Bug 604881 - server log files have incorrect permissions/ownerships
server log files have incorrect permissions/ownerships
Status: CLOSED CURRENTRELEASE
Product: Red Hat Directory Server
Classification: Red Hat
Component: Install/Uninstall (Show other bugs)
8.2
All Linux
high Severity medium
: ---
: ---
Assigned To: Noriko Hosoi
Viktor Ashirov
:
Depends On:
Blocks: 434915 639035 389_1.2.8 676729
  Show dependency treegraph
 
Reported: 2010-06-16 18:11 EDT by Chandrasekar Kannan
Modified: 2016-05-06 10:44 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 676729 (view as bug list)
Environment:
Last Closed: 2016-05-06 10:44:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
git patch file (master) (2.56 KB, patch)
2011-02-08 19:06 EST, Noriko Hosoi
nhosoi: review?
rmeggins: review+
Details | Diff
AS: git patch file (master) (1.72 KB, patch)
2011-02-10 17:11 EST, Noriko Hosoi
nkinder: review+
Details | Diff

  None (edit)
Description Chandrasekar Kannan 2010-06-16 18:11:11 EDT
When changing admin server log file path/filenames via console, I noticed the old filenames have incorrect ownerships
Comment 1 Chandrasekar Kannan 2010-06-16 18:14:42 EDT
[root@nocp8 admin-serv]# ls -alrt
total 48
drwxr-xr-x 4 root   root   4096 Jun 16 14:10 ..
drwx------ 2 nobody nobody 4096 Jun 16 14:18 .
-rw-r--r-- 1 root   root   1470 Jun 16 14:18 access
-rw-r--r-- 1 root   root   2615 Jun 16 14:18 error
-rw-r--r-- 1 nobody nobody 2202 Jun 16 15:06 error2
-rw-r--r-- 1 nobody nobody 1356 Jun 16 15:06 access2
[root@nocp8 admin-serv]# pwd
/var/log/dirsrv/admin-serv
Comment 4 Noriko Hosoi 2011-02-08 19:06:55 EST
Created attachment 477717 [details]
git patch file (master)

Description: Log files generated in the server's startup time has
the server's owner (nsslapd-localuser) for the owner and the group
who starts the server (ordinarily, root).  Once the server goes
into the daemon stage, new log files are owned by owner: nsslapd-
localuser and group: the local user's primary group.  The latter
is the correct ownership of the log files.
This patch sets the correct ownership to the files generated in
the server's startup time, as well.
Comment 5 Noriko Hosoi 2011-02-10 17:11:32 EST
Created attachment 478131 [details]
AS: git patch file (master)

Description: Log files first generated by the Admin Server/Apache
has the owner (root, root), but the log files created later via
Console/CGI are owned by the Admin User/Group (e.g., nobody, nobody).
To make them consistent, this patch modifies the install script to
call chown to change the owner to the original log files.
Comment 6 Noriko Hosoi 2011-02-10 18:11:03 EST
Reviewed by Rich and Nathan (Thank you!!!)

Pushed to master.

DS
$ git merge 604881
Updating 1132e09..513e5a8
Fast-forward
 ldap/servers/slapd/main.c |   12 ++++++------
 1 files changed, 6 insertions(+), 6 deletions(-)
$ git push
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 885 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   1132e09..513e5a8  master -> master

AS
$ git merge work
Updating a9085ef..a997fc5
Fast-forward
 admserv/newinst/src/AdminServer.pm.in |   16 ++++++++++++++++
 1 files changed, 16 insertions(+), 0 deletions(-)
$ git push
Counting objects: 11, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (5/5), done.
Writing objects: 100% (6/6), 936 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/admin.git
   a9085ef..a997fc5  master -> master
Comment 7 Noriko Hosoi 2011-02-10 18:15:45 EST
Cherry-picked and pushed to 389-ds-base-1.2.8.

$ git cherry-pick 513e5a83ff806e9dcfa9b32287e2ce7b6ff95ddf
Finished one cherry-pick.
[ds128-local 96bb64a] Bug 604881 - admin server log files have incorrect permissions/ownerships
 1 files changed, 6 insertions(+), 6 deletions(-)
$ git push origin ds128-local:389-ds-base-1.2.8
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 884 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
   ceec7ba..96bb64a  ds128-local -> 389-ds-base-1.2.8
Comment 8 Noriko Hosoi 2011-02-10 18:22:07 EST
Since this bug covers both the directory and the admin server, changing the summary from:
  admin server log files have incorrect permissions/ownerships
to
  server log files have incorrect permissions/ownerships
Comment 9 Amita Sharma 2011-04-14 09:27:43 EDT
Hi,

I have tested this bug :

Steps:
1. cd /var/log/dirsrv/slapd-amitesthost
2. [root@amitesthost slapd-amitesthost]# ls -alrt
total 32
drwxr-xr-x. 3 root   root   4096 Apr 13 10:55 ..
-rw-------. 1 nobody nobody   63 Apr 13 10:55 errors.rotationinfo
-rw-------. 1 nobody nobody   63 Apr 13 10:55 audit.rotationinfo
-rw-------. 1 nobody nobody    0 Apr 13 10:55 audit
-rw-------. 1 nobody nobody   63 Apr 13 10:55 access.rotationinfo
-rw-------. 1 nobody nobody 1853 Apr 13 18:33 errors
drwxrwx---. 2 nobody nobody 4096 Apr 13 19:09 .
-rw-------. 1 nobody nobody 5996 Apr 13 19:35 access
3.chown root:root errors access
[root@amitesthost slapd-amitesthost]# ls -alrt
total 32
drwxr-xr-x. 3 root   root   4096 Apr 13 10:55 ..
-rw-------. 1 nobody nobody   63 Apr 13 10:55 errors.rotationinfo
-rw-------. 1 nobody nobody   63 Apr 13 10:55 audit.rotationinfo
-rw-------. 1 nobody nobody    0 Apr 13 10:55 audit
-rw-------. 1 nobody nobody   63 Apr 13 10:55 access.rotationinfo
drwxrwx---. 2 root   root   4096 Apr 13 19:09 .
-rw-------. 1 root   root   5996 Apr 13 19:35 access
-rw-------. 1 root   root   2507 Apr 14 18:35 errors
4. service dirsrv restart
5. [root@amitesthost slapd-amitesthost]# ls -alrt
total 32
drwxr-xr-x. 3 root   root   4096 Apr 13 10:55 ..
-rw-------. 1 nobody nobody   63 Apr 13 10:55 errors.rotationinfo
-rw-------. 1 nobody nobody   63 Apr 13 10:55 audit.rotationinfo
-rw-------. 1 nobody nobody    0 Apr 13 10:55 audit
-rw-------. 1 nobody nobody   63 Apr 13 10:55 access.rotationinfo
drwxrwx---. 2 root   root   4096 Apr 13 19:09 .
-rw-------. 1 nobody nobody 5996 Apr 13 19:35 access
-rw-------. 1 nobody nobody 3161 Apr 14 19:01 errors

Test passed, Marking it as verified.

Note You need to log in before you can comment on or make changes to this bug.