From 819d16466cc38c08fd362905605028b4ad9eea25 Mon Sep 17 00:00:00 2001 From: jmatthew Date: Wed, 15 Dec 2021 11:36:40 +0000 Subject: [PATCH] ldapd always uses O_CREAT when reopening database files, so the database directory must be unveiled with "rwc" rather than just "rw". ok deraadt@ mestre@ --- usr.sbin/ldapd/ldapd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/ldapd/ldapd.c b/usr.sbin/ldapd/ldapd.c index 0bb6a59b674..34a098f6ab8 100644 --- a/usr.sbin/ldapd/ldapd.c +++ b/usr.sbin/ldapd/ldapd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldapd.c,v 1.30 2021/12/15 04:00:15 deraadt Exp $ */ +/* $OpenBSD: ldapd.c,v 1.31 2021/12/15 11:36:40 jmatthew Exp $ */ /* * Copyright (c) 2009, 2010 Martin Hedenfalk @@ -243,7 +243,7 @@ main(int argc, char *argv[]) err(1, "unveil %s.db", _PATH_LOGIN_CONF); if (unveil(_PATH_AUTHPROGDIR, "x") == -1) err(1, "unveil %s", _PATH_AUTHPROGDIR); - if (unveil(datadir, "rw") == -1) + if (unveil(datadir, "rwc") == -1) err(1, "unveil %s", datadir); if (unveil(NULL, NULL) == -1) err(1, "unveil"); -- 2.20.1