[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Koha-devel] z3950-daemon-launch.sh patch
From: |
Micheas Herman |
Subject: |
Re: [Koha-devel] z3950-daemon-launch.sh patch |
Date: |
Mon Nov 11 17:52:02 2002 |
On Mon, 2002-11-11 at 04:25, Andrew Arensburger wrote:
> On Sun, Nov 10, 2002 at 09:46:54AM -0800, Micheas Herman wrote:
> > FreeBSD's su command does not accept commands.
>
> From FreeBSD 4.4's su(8):
>
> SYNOPSIS
> su [-] [-Kflm] [-c class] [login [args]]
> ...
> If the optional args are provided on the command line, they are passed to
> the login shell of the target login.
>
> > Here is a patch. That works with FreeBSD 4.5 Release and Debian SID.
>
> > ? z3950-daemon-launch.sh.diff
> > Index: z3950-daemon-launch.sh
> > ===================================================================
> > RCS file: /cvsroot/koha/koha/acqui.simple/z3950-daemon-launch.sh,v
> > retrieving revision 1.3
> > diff -r1.3 z3950-daemon-launch.sh
> > 38c38,44
> > < su -s /bin/sh -c $KohaZ3950Shell - $RunAsUser &
> > ---
> > > if [ $(uname)=="FreeBSD" ]
> > > then
> > > setuidgid $RunAsUser $KohaZ3950Shell;
> > > else
> > > echo su -s /bin/sh -c $KohaZ3950Shell - $RunAsUser &;
> > > fi;
>
> FreeBSD 4.4 doesn't have a 'setuidgid' command. Nor do most
> other Unixes. However
>
> su $RunAsUser -c $KohaZ3950Shell &
>
> works fine for me (and should work on other Unixes as well).
>
My mistake. The "problem" is that my FreeBSD box has /dev/null as
the login shell for www (the apache user).
I've discovered (today) that the -c option passes the command to the
shell of the user. it does not run the command as that user. A
subtle difference.
> --
> Andrew Arensburger This message *does* represent the
> address@hidden views of ooblick.com
> Any closet is a walk-in closet if you try hard enough.
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Koha-devel mailing list
> address@hidden
> https://lists.sourceforge.net/lists/listinfo/koha-devel
I have a new patch that "works for me" now lets see if it works for
anyone else :-)
A more reliable way of starting daemon may be to use perl's suid
module.
Micheas
Index: z3950-daemon-launch.sh
===================================================================
RCS file: /cvsroot/koha/koha/acqui.simple/z3950-daemon-launch.sh,v
retrieving revision 1.3
diff -r1.3 z3950-daemon-launch.sh
1c1
< #!/bin/sh
---
> !/bin/sh
38c38,83
< su -s /bin/sh -c $KohaZ3950Shell - $RunAsUser &
---
> RunCommand="su -s /bin/sh -c $KohaZ3950Shell - $RunAsUser"
>
> #----------------------------
> # Now we work around nonexistent login shells as best we can
>
> ApacheShell=$( grep $RunAsUser /etc/passwd | awk -F ':' '{print($7)}' )
>
> if [ $ApacheShell=="/dev/null" ]
> then
> SetUidGid=$(which setuidgid)
> if [ ! -x $SetUidGid ]
> then
> echo "ERROR: Cannot run z3950-daemon-shell.sh as $RunAsUser"
> exit 1
> else
> RunCommand="setuidgid $RunAsUser $KohaZ3950Shell"
> fi
> fi
>
>
> if [ $ApacheShell=="/bin/false" ]
> then
> SetUidGid=$(which setuidgid)
> if [ ! -x $SetUidGid ]
> then
> echo "ERROR: Cannot run z3950-daemon-shell.sh as $RunAsUser"
> exit 1
> else
> RunCommand="setuidgid $RunAsUser $KohaZ3950Shell"
> fi
> fi
>
> if [ $ApacheShell=="/sbin/nologin" ]
> then
> SetUidGid=$(which setuidgid)
> if [ ! -x $SetUidGid ]
> then
> echo "ERROR: Cannot run z3950-daemon-shell.sh as $RunAsUser"
> exit 1
> else
> RunCommand="setuidgid $RunAsUser $KohaZ3950Shell"
> fi
> fi
>
> $RunCommand &
>