[Fedora-directory-commits] ldapserver/ldap/servers/slapd log.c, 1.6, 1.7 main.c, 1.10, 1.11 util.c, 1.6, 1.7 proto-slap.h, 1.11, 1.12

Noriko Hosoi (nhosoi) fedora-directory-commits at redhat.com
Wed Nov 23 17:58:09 UTC 2005 

Author: nhosoi

Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32223

Modified Files:
	log.c main.c util.c proto-slap.h 
Log Message:
[173687] deadlock caused by error log rotation and logging
Modified to change the owner to the "localuser" if the error log file is not
owned by the user.



Index: log.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/log.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- log.c	19 Apr 2005 22:07:36 -0000	1.6
+++ log.c	23 Nov 2005 17:58:01 -0000	1.7
@@ -48,6 +48,7 @@
 
 #include "log.h"
 #include "fe.h"
+#include <pwd.h> /* getpwnam */
 
 #if defined( XP_WIN32 )
 #include <fcntl.h>
@@ -3225,6 +3226,17 @@
 	char			tbuf[TBUFSIZE];
 	struct logfileinfo	*logp;
 	char			buffer[BUFSIZ];
+	struct passwd	*pw = NULL;
+
+	slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+	if ( slapdFrontendConfig->localuser != NULL )  {
+		if ( (pw = getpwnam( slapdFrontendConfig->localuser )) == NULL )
+			return LOG_UNABLE_TO_OPENFILE;
+	}
+	else {
+		return LOG_UNABLE_TO_OPENFILE;
+	}
 
 	if (!locked) LOG_ERROR_LOCK_WRITE( );
 
@@ -3287,6 +3299,12 @@
 		return LOG_UNABLE_TO_OPENFILE;
 	}
 
+	/* make sure the logfile is owned by the localuser.  If one of the
+	 * alternate ns-slapd modes, such as db2bak, tries to log an error
+	 * at startup, it will create the logfile as root! 
+	 */
+	slapd_chown_if_not_owner(loginfo.log_error_file, pw->pw_uid, -1);
+
 	loginfo.log_error_fdes = fp;
 	if (logfile_state == LOGFILE_REOPENED) {
 		/* we have all the information */


Index: main.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/main.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- main.c	21 Nov 2005 04:07:07 -0000	1.10
+++ main.c	23 Nov 2005 17:58:01 -0000	1.11
@@ -207,32 +207,6 @@
 
 #ifndef WIN32
 
-/* Changes the ownership of the given file/directory iff not
-   already the owner
-   Returns 0 upon success or non-zero otherwise, usually -1 if
-   some system error occurred
-*/
-static int
-chown_if_not_owner(const char *filename, uid_t uid, gid_t gid)
-{
-	struct stat statbuf;
-	int result = 1;
-	if (!filename)
-		return result;
-
-	memset(&statbuf, '\0', sizeof(statbuf));
-	if (!(result = stat(filename, &statbuf)))
-	{
-		if (((uid != -1) && (uid != statbuf.st_uid)) ||
-			((gid != -1) && (gid != statbuf.st_gid)))
-		{
-			result = chown(filename, uid, gid);
-		}
-	}
-
-	return result;
-}
-
 /* 
    Four cases:
     - change ownership of all files in directory (strip_fn=PR_FALSE)
@@ -258,7 +232,7 @@
     if((ptr=strrchr(log,'/'))==NULL)
     {
       LDAPDebug(LDAP_DEBUG_ANY, "Caution changing ownership of ./%s \n",name,0,0);
-      chown_if_not_owner(log, pw->pw_uid, -1 ); 
+      slapd_chown_if_not_owner(log, pw->pw_uid, -1 ); 
       rc=1;
     } else if(log==ptr) {
       LDAPDebug(LDAP_DEBUG_ANY, "Caution changing ownership of / directory and its contents to %s\n",pw->pw_name,0,0);
@@ -273,7 +247,7 @@
     while( (entry = PR_ReadDir(dir , PR_SKIP_BOTH )) !=NULL ) 
     {
 	PR_snprintf(file,MAXPATHLEN+1,"%s/%s",log,entry->name);
-	chown_if_not_owner( file, pw->pw_uid, -1 ); 
+	slapd_chown_if_not_owner( file, pw->pw_uid, -1 ); 
     }
     PR_CloseDir( dir );
   }
@@ -302,7 +276,7 @@
 	}
 
 	/* The instance directory needs to be owned by the local user */
-	chown_if_not_owner( slapdFrontendConfig->instancedir, pw->pw_uid, -1 );
+	slapd_chown_if_not_owner( slapdFrontendConfig->instancedir, pw->pw_uid, -1 );
 	PR_snprintf(dirname,sizeof(dirname),"%s/config",slapdFrontendConfig->instancedir);
 	chown_dir_files(dirname, pw, PR_FALSE); /* config directory */
 	chown_dir_files(slapdFrontendConfig->accesslog, pw, PR_TRUE); /* do access log directory */


Index: util.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/util.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- util.c	19 Apr 2005 22:07:37 -0000	1.6
+++ util.c	23 Nov 2005 17:58:01 -0000	1.7
@@ -631,3 +631,30 @@
 	return( rc );
 }
 /*****************************************************************************/
+
+/* Changes the ownership of the given file/directory if not
+   already the owner
+   Returns 0 upon success or non-zero otherwise, usually -1 if
+   some system error occurred
+*/
+int
+slapd_chown_if_not_owner(const char *filename, uid_t uid, gid_t gid)
+{
+        struct stat statbuf;
+        int result = 1;
+        if (!filename)
+                return result;
+
+        memset(&statbuf, '\0', sizeof(statbuf));
+        if (!(result = stat(filename, &statbuf)))
+        {
+                if (((uid != -1) && (uid != statbuf.st_uid)) ||
+                        ((gid != -1) && (gid != statbuf.st_gid)))
+                {
+                        result = chown(filename, uid, gid);
+                }
+        }
+
+        return result;
+}
+


Index: proto-slap.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/proto-slap.h,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- proto-slap.h	25 Aug 2005 00:58:27 -0000	1.11
+++ proto-slap.h	23 Nov 2005 17:58:01 -0000	1.12
@@ -588,6 +588,7 @@
  */
 void slapd_nasty(char* str, int c, int err);
 int strarray2str( char **a, char *buf, size_t buflen, int include_quotes );
+int slapd_slapd_chown_if_not_owner(const char *filename, uid_t uid, gid_t gid);
 
 /*
  * modify.c

More information about the Fedora-directory-commits mailing list