From e3fdc7b1a713c55266803952ad74364977fc01a6 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 27 Oct 2015 10:20:31 +0100 Subject: [PATCH] ctdb: open the RO tracking db with perms 0600 instead of 0000 While 0000 is possible from the UNIX/POSIX point of view, these permissions create problems in an environment with selinux enabled, which is more strict. This aligns the perms of the read only tracking db with other internal dbs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11577 Signed-off-by: Michael Adam Reviewed-by: Amitay Isaacs Autobuild-User(master): Amitay Isaacs Autobuild-Date(master): Wed Oct 28 06:13:09 CET 2015 on sn-devel-104 (cherry picked from commit 0a90ed51245d4a7acb23d22e47ee3fd5b83819b0) --- ctdb/server/ctdb_ltdb_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ctdb/server/ctdb_ltdb_server.c b/ctdb/server/ctdb_ltdb_server.c index 174a460..d6a36a5 100644 --- a/ctdb/server/ctdb_ltdb_server.c +++ b/ctdb/server/ctdb_ltdb_server.c @@ -723,7 +723,7 @@ int ctdb_set_db_readonly(struct ctdb_context *ctdb, struct ctdb_db_context *ctdb ctdb_db->rottdb = tdb_open(ropath, ctdb->tunable.database_hash_size, TDB_NOLOCK|TDB_CLEAR_IF_FIRST|TDB_NOSYNC, - O_CREAT|O_RDWR, 0); + O_CREAT|O_RDWR, 0600); if (ctdb_db->rottdb == NULL) { DEBUG(DEBUG_CRIT,("Failed to open/create the tracking database '%s'\n", ropath)); talloc_free(ropath); -- 2.4.3