--- loncom/Attic/lcuseradd 2004/08/05 10:56:55 1.26 +++ loncom/Attic/lcuseradd 2004/08/06 10:29:37 1.28 @@ -5,16 +5,8 @@ # lcuseradd - LON-CAPA setuid script to coordinate all actions # with adding a user with filesystem privileges (e.g. author) # -# YEAR=2002 -# May 19, 2002 Ron Fox -# - Removed creation of the pulic_html directory. This directory -# can now be added in two ways: -# o The user can add it themselves if they want some local web -# space which may or may not contain construction items. -# o LonCapa will add it if/when the user is granted an Author -# role. # -# $Id: lcuseradd,v 1.26 2004/08/05 10:56:55 foxr Exp $ +# $Id: lcuseradd,v 1.28 2004/08/06 10:29:37 foxr Exp $ ### ############################################################################### @@ -155,14 +147,12 @@ unless (&try_to_lock("/tmp/lock_lcpasswd my @input; if (@ARGV>=3) { @input=@ARGV; -} -elsif (@ARGV) { +} elsif (@ARGV) { print("Error. This program needs at least 3 command-line arguments (username, ". "password 1, password 2 [errorfile]).\n") unless $noprint; unlink('/tmp/lock_lcpasswd'); &Exit(2); -} -else { +} else { @input=<>; if (@input < 3) { print("Error. At least three lines should be entered into standard input.\n") @@ -216,8 +206,7 @@ if($error_file) { Exit(14); } - } - else { + } else { $error_file=""; print "Invalid error filename\n" unless $noprint; Exit(14); @@ -258,6 +247,9 @@ if ($status) { print "Done adding user\n" unless $noprint; # Make www a member of that user group. my $groups=`/usr/bin/groups www` or &Exit(6); +# untaint +my ($safegroups)=($groups=~/([\s\w]+)/); +$groups=$safegroups; chomp $groups; $groups=~s/^\S+\s+\:\s+//; my @grouplist=split(/\s+/,$groups); my @ugrouplist=grep {!/www|$safeusername/} @grouplist; @@ -324,9 +316,9 @@ if (-e '/var/run/httpd.pid') { open(PID,'/var/run/httpd.pid'); my $pid=; close(PID); - $pid=~s/\D+//g; + my ($safepid)=($pid=~s/(\D+)//g); if ($pid) { - system('kill','-USR1',"$pid"); + system('kill','-USR1',"$safepid"); } } # -------------------------------------------------------- Exit script @@ -339,8 +331,7 @@ sub enable_root_capability { if ($wwwid==$>) { ($<,$>)=($>,0); ($(,$))=($),0); - } - else { + } else { # root capability is already enabled } return $>; @@ -351,8 +342,7 @@ sub disable_root_capability { if ($wwwid==$<) { ($<,$>)=($>,$<); ($(,$))=($),$(); - } - else { + } else { # root capability is already disabled } } @@ -381,8 +371,7 @@ sub try_to_lock { } sleep 3; $lastpid=$currentpid; - } - else { + } else { last; } if ($_==10) {