389-ds-base

Clone
Source Code
GIT

#50546 Exports from Cockpit can be stored outside of /var/lib/dirsrv/slapd-instance_name/ldif/
Closed: wontfix 4 years ago by mreynolds. Opened 4 years ago by mmuehlfeldrh.

Closed: wontfix
Reopen Issue

Issue Description

Export from Cockpit can be stored outside of the /var/lib/dirsrv/slapd-instance_name/ldif/ directory. You can use this to override files, such as dse.ldif or to fill the root partition.

Package Version and Platform

389-ds-base-1.4.1.6-20190813git7a24286f1.el8.x86_64

Steps to reproduce

  1. Open 389 DS in Cockpit
  2. Database / Select a suffix / click "Suffix Tasks" / click "Export Suffix"
  3. Enter, for example: ../../../../../etc/dirsrv/slapd-instance_name/dse.ldif to override the dse.ldif file.

Actual results

By using relative paths, you can store files outside of /var/lib/dirsrv/slapd-instance_name/ldif/. This can be used to override other LDIF files (I tired overriding other files on which dirsrv had write permissions, but it only overwrote .ldif files) or you can use it to fill up other file systems.

The example above overrides the dse.ldif file. I know that DS recovers the file from dse.ldif.bak if you restart the service, but it is very scary. Maybe operations might fail until the service has been restarted. I haven't checked this.

Expected results

Exports should only be stored in /var/lib/dirsrv/slapd-instance_name/ldif/

Metadata Update from @mreynolds:
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to None
- Issue set to the milestone: 1.4.0
4 years ago

Commit 0040332 relates to this ticket

295ea07..9b9c7a4 389-ds-base-1.4.1 -> 389-ds-base-1.4.1

Metadata Update from @mreynolds:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
4 years ago

Commit 041f71c relates to this ticket

Commit 041f71c relates to this ticket

9b9c7a4..f8752be 389-ds-base-1.4.1 -> 389-ds-base-1.4.1

Fixed a few more minor issues

Commit db876c6 relates to this ticket

Commit db876c6 relates to this ticket

f8752be..7ee2626 389-ds-base-1.4.1 -> 389-ds-base-1.4.1

Fix some more issues...

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/3602

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
None
None
None
None
Related Pull Requests
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.