On Mon, 1 Jul 2002, Charlie Brady wrote:
> [The root problem here seems to be that openldap's slapd does not honour
> the "pidfile" entry in slapd.conf.]
And the reason for that is that the pidfile is (attempted to be) created
after slapd changes uid, when it no longer has permission to create a file
in /var/run.
11042 setgroups(1, [55]) = 0
11042 setgid(55) = 0
11042 setregid(4294967295, 55) = 0
11042 setuid(55) = 0
11042 setresuid(ruid 4294967295, euid 55, suid 4294967295) = 0
...
11042 fork() = 11050
...
11050 send(3, "<167>Jul 1 21:20:15 slapd[11050"..., 50, 0) = 50
11050 rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0
11050 open("/var/run/slapd.pid", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1
EACCES (Permission denied)
11050 open("/var/run/slapd.args", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1
EACCES (Permission denied)
...
It's interesting to note also that it is a child process which creates the
pid file. Most unusual process control.
--
Charlie Brady [EMAIL PROTECTED]
Lead Product Developer
Network Server Solutions Group http://www.e-smith.com/
Mitel Networks Corporation http://www.mitel.com/
Phone: +1 (613) 592 5660 or 592 2122 Fax: +1 (613) 592 1175
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
