Re: dict_unix & failures while fetching user info
- Michael Tokarev:
> > Sorry. errno may be set even after successful lookup. An errnoThat is besides the point.
> Sure thing, but we aren't interested to know which value errno
> have after successful lookup, only after failure.
errno is a useless error indicator precisely because some systems
set it upon successful lookup.
To illustrate the futility of second-guessing getpwnam(), here is
how it would go.
- First you would have to maintain a list of "errno after success"
results. This may include EACCESS when the system keeps its password
hashes in a read-protected file, ENOENT and lots of others when
password information is retrieved via NIS or other network databases.
- Second, when getpwnam() fails you'd have to look if the errno is
one of the bogus "errno after success" ones. If it is, then you
can't use that errno value.
- Third, you would have to guess which of the remaining errnos
might be a true indicator of failure. As shown above, EACCESS and
ENOENT are not true indicators, and thus, you would not detect a
the obvious error of a mis-configured chroot jail.
This is too much guesswork, and guesswork is not a good basis for
building a robust MTA.
Instead, Postfix invokes getpwuid(0) and if that fails it assumes
that the infrastructure is broken. I think this is more robust than
guessing errno values. It does detect the obvious error of a
mis-configured chroot jail, and it should also detect the
case of resource shortage.