Bug#770417: [calendarserver]

Sat, 16 Jan 2016 20:55:04 -0800 

Package: calendarserver

--- Please enter the report below this line. ---
I am observing the following for calendarserver 7.0. If I do not give arguments "-u caldavd -g caldavd" while calling the caldavd daemon (caldavd -X) and instead configure the user and group in /etc/caldavd/caldavd.plist, I see the following: 

# ls -al /var/run/caldavd/
total 12
drwxr-xr-x  2 caldavd caldavd 180 Jan 17 08:43 .
drwxr-xr-x 16 root    root    580 Jan 16 18:46 ..
-rw-r--r--  1 root    root      5 Jan 17 08:43 caldavd.pid
srw-rw----  1 root    caldavd   0 Jan 17 08:43 caldavd.sock
-rw-r--r--  1 root    root      5 Jan 17 08:43 caldav-instance-0.pid
-rw-r--r--  1 root    root      5 Jan 17 08:43 caldav-instance-1.pid
srw-rw----  1 root    root      0 Jan 17 08:43 directory-proxy.sock

lrwxrwxrwx  1 root    root      5 Jan 17 08:43 directory-proxy.sock.lock 
-> 28332

srwx------  1 caldavd caldavd   0 Jan 17 08:43 memcache.sock


As caldavd user does not have permissions for directory-proxy.sock, 
calendarserver does not work properly and I see Permission Denied 
messages in error.log.



If I do pass the "-u caldavd -g caldavd" arguments (caldavd -X -u 
caldavd -g caldavd) and remove the user and group information in 
/etc/caldavd/caldavd.plist, I see the following:


# ls -al /var/run/caldavd/
total 12
drwxr-xr-x  2 caldavd caldavd 180 Jan 17 08:51 .
drwxr-xr-x 16 root    root    580 Jan 16 18:46 ..
-rw-r--r--  1 root    root      5 Jan 17 08:51 caldavd.pid
srw-rw----  1 root    root      0 Jan 17 08:51 caldavd.sock
-rw-r--r--  1 caldavd caldavd   5 Jan 17 08:51 caldav-instance-0.pid
-rw-r--r--  1 caldavd caldavd   5 Jan 17 08:51 caldav-instance-1.pid
srw-rw----  1 caldavd caldavd   0 Jan 17 08:51 directory-proxy.sock

lrwxrwxrwx  1 caldavd caldavd   5 Jan 17 08:51 directory-proxy.sock.lock 
-> 28420

srwx------  1 caldavd caldavd   0 Jan 17 08:51 memcache.sock


In this case, calendarserver works properly but the error.log shows 
permission denied error as the caldavd user does not have permissions 
for caldavd.sock file. To address this issue, I have configured the user 
and group in /etc/caldavd/caldavd.plist as well. Now I get the drop 
privileges warning, but there are no Permission denied errors in error.log.



So, I have decided to call the caldavd daemon with username and group 
arguments and at the same time have the same username and group 
configured in /etc/caldavd/caldavd.plist


--- System information. ---
Architecture: amd64
Kernel: Linux 4.3.0-1-amd64

Debian Release: stretch/sid
500 trusty ppa.launchpad.net
500 stable dl.google.com
500 stable deb.opera.com
500 oldstable packages.x2go.org
1000 testing security.debian.org
1000 testing httpredir.debian.org

--- Package information. ---
Package's Depends field is empty.

Package's Recommends field is empty.

Package's Suggests field is empty.




--
http://rahul.amaram.name























					Reply via email to