[Fedora-directory-commits] adminserver/admserv pkgadmin.mk, 1.31, 1.32
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/adminserver/admserv
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1006/admserv
Modified Files:
pkgadmin.mk
Log Message:
Adjusted Admin Util and Console build path for the external build.
Index: pkgadmin.mk
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/pkgadmin.mk,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- pkgadmin.mk 16 Nov 2005 03:18:29 -0000 1.31
+++ pkgadmin.mk 23 Nov 2005 01:25:51 -0000 1.32
@@ -254,8 +254,8 @@
# Copy LIB ADMIN UTIL
cd $(ADMINUTIL_LIBPATH); cp -p $(ADMINUTIL_SOLIBS) $(ADMIN_DIR)/bin/admin/lib
- -$(MKDIR) $(ADMIN_DIR)/bin/admin/lib/property
- cp -p $(ADMINUTIL_LIBPATH)/property/* $(ADMIN_DIR)/bin/admin/lib/property
+ -$(MKDIR) $(ADMIN_DIR)/bin/admin/lib/adminutil-properties
+ cp -p $(ADMINUTIL_LIBPATH)/adminutil-properties/* $(ADMIN_DIR)/bin/admin/lib/adminutil-properties
cd $(ADMSERV_OBJDIR)/cmdln; \
cp -p admconfig $(ADMIN_DIR)/bin/admin;
18 years, 5 months
[Fedora-directory-commits] adminserver buildpaths.mk, 1.4, 1.5 nsconfig.mk, 1.19, 1.20
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/adminserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1006
Modified Files:
buildpaths.mk nsconfig.mk
Log Message:
Adjusted Admin Util and Console build path for the external build.
Index: buildpaths.mk
===================================================================
RCS file: /cvs/dirsec/adminserver/buildpaths.mk,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- buildpaths.mk 3 Nov 2005 23:20:38 -0000 1.4
+++ buildpaths.mk 23 Nov 2005 01:25:45 -0000 1.5
@@ -84,7 +84,7 @@
SETUPUTIL_SOURCE_ROOT = $(BUILD_ROOT)/../setuputil
#SETUPUTIL_BUILD_DIR = $(NSCP_DISTDIR_FULL_RTL)/setuputil
-CONSOLE_SOURCE_DIR = $(BUILD_ROOT)/../console
+CONSOLE_SOURCE_DIR = $(BUILD_ROOT)/..
#LDAPJDK_SOURCE_DIR = $(MOZILLA_SOURCE_ROOT)
LDAPJDK_BUILD_DIR = $(CONSOLE_SOURCE_DIR)/imports/ldapjdk
Index: nsconfig.mk
===================================================================
RCS file: /cvs/dirsec/adminserver/nsconfig.mk,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- nsconfig.mk 16 Nov 2005 03:18:24 -0000 1.19
+++ nsconfig.mk 23 Nov 2005 01:25:45 -0000 1.20
@@ -793,7 +793,7 @@
ADMINUTIL_LIB_VERSION=10
ifdef ADMINUTIL_SOURCE_ROOT
ADMINUTIL_LIBPATH = $(ADMINUTIL_SOURCE_ROOT)/built/adminutil/$(PLATFORM_DEST)/lib
- ADMINUTIL_INCLUDE = $(ADMINUTIL_SOURCE_ROOT)/built/adminutil/$(PLATFORM_DEST)/include
+ ADMINUTIL_INCLUDE = $(ADMINUTIL_SOURCE_ROOT)/built/adminutil/$(PLATFORM_DEST)/include/adminutil-1.0
else
ADMINUTIL_LIBPATH = $(ADMINUTIL_BUILD_DIR)/lib
ADMINUTIL_INCLUDE = $(ADMINUTIL_BUILD_DIR)/include
18 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd log.c, 1.6, 1.6.2.1 main.c, 1.7, 1.7.2.1 util.c, 1.6, 1.6.2.1 proto-slap.h, 1.10.2.1, 1.10.2.2
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv963
Modified Files:
Tag: Directory71RtmBranch
log.c main.c util.c proto-slap.h
Log Message:
[173687] deadlock caused by error log rotation and logging
Modified to change the owner to the "localuser" if the error log file is not
owned by the user.
