When changing admin server log file path/filenames via console, I noticed the old filenames have incorrect ownerships
[root@nocp8 admin-serv]# ls -alrt total 48 drwxr-xr-x 4 root root 4096 Jun 16 14:10 .. drwx------ 2 nobody nobody 4096 Jun 16 14:18 . -rw-r--r-- 1 root root 1470 Jun 16 14:18 access -rw-r--r-- 1 root root 2615 Jun 16 14:18 error -rw-r--r-- 1 nobody nobody 2202 Jun 16 15:06 error2 -rw-r--r-- 1 nobody nobody 1356 Jun 16 15:06 access2 [root@nocp8 admin-serv]# pwd /var/log/dirsrv/admin-serv
Created attachment 477717 [details] git patch file (master) Description: Log files generated in the server's startup time has the server's owner (nsslapd-localuser) for the owner and the group who starts the server (ordinarily, root). Once the server goes into the daemon stage, new log files are owned by owner: nsslapd- localuser and group: the local user's primary group. The latter is the correct ownership of the log files. This patch sets the correct ownership to the files generated in the server's startup time, as well.
Created attachment 478131 [details] AS: git patch file (master) Description: Log files first generated by the Admin Server/Apache has the owner (root, root), but the log files created later via Console/CGI are owned by the Admin User/Group (e.g., nobody, nobody). To make them consistent, this patch modifies the install script to call chown to change the owner to the original log files.
Reviewed by Rich and Nathan (Thank you!!!) Pushed to master. DS $ git merge 604881 Updating 1132e09..513e5a8 Fast-forward ldap/servers/slapd/main.c | 12 ++++++------ 1 files changed, 6 insertions(+), 6 deletions(-) $ git push Counting objects: 11, done. Delta compression using up to 4 threads. Compressing objects: 100% (6/6), done. Writing objects: 100% (6/6), 885 bytes, done. Total 6 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 1132e09..513e5a8 master -> master AS $ git merge work Updating a9085ef..a997fc5 Fast-forward admserv/newinst/src/AdminServer.pm.in | 16 ++++++++++++++++ 1 files changed, 16 insertions(+), 0 deletions(-) $ git push Counting objects: 11, done. Delta compression using up to 2 threads. Compressing objects: 100% (5/5), done. Writing objects: 100% (6/6), 936 bytes, done. Total 6 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/admin.git a9085ef..a997fc5 master -> master
Cherry-picked and pushed to 389-ds-base-1.2.8. $ git cherry-pick 513e5a83ff806e9dcfa9b32287e2ce7b6ff95ddf Finished one cherry-pick. [ds128-local 96bb64a] Bug 604881 - admin server log files have incorrect permissions/ownerships 1 files changed, 6 insertions(+), 6 deletions(-) $ git push origin ds128-local:389-ds-base-1.2.8 Counting objects: 11, done. Delta compression using up to 4 threads. Compressing objects: 100% (6/6), done. Writing objects: 100% (6/6), 884 bytes, done. Total 6 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git ceec7ba..96bb64a ds128-local -> 389-ds-base-1.2.8
Since this bug covers both the directory and the admin server, changing the summary from: admin server log files have incorrect permissions/ownerships to server log files have incorrect permissions/ownerships
Hi, I have tested this bug : Steps: 1. cd /var/log/dirsrv/slapd-amitesthost 2. [root@amitesthost slapd-amitesthost]# ls -alrt total 32 drwxr-xr-x. 3 root root 4096 Apr 13 10:55 .. -rw-------. 1 nobody nobody 63 Apr 13 10:55 errors.rotationinfo -rw-------. 1 nobody nobody 63 Apr 13 10:55 audit.rotationinfo -rw-------. 1 nobody nobody 0 Apr 13 10:55 audit -rw-------. 1 nobody nobody 63 Apr 13 10:55 access.rotationinfo -rw-------. 1 nobody nobody 1853 Apr 13 18:33 errors drwxrwx---. 2 nobody nobody 4096 Apr 13 19:09 . -rw-------. 1 nobody nobody 5996 Apr 13 19:35 access 3.chown root:root errors access [root@amitesthost slapd-amitesthost]# ls -alrt total 32 drwxr-xr-x. 3 root root 4096 Apr 13 10:55 .. -rw-------. 1 nobody nobody 63 Apr 13 10:55 errors.rotationinfo -rw-------. 1 nobody nobody 63 Apr 13 10:55 audit.rotationinfo -rw-------. 1 nobody nobody 0 Apr 13 10:55 audit -rw-------. 1 nobody nobody 63 Apr 13 10:55 access.rotationinfo drwxrwx---. 2 root root 4096 Apr 13 19:09 . -rw-------. 1 root root 5996 Apr 13 19:35 access -rw-------. 1 root root 2507 Apr 14 18:35 errors 4. service dirsrv restart 5. [root@amitesthost slapd-amitesthost]# ls -alrt total 32 drwxr-xr-x. 3 root root 4096 Apr 13 10:55 .. -rw-------. 1 nobody nobody 63 Apr 13 10:55 errors.rotationinfo -rw-------. 1 nobody nobody 63 Apr 13 10:55 audit.rotationinfo -rw-------. 1 nobody nobody 0 Apr 13 10:55 audit -rw-------. 1 nobody nobody 63 Apr 13 10:55 access.rotationinfo drwxrwx---. 2 root root 4096 Apr 13 19:09 . -rw-------. 1 nobody nobody 5996 Apr 13 19:35 access -rw-------. 1 nobody nobody 3161 Apr 14 19:01 errors Test passed, Marking it as verified.