Annotation of loncom/apachereload, revision 1.7

1.1       foxr        1: #!/usr/bin/perl
                      2: # The Learning Online Network with CAPA
                      3: #
                      4: # apachereload - setuid script that reloads the apache daemon.
                      5: #
1.7     ! raeburn     6: # $Id: apachereload,v 1.6 2006/01/28 00:52:27 albertel Exp $
1.1       foxr        7: #
1.4       albertel    8: # Copyright Michigan State University Board of Trustees
1.1       foxr        9: #
1.4       albertel   10: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
1.3       albertel   11: #
1.4       albertel   12: # LON-CAPA is free software; you can redistribute it and/or modify
                     13: # it under the terms of the GNU General Public License as published by
                     14: # the Free Software Foundation; either version 2 of the License, or 
                     15: # (at your option) any later version.
1.2       albertel   16: #
1.4       albertel   17: # LON-CAPA is distributed in the hope that it will be useful,
                     18: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     19: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     20: # GNU General Public License for more details.
1.2       albertel   21: #
1.4       albertel   22: # You should have received a copy of the GNU General Public License
                     23: # along with LON-CAPA; if not, write to the Free Software
                     24: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     25: #
                     26: # /home/httpd/html/adm/gpl.txt
                     27: #
                     28: # http://www.lon-capa.org/
1.2       albertel   29: #
1.1       foxr       30: 
                     31: 
                     32: use strict;
                     33: #
                     34: #  This script is a setuid script that must be run as user www
                     35: #  it effectively just executes /etc/init.d/httpd reload.
                     36: #  causing the apache daemon to get HUP'd.  The script is
                     37: #  run by lond after re-initing it's host information.
                     38: 
                     39: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
                     40:                                                                # information
                     41: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
                     42: 
                     43: my $command = "/etc/init.d/httpd reload";
1.4       albertel   44: 
                     45: use lib '/home/httpd/lib/perl/';
                     46: use LONCAPA::Configuration;
                     47: my %perlvar= %{&LONCAPA::Configuration::read_conf('loncapa.conf')};
                     48: 
1.6       albertel   49: my ($execdir) = ($perlvar{'lonDaemons'} =~/(.*)/);
1.5       albertel   50: my $dist=`$execdir/distprobe`;
1.2       albertel   51: if ($dist =~ /^(suse|sles)/) {
1.3       albertel   52:     $command = "/etc/init.d/apache reload";
1.2       albertel   53: }
1.1       foxr       54: # Do not print error messages
                     55: my $noprint=1;
                     56: 
                     57: print "In apachereload" unless $noprint;
                     58: 
                     59: # ----------------------------- Make sure this process is running from user=www
                     60: my $wwwid=getpwnam('www');
                     61: &disable_root_capability;
                     62: if ($wwwid!=$>) {
                     63:     print("User ID mismatch.  This program must be run as user 'www'\n")
                     64: 	unless $noprint;
                     65:     exit 1;
                     66: }
                     67: 
                     68: # ----------------------------------- Start running script with www permissions
                     69: &disable_root_capability;
                     70: 
                     71: &enable_root_capability;
                     72: ($>,$<)=(0,0);
                     73: 
                     74: 
                     75: #  Now run the reload:
                     76: #
                     77: 
                     78: system($command);
                     79: 
                     80: &disable_root_capability;
                     81: exit 0;
                     82: 
                     83: # ---------------------------------------------- have setuid script run as root
                     84: sub enable_root_capability {
                     85:     if ($wwwid==$>) {
                     86: 	($<,$>)=($>,0);
                     87: 	($(,$))=($),0);
                     88:     }
                     89:     else {
                     90: 	# root capability is already enabled
                     91:     }
                     92:     return $>;
                     93: }
                     94: 
                     95: # ----------------------------------------------- have setuid script run as www
                     96: sub disable_root_capability {
                     97:     if ($wwwid==$<) {
                     98: 	($<,$>)=($>,$<);
                     99: 	($(,$))=($),$();
                    100:     }
                    101:     else {
                    102: 	# root capability is already disabled
                    103:     }
                    104: }
                    105: 
                    106: =head1 NAME
                    107: 
                    108: apachereload -setuid script to reload the apache web server.
                    109: 
                    110: =head1 DESCRIPTION
                    111: 
                    112: LON-CAPA - setuid script to reload the apache web server.
                    113: 
                    114: =head1 README
                    115: 
                    116: LON-CAPA  setuid script to reload the apache web server.
                    117: 
                    118: =head1 PREREQUISITES
                    119: 
                    120: =head1 COREQUISITES
                    121: 
                    122: =pod OSNAMES
                    123: 
                    124: linux
                    125: 
                    126: =pod SCRIPT CATEGORIES
                    127: 
                    128: LONCAPA/Administrative
                    129: 
                    130: =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>