File:  [LON-CAPA] / loncom / apachereload
Revision 1.7: download - view: text, annotated - select for diffs
Sat May 14 16:12:53 2011 UTC (12 years, 10 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_11_2_uiuc, version_2_11_2_msu, version_2_11_2_educog, version_2_11_2, version_2_11_1, version_2_11_0_RC3, version_2_11_0_RC2, version_2_11_0_RC1, version_2_11_0, version_2_10_X, version_2_10_1, version_2_10_0, loncapaMITrelate_1, language_hyphenation_merge, language_hyphenation, HEAD, BZ4492-merge, BZ4492-feature_horizontal_radioresponse, BZ4492-feature_Support_horizontal_radioresponse, BZ4492-Support_horizontal_radioresponse
- Duplicated &try_to_lock() routine moved to one location (in LONCAPA.pm).
- Try to get locks for lock_apachereload and lock_lciptables before
  making system calls (in lond and loncron respectively).

    1: #!/usr/bin/perl
    2: # The Learning Online Network with CAPA
    3: #
    4: # apachereload - setuid script that reloads the apache daemon.
    5: #
    6: # $Id: apachereload,v 1.7 2011/05/14 16:12:53 raeburn Exp $
    7: #
    8: # Copyright Michigan State University Board of Trustees
    9: #
   10: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
   11: #
   12: # LON-CAPA is free software; you can redistribute it and/or modify
   13: # it under the terms of the GNU General Public License as published by
   14: # the Free Software Foundation; either version 2 of the License, or 
   15: # (at your option) any later version.
   16: #
   17: # LON-CAPA is distributed in the hope that it will be useful,
   18: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   19: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   20: # GNU General Public License for more details.
   21: #
   22: # You should have received a copy of the GNU General Public License
   23: # along with LON-CAPA; if not, write to the Free Software
   24: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   25: #
   26: # /home/httpd/html/adm/gpl.txt
   27: #
   28: # http://www.lon-capa.org/
   29: #
   30: 
   31: 
   32: use strict;
   33: #
   34: #  This script is a setuid script that must be run as user www
   35: #  it effectively just executes /etc/init.d/httpd reload.
   36: #  causing the apache daemon to get HUP'd.  The script is
   37: #  run by lond after re-initing it's host information.
   38: 
   39: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
   40:                                                                # information
   41: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
   42: 
   43: my $command = "/etc/init.d/httpd reload";
   44: 
   45: use lib '/home/httpd/lib/perl/';
   46: use LONCAPA::Configuration;
   47: my %perlvar= %{&LONCAPA::Configuration::read_conf('loncapa.conf')};
   48: 
   49: my ($execdir) = ($perlvar{'lonDaemons'} =~/(.*)/);
   50: my $dist=`$execdir/distprobe`;
   51: if ($dist =~ /^(suse|sles)/) {
   52:     $command = "/etc/init.d/apache reload";
   53: }
   54: # Do not print error messages
   55: my $noprint=1;
   56: 
   57: print "In apachereload" unless $noprint;
   58: 
   59: # ----------------------------- Make sure this process is running from user=www
   60: my $wwwid=getpwnam('www');
   61: &disable_root_capability;
   62: if ($wwwid!=$>) {
   63:     print("User ID mismatch.  This program must be run as user 'www'\n")
   64: 	unless $noprint;
   65:     exit 1;
   66: }
   67: 
   68: # ----------------------------------- Start running script with www permissions
   69: &disable_root_capability;
   70: 
   71: &enable_root_capability;
   72: ($>,$<)=(0,0);
   73: 
   74: 
   75: #  Now run the reload:
   76: #
   77: 
   78: system($command);
   79: 
   80: &disable_root_capability;
   81: exit 0;
   82: 
   83: # ---------------------------------------------- have setuid script run as root
   84: sub enable_root_capability {
   85:     if ($wwwid==$>) {
   86: 	($<,$>)=($>,0);
   87: 	($(,$))=($),0);
   88:     }
   89:     else {
   90: 	# root capability is already enabled
   91:     }
   92:     return $>;
   93: }
   94: 
   95: # ----------------------------------------------- have setuid script run as www
   96: sub disable_root_capability {
   97:     if ($wwwid==$<) {
   98: 	($<,$>)=($>,$<);
   99: 	($(,$))=($),$();
  100:     }
  101:     else {
  102: 	# root capability is already disabled
  103:     }
  104: }
  105: 
  106: =head1 NAME
  107: 
  108: apachereload -setuid script to reload the apache web server.
  109: 
  110: =head1 DESCRIPTION
  111: 
  112: LON-CAPA - setuid script to reload the apache web server.
  113: 
  114: =head1 README
  115: 
  116: LON-CAPA  setuid script to reload the apache web server.
  117: 
  118: =head1 PREREQUISITES
  119: 
  120: =head1 COREQUISITES
  121: 
  122: =pod OSNAMES
  123: 
  124: linux
  125: 
  126: =pod SCRIPT CATEGORIES
  127: 
  128: LONCAPA/Administrative
  129: 
  130: =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>