diff options
| author | Noriko Hosoi <nhosoi@redhat.com> | 2007-08-17 02:12:37 +0000 |
|---|---|---|
| committer | Noriko Hosoi <nhosoi@redhat.com> | 2007-08-17 02:12:37 +0000 |
| commit | 7afaf4974625c0d80d81cfbedbfe9635f21d5a57 (patch) | |
| tree | 511777a52148580fd1f2100f4725cf7ced32dd53 | |
| parent | 750fa2c4c2b3a570ffbbdb5b3e8aabf95a28c597 (diff) | |
| download | ds-7afaf4974625c0d80d81cfbedbfe9635f21d5a57.tar.gz ds-7afaf4974625c0d80d81cfbedbfe9635f21d5a57.tar.xz ds-7afaf4974625c0d80d81cfbedbfe9635f21d5a57.zip | |
Resolves: #253069
Summary: cyclic dependency from getpwnam() in log rotation code
Description: Moved getpwnam call to the startup time, store the info in
slapdFrontendConfig to reuse.
| -rw-r--r-- | ldap/servers/slapd/libglobs.c | 11 | ||||
| -rw-r--r-- | ldap/servers/slapd/log.c | 6 | ||||
| -rw-r--r-- | ldap/servers/slapd/main.c | 27 | ||||
| -rw-r--r-- | ldap/servers/slapd/protect_db.c | 22 | ||||
| -rw-r--r-- | ldap/servers/slapd/slap.h | 3 |
5 files changed, 45 insertions, 24 deletions
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c index 2e03e297..f91d1551 100644 --- a/ldap/servers/slapd/libglobs.c +++ b/ldap/servers/slapd/libglobs.c @@ -2500,9 +2500,20 @@ config_set_localuser( const char *attrname, char *value, char *errorbuf, int app } if (apply) { + struct passwd *pw = NULL; CFG_LOCK_WRITE(slapdFrontendConfig); slapi_ch_free ( (void **) &slapdFrontendConfig->localuser ); slapdFrontendConfig->localuser = slapi_ch_strdup ( value ); + if (slapdFrontendConfig->localuserinfo != NULL) { + slapi_ch_free ( (void **) &(slapdFrontendConfig->localuserinfo) ); + } + pw = getpwnam( value ); + if ( pw ) { + slapdFrontendConfig->localuserinfo = + (struct passwd *)slapi_ch_malloc(sizeof(struct passwd)); + memcpy(slapdFrontendConfig->localuserinfo, pw, sizeof(struct passwd)); + } + CFG_UNLOCK_WRITE(slapdFrontendConfig); } return retVal; diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c index 1e2efa85..4480bf02 100644 --- a/ldap/servers/slapd/log.c +++ b/ldap/servers/slapd/log.c @@ -3480,9 +3480,9 @@ log__open_errorlogfile(int logfile_state, int locked) slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); #ifndef _WIN32 - if ( slapdFrontendConfig->localuser != NULL ) { - if ( (pw = getpwnam( slapdFrontendConfig->localuser )) == NULL ) - return LOG_UNABLE_TO_OPENFILE; + if ( slapdFrontendConfig->localuser != NULL && + slapdFrontendConfig->localuserinfo != NULL ) { + pw = slapdFrontendConfig->localuserinfo; } else { return LOG_UNABLE_TO_OPENFILE; diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c index 9a5987dc..5723db44 100644 --- a/ldap/servers/slapd/main.c +++ b/ldap/servers/slapd/main.c @@ -247,8 +247,8 @@ chown_dir_files(char *name, struct passwd *pw, PRBool strip_fn) /* change the owner for each of the files in the dir */ while( (entry = PR_ReadDir(dir , PR_SKIP_BOTH )) !=NULL ) { - PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name); - slapd_chown_if_not_owner( file, pw->pw_uid, -1 ); + PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name); + slapd_chown_if_not_owner( file, pw->pw_uid, -1 ); } PR_CloseDir( dir ); } @@ -267,14 +267,23 @@ fix_ownership() slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); - - if ( slapdFrontendConfig->localuser != NULL ) { - if ( (pw = getpwnam( slapdFrontendConfig->localuser )) == NULL ) - return; - } - else { - return; + if (slapdFrontendConfig->localuser != NULL) { + if (slapdFrontendConfig->localuserinfo == NULL) { + pw = getpwnam( slapdFrontendConfig->localuser ); + if ( NULL == pw ) { + LDAPDebug(LDAP_DEBUG_ANY, + "Unable to find user %s in system account database, " + "errno %d (%s)\n", + slapdFrontendConfig->localuser, errno, strerror(errno)); + return; + } + slapdFrontendConfig->localuserinfo = + (struct passwd *)slapi_ch_malloc(sizeof(struct passwd)); + memcpy(slapdFrontendConfig->localuserinfo, pw, sizeof(struct passwd)); + } + pw = slapdFrontendConfig->localuserinfo; } + /* config directory needs to be owned by the local user */ if (slapdFrontendConfig->configdir) { chown_dir_files(slapdFrontendConfig->configdir, pw, PR_FALSE); diff --git a/ldap/servers/slapd/protect_db.c b/ldap/servers/slapd/protect_db.c index e234450a..ccef1bb3 100644 --- a/ldap/servers/slapd/protect_db.c +++ b/ldap/servers/slapd/protect_db.c @@ -201,17 +201,16 @@ make_sure_dir_exists(char *dir) } /* Make sure it's owned by the correct user */ - if (slapdFrontendConfig->localuser != NULL) { - if ( (pw = getpwnam(slapdFrontendConfig->localuser)) == NULL ) { - LDAPDebug(LDAP_DEBUG_ANY, GETPWNAM_WARNING, slapdFrontendConfig->localuser, errno, strerror(errno)); - } else { + if (slapdFrontendConfig->localuser != NULL && + slapdFrontendConfig->localuserinfo != NULL) { + pw = slapdFrontendConfig->localuserinfo; if (chown(dir, pw->pw_uid, -1) == -1) { stat(dir, &stat_buffer); if (stat_buffer.st_uid != pw->pw_uid) { LDAPDebug(LDAP_DEBUG_ANY, CHOWN_WARNING, dir, 0, 0); + return 1; } } - } /* else */ } return 0; @@ -233,24 +232,23 @@ add_this_process_to(char *dir_name) file_name[sizeof(file_name)-1] = (char)0; if ((prfd = PR_Open(file_name, PR_RDWR | PR_CREATE_FILE, 0666)) == NULL) { - LDAPDebug(LDAP_DEBUG_ANY, FILE_CREATE_WARNING, file_name, 0, 0); - return; + LDAPDebug(LDAP_DEBUG_ANY, FILE_CREATE_WARNING, file_name, 0, 0); + return; } /* Make sure the owner is of the file is the user the server * runs as. */ - if (slapdFrontendConfig->localuser != NULL) { - if ( (pw = getpwnam(slapdFrontendConfig->localuser)) == NULL ) { - LDAPDebug(LDAP_DEBUG_ANY, GETPWNAM_WARNING, slapdFrontendConfig->localuser, errno, strerror(errno)); - } else { + if (slapdFrontendConfig->localuser != NULL && + slapdFrontendConfig->localuserinfo != NULL) { + pw = slapdFrontendConfig->localuserinfo; if (chown(file_name, pw->pw_uid, -1) == -1) { stat(file_name, &stat_buffer); if (stat_buffer.st_uid != pw->pw_uid) { LDAPDebug(LDAP_DEBUG_ANY, CHOWN_WARNING, file_name, 0, 0); } } - } /* else */ } +bail: PR_Close(prfd); } diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h index 4f9c91ac..2a9753b0 100644 --- a/ldap/servers/slapd/slap.h +++ b/ldap/servers/slapd/slap.h @@ -1925,6 +1925,9 @@ typedef struct _slapdFrontendConfig { char *ldapi_gidnumber_type; /* type that contains gid number */ char *ldapi_search_base_dn; /* base dn to search for mapped entries */ char *ldapi_auto_dn_suffix; /* suffix to be appended to auto gen DNs */ +#ifndef _WIN32 + struct passwd *localuserinfo; /* userinfo of localuser */ +#endif /* _WIN32 */ } slapdFrontendConfig_t; #define SLAPD_FULL 0 |