Currently to create a DS instance the setup-ds.pl has to be run as root user because it writes to system folders such as /etc/sysconfig/dirsrv-xxx. However, in some cases such as the automated testing in Samba build farm the DS instance needs to be created as a non-root user. To solve this problem any system folders used by the script need to be made configurable, e.g. via command line parameters. Note: Samba testing will still work using the root user. To reproduce the problem, create a .inf file similar to the following: [General] SuiteSpotUserID = build FullMachineName= localdc1.samba.example.com ServerRoot= /home/build/Samba/samba/source4/st/dc/private/ldap [slapd] ldapifilepath=/home/build/Samba/samba/source4/st/dc/private/ldap/ldapi Suffix= DC=samba,DC=example,DC=com RootDN= CN=Manager,DC=samba,DC=example,DC=com RootDNPwd= Secret123 ServerIdentifier= samba4 inst_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4 config_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4 schema_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4/schema lock_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4/lock log_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4/logs run_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4/logs db_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4/db bak_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4/bak tmp_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4/tmp ldif_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4/ldif cert_dir= /home/build/Samba/samba/source4/st/dc/private/ldap/slapd-samba4 Make sure all paths point to user folders. Then as a non-root user execute the following command: setup-ds.pl --file=samba4.inf --silent The command will fail with the following message: Could not open the script template file '/etc/sysconfig/dirsrv-samba4'. Error: Permission denied Error: Could not create directory server instance 'samba4'. Exiting . . . Log file is '/tmp/setuphaOALE.log' When the additional parameter is specified, the command should work and the file should be stored in the specified location instead of /etc/sysconfig/dirsrv-xxx.
This bug will also cause a problem when you create 2 different instances using the same instance name eventhough they are located in separate directories. The configuration file (/etc/sysconfig/dirsrv-xxx) of the first instance will be overwritten by the second one.
Created attachment 398875 [details] 0001-Bug-538525-Ability-to-create-instance-as-non-root-us.patch Proposed patch.
To ssh://git.fedorahosted.org/git/389/ds.git 2db1f5a..7701c56 master -> master commit 7701c5626647ddfa44e4f4b11a11d3c384beffa7 Author: Endi S. Dewata <edewata> Date: Tue Mar 9 10:56:34 2010 -0600
Please add the verification steps, thanks.
(In reply to comment #4) > Please add the verification steps, thanks. Yes. Run setup-ds.pl -u -s -f file.inf where file.inf is similar to the one in comment #0, while logged in as a non-root user. It should create the server, and you should have an instance config file in ~/.dirsrv/dirsrv-instname
[amsharma@testvm data]$ setup-ds.pl --file=samba4.inf --silent restorecon: unable to read directory /var/lock/dirsrv/slapd-testvm restorecon: unable to read directory /var/log/dirsrv/slapd-testvm restorecon: unable to read directory /var/log/dirsrv/admin-serv restorecon: unable to read directory /var/run/dirsrv restorecon: unable to read directory /var/lib/dirsrv/slapd-testvm Your new DS instance 'samba4' was successfully created. Exiting . . . Log file is '/tmp/setupQ8X10E.log'