Annotation of doc/loncapafiles/wrap_setuid.piml, revision 1.57

1.1       albertel    1: <!DOCTYPE piml PUBLIC "-//TUX/DTD piml 1.0 Final//EN" 
                      2: 	"http://lpml.sourceforge.net/DTD/piml.dtd">
                      3: <!-- wrap_setuid.piml -->
                      4: <!-- Guy Albertelli -->
                      5: 
1.57    ! raeburn     6: <!-- $Id: wrap_setuid.piml,v 1.56 2024/06/13 12:57:13 raeburn Exp $ -->
1.1       albertel    7: 
                      8: <!--
                      9: 
                     10: This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                     11: 
                     12: LON-CAPA is free software; you can redistribute it and/or modify
                     13: it under the terms of the GNU General Public License as published by
                     14: the Free Software Foundation; either version 2 of the License, or
                     15: (at your option) any later version.
                     16: 
                     17: LON-CAPA is distributed in the hope that it will be useful,
                     18: but WITHOUT ANY WARRANTY; without even the implied warranty of
                     19: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     20: GNU General Public License for more details.
                     21: 
                     22: You should have received a copy of the GNU General Public License
                     23: along with LON-CAPA; if not, write to the Free Software
                     24: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     25: 
                     26: /home/httpd/html/adm/gpl.txt
                     27: 
                     28: http://www.lon-capa.org/
                     29: 
                     30: -->
                     31: 
                     32: <piml>
                     33: <targetroot>/</targetroot>
                     34: <files>
                     35: <file>
                     36: <target dist="default">/home/httpd/perl</target>
                     37: <perlscript mode="fg" dist="default">
1.3       albertel   38: #print("Not wrapping setuid scripts\n");
1.1       albertel   39: </perlscript>
1.57    ! raeburn    40: <perlscript mode="fg" dist="suse9.2 suse9.3 sles9 sles10 sles11 sles12 sles15 suse10.1 suse10.2 suse10.3 suse11.1 suse11.2 suse11.3 suse11.4 suse12.1 suse12.2 suse12.3 suse13.1 suse13.2 fedora14 fedora15 fedora16 fedora17 fedora18 fedora19 fedora20 fedora21 fedora22 fedora23 fedora24 fedora25 fedora26 fedora27 fedora28 fedora29 fedora30 fedora31 fedora32 fedora33 fedora34 fedora35 fedora36 fedora37 fedora38 fedora39 fedora40 debian10 debian11 debian12 ubuntu12 ubuntu14 ubuntu16 ubuntu18 ubuntu20 ubuntu22 ubuntu24 rhes7 centos7 scientific7 oracle7 rhes8 centos8 oracle8 rocky8 alma8 centos8-stream centos9-stream rhes9 oracle9 rocky9 alma9">
1.1       albertel   41: 
                     42: $fslist='<TARGET />';
                     43: open(FIND,  "find <TARGET /> -xdev -type f \\( -perm -04000 -o -perm -02000 \\) -print|");
                     44: while (&lt;FIND&gt;) {
                     45:     chop;
                     46:     next unless -T;
                     47:     print("Fixing ", $_, "\n");
                     48:     ($dir,$file) = m|(.*)/(.*)|;
                     49:     chdir $dir || die "Can't chdir to $dir";
                     50:     ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,$atime,$mtime,$ctime,$blksize,$blocks)
                     51:      = stat($file);
                     52:     die("Can't stat $_") unless $ino;
                     53:     rename($file,".$file");
                     54:     chmod(($mode & 01777), ".$file");# wipe out set[ug]id bits
                     55:     open(C,"&gt;.tmp$$.c") || die("Can't write C program for $_");
                     56:     $real = "$dir/.$file";
                     57:     print C '
1.36      raeburn    58:         int execv (const char *filename, char *const argv[]);
                     59:         int main(argc,argv)
1.1       albertel   60:         int argc;
                     61:         char **argv;
                     62:         {
                     63:                 execv("' . $real . '",argv);
                     64:         }
                     65: ';
                     66:     close C;
                     67:     system('/usr/bin/cc', ".tmp$$.c", '-o', $file);
                     68:     die("Can't compile new $_") if $?;
                     69:     chown($uid, $gid, $file);
                     70:     chmod($mode, $file);
                     71: 
                     72:     unlink(".tmp$$.c");
                     73:     chdir('/');
                     74: }
                     75: 
                     76: </perlscript>
                     77: </file>
                     78: </files>
                     79: </piml>

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>