Index: log.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/log.c,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
--- log.c 19 Apr 2005 22:07:36 -0000 1.6
+++ log.c 23 Nov 2005 01:22:16 -0000 1.6.2.1
@@ -48,6 +48,7 @@
#include "log.h"
#include "fe.h"
+#include <pwd.h> /* getpwnam */
#if defined( XP_WIN32 )
#include <fcntl.h>
@@ -3225,6 +3226,17 @@
char tbuf[TBUFSIZE];
struct logfileinfo *logp;
char buffer[BUFSIZ];
+ struct passwd *pw = NULL;
+
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+ if ( slapdFrontendConfig->localuser != NULL ) {
+ if ( (pw = getpwnam( slapdFrontendConfig->localuser )) == NULL )
+ return LOG_UNABLE_TO_OPENFILE;
+ }
+ else {
+ return LOG_UNABLE_TO_OPENFILE;
+ }
if (!locked) LOG_ERROR_LOCK_WRITE( );
@@ -3287,6 +3299,12 @@
return LOG_UNABLE_TO_OPENFILE;
}
+ /* make sure the logfile is owned by the localuser. If one of the
+ * alternate ns-slapd modes, such as db2bak, tries to log an error
+ * at startup, it will create the logfile as root!
+ */
+ slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1);
+
loginfo.log_error_fdes = fp;
if (logfile_state == LOGFILE_REOPENED) {
/* we have all the information */
Index: main.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/main.c,v
retrieving revision 1.7
retrieving revision 1.7.2.1
diff -u -r1.7 -r1.7.2.1
--- main.c 19 Apr 2005 22:07:36 -0000 1.7
+++ main.c 23 Nov 2005 01:22:16 -0000 1.7.2.1
@@ -207,32 +207,6 @@
#ifndef WIN32
-/* Changes the ownership of the given file/directory iff not
- already the owner
- Returns 0 upon success or non-zero otherwise, usually -1 if
- some system error occurred
-*/
-static int
-chown_if_not_owner(const char *filename, uid_t uid, gid_t gid)
-{
- struct stat statbuf;
- int result = 1;
- if (!filename)
- return result;
-
- memset(&statbuf, '\0', sizeof(statbuf));
- if (!(result = stat(filename, &statbuf)))
- {
- if (((uid != -1) && (uid != statbuf.st_uid)) ||
- ((gid != -1) && (gid != statbuf.st_gid)))
- {
- result = chown(filename, uid, gid);
- }
- }
-
- return result;
-}
-
/*
Four cases:
- change ownership of all files in directory (strip_fn=PR_FALSE)
@@ -258,7 +232,7 @@
if((ptr=strrchr(log,'/'))==NULL)
{
LDAPDebug(LDAP_DEBUG_ANY, "Caution changing ownership of ./%s \n",name,0,0);
- chown_if_not_owner(log, pw->pw_uid, -1 );
+ slapd_chown_if_not_owner(log, pw->pw_uid, -1 );
rc=1;
} else if(log==ptr) {
LDAPDebug(LDAP_DEBUG_ANY, "Caution changing ownership of / directory and its contents to %s\n",pw->pw_name,0,0);
@@ -273,7 +247,7 @@
while( (entry = PR_ReadDir(dir , PR_SKIP_BOTH )) !=NULL )
{
PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name);
- chown_if_not_owner( file, pw->pw_uid, -1 );
+ slapd_chown_if_not_owner( file, pw->pw_uid, -1 );
}
PR_CloseDir( dir );
}
@@ -302,7 +276,7 @@
}
/* The instance directory needs to be owned by the local user */
- chown_if_not_owner( slapdFrontendConfig->instancedir, pw->pw_uid, -1 );
+ slapd_chown_if_not_owner( slapdFrontendConfig->instancedir, pw->pw_uid, -1 );
PR_snprintf(dirname,sizeof(dirname),"%s/config",slapdFrontendConfig->instancedir);
chown_dir_files(dirname, pw, PR_FALSE); /* config directory */
chown_dir_files(slapdFrontendConfig->accesslog, pw, PR_TRUE); /* do access log directory */
Index: util.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/util.c,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
--- util.c 19 Apr 2005 22:07:37 -0000 1.6
+++ util.c 23 Nov 2005 01:22:16 -0000 1.6.2.1
@@ -631,3 +631,30 @@
return( rc );
}
/*****************************************************************************/
+
+/* Changes the ownership of the given file/directory if not
+ already the owner
