Annotation of loncom/apachereload, revision 1.5
1.1 foxr 1: #!/usr/bin/perl
2: # The Learning Online Network with CAPA
3: #
4: # apachereload - setuid script that reloads the apache daemon.
5: #
1.5 ! albertel 6: # $Id: apachereload,v 1.4 2005/10/31 16:13:45 albertel Exp $
1.1 foxr 7: #
1.4 albertel 8: # Copyright Michigan State University Board of Trustees
1.1 foxr 9: #
1.4 albertel 10: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
1.3 albertel 11: #
1.4 albertel 12: # LON-CAPA is free software; you can redistribute it and/or modify
13: # it under the terms of the GNU General Public License as published by
14: # the Free Software Foundation; either version 2 of the License, or
15: # (at your option) any later version.
1.2 albertel 16: #
1.4 albertel 17: # LON-CAPA is distributed in the hope that it will be useful,
18: # but WITHOUT ANY WARRANTY; without even the implied warranty of
19: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20: # GNU General Public License for more details.
1.2 albertel 21: #
1.4 albertel 22: # You should have received a copy of the GNU General Public License
23: # along with LON-CAPA; if not, write to the Free Software
24: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25: #
26: # /home/httpd/html/adm/gpl.txt
27: #
28: # http://www.lon-capa.org/
1.2 albertel 29: #
1.1 foxr 30:
31:
32: use strict;
33: #
34: # This script is a setuid script that must be run as user www
35: # it effectively just executes /etc/init.d/httpd reload.
36: # causing the apache daemon to get HUP'd. The script is
37: # run by lond after re-initing it's host information.
38:
39: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
40: # information
41: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
42:
43: my $command = "/etc/init.d/httpd reload";
1.4 albertel 44:
45: use lib '/home/httpd/lib/perl/';
46: use LONCAPA::Configuration;
47: my %perlvar= %{&LONCAPA::Configuration::read_conf('loncapa.conf')};
48:
1.5 ! albertel 49: my $execdir = ($perlvar{'lonDaemons'} =~/(.*)/);
! 50: my $dist=`$execdir/distprobe`;
1.2 albertel 51: if ($dist =~ /^(suse|sles)/) {
1.3 albertel 52: $command = "/etc/init.d/apache reload";
1.2 albertel 53: }
1.1 foxr 54: # Do not print error messages
55: my $noprint=1;
56:
57: print "In apachereload" unless $noprint;
58:
59: # ----------------------------- Make sure this process is running from user=www
60: my $wwwid=getpwnam('www');
61: &disable_root_capability;
62: if ($wwwid!=$>) {
63: print("User ID mismatch. This program must be run as user 'www'\n")
64: unless $noprint;
65: exit 1;
66: }
67:
68: # ----------------------------------- Start running script with www permissions
69: &disable_root_capability;
70:
71: # --------------------------- Handle case of another apachereload process (locking)
72: unless (&try_to_lock('/tmp/lock_apachereload')) {
73: print "Error. Too many other simultaneous password change requests being ".
74: "made.\n" unless $noprint;
75: exit 4;
76: }
77:
78:
79: &enable_root_capability;
80: ($>,$<)=(0,0);
81:
82:
83: # Now run the reload:
84: #
85:
86: system($command);
87:
88: # Remove the lock file.
89:
90:
91:
92: &disable_root_capability;
93: unlink('/tmp/lock_apachereload');
94: exit 0;
95:
96: # ---------------------------------------------- have setuid script run as root
97: sub enable_root_capability {
98: if ($wwwid==$>) {
99: ($<,$>)=($>,0);
100: ($(,$))=($),0);
101: }
102: else {
103: # root capability is already enabled
104: }
105: return $>;
106: }
107:
108: # ----------------------------------------------- have setuid script run as www
109: sub disable_root_capability {
110: if ($wwwid==$<) {
111: ($<,$>)=($>,$<);
112: ($(,$))=($),$();
113: }
114: else {
115: # root capability is already disabled
116: }
117: }
118:
119: # ----------------------- make sure that another apachereload process isn't running
120: sub try_to_lock {
121: my ($lockfile)=@_;
122: my $currentpid;
123: my $lastpid;
124: # Do not manipulate lock file as root
125: if ($>==0) {
126: return 0;
127: }
128: # Try to generate lock file.
129: # Wait 3 seconds. If same process id is in
130: # lock file, then assume lock file is stale, and
131: # go ahead. If process id's fluctuate, try
132: # for a maximum of 10 times.
133: for (0..10) {
134: if (-e $lockfile) {
135: open(LOCK,"<$lockfile");
136: $currentpid=<LOCK>;
137: close LOCK;
138: if ($currentpid==$lastpid) {
139: last;
140: }
141: sleep 3;
142: $lastpid=$currentpid;
143: }
144: else {
145: last;
146: }
147: if ($_==10) {
148: return 0;
149: }
150: }
151: open(LOCK,">$lockfile");
152: print LOCK $$;
153: close LOCK;
154: return 1;
155: }
156:
157: =head1 NAME
158:
159: apachereload -setuid script to reload the apache web server.
160:
161: =head1 DESCRIPTION
162:
163: LON-CAPA - setuid script to reload the apache web server.
164:
165: =head1 README
166:
167: LON-CAPA setuid script to reload the apache web server.
168:
169: =head1 PREREQUISITES
170:
171: =head1 COREQUISITES
172:
173: =pod OSNAMES
174:
175: linux
176:
177: =pod SCRIPT CATEGORIES
178:
179: LONCAPA/Administrative
180:
181: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to apachereload CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom