|
|
905b4d |
From 1c27362249606583545f7b0c465a3088879439a1 Mon Sep 17 00:00:00 2001
|
|
|
905b4d |
From: Michal Zidek <mzidek@redhat.com>
|
|
|
905b4d |
Date: Thu, 9 Oct 2014 17:15:56 +0200
|
|
|
905b4d |
Subject: [PATCH 30/46] MONITOR: Allow confdb to be accessed by nonroot user
|
|
|
905b4d |
|
|
|
905b4d |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
|
|
905b4d |
Reviewed-by: Simo Sorce <simo@redhat.com>
|
|
|
905b4d |
(cherry picked from commit 579e5d4b7a3ca161ea7518b2996905fa22c15995)
|
|
|
905b4d |
---
|
|
|
905b4d |
src/monitor/monitor.c | 13 ++++++++++++-
|
|
|
905b4d |
1 file changed, 12 insertions(+), 1 deletion(-)
|
|
|
905b4d |
|
|
|
905b4d |
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
|
|
|
905b4d |
index 905e66f25601d155557487ae9c7eb6d3145d3a83..37f6e928be3508762e1c3afadbb67762f5cc1d38 100644
|
|
|
905b4d |
--- a/src/monitor/monitor.c
|
|
|
905b4d |
+++ b/src/monitor/monitor.c
|
|
|
905b4d |
@@ -1696,7 +1696,6 @@ static errno_t load_configuration(TALLOC_CTX *mem_ctx,
|
|
|
905b4d |
DEBUG(SSSDBG_FATAL_FAILURE, "Fatal error initializing confdb\n");
|
|
|
905b4d |
goto done;
|
|
|
905b4d |
}
|
|
|
905b4d |
- talloc_zfree(cdb_file);
|
|
|
905b4d |
|
|
|
905b4d |
ret = confdb_init_db(config_file, ctx->cdb);
|
|
|
905b4d |
if (ret != EOK) {
|
|
|
905b4d |
@@ -1712,11 +1711,23 @@ static errno_t load_configuration(TALLOC_CTX *mem_ctx,
|
|
|
905b4d |
goto done;
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+ /* Allow configuration database to be accessible
|
|
|
905b4d |
+ * when SSSD runs as nonroot */
|
|
|
905b4d |
+ ret = chown(cdb_file, ctx->uid, ctx->gid);
|
|
|
905b4d |
+ if (ret != 0) {
|
|
|
905b4d |
+ ret = errno;
|
|
|
905b4d |
+ DEBUG(SSSDBG_FATAL_FAILURE,
|
|
|
905b4d |
+ "chown failed for [%s]: [%d][%s].\n",
|
|
|
905b4d |
+ cdb_file, ret, sss_strerror(ret));
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
*monitor = ctx;
|
|
|
905b4d |
|
|
|
905b4d |
ret = EOK;
|
|
|
905b4d |
|
|
|
905b4d |
done:
|
|
|
905b4d |
+ talloc_free(cdb_file);
|
|
|
905b4d |
if (ret != EOK) {
|
|
|
905b4d |
talloc_free(ctx);
|
|
|
905b4d |
}
|
|
|
905b4d |
--
|
|
|
905b4d |
1.9.3
|
|
|
905b4d |
|