Annotation of loncom/apachereload, revision 1.4
1.1 foxr 1: #!/usr/bin/perl
2: # The Learning Online Network with CAPA
3: #
4: # apachereload - setuid script that reloads the apache daemon.
5: #
1.4 ! albertel 6: # $Id: lond,v 1.301 2005/10/17 20:09:01 www Exp $
1.1 foxr 7: #
1.4 ! albertel 8: # Copyright Michigan State University Board of Trustees
1.1 foxr 9: #
1.4 ! albertel 10: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
1.3 albertel 11: #
1.4 ! albertel 12: # LON-CAPA is free software; you can redistribute it and/or modify
! 13: # it under the terms of the GNU General Public License as published by
! 14: # the Free Software Foundation; either version 2 of the License, or
! 15: # (at your option) any later version.
1.2 albertel 16: #
1.4 ! albertel 17: # LON-CAPA is distributed in the hope that it will be useful,
! 18: # but WITHOUT ANY WARRANTY; without even the implied warranty of
! 19: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
! 20: # GNU General Public License for more details.
1.2 albertel 21: #
1.4 ! albertel 22: # You should have received a copy of the GNU General Public License
! 23: # along with LON-CAPA; if not, write to the Free Software
! 24: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
! 25: #
! 26: # /home/httpd/html/adm/gpl.txt
! 27: #
! 28: # http://www.lon-capa.org/
1.2 albertel 29: #
1.1 foxr 30:
31:
32: use strict;
33: #
34: # This script is a setuid script that must be run as user www
35: # it effectively just executes /etc/init.d/httpd reload.
36: # causing the apache daemon to get HUP'd. The script is
37: # run by lond after re-initing it's host information.
38:
39: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
40: # information
41: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
42:
43: my $command = "/etc/init.d/httpd reload";
1.4 ! albertel 44:
! 45: use lib '/home/httpd/lib/perl/';
! 46: use LONCAPA::Configuration;
! 47: my %perlvar= %{&LONCAPA::Configuration::read_conf('loncapa.conf')};
! 48:
1.2 albertel 49: my $dist=`$perlvar{'lonDaemons'}/distprobe`;
50: if ($dist =~ /^(suse|sles)/) {
1.3 albertel 51: $command = "/etc/init.d/apache reload";
1.2 albertel 52: }
1.1 foxr 53: # Do not print error messages
54: my $noprint=1;
55:
56: print "In apachereload" unless $noprint;
57:
58: # ----------------------------- Make sure this process is running from user=www
59: my $wwwid=getpwnam('www');
60: &disable_root_capability;
61: if ($wwwid!=$>) {
62: print("User ID mismatch. This program must be run as user 'www'\n")
63: unless $noprint;
64: exit 1;
65: }
66:
67: # ----------------------------------- Start running script with www permissions
68: &disable_root_capability;
69:
70: # --------------------------- Handle case of another apachereload process (locking)
71: unless (&try_to_lock('/tmp/lock_apachereload')) {
72: print "Error. Too many other simultaneous password change requests being ".
73: "made.\n" unless $noprint;
74: exit 4;
75: }
76:
77:
78: &enable_root_capability;
79: ($>,$<)=(0,0);
80:
81:
82: # Now run the reload:
83: #
84:
85: system($command);
86:
87: # Remove the lock file.
88:
89:
90:
91: &disable_root_capability;
92: unlink('/tmp/lock_apachereload');
93: exit 0;
94:
95: # ---------------------------------------------- have setuid script run as root
96: sub enable_root_capability {
97: if ($wwwid==$>) {
98: ($<,$>)=($>,0);
99: ($(,$))=($),0);
100: }
101: else {
102: # root capability is already enabled
103: }
104: return $>;
105: }
106:
107: # ----------------------------------------------- have setuid script run as www
108: sub disable_root_capability {
109: if ($wwwid==$<) {
110: ($<,$>)=($>,$<);
111: ($(,$))=($),$();
112: }
113: else {
114: # root capability is already disabled
115: }
116: }
117:
118: # ----------------------- make sure that another apachereload process isn't running
119: sub try_to_lock {
120: my ($lockfile)=@_;
121: my $currentpid;
122: my $lastpid;
123: # Do not manipulate lock file as root
124: if ($>==0) {
125: return 0;
126: }
127: # Try to generate lock file.
128: # Wait 3 seconds. If same process id is in
129: # lock file, then assume lock file is stale, and
130: # go ahead. If process id's fluctuate, try
131: # for a maximum of 10 times.
132: for (0..10) {
133: if (-e $lockfile) {
134: open(LOCK,"<$lockfile");
135: $currentpid=<LOCK>;
136: close LOCK;
137: if ($currentpid==$lastpid) {
138: last;
139: }
140: sleep 3;
141: $lastpid=$currentpid;
142: }
143: else {
144: last;
145: }
146: if ($_==10) {
147: return 0;
148: }
149: }
150: open(LOCK,">$lockfile");
151: print LOCK $$;
152: close LOCK;
153: return 1;
154: }
155:
156: =head1 NAME
157:
158: apachereload -setuid script to reload the apache web server.
159:
160: =head1 DESCRIPTION
161:
162: LON-CAPA - setuid script to reload the apache web server.
163:
164: =head1 README
165:
166: LON-CAPA setuid script to reload the apache web server.
167:
168: =head1 PREREQUISITES
169:
170: =head1 COREQUISITES
171:
172: =pod OSNAMES
173:
174: linux
175:
176: =pod SCRIPT CATEGORIES
177:
178: LONCAPA/Administrative
179:
180: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to apachereload CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom