koha-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Koha-devel] z3950-daemon-launch.sh patch

From: Micheas Herman
Subject: Re: [Koha-devel] z3950-daemon-launch.sh patch
Date: Mon Nov 11 17:52:02 2002 

On Mon, 2002-11-11 at 04:25, Andrew Arensburger wrote:
> On Sun, Nov 10, 2002 at 09:46:54AM -0800, Micheas Herman wrote:
> > FreeBSD's su command does not accept commands.  
> 
>       From FreeBSD 4.4's su(8):
> 
> SYNOPSIS
>      su [-] [-Kflm] [-c class] [login [args]]
> ...
>      If the optional args are provided on the command line, they are passed to
>      the login shell of the target login.
> 
> > Here is a patch. That works with FreeBSD 4.5 Release and Debian SID.
> 
> > ? z3950-daemon-launch.sh.diff
> > Index: z3950-daemon-launch.sh
> > ===================================================================
> > RCS file: /cvsroot/koha/koha/acqui.simple/z3950-daemon-launch.sh,v
> > retrieving revision 1.3
> > diff -r1.3 z3950-daemon-launch.sh
> > 38c38,44
> > < su -s /bin/sh -c $KohaZ3950Shell - $RunAsUser &
> > ---
> > > if [  $(uname)=="FreeBSD" ]
> > > then
> > >   setuidgid $RunAsUser $KohaZ3950Shell;
> > > else  
> > >   echo su -s /bin/sh -c $KohaZ3950Shell - $RunAsUser &;
> > > fi;
> 
>       FreeBSD 4.4 doesn't have a 'setuidgid' command. Nor do most
> other Unixes. However
> 
>       su $RunAsUser -c $KohaZ3950Shell &
> 
> works fine for me (and should work on other Unixes as well).
> 

    My mistake.  The "problem" is that my FreeBSD box has /dev/null as
    the login shell for www (the apache user).  
    
    I've discovered (today) that the -c option passes the command to the
    shell of the user. it does not run the command as that user.  A
    subtle difference.
    

> -- 
> Andrew Arensburger                      This message *does* represent the
> address@hidden                      views of ooblick.com
>       Any closet is a walk-in closet if you try hard enough.
> 
> 
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Koha-devel mailing list
> address@hidden
> https://lists.sourceforge.net/lists/listinfo/koha-devel



    I have a new patch that "works for me" now lets see if it works for
    anyone else :-)
    
    A more reliable way of starting daemon may be to use perl's suid
    module. 
    
    Micheas



Index: z3950-daemon-launch.sh
===================================================================
RCS file: /cvsroot/koha/koha/acqui.simple/z3950-daemon-launch.sh,v
retrieving revision 1.3
diff -r1.3 z3950-daemon-launch.sh
1c1
< #!/bin/sh
---
> !/bin/sh
38c38,83
< su -s /bin/sh -c $KohaZ3950Shell - $RunAsUser &
---
> RunCommand="su -s /bin/sh -c $KohaZ3950Shell - $RunAsUser"
> 
> #----------------------------
> # Now we work around  nonexistent login shells as best we can
> 
> ApacheShell=$( grep $RunAsUser /etc/passwd | awk -F ':' '{print($7)}' )
> 
> if [ $ApacheShell=="/dev/null" ] 
> then
>   SetUidGid=$(which setuidgid)
>   if [ ! -x $SetUidGid ]
>   then
>      echo "ERROR: Cannot run z3950-daemon-shell.sh as $RunAsUser"
>        exit 1
>   else
>      RunCommand="setuidgid $RunAsUser $KohaZ3950Shell"
>   fi
> fi    
> 
> 
> if [ $ApacheShell=="/bin/false" ] 
> then
>   SetUidGid=$(which setuidgid)
>   if [ ! -x $SetUidGid ]
>   then
>      echo "ERROR: Cannot run z3950-daemon-shell.sh as $RunAsUser"
>        exit 1
>   else
>      RunCommand="setuidgid $RunAsUser $KohaZ3950Shell"
>   fi
> fi    
> 
> if [ $ApacheShell=="/sbin/nologin" ] 
> then
>   SetUidGid=$(which setuidgid)
>   if [ ! -x $SetUidGid ]
>   then
>      echo "ERROR: Cannot run z3950-daemon-shell.sh as $RunAsUser"
>        exit 1
>   else
>      RunCommand="setuidgid $RunAsUser $KohaZ3950Shell"
>   fi
> fi    
> 
> $RunCommand &
>
reply via email to
[Prev in Thread] Current Thread [Next in Thread]