Diff for /loncom/apachereload between versions 1.6 and 1.8

version 1.6, 2006/01/28 00:52:27 version 1.8, 2020/01/25 21:09:17
Line 32 Line 32
 use strict;  use strict;
 #  #
 #  This script is a setuid script that must be run as user www  #  This script is a setuid script that must be run as user www
 #  it effectively just executes /etc/init.d/httpd reload.  #  it effectively just executes one of the following five commands:
 #  causing the apache daemon to get HUP'd.  The script is  #  /etc/init.d/httpd reload
 #  run by lond after re-initing it's host information.  #  /etc/init.d/apache reload
   #  /etc/init.d/apache2 reload
   #  /bin/systemctl reload httpd.service
   #  /bin/systemctl reload apache2.service
   #  (depending on Linux distro) causing the apache daemon to get HUP'd.
   #  The script is run by lond after re-initing its host information.
   
 $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path  $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
                                                                # information                                                                 # information
 delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints  delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
   
 my $command = "/etc/init.d/httpd reload";  my $command;
   my $checker_bin = '/sbin/chkconfig';
 use lib '/home/httpd/lib/perl/';  my $sysctl_bin = '/bin/systemctl';
 use LONCAPA::Configuration;  my $sysv_bin = '/usr/sbin/sysv-rc-conf';
 my %perlvar= %{&LONCAPA::Configuration::read_conf('loncapa.conf')};  
   if (-x $sysctl_bin) {
 my ($execdir) = ($perlvar{'lonDaemons'} =~/(.*)/);      if (open(PIPE,"$sysctl_bin list-unit-files --type=service 2>/dev/null |")) {
 my $dist=`$execdir/distprobe`;          my @lines = <PIPE>;
 if ($dist =~ /^(suse|sles)/) {          chomp(@lines);
     $command = "/etc/init.d/apache reload";          close(PIPE);
           if (grep(/^httpd\.service/,@lines)) {
               $command = '/bin/systemctl reload httpd.service';
           } elsif (grep(/^apache2\.service/,@lines)) {
               $command = '/bin/systemctl reload apache2.service';
           }
       }
   }
   if (($command eq '') && (-x $checker_bin)) {
       if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
           my @lines = <PIPE>;
           chomp(@lines);
           close(PIPE);
           if (grep(/^httpd/,@lines)) {
               $command = '/etc/init.d/httpd reload';
           } elsif (grep(/^apache2/,@lines)) {
               $command = '/etc/init.d/apache2 reload';
           } elsif (grep(/^apache\s+/,@lines)) {
               $command = '/etc/init.d/apache reload';
           }
       }
   } 
   if (($command eq '') && (-x $sysv_bin)) {
       if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
           my @lines = <PIPE>;
           chomp(@lines);
           close(PIPE);
           if (grep(/^apache2/,@lines)) {
               $command = '/etc/init.d/apache2 reload';
           } elsif (grep(/^apache\s+/,@lines)) {
               $command = '/etc/init.d/apache reload';
           }
       }
 }  }
   
 # Do not print error messages  # Do not print error messages
 my $noprint=1;  my $noprint=1;
   
 print "In apachereload" unless $noprint;  if ($command eq '') {
       print("Could not determine command to reload Apache.\n")
           unless $noprint;
       exit 1;
   } else {
       print "In apachereload" unless $noprint;
   }
   
 # ----------------------------- Make sure this process is running from user=www  # ----------------------------- Make sure this process is running from user=www
 my $wwwid=getpwnam('www');  my $wwwid=getpwnam('www');
Line 68  if ($wwwid!=$>) { Line 112  if ($wwwid!=$>) {
 # ----------------------------------- Start running script with www permissions  # ----------------------------------- Start running script with www permissions
 &disable_root_capability;  &disable_root_capability;
   
 # --------------------------- Handle case of another apachereload process (locking)  
 unless (&try_to_lock('/tmp/lock_apachereload')) {  
     print "Error. Too many other simultaneous password change requests being ".  
  "made.\n" unless $noprint;  
     exit 4;  
 }  
   
   
 &enable_root_capability;  &enable_root_capability;
 ($>,$<)=(0,0);  ($>,$<)=(0,0);
   
Line 83  unless (&try_to_lock('/tmp/lock_apachere Line 119  unless (&try_to_lock('/tmp/lock_apachere
 #  Now run the reload:  #  Now run the reload:
 #  #
   
 system($command);  system("$command > /dev/null 2>&1);
   
 #  Remove the lock file.  
   
   
   
 &disable_root_capability;  &disable_root_capability;
 unlink('/tmp/lock_apachereload');  
 exit 0;  exit 0;
   
 # ---------------------------------------------- have setuid script run as root  # ---------------------------------------------- have setuid script run as root
Line 116  sub disable_root_capability { Line 147  sub disable_root_capability {
     }      }
 }  }
   
 # ----------------------- make sure that another apachereload process isn't running  
 sub try_to_lock {  
     my ($lockfile)=@_;  
     my $currentpid;  
     my $lastpid;  
     # Do not manipulate lock file as root  
     if ($>==0) {  
  return 0;  
     }  
     # Try to generate lock file.  
     # Wait 3 seconds.  If same process id is in  
     # lock file, then assume lock file is stale, and  
     # go ahead.  If process id's fluctuate, try  
     # for a maximum of 10 times.  
     for (0..10) {  
  if (-e $lockfile) {  
     open(LOCK,"<$lockfile");  
     $currentpid=<LOCK>;  
     close LOCK;  
     if ($currentpid==$lastpid) {  
  last;  
     }  
     sleep 3;  
     $lastpid=$currentpid;  
  }  
  else {  
     last;  
  }  
  if ($_==10) {  
     return 0;  
  }  
     }  
     open(LOCK,">$lockfile");  
     print LOCK $$;  
     close LOCK;  
     return 1;  
 }  
   
 =head1 NAME  =head1 NAME
   
 apachereload -setuid script to reload the apache web server.  apachereload -setuid script to reload the apache web server.

Removed from v.1.6  
changed lines
  Added in v.1.8


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>