thanks for your comments. done.
Date: Wed, 20 Mar 2013 13:26:53 -0400 From: dpal@redhat.com To: sssd-devel@lists.fedorahosted.org Subject: Re: [SSSD] [PATHC] 1625-Confusing error messages for invalid sssd.conf
On 03/20/2013 12:28 PM, Jakub Hrozek wrote:
On Wed, Mar 20, 2013 at 12:06:56PM -0400, Dmitri Pal wrote:
Wouldn't this area be affected by the work needed for using newer version of the libini?
That's a good point, thanks, I haven't relized that. But I still suspect we would get EPERM on wrong sssd.conf permissions. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
It returns what fopen() & open() does. And according to man page it is EACCESS rather than EPERM.
EACCES The requested access to the file is not allowed, or search per- mission is denied for one of the directories in the path prefix of pathname, or the file did not exist yet and write access to the parent directory is not allowed. (See also path_resolu- tion(7).)
EPERM The O_NOATIME flag was specified, but the effective user ID of the caller did not match the owner of the file and the caller was not privileged (CAP_FOWNER).
IMO you should check for both.
Also if the code is using the access check call (will be used with the new interface and proposed refactoring of the code) the access check will return EACCESS if the permissions on the file are wrong. See the header ini_configobj.h in ini folder.
-- Thank you, Dmitri Pal
Sr. Engineering Manager for IdM portfolio Red Hat Inc.
Looking to carve out IT costs? www.redhat.com/carveoutcosts/
sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel