[freeipa/f17] Fix permission issue on reinstall
Simo Sorce
simo at fedoraproject.org
Wed Oct 10 15:33:19 UTC 2012
commit 1a83106fb4840429c082e3f99afaad772bb786f1
Author: Simo Sorce <simo at redhat.com>
Date: Wed Oct 10 11:20:45 2012 -0400
Fix permission issue on reinstall
This patch backported from 3.0 avoids issues on install after a server
uninstall done with ipa-server-install --uninstall
freeipa-3.0-Fixed-boot.ldif-permission.patch | 41 ++++++++++++++++++++++++++
freeipa.spec | 8 ++++-
2 files changed, 48 insertions(+), 1 deletions(-)
---
diff --git a/freeipa-3.0-Fixed-boot.ldif-permission.patch b/freeipa-3.0-Fixed-boot.ldif-permission.patch
new file mode 100644
index 0000000..a2fe216
--- /dev/null
+++ b/freeipa-3.0-Fixed-boot.ldif-permission.patch
@@ -0,0 +1,41 @@
+From 952ffe49a67cf1692411160ad63cd26764dc77cf Mon Sep 17 00:00:00 2001
+From: Endi Sukma Dewata <edewata at redhat.com>
+Date: Fri, 16 Mar 2012 17:15:26 -0500
+Subject: [PATCH] Fixed boot.ldif permission.
+
+The server installation failed on F17 due to permission problem.
+The /var/lib/dirsrv/boot.ldif was previously owned and only readable
+by root. It is now owned by DS user dirsrv.
+
+Ticket #2544
+
+Conflicts:
+ ipaserver/install/dsinstance.py
+---
+ ipaserver/install/dsinstance.py | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
+index adeecfc00e7bf2f1c659c21cba9745d37abe964a..827f6913613a23ab295f3168c13cfb055a40c7fe 100644
+--- a/ipaserver/install/dsinstance.py
++++ b/ipaserver/install/dsinstance.py
+@@ -333,6 +333,8 @@ class DsInstance(service.Service):
+ root_logger.critical("failed to add user %s" % e)
+
+ def __create_instance(self):
++ pent = pwd.getpwnam(DS_USER)
++
+ self.backup_state("serverid", self.serverid)
+ self.fstore.backup_file("/etc/sysconfig/dirsrv")
+
+@@ -347,6 +349,7 @@ class DsInstance(service.Service):
+
+ # Must be readable for dirsrv
+ os.chmod(target_fname, 0440)
++ os.chown(target_fname, pent.pw_uid, pent.pw_gid)
+
+ inf_txt = ipautil.template_str(INF_TEMPLATE, self.sub_dict)
+ root_logger.debug("writing inf template")
+--
+1.7.11.4
+
diff --git a/freeipa.spec b/freeipa.spec
index 741d2f8..9d4366a 100644
--- a/freeipa.spec
+++ b/freeipa.spec
@@ -14,7 +14,7 @@ distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
Name: freeipa
Version: 2.2.0
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: The Identity, Policy and Audit system
Group: System Environment/Base
@@ -23,6 +23,8 @@ URL: http://www.freeipa.org/
Source0: http://www.freeipa.org/downloads/src/freeipa-%{version}.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+Patch01: freeipa-3.0-Fixed-boot.ldif-permission.patch
+
%if ! %{ONLY_CLIENT}
BuildRequires: 389-ds-base-devel >= 1.2.10.4
BuildRequires: svrcore-devel
@@ -224,6 +226,7 @@ package.
%prep
%setup -n freeipa-%{version} -q
+%patch01 -p1
%build
export CFLAGS="$CFLAGS %{optflags}"
@@ -577,6 +580,9 @@ fi
%ghost %attr(0644,root,apache) %config(noreplace) %{_sysconfdir}/ipa/ca.crt
%changelog
+* Wed Oct 10 2012 Simo Sorce <simo at redhat.com> - 2.2.0-2
+- Add patch to fix permission issue on re-install
+
* Thu May 3 2012 Rob Crittenden <rcritten at redhat.com> - 2.2.0-1
- Updated to upstream 2.2.0 GA
- Update minimum n-v-r of certmonger to 0.53
More information about the scm-commits
mailing list