diff options
author | Michal Zidek <mzidek@redhat.com> | 2014-10-09 17:21:30 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-22 15:44:28 +0200 |
commit | 0887c35bdb85adf0a4376dc8963294ea5a9d6da6 (patch) | |
tree | 40b0c10c3509a85a7cd15dc4f1a5b5aad4dc59bc /src/db/sysdb.c | |
parent | 579e5d4b7a3ca161ea7518b2996905fa22c15995 (diff) | |
download | sssd-0887c35bdb85adf0a4376dc8963294ea5a9d6da6.tar.gz sssd-0887c35bdb85adf0a4376dc8963294ea5a9d6da6.tar.xz sssd-0887c35bdb85adf0a4376dc8963294ea5a9d6da6.zip |
SYSDB: Allow calling chown on the sysdb file from monitor
Sysdb must be accessible for the nonroot sssd
processes.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src/db/sysdb.c')
-rw-r--r-- | src/db/sysdb.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/src/db/sysdb.c b/src/db/sysdb.c index 8d6f00b52..1f02585e7 100644 --- a/src/db/sysdb.c +++ b/src/db/sysdb.c @@ -1322,6 +1322,16 @@ int sysdb_init(TALLOC_CTX *mem_ctx, struct sss_domain_info *domains, bool allow_upgrade) { + return sysdb_init_ext(mem_ctx, domains, allow_upgrade, false, 0, 0); +} + +int sysdb_init_ext(TALLOC_CTX *mem_ctx, + struct sss_domain_info *domains, + bool allow_upgrade, + bool chown_dbfile, + uid_t uid, + gid_t gid) +{ struct sss_domain_info *dom; struct sysdb_ctx *sysdb; int ret; @@ -1343,6 +1353,17 @@ int sysdb_init(TALLOC_CTX *mem_ctx, return ret; } + if (chown_dbfile) { + ret = chown(sysdb->ldb_file, uid, gid); + if (ret != 0) { + ret = errno; + DEBUG(SSSDBG_CRIT_FAILURE, + "Cannot set sysdb ownership to %"SPRIuid":%"SPRIgid"\n", + uid, gid); + return ret; + } + } + dom->sysdb = talloc_move(dom, &sysdb); } |