Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32223
Modified Files:
log.c main.c util.c proto-slap.h
Log Message:
[173687] deadlock caused by error log rotation and logging
Modified to change the owner to the "localuser" if the error log file is not
owned by the user.
Index: log.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/log.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- log.c 19 Apr 2005 22:07:36 -0000 1.6
+++ log.c 23 Nov 2005 17:58:01 -0000 1.7
@@ -48,6 +48,7 @@
#include "log.h"
#include "fe.h"
+#include <pwd.h> /* getpwnam */
#if defined( XP_WIN32 )
#include <fcntl.h>
@@ -3225,6 +3226,17 @@
char tbuf[TBUFSIZE];
struct logfileinfo *logp;
char buffer[BUFSIZ];
+ struct passwd *pw = NULL;
+
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+ if ( slapdFrontendConfig->localuser != NULL ) {
+ if ( (pw = getpwnam( slapdFrontendConfig->localuser )) == NULL )
+ return LOG_UNABLE_TO_OPENFILE;
+ }
+ else {
+ return LOG_UNABLE_TO_OPENFILE;
+ }
if (!locked) LOG_ERROR_LOCK_WRITE( );
@@ -3287,6 +3299,12 @@
return LOG_UNABLE_TO_OPENFILE;
}
+ /* make sure the logfile is owned by the localuser. If one of the
+ * alternate ns-slapd modes, such as db2bak, tries to log an error
+ * at startup, it will create the logfile as root!
+ */
+ slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1);
+
loginfo.log_error_fdes = fp;
if (logfile_state == LOGFILE_REOPENED) {
/* we have all the information */
Index: main.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/main.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- main.c 21 Nov 2005 04:07:07 -0000 1.10
+++ main.c 23 Nov 2005 17:58:01 -0000 1.11
@@ -207,32 +207,6 @@
#ifndef WIN32
-/* Changes the ownership of the given file/directory iff not
- already the owner
- Returns 0 upon success or non-zero otherwise, usually -1 if
- some system error occurred
-*/
-static int
-chown_if_not_owner(const char *filename, uid_t uid, gid_t gid)
-{
- struct stat statbuf;
- int result = 1;
- if (!filename)
- return result;
-
- memset(&statbuf, '\0', sizeof(statbuf));
- if (!(result = stat(filename, &statbuf)))
- {
- if (((uid != -1) && (uid != statbuf.st_uid)) ||
- ((gid != -1) && (gid != statbuf.st_gid)))
- {
- result = chown(filename, uid, gid);
- }
- }
-
- return result;
-}
-
/*
Four cases:
- change ownership of all files in directory (strip_fn=PR_FALSE)
@@ -258,7 +232,7 @@
if((ptr=strrchr(log,'/'))==NULL)
{
LDAPDebug(LDAP_DEBUG_ANY, "Caution changing ownership of ./%s \n",name,0,0);
- chown_if_not_owner(log, pw->pw_uid, -1 );
+ slapd_chown_if_not_owner(log, pw->pw_uid, -1 );
rc=1;
} else if(log==ptr) {
LDAPDebug(LDAP_DEBUG_ANY, "Caution changing ownership of / directory and its contents to %s\n",pw->pw_name,0,0);
@@ -273,7 +247,7 @@
while( (entry = PR_ReadDir(dir , PR_SKIP_BOTH )) !=NULL )
{
PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name);
- chown_if_not_owner( file, pw->pw_uid, -1 );
+ slapd_chown_if_not_owner( file, pw->pw_uid, -1 );
}
PR_CloseDir( dir );
}
@@ -302,7 +276,7 @@
}
/* The instance directory needs to be owned by the local user */
- chown_if_not_owner( slapdFrontendConfig->instancedir, pw->pw_uid, -1 );
+ slapd_chown_if_not_owner( slapdFrontendConfig->instancedir, pw->pw_uid, -1 );
PR_snprintf(dirname,sizeof(dirname),"%s/config",slapdFrontendConfig->instancedir);
chown_dir_files(dirname, pw, PR_FALSE); /* config directory */
chown_dir_files(slapdFrontendConfig->accesslog, pw, PR_TRUE); /* do access log directory */
Index: util.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/util.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- util.c 19 Apr 2005 22:07:37 -0000 1.6
+++ util.c 23 Nov 2005 17:58:01 -0000 1.7
@@ -631,3 +631,30 @@
return( rc );
}
/*****************************************************************************/
+
+/* Changes the ownership of the given file/directory if not
+ already the owner
+ Returns 0 upon success or non-zero otherwise, usually -1 if
+ some system error occurred
+*/
+int
+slapd_chown_if_not_owner(const char *filename, uid_t uid, gid_t gid)
+{
+ struct stat statbuf;
+ int result = 1;
+ if (!filename)
+ return result;
+
+ memset(&statbuf, '\0', sizeof(statbuf));
+ if (!(result = stat(filename, &statbuf)))
+ {
+ if (((uid != -1) && (uid != statbuf.st_uid)) ||
+ ((gid != -1) && (gid != statbuf.st_gid)))
+ {
+ result = chown(filename, uid, gid);
+ }
+ }
+
+ return result;
+}
+
Index: proto-slap.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/proto-slap.h,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- proto-slap.h 25 Aug 2005 00:58:27 -0000 1.11
+++ proto-slap.h 23 Nov 2005 17:58:01 -0000 1.12
@@ -588,6 +588,7 @@
*/
void slapd_nasty(char* str, int c, int err);
int strarray2str( char **a, char *buf, size_t buflen, int include_quotes );
+int slapd_slapd_chown_if_not_owner(const char *filename, uid_t uid, gid_t gid);
/*
* modify.c