diff options
author | Michal Zidek <mzidek@redhat.com> | 2014-10-09 17:15:56 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-22 15:44:25 +0200 |
commit | 579e5d4b7a3ca161ea7518b2996905fa22c15995 (patch) | |
tree | 55eec676f18dc096a5b2833917c9248be34c86fb /src | |
parent | 19e9c1c1a21790974400db9349637788727b6564 (diff) | |
download | sssd-579e5d4b7a3ca161ea7518b2996905fa22c15995.tar.gz sssd-579e5d4b7a3ca161ea7518b2996905fa22c15995.tar.xz sssd-579e5d4b7a3ca161ea7518b2996905fa22c15995.zip |
MONITOR: Allow confdb to be accessed by nonroot user
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/monitor/monitor.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c index 905e66f25..37f6e928b 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c @@ -1696,7 +1696,6 @@ static errno_t load_configuration(TALLOC_CTX *mem_ctx, DEBUG(SSSDBG_FATAL_FAILURE, "Fatal error initializing confdb\n"); goto done; } - talloc_zfree(cdb_file); ret = confdb_init_db(config_file, ctx->cdb); if (ret != EOK) { @@ -1712,11 +1711,23 @@ static errno_t load_configuration(TALLOC_CTX *mem_ctx, goto done; } + /* Allow configuration database to be accessible + * when SSSD runs as nonroot */ + ret = chown(cdb_file, ctx->uid, ctx->gid); + if (ret != 0) { + ret = errno; + DEBUG(SSSDBG_FATAL_FAILURE, + "chown failed for [%s]: [%d][%s].\n", + cdb_file, ret, sss_strerror(ret)); + goto done; + } + *monitor = ctx; ret = EOK; done: + talloc_free(cdb_file); if (ret != EOK) { talloc_free(ctx); } |