Server Settings Backend Plugin Local File Set-UID Access Type Errors
====================================================================

Below is a list of most possible errors that the Server Settings
Backend's Local File set-UID (SUID) program can produce.  They are
specified by the error number and error text; then for each one, a
possible cause is explained.  Finally, most errors will have a
suggested remedy (or starting point for finding one).



ERR_CONFIG (37) Invalid authorized invoker
------------------------------------------
The argument for the --enable-authorized-invoker configuration option
does not point to a real user, or the default, "apache", is not a
real user on this system.

ERR_RESTRICTED (34) Invalid real user
-------------------------------------
The invoking user/process is not allowed to execute the SUID backend.
You may need to try using the --enable-authorized-invoker
configuration option.

ERR_USAGE (33) Incorrect usage
ERR_USAGE (33) Action not found
-------------------------------
The command line arguments were not as expected.  The calling module
might have a code bug.  Valid invocations are:

   squirrelmail_server_settings_suid_backend server user file_exists file_name
   squirrelmail_server_settings_suid_backend server user directory_exists file_name
   squirrelmail_server_settings_suid_backend server user path_exists file_name
   squirrelmail_server_settings_suid_backend server user get_file requested_file_path local_file_path
   squirrelmail_server_settings_suid_backend server user stat requested_file_path local_file_path
   squirrelmail_server_settings_suid_backend server user lstat requested_file_path local_file_path
   squirrelmail_server_settings_suid_backend server user list_directory requested_dir_path local_file_path
   squirrelmail_server_settings_suid_backend server user list_directory_detailed_stat requested_dir_path local_file_path
   squirrelmail_server_settings_suid_backend server user list_directory_detailed_lstat requested_dir_path local_file_path
   squirrelmail_server_settings_suid_backend server user put_file local_file_path target_file_path
   squirrelmail_server_settings_suid_backend server user delete_file target_file_path
   squirrelmail_server_settings_suid_backend server user delete_directory target_directory_path
   squirrelmail_server_settings_suid_backend server user delete_file_or_directory target_path
   squirrelmail_server_settings_suid_backend server user change_permissions requested_path mode
   squirrelmail_server_settings_suid_backend server user mkdir requested_path mode
   squirrelmail_server_settings_suid_backend server user mkdir_recursive requested_path mode
   squirrelmail_server_settings_suid_backend server user rename source_path destination_path
   squirrelmail_server_settings_suid_backend server user vacation_init
   squirrelmail_server_settings_suid_backend server user vacation_init_with_interval interval

ERR_USAGE (33) Feature not enabled
----------------------------------
The requested action is supported, but has not been activated.  You
need to reconfigure and recompile the program with the needed options
selected.

ERR_USER (38) Could not read master username
--------------------------------------------
Caller failed to send the "master" user name
(with trailing newline (\n))

ERR_BADPASS (32) Could not read master password
-----------------------------------------------
Caller failed to send the "master" password (with trailing newline
(\n)).  This is commonly caused by having configured the set-UID
backend to require the additional "master" authentication, but the
array of server settings that are being used do not contain the
needed "MASTER_SECURITY_CHECK" and/or "MASTER_USERNAME" settings.

ERR_BADPASS (32) Could not read password
----------------------------------------
Caller failed to send the user password (with trailing newline (\n)).
Also, if the additional "master" authentication is being required,
double check that the array of server settings that are being used
contain the needed "MASTER_SECURITY_CHECK" and/or "MASTER_USERNAME"
settings.

ERR_USER (38) Super-user not allowed
-------------------------------------
Unless --enable-root-allowed is turned on, the program cannot be
called for the super-user.

ERR_USER (38) Super-user not allowed for master login
-----------------------------------------------------
Unless --enable-master-root-allowed is turned on, the super-user
cannot be used as the additional "master" authentication check.
It's likely never a good idea to use the root credentials for this
purpose.  Create a different, special-use account for this purpose
instead.

ERR_USER (38) Failed to authenticate user
-----------------------------------------
The user for whom the program was called could not be authenticated.
Double check the username and password being given as well as the
user lookup and authentication configuration options.

ERR_USER (38) Failed to authenticate master login
-------------------------------------------------
The additional "master" account could not be authenticated.  Double
check the username and password being given for "master"
authentication (that includes making sure that the web server
configuration of the "master" credentials is working correctly) as
well as the "master" user lookup and authentication configuration
options.

ERR_BADPASS (32) Password does not match...
-------------------------------------------
The supplied password does not seem to be valid.  Double check the
username and password being given as well as the user lookup and
authentication configuration options.

ERR_BADPASS (32) Master password does not match...
---------------------------------------------------
The password given for the additional "master" authentication check
does not seem to be valid.  Double check the username and password
being given for "master" authentication (that includes making sure
that the web server configuration of the "master" credentials is
working correctly) as well as the "master" user lookup and
authentication configuration options.

ERR_BADPASS (32) Access not allowed for this account
----------------------------------------------------
This account does not seem to have a password and has thus been
disallowed access.  If you still need to use this account, you may
need to try the --enable-empty-passwords configuration option.

ERR_BADPASS (32) Access not allowed for this master login
---------------------------------------------------------
The account being used for the additional "master" authentication
check does not seem to have a password and has thus been disallowed
access.  If you really want to use a password-less account for the
"master" authentication (strongly discouraged), you may need to try
the --enable-master-empty-passwords configuration option.

ERR_USER (38) getpwnam() failed
-------------------------------
An invalid username was given (does not correspond to a real local
user in the password database).  

ERR_USER (38) getspnam() failed
-------------------------------
An invalid username was given (does not correspond to a real local
user in the shadow password database).  

ERR_USER (38) UID too small
---------------------------
The --enable-min-uid configuration option has excluded the user for
which the program was called.  The caller is doing something it
shouldn't, or you may need to relax the --enable-min-uid
configuration option.

ERR_USER (38) Master UID too small
----------------------------------
The --enable-master-min-uid configuration option has excluded the
account that is being used for the additional "master"
authentication check.  You may need to relax the
--enable-master-min-uid configuration option.

ERR_BADPASS (32) PAM authentication failed
------------------------------------------
The supplied password does not seem to be valid.  Look at your PAM
logs for other details and double check the username and password
being given as well as the user lookup and authentication
configuration options.

ERR_BADPASS (32) IMAP authentication failed
ERR_BADPASS (32) UW c-client IMAP authentication failed
-------------------------------------------------------
The supplied password does not seem to be valid.  Look at your IMAP
logs for other details and double check the username and password
being given as well as the user lookup and authentication
configuration options.  You can also use --enable-debug to
help debug the problem.

ERR_SOCKET (47) Could not connect to IMAP server
------------------------------------------------
A socket could not be opened to the IMAP server.  Check your IMAP
logs for other details and double check the --enable-imap-addr
and --enable-imap-port configuration values.

ERR_SOCKET (47) Could not read from IMAP server socket
------------------------------------------------------
Could not communicate with the IMAP server.  Check your IMAP logs
for other details and double check the --enable-imap-addr
and --enable-imap-port configuration values.

ERR_USER (38) Bad characters in username
----------------------------------------
Check the given username - it contains illegal characters

ERR_SQL_ALLOC_ENV (48) Failed to allocate environment handle...
ERR_SQL_SET_ENV_ATTR (49) SQLSetEnvAttr() failed...
ERR_SQL_ALLOC_CONN (50) Failed to allocate connection handle...
ERR_SQL_SET_CONN_ATTR (51) SQLSetConnectAttr() failed...
ERR_SQL_ALLOC_STMT (53) Failed to allocate statement handle...
---------------------------------------------------------------
There is a problem with the ODBC library installation, as it could
not perform its normal startup.  Check your ODBC setup and
configuration and make sure your database environment is operating
normally.  Using --enable-debug may also display more helpful
information regarding this error.

ERR_SQL_CONNECT (52) Failed to connect to data source...
--------------------------------------------------------
The given data source was unavailable or misconfigured.  Double check
the value given for --enable-user-lookup-sql-dsn and that it
corresponds to a correctly configured data source in your ODBC
configuration (see information elsewhere about how to set up and
test unixODBC.)  Using --enable-debug may also display more helpful
information regarding this error.

ERR_SQL_QUERY (54) Failed to query database...
----------------------------------------------
There was a problem with the given database query.  Double check the
value given for --enable-user-lookup-sql-query and watch your
database query log for more detailed infomration.  Using
--enable-debug may also display more helpful information regarding
this error.

ERR_SQL_GET_ROWS (55) Could not retrieve the number of rows for query...
ERR_SQL_GET_COLS (56) Could not retrieve the number of columns for query...
ERR_SQL_BAD_COLS (58) Query returned wrong number of columns...
ERR_SQL_GET_DATA (59) Could not retrieve query data...
ERR_SQL_GET_DATA (59) Could not retrieve account password...
ERR_SQL_GET_DATA (59) Could not retrieve account UID...
ERR_SQL_GET_DATA (59) Could not retrieve account GID...
ERR_SQL_GET_DATA (59) Could not retrieve account home directory...
---------------------------------------------------------------------------
There was a problem with the given database query's results.  Double
check the value given for --enable-user-lookup-sql-query and watch
your database query log for more detailed infomration.  Using
--enable-debug may also display more helpful information regarding
this error.

ERR_SQL_BAD_ROWS (57) Query returned wrong number of rows...
------------------------------------------------------------
A user was not found or there was a problem with the given database
query.  Double check the username being used and the value given for
--enable-user-lookup-sql-query and watch your database query log for
more detailed infomration.  Using --enable-debug may also display
more helpful information regarding this error.

ERR_BAD_LIBRARY (60) UW c-client library does not support IMAP...
-----------------------------------------------------------------
There is a problem with the installation or configuration of the UW
c-client library.  Double check that IMAP support is included therein.

ERR_FILETYPE (44) path_exists(): Target is not a regular file
ERR_FILETYPE (44) delete_file(): Target is not a regular file
-------------------------------------------------------------
When verifying the existence of a file, it was found not to be a
normal file.  Check the file path and make sure someone isn't trying
to exploit or attack your system.

ERR_FILETYPE (44) delete_directory(): Target is not a directory
---------------------------------------------------------------
When verifying the existence of a directory, it was found not to be
a directory at all.  Check the path and make sure someone isn't
trying to exploit or attack your system.

ERR_FILETYPE (44) delete_file_or_directory(): Target is neither a file nor a directory
--------------------------------------------------------------------------------------
When verifying the existence of a file or directory, it was found
not to be a file nor a directory.  Check the path and make sure
someone isn't trying to exploit or attack your system.

ERR_SOURCEFILE (40) list_directory(): Could not stat() directory entry "..."
ERR_SOURCEFILE (40) list_directory(): Could not stat() directory entry "..." (not found)
----------------------------------------------------------------------------------------
There was a problem attempting to gather information about an entry
inside a directory.  Check the path and its ownership and permissions
and make sure someone isn't tring exploit or attack your system.

ERR_SOURCEFILE (40) change_permissions(): Could not change permissions...
-------------------------------------------------------------------------
There was a problem attempting to change permissions of a file or
directory.  Check the path and its ownership and permissions and
make sure someone isn't tring exploit or attack your system.

ERR_SOURCEFILE (40) make_directory(): Could not create directory...
-------------------------------------------------------------------
There was a problem attempting to create a directory.  Check the path
and its ownership and permissions and make sure someone isn't tring
exploit or attack your system.

ERR_SOURCEFILE (40) Problem with stat()...
ERR_DESTFILE (41) delete_file(): lstat() of "..." failed...
ERR_DESTFILE (41) delete_directory(): lstat() of "..." failed...
ERR_DESTFILE (41) delete_file_or_directory(): lstat() of "..." failed...
------------------------------------------------------------------------
There was a problem attempting to gather information about a file or
directory.  Check the path and make sure someone isn't tring exploit
or attack your system.

ERR_USER (38) go_home(): Invalid home directory
-----------------------------------------------
The user's home directory is corrupted.  Check the account details
for the user that is causing this problem.  If you are using
--enable-override-home-dir, double check the value specified for
that option.

ERR_CONFIG (37) go_home(): chdir("...") failed...
-------------------------------------------------
The value specified for --enable-home-dir-prefix may not be a
valid directory or there is a (permissions) problem with a
user's home directory.

ERR_HOME (39) go_home(): mkdir("...") failed...
ERR_HOME (39) mkdir_recursive(): mkdir("...") failed
ERR_HOME (39) mkdir_recursive(): "..." exists but is not a directory
--------------------------------------------------------------------
There was a problem creating a user's home directory.  Check
directory path and permissions, etc.

ERR_HOME (39) go_home(): chown("...") failed after mkdir()
ERR_HOME (39) mkdir_recursive(): chown("...") failed after mkdir()
------------------------------------------------------------------
There was a problem changing the ownership of a user's home
directory.  Check directory permissions, etc.

ERR_PRIVILEGE (125) go_home(): Cannot set effective UID/GID to target
---------------------------------------------------------------------
There was an unexpected problem assuming the credentials of a user.
Check the user account UID/GID and other related details and
configurations.

ERR_PRIVILEGE (125) go_home(): Cannot assume super-user...
ERR_PRIVILEGE (125) put_file(): Could not change privileges...
--------------------------------------------------------------
The program does not have root privilege.  It may not have the
set-UID bit set.  Inspect the program's permissions.

ERR_SOURCEFILE (40) get_file(): open() source file failed...
ERR_SOURCEFILE (40) put_file(): open() source file failed...
------------------------------------------------------------
The source could not be opened.  Double check all relevant directory
and file permissions.

ERR_SOURCEFILE (40) list_directory(): Could not open directory...
-----------------------------------------------------------------
A directory could not be opened in preparation for listing its
contents.  Double check that the path is to a real directory and that
it has accessible permissions and ownership.

ERR_DESTFILE (41) get_file(): open() destination file failed...
ERR_DESTFILE (41) put_file(): open() destination file failed...
ERR_DESTFILE (41) stat_path(): open() destination file failed...
ERR_DESTFILE (41) list_directory(): open() destination file failed
------------------------------------------------------------------
The destination file could not be opened.  Double check all relevant
directory and file permissions.

ERR_PRIVILEGE (125) get_file(): Could not assume previous user privileges...
ERR_PRIVILEGE (125) stat_path(): Could not assume previous user privileges...
ERR_PRIVILEGE (125) list_directory(): Could not assume previous user privileges
-------------------------------------------------------------------------------
There was a problem changing user privileges.

ERR_COPYFILE (42) Error while writing file
ERR_COPYFILE (42) Error reading file
ERR_COPYFILE (42) Error closing files
ERR_DESTFILE (41) stat_path(): Error while writing file
ERR_DESTFILE (41) stat_path(): Error closing file...
ERR_DESTFILE (41) list_directory(): Error while writing entry
ERR_DESTFILE (41) list_directory(): Error closing file...
ERR_SOURCEFILE (40) list_directory(): Error closing directory...
ERR_DESTFILE (41) rename_file_or_directory(): Could not move...
----------------------------------------------------------------
A problem occurred while writing to/copying/moving a file or
directory.  Double check file paths, permissions, etc.

ERR_LOCALFILE (36) Local file path must be an absolute path
-----------------------------------------------------------
The file path/name given for the local file part of a command was
not a valid absolute path.  Double check that the caller is sending
safe file paths.

ERR_LOCALFILE (36) Local file path is restricted to "..."
---------------------------------------------------------
The file path/name given for the local file part of a command was
outside of the allowable location (as specified with
--enable-local-file-prefix).  Double check that the caller is sending
safe file paths or change your --enable-local-file-prefix argument.

ERR_REMOTEFILE (35) Remote file name cannot be empty
ERR_REMOTEFILE (35) Remote file name cannot be "." or ".."
ERR_REMOTEFILE (35) Remote file path cannot be absolute
ERR_REMOTEFILE (35) Remote file path cannot traverse ".."
----------------------------------------------------------
The file path/name given for the remote file part of a command was
not valid.  Ensure that no illegitimate use is occurring and verify
that the caller is sending safe file paths.

ERR_REMOTEFILE (35) Remote file name cannot contain "/"
-------------------------------------------------------
The file name given for the remote file part of a command cannot
contain a directory path, but the caller passed what looks like a
file path.  Double check what the caller is sending.  If you must
support subdirectory access, you need to enable the configure option
--enable-remote-subdirectories-ok

ERR_REMOTEFILE (35) Remote file name must start with a dot (".")
----------------------------------------------------------------
You used the configure option --enable-remote-filenames-dot=required
but the caller is sending file names that do not start with a dot.
Double check what the caller is sending.

ERR_REMOTEFILE (35) Remote file name cannot start with a dot (".")
------------------------------------------------------------------
You used the configure option --enable-remote-filenames-dot=no but
the caller is sending file names that start with a dot.  Double
check what the caller is sending.

ERR_REMOTEFILE (35) Remote file name begins with illegal characters
-------------------------------------------------------------------
You used one or both of the configure options
--enable-remote-file-prefix or --enable-remote-file-custom-prefix,
but the caller is sending file names that do not conform to these
limitations.  Double check what the caller is sending.

ERR_REMOTEFILE (35) Remote file name contains illegal character(s)
------------------------------------------------------------------
The file path/name given for the remote file part of a command has
an illegal character in it.  Double check that the caller is sending
safe file paths.  You may need to try using the --enable-remote-chars
or --disable-remote-chars configuration options.

ERR_UNLINK (43) delete_file(): unlink() "..." failed
ERR_UNLINK (43) delete_file_or_directory(): unlink() "..." failed
-----------------------------------------------------------------
The requested file could not be deleted.  Double check the file path
and its permissions.

ERR_RMDIR (61) delete_directory(): rmdir() "..." failed
ERR_RMDIR (61) delete_file_or_directory(): rmdir() "..." failed
---------------------------------------------------------------
The requested directory could not be deleted.  Double check that the
directory is empty and check its path and permissions.

ERR_UNLINK (43) delete_directory(): unlink() "..." failed
---------------------------------------------------------
The requested link (to a directory) could not be deleted.  Double
check the path and its permissions.

ERR_EXEC (45) vacation_init(): execve() failed...
-------------------------------------------------
The "vacation" program could not be executed.  Check all error logs,
verify the path and permissions of the "vacation" program, comparing
the path with what was specified for --enable-vacation.

