Description of problem: register-ds-admin.pl changes admin certificate database file rights. Version-Release number of selected component (if applicable): 389-admin-1.1.42-1.el6dsrv Steps to Reproduce: 1. setup-ds-admin.pl using custom directory server user (I have not checked with nobody). 2. check certificate databasse file rights: [root@dhcp-10-12-211-158 ~]# ls -ltr /etc/dirsrv/admin-serv/*.db -rw-------. 1 dirsrv root 65536 Oct 19 05:30 /etc/dirsrv/admin-serv/cert8.db -rw-------. 1 dirsrv root 16384 Oct 19 05:30 /etc/dirsrv/admin-serv/key3.db -rw-------. 1 dirsrv root 16384 Oct 19 05:30 /etc/dirsrv/admin-serv/secmod.db [root@dhcp-10-12-211-158 ~]# 3. setup-ds.pl to install a second server 4. register-ds-admin.pl to register the second server 5. check file rights: [root@dhcp-10-12-211-158 ~]# ls -ltr /etc/dirsrv/admin-serv/*.db -rw-r--r--. 1 root root 65536 Oct 19 07:35 /etc/dirsrv/admin-serv/cert8.db -rw-r--r--. 1 root root 16384 Oct 19 07:35 /etc/dirsrv/admin-serv/key3.db -rw-r--r--. 1 root root 16384 Oct 19 07:35 /etc/dirsrv/admin-serv/secmod.db [root@dhcp-10-12-211-158 ~]# Actual results: rights of admin certificate database are changed. Additional info: workaround: change the rights manually.
Upstream ticket: https://fedorahosted.org/389/ticket/48314