--- loncom/lond 2002/02/05 18:05:47 1.66 +++ loncom/lond 2002/02/19 21:52:54 1.72 @@ -2,7 +2,7 @@ # The LearningOnline Network # lond "LON Daemon" Server (port "LOND" 5663) # -# $Id: lond,v 1.66 2002/02/05 18:05:47 www Exp $ +# $Id: lond,v 1.72 2002/02/19 21:52:54 matthew Exp $ # # Copyright Michigan State University Board of Trustees # @@ -48,6 +48,9 @@ # 12/22 Gerd Kortemeyer # YEAR=2002 # 01/20/02,02/05 Gerd Kortemeyer +# 02/05 Guy Albertelli +# 02/07 Scott Harrison +# 02/12 Gerd Kortemeyer ### # based on "Perl Cookbook" ISBN 1-56592-243-3 @@ -136,7 +139,7 @@ open (CONFIG,"$perlvar{'lonTabDir'}/host while ($configline=) { my ($id,$domain,$role,$name,$ip)=split(/:/,$configline); - chomp($ip); + chomp($ip); $ip=~s/\D+$//; $hostid{$ip}=$id; if ($id eq $perlvar{'lonHostID'}) { $thisserver=$name; } $PREFORK++; @@ -163,9 +166,13 @@ $children = 0; # cu sub REAPER { # takes care of dead children $SIG{CHLD} = \&REAPER; my $pid = wait; - $children --; - &logthis("Child $pid died"); - delete $children{$pid}; + if (defined($children{$pid})) { + &logthis("Child $pid died"); + $children --; + delete $children{$pid}; + } else { + &logthis("Unknown Child $pid died"); + } } sub HUNTSMAN { # signal handler for SIGINT @@ -204,13 +211,12 @@ sub checkchildren { foreach (sort keys %children) { unless (-e "$docdir/lon-status/londchld/$_.txt") { &logthis('Child '.$_.' did not respond'); - kill 9 => $_; - $emailto="$perlvar{'lonAdmEMail'},$perlvar{'lonSysEMail'}"; - $subj="LON: $perlvar{'lonHostID'} killed lond process $_"; - system("echo 'Killed lond process $_.' |\ - mailto $emailto -s '$subj' > /dev/null"); + kill 9 => $_; + $emailto="$perlvar{'lonAdmEMail'},$perlvar{'lonSysEMail'}"; + $subj="LON: $perlvar{'lonHostID'} killed lond process $_"; + my $result=`echo 'Killed lond process $_.' | mailto $emailto -s '$subj' > /dev/null`; $execdir=$perlvar{'lonDaemons'}; - system("cp $execdir/logs/lond.log $execdir/logs/lond.log.".$_); + $result=`/bin/cp $execdir/logs/lond.log $execdir/logs/lond.log.$_` } } } @@ -634,10 +640,13 @@ sub make_new_child { $pwdcorrect=!$?; } } elsif ($howpwd eq 'krb4') { + $null=pack("C",0); + unless ($upass=~/$null/) { $pwdcorrect=( Authen::Krb4::get_pw_in_tkt($uname,"", $contentpwd,'krbtgt',$contentpwd,1, $upass) == 0); + } else { $pwdcorrect=0; } } elsif ($howpwd eq 'localauth') { $pwdcorrect=&localauth::localauth($uname,$upass, $contentpwd); @@ -661,7 +670,8 @@ sub make_new_child { chomp($npass); $upass=&unescape($upass); $npass=&unescape($npass); - my $proname=propath($udom,$uname); + &logthis("Trying to change password for $uname"); + my $proname=propath($udom,$uname); my $passfilename="$proname/passwd"; if (-e $passfilename) { my $realpasswd; @@ -676,11 +686,42 @@ sub make_new_child { my $ncpass=crypt($npass,$salt); { my $pf = IO::File->new(">$passfilename"); print $pf "internal:$ncpass\n"; } + &logthis("Result of password change for $uname: pwchange_success"); print $client "ok\n"; } else { print $client "non_authorized\n"; } - } else { + } elsif ($howpwd eq 'unix') { + # Unix means we have to access /etc/password + # one way or another. + # First: Make sure the current password is + # correct + $contentpwd=(getpwnam($uname))[1]; + my $pwdcorrect = "0"; + my $pwauth_path="/usr/local/sbin/pwauth"; + unless ($contentpwd eq 'x') { + $pwdcorrect= + (crypt($upass,$contentpwd) eq $contentpwd); + } elsif (-e $pwauth_path) { + open PWAUTH, "|$pwauth_path" or + die "Cannot invoke authentication"; + print PWAUTH "$uname\n$upass\n"; + close PWAUTH; + $pwdcorrect=!$?; + } + if ($pwdcorrect) { + my $execdir=$perlvar{'lonDaemons'}; + my $pf = IO::File->new("|$execdir/lcpasswd"); + print $pf "$uname\n$npass\n$npass\n"; + close $pf; + my $result = ($?>0 ? 'pwchange_failure' + : 'ok'); + &logthis("Result of password change for $uname: $result"); + print $client "$result\n"; + } else { + print $client "non_authorized\n"; + } + } else { print $client "auth_mode_error\n"; } } else {