mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
5525322817
/tmp is a sticky directory. When the OS is configured with fs.protected_regular=1, this means that O_CREATE open is forbidden for files in /tmp if the calling user is not owner of the file, except if the file is owned by the owner of the directory. The installer (executed as root) currently creates a file in /tmp, then modifies its owner to pkiuser and finally writes the pki config in the file. With fs.protected_regular=1, the write is denied because root is not owner of the file at this point. The fix performs the ownership change after the file has been written. Fedora bug: https://bugzilla.redhat.com/show_bug.cgi?id=1677027 Fixes: https://pagure.io/freeipa/issue/7866 Signed-off-by: François Cami <fcami@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Florence Blanc-Renaud <flo@redhat.com> |
||
|---|---|---|
| .. | ||
| advise | ||
| dnssec | ||
| install | ||
| plugins | ||
| secrets | ||
| __init__.py | ||
| dcerpc_common.py | ||
| dcerpc.py | ||
| dns_data_management.py | ||
| Makefile.am | ||
| masters.py | ||
| p11helper.py | ||
| rpcserver.py | ||
| servroles.py | ||
| setup.cfg | ||
| setup.py | ||
| topology.py | ||