Annotation of doc/loncapafiles/sanitycheck.piml, revision 1.27

1.4       harris41    1: <!DOCTYPE piml PUBLIC "-//TUX/DTD piml 1.0 Final//EN" 
                      2: 	"http://lpml.sourceforge.net/DTD/piml.dtd">
1.1       harris41    3: <!-- sanitycheck.piml -->
                      4: 
1.27    ! raeburn     5: <!-- $Id: sanitycheck.piml,v 1.26 2009/07/05 21:23:42 raeburn Exp $ -->
1.1       harris41    6: 
                      7: <!--
                      8: 
                      9: This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                     10: 
                     11: LON-CAPA is free software; you can redistribute it and/or modify
                     12: it under the terms of the GNU General Public License as published by
                     13: the Free Software Foundation; either version 2 of the License, or
                     14: (at your option) any later version.
                     15: 
                     16: LON-CAPA is distributed in the hope that it will be useful,
                     17: but WITHOUT ANY WARRANTY; without even the implied warranty of
                     18: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     19: GNU General Public License for more details.
                     20: 
                     21: You should have received a copy of the GNU General Public License
                     22: along with LON-CAPA; if not, write to the Free Software
                     23: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     24: 
                     25: /home/httpd/html/adm/gpl.txt
                     26: 
                     27: http://www.lon-capa.org/
                     28: 
                     29: -->
                     30: 
                     31: <piml>
                     32: <targetroot>/</targetroot>
                     33: <files>
1.12      harris41   34: <file>
                     35: <target dist='default'>/etc/hosts</target>
                     36: <perlscript mode='fg'>
                     37: unless
                     38:     (-e '<TARGET />') # Does file exist?
                     39:   {
                     40:     print("**** ERROR **** Missing <TARGET />\n");
                     41:   }
                     42: else
                     43:   {
                     44:     my $numentries = `grep -v '^#' <TARGET /> | grep -c '[[:alpha:]]'`;
                     45:     if ($numentries == 1)
                     46:       {
                     47:         print("**** ERROR **** Malformatted <TARGET />\n");
                     48:         print("<TARGET /> typically should have at least two entries, ".
                     49: 	      "e.g.:\n");
                     50: 	print("127.0.0.1               localhost.localdomain localhost\n");
                     51: 	print("35.8.63.26              s16.lite.msu.edu s16\n");
                     52:         print("The <TARGET /> file on your machine looks like it was \n".
                     53: 	      "messed up due to a common bug with RedHat installations.\n".
                     54: 	      "(This weird bug is RedHat's fault, not LON-CAPA's.)\n");
                     55:         print("Please read the man pages about \"hosts\" and fix your\n".
                     56: 	      "<TARGET /> file.\n");
                     57:       }
                     58:   }
                     59: </perlscript>
                     60: </file>
1.6       harris41   61: <file>
                     62: <target dist='default'>/var/lib/mysql/mysql.sock</target>
                     63: <perlscript mode='fg'>
                     64: unless
                     65:     (-e '<TARGET />') # Does file exist?
                     66:   {
                     67:     print("**** ERROR **** Missing <TARGET />\n");
                     68:   }
1.15      matthew    69: <!-- Commented out by Matthew since MySQL insists on doing things its own way
1.6       harris41   70: else # It exists, so look at the file metadata more closely.
                     71:   {
                     72:     my @s = stat('<TARGET />');
                     73:     my $uid = $s[4];
                     74:     my $mode = $s[2];
                     75:     my $web_uid = getpwnam('www');
                     76:     my $smode = sprintf("%04o",$mode & 07777);
                     77: 
                     78:     if ($uid ne $web_uid) # If file owned by someone else other than www.
                     79:       {
1.14      matthew    80: 	print('**** WARNING **** <TARGET /> should be owned by'.
1.6       harris41   81: 	      ' www.'."\n".'Try these commands to make things right:'."\n".
1.8       matthew    82: 	      'chown www:www <TARGET />'."\n".
