|
version 1.3, 2002/07/17 17:55:07
|
version 1.9, 2002/11/26 15:05:19
|
|
Line 1
|
Line 1
|
| |
<!DOCTYPE piml PUBLIC "-//TUX/DTD piml 1.0 Final//EN" |
| |
"http://lpml.sourceforge.net/DTD/piml.dtd"> |
| <!-- sanitycheck.piml --> |
<!-- sanitycheck.piml --> |
| <!-- Scott Harrison --> |
<!-- Scott Harrison --> |
| |
|
|
Line 31 http://www.lon-capa.org/
|
Line 33 http://www.lon-capa.org/
|
| <targetroot>/</targetroot> |
<targetroot>/</targetroot> |
| <files> |
<files> |
| <file> |
<file> |
| |
<target dist='default'>/var/lib/mysql/mysql.sock</target> |
| |
<target dist='redhat7'>/tmp/mysql.sock</target> |
| |
<perlscript mode='fg'> |
| |
unless |
| |
(-e '<TARGET />') # Does file exist? |
| |
{ |
| |
print("**** ERROR **** Missing <TARGET />\n"); |
| |
} |
| |
else # It exists, so look at the file metadata more closely. |
| |
{ |
| |
my @s = stat('<TARGET />'); |
| |
my $uid = $s[4]; |
| |
my $mode = $s[2]; |
| |
my $web_uid = getpwnam('www'); |
| |
my $smode = sprintf("%04o",$mode & 07777); |
| |
|
| |
if ($uid ne $web_uid) # If file owned by someone else other than www. |
| |
{ |
| |
print('**** ERROR **** <TARGET /> should be owned by'. |
| |
' www.'."\n".'Try these commands to make things right:'."\n". |
| |
'chown www:www <TARGET />'."\n". |
| |
'chmod a-rwx,u+rwx <TARGET />'."\n"); |
| |
} |
| |
else # Check permissions on the file to make sure it is private to www. |
| |
{ |
| |
$smode =~ /^.(.)..$/; |
| |
my $wflag = $1; |
| |
if ($wflag != 7) # Can www use this socket? (Hope so!) |
| |
{ |
| |
print('**** ERROR **** '. |
| |
'<TARGET /> should be user "rwx" (by'. |
| |
' www).'."\n".'Try these commands to make things right:'."\n". |
| |
'chown www:www <TARGET />'."\n". |
| |
'chmod a-rwx,u+rwx <TARGET />'."\n"); |
| |
} |
| |
$smode=~/^..(..)$/; |
| |
$wflag=$1; |
| |
if ($wflag ne "00") # Can others use this socket? (Hope not!) |
| |
{ |
| |
print('**** ERROR **** '. |
| |
'<TARGET /> should not be group or everybody accessible'. |
| |
'.'."\n".'Try these commands to make things right:'."\n". |
| |
'chown www:www <TARGET />'."\n". |
| |
'chmod a-rwx,u+rwx <TARGET />'."\n"); |
| |
} |
| |
} |
| |
} |
| |
</perlscript> |
| |
</file> |
| |
<file> |
| <target dist='default'>/etc/httpd/conf/loncapa.conf</target> |
<target dist='default'>/etc/httpd/conf/loncapa.conf</target> |
| <perlscript mode='fg'> |
<perlscript mode='fg'> |
| open IN, "<<TARGET />"; |
open IN, "<<TARGET />"; |
|
Line 48 while (<IN>) {
|
Line 100 while (<IN>) {
|
| $dbug=0; |
$dbug=0; |
| $dbug=1 if $v=~/\W/; |
$dbug=1 if $v=~/\W/; |
| $dbug=1 if $v=~/\_/; |
$dbug=1 if $v=~/\_/; |
| |
# Avoid namespace conflicts under the web server's DocumentRoot. |
| |
my @badnames=('raw','userfiles','priv','adm','uploaded'); |
| |
foreach my $bad (@badnames) { |
| |
$dbug=1 if $v eq $bad; |
| |
} |
| } |
} |
| } |
} |
| if ($hbug) { |
if ($hbug) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to sanitycheck.piml CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / doc / loncapafiles