025-09-18 09:47:23 -04:00
committed by Tim Abbott
parent 58e0d6fc12
commit 3064939ff7
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
zerver/lib/email_mirror_server.py
View File

@@ -174,6 +174,12 @@ class PermissionDroppingUnthreadedController(UnthreadedController): # nocoverag
if os.geteuid() == 0:
assert self.user_id is not None
assert self.group_id is not None
# We may have a logfile owned by root, from before we
# fixed it to be owned by zulip; chown it if it exists, so
# we don't fail below.
if os.path.exists(settings.EMAIL_LOG_PATH):
os.chown(settings.EMAIL_MIRROR_LOG_PATH, self.user_id, self.group_id)
logger.info("Dropping privileges to uid %d / gid %d", self.user_id, self.group_id)
os.setgid(self.group_id)
os.setuid(self.user_id)