Bug 724808

Summary: startup CGIs write temp file to /
Product: [Retired] 389 Reporter: Nathan Kinder <nkinder>
Component: AdminAssignee: Nathan Kinder <nkinder>
Status: CLOSED CURRENTRELEASE QA Contact: Viktor Ashirov <vashirov>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.2.8CC: amsharma, ksrot
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-12-07 17:10:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 434915    
Attachments:
Description Flags
Patch nkinder: review?, rmeggins: review+

Description Nathan Kinder 2011-07-21 20:26:08 UTC 
The CGIs that start DS are supposed to write a startup.<pid> file to the
directory configured as the tmp directory in DS (nsslapd-tmpdir).  If this
fails for some reason, we end up writing the file in the / directory due to the
way the path is built in the source code.  This is wrong, and we should not be
writing this file in /.  This can cause some SELinux AVC issues since the CGIs are not allowed to write to /.

The code responsible for this is ds_bring_up_server_install() in the Admin Server code.  It calls ds_get_tmp_dir() to get the tmpdir, but it doesn't check if NULL is returned.  A returned NULL causes the path to be built incorrectly:

    tmp_dir = ds_get_tmp_dir();
    PR_snprintf(statfile, PATH_MAX, "%s%cstartup.%d", tmp_dir, FILE_SEP, 
                (int)getpid());
Comment 1 Nathan Kinder 2011-08-08 16:50:42 UTC 
For some reason, I am seeing this problem on an x86_64 system, but not an i386 system.  I'm not sure if this is trly a platform dependent issue, or if it's just something environment related on my VMs that causes this difference.
Comment 2 Nathan Kinder 2011-08-08 19:52:16 UTC 
Created attachment 517299 [details]
Patch
Comment 3 Nathan Kinder 2011-08-09 15:07:52 UTC 
Pushed to master.  Thanks to Rich for his review!

Counting objects: 9, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (5/5), done.
Writing objects: 100% (5/5), 795 bytes, done.
Total 5 (delta 3), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/admin.git
   4a01047..980593e  master -> master
Comment 4 Karel Srot 2011-08-10 11:15:49 UTC 
(In reply to comment #1)
> For some reason, I am seeing this problem on an x86_64 system, but not an i386
> system.  I'm not sure if this is trly a platform dependent issue, or if it's
> just something environment related on my VMs that causes this difference.

During my tests (https://bugzilla.redhat.com/show_bug.cgi?id=727078#c12) I have also encountered the issue on x86_64 and not on i386. Tested on physical servers.
Comment 9 Amita Sharma 2011-09-13 06:47:15 UTC 
Based on comment#8, marking the bug as VERIFIED.