Diff for /loncom/apachereload between versions 1.3 and 1.8

version 1.3, 2005/07/11 15:29:46 version 1.8, 2020/01/25 21:09:17
Line 3 Line 3
 #  #
 # apachereload - setuid script that reloads the apache daemon.  # apachereload - setuid script that reloads the apache daemon.
 #  #
   # $Id$
 #  #
 # $Id  # Copyright Michigan State University Board of Trustees
 #  #
 #  Change log:  # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
 #   $Log$  
 #   Revision 1.3  2005/07/11 15:29:46  albertel  
 #   - it's like I was drunk  
 #  #
 #   Revision 1.2  2005/07/07 22:26:52  albertel  # LON-CAPA is free software; you can redistribute it and/or modify
 #   - suse has apache not httpd  # it under the terms of the GNU General Public License as published by
   # the Free Software Foundation; either version 2 of the License, or 
   # (at your option) any later version.
 #  #
 #   Revision 1.1  2003/09/30 10:06:48  foxr  # LON-CAPA is distributed in the hope that it will be useful,
 #   This is a setuid script that allows the www user to issue  # but WITHOUT ANY WARRANTY; without even the implied warranty of
 #   /etc/init.d/httpd reload  # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   # GNU General Public License for more details.
 #  #
 #   This functionality is required by lond and lonc when they have been asked to  # You should have received a copy of the GNU General Public License
 #   reinitialize themselves.  # along with LON-CAPA; if not, write to the Free Software
   # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 #  #
 #   Initial undebugged version.  # /home/httpd/html/adm/gpl.txt
   #
   # http://www.lon-capa.org/
 #  #
 ###  
   
   
 use strict;  use strict;
 #  #
 #  This script is a setuid script that must be run as user www  #  This script is a setuid script that must be run as user www
 #  it effectively just executes /etc/init.d/httpd reload.  #  it effectively just executes one of the following five commands:
 #  causing the apache daemon to get HUP'd.  The script is  #  /etc/init.d/httpd reload
 #  run by lond after re-initing it's host information.  #  /etc/init.d/apache reload
   #  /etc/init.d/apache2 reload
   #  /bin/systemctl reload httpd.service
   #  /bin/systemctl reload apache2.service
   #  (depending on Linux distro) causing the apache daemon to get HUP'd.
   #  The script is run by lond after re-initing its host information.
   
 $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path  $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
                                                                # information                                                                 # information
 delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints  delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
   
 my $command = "/etc/init.d/httpd reload";  my $command;
 my $dist=`$perlvar{'lonDaemons'}/distprobe`;  my $checker_bin = '/sbin/chkconfig';
 if ($dist =~ /^(suse|sles)/) {  my $sysctl_bin = '/bin/systemctl';
     $command = "/etc/init.d/apache reload";  my $sysv_bin = '/usr/sbin/sysv-rc-conf';
   
   if (-x $sysctl_bin) {
       if (open(PIPE,"$sysctl_bin list-unit-files --type=service 2>/dev/null |")) {
           my @lines = <PIPE>;
           chomp(@lines);
           close(PIPE);
           if (grep(/^httpd\.service/,@lines)) {
               $command = '/bin/systemctl reload httpd.service';
           } elsif (grep(/^apache2\.service/,@lines)) {
               $command = '/bin/systemctl reload apache2.service';
           }
       }
   }
   if (($command eq '') && (-x $checker_bin)) {
       if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
           my @lines = <PIPE>;
           chomp(@lines);
           close(PIPE);
           if (grep(/^httpd/,@lines)) {
               $command = '/etc/init.d/httpd reload';
           } elsif (grep(/^apache2/,@lines)) {
               $command = '/etc/init.d/apache2 reload';
           } elsif (grep(/^apache\s+/,@lines)) {
               $command = '/etc/init.d/apache reload';
           }
       }
   } 
   if (($command eq '') && (-x $sysv_bin)) {
       if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
           my @lines = <PIPE>;
           chomp(@lines);
           close(PIPE);
           if (grep(/^apache2/,@lines)) {
               $command = '/etc/init.d/apache2 reload';
           } elsif (grep(/^apache\s+/,@lines)) {
               $command = '/etc/init.d/apache reload';
           }
       }
 }  }
   
 # Do not print error messages  # Do not print error messages
 my $noprint=1;  my $noprint=1;
   
 print "In apachereload" unless $noprint;  if ($command eq '') {
       print("Could not determine command to reload Apache.\n")
           unless $noprint;
       exit 1;
   } else {
       print "In apachereload" unless $noprint;
   }
   
 # ----------------------------- Make sure this process is running from user=www  # ----------------------------- Make sure this process is running from user=www
 my $wwwid=getpwnam('www');  my $wwwid=getpwnam('www');
Line 59  if ($wwwid!=$>) { Line 112  if ($wwwid!=$>) {
 # ----------------------------------- Start running script with www permissions  # ----------------------------------- Start running script with www permissions
 &disable_root_capability;  &disable_root_capability;
   
 # --------------------------- Handle case of another apachereload process (locking)  
 unless (&try_to_lock('/tmp/lock_apachereload')) {  
     print "Error. Too many other simultaneous password change requests being ".  
  "made.\n" unless $noprint;  
     exit 4;  
 }  
   
   
 &enable_root_capability;  &enable_root_capability;
 ($>,$<)=(0,0);  ($>,$<)=(0,0);
   
Line 74  unless (&try_to_lock('/tmp/lock_apachere Line 119  unless (&try_to_lock('/tmp/lock_apachere
 #  Now run the reload:  #  Now run the reload:
 #  #
   
 system($command);  system("$command > /dev/null 2>&1);
   
 #  Remove the lock file.  
   
   
   
 &disable_root_capability;  &disable_root_capability;
 unlink('/tmp/lock_apachereload');  
 exit 0;  exit 0;
   
 # ---------------------------------------------- have setuid script run as root  # ---------------------------------------------- have setuid script run as root
Line 107  sub disable_root_capability { Line 147  sub disable_root_capability {
     }      }
 }  }
   
 # ----------------------- make sure that another apachereload process isn't running  
 sub try_to_lock {  
     my ($lockfile)=@_;  
     my $currentpid;  
     my $lastpid;  
     # Do not manipulate lock file as root  
     if ($>==0) {  
  return 0;  
     }  
     # Try to generate lock file.  
     # Wait 3 seconds.  If same process id is in  
     # lock file, then assume lock file is stale, and  
     # go ahead.  If process id's fluctuate, try  
     # for a maximum of 10 times.  
     for (0..10) {  
  if (-e $lockfile) {  
     open(LOCK,"<$lockfile");  
     $currentpid=<LOCK>;  
     close LOCK;  
     if ($currentpid==$lastpid) {  
  last;  
     }  
     sleep 3;  
     $lastpid=$currentpid;  
  }  
  else {  
     last;  
  }  
  if ($_==10) {  
     return 0;  
  }  
     }  
     open(LOCK,">$lockfile");  
     print LOCK $$;  
     close LOCK;  
     return 1;  
 }  
   
 =head1 NAME  =head1 NAME
   
 apachereload -setuid script to reload the apache web server.  apachereload -setuid script to reload the apache web server.

Removed from v.1.3  
changed lines
  Added in v.1.8


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>