#48247 lib389 should not create instance using nobody:nobody
Closed: Fixed None Opened 4 years ago by mreynolds.

If you are running lib389 as root, by default it will create a DS instance as nobody:nobody. This causes permissions problems when running lib389 test cases in 389-ds-base(ds/dirsrvtests/).

One option is to create a "dirsrv" user, if it doen't exist, and that should be the default used for instance creation.


Since this is strictly and only for use with testing, it is probably ok to omit the -M -s /sbin/nologin and -r switches.

Do you also need the dirsrv group, or does useradd automatically create a group for the user?

You should clean up after and delete the user if you created it. What if it already exists on the system? I suppose you could create it with -c "lib389 test" or something like that, and only remove it during cleanup if the comment field matches.

Replying to [comment:2 rmeggins]:

Since this is strictly and only for use with testing, it is probably ok to omit the -M -s /sbin/nologin and -r switches.

Do you also need the dirsrv group, or does useradd automatically create a group for the user?

It does

You should clean up after and delete the user if you created it. What if it already exists on the system?

If it already exists, then it is not added, and it is just used for the userid/groupid.

I suppose you could create it with -c "lib389 test" or something like that, and only remove it during cleanup if the comment field matches.

Sounds good. I'll work on a revision.

{{{
453 os.system("/usr/sbin/useradd %s" % (DEFAULT_USER))
}}}

Please, use '''subprocess''' module instead.

There's you can find the fully explanation about this issue:
[https://docs.python.org/2/library/os.html#os.system]
[https://docs.python.org/2/library/subprocess.html]

Also, the better way is use '''a dict''' as an argument, that contains all parts of command in separate items, not just one string(with variable substitution and such stuff).

To ssh://git.fedorahosted.org/git/389/lib389.git
7a5fbe4..2f78164 master -> master
commit 2f7816407e594f87bd77e55eeab794fa6436043b
Author: Mark Reynolds mreynolds@redhat.com
Date: Fri Aug 14 15:54:05 2015 -0400

Milestone lib389 1.0 deleted

Metadata Update from @mreynolds:
- Issue assigned to mreynolds

2 years ago

Login to comment on this ticket.

Metadata