                     83: 	      'chmod a-rwx,u+rwx <TARGET />'."\n");
1.6       harris41   84:       }
1.7       harris41   85:     else # Check permissions on the file to make sure it is private to www.
1.6       harris41   86:       {
                     87: 	$smode =~ /^.(.)..$/;
                     88: 	my $wflag = $1;
1.7       harris41   89: 	if ($wflag != 7) # Can www use this socket?  (Hope so!)
1.6       harris41   90: 	  {
1.14      matthew    91: 	    print('**** WARNING **** '.
1.6       harris41   92: 	      '<TARGET /> should be user "rwx" (by'.
                     93: 	      ' www).'."\n".'Try these commands to make things right:'."\n".
1.8       matthew    94: 	      'chown www:www <TARGET />'."\n".
                     95: 	      'chmod a-rwx,u+rwx <TARGET />'."\n");
1.6       harris41   96: 	  }
                     97: 	$smode=~/^..(..)$/;
                     98: 	$wflag=$1;
1.7       harris41   99: 	if ($wflag ne "00") # Can others use this socket?  (Hope not!)
1.6       harris41  100: 	  {
1.14      matthew   101: 	    print('**** WARNING **** '.
1.6       harris41  102: 	      '<TARGET /> should not be group or everybody accessible'.
                    103: 	      '.'."\n".'Try these commands to make things right:'."\n".
1.8       matthew   104: 	      'chown www:www <TARGET />'."\n".
                    105: 	      'chmod a-rwx,u+rwx <TARGET />'."\n");
1.6       harris41  106: 	  }
                    107:       }
                    108:   }
1.15      matthew   109:  -->
1.6       harris41  110: </perlscript>
                    111: </file>
1.1       harris41  112: <file>
                    113: <target dist='default'>/etc/httpd/conf/loncapa.conf</target>
1.27    ! raeburn   114: <target dist='sles10 suse10.1 suse10.2 suse10.3 suse11.1 debian5 ubuntu6 ubuntu8'>/etc/apache2/loncapa.conf</target>
1.1       harris41  115: <perlscript mode='fg'>
                    116: open IN, "&lt;<TARGET />";
                    117: my $hbug=-1;
                    118: my $dbug=-1;
                    119: while (&lt;IN&gt;) {
                    120:  if (/PerlSetVar\s+lonHostID\s+(\S+)/) {
                    121:   my $v=$1;
                    122:   $hbug=0;
1.23      albertel  123:   $hbug=1 if $v=~/[^\w.\-]/;
                    124:   $hbug=1 if $v=~/_/;
1.1       harris41  125:  }
                    126:  if (/PerlSetVar\s+lonDefDomain\s+(\S+)/) {
                    127:   my $v=$1;
                    128:   $dbug=0;
1.23      albertel  129:   $dbug=1 if $v=~/[^\w.\-]/;
                    130:   $dbug=1 if $v=~/_/;
1.5       harris41  131:   # Avoid namespace conflicts under the web server's DocumentRoot.
