--- loncom/lond	2011/06/11 21:10:03	1.475
+++ loncom/lond	2011/11/07 18:13:37	1.484
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.475 2011/06/11 21:10:03 raeburn Exp $
+# $Id: lond,v 1.484 2011/11/07 18:13:37 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -60,7 +60,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.475 $'; #' stupid emacs
+my $VERSION='$Revision: 1.484 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -92,6 +92,8 @@ my %managers;			# Ip -> manager names
 
 my %perlvar;			# Will have the apache conf defined perl vars.
 
+my $dist;
+
 #
 #   The hash below is used for command dispatching, and is therefore keyed on the request keyword.
 #    Each element of the hash contains a reference to an array that contains:
@@ -1641,6 +1643,74 @@ sub ls3_handler {
 }
 &register_handler("ls3", \&ls3_handler, 0, 1, 0);
 
+sub read_lonnet_global {
+    my ($cmd,$tail,$client) = @_;
+    my $userinput = "$cmd:$tail";
+    my $requested = &Apache::lonnet::thaw_unescape($tail);
+    my $result;
+    my %packagevars = (
+                        spareid => \%Apache::lonnet::spareid,
+                        perlvar => \%Apache::lonnet::perlvar,
+                      );
+    my %limit_to = (
+                    perlvar => {
+                                 lonOtherAuthen => 1,
+                                 lonBalancer    => 1,
+                                 lonVersion     => 1,
+                                 lonSysEMail    => 1,
+                                 lonHostID      => 1,
+                                 lonRole        => 1,
+                                 lonDefDomain   => 1,
+                                 lonLoadLim     => 1,
+                                 lonUserLoadLim => 1,
+                               }
+                  );
+    if (ref($requested) eq 'HASH') {
+        foreach my $what (keys(%{$requested})) {
+            my $response;
+            my $items = {};
+            if (exists($packagevars{$what})) {
+                if (ref($limit_to{$what}) eq 'HASH') {
+                    foreach my $varname (keys(%{$packagevars{$what}})) {
+                        if ($limit_to{$what}{$varname}) {
+                            $items->{$varname} = $packagevars{$what}{$varname};
+                        }
+                    }
+                } else {
+                    $items = $packagevars{$what};
+                }
+                if ($what eq 'perlvar') {
+                    if (!exists($packagevars{$what}{'lonBalancer'})) {
+                        if ($dist =~ /^(centos|rhes|fedora|scientific)/) {
+                            my $othervarref=LONCAPA::Configuration::read_conf('httpd.conf');
+                            if (ref($othervarref) eq 'HASH') {
+                                $items->{'lonBalancer'} = $othervarref->{'lonBalancer'};
+                            }
+                        }
+                    }
+                }
+                $response = &Apache::lonnet::freeze_escape($items);
+            }
+            $result .= &escape($what).'='.$response.'&';
+        }
+    }
+    $result =~ s/\&$//;
+    &Reply($client,\$result,$userinput);
+    return 1;
+}
+&register_handler("readlonnetglobal", \&read_lonnet_global, 0, 1, 0);
+
+sub server_devalidatecache_handler {
+    my ($cmd,$tail,$client) = @_;
+    my $userinput = "$cmd:$tail";
+    my ($name,$id) = map { &unescape($_); } split(/:/,$tail);
+    &Apache::lonnet::devalidate_cache_new($name,$id);
+    my $result = 'ok';
+    &Reply($client,\$result,$userinput);
+    return 1;
+}
+&register_handler("devalidatecache", \&server_devalidatecache_handler, 0, 1, 0);
+
 sub server_timezone_handler {
     my ($cmd,$tail,$client) = @_;
     my $userinput = "$cmd:$tail";
@@ -2003,7 +2073,7 @@ sub add_user_handler {
 		    ."makeuser";
 	    }
 	    unless ($fperror) {
-		my $result=&make_passwd_file($uname, $umode,$npass, $passfilename);
+		my $result=&make_passwd_file($uname,$udom,$umode,$npass, $passfilename);
 		&Reply($client,\$result, $userinput);     #BUGBUG - could be fail
 	    } else {
 		&Failure($client, \$fperror, $userinput);
@@ -2078,7 +2148,7 @@ sub change_authentication_handler {
 		    &Failure($client, \$result);
 		}
 	    } else {
-		my $result=&make_passwd_file($uname, $umode,$npass,$passfilename);
+		my $result=&make_passwd_file($uname,$udom,$umode,$npass,$passfilename);
 		#
 		#  If the current auth mode is internal, and the old auth mode was
 		#  unix, or krb*,  and the user is an author for this domain,
@@ -2278,7 +2348,9 @@ sub fetch_user_file_handler {
 
 	my $destname=$udir.'/'.$ufile;
 	my $transname=$udir.'/'.$ufile.'.in.transit';
-	my $remoteurl='http://'.$clientip.'/userfiles/'.$fname;
+        my $clientprotocol=$Apache::lonnet::protocol{$clientname};
+        $clientprotocol = 'http' if ($clientprotocol ne 'https');
+	my $remoteurl=$clientprotocol.'://'.$clientip.'/userfiles/'.$fname;
 	my $response;
 	Debug("Remote URL : $remoteurl Transfername $transname Destname: $destname");
 	alarm(120);
@@ -6362,7 +6434,7 @@ $SIG{USR2} = \&UpdateHosts;
 &Apache::lonnet::load_hosts_tab();
 my %iphost = &Apache::lonnet::get_iphost(1);
 
-my $dist=`$perlvar{'lonDaemons'}/distprobe`;
+$dist=`$perlvar{'lonDaemons'}/distprobe`;
 
 my $arch = `uname -i`;
 chomp($arch);
@@ -6658,8 +6730,7 @@ sub is_author {
 }
 #
 #   Checks to see if the input roleput request was to set
-# an author role.  If so, invokes the lchtmldir script to set
-# up a correct public_html 
+# an author role.  If so, creates construction space 
 # Parameters:
 #    request   - The request sent to the rolesput subchunk.
 #                We're looking for  /domain/_au
@@ -6669,16 +6740,15 @@ sub is_author {
 #
 sub manage_permissions {
     my ($request, $domain, $user, $authtype) = @_;
-
-    &Debug("manage_permissions: $request $domain $user $authtype");
-
     # See if the request is of the form /$domain/_au
     if($request =~ /^(\/\Q$domain\E\/_au)$/) { # It's an author rolesput...
-	my $execdir = $perlvar{'lonDaemons'};
-	my $userhome= "/home/$user" ;
-	&logthis("system $execdir/lchtmldir $userhome $user $authtype");
-	&Debug("Setting homedir permissions for $userhome");
-	system("$execdir/lchtmldir $userhome $user $authtype");
+        my $path=$perlvar{'lonDocRoot'}."/priv/$domain";
+        unless (-e $path) {        
+           mkdir($path);
+        }
+        unless (-e $path.'/'.$user) {
+           mkdir($path.'/'.$user);
+        }
     }
 }
 
@@ -7167,7 +7237,9 @@ sub subscribe {
                 # the metadata
 		unless ($fname=~/\.meta$/) { &unsub("$fname.meta",$clientip); }
 		$fname=~s/\/home\/httpd\/html\/res/raw/;
-		$fname="http://".&Apache::lonnet::hostname($perlvar{'lonHostID'})."/".$fname;
+                my $protocol = $Apache::lonnet::protocol{$perlvar{'lonHostID'}};
+                $protocol = 'http' if ($protocol ne 'https');
+		$fname=$protocol.'://'.&Apache::lonnet::hostname($perlvar{'lonHostID'})."/".$fname;
 		$result="$fname\n";
 	    }
 	} else {
@@ -7209,7 +7281,7 @@ sub change_unix_password {
 
 
 sub make_passwd_file {
-    my ($uname, $umode,$npass,$passfilename)=@_;
+    my ($uname,$udom,$umode,$npass,$passfilename)=@_;
     my $result="ok";
     if ($umode eq 'krb4' or $umode eq 'krb5') {
 	{
@@ -7250,7 +7322,7 @@ sub make_passwd_file {
 	    #
 	    my $uid = getpwnam($uname);
 	    if((defined $uid) && ($uid == 0)) {
-		&logthis(">>>Attempted to create privilged account blocked");
+		&logthis(">>>Attempt to create privileged account blocked");
 		return "no_priv_account_error\n";
 	    }
 
@@ -7262,6 +7334,7 @@ sub make_passwd_file {
 		&Debug("user  = ".$uname.", Password =". $npass);
 		my $se = IO::File->new("|$execpath > $perlvar{'lonDaemons'}/logs/lcuseradd.log");
 		print $se "$uname\n";
+                print $se "$udom\n";
 		print $se "$npass\n";
 		print $se "$npass\n";
 		print $se "$lc_error_file\n"; # Status -> unique file.