*nix groups

Here's a groups question for those experts who know more about it then me. I'm extending my customized setup of qmail and I need to have qmail-smtpd peek at the user's mailbox. Here's the setup:

1) qmail-smtpd runs as user qmaild, group qmail.
2) Mailboxes (in maildir format) have permissions 750, with individual user id's and group mail.
3) User qmaild is in group mail

Now, why can't the user qmaild access the mailboxes, even though it is in the mail group and the mail group has permission to access them? By access I mean simply doing a directory listing (or doing a stat on an a specific file).

When I su to qmaild I can access the mailboxes. When I manually run qmail-smtpd as this user it can access the mailboxes, and id confirms this for me:

uid=101(qmaild) gid=101(qmail) groups=101(qmail),12(mail)

However, when qmail-smtpd is started by tcpserver (running as qmaild/qmail) which is started by supervise (running as root/root), which is started by init, qmail-smtpd does not have permission, although as confirmed by getuid() and geteuid() (and the group equivalents) it runs as qmaild/qmail. Even id tells me that I am not in mail group in this case:

uid=101(qmaild) gid=101(qmail) groups=101(qmail)

So what's the difference here? Why am I as qmaild in group mail when I su to it, and not when the same program is started by init? Is this some kind of caching issue, or what am I missing?

 

 

 

 

Top