Package: slapd
Version: 2.2.27-0pm2
Severity: normal
Tags: patch
Hi,
when SLAPD_USER is set to a non-privilegded user and TRY_BDB_RECOVERY is
set to yes, slapd may not start.
The reason for this is that the recovery command db4.2_recover changes
the ownership of the __db.* files in the dbdirs to root:root.
Depending on the ownership and priviledges this may or may not hinder
slapd from starting.
The attached patch corrects it by changing the ownership of the
dbdirs to SLAPD_USER:SLAPD_GROUP
Peter
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.11-1-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages slapd depends on:
ii coreutils [fileutils] 5.2.1-2 The GNU core utilities
ii debconf 1.4.30.13 Debian configuration management sy
ii fileutils 5.2.1-2 The GNU file management utilities
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-18pm2 Berkeley v4.2 Database Libraries [
ii libiodbc2 3.52.2-3 iODBC Driver Manager
ii libldap-2.2-7 2.2.27-0pm2 OpenLDAP libraries
ii libltdl3 1.5.6-6 A system independent dlopen wrappe
ii libperl5.8 5.8.4-8 Shared Perl library
ii libsasl2 2.1.19-1.5 Authentication abstraction library
ii libslp1 1.2.1-0pm1 OpenSLP libraries
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra
ii perl [libmime-base64-perl] 5.8.4-8 Larry Wall's Practical Extraction
ii psmisc 21.6-1 Utilities that use the proc filesy
-- debconf information excluded
--- /etc/init.d/slapd
+++ /etc/init.d/slapd 2005-06-19 09:38:53.000000000 +0200
@@ -138,6 +138,8 @@
for dbdir in $bdb_envs; do
reason="`$DB_RECOVER_CMD -eh $dbdir 2>&1`" || \
db_recover_failed $dbdir
+ test -n "$SLAPD_USER" && chown -f -R "$SLAPD_USER" $dbdir
+ test -n "$SLAPD_GROUP" && chgrp -f -R "$SLAPD_GROUP" $dbdir
done
echo -n ","
}