+ Returns 0 upon success or non-zero otherwise, usually -1 if
+ some system error occurred
+*/
+int
+slapd_chown_if_not_owner(const char *filename, uid_t uid, gid_t gid)
+{
+ struct stat statbuf;
+ int result = 1;
+ if (!filename)
+ return result;
+
+ memset(&statbuf, '\0', sizeof(statbuf));
+ if (!(result = stat(filename, &statbuf)))
+ {
+ if (((uid != -1) && (uid != statbuf.st_uid)) ||
+ ((gid != -1) && (gid != statbuf.st_gid)))
+ {
+ result = chown(filename, uid, gid);
+ }
+ }
+
+ return result;
+}
+
Index: proto-slap.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/proto-slap.h,v
retrieving revision 1.10.2.1
retrieving revision 1.10.2.2
diff -u -r1.10.2.1 -r1.10.2.2
--- proto-slap.h 25 Aug 2005 18:25:08 -0000 1.10.2.1
+++ proto-slap.h 23 Nov 2005 01:22:16 -0000 1.10.2.2
@@ -588,6 +588,7 @@
*/
void slapd_nasty(char* str, int c, int err);
int strarray2str( char **a, char *buf, size_t buflen, int include_quotes );
+int slapd_slapd_chown_if_not_owner(const char *filename, uid_t uid, gid_t gid);
/*
* modify.c
18 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/views views.c, 1.6, 1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/views
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23412/ldapserver/ldap/servers/plugins/views
Modified Files:
views.c
Log Message:
Cannot pass const strings into slapi_str2filter, since it can modify
the contents. I'm not sure why we haven't caught this earlier, but
I believe it has something to do with the patch to make ds build on
Fedora Core 4 with gcc4. To do that, we turn off the -fwriteable-strings
argument to gcc. I suppose with it on, it moves those strings to
some sort of writeable memory location. With it off, constant strings
are definitely in the data section. There was one place in views that
used a constant string, and a couple of places in the windows sync code.
Index: views.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/views/views.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- views.c 11 Aug 2005 16:45:04 -0000 1.6
+++ views.c 22 Nov 2005 03:40:14 -0000 1.7
@@ -735,6 +735,7 @@
Slapi_Filter *pCurrentFilter = 0;
Slapi_Filter *pBuiltFilter = 0;
Slapi_Filter *pViewEntryExcludeFilter = 0;
+ char *excludeFilter;
if(pView->includeAncestorFiltersFilter)
{
@@ -769,7 +770,11 @@
}
/* filter for removing view entries from search */
- pViewEntryExcludeFilter = slapi_str2filter( "(!(objectclass=" VIEW_OBJECTCLASS "))" );
+ /* richm - slapi_str2filter _writes_ to it's argument, so we have to pass in
+ some writeable memory, or core dump, do not pass go */
+ excludeFilter = slapi_ch_strdup("(!(objectclass=" VIEW_OBJECTCLASS "))");
+ pViewEntryExcludeFilter = slapi_str2filter( excludeFilter );
+ slapi_ch_free_string(&excludeFilter);
if(pBuiltFilter)
pView->includeAncestorFiltersFilter = slapi_filter_join_ex( LDAP_FILTER_AND, pBuiltFilter, pViewEntryExcludeFilter, 0 );
18 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication windows_protocol_util.c, 1.22, 1.23
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23412/ldapserver/ldap/servers/plugins/replication
Modified Files:
windows_protocol_util.c
Log Message:
Cannot pass const strings into slapi_str2filter, since it can modify
the contents. I'm not sure why we haven't caught this earlier, but
I believe it has something to do with the patch to make ds build on
Fedora Core 4 with gcc4. To do that, we turn off the -fwriteable-strings
argument to gcc. I suppose with it on, it moves those strings to
some sort of writeable memory location. With it off, constant strings
are definitely in the data section. There was one place in views that
used a constant string, and a couple of places in the windows sync code.
