[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5166) Wrong DBD's database permissions when slapd starts

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5166) Wrong DBD's database permissions when slapd starts
From: ando@sys-net.it
Date: Wed, 3 Oct 2007 15:22:43 GMT

pedrorandrade@gmail.com wrote:
> Full_Name: Pedro RA
> Version: 2.3.30-5
> OS: Debian 4.1.1-21
> URL: 
> Submission from: (NULL) (85.139.209.115)

The latest release is 2.3.38.

> When slapd is starting, and no database exists, slapd creates a new one with the
> wrong permissions (user:root, group:root)
> This probably is caused by slapd creating the database before chroot.

Probably you mean before setuid(); chroot has nothing to do with the 
identity a process is running as.

> The before-chroot creation of the database is the bug.

The database is opened (and thus created, if it doesn't exist) only 
**after** setuid().  In fact, setuid() (and chroot() occur **before** 
even reading the configuration file.  If it were like you say, the files 
would have been created **before** even knowing in which directory they 
should be located.

> When this happens ldap-delete operations fail with:
> ldap_delete: Internal (implementation specific) error (80)
>         additional info: entry index delete failed

Probably you unintentionally performed some operation that created the 
files before starting slapd.

p.

Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------

Prev by Date: (ITS#5166) Wrong DBD's database permissions when slapd starts
Next by Date: Re: (ITS#5166) Wrong DBD's database permissions when slapd starts
Index(es):
- Chronological
- Thread