On Mon, Oct 20, 2014 at 04:53:42PM +0200, Pavel Reichl wrote:
On 10/20/2014 02:53 PM, Jakub Hrozek wrote:
On Mon, Oct 20, 2014 at 01:24:38PM +0200, Jakub Hrozek wrote:
I found a bug in the IFP initialization. The rest of the patches is unchanged, only ifpsrv.c changed.
Sorry, one more respin. I added a patch to chown the debug logs. Initially, I wanted to open the debug logs as root and then just pass the fd, but then I realized this wouldn't work for logfile rotation. So I'm afraid we need to chown the log files..
The other patches are unchanged, just a new one was added.
sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
The changes LGTM I have just one nitpick
+/* In cases SSSD used to run as the root user, but runs as the SSSD user now,
- we need to chown the log files
- */
+int chown_debug_file(const char *filename,
uid_t uid, gid_t gid)+{
- char *logpath;
- const char *log_file;
- errno_t ret;
- if (filename == NULL) {
log_file = debug_log_file;- } else {
log_file = filename;- }
- ret = asprintf(&logpath, "%s/%s.log", LOG_PATH, log_file);
- if (ret == -1) {
return ENOMEM;- }
- errno = 0;
No need to set errno as we check ret val of chown and not directly errno.
OK, since we check the ret, you're right it's not needed.
- ret = chown(logpath, uid, gid);
- free(logpath);
- if (ret != 0) {
ret = errno;DEBUG(SSSDBG_FATAL_FAILURE, "chown failed for [%s]: [%d]\n",log_file, ret);return ret;- }
- return EOK;
+}
sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel