version 1.19, 2003/02/03 18:03:52
|
version 1.22, 2010/10/12 10:33:47
|
Line 92 print "In lcpasswd" unless $noprint;
|
Line 92 print "In lcpasswd" unless $noprint;
|
|
|
# ----------------------------- Make sure this process is running from user=www |
# ----------------------------- Make sure this process is running from user=www |
my $wwwid=getpwnam('www'); |
my $wwwid=getpwnam('www'); |
&disable_root_capability; |
|
if ($wwwid!=$>) { |
if ($wwwid!=$<) { |
print("User ID mismatch. This program must be run as user 'www'\n") |
print("User ID mismatch. This program must be run as user 'www'\n") |
unless $noprint; |
unless $noprint; |
exit 1; |
exit 1; |
} |
} |
|
|
# ----------------------------------- Start running script with www permissions |
# ----------------------------------- Start running script with www permissions |
&disable_root_capability; |
|
|
|
# --------------------------- Handle case of another lcpasswd process (locking) |
# --------------------------- Handle case of another lcpasswd process (locking) |
unless (&try_to_lock('/tmp/lock_lcpasswd')) { |
unless (&try_to_lock('/tmp/lock_lcpasswd')) { |
Line 159 open OUT,"|pwchange $safeusername";
|
Line 159 open OUT,"|pwchange $safeusername";
|
print OUT $password1; |
print OUT $password1; |
print OUT "\n"; |
print OUT "\n"; |
close OUT; |
close OUT; |
($>,$<)=(0,500); |
($>,$<)=(0,$wwwid); |
|
|
print "pwchange done, back to uid 500" unless $noprint; |
print "pwchange done, back to uid $wwwid" unless $noprint; |
|
|
if ($?) { |
if ($?) { |
exit 8; |
exit 8; |
Line 173 if (-e '/usr/bin/smbpasswd') {
|
Line 173 if (-e '/usr/bin/smbpasswd') {
|
($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid |
($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid |
# environment |
# environment |
|
|
# If the -a swithc is put on the smbpasswd |
# If the -a switch is put on the smbpasswd |
# command line, either a new entry will be created or the old one |
# command line, either a new entry will be created or the old one |
# will be used. |
# will be used. |
# Therefore the old strategy of looking for and adding a dummy entry is |
# Therefore the old strategy of looking for and adding a dummy entry is |
Line 190 if (-e '/usr/bin/smbpasswd') {
|
Line 190 if (-e '/usr/bin/smbpasswd') {
|
print "smbpasswd done" unless $noprint; |
print "smbpasswd done" unless $noprint; |
} |
} |
|
|
&disable_root_capability; |
|
unlink('/tmp/lock_lcpasswd'); |
unlink('/tmp/lock_lcpasswd'); |
exit 0; |
exit 0; |
|
|
Line 222 sub try_to_lock {
|
Line 222 sub try_to_lock {
|
my ($lockfile)=@_; |
my ($lockfile)=@_; |
my $currentpid; |
my $currentpid; |
my $lastpid; |
my $lastpid; |
# Do not manipulate lock file as root |
|
if ($>==0) { |
|
return 0; |
|
} |
|
# Try to generate lock file. |
# Try to generate lock file. |
# Wait 3 seconds. If same process id is in |
# Wait 3 seconds. If same process id is in |
# lock file, then assume lock file is stale, and |
# lock file, then assume lock file is stale, and |