--- loncom/lond 2002/01/20 18:01:43 1.63 +++ loncom/lond 2002/02/25 20:43:15 1.73 @@ -2,7 +2,7 @@ # The LearningOnline Network # lond "LON Daemon" Server (port "LOND" 5663) # -# $Id: lond,v 1.63 2002/01/20 18:01:43 www Exp $ +# $Id: lond,v 1.73 2002/02/25 20:43:15 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -47,7 +47,12 @@ # 12/20 Scott Harrison # 12/22 Gerd Kortemeyer # YEAR=2002 -# 01/20/02 Gerd Kortemeyer +# 01/20/02,02/05 Gerd Kortemeyer +# 02/05 Guy Albertelli +# 02/07 Scott Harrison +# 02/12 Gerd Kortemeyer +# 02/19 Matthew Hall +# 02/25 Gerd Kortemeyer ### # based on "Perl Cookbook" ISBN 1-56592-243-3 @@ -136,7 +141,7 @@ open (CONFIG,"$perlvar{'lonTabDir'}/host while ($configline=) { my ($id,$domain,$role,$name,$ip)=split(/:/,$configline); - chomp($ip); + chomp($ip); $ip=~s/\D+$//; $hostid{$ip}=$id; if ($id eq $perlvar{'lonHostID'}) { $thisserver=$name; } $PREFORK++; @@ -163,9 +168,13 @@ $children = 0; # cu sub REAPER { # takes care of dead children $SIG{CHLD} = \&REAPER; my $pid = wait; - $children --; - &logthis("Child $pid died"); - delete $children{$pid}; + if (defined($children{$pid})) { + &logthis("Child $pid died"); + $children --; + delete $children{$pid}; + } else { + &logthis("Unknown Child $pid died"); + } } sub HUNTSMAN { # signal handler for SIGINT @@ -194,7 +203,6 @@ sub checkchildren { &logthis('Going to check on the children'); $docdir=$perlvar{'lonDocRoot'}; foreach (sort keys %children) { - unlink("$docdir/lon-status/londchld/$_.txt"); sleep 1; unless (kill 'USR1' => $_) { &logthis ('Child '.$_.' is dead'); @@ -205,7 +213,12 @@ sub checkchildren { foreach (sort keys %children) { unless (-e "$docdir/lon-status/londchld/$_.txt") { &logthis('Child '.$_.' did not respond'); - kill -9 => $_; + kill 9 => $_; + $emailto="$perlvar{'lonAdmEMail'},$perlvar{'lonSysEMail'}"; + $subj="LON: $perlvar{'lonHostID'} killed lond process $_"; + my $result=`echo 'Killed lond process $_.' | mailto $emailto -s '$subj' > /dev/null`; + $execdir=$perlvar{'lonDaemons'}; + $result=`/bin/cp $execdir/logs/lond.log $execdir/logs/lond.log.$_` } } } @@ -244,6 +257,11 @@ sub initnewstatus { my $now=time; my $local=localtime($now); print $fh "LOND status $local - parent $$\n\n"; + opendir(DIR,"$docdir/lon-status/londchld"); + while ($filename=readdir(DIR)) { + unlink("$docdir/lon-status/londchld/$filename"); + } + closedir(DIR); } # -------------------------------------------------------------- Status setting @@ -624,10 +642,13 @@ sub make_new_child { $pwdcorrect=!$?; } } elsif ($howpwd eq 'krb4') { + $null=pack("C",0); + unless ($upass=~/$null/) { $pwdcorrect=( Authen::Krb4::get_pw_in_tkt($uname,"", $contentpwd,'krbtgt',$contentpwd,1, $upass) == 0); + } else { $pwdcorrect=0; } } elsif ($howpwd eq 'localauth') { $pwdcorrect=&localauth::localauth($uname,$upass, $contentpwd); @@ -651,7 +672,8 @@ sub make_new_child { chomp($npass); $upass=&unescape($upass); $npass=&unescape($npass); - my $proname=propath($udom,$uname); + &logthis("Trying to change password for $uname"); + my $proname=propath($udom,$uname); my $passfilename="$proname/passwd"; if (-e $passfilename) { my $realpasswd; @@ -666,11 +688,42 @@ sub make_new_child { my $ncpass=crypt($npass,$salt); { my $pf = IO::File->new(">$passfilename"); print $pf "internal:$ncpass\n"; } + &logthis("Result of password change for $uname: pwchange_success"); print $client "ok\n"; } else { print $client "non_authorized\n"; } - } else { + } elsif ($howpwd eq 'unix') { + # Unix means we have to access /etc/password + # one way or another. + # First: Make sure the current password is + # correct + $contentpwd=(getpwnam($uname))[1]; + my $pwdcorrect = "0"; + my $pwauth_path="/usr/local/sbin/pwauth"; + unless ($contentpwd eq 'x') { + $pwdcorrect= + (crypt($upass,$contentpwd) eq $contentpwd); + } elsif (-e $pwauth_path) { + open PWAUTH, "|$pwauth_path" or + die "Cannot invoke authentication"; + print PWAUTH "$uname\n$upass\n"; + close PWAUTH; + $pwdcorrect=!$?; + } + if ($pwdcorrect) { + my $execdir=$perlvar{'lonDaemons'}; + my $pf = IO::File->new("|$execdir/lcpasswd"); + print $pf "$uname\n$npass\n$npass\n"; + close $pf; + my $result = ($?>0 ? 'pwchange_failure' + : 'ok'); + &logthis("Result of password change for $uname: $result"); + print $client "$result\n"; + } else { + print $client "non_authorized\n"; + } + } else { print $client "auth_mode_error\n"; } } else { @@ -701,7 +754,7 @@ sub make_new_child { $fpnow.='/'.$fpparts[$i]; unless (-e $fpnow) { unless (mkdir($fpnow,0777)) { - $fperror="error:$!\n"; + $fperror="error:$!"; } } } @@ -1376,7 +1429,6 @@ sub make_new_child { # tidy up gracefully and finish - $client->close(); $server->close(); # this exit is VERY important, otherwise the child will become @@ -1431,4 +1483,8 @@ Server/Process + + + +