Annotation of loncom/lchtmldir, revision 1.18

1.7       albertel    1: #!/usr/bin/perl
1.1       foxr        2: 
                      3: # The Learning Online Network with CAPA
                      4: #
                      5: # Copyright Michigan State University Board of Trustees
                      6: #
                      7: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                      8: #
                      9: # LON-CAPA is free software; you can redistribute it and/or modify
                     10: # it under the terms of the GNU General Public License as published by
                     11: # the Free Software Foundation; either version 2 of the License, or
                     12: # (at your option) any later version.
                     13: #
                     14: # LON-CAPA is distributed in the hope that it will be useful,
                     15: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     16: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     17: # GNU General Public License for more details.
                     18: #
                     19: # You should have received a copy of the GNU General Public License
                     20: # along with LON-CAPA; if not, write to the Free Software
                     21: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     22: #
                     23: # /home/httpd/html/adm/gpl.txt
                     24: #
                     25: # http://www.lon-capa.org/
                     26: #
                     27: #  lchtmldir - LONC-CAPA setuid script to:
                     28: #              o If necessary, add a public_html directory 
                     29: #                to the specified user home directory.
                     30: #              o Set the permissions according to the authentication type.
                     31: #
                     32: #  Motivations:
                     33: #     Originally, account creation would create a public_html
                     34: #     directory for unix authorized people only.  It is possible to have
                     35: #     Kerberos, internal and locally authorized 'users' which may be authors
                     36: #     and hence need a properly owned an protected public_html directory
                     37: #     to serve as their construction space.
                     38: #
                     39: #  Author:
                     40: #    Ron Fox
                     41: #    NSCL
                     42: #    Michigan State University8
                     43: #    East Lansing, MI 48824-1321
1.17      foxr       44: #
1.1       foxr       45: #   General flow of control:
                     46: #   1. Validate process state (must be run as www).
                     47: #   2. Validate parameters:  Need two parameters:
                     48: #         o Homedir  - Home diretory of user 
                     49: #         o Username - Name of the user.
                     50: #         o AuthMode - Authentication mode, can be:
                     51: #                      - unix
                     52: #                      - internal
                     53: #                      - krb4
                     54: #                      - localauth
                     55: #  3. Untaint the usename and home directory
                     56: #
                     57: #  4. As root if necessary, create $Homedir/public_html
                     58: #  5. Set ownership/permissions according to authentication mode (AuthMode)
                     59: #       - unix - ~owner:www/2775
                     60: #       - krb4 - ~owner:www/2775
                     61: #       - internal - www:www/2775
                     62: #       - local    - www:www/2775
                     63: #
1.17      foxr       64: #
1.1       foxr       65: #
                     66: #   Take a few precautions to be sure that we're not vulnerable to trojan
                     67: #   horses and other fine issues:
                     68: #
                     69: use strict; 
1.10      foxr       70: use Fcntl qw(:mode);
                     71: use DirHandle;
1.12      foxr       72: use POSIX;
1.18    ! raeburn    73: use lib '/home/httpd/lib/perl/';
        !            74: use LONCAPA qw(:match);
1.1       foxr       75: 
                     76: $ENV{'PATH'} = '/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl';
                     77: delete @ENV{qw{IFS CDPATH ENV BASH_ENV}};
                     78: 
1.12      foxr       79: my $DEBUG = 1;                         # .nonzero -> Debug printing enabled.
1.10      foxr       80: my $path_sep = "/";		# Unix like operating systems.
1.1       foxr       81: 
                     82: 
                     83: # If the UID of the running process is not www exit with error.
                     84: 
                     85: if ($DEBUG) {
                     86:     print("Checking uid...\n");
                     87: }
                     88: my $wwwid = getpwnam('www');
                     89: &DisableRoot;
                     90: if($wwwid != $>) {
                     91:     if ($DEBUG) {
                     92: 	print("User ID incorrect.  This program must be run as user 'www'\n");
                     93:     }
                     94:     exit 1;			# Exit with error status.
                     95: }
                     96: 
                     97: # There must be three 'command line' parameters.  The first
                     98: # is the home directory of the user.
                     99: # The second is the name of the user.  This is only referenced
                    100: # in code branches dealing with unix mode authentication.
                    101: # The last is the authentication mode which must be one of unix, internal
                    102: # krb4 or localauth.
                    103: #   If there is an error in the argument count or countents, we exit with an
                    104: # error.
                    105: 
                    106: if ($DEBUG) {
                    107:     print("Checking parameters: \n");
                    108: }
                    109: if(@ARGV != 3) {
                    110:     if($DEBUG) {
                    111: 	print("Error: lchtmldir need 3 parameters \n");
                    112:     }
                    113:     exit 2;
                    114: }
                    115: my ($dir,$username,$authentication) = @ARGV;
                    116: 
                    117: if($DEBUG) {
                    118:     print ("Directory = $dir \n");
                    119:     print ("User      = $username \n");
                    120:     print ("Authmode  = $authentication \n");
                    121: 
                    122: }
                    123: 
1.2       foxr      124: if( $authentication ne "unix:"     &&
                    125:     $authentication ne "internal:" &&
1.4       matthew   126:     $authentication !~ /^krb(4|5):(.*)/ &&
1.2       foxr      127:     $authentication ne "localauth:") {
1.1       foxr      128:     if($DEBUG) {
                    129: 	print("Invalid authentication parameter: ".$authentication."\n");
                    130: 	print("Should be one of: unix, internal, krb4, localauth\n");
                    131:     }
                    132:     exit 3;
                    133: }
                    134: 
                    135: # Untaint the username.
                    136: 
1.18    ! raeburn   137: my $match = $username =~ /^($match_username)$/;
1.1       foxr      138: my $patt  = $1;
                    139:  
                    140: if($DEBUG) {
                    141:    print("Username word match flag = ".$match."\n");
                    142:     print("Match value = ".$patt."\n");
                    143: }
                    144: 
                    145: my $safeuser = $patt;
                    146: if($DEBUG) {
                    147:     print("Save username = $safeuser \n");
                    148: }
1.18    ! raeburn   149: if($username ne $safeuser) {
1.1       foxr      150:     if($DEBUG) {
                    151: 	print("User name $username had illegal characters\n");
                    152:     }
                    153:     exit 4;
                    154: }
                    155: 
                    156: #untaint the base directory require that the dir contain only 
                    157: # alphas, / numbers or underscores, and end in /$safeuser
                    158: 
1.18    ! raeburn   159: $dir =~ /(^([\w\/\.\-]+))/;
1.1       foxr      160: 
                    161: my $dirtry1 = $1;
                    162: 
                    163: $dir =~ /$\/$safeuser/;
                    164: my $dirtry2 = $1;
                    165: 
                    166: if(($dirtry1 ne $dir) or ($dirtry2 ne $dir)) {
                    167:     if ($DEBUG) {
                    168: 	print("Directory $dir is not a valid home for $safeuser\n");
                    169:     }
                    170:     exit 5;
                    171: }
                    172: 
                    173: 
                    174: # As root, create the directory.
                    175: 
1.9       foxr      176: my $homedir = $dirtry1;
                    177: my $fulldir = $homedir."/public_html";
                    178: 
1.1       foxr      179: if($DEBUG) {
                    180:     print("Full directory path is: $fulldir \n");
                    181: }
                    182: if(!( -e $dirtry1)) {
                    183:     if($DEBUG) {
                    184: 	print("User's home directory $dirtry1 does not exist\n");
                    185:     }
1.4       matthew   186:     if ($authentication eq "unix:") {
                    187:         exit 6;
                    188:     }
1.1       foxr      189: }
1.16      albertel  190: if ($authentication eq "unix:") {
                    191:     # check whether group $safeuser exists.
                    192:     my $usergroups = `id -nG $safeuser`;
                    193:     if (! grep /^$safeuser$/, split(/\s+/,$usergroups)) { 
                    194:         if($DEBUG) {
                    195:             print("Group \"$safeuser\" does not exist or $safeuser is not a member of that group.\n");
                    196:         }
                    197:         exit 7;
                    198:     }
                    199: }
                    200: 
1.17      foxr      201: 
                    202: 
1.1       foxr      203: &EnableRoot;
                    204: 
1.17      foxr      205: #  If authentication is internal and the top level directory exists
                    206: #  give it the right permissions (in case this is a modification.
