Bug 188298
Summary: | /etc/init.d/ldap creates an unnecessary script in /tmp which can't execute if /tmp is mounted with noexec/nosuid options | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Sam Azer <sam> |
Component: | openldap | Assignee: | Jan Safranek <jsafrane> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-06-08 11:53:35 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Sam Azer
2006-04-07 18:19:04 UTC
One possible solution to the specific issue in the ldap script is to move the script from /tmp to /var/tmp. Specifically, in the /etc/init.d/ldap file on line 147, which currently reads: wrapper=`mktemp ${TMP:-/tmp}/start-slapd.XXXXXX` We can change the name of the directory to /var/tmp as follows: wrapper=`mktemp ${TMP:-/var/tmp}/start-slapd.XXXXXX` This solves the problem for /etc/init.d/ldap; it is now able to function correctly in an environment where no scripts are allowed to execute in /tmp. Fixed in openldap-2.3.34-3.fc8 |