Annotation of loncom/apachereload, revision 1.9
1.1 foxr 1: #!/usr/bin/perl
2: # The Learning Online Network with CAPA
3: #
4: # apachereload - setuid script that reloads the apache daemon.
5: #
1.9 ! raeburn 6: # $Id: apachereload,v 1.8 2020/01/25 21:09:17 raeburn Exp $
1.1 foxr 7: #
1.4 albertel 8: # Copyright Michigan State University Board of Trustees
1.1 foxr 9: #
1.4 albertel 10: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
1.3 albertel 11: #
1.4 albertel 12: # LON-CAPA is free software; you can redistribute it and/or modify
13: # it under the terms of the GNU General Public License as published by
14: # the Free Software Foundation; either version 2 of the License, or
15: # (at your option) any later version.
1.2 albertel 16: #
1.4 albertel 17: # LON-CAPA is distributed in the hope that it will be useful,
18: # but WITHOUT ANY WARRANTY; without even the implied warranty of
19: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20: # GNU General Public License for more details.
1.2 albertel 21: #
1.4 albertel 22: # You should have received a copy of the GNU General Public License
23: # along with LON-CAPA; if not, write to the Free Software
24: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25: #
26: # /home/httpd/html/adm/gpl.txt
27: #
28: # http://www.lon-capa.org/
1.2 albertel 29: #
1.1 foxr 30:
31:
32: use strict;
33: #
34: # This script is a setuid script that must be run as user www
1.8 raeburn 35: # it effectively just executes one of the following five commands:
36: # /etc/init.d/httpd reload
37: # /etc/init.d/apache reload
38: # /etc/init.d/apache2 reload
39: # /bin/systemctl reload httpd.service
40: # /bin/systemctl reload apache2.service
41: # (depending on Linux distro) causing the apache daemon to get HUP'd.
42: # The script is run by lond after re-initing its host information.
1.1 foxr 43:
44: $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path
45: # information
46: delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints
47:
1.8 raeburn 48: my $command;
49: my $checker_bin = '/sbin/chkconfig';
50: my $sysctl_bin = '/bin/systemctl';
51: my $sysv_bin = '/usr/sbin/sysv-rc-conf';
52:
53: if (-x $sysctl_bin) {
54: if (open(PIPE,"$sysctl_bin list-unit-files --type=service 2>/dev/null |")) {
55: my @lines = <PIPE>;
56: chomp(@lines);
57: close(PIPE);
58: if (grep(/^httpd\.service/,@lines)) {
59: $command = '/bin/systemctl reload httpd.service';
60: } elsif (grep(/^apache2\.service/,@lines)) {
61: $command = '/bin/systemctl reload apache2.service';
62: }
63: }
64: }
65: if (($command eq '') && (-x $checker_bin)) {
66: if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
67: my @lines = <PIPE>;
68: chomp(@lines);
69: close(PIPE);
70: if (grep(/^httpd/,@lines)) {
71: $command = '/etc/init.d/httpd reload';
72: } elsif (grep(/^apache2/,@lines)) {
73: $command = '/etc/init.d/apache2 reload';
74: } elsif (grep(/^apache\s+/,@lines)) {
75: $command = '/etc/init.d/apache reload';
76: }
77: }
78: }
79: if (($command eq '') && (-x $sysv_bin)) {
80: if (open(PIPE,"$checker_bin --list 2>/dev/null |")) {
81: my @lines = <PIPE>;
82: chomp(@lines);
83: close(PIPE);
84: if (grep(/^apache2/,@lines)) {
85: $command = '/etc/init.d/apache2 reload';
86: } elsif (grep(/^apache\s+/,@lines)) {
87: $command = '/etc/init.d/apache reload';
88: }
89: }
90: }
1.4 albertel 91:
1.1 foxr 92: # Do not print error messages
93: my $noprint=1;
94:
1.8 raeburn 95: if ($command eq '') {
96: print("Could not determine command to reload Apache.\n")
97: unless $noprint;
98: exit 1;
99: } else {
100: print "In apachereload" unless $noprint;
101: }
1.1 foxr 102:
103: # ----------------------------- Make sure this process is running from user=www
104: my $wwwid=getpwnam('www');
105: &disable_root_capability;
106: if ($wwwid!=$>) {
107: print("User ID mismatch. This program must be run as user 'www'\n")
108: unless $noprint;
109: exit 1;
110: }
111:
112: # ----------------------------------- Start running script with www permissions
113: &disable_root_capability;
114:
115: &enable_root_capability;
116: ($>,$<)=(0,0);
117:
118:
119: # Now run the reload:
120: #
121:
1.9 ! raeburn 122: system("$command > /dev/null 2>&1");
1.1 foxr 123:
124: &disable_root_capability;
125: exit 0;
126:
127: # ---------------------------------------------- have setuid script run as root
128: sub enable_root_capability {
129: if ($wwwid==$>) {
130: ($<,$>)=($>,0);
131: ($(,$))=($),0);
132: }
133: else {
134: # root capability is already enabled
135: }
136: return $>;
137: }
138:
139: # ----------------------------------------------- have setuid script run as www
140: sub disable_root_capability {
141: if ($wwwid==$<) {
142: ($<,$>)=($>,$<);
143: ($(,$))=($),$();
144: }
145: else {
146: # root capability is already disabled
147: }
148: }
149:
150: =head1 NAME
151:
152: apachereload -setuid script to reload the apache web server.
153:
154: =head1 DESCRIPTION
155:
156: LON-CAPA - setuid script to reload the apache web server.
157:
158: =head1 README
159:
160: LON-CAPA setuid script to reload the apache web server.
161:
162: =head1 PREREQUISITES
163:
164: =head1 COREQUISITES
165:
166: =pod OSNAMES
167:
168: linux
169:
170: =pod SCRIPT CATEGORIES
171:
172: LONCAPA/Administrative
173:
174: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to apachereload CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom