[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5356) Catching index ownership errors

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5356) Catching index ownership errors
From: h.b.furuseth@usit.uio.no
Date: Thu, 7 Feb 2008 19:19:34 GMT

rra@stanford.edu writes:
>> There are more ways (than slapindex) to break file ownership.
>
> There is, and we should probably also do that, but slapindex is far and
> away the most common and it would be cool if we could catch the problem
> before it happens instead of just warning afterwards.

slapadd has the same problem.  For that matter, starting slapd without
-u can mess up for when you restart with -u.  So we can just as well
make it general: If root opens a database for writing, fail instead if
the directory or database file is not owned by root.  Unless a
slapd.conf option says differently I guess.  Not sure if the
default should be to check that for slapd as well as the tools.

-- 
Hallvard

Prev by Date: Re: (ITS#5356) Catching index ownership errors
Next by Date: Re: (ITS#5356) Catching index ownership errors
Index(es):
- Chronological
- Thread