loncom/lchtmldir - diff

Return to lchtmldir CVS log

Up to [LON-CAPA] / loncom

Diff for /loncom/Attic/lchtmldir between versions 1.10 and 1.16

version 1.10, 2004/10/19 11:11:34	version 1.16, 2005/04/07 22:27:52
Line 69	Line 69
use strict;	use strict;
use Fcntl qw(:mode);	use Fcntl qw(:mode);
use DirHandle;	use DirHandle;
	use POSIX;

$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl';	$ENV{'PATH'} = '/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl';
delete @ENV{qw{IFS CDPATH ENV BASH_ENV}};	delete @ENV{qw{IFS CDPATH ENV BASH_ENV}};

my $DEBUG = 0; # .nonzero -> Debug printing enabled.	my $DEBUG = 1; # .nonzero -> Debug printing enabled.
my $path_sep = "/"; # Unix like operating systems.	my $path_sep = "/"; # Unix like operating systems.


Line 144 my $safeuser = $patt;	Line 144 my $safeuser = $patt;
if($DEBUG) {	if($DEBUG) {
print("Save username = $safeuser \n");	print("Save username = $safeuser \n");
}	}
if(($username ne $safeuser) or ($safeuser!~/^[A-za-z]/)) {	if(($username ne $safeuser) or ($safeuser!~/^[A-z]/)) {
if($DEBUG) {	if($DEBUG) {
print("User name $username had illegal characters\n");	print("User name $username had illegal characters\n");
}	}
Line 185 if(!( -e $dirtry1)) {	Line 185 if(!( -e $dirtry1)) {
exit 6;	exit 6;
}	}
}	}
	if ($authentication eq "unix:") {
	# check whether group $safeuser exists.
	my $usergroups = `id -nG $safeuser`;
	if (! grep /^$safeuser$/, split(/\s+/,$usergroups)) {
	if($DEBUG) {
	print("Group \"$safeuser\" does not exist or $safeuser is not a member of that group.\n");
	}
	exit 7;
	}
	}

&EnableRoot;	&EnableRoot;

&System("/bin/mkdir -p $fulldir") unless (-e $fulldir);	&System("/bin/mkdir -p $fulldir") unless (-e $fulldir);
Line 214 END	Line 225 END
close OUT;	close OUT;
}	}

&System("/bin/chmod 02775 $fulldir");	&System("/bin/chmod 02770 $fulldir");
&System("/bin/chmod 0775 $fulldir"."/index.html");	&System("/bin/chmod 0770 $fulldir"."/index.html");


# Based on the authentiation mode, set the ownership of the directory.	# Based on the authentiation mode, set the ownership of the directory.

if($authentication eq "unix:") { # Unix mode authentication...	if($authentication eq "unix:") { # Unix mode authentication...
&System("/bin/chown -R $safeuser".":".$safeuser." ".$fulldir);	print "Unix auth\n";
	&System("/bin/chown -R $safeuser:$safeuser"." ".$fulldir);
&JoinGroup($safeuser);	&JoinGroup($safeuser);
} else {	} else {
# Internal, Kerberos, and Local authentication are for users	# Internal, Kerberos, and Local authentication are for users
Line 232 if($authentication eq "unix:") { # Unix	Line 244 if($authentication eq "unix:") { # Unix
# is that a file system user is being demoted to internal user...	# is that a file system user is being demoted to internal user...

if($authentication eq "internal:") {	if($authentication eq "internal:") {
&System("/bin/chown -R root:root ".$homedir);	# In case the user was a unix/filesystem authenticated user,
	# we'll take a bit of time here to write a script in the
	# user's home directory that can reset ownerships and permissions
	# back the way the used to be.

	# This can take long enough for lond to time out, so we'll do it
	# in a separate process that we'll not wait for.
	#
	my $fpid = fork;
	if($fpid) {
	&DisableRoot;
	exit 0;
	} else {
	print "Forked\n";
	POSIX::setsid(); # Disassociate from parent.
	print "Separate session\n";
	&write_restore_script($homedir);
	print "Restore script written\n";
	&System("/bin/chown -R root:root ".$homedir);
	&System("/bin/chown -R www:www ".$fulldir);
	print "Exiting\n";
	exit 0;
	}
	} else {
	&System("/bin/chown -R www:www ".$fulldir);
}	}
&System("/bin/chown -R www:www ".$fulldir);
}	}
&DisableRoot;	&DisableRoot;

Line 276 sub DisableRoot {	Line 312 sub DisableRoot {
print("Disable root: id = ".$>."\n");	print("Disable root: id = ".$>."\n");
}	}
}	}
	#
	# Join the www user to the user's group.
	# we must be running with euid as root at this time.
	#
sub JoinGroup {	sub JoinGroup {
my $usergroup = shift;	my $usergroup = shift;

Line 295 sub JoinGroup {	Line 334 sub JoinGroup {
}	}
exit 6;	exit 6;
}	}
	if (-e '/var/run/httpd.pid') {
	open(PID,'/var/run/httpd.pid');
	my $pid=<PID>;
	close(PID);
	my ($safepid) = $pid=~ /(\d+)/;
	$pid = $safepid;
	if ($pid) {
	my $status = system("kill -USR1 $safepid");
	}
	}
}	}


Line 371 sub process_tree {	Line 419 sub process_tree {

}	}
#	#
# Simple test of process_tree:	# Callback from process_tree to write the script lines
	# requried to restore files to current ownership and permission.
	# Parameters:
	# dir - Name of the directory the file lives in.
	# name - Name of the file itself.
	# statinfo - Array from lstat called on the file.
	#
#	#
sub write_script {	sub write_script {
my ($dir, $name, $statinfo) = @_;	my ($dir, $name, $statinfo) = @_;
Line 392 sub write_script {	Line 446 sub write_script {


}	}
	#
	# Write a script in the user's home directory that can restore
	# the permissions and ownerhips of all the files in the directory
	# tree to their current ownerships and permissions. This is done
	# prior to making the user into an internally authenticated user
	# in case they were previously file system authenticated and
	# need to go back.
	# The file we will create will be of the form
	# restore_n.sh Where n is a number that we will keep
	# incrementing as needed until there isn't a file by that name.
	#
	# Parameters:
	# dir - Path to the user's home directory.
	#
	sub write_restore_script {
	my ($dir) = @_;

	# Create a unique file:

	my $version_number = 0;
	my $filename = 'restore_'.$version_number.'.sh';
	my $full_name = $dir.$path_sep.$filename;

	while(-e $full_name) {
	$version_number++;
	$filename = 'restore_'.$version_number.'.sh';
	$full_name = $dir.$path_sep.$filename;
	}
	# $full_name is the full path of a file that does not yet exist
	# of the form we want:

	open(CHMODSCRIPT, "> $full_name");

	&process_tree(\&write_script, $dir);

	close(CHMODSCRIPT);

	chmod(0750, $full_name);

	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.10
changed lines
	Added in v.1.16