[Date Prev][Date Next]
(ITS#5356) Catching index ownership errors
Full_Name: Russ Allbery
OS: Debian GNU/Linux
Submission from: (NULL) (220.127.116.11)
One of the most common problems we see in Debian with people new to OpenLDAP is
that they run slapindex as root when they're running their directory server as a
non-root user and hence break the file ownership and the database.
Would it be possible to add a check in slapindex where, if slapindex is running
as root and the database files are owned by a different user, it would either
refuse to run (possibly overideable by a flag) or at least print a warning
saying that ownership may have to be fixed later?
One possible problem, I know, is that the names of the database files are a
matter for the database backend and slapindex really shouldn't know what they
are. But maybe the check could somehow be added to back-bdb and back-hdb and
exposed for slapindex to use?