--- src/server.c
+++ src/server.c
@@ -767,20 +767,8 @@
 
  	TRACE(TRACE_NOTICE, "starting main service loop for [%s]", conf->service_name);
 
-	server_conf = conf;
-	if (db_connect()) {
-		TRACE(TRACE_ERR, "could not connect to database");
-		return -1;
-	}
-
-	if (auth_connect()) {
-		TRACE(TRACE_ERR, "could not connect to authentication");
-		return -1;
-	}
 	srand((int) ((int) time(NULL) + (int) getpid()));
 
- 	TRACE(TRACE_NOTICE, "starting main service loop for [%s]", conf->service_name);
-
 	server_conf = conf;
 
 	evthread_use_pthreads();
@@ -843,6 +831,18 @@
 	if (drop_privileges(conf->serverUser, conf->serverGroup) < 0)
 		TRACE(TRACE_WARNING, "unable to drop privileges");
 	
+	// We cannot usually connect to the DBMS as root, so we do it
+	// after we have dropped root privileges.
+	if (db_connect()) {
+		TRACE(TRACE_ERR, "could not connect to database");
+		return -1;
+	}
+
+	if (auth_connect()) {
+		TRACE(TRACE_ERR, "could not connect to authentication");
+		return -1;
+	}
+
 	server_pidfile(conf);
 
 	if (MATCH(conf->service_name, "IMAP"))