Annotation of loncom/apachereload, revision 1.2
1.1 foxr 1: #!/usr/bin/perl
2: # The Learning Online Network with CAPA
3: #
4: # apachereload - setuid script that reloads the apache daemon.
5: #
6: #
7: # $Id
8: #
9: # Change log:
1.2 ! albertel 10: # $Log: apachereload,v $
! 11: # Revision 1.1 2003/09/30 10:06:48 foxr
! 12: # This is a setuid script that allows the www user to issue
! 13: # /etc/init.d/httpd reload
! 14: #
! 15: # This functionality is required by lond and lonc when they have been asked to
! 16: # reinitialize themselves.
! 17: #
! 18: # Initial undebugged version.
! 19: #
1.1 foxr 20: ###
21:
22:
23: use strict;
24: #
25: # This script is a setuid script that must be run as user www
26: # it effectively just executes /etc/init.d/httpd reload.
27: # causing the apache daemon to get HUP'd. The script is
28: # run by lond after re-initing it's host information.
29:
30: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
31: # information
32: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
33:
34: my $command = "/etc/init.d/httpd reload";
1.2 ! albertel 35: my $dist=`$perlvar{'lonDaemons'}/distprobe`;
! 36: if ($dist =~ /^(suse|sles)/) {
! 37: $command = "/etc/init.d/httpd reload";
! 38: }
1.1 foxr 39: # Do not print error messages
40: my $noprint=1;
41:
42: print "In apachereload" unless $noprint;
43:
44: # ----------------------------- Make sure this process is running from user=www
45: my $wwwid=getpwnam('www');
46: &disable_root_capability;
47: if ($wwwid!=$>) {
48: print("User ID mismatch. This program must be run as user 'www'\n")
49: unless $noprint;
50: exit 1;
51: }
52:
53: # ----------------------------------- Start running script with www permissions
54: &disable_root_capability;
55:
56: # --------------------------- Handle case of another apachereload process (locking)
57: unless (&try_to_lock('/tmp/lock_apachereload')) {
58: print "Error. Too many other simultaneous password change requests being ".
59: "made.\n" unless $noprint;
60: exit 4;
61: }
62:
63:
64: &enable_root_capability;
65: ($>,$<)=(0,0);
66:
67:
68: # Now run the reload:
69: #
70:
71: system($command);
72:
73: # Remove the lock file.
74:
75:
76:
77: &disable_root_capability;
78: unlink('/tmp/lock_apachereload');
79: exit 0;
80:
81: # ---------------------------------------------- have setuid script run as root
82: sub enable_root_capability {
83: if ($wwwid==$>) {
84: ($<,$>)=($>,0);
85: ($(,$))=($),0);
86: }
87: else {
88: # root capability is already enabled
89: }
90: return $>;
91: }
92:
93: # ----------------------------------------------- have setuid script run as www
94: sub disable_root_capability {
95: if ($wwwid==$<) {
96: ($<,$>)=($>,$<);
97: ($(,$))=($),$();
98: }
99: else {
100: # root capability is already disabled
101: }
102: }
103:
104: # ----------------------- make sure that another apachereload process isn't running
105: sub try_to_lock {
106: my ($lockfile)=@_;
107: my $currentpid;
108: my $lastpid;
109: # Do not manipulate lock file as root
110: if ($>==0) {
111: return 0;
112: }
113: # Try to generate lock file.
114: # Wait 3 seconds. If same process id is in
115: # lock file, then assume lock file is stale, and
116: # go ahead. If process id's fluctuate, try
117: # for a maximum of 10 times.
118: for (0..10) {
119: if (-e $lockfile) {
120: open(LOCK,"<$lockfile");
121: $currentpid=<LOCK>;
122: close LOCK;
123: if ($currentpid==$lastpid) {
124: last;
125: }
126: sleep 3;
127: $lastpid=$currentpid;
128: }
129: else {
130: last;
131: }
132: if ($_==10) {
133: return 0;
134: }
135: }
136: open(LOCK,">$lockfile");
137: print LOCK $$;
138: close LOCK;
139: return 1;
140: }
141:
142: =head1 NAME
143:
144: apachereload -setuid script to reload the apache web server.
145:
146: =head1 DESCRIPTION
147:
148: LON-CAPA - setuid script to reload the apache web server.
149:
150: =head1 README
151:
152: LON-CAPA setuid script to reload the apache web server.
153:
154: =head1 PREREQUISITES
155:
156: =head1 COREQUISITES
157:
158: =pod OSNAMES
159:
160: linux
161:
162: =pod SCRIPT CATEGORIES
163:
164: LONCAPA/Administrative
165:
166: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to apachereload CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom