use FS::Conf;
@ISA = qw(Exporter);
-@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup
- adminsuidsetup getotaker dbh datasrc getsecrets driver_name );
+@EXPORT_OK = qw(checkeuid checkruid cgisuidsetup adminsuidsetup forksuidsetup
+ getotaker dbh datasrc getsecrets driver_name );
$freeside_uid = scalar(getpwnam('freeside'));
=head1 SYNOPSIS
use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker
- checkeuid checkruid swapuid);
+ checkeuid checkruid);
adminsuidsetup $user;
=cut
sub adminsuidsetup {
+ $dbh->disconnect if $dbh;
+ &forksuidsetup(@_);
+}
+sub forksuidsetup {
$user = shift;
croak "fatal: adminsuidsetup called without arguements" unless $user;
+ $user =~ /^([\w\-\.]+)/ or croak "fatal: illegal user $user";
+ $user = $1;
+
$ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
$ENV{'SHELL'} = '/bin/sh';
$ENV{'IFS'} = " \t\n";
'ChopBlanks' => 1,
} ) or die "DBI->connect error: $DBI::errstr\n";
- swapuid(); #go to non-privledged user if running setuid freeside
-
foreach ( keys %callback ) {
&{$callback{$_}};
}
} elsif ( $cgi && $cgi->isa('Apache') ) {
$user = lc ( $cgi->connection->user );
} else {
- die "fatal: Can't get REMOTE_USER! for cgi $cgi";
+ die "fatal: Can't get REMOTE_USER! for cgi $cgