Bug 676604
| Summary: | Instance creation wrongly updates the group permissions of /var/run/dirsrv , though the instance creation fails | ||
|---|---|---|---|
| Product: | [Retired] 389 | Reporter: | Sankar Ramalingam <sramling> |
| Component: | Install/Uninstall | Assignee: | Nathan Kinder <nkinder> |
| Status: | CLOSED WORKSFORME | QA Contact: | Ben Levenson <benl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 1.3.0 | CC: | benl, edewata, jgalipea, nhosoi, nkinder, rmeggins |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-11-19 19:50:13 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 512820, 690319 | ||
Upstream ticket: https://fedorahosted.org/389/ticket/64 Closing this bug since we moved to the ticket system: https://fedorahosted.org/389/ticket/64 |
Description of problem: Creation of an instance as a different group than the existing instance group, breaks the existing instances. Version-Release number of selected component (if applicable): 389-ds-base How to reproduce: 1. Install 389-ds-base/ds8.2.4 build. 2. Create a shared group and few users for the same group. groupadd group1 useradd -g group1 user1 - inst1 useradd -g group1 user2 - inst2 useradd -g group1 user3 - inst3 3. Create three instances using these group/user names as inst1, inst2 and inst3. 4. Check the file permissions for /var/run/dirsrv - user1/group1 5. Create a group called - group2: groupadd group2 6. Create an user(user4) and add it to group2: useradd -g group2 user4 7. Create an instance(inst4) using user as user4 and group as group2. 8. Instance creation succeeds for inst4 9. Check the file permissions for /var/run/dirsrv - user1/group2 10. The group permission keeps changing based on the new instance created. Actual results: Due to the change in the file(group) permissions, instances inst2 and inst3 fails to start. Expected results: DS should not allow the user to create an instance as an unprivileged DS group. Group permission for this directory should not be altered.