                    132:   my @badnames=('raw','userfiles','priv','adm','uploaded');
                    133:   foreach my $bad (@badnames) {
                    134:    $dbug=1 if $v eq $bad;
                    135:   }
1.1       harris41  136:  }
                    137: }
                    138: if ($hbug) {
                    139:   print "**** ERROR **** <TARGET /> has invalid lonHostID\n";
                    140: }
                    141: if ($dbug) {
                    142:   print "**** ERROR **** <TARGET /> has invalid lonDefDomain\n";
                    143: }
                    144: </perlscript>
                    145: </file>
                    146: <file>
                    147: <target dist='default'>/home/httpd/lonTabs/hosts.tab</target>
                    148: open IN, "&lt;<TARGET />";
                    149: my $rbug=0;
                    150: my $dbug=0;
                    151: my $sbug=0;
                    152: my $fbug=0;
1.22      albertel  153: my %line;
                    154: my $line=0;
1.23      albertel  155: while (my $l = &lt;IN&gt;) {
1.22      albertel  156:  $line++;
1.23      albertel  157:  next if ($l=~/^(\#|\s*$)/);
                    158:  if ($l=~/^\^/) {
                    159:   if ($l !~ /^\^[\w.\-]/) {
                    160:     $dns_bug = 1;
                    161:     push(@{$line{'dns'}},$line);
                    162:   }
                    163:  } elsif ($l=~/\S/) {
                    164:   if ($l=~/\r/) {              $rbug=1; push(@{$line{'r'}},$line); }
                    165:   my @a=split(/:/,$l);
1.22      albertel  166:   if ($a[0]=~/[^\w\-.]/ ||
                    167:       $a[1]=~/[^\w\-.]/ ||
                    168:       $a[0]=~/\_/       ||
                    169:       $a[1]=~/\_/      ) { $dbug=1; push(@{$line{'d'}},$line); }
                    170:   if (@a<4 || @a>5) {      $fbug=1; push(@{$line{'f'}},$line); }
1.3       albertel  171:   my $expr='\s.+$';
1.22      albertel  172:   if ($a[0] =~ /$expr/ ||
                    173:       $a[1] =~ /$expr/ ||
                    174:       $a[2] =~ /$expr/ ||
                    175:       $a[3] =~ /$expr/ ) { $sbug=1; push(@{$line{'s'}},$line); }
1.3       albertel  176: ;
1.1       harris41  177:  }
                    178: }
                    179: close IN;
                    180: if ($rbug) {
1.22      albertel  181:   print "**** ERROR **** <TARGET /> is DOS-formatted (lines ".join(', ',@{$line{'r'}}).")\n";
1.1       harris41  182: }
                    183: if ($dbug) {
1.22      albertel  184:   print "**** ERROR **** <TARGET /> has invalid host id or domain id (lines ".join(', ',@{$line{'d'}}).")\n";
1.1       harris41  185: }
                    186: if ($fbug) {
1.22      albertel  187:   print "**** ERROR **** <TARGET /> is lacking 4 or 5 columns for every row (lines ".join(', ',@{$line{'f'}}).")\n";
1.1       harris41  188: }
                    189: if ($sbug) {
1.22      albertel  190:   print "**** ERROR **** <TARGET /> has illegal whitespace character (lines ".join(', ',@{$line{'s'}}).")\n";
1.1       harris41  191: }
1.23      albertel  192: if ($dns_bug) {
                    193:   print "**** ERROR **** <TARGET /> host.tab server entry has characters (lines ".join(', ',@{$line{'dns'}}).")\n";
                    194: }
1.1       harris41  195: </file>
                    196: <file>
                    197: <target dist='default'>/home/httpd/lonTabs/spare.tab</target>
                    198: open IN, "&lt;<TARGET />";
                    199: my $rbug=0;
                    200: my $dbug=0;
                    201: my $sbug=0;
1.18      albertel  202: while (my $line = &lt;IN&gt;) {
                    203:  if ($line =~ /\S/) {
                    204:   $rbug=1 if $line=~/\r/;
1.19      albertel  205:   if ($line =~ /\W.*\n/) {
1.18      albertel  206: 	$dbug=$line if ($line !~/\w:(?:primary|default)$/);
                    207:   }
                    208:   $dbug=$line if $line=~/\_/;
                    209:   $sbug=1 if $line=~/\s.+$/;
1.1       harris41  210:  }
                    211: }
                    212: close IN;
                    213: if ($rbug) {
                    214:   print "**** ERROR **** <TARGET /> is DOS-formatted\n";
                    215: }
                    216: if ($dbug) {
1.18      albertel  217:   print "**** ERROR **** <TARGET /> has invalid host id ($dbug)\n";
1.1       harris41  218: }
                    219: if ($sbug) {
                    220:   print "**** ERROR **** <TARGET /> has illegal whitespace character\n";
                    221: }
                    222: </file>
                    223: </files>
                    224: </piml>

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>