                    207: 
                    208: if ($authentication eq "internal:") {
                    209:     chmod(0711, $homedir);	# so www can enter ~/public_html.
                    210: }
                    211: 
1.3       foxr      212: &System("/bin/mkdir -p $fulldir")   unless (-e $fulldir);
1.1       foxr      213:     unless(-e $fulldir."/index.html") {
                    214: 	open OUT,">".$fulldir."/index.html";
                    215: 	print OUT<<END;
                    216: 	<html>
                    217: 	<head>
                    218: 	<title>$safeuser</title>
                    219:         </head>
1.5       www       220:         <body bgcolor="#ccffdd">
                    221:         <h1>$safeuser Construction Space</h1>
                    222:           <h2>
                    223:             The Learning<i>Online</i> Network with Computer-Assisted Personalized Approach
                    224:           </h2>
1.1       foxr      225:           <p>
1.5       www       226: This is your construction space within LON-CAPA, where you would construct resources which are meant to be
                    227: used across courses and institutions.
1.1       foxr      228:           </p>
                    229:           <p>
1.5       www       230: Material within this area can only be seen and edited by $safeuser and designated co-authors. To make
                    231: it available to students and other instructors, the material needs to be published.
1.1       foxr      232:           </p>
                    233:         </body>
                    234:        </html>
                    235: END
                    236:     close OUT;
                    237:     }
1.9       foxr      238: 
1.13      foxr      239: &System("/bin/chmod  02770  $fulldir");
                    240: &System("/bin/chmod  0770  $fulldir"."/index.html");
1.1       foxr      241: 
                    242: 
                    243: # Based on the authentiation mode, set the ownership of the directory.
                    244: 
1.2       foxr      245: if($authentication eq "unix:") {	# Unix mode authentication...
1.15      foxr      246:     print "Unix auth\n";
1.14      foxr      247:     &System("/bin/chown -R   $safeuser:$safeuser"." ".$fulldir);
1.6       albertel  248:     &JoinGroup($safeuser);
1.4       matthew   249: } else {
                    250:     # Internal, Kerberos, and Local authentication are for users
                    251:     # who do not have unix accounts on the system.  Therefore we
                    252:     # will give ownership of their public_html directories to www:www
1.9       foxr      253:     # If the user is an internal auth user, the rest of the directory tree
                    254:     # gets owned by root.  This chown is needed in case what's really happening
                    255:     # is that a file system user is being demoted to internal user...
                    256: 
                    257:     if($authentication eq "internal:") {
1.11      foxr      258: 	#  In case the user was a unix/filesystem authenticated user,
                    259: 	#  we'll take a bit of time here to write  a script in the
                    260: 	#  user's home directory that can reset ownerships and permissions
                    261: 	#  back the way the used to be.
                    262: 
1.12      foxr      263: 	# This can take long enough for lond to time out, so we'll do it
                    264: 	# in a separate process that we'll not wait for.
                    265: 	#
                    266: 	my $fpid = fork;
                    267: 	if($fpid) {
                    268: 	    &DisableRoot;
                    269: 	    exit 0;
                    270: 	} else {
                    271: 	    print "Forked\n";
                    272: 	    POSIX::setsid();	# Disassociate from parent.
                    273: 	    print "Separate session\n";
                    274: 	    &write_restore_script($homedir);
                    275: 	    print "Restore script written\n";
                    276: 	    &System("/bin/chown -R root:root ".$homedir);
                    277: 	    &System("/bin/chown -R www:www  ".$fulldir);
                    278: 	    print "Exiting\n";
                    279: 	    exit 0;
                    280: 	}
                    281:     } else {
                    282: 	&System("/bin/chown -R www:www  ".$fulldir);
                    283:     }
1.11      foxr      284: 
1.1       foxr      285: }
                    286: &DisableRoot;
                    287: 
                    288: exit 0;
                    289: 
                    290: #----------------------------------------------------------------------
                    291: #
                    292: #  Local utility procedures.
                    293: #  These include:
                    294: #     EnableRoot - Start running as root.
                    295: #     DisableRoot- Stop running as root.
                    296: #     JoinGroup  - Join www to the specified group.
