From 75dead699a19dda7d8dfca89e2f97efbf0c264a2 Mon Sep 17 00:00:00 2001 From: Petr Cech Date: Tue, 12 Jul 2016 16:14:04 +0200 Subject: PROVIDERS: Setting right {u,g}id if unprivileged MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit be_ctx had talloc_zero() initialized uid and gid which was used in function dp_init(). Therefore back-end was every time started as root and therefore non-root responders could not communicate with back-end due to wrong permission of unix sockets. This patch sets right uid and gid to data-providers if sssd runs as non-root user. Resolves: https://fedorahosted.org/sssd/ticket/3077 Reviewed-by: Lukáš Slebodník --- src/providers/data_provider_be.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src/providers') diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c index 78efed851..2ae713054 100644 --- a/src/providers/data_provider_be.c +++ b/src/providers/data_provider_be.c @@ -386,6 +386,8 @@ errno_t be_process_init(TALLOC_CTX *mem_ctx, be_ctx->ev = ev; be_ctx->cdb = cdb; + be_ctx->uid = uid; + be_ctx->gid = gid; be_ctx->identity = talloc_asprintf(be_ctx, "%%BE_%s", be_domain); be_ctx->conf_path = talloc_asprintf(be_ctx, CONFDB_DOMAIN_PATH_TMPL, be_domain); if (be_ctx->identity == NULL || be_ctx->conf_path == NULL) { -- cgit