Be explicit about setting perms for the ldb. Helps others who may use this api.

author Jeremy Allison <jra@samba.org>

Wed, 27 Aug 2008 18:28:18 +0000 (11:28 -0700)

committer Jeremy Allison <jra@samba.org>

Wed, 27 Aug 2008 18:28:18 +0000 (11:28 -0700)
author Jeremy Allison <jra@samba.org>
Wed, 27 Aug 2008 18:28:18 +0000 (11:28 -0700)
committer Jeremy Allison <jra@samba.org>
Wed, 27 Aug 2008 18:28:18 +0000 (11:28 -0700)
diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c

index ce65d7c46d571c506329877b2481cdbf3a810295..7ce879fb6ed9eb40931956a4c42c3acc760287fb 100644 (file)
--- a/source3/groupdb/mapping_ldb.c
+++ b/source3/groupdb/mapping_ldb.c
@@ -60,6 +60,9 @@ static bool init_group_mapping(void)
         ldb = ldb_init(NULL);
         if (ldb == NULL) goto failed;
  
+       /* Ensure this db is created read/write for root only. */
+       ldb_set_create_perms(ldb, 0600);
+
         existed = file_exist(db_path, NULL);
  
         if (lp_parm_bool(-1, "groupmap", "nosync", False)) {
author	Jeremy Allison <jra@samba.org>
	Wed, 27 Aug 2008 18:28:18 +0000 (11:28 -0700)
committer	Jeremy Allison <jra@samba.org>
	Wed, 27 Aug 2008 18:28:18 +0000 (11:28 -0700)