diff options
author | Martin Schwenke <martin@meltin.net> | 2020-10-24 20:35:53 +1100 |
---|---|---|
committer | Amitay Isaacs <amitay@samba.org> | 2020-11-02 08:58:31 +0000 |
commit | 65ab8cb014ca7ac97433ec53d6d163e6da5a3fe7 (patch) | |
tree | 74f1e7194a112ab0b351ee2f451972f357f7aefb /ctdb | |
parent | 78c3b5b6a83d934c99ac25480fbc01f9aeb198e3 (diff) | |
download | samba-65ab8cb014ca7ac97433ec53d6d163e6da5a3fe7.tar.gz |
ctdb-daemon: Do not attempt to chown Unix domain socket in test mode
If run with UID wrapper and UID_WRAPPER_ROOT=1 then securing the
socket will fail.
Test mode means that local daemons are in use, so securing the socket
is not important.
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Diffstat (limited to 'ctdb')
-rw-r--r-- | ctdb/server/ctdb_daemon.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/ctdb/server/ctdb_daemon.c b/ctdb/server/ctdb_daemon.c index abe47fd2311..9035f5b4748 100644 --- a/ctdb/server/ctdb_daemon.c +++ b/ctdb/server/ctdb_daemon.c @@ -1171,7 +1171,7 @@ static void ctdb_accept_client(struct tevent_context *ev, * Create a unix domain socket, bind it, secure it and listen. Return * the file descriptor for the socket. */ -static int ux_socket_bind(struct ctdb_context *ctdb) +static int ux_socket_bind(struct ctdb_context *ctdb, bool test_mode_enabled) { struct sockaddr_un addr = { .sun_family = AF_UNIX }; int ret; @@ -1202,11 +1202,13 @@ static int ux_socket_bind(struct ctdb_context *ctdb) goto failed; } - ret = chown(ctdb->daemon.name, geteuid(), getegid()); - if (ret != 0) { - D_ERR("Unable to secure (chown) ctdb socket '%s'\n", - ctdb->daemon.name); - goto failed; + if (!test_mode_enabled) { + ret = chown(ctdb->daemon.name, geteuid(), getegid()); + if (ret != 0 && !test_mode_enabled) { + D_ERR("Unable to secure (chown) ctdb socket '%s'\n", + ctdb->daemon.name); + goto failed; + } } ret = chmod(ctdb->daemon.name, 0700); @@ -1493,7 +1495,7 @@ int ctdb_start_daemon(struct ctdb_context *ctdb, ctdb_create_pidfile(ctdb); /* create a unix domain stream socket to listen to */ - ret = ux_socket_bind(ctdb); + ret = ux_socket_bind(ctdb, test_mode_enabled); if (ret != 0) { D_ERR("Cannot continue. Exiting!\n"); exit(10); |