On 10/16/2014 01:49 PM, Pavel Reichl wrote:
On 10/16/2014 01:43 PM, Michal Židek wrote:
> On 10/16/2014 11:01 AM, Pavel Reichl wrote:
>>
>> On 10/16/2014 10:23 AM, Jakub Hrozek wrote:
>>> On Wed, Oct 15, 2014 at 06:17:55PM -0400, Simo Sorce wrote:
>>>> On Wed, 15 Oct 2014 22:24:04 +0200
>>>> Jakub Hrozek <jhrozek(a)redhat.com> wrote:
>>>>
>>>>> From c0385561ee5e9d050d2222aa43ebf46514f37dad Mon Sep 17 00:00:00
>>>>> 2001
>>>>> From: Michal Zidek <mzidek(a)redhat.com>
>>>>> Date: Thu, 9 Oct 2014 17:15:56 +0200
>>>>> Subject: [PATCH 5/7] MONITOR: Allow confdb to be accessed by nonroot
>>>>> user
>>>>>
>>>>> ---
>>>>> src/monitor/monitor.c | 11 ++++++++++-
>>>>> 1 file changed, 10 insertions(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
>>>>> index
>>>>>
44614be173325aa5b6f7ed03f00b6d4489ddf522..bd2c373008ef75ab46cf7dccdefd12468894f1ba
>>>>>
>>>>>
>>>>> 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c
>>>>> @@ -1718,7 +1718,6 @@ static errno_t load_configuration(TALLOC_CTX
>>>>> *mem_ctx, DEBUG(SSSDBG_FATAL_FAILURE, "Fatal error initializing
>>>>> confdb\n"); goto done;
>>>>> }
>>>>> - talloc_zfree(cdb_file);
>>>>> ret = confdb_init_db(config_file, ctx->cdb);
>>>>> if (ret != EOK) {
>>>>> @@ -1734,6 +1733,16 @@ static errno_t load_configuration(TALLOC_CTX
>>>>> *mem_ctx, goto done;
>>>>> }
>>>>> + /* Allow configuration database to be accessible
>>>>> + * when SSSD runs as nonroot */
>>>>> + ret = chown(cdb_file, ctx->uid, ctx->gid);
>>>>> + if (ret != EOK) {
>>>>> + DEBUG(SSSDBG_FATAL_FAILURE,
>>>>> + "chown failed for [%s]: [%d][%s].\n",
>>>>> + cdb_file, ret, sss_strerror(ret));
>> errno should be used in debug message.
>> sss_strerror should be IMO replaced by strerror
>> ret should be set to some sensible value, as it is now -1.
>
> No. Please use sss_strerror where possible (not just where needed).
>
Sorry, you are right, but I believe that the rest of my previous comment
is valid, right?
Sure, I just reacted to the one thing I disagreed with :)