Annotation of loncom/apachereload, revision 1.3
1.1 foxr 1: #!/usr/bin/perl
2: # The Learning Online Network with CAPA
3: #
4: # apachereload - setuid script that reloads the apache daemon.
5: #
6: #
7: # $Id
8: #
9: # Change log:
1.2 albertel 10: # $Log: apachereload,v $
1.3 ! albertel 11: # Revision 1.2 2005/07/07 22:26:52 albertel
! 12: # - suse has apache not httpd
! 13: #
1.2 albertel 14: # Revision 1.1 2003/09/30 10:06:48 foxr
15: # This is a setuid script that allows the www user to issue
16: # /etc/init.d/httpd reload
17: #
18: # This functionality is required by lond and lonc when they have been asked to
19: # reinitialize themselves.
20: #
21: # Initial undebugged version.
22: #
1.1 foxr 23: ###
24:
25:
26: use strict;
27: #
28: # This script is a setuid script that must be run as user www
29: # it effectively just executes /etc/init.d/httpd reload.
30: # causing the apache daemon to get HUP'd. The script is
31: # run by lond after re-initing it's host information.
32:
33: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
34: # information
35: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
36:
37: my $command = "/etc/init.d/httpd reload";
1.2 albertel 38: my $dist=`$perlvar{'lonDaemons'}/distprobe`;
39: if ($dist =~ /^(suse|sles)/) {
1.3 ! albertel 40: $command = "/etc/init.d/apache reload";
1.2 albertel 41: }
1.1 foxr 42: # Do not print error messages
43: my $noprint=1;
44:
45: print "In apachereload" unless $noprint;
46:
47: # ----------------------------- Make sure this process is running from user=www
48: my $wwwid=getpwnam('www');
49: &disable_root_capability;
50: if ($wwwid!=$>) {
51: print("User ID mismatch. This program must be run as user 'www'\n")
52: unless $noprint;
53: exit 1;
54: }
55:
56: # ----------------------------------- Start running script with www permissions
57: &disable_root_capability;
58:
59: # --------------------------- Handle case of another apachereload process (locking)
60: unless (&try_to_lock('/tmp/lock_apachereload')) {
61: print "Error. Too many other simultaneous password change requests being ".
62: "made.\n" unless $noprint;
63: exit 4;
64: }
65:
66:
67: &enable_root_capability;
68: ($>,$<)=(0,0);
69:
70:
71: # Now run the reload:
72: #
73:
74: system($command);
75:
76: # Remove the lock file.
77:
78:
79:
80: &disable_root_capability;
81: unlink('/tmp/lock_apachereload');
82: exit 0;
83:
84: # ---------------------------------------------- have setuid script run as root
85: sub enable_root_capability {
86: if ($wwwid==$>) {
87: ($<,$>)=($>,0);
88: ($(,$))=($),0);
89: }
90: else {
91: # root capability is already enabled
92: }
93: return $>;
94: }
95:
96: # ----------------------------------------------- have setuid script run as www
97: sub disable_root_capability {
98: if ($wwwid==$<) {
99: ($<,$>)=($>,$<);
100: ($(,$))=($),$();
101: }
102: else {
103: # root capability is already disabled
104: }
105: }
106:
107: # ----------------------- make sure that another apachereload process isn't running
108: sub try_to_lock {
109: my ($lockfile)=@_;
110: my $currentpid;
111: my $lastpid;
112: # Do not manipulate lock file as root
113: if ($>==0) {
114: return 0;
115: }
116: # Try to generate lock file.
117: # Wait 3 seconds. If same process id is in
118: # lock file, then assume lock file is stale, and
119: # go ahead. If process id's fluctuate, try
120: # for a maximum of 10 times.
121: for (0..10) {
122: if (-e $lockfile) {
123: open(LOCK,"<$lockfile");
124: $currentpid=<LOCK>;
125: close LOCK;
126: if ($currentpid==$lastpid) {
127: last;
128: }
129: sleep 3;
130: $lastpid=$currentpid;
131: }
132: else {
133: last;
134: }
135: if ($_==10) {
136: return 0;
137: }
138: }
139: open(LOCK,">$lockfile");
140: print LOCK $$;
141: close LOCK;
142: return 1;
143: }
144:
145: =head1 NAME
146:
147: apachereload -setuid script to reload the apache web server.
148:
149: =head1 DESCRIPTION
150:
151: LON-CAPA - setuid script to reload the apache web server.
152:
153: =head1 README
154:
155: LON-CAPA setuid script to reload the apache web server.
156:
157: =head1 PREREQUISITES
158:
159: =head1 COREQUISITES
160:
161: =pod OSNAMES
162:
163: linux
164:
165: =pod SCRIPT CATEGORIES
166:
167: LONCAPA/Administrative
168:
169: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to apachereload CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom