File:  [LON-CAPA] / loncom / apachereload
Revision 1.9: download - view: text, annotated - select for diffs
Sat May 9 16:40:32 2020 UTC (3 years, 10 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X, version_2_11_X, version_2_11_4_uiuc, version_2_11_4_msu, version_2_11_4, version_2_11_3_uiuc, version_2_11_3_msu, version_2_11_3, HEAD
- Fix typo

    1: #!/usr/bin/perl
    2: # The Learning Online Network with CAPA
    3: #
    4: # apachereload - setuid script that reloads the apache daemon.
    5: #
    6: # $Id: apachereload,v 1.9 2020/05/09 16:40:32 raeburn Exp $
    7: #
    8: # Copyright Michigan State University Board of Trustees
    9: #
   10: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
   11: #
   12: # LON-CAPA is free software; you can redistribute it and/or modify
   13: # it under the terms of the GNU General Public License as published by
   14: # the Free Software Foundation; either version 2 of the License, or 
   15: # (at your option) any later version.
   16: #
   17: # LON-CAPA is distributed in the hope that it will be useful,
   18: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   19: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   20: # GNU General Public License for more details.
   21: #
   22: # You should have received a copy of the GNU General Public License
   23: # along with LON-CAPA; if not, write to the Free Software
   24: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   25: #
   26: # /home/httpd/html/adm/gpl.txt
   27: #
   28: # http://www.lon-capa.org/
   29: #
   30: 
   31: 
   32: use strict;
   33: #
   34: #  This script is a setuid script that must be run as user www
   35: #  it effectively just executes one of the following five commands:
   36: #  /etc/init.d/httpd reload
   37: #  /etc/init.d/apache reload
   38: #  /etc/init.d/apache2 reload
   39: #  /bin/systemctl reload httpd.service
   40: #  /bin/systemctl reload apache2.service
   41: #  (depending on Linux distro) causing the apache daemon to get HUP'd.
   42: #  The script is run by lond after re-initing its host information.
   43: 
   44: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
   45:                                                                # information
   46: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
   47: 
   48: my $command;
   49: my $checker_bin = '/sbin/chkconfig';
   50: my $sysctl_bin = '/bin/systemctl';
   51: my $sysv_bin = '/usr/sbin/sysv-rc-conf';
   52: 
   53: if (-x $sysctl_bin) {
   54:     if (open(PIPE,"$sysctl_bin list-unit-files --type=service 2>/dev/null |")) {
   55:         my @lines = <PIPE>;
   56:         chomp(@lines);
   57:         close(PIPE);
   58:         if (grep(/^httpd\.service/,@lines)) {
   59:             $command = '/bin/systemctl reload httpd.service';
   60:         } elsif (grep(/^apache2\.service/,@lines)) {
   61:             $command = '/bin/systemctl reload apache2.service';
   62:         }
   63:     }
   64: }
   65: if (($command eq '') && (-x $checker_bin)) {
   66:     if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
   67:         my @lines = <PIPE>;
   68:         chomp(@lines);
   69:         close(PIPE);
   70:         if (grep(/^httpd/,@lines)) {
   71:             $command = '/etc/init.d/httpd reload';
   72:         } elsif (grep(/^apache2/,@lines)) {
   73:             $command = '/etc/init.d/apache2 reload';
   74:         } elsif (grep(/^apache\s+/,@lines)) {
   75:             $command = '/etc/init.d/apache reload';
   76:         }
   77:     }
   78: } 
   79: if (($command eq '') && (-x $sysv_bin)) {
   80:     if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
   81:         my @lines = <PIPE>;
   82:         chomp(@lines);
   83:         close(PIPE);
   84:         if (grep(/^apache2/,@lines)) {
   85:             $command = '/etc/init.d/apache2 reload';
   86:         } elsif (grep(/^apache\s+/,@lines)) {
   87:             $command = '/etc/init.d/apache reload';
   88:         }
   89:     }
   90: }
   91: 
   92: # Do not print error messages
   93: my $noprint=1;
   94: 
   95: if ($command eq '') {
   96:     print("Could not determine command to reload Apache.\n")
   97:         unless $noprint;
   98:     exit 1;
   99: } else {
  100:     print "In apachereload" unless $noprint;
  101: }
  102: 
  103: # ----------------------------- Make sure this process is running from user=www
  104: my $wwwid=getpwnam('www');
  105: &disable_root_capability;
  106: if ($wwwid!=$>) {
  107:     print("User ID mismatch.  This program must be run as user 'www'\n")
  108: 	unless $noprint;
  109:     exit 1;
  110: }
  111: 
  112: # ----------------------------------- Start running script with www permissions
  113: &disable_root_capability;
  114: 
  115: &enable_root_capability;
  116: ($>,$<)=(0,0);
  117: 
  118: 
  119: #  Now run the reload:
  120: #
  121: 
  122: system("$command > /dev/null 2>&1");
  123: 
  124: &disable_root_capability;
  125: exit 0;
  126: 
  127: # ---------------------------------------------- have setuid script run as root
  128: sub enable_root_capability {
  129:     if ($wwwid==$>) {
  130: 	($<,$>)=($>,0);
  131: 	($(,$))=($),0);
  132:     }
  133:     else {
  134: 	# root capability is already enabled
  135:     }
  136:     return $>;
  137: }
  138: 
  139: # ----------------------------------------------- have setuid script run as www
  140: sub disable_root_capability {
  141:     if ($wwwid==$<) {
  142: 	($<,$>)=($>,$<);
  143: 	($(,$))=($),$();
  144:     }
  145:     else {
  146: 	# root capability is already disabled
  147:     }
  148: }
  149: 
  150: =head1 NAME
  151: 
  152: apachereload -setuid script to reload the apache web server.
  153: 
  154: =head1 DESCRIPTION
  155: 
  156: LON-CAPA - setuid script to reload the apache web server.
  157: 
  158: =head1 README
  159: 
  160: LON-CAPA  setuid script to reload the apache web server.
  161: 
  162: =head1 PREREQUISITES
  163: 
  164: =head1 COREQUISITES
  165: 
  166: =pod OSNAMES
  167: 
  168: linux
  169: 
  170: =pod SCRIPT CATEGORIES
  171: 
  172: LONCAPA/Administrative
  173: 
  174: =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>