From 97887efa205264fdcf55dc7428d759eeff1b2bc2 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 27 Oct 2015 10:20:31 +0100 Subject: [PATCH] ctdb: open the RO tracking db with perms 0600 instead of 0000 While 0000 is possible from the UNIX/POSIX point of view, these permissions create problems in an environment with selinux enabled, which is more strict. This aligns the perms of the read only tracking db with other internal dbs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11577 Signed-off-by: Michael Adam Reviewed-by: Amitay Isaacs Autobuild-User(master): Amitay Isaacs Autobuild-Date(master): Wed Oct 28 06:13:09 CET 2015 on sn-devel-104 (cherry picked from commit 0a90ed51245d4a7acb23d22e47ee3fd5b83819b0) --- ctdb/server/ctdb_ltdb_server.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ctdb/server/ctdb_ltdb_server.c b/ctdb/server/ctdb_ltdb_server.c index 5357c6c..19dbb00 100644 --- a/ctdb/server/ctdb_ltdb_server.c +++ b/ctdb/server/ctdb_ltdb_server.c @@ -718,7 +718,7 @@ int ctdb_set_db_readonly(struct ctdb_context *ctdb, struct ctdb_db_context *ctdb ctdb_db->rottdb = tdb_open(ropath, ctdb->tunable.database_hash_size, TDB_NOLOCK|TDB_CLEAR_IF_FIRST|TDB_NOSYNC, - O_CREAT|O_RDWR, 0); + O_CREAT|O_RDWR, 0600); if (ctdb_db->rottdb == NULL) { DEBUG(DEBUG_CRIT,("Failed to open/create the tracking database '%s'\n", ropath)); talloc_free(ropath); -- 2.4.3