--- loncom/lcpasswd	2002/09/19 02:02:59	1.18
+++ loncom/lcpasswd	2010/10/12 10:33:47	1.22
@@ -4,16 +4,10 @@
 # lcpasswd - LON-CAPA setuid script to synchronously change all
 #            filesystem-related passwords (samba, unix, etc)
 #
-# YEAR=2000
-# 10/27,10/28,10/29,10/30 Scott Harrison
-#
-# YEAR=2001
-# 10/22,10/23,11/13,11/15 Scott Harrison
-# 
 # YEAR=2002
 # 02/19 Matthew Hall
 #
-# $Id: lcpasswd,v 1.18 2002/09/19 02:02:59 foxr Exp $
+# $Id: lcpasswd,v 1.22 2010/10/12 10:33:47 foxr Exp $
 ###
 
 ###############################################################################
@@ -98,15 +92,15 @@ print "In lcpasswd" unless $noprint;
 
 # ----------------------------- Make sure this process is running from user=www
 my $wwwid=getpwnam('www');
-&disable_root_capability;
-if ($wwwid!=$>) {
+
+if ($wwwid!=$<) {
     print("User ID mismatch.  This program must be run as user 'www'\n")
 	unless $noprint;
     exit 1;
 }
 
 # ----------------------------------- Start running script with www permissions
-&disable_root_capability;
+
 
 # --------------------------- Handle case of another lcpasswd process (locking)
 unless (&try_to_lock('/tmp/lock_lcpasswd')) {
@@ -165,9 +159,9 @@ open OUT,"|pwchange $safeusername";
 print OUT $password1;
 print OUT "\n";
 close OUT;
-($>,$<)=(0,500);
+($>,$<)=(0,$wwwid);
 
-print "pwchange done, back to uid 500" unless $noprint;
+print "pwchange done, back to uid $wwwid" unless $noprint;
 
 if ($?) {
     exit 8;
@@ -179,7 +173,7 @@ if (-e '/usr/bin/smbpasswd') {
     ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid
                    # environment
 
-#   If the -a swithc is put on the smbpasswd
+#   If the -a switch is put on the smbpasswd
 # command line, either a new entry will be created or the old one
 # will be used. 
 # Therefore the old strategy of looking for and adding a dummy entry is 
@@ -196,7 +190,7 @@ if (-e '/usr/bin/smbpasswd') {
     print "smbpasswd done" unless $noprint;
 }
 
-&disable_root_capability;
+
 unlink('/tmp/lock_lcpasswd');
 exit 0;
 
@@ -228,10 +222,7 @@ sub try_to_lock {
     my ($lockfile)=@_;
     my $currentpid;
     my $lastpid;
-    # Do not manipulate lock file as root
-    if ($>==0) {
-	return 0;
-    }
+
     # Try to generate lock file.
     # Wait 3 seconds.  If same process id is in
     # lock file, then assume lock file is stale, and