The CGIs that start DS are supposed to write a startup.<pid> file to the directory configured as the tmp directory in DS (nsslapd-tmpdir). If this fails for some reason, we end up writing the file in the / directory due to the way the path is built in the source code. This is wrong, and we should not be writing this file in /. This can cause some SELinux AVC issues since the CGIs are not allowed to write to /. The code responsible for this is ds_bring_up_server_install() in the Admin Server code. It calls ds_get_tmp_dir() to get the tmpdir, but it doesn't check if NULL is returned. A returned NULL causes the path to be built incorrectly: tmp_dir = ds_get_tmp_dir(); PR_snprintf(statfile, PATH_MAX, "%s%cstartup.%d", tmp_dir, FILE_SEP, (int)getpid());
For some reason, I am seeing this problem on an x86_64 system, but not an i386 system. I'm not sure if this is trly a platform dependent issue, or if it's just something environment related on my VMs that causes this difference.
Created attachment 517299 [details] Patch
Pushed to master. Thanks to Rich for his review! Counting objects: 9, done. Delta compression using up to 2 threads. Compressing objects: 100% (5/5), done. Writing objects: 100% (5/5), 795 bytes, done. Total 5 (delta 3), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/admin.git 4a01047..980593e master -> master
(In reply to comment #1) > For some reason, I am seeing this problem on an x86_64 system, but not an i386 > system. I'm not sure if this is trly a platform dependent issue, or if it's > just something environment related on my VMs that causes this difference. During my tests (https://bugzilla.redhat.com/show_bug.cgi?id=727078#c12) I have also encountered the issue on x86_64 and not on i386. Tested on physical servers.
Based on comment#8, marking the bug as VERIFIED.