#7725 ipa-restore set wrong file permissions and ownership for /var/log/dirsrv/slapd-<instance> directory
Closed: fixed 11 months ago by rcritten. Opened 2 years ago by abbra.

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1636765

Description of problem:
When attempting a restore, the permission are set to 755 and ownership
root:root for /var/log/dirsrv/slapd-<instance> which causes dirsrv not being
able to write to the access log


Version-Release number of selected component (if applicable):


How reproducible:
always

Steps to Reproduce:
1. ipa-restore /tmp/ipa-full-2018-10-02-11-53-58
2. grep log_flush_buffer /var/log/dirsrv/dirsrv/slapd-<instance>/errors
[07/Oct/2018:15:12:14.655887136 +0200] - ERR - log_flush_buffer - Unable to
open access file:/var/log/dirsrv/slapd-<instance>/access


Actual results:
[root@ipa1 dirsrv]# ll
total 4
drwxr-xr-x. 2 root root 4096 Oct  7 15:11 slapd-<instance>



Expected results:
[root@ipa1 dirsrv]# ll
total 4
drwxrwx---. 2 dirsrv dirsrv 4096 Oct  7 15:20 slapd-<instance>



Additional info:
Can be easily recovered manually by:
chmod 770 slapd-<instance>
chown dirsrv:dirsrv slapd-<instance>
SELinux context is correct

Metadata Update from @abbra:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1636765

2 years ago

Metadata Update from @rcritten:
- Issue assigned to rcritten

11 months ago

master:

  • 8da0e2e ipa-restore: Restore ownership and perms on 389-ds log directory

ipa-4-8:

  • 966e0b8 ipa-restore: Restore ownership and perms on 389-ds log directory

ipa-4-7:

  • 05b173c ipa-restore: Restore ownership and perms on 389-ds log directory

ipa-4-6:

  • 8cd2052 ipa-restore: Restore ownership and perms on 389-ds log directory

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

11 months ago

master:

  • 7aec6f1 Check file ownership and permission for dirsrv log instance

ipa-4-8:

  • 940e2ef Check file ownership and permission for dirsrv log instance

ipa-4-7:

  • 140111c Check file ownership and permission for dirsrv log instance

ipa-4-6:

  • de0afea Check file ownership and permission for dirsrv log instance

Login to comment on this ticket.

Metadata