|
version 1.11, 2004/10/20 09:30:57
|
version 1.16, 2005/04/07 22:27:52
|
|
Line 69
|
Line 69
|
| use strict; |
use strict; |
| use Fcntl qw(:mode); |
use Fcntl qw(:mode); |
| use DirHandle; |
use DirHandle; |
| |
use POSIX; |
| |
|
| $ENV{'PATH'} = '/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; |
$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; |
| delete @ENV{qw{IFS CDPATH ENV BASH_ENV}}; |
delete @ENV{qw{IFS CDPATH ENV BASH_ENV}}; |
| |
|
| my $DEBUG = 0; # .nonzero -> Debug printing enabled. |
my $DEBUG = 1; # .nonzero -> Debug printing enabled. |
| my $path_sep = "/"; # Unix like operating systems. |
my $path_sep = "/"; # Unix like operating systems. |
| |
|
| |
|
|
Line 144 my $safeuser = $patt;
|
Line 144 my $safeuser = $patt;
|
| if($DEBUG) { |
if($DEBUG) { |
| print("Save username = $safeuser \n"); |
print("Save username = $safeuser \n"); |
| } |
} |
| if(($username ne $safeuser) or ($safeuser!~/^[A-za-z]/)) { |
if(($username ne $safeuser) or ($safeuser!~/^[A-z]/)) { |
| if($DEBUG) { |
if($DEBUG) { |
| print("User name $username had illegal characters\n"); |
print("User name $username had illegal characters\n"); |
| } |
} |
|
Line 185 if(!( -e $dirtry1)) {
|
Line 185 if(!( -e $dirtry1)) {
|
| exit 6; |
exit 6; |
| } |
} |
| } |
} |
| |
if ($authentication eq "unix:") { |
| |
# check whether group $safeuser exists. |
| |
my $usergroups = `id -nG $safeuser`; |
| |
if (! grep /^$safeuser$/, split(/\s+/,$usergroups)) { |
| |
if($DEBUG) { |
| |
print("Group \"$safeuser\" does not exist or $safeuser is not a member of that group.\n"); |
| |
} |
| |
exit 7; |
| |
} |
| |
} |
| |
|
| &EnableRoot; |
&EnableRoot; |
| |
|
| &System("/bin/mkdir -p $fulldir") unless (-e $fulldir); |
&System("/bin/mkdir -p $fulldir") unless (-e $fulldir); |
|
Line 214 END
|
Line 225 END
|
| close OUT; |
close OUT; |
| } |
} |
| |
|
| &System("/bin/chmod 02775 $fulldir"); |
&System("/bin/chmod 02770 $fulldir"); |
| &System("/bin/chmod 0775 $fulldir"."/index.html"); |
&System("/bin/chmod 0770 $fulldir"."/index.html"); |
| |
|
| |
|
| # Based on the authentiation mode, set the ownership of the directory. |
# Based on the authentiation mode, set the ownership of the directory. |
| |
|
| if($authentication eq "unix:") { # Unix mode authentication... |
if($authentication eq "unix:") { # Unix mode authentication... |
| &System("/bin/chown -R $safeuser".":".$safeuser." ".$fulldir); |
print "Unix auth\n"; |
| |
&System("/bin/chown -R $safeuser:$safeuser"." ".$fulldir); |
| &JoinGroup($safeuser); |
&JoinGroup($safeuser); |
| } else { |
} else { |
| # Internal, Kerberos, and Local authentication are for users |
# Internal, Kerberos, and Local authentication are for users |
|
Line 237 if($authentication eq "unix:") { # Unix
|
Line 249 if($authentication eq "unix:") { # Unix
|
| # user's home directory that can reset ownerships and permissions |
# user's home directory that can reset ownerships and permissions |
| # back the way the used to be. |
# back the way the used to be. |
| |
|
| &write_restore_script($homedir); |
# This can take long enough for lond to time out, so we'll do it |
| |
# in a separate process that we'll not wait for. |
| &System("/bin/chown -R root:root ".$homedir); |
# |
| |
my $fpid = fork; |
| |
if($fpid) { |
| |
&DisableRoot; |
| |
exit 0; |
| |
} else { |
| |
print "Forked\n"; |
| |
POSIX::setsid(); # Disassociate from parent. |
| |
print "Separate session\n"; |
| |
&write_restore_script($homedir); |
| |
print "Restore script written\n"; |
| |
&System("/bin/chown -R root:root ".$homedir); |
| |
&System("/bin/chown -R www:www ".$fulldir); |
| |
print "Exiting\n"; |
| |
exit 0; |
| |
} |
| |
} else { |
| |
&System("/bin/chown -R www:www ".$fulldir); |
| } |
} |
| &System("/bin/chown -R www:www ".$fulldir); |
|
| } |
} |
| &DisableRoot; |
&DisableRoot; |
| |
|
|
Line 283 sub DisableRoot {
|
Line 312 sub DisableRoot {
|
| print("Disable root: id = ".$>."\n"); |
print("Disable root: id = ".$>."\n"); |
| } |
} |
| } |
} |
| |
# |
| |
# Join the www user to the user's group. |
| |
# we must be running with euid as root at this time. |
| |
# |
| sub JoinGroup { |
sub JoinGroup { |
| my $usergroup = shift; |
my $usergroup = shift; |
| |
|
|
Line 302 sub JoinGroup {
|
Line 334 sub JoinGroup {
|
| } |
} |
| exit 6; |
exit 6; |
| } |
} |
| |
if (-e '/var/run/httpd.pid') { |
| |
open(PID,'/var/run/httpd.pid'); |
| |
my $pid=<PID>; |
| |
close(PID); |
| |
my ($safepid) = $pid=~ /(\d+)/; |
| |
$pid = $safepid; |
| |
if ($pid) { |
| |
my $status = system("kill -USR1 $safepid"); |
| |
} |
| |
} |
| } |
} |
| |
|
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to lchtmldir CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom