On Mon, 1 Jul 2002, Charlie Brady wrote:
> [The root problem here seems to be that openldap's slapd does not honour > the "pidfile" entry in slapd.conf.] And the reason for that is that the pidfile is (attempted to be) created after slapd changes uid, when it no longer has permission to create a file in /var/run. 11042 setgroups(1, [55]) = 0 11042 setgid(55) = 0 11042 setregid(4294967295, 55) = 0 11042 setuid(55) = 0 11042 setresuid(ruid 4294967295, euid 55, suid 4294967295) = 0 ... 11042 fork() = 11050 ... 11050 send(3, "<167>Jul 1 21:20:15 slapd[11050"..., 50, 0) = 50 11050 rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0 11050 open("/var/run/slapd.pid", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1 EACCES (Permission denied) 11050 open("/var/run/slapd.args", O_WRONLY|O_CREAT|O_TRUNC, 0666) = -1 EACCES (Permission denied) ... It's interesting to note also that it is a child process which creates the pid file. Most unusual process control. -- Charlie Brady [EMAIL PROTECTED] Lead Product Developer Network Server Solutions Group http://www.e-smith.com/ Mitel Networks Corporation http://www.mitel.com/ Phone: +1 (613) 592 5660 or 592 2122 Fax: +1 (613) 592 1175 -- Please report bugs to [EMAIL PROTECTED] Please mail [EMAIL PROTECTED] (only) to discuss security issues Support for registered customers and partners to [EMAIL PROTECTED] To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org