loncom/apachereload - view

File: [LON-CAPA] / loncom / apachereload
Revision 1.7: download - view: text, annotated - select for diffs
Sat May 14 16:12:53 2011 UTC (13 years, 7 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_11_2_uiuc, version_2_11_2_msu, version_2_11_2_educog, version_2_11_2, version_2_11_1, version_2_11_0_RC3, version_2_11_0_RC2, version_2_11_0_RC1, version_2_11_0, version_2_10_X, version_2_10_1, version_2_10_0, loncapaMITrelate_1, language_hyphenation_merge, language_hyphenation, HEAD, BZ4492-merge, BZ4492-feature_horizontal_radioresponse, BZ4492-feature_Support_horizontal_radioresponse, BZ4492-Support_horizontal_radioresponse

- Duplicated &try_to_lock() routine moved to one location (in LONCAPA.pm).
- Try to get locks for lock_apachereload and lock_lciptables before
  making system calls (in lond and loncron respectively).

#!/usr/bin/perl # The Learning Online Network with CAPA # # apachereload - setuid script that reloads the apache daemon. # # $Id: apachereload,v 1.7 2011/05/14 16:12:53 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # # This file is part of the LearningOnline Network with CAPA (LON-CAPA). # # LON-CAPA is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # LON-CAPA is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with LON-CAPA; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # /home/httpd/html/adm/gpl.txt # # http://www.lon-capa.org/ # use strict; # # This script is a setuid script that must be run as user www # it effectively just executes /etc/init.d/httpd reload. # causing the apache daemon to get HUP'd. The script is # run by lond after re-initing it's host information. $ENV{'PATH'}='/bin:/usr/bin:/usr/local/sbin:/home/httpd/perl'; # Nullify path # information delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; # nullify potential taints my $command = "/etc/init.d/httpd reload"; use lib '/home/httpd/lib/perl/'; use LONCAPA::Configuration; my %perlvar= %{&LONCAPA::Configuration::read_conf('loncapa.conf')}; my ($execdir) = ($perlvar{'lonDaemons'} =~/(.*)/); my $dist=`$execdir/distprobe`; if ($dist =~ /^(suse|sles)/) { $command = "/etc/init.d/apache reload"; } # Do not print error messages my $noprint=1; print "In apachereload" unless $noprint; # ----------------------------- Make sure this process is running from user=www my $wwwid=getpwnam('www'); &disable_root_capability; if ($wwwid!=$>) { print("User ID mismatch. This program must be run as user 'www'\n") unless $noprint; exit 1; } # ----------------------------------- Start running script with www permissions &disable_root_capability; &enable_root_capability; ($>,$<)=(0,0); # Now run the reload: # system($command); &disable_root_capability; exit 0; # ---------------------------------------------- have setuid script run as root sub enable_root_capability { if ($wwwid==$>) { ($<,$>)=($>,0); ($(,$))=($),0); } else { # root capability is already enabled } return $>; } # ----------------------------------------------- have setuid script run as www sub disable_root_capability { if ($wwwid==$<) { ($<,$>)=($>,$<); ($(,$))=($),$(); } else { # root capability is already disabled } } =head1 NAME apachereload -setuid script to reload the apache web server. =head1 DESCRIPTION LON-CAPA - setuid script to reload the apache web server. =head1 README LON-CAPA setuid script to reload the apache web server. =head1 PREREQUISITES =head1 COREQUISITES =pod OSNAMES linux =pod SCRIPT CATEGORIES LONCAPA/Administrative =cut