[SSSD] [sssd PR#601][comment] sbus: integrate sssd with sbus2

Fri, 10 Aug 2018 05:11:59 -0700 

  URL: https://github.com/SSSD/sssd/pull/601
Title: #601: sbus: integrate sssd with sbus2

pbrezina commented:
"""
Right. The problem was when reading the keytab as you wrote in the mail. I did 
not notice it because my test keytab is readable by all.

I moved `become_user` after the point where data provider is fully initialized 
so the initialization is done as root as it was before.

```diff
+diff --git a/src/providers/data_provider_be.c 
b/src/providers/data_provider_be.c
index 095966b25..670ddb477 100644
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -582,6 +582,23 @@ static void dp_initialized(struct tevent_req *req)
         goto done;
     }
 
+    ret = chown_debug_file(NULL, be_ctx->uid, be_ctx->gid);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_MINOR_FAILURE,
+              "Cannot chown the debug files, debugging might not work!\n");
+    }
+
+    ret = become_user(be_ctx->uid, be_ctx->gid);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_FUNC_DATA,
+              "Cannot become user [%"SPRIuid"][%"SPRIgid"].\n",
+              be_ctx->uid, be_ctx->gid);
+        goto done;
+    }
+
+    DEBUG(SSSDBG_TRACE_FUNC, "Backend provider (%s) started!\n",
+          be_ctx->domain->name);
+
     ret = EOK;
 
 done:
@@ -678,21 +695,6 @@ int main(int argc, const char *argv[])
         return 3;
     }
 
-    ret = chown_debug_file(NULL, uid, gid);
-    if (ret != EOK) {
-        DEBUG(SSSDBG_MINOR_FAILURE,
-              "Cannot chown the debug files, debugging might not work!\n");
-    }
-
-    ret = become_user(uid, gid);
-    if (ret != EOK) {
-        DEBUG(SSSDBG_FUNC_DATA,
-              "Cannot become user [%"SPRIuid"][%"SPRIgid"].\n", uid, gid);
-        return ret;
-    }
-
-    DEBUG(SSSDBG_TRACE_FUNC, "Backend provider (%s) started!\n", be_domain);
-
     /* loop on main */
     server_loop(main_ctx);
 ```
"""

See the full comment at 
https://github.com/SSSD/sssd/pull/601#issuecomment-412063892

_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/sssd-devel@lists.fedorahosted.org/message/DLAN5Y5OJ7BFMIQZIO5SAZ6VK7UEWFA6/

Reply via email to