From da7c2116996d26d22b3eca9f20cb497791dbb857 Mon Sep 17 00:00:00 2001
From: boli <boli@localhost>
Date: Fri, 15 Sep 2006 16:54:57 +0000
Subject: [PATCH] This uses the new FilePermission framework to set permissions on the directory holding the database files. The new config attribute ds-cfg-backend-mode is optional and by default has a value of 700. The permissions are set on backend initialization as well as on the fly via LDAP. The server will make sure the file permissions will allow owner access before setting. Any exceptions encountered while setting the attribute will result in non fatal errors which are logged. However, any configuration exceptions will keep the backend from starting.

---
 opends/src/server/org/opends/server/messages/ConfigMessages.java |   40 ++++++++++++++++++++++++++++++++++++++++
 1 files changed, 40 insertions(+), 0 deletions(-)

diff --git a/opends/src/server/org/opends/server/messages/ConfigMessages.java b/opends/src/server/org/opends/server/messages/ConfigMessages.java
index 02ec5d7..615f2a8 100644
--- a/opends/src/server/org/opends/server/messages/ConfigMessages.java
+++ b/opends/src/server/org/opends/server/messages/ConfigMessages.java
@@ -6125,6 +6125,34 @@
 
 
   /**
+   * The message ID used to describe the attribute which configure the
+   * file permissions mode for the database directory.
+   */
+  public static final int MSGID_CONFIG_DESCRIPTION_BACKEND_MODE =
+      CATEGORY_MASK_CONFIG | SEVERITY_MASK_INFORMATIONAL | 566;
+
+
+
+  /**
+   * The message ID for the message that will be used if the backend directory
+   * file permission mode atrribute is not a valid UNIX mode.
+   */
+  public static final int MSGID_CONFIG_BACKEND_MODE_INVALID =
+      CATEGORY_MASK_CONFIG | SEVERITY_MASK_SEVERE_ERROR | 567;
+
+
+
+  /**
+   * The message ID of an error indicating that the file permissions for the
+   * database directory will result in an inaccessable database. The orginal or
+   * default value will be used instead
+   */
+  public static final int MSGID_CONFIG_BACKEND_INSANE_MODE =
+      CATEGORY_MASK_JEB | SEVERITY_MASK_SEVERE_WARNING | 568;
+
+
+
+  /**
    * Associates a set of generic messages with the message IDs defined in this
    * class.
    */
@@ -8881,6 +8909,18 @@
                     " (It should be a positive integer value specifying " +
                     "the lookthrough limit to use, or a value of 0 or -1 to " +
                     "indicate that no limit should be enforced):  %s.");
+    registerMessage(MSGID_CONFIG_DESCRIPTION_BACKEND_MODE,
+                    "The permissions used for the directory containing the " +
+                    "backend database files");
+    registerMessage(MSGID_CONFIG_BACKEND_MODE_INVALID,
+                   "Configuration entry %s does not contain a valid value " +
+                   "for configuration attribute " + ATTR_BACKEND_MODE +
+                   " (It should be an UNIX permission mode in three-digit " +
+                   "octal notation.)");
+    registerMessage(MSGID_CONFIG_BACKEND_INSANE_MODE,
+                   "Unable to set the requested file permissions to the " +
+                   "backend database directory. The requested permissions " +
+                   "will result in an inaccessable database.");
   }
 }
 

--
Gitblit v1.10.0