#!/usr/bin/perl
# The Learning Online Network with CAPA
#
# apachereload - setuid script that reloads the apache daemon.
#
# $Id: apachereload,v 1.7 2011/05/14 16:12:53 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or 
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#


use strict;
#
#  This script is a setuid script that must be run as user www
#  it effectively just executes /etc/init.d/httpd reload.
#  causing the apache daemon to get HUP'd.  The script is
#  run by lond after re-initing it's host information.

$ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
                                                               # information
delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints

my $command = "/etc/init.d/httpd reload";

use lib '/home/httpd/lib/perl/';
use LONCAPA::Configuration;
my %perlvar= %{&LONCAPA::Configuration::read_conf('loncapa.conf')};

my ($execdir) = ($perlvar{'lonDaemons'} =~/(.*)/);
my $dist=`$execdir/distprobe`;
if ($dist =~ /^(suse|sles)/) {
    $command = "/etc/init.d/apache reload";
}
# Do not print error messages
my $noprint=1;

print "In apachereload" unless $noprint;

# ----------------------------- Make sure this process is running from user=www
my $wwwid=getpwnam('www');
&disable_root_capability;
if ($wwwid!=$>) {
    print("User ID mismatch.  This program must be run as user 'www'\n")
	unless $noprint;
    exit 1;
}

# ----------------------------------- Start running script with www permissions
&disable_root_capability;

&enable_root_capability;
($>,$<)=(0,0);


#  Now run the reload:
#

system($command);

&disable_root_capability;
exit 0;

# ---------------------------------------------- have setuid script run as root
sub enable_root_capability {
    if ($wwwid==$>) {
	($<,$>)=($>,0);
	($(,$))=($),0);
    }
    else {
	# root capability is already enabled
    }
    return $>;
}

# ----------------------------------------------- have setuid script run as www
sub disable_root_capability {
    if ($wwwid==$<) {
	($<,$>)=($>,$<);
	($(,$))=($),$();
    }
    else {
	# root capability is already disabled
    }
}

=head1 NAME

apachereload -setuid script to reload the apache web server.

=head1 DESCRIPTION

LON-CAPA - setuid script to reload the apache web server.

=head1 README

LON-CAPA  setuid script to reload the apache web server.

=head1 PREREQUISITES

=head1 COREQUISITES

=pod OSNAMES

linux

=pod SCRIPT CATEGORIES

LONCAPA/Administrative

=cut