Index: windows_protocol_util.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/windows_protocol_util.c,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- windows_protocol_util.c 20 Oct 2005 17:12:16 -0000 1.22
+++ windows_protocol_util.c 22 Nov 2005 03:40:08 -0000 1.23
@@ -1570,11 +1570,12 @@
{
int retval = 0;
- char *string_deleted = "(isdeleted=*)";
+ char *string_deleted = slapi_ch_strdup("(isdeleted=*)");
/* DBDB: we should allocate these filters once and keep them around for better performance */
Slapi_Filter *filter_deleted = slapi_str2filter( string_deleted );
+ slapi_ch_free_string(&string_deleted);
/* DBDB: this should be one filter, the code originally tested separately and hasn't been fixed yet */
if ( (slapi_filter_test_simple( e, filter_deleted ) == 0) )
{
@@ -2251,9 +2252,10 @@
/* Next test for the correct kind of entry */
if (local_entry) {
/* DBDB: we should allocate these filters once and keep them around for better performance */
- char *string_filter = "(&(|(objectclass=ntuser)(objectclass=ntgroup))(ntUserDomainId=*))";
+ char *string_filter = slapi_ch_strdup("(&(|(objectclass=ntuser)(objectclass=ntgroup))(ntUserDomainId=*))");
Slapi_Filter *filter = slapi_str2filter( string_filter );
+ slapi_ch_free_string(&string_filter);
if (slapi_filter_test_simple( (Slapi_Entry*)local_entry, filter ) == 0)
{
retval = 1;
18 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd main.c, 1.9, 1.10
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9395/ldapserver/ldap/servers/slapd
Modified Files:
main.c
Log Message:
1) Move the import, export, etc. (non network server mode) code to after the NSS/SSL init. For example, import needs to hash passwords, export of encrypted attrs needs encryption.
2) Only create, configure (for SSL) and bind TCP ports if running in regular or referral mode. Before, the code short circuited if doing import, export, etc. before getting to the port stuff. But since 1) above, the code needs to take care only to do network related stuff if in network mode.
Index: main.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/main.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- main.c 18 Nov 2005 21:09:46 -0000 1.9
+++ main.c 21 Nov 2005 04:07:07 -0000 1.10
@@ -817,68 +817,23 @@
/* Set entry points in libslapd */
set_entry_points();
- /*
- * if we were called upon to do special database stuff, do it and be
- * done.
- */
- switch ( slapd_exemode ) {
- case SLAPD_EXEMODE_LDIF2DB:
- return slapd_exemode_ldif2db();
-
- case SLAPD_EXEMODE_DB2LDIF:
- return slapd_exemode_db2ldif(argc,argv);
-
- case SLAPD_EXEMODE_DB2INDEX:
- return slapd_exemode_db2index();
-
- case SLAPD_EXEMODE_ARCHIVE2DB:
- return slapd_exemode_archive2db();
-
- case SLAPD_EXEMODE_DB2ARCHIVE:
- return slapd_exemode_db2archive();
-
- case SLAPD_EXEMODE_DBTEST:
- return slapd_exemode_dbtest();
-
- case SLAPD_EXEMODE_REFERRAL:
- /* check that all the necessary info was given, then go on */
- if (! config_check_referral_mode()) {
- LDAPDebug(LDAP_DEBUG_ANY,
- "ERROR: No referral URL supplied\n", 0, 0, 0);
- usage( myname, extraname );
- exit(1);
- }
- break;
-
- case SLAPD_EXEMODE_SUFFIX2INSTANCE:
- return slapd_exemode_suffix2instance();
-
-#if defined(UPGRADEDB)
- case SLAPD_EXEMODE_UPGRADEDB:
- return slapd_exemode_upgradedb();
-#endif
-
- case SLAPD_EXEMODE_PRINTVERSION:
- slapd_print_version(1);
- exit(1);
- }
-
#if defined( XP_WIN32 )
- /* Register with the NT EventLog */
- hSlapdEventSource = RegisterEventSource(NULL, pszServerName );
- if( !hSlapdEventSource )
- {
- char szMessage[256];
- PR_snprintf( szMessage, sizeof(szMessage), "Directory Server %s is terminating. Failed "
- "to set the EventLog source.", pszServerName);
- MessageBox(GetDesktopWindow(), szMessage, " ",
- MB_ICONEXCLAMATION | MB_OK);
- exit( 1 );
- }
+ if (slapd_exemode == SLAPD_EXEMODE_SLAPD) {
+ /* Register with the NT EventLog */
+ hSlapdEventSource = RegisterEventSource(NULL, pszServerName );
+ if( !hSlapdEventSource ) {
+ char szMessage[256];
+ PR_snprintf( szMessage, sizeof(szMessage), "Directory Server %s is terminating. Failed "
+ "to set the EventLog source.", pszServerName);
+ MessageBox(GetDesktopWindow(), szMessage, " ",
+ MB_ICONEXCLAMATION | MB_OK);
+ exit( 1 );
+ }
- /* Check to ensure there isn't a copy of this server already running. */
- if( MultipleInstances() )
- exit( 1 );
+ /* Check to ensure there isn't a copy of this server already running. */
+ if( MultipleInstances() )
+ exit( 1 );
+ }
#endif
/*
@@ -897,7 +852,8 @@
* we need to be root in order to open them.
*/
- {
+ if ((slapd_exemode == SLAPD_EXEMODE_SLAPD) ||
+ (slapd_exemode == SLAPD_EXEMODE_REFERRAL)) {
ports_info.n_port = (unsigned short)n_port;
if ( slapd_listenhost2addr( config_get_listenhost(),
&ports_info.n_listenaddr ) != 0 ) {
@@ -958,13 +914,62 @@
exit( 1 );
}
- if ( init_ssl && ( 0 != slapd_ssl_init2(&ports_info.s_socket, 0) ) ) {
- LDAPDebug(LDAP_DEBUG_ANY,
- "ERROR: SSL Initialization phase 2 Failed.\n", 0, 0, 0 );
- exit( 1 );
+ if ((slapd_exemode == SLAPD_EXEMODE_SLAPD) ||
+ (slapd_exemode == SLAPD_EXEMODE_REFERRAL)) {
+ if ( init_ssl && ( 0 != slapd_ssl_init2(&ports_info.s_socket, 0) ) ) {
+ LDAPDebug(LDAP_DEBUG_ANY,
+ "ERROR: SSL Initialization phase 2 Failed.\n", 0, 0, 0 );
+ exit( 1 );
+ }
}
/*
+ * if we were called upon to do special database stuff, do it and be
+ * done.
+ */
+ switch ( slapd_exemode ) {
+ case SLAPD_EXEMODE_LDIF2DB:
+ return slapd_exemode_ldif2db();
+
+ case SLAPD_EXEMODE_DB2LDIF:
+ return slapd_exemode_db2ldif(argc,argv);
+
+ case SLAPD_EXEMODE_DB2INDEX:
+ return slapd_exemode_db2index();
+
+ case SLAPD_EXEMODE_ARCHIVE2DB:
+ return slapd_exemode_archive2db();
+
+ case SLAPD_EXEMODE_DB2ARCHIVE:
+ return slapd_exemode_db2archive();
+
+ case SLAPD_EXEMODE_DBTEST:
+ return slapd_exemode_dbtest();
+
+ case SLAPD_EXEMODE_REFERRAL:
+ /* check that all the necessary info was given, then go on */
+ if (! config_check_referral_mode()) {
+ LDAPDebug(LDAP_DEBUG_ANY,
+ "ERROR: No referral URL supplied\n", 0, 0, 0);
+ usage( myname, extraname );
+ exit(1);
+ }
+ break;
+
+ case SLAPD_EXEMODE_SUFFIX2INSTANCE:
+ return slapd_exemode_suffix2instance();
+
+#if defined(UPGRADEDB)
+ case SLAPD_EXEMODE_UPGRADEDB:
+ return slapd_exemode_upgradedb();
+#endif
+
+ case SLAPD_EXEMODE_PRINTVERSION:
+ slapd_print_version(1);
+ exit(1);
+ }
+
+ /*
* Detach ourselves from the terminal (unless running in debug mode).
* We must detach before we start any threads since detach forks() on
* UNIX.
18 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/cm Makefile,1.44,1.45
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/cm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9675
Modified Files:
Makefile
Log Message:
Need to package online help files for external builds
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/Makefile,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- Makefile 16 Nov 2005 03:53:06 -0000 1.44
+++ Makefile 19 Nov 2005 00:50:32 -0000 1.45
@@ -515,12 +515,11 @@
fi
# copy the manual files from the zip files or checked out directory
if [ "$(DSDOC_DIR)" -a -d "$(DSDOC_DIR)" ] ; then \
- cd $(RELDIR)/manual/en/slapd; \
if [ -f $(DSDOC_DIR)/$(DSDOC_COPYRIGHT) ] ; then \
- $(UNZIP) $(DSDOC_DIR)/$(DSDOC_COPYRIGHT); \
- $(UNZIP) $(DSDOC_DIR)/$(DSDOC_CLIENTS); \
+ $(UNZIP) $(DSDOC_DIR)/$(DSDOC_COPYRIGHT) -d $(RELDIR)/manual/en/slapd ; \
+ $(UNZIP) $(DSDOC_DIR)/$(DSDOC_CLIENTS) -d $(RELDIR)/manual/en/slapd ; \
else \
- cp -r $(DSDOC_DIR) . ; \
+ cp -r $(DSDOC_DIR) $(RELDIR)/manual/en/slapd ; \
fi ; \
fi
18 years, 5 months
[Fedora-directory-commits] adminserver/admserv/cfgstuff admserv.conf, 1.10, 1.11
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/adminserver/admserv/cfgstuff
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9626
Modified Files:
admserv.conf
Log Message:
Admin Express cgi needs NESCompatEnv set for help to work
Index: admserv.conf
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cfgstuff/admserv.conf,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- admserv.conf 17 Nov 2005 17:41:55 -0000 1.10
+++ admserv.conf 19 Nov 2005 00:43:02 -0000 1.11
@@ -88,6 +88,7 @@
AuthName "Admin Server"
Require valid-user
AdminSDK on
+ NESCompatEnv on
Options +ExecCGI
</LocationMatch>
18 years, 5 months
[Fedora-directory-commits] mod_admserv mod_admserv.c,1.17,1.18
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/mod_admserv
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3754
Modified Files:
mod_admserv.c
Log Message:
Make sure the pset cache file (local.conf) is owned by the server uid.
Change the euid to the server uid before calling psetCreateSSL, then change
it back afterwards.
Index: mod_admserv.c
===================================================================
RCS file: /cvs/dirsec/mod_admserv/mod_admserv.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- mod_admserv.c 15 Aug 2005 15:55:16 -0000 1.17
+++ mod_admserv.c 18 Nov 2005 21:18:42 -0000 1.18
@@ -42,6 +42,12 @@
#include "http_request.h"
#include "http_log.h"
+/* need uid and gid of apache process after setuid */
+#if !defined(OS2) && !defined(WIN32) && !defined(BEOS) && !defined(NETWARE)
+#include "unixd.h"
+#define CHANGE_EUID 1
+#endif
+
#include "libadminutil/distadm.h"
#include "libadminutil/admutil.h"
#include "libadminutil/resource.h"
@@ -1948,7 +1954,9 @@
server_rec *base_server)
{
int error;
-
+#ifdef CHANGE_EUID
+ int reseteuid = 0;
+#endif /* CHANGE_EUID */
AdmldapInfo info;
PsetHndl pset;
char *val;
@@ -1979,11 +1987,26 @@
}
}
+#ifdef CHANGE_EUID
+ /* make sure pset creates the cache file owned by the server uid, not root */
+ if (geteuid() == 0) {
+ seteuid(unixd_config.user_id);
+ reseteuid = 1;
+ }
+#endif /* CHANGE_EUID */
+
pset = psetCreateSSL((char*)"admin-serv",
path,
NULL,
NULL,
&error);
+
+#ifdef CHANGE_EUID
+ if (reseteuid) {
+ seteuid(0);
+ }
+#endif /* CHANGE_EUID */
+
if (pset) {
} else {
ap_log_error(APLOG_MARK, APLOG_CRIT, 0, base_server,
18 years, 5 months
[Fedora-directory-commits] adminserver/base Makefile,1.15,1.16
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/base
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3732/adminserver/base
Modified Files:
Makefile
Log Message:
Package libjss3.so in lib, not lib/jss
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/adminserver/base/Makefile,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- Makefile 9 Nov 2005 23:22:55 -0000 1.15
+++ Makefile 18 Nov 2005 21:16:39 -0000 1.16
@@ -192,11 +192,11 @@
(cd $(CONSOLE_BASE_DIR); cp -p startconsole $(CLIENT_DIR)/)
# Copy JSS lib
- -$(MKDIR) $(CLIENT_DIR)/lib/jss
+ -$(MKDIR) $(CLIENT_DIR)/lib
ifeq ($(ARCH), HPUX)
- cp -p $(JSSSDK_PATH)/libjss3.sl $(CLIENT_DIR)/lib/jss/.
+ cp -p $(JSSSDK_PATH)/libjss3.sl $(CLIENT_DIR)/lib
else
- cp -p $(JSSSDK_PATH)/libjss3.so $(CLIENT_DIR)/lib/jss/.
+ cp -p $(JSSSDK_PATH)/libjss3.so $(CLIENT_DIR)/lib
endif
# Cleanup before making distributable zip
18 years, 5 months