                    297: 
                    298: # Turn on as root:
                    299: 
                    300: sub EnableRoot {
                    301:     if ($wwwid==$>) {
                    302: 	($<,$>)=($>,$<);
                    303: 	($(,$))=($),$();
                    304:     }
                    305:     else {
                    306: 	# root capability is already enabled
                    307:     }
                    308:     if($DEBUG) {
1.4       matthew   309: 	print("Enable Root - id =  $> $<\n");
1.1       foxr      310:     }
                    311:     return $>;  
                    312: }
                    313: 
                    314: sub DisableRoot {
                    315:     if ($wwwid==$<) {
                    316: 	($<,$>)=($>,$<);
                    317: 	($(,$))=($),$();
                    318:     }
                    319:     else {
                    320: 	# root capability is already disabled
                    321:     }
                    322:     if($DEBUG) {
                    323: 	print("Disable root: id = ".$>."\n");
                    324:     }
                    325: }
1.15      foxr      326: #
                    327: #  Join the www user to the user's group.
                    328: #  we must be running with euid as root at this time.
                    329: #
1.1       foxr      330: sub JoinGroup {
                    331:     my $usergroup = shift;
                    332: 
                    333:     my $groups = `/usr/bin/groups www`;
1.6       albertel  334:     # untaint
1.8       albertel  335:     my ($safegroups)=($groups=~/:\s+([\s\w]+)/);
1.6       albertel  336:     $groups=$safegroups;
1.1       foxr      337:     chomp $groups; $groups=~s/^\S+\s+\:\s+//;
                    338:     my @grouplist=split(/\s+/,$groups);
                    339:     my @ugrouplist=grep {!/www|$usergroup/} @grouplist;
                    340:     my $gl=join(',',(@ugrouplist,$usergroup));
                    341:     if (&System('/usr/sbin/usermod','-G',$gl,'www')) {
                    342: 	if($DEBUG) {
                    343: 	    print "Error. Could not make www a member of the group ".
                    344: 		"\"$usergroup\".\n";
                    345: 	}
                    346: 	exit 6;
                    347:     }
1.15      foxr      348:     if (-e '/var/run/httpd.pid') {
                    349: 	open(PID,'/var/run/httpd.pid');
                    350: 	my $pid=<PID>;
                    351: 	close(PID);
                    352: 	my ($safepid) = $pid=~ /(\d+)/;
                    353: 	$pid = $safepid;
                    354: 	if ($pid) {
                    355: 	    my $status = system("kill -USR1 $safepid");
                    356: 	}
                    357:     }
1.1       foxr      358: }
                    359: 
                    360: 
                    361: 
                    362: sub System {
1.6       albertel  363:     my ($command,@args) = @_;
1.1       foxr      364:     if($DEBUG) {
1.6       albertel  365: 	print("system: $command with args ".join(' ',@args)."\n");
1.1       foxr      366:     }
1.6       albertel  367:     system($command,@args);
1.1       foxr      368: }
                    369: 
                    370: 
                    371: 
                    372: 
1.10      foxr      373: 
                    374: #
                    375: #   This file contains code to recursively process
                    376: #   a Directory.  This is a bit more powerful
                    377: #   than File::Find in that we pass the full
                    378: #   stat info to the processing function.
                    379: #     For each file in the specified directory subtree, 
                    380: #   The user's Code reference is invoked for all files, regular and otherwise
                    381: #   except:
                    382: #      ., ..
                    383: #
                    384: #  Parameters:
                    385: #     code_ref    - Code reference, invoked for each file in the tree.
                    386: #                   as follows:  CodeRef(directory, name, statinfo)
                    387: #                   directory the path to the directory holding the file.
                    388: #                   name      the name of the file within Directory.
                    389: #                   statinfo  a reference to the stat of the file.
                    390: #     start_dir   - The starting point of the directory walk.
                    391: #
                    392: # NOTE:
                    393: #   Yes, we could have just used File::Find, but since we have to get the
                    394: #   stat anyway, this is actually simpler, as File::Find would have gotten
                    395: #   the stat to figure out the file type and then we would have gotten it
                    396: #   again.
                    397: #
                    398: 
                    399: sub process_tree {
                    400:     my ($code_ref, $start_dir)  = @_;
                    401: 
                    402:     my $dir = new DirHandle $start_dir; 
                    403:     if (!defined($dir)) {
                    404:         print "Failed to  open dirhandle: $start_dir\n";
                    405:     }
                    406: 
                    407:     # Now iterate through this level of the tree:
                    408: 
                    409:     while (defined (my $name = $dir->read)) {
                    410: 	next if $name =~/^\.\.?$/;       # Skip ., .. (see cookbook pg 319)
                    411: 	
                    412: 	my $full_name   = $start_dir.$path_sep.$name; # Full filename path.
                    413: 	my @stat_info  = lstat($full_name);
                    414: 	my $mode       = $stat_info[2];
                    415: 	my $type       = $mode & 0170000; #  File type.
                    416: 
                    417: 	# Unless the file type is a symlink, call the user code:
                    418: 
                    419: 	unless ($type == S_IFLNK) {
                    420: 	    &$code_ref($start_dir, $name, \@stat_info);
                    421: 	}
                    422: 
                    423: 	# If the entry is a directory, we need to recurse:
                    424: 
                    425: 
                    426: 	if (($type ==  S_IFDIR) != 0) {
                    427: 	    &process_tree($code_ref, $full_name);
                    428: 	}
                    429:     }
                    430: 
                    431: }
                    432: #
1.11      foxr      433: #   Callback from process_tree to write the script lines
                    434: #   requried to restore files to current ownership and permission.
                    435: # Parameters:
                    436: #    dir         - Name of the directory the file lives in.
                    437: #    name        - Name of the file itself.
                    438: #    statinfo    - Array from lstat called on the file.
                    439: #
1.10      foxr      440: #
                    441: sub write_script {
                    442:     my ($dir, $name, $statinfo) = @_;
                    443: 
                    444:     my $fullname = $dir.$path_sep.$name;
                    445: 
                    446:     #  We're going to '' the name, but we need to deal with embedded
                    447:     #  ' characters.  Using " is much worse as we'd then have to
                    448:     #  escape all the shell escapes too.  This way all we need
                    449:     #  to do is replace ' with '\''
                    450: 
                    451:     $fullname =~ s/\'/\'\\\'\'/g;
                    452: 
                    453:     my $perms    = $statinfo->[2] & 0777; # Just permissions.
                    454:     printf CHMODSCRIPT "chmod 0%o '%s'\n", $perms, $fullname;
                    455:     printf CHMODSCRIPT "chown %d:%d '%s'\n", $statinfo->[4], $statinfo->[5], 
                    456:                                          $fullname
                    457: 
                    458: 
                    459: }
1.11      foxr      460: # 
                    461: #    Write a script in the user's home directory that can restore
                    462: #    the permissions and ownerhips of all the files in the directory
                    463: #    tree to their current ownerships and permissions.  This is done
                    464: #    prior to making the user into an internally authenticated user
                    465: #    in case they were previously file system authenticated and
                    466: #    need to go back.
                    467: #      The file we will create will be of the form
                    468: #        restore_n.sh  Where n is a number that we will keep
                    469: #   incrementing as needed until there isn't a file by that name.
                    470: #   
                    471: # Parameters:
                    472: #    dir      - Path to the user's home directory.
                    473: #
                    474: sub write_restore_script {
                    475:     my ($dir)   = @_;
                    476: 
                    477:     #   Create a unique file:
                    478: 
                    479:     my $version_number     = 0;
                    480:     my $filename           = 'restore_'.$version_number.'.sh';
                    481:     my $full_name           = $dir.$path_sep.$filename;
                    482: 
                    483:     while(-e $full_name) {
                    484: 	$version_number++;
                    485: 	$filename         = 'restore_'.$version_number.'.sh';
                    486: 	$full_name        = $dir.$path_sep.$filename;
                    487:     }
                    488:     # $full_name is the full path of a file that does not yet exist
                    489:     # of the form we want:
                    490: 
                    491:     open(CHMODSCRIPT, "> $full_name");
                    492: 
                    493:     &process_tree(\&write_script, $dir);
                    494: 
                    495:     close(CHMODSCRIPT);
                    496: 
                    497:     chmod(0750, $full_name);
                    498: 
                    499: }
1.10      foxr      500: 
                    501: 
                    502: 
                    503: 

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>