[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5356) Catching index ownership errors

Hallvard B Furuseth <h.b.furuseth@usit.uio.no> writes:

> slapadd has the same problem.  For that matter, starting slapd without
> -u can mess up for when you restart with -u.  So we can just as well
> make it general: If root opens a database for writing, fail instead if
> the directory or database file is not owned by root.  Unless a
> slapd.conf option says differently I guess.  Not sure if the default
> should be to check that for slapd as well as the tools.

That would be awesome.  I think checking for slapd as well makes sense.

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>