Annotation of loncom/apachereload, revision 1.8
1.1 foxr 1: #!/usr/bin/perl
2: # The Learning Online Network with CAPA
3: #
4: # apachereload - setuid script that reloads the apache daemon.
5: #
1.8 ! raeburn 6: # $Id: apachereload,v 1.7 2011/05/14 16:12:53 raeburn Exp $
1.1 foxr 7: #
1.4 albertel 8: # Copyright Michigan State University Board of Trustees
1.1 foxr 9: #
1.4 albertel 10: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
1.3 albertel 11: #
1.4 albertel 12: # LON-CAPA is free software; you can redistribute it and/or modify
13: # it under the terms of the GNU General Public License as published by
14: # the Free Software Foundation; either version 2 of the License, or
15: # (at your option) any later version.
1.2 albertel 16: #
1.4 albertel 17: # LON-CAPA is distributed in the hope that it will be useful,
18: # but WITHOUT ANY WARRANTY; without even the implied warranty of
19: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20: # GNU General Public License for more details.
1.2 albertel 21: #
1.4 albertel 22: # You should have received a copy of the GNU General Public License
23: # along with LON-CAPA; if not, write to the Free Software
24: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25: #
26: # /home/httpd/html/adm/gpl.txt
27: #
28: # http://www.lon-capa.org/
1.2 albertel 29: #
1.1 foxr 30:
31:
32: use strict;
33: #
34: # This script is a setuid script that must be run as user www
1.8 ! raeburn 35: # it effectively just executes one of the following five commands:
! 36: # /etc/init.d/httpd reload
! 37: # /etc/init.d/apache reload
! 38: # /etc/init.d/apache2 reload
! 39: # /bin/systemctl reload httpd.service
! 40: # /bin/systemctl reload apache2.service
! 41: # (depending on Linux distro) causing the apache daemon to get HUP'd.
! 42: # The script is run by lond after re-initing its host information.
1.1 foxr 43:
44: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
45: # information
46: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
47:
1.8 ! raeburn 48: my $command;
! 49: my $checker_bin = '/sbin/chkconfig';
! 50: my $sysctl_bin = '/bin/systemctl';
! 51: my $sysv_bin = '/usr/sbin/sysv-rc-conf';
! 52:
! 53: if (-x $sysctl_bin) {
! 54: if (open(PIPE,"$sysctl_bin list-unit-files --type=service 2>/dev/null |")) {
! 55: my @lines = <PIPE>;
! 56: chomp(@lines);
! 57: close(PIPE);
! 58: if (grep(/^httpd\.service/,@lines)) {
! 59: $command = '/bin/systemctl reload httpd.service';
! 60: } elsif (grep(/^apache2\.service/,@lines)) {
! 61: $command = '/bin/systemctl reload apache2.service';
! 62: }
! 63: }
! 64: }
! 65: if (($command eq '') && (-x $checker_bin)) {
! 66: if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
! 67: my @lines = <PIPE>;
! 68: chomp(@lines);
! 69: close(PIPE);
! 70: if (grep(/^httpd/,@lines)) {
! 71: $command = '/etc/init.d/httpd reload';
! 72: } elsif (grep(/^apache2/,@lines)) {
! 73: $command = '/etc/init.d/apache2 reload';
! 74: } elsif (grep(/^apache\s+/,@lines)) {
! 75: $command = '/etc/init.d/apache reload';
! 76: }
! 77: }
! 78: }
! 79: if (($command eq '') && (-x $sysv_bin)) {
! 80: if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
! 81: my @lines = <PIPE>;
! 82: chomp(@lines);
! 83: close(PIPE);
! 84: if (grep(/^apache2/,@lines)) {
! 85: $command = '/etc/init.d/apache2 reload';
! 86: } elsif (grep(/^apache\s+/,@lines)) {
! 87: $command = '/etc/init.d/apache reload';
! 88: }
! 89: }
! 90: }
1.4 albertel 91:
1.1 foxr 92: # Do not print error messages
93: my $noprint=1;
94:
1.8 ! raeburn 95: if ($command eq '') {
! 96: print("Could not determine command to reload Apache.\n")
! 97: unless $noprint;
! 98: exit 1;
! 99: } else {
! 100: print "In apachereload" unless $noprint;
! 101: }
1.1 foxr 102:
103: # ----------------------------- Make sure this process is running from user=www
104: my $wwwid=getpwnam('www');
105: &disable_root_capability;
106: if ($wwwid!=$>) {
107: print("User ID mismatch. This program must be run as user 'www'\n")
108: unless $noprint;
109: exit 1;
110: }
111:
112: # ----------------------------------- Start running script with www permissions
113: &disable_root_capability;
114:
115: &enable_root_capability;
116: ($>,$<)=(0,0);
117:
118:
119: # Now run the reload:
120: #
121:
1.8 ! raeburn 122: system("$command > /dev/null 2>&1);
1.1 foxr 123:
124: &disable_root_capability;
125: exit 0;
126:
127: # ---------------------------------------------- have setuid script run as root
128: sub enable_root_capability {
129: if ($wwwid==$>) {
130: ($<,$>)=($>,0);
131: ($(,$))=($),0);
132: }
133: else {
134: # root capability is already enabled
135: }
136: return $>;
137: }
138:
139: # ----------------------------------------------- have setuid script run as www
140: sub disable_root_capability {
141: if ($wwwid==$<) {
142: ($<,$>)=($>,$<);
143: ($(,$))=($),$();
144: }
145: else {
146: # root capability is already disabled
147: }
148: }
149:
150: =head1 NAME
151:
152: apachereload -setuid script to reload the apache web server.
153:
154: =head1 DESCRIPTION
155:
156: LON-CAPA - setuid script to reload the apache web server.
157:
158: =head1 README
159:
160: LON-CAPA setuid script to reload the apache web server.
161:
162: =head1 PREREQUISITES
163:
164: =head1 COREQUISITES
165:
166: =pod OSNAMES
167:
168: linux
169:
170: =pod SCRIPT CATEGORIES
171:
172: LONCAPA/Administrative
173:
174: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to apachereload CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom