File:  [LON-CAPA] / loncom / apachereload
Revision 1.4: download - view: text, annotated - select for diffs
Mon Oct 31 16:13:45 2005 UTC (18 years, 5 months ago) by albertel
Branches: MAIN
CVS tags: version_2_1_1, version_2_1_0, version_2_0_X, version_2_0_99_1, HEAD
- load the config files

#!/usr/bin/perl
# The Learning Online Network with CAPA
#
# apachereload - setuid script that reloads the apache daemon.
#
# $Id: apachereload,v 1.4 2005/10/31 16:13:45 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or 
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#


use strict;
#
#  This script is a setuid script that must be run as user www
#  it effectively just executes /etc/init.d/httpd reload.
#  causing the apache daemon to get HUP'd.  The script is
#  run by lond after re-initing it's host information.

$ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
                                                               # information
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints

my $command = "/etc/init.d/httpd reload";

use lib '/home/httpd/lib/perl/';
use LONCAPA::Configuration;
my %perlvar= %{&LONCAPA::Configuration::read_conf('loncapa.conf')};

my $dist=`$perlvar{'lonDaemons'}/distprobe`;
if ($dist =~ /^(suse|sles)/) {
    $command = "/etc/init.d/apache reload";
}
# Do not print error messages
my $noprint=1;

print "In apachereload" unless $noprint;

# ----------------------------- Make sure this process is running from user=www
my $wwwid=getpwnam('www');
&disable_root_capability;
if ($wwwid!=$>) {
    print("User ID mismatch.  This program must be run as user 'www'\n")
	unless $noprint;
    exit 1;
}

# ----------------------------------- Start running script with www permissions
&disable_root_capability;

# --------------------------- Handle case of another apachereload process (locking)
unless (&try_to_lock('/tmp/lock_apachereload')) {
    print "Error. Too many other simultaneous password change requests being ".
	"made.\n" unless $noprint;
    exit 4;
}


&enable_root_capability;
($>,$<)=(0,0);


#  Now run the reload:
#

system($command);

#  Remove the lock file.



&disable_root_capability;
unlink('/tmp/lock_apachereload');
exit 0;

# ---------------------------------------------- have setuid script run as root
sub enable_root_capability {
    if ($wwwid==$>) {
	($<,$>)=($>,0);
	($(,$))=($),0);
    }
    else {
	# root capability is already enabled
    }
    return $>;
}

# ----------------------------------------------- have setuid script run as www
sub disable_root_capability {
    if ($wwwid==$<) {
	($<,$>)=($>,$<);
	($(,$))=($),$();
    }
    else {
	# root capability is already disabled
    }
}

# ----------------------- make sure that another apachereload process isn't running
sub try_to_lock {
    my ($lockfile)=@_;
    my $currentpid;
    my $lastpid;
    # Do not manipulate lock file as root
    if ($>==0) {
	return 0;
    }
    # Try to generate lock file.
    # Wait 3 seconds.  If same process id is in
    # lock file, then assume lock file is stale, and
    # go ahead.  If process id's fluctuate, try
    # for a maximum of 10 times.
    for (0..10) {
	if (-e $lockfile) {
	    open(LOCK,"<$lockfile");
	    $currentpid=<LOCK>;
	    close LOCK;
	    if ($currentpid==$lastpid) {
		last;
	    }
	    sleep 3;
	    $lastpid=$currentpid;
	}
	else {
	    last;
	}
	if ($_==10) {
	    return 0;
	}
    }
    open(LOCK,">$lockfile");
    print LOCK $$;
    close LOCK;
    return 1;
}

=head1 NAME

apachereload -setuid script to reload the apache web server.

=head1 DESCRIPTION

LON-CAPA - setuid script to reload the apache web server.

=head1 README

LON-CAPA  setuid script to reload the apache web server.

=head1 PREREQUISITES

=head1 COREQUISITES

=pod OSNAMES

linux

=pod SCRIPT CATEGORIES

LONCAPA/Administrative

=cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>