On (12/07/16 16:32), Petr Cech wrote:
>Hi list,
>
>attached patch resolve blocker ticket [1].
>
>Idea of this bug is simple.
>
>It was used uninitialized (respectively talloc_zero() initilaized) uid and
>gid for dp_init() function. This was right for sssd running as root but not
>for non-root user.
>
>PS: Locally run CI tests failed massively on valgrind tests. I hope it is not
>connected.
>
>[1] https://fedorahosted.org/sssd/ticket/3077
>
>Regards
>
>--
>Petr^4 Čech
>From a99cb9e06fd0370b7e20af3b9dd489df40e37a34 Mon Sep 17 00:00:00 2001
>From: Petr Cech <pc...@redhat.com>
>Date: Tue, 12 Jul 2016 16:14:04 +0200
>Subject: [PATCH] PROVIDERS: Setting right {u,g}id if unpriveleged
>
>This patch sets right uid and gid to data-providers if sssd runs
>as non-root user.
>
>Resolves:
>https://fedorahosted.org/sssd/ticket/3077
>---
> src/providers/data_provider_be.c | 2 ++
> 1 file changed, 2 insertions(+)
>
>diff --git a/src/providers/data_provider_be.c
>b/src/providers/data_provider_be.c
>index
>78efed851b2bf053ba890caa05e655431996892a..2ae713054429e789c1ba79c1f5e7a3889af3b291
> 100644
>--- a/src/providers/data_provider_be.c
>+++ b/src/providers/data_provider_be.c
>@@ -386,6 +386,8 @@ errno_t be_process_init(TALLOC_CTX *mem_ctx,
>
> be_ctx->ev = ev;
> be_ctx->cdb = cdb;
>+ be_ctx->uid = uid;
>+ be_ctx->gid = gid;
> be_ctx->identity = talloc_asprintf(be_ctx, "%%BE_%s", be_domain);
> be_ctx->conf_path = talloc_asprintf(be_ctx, CONFDB_DOMAIN_PATH_TMPL,
> be_domain);
> if (be_ctx->identity == NULL || be_ctx->conf_path == NULL) {
ACK
LS
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
