|
version 1.18, 2002/09/19 02:02:59
|
version 1.22, 2010/10/12 10:33:47
|
|
Line 4
|
Line 4
|
| # lcpasswd - LON-CAPA setuid script to synchronously change all |
# lcpasswd - LON-CAPA setuid script to synchronously change all |
| # filesystem-related passwords (samba, unix, etc) |
# filesystem-related passwords (samba, unix, etc) |
| # |
# |
| # YEAR=2000 |
|
| # 10/27,10/28,10/29,10/30 Scott Harrison |
|
| # |
|
| # YEAR=2001 |
|
| # 10/22,10/23,11/13,11/15 Scott Harrison |
|
| # |
|
| # YEAR=2002 |
# YEAR=2002 |
| # 02/19 Matthew Hall |
# 02/19 Matthew Hall |
| # |
# |
|
Line 98 print "In lcpasswd" unless $noprint;
|
Line 92 print "In lcpasswd" unless $noprint;
|
| |
|
| # ----------------------------- Make sure this process is running from user=www |
# ----------------------------- Make sure this process is running from user=www |
| my $wwwid=getpwnam('www'); |
my $wwwid=getpwnam('www'); |
| &disable_root_capability; |
|
| if ($wwwid!=$>) { |
if ($wwwid!=$<) { |
| print("User ID mismatch. This program must be run as user 'www'\n") |
print("User ID mismatch. This program must be run as user 'www'\n") |
| unless $noprint; |
unless $noprint; |
| exit 1; |
exit 1; |
| } |
} |
| |
|
| # ----------------------------------- Start running script with www permissions |
# ----------------------------------- Start running script with www permissions |
| &disable_root_capability; |
|
| |
|
| # --------------------------- Handle case of another lcpasswd process (locking) |
# --------------------------- Handle case of another lcpasswd process (locking) |
| unless (&try_to_lock('/tmp/lock_lcpasswd')) { |
unless (&try_to_lock('/tmp/lock_lcpasswd')) { |
|
Line 165 open OUT,"|pwchange $safeusername";
|
Line 159 open OUT,"|pwchange $safeusername";
|
| print OUT $password1; |
print OUT $password1; |
| print OUT "\n"; |
print OUT "\n"; |
| close OUT; |
close OUT; |
| ($>,$<)=(0,500); |
($>,$<)=(0,$wwwid); |
| |
|
| print "pwchange done, back to uid 500" unless $noprint; |
print "pwchange done, back to uid $wwwid" unless $noprint; |
| |
|
| if ($?) { |
if ($?) { |
| exit 8; |
exit 8; |
|
Line 179 if (-e '/usr/bin/smbpasswd') {
|
Line 173 if (-e '/usr/bin/smbpasswd') {
|
| ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid |
($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid |
| # environment |
# environment |
| |
|
| # If the -a swithc is put on the smbpasswd |
# If the -a switch is put on the smbpasswd |
| # command line, either a new entry will be created or the old one |
# command line, either a new entry will be created or the old one |
| # will be used. |
# will be used. |
| # Therefore the old strategy of looking for and adding a dummy entry is |
# Therefore the old strategy of looking for and adding a dummy entry is |
|
Line 196 if (-e '/usr/bin/smbpasswd') {
|
Line 190 if (-e '/usr/bin/smbpasswd') {
|
| print "smbpasswd done" unless $noprint; |
print "smbpasswd done" unless $noprint; |
| } |
} |
| |
|
| &disable_root_capability; |
|
| unlink('/tmp/lock_lcpasswd'); |
unlink('/tmp/lock_lcpasswd'); |
| exit 0; |
exit 0; |
| |
|
|
Line 228 sub try_to_lock {
|
Line 222 sub try_to_lock {
|
| my ($lockfile)=@_; |
my ($lockfile)=@_; |
| my $currentpid; |
my $currentpid; |
| my $lastpid; |
my $lastpid; |
| # Do not manipulate lock file as root |
|
| if ($>==0) { |
|
| return 0; |
|
| } |
|
| # Try to generate lock file. |
# Try to generate lock file. |
| # Wait 3 seconds. If same process id is in |
# Wait 3 seconds. If same process id is in |
| # lock file, then assume lock file is stale, and |
# lock file, then assume lock file is stale, and |
![[BACK]](/icons/back.gif){kind=icon}
Return to lcpasswd CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom