#64 Instance creation wrongly updates the group permissions of /var/run/dirsrv , though the instance creation fails
Closed: wontfix 5 years ago Opened 10 years ago by mkosek.

https://bugzilla.redhat.com/show_bug.cgi?id=676604

Description of problem: Creation of an instance as a different group than the
existing instance group, breaks the existing instances.


Version-Release number of selected component (if applicable): 389-ds-base

How to reproduce:

1. Install 389-ds-base/ds8.2.4 build.
2. Create a shared group and few users for the same group.
      groupadd group1
      useradd -g group1 user1             - inst1
      useradd -g group1 user2             - inst2
      useradd -g group1 user3             - inst3
3. Create three instances using these group/user names as inst1, inst2 and
inst3.
4. Check the file permissions for /var/run/dirsrv - user1/group1
5. Create a group called - group2: groupadd group2
6. Create an user(user4) and add it to group2: useradd -g group2 user4
7. Create an instance(inst4) using user as user4 and group as group2.
8. Instance creation succeeds for inst4
9. Check the file permissions for /var/run/dirsrv - user1/group2

10. The group permission keeps changing based on the new instance created.

Actual results:
Due to the change in the file(group) permissions, instances inst2 and inst3
fails to start.

Expected results:

DS should not allow the user to create an instance as an unprivileged DS group.
Group permission for this directory should not be altered.

batch update to FUTURE milestone

set default ticket origin to Community

Added initial screened field value.

Hasn't this issue been fixed by Mark already?

Replying to [comment:8 nhosoi]:

Hasn't this issue been fixed by Mark already?

No, this is a known issue though. What I did was I reset the permissions on /var/run & /var/lock after the last instance was removed. So a fresh install, using a different user/group from the previous install, would succeed.

I don't think there is anything in place that checks file permission conflicts when creating instances.

Replying to [comment:9 mreynolds]:

Replying to [comment:8 nhosoi]:

Hasn't this issue been fixed by Mark already?

No, this is a known issue though. What I did was I reset the permissions on /var/run & /var/lock after the last instance was removed. So a fresh install, using a different user/group from the previous install, would succeed.

I don't think there is anything in place that checks file permission conflicts when creating instances.

Thanks for the clarification. Then, let's defer it since the priority is minor...

Metadata Update from @nhosoi:
- Issue set to the milestone: 1.3.6 backlog

5 years ago

Is this issue still valid?

Metadata Update from @firstyear:
- Custom field reviewstatus adjusted to review
- Custom field version adjusted to 1.3.6
- Issue close_status updated to: None

5 years ago

No word from anyone, closing.

Metadata Update from @firstyear:
- Issue close_status updated to: worksforme
- Issue status updated to: Closed (was: Open)

5 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/64

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: worksforme)

2 years ago

Login to comment on this ticket.

Metadata