New versions of Berkeley DB (I tested with 4.5.20) seem to

have a new algorithm that always creates a new log file on startup.  This
broke Citadel's drop_root_perms and caused a database crash.  Refactored
the order of startup functions, separating the code which performs chown
and chmod on files in ctdl_data_dir into its own function and calling that
immediately prior to dropping root permissions.

diff --git a/citadel/database.h b/citadel/database.h
index 7fd42bcb8f80b2dc5bea7a48a78fe2fdf8f59aee..b913faa87048e0b6f602d148841ac01801f82578 100644 (file)
--- a/citadel/database.h
+++ b/citadel/database.h
@@ -16,6 +16,7 @@ void cdb_free_tsd(void);
 void cdb_check_handles(void);
 void cdb_trunc(int cdb);
 void *checkpoint_thread(void *arg);
+void cdb_chmod_data(void);
 
 /*
  * Database records beginning with this magic number are assumed to

diff --git a/citadel/database_sleepycat.c b/citadel/database_sleepycat.c
index cfa60460a54cca3b3bbf43ca2d5dfa0c0c5e1878..918b6d415f9c6db1de8eba55351c88ceeb159e56 100644 (file)
--- a/citadel/database_sleepycat.c
+++ b/citadel/database_sleepycat.c
@@ -343,9 +343,6 @@ void open_databases(void)
        int i;
        char dbfilename[SIZ];
        u_int32_t flags = 0;
-       DIR *dp;
-       struct dirent *d;
-       char filename[PATH_MAX];
 
        lprintf(CTDL_DEBUG, "cdb_*: open_databases() starting\n");
        lprintf(CTDL_DEBUG, "Compiled db: %s\n", DB_VERSION_STRING);
@@ -452,18 +449,29 @@ void open_databases(void)
        }
 
        cdb_allocate_tsd();
+}
+
+
+/* Make sure we own all the files, because in a few milliseconds
+ * we're going to drop root privs.
+ */
+void cdb_chmod_data(void) {
+       DIR *dp;
+       struct dirent *d;
+       char filename[PATH_MAX];
 
-       /* Now make sure we own all the files, because in a few milliseconds
-        * we're going to drop root privs.
-        */
        dp = opendir(ctdl_data_dir);
        if (dp != NULL) {
                while (d = readdir(dp), d != NULL) {
                        if (d->d_name[0] != '.') {
                                snprintf(filename, sizeof filename,
                                         "%s/%s", ctdl_data_dir, d->d_name);
-                               chmod(filename, 0600);
-                               chown(filename, CTDLUID, (-1));
+                               lprintf(9, "chmod(%s, 0600) returned %d\n",
+                                       filename, chmod(filename, 0600)
+                               );
+                               lprintf(9, "chown(%s, CTDLUID, -1) returned %d\n",
+                                       filename, chown(filename, CTDLUID, (-1))
+                               );
                        }
                }
                closedir(dp);

diff --git a/citadel/server_main.c b/citadel/server_main.c
index d831ec0f5dc14cfcd5628e6abcc67d5a5613e316..7f9551ebc8bec39dfbbc10a4b409291fcb24c1b7 100644 (file)
--- a/citadel/server_main.c
+++ b/citadel/server_main.c
@@ -241,6 +241,8 @@ int main(int argc, char **argv)
         * corresponding group ids
         */
        if (drop_root_perms) {
+               cdb_chmod_data();       /* make sure we own our data files */
+
 #ifdef SOLARIS_GETPWUID
                pwp = getpwuid_r(config.c_ctdluid, &pw, pwbuf, sizeof(pwbuf));
 #else