IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add exec to /var/lib/ipa/sysrestore for install status inquiries

Browse Source 
installutils.is_ipa_configured() previously required root
privileges to see whether there were sysrestore or filestore
files. The directory was mode 0700 so this function always returned
False for non-root users.

Relaxing permissions is is needed to run the tests as the jenkins user.

Backed-up files retain their original FS permissions so this
shouldn't disclose any previously unreadable backed-up configuration.

https://pagure.io/freeipa/issue/7157

Reviewed-By: Tomas Krizek <tkrizek@redhat.com>
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
This commit is contained in:
Rob Crittenden 2017-09-18 11:31:45 -04:00 committed by Stanislav Laznicka
parent fa6181293a
commit 62e72c2a53
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
freeipa.spec.in
View File

@ -1467,7 +1467,7 @@ fi
%dir %{_localstatedir}/lib/ipa
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/backup
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/gssproxy
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/sysrestore
%attr(711,root,root) %dir %{_localstatedir}/lib/ipa/sysrestore
%attr(700,root,root) %dir %{_localstatedir}/lib/ipa/sysupgrade
%attr(755,root,root) %dir %{_localstatedir}/lib/ipa/pki-ca
%ghost %{_localstatedir}/lib/ipa/pki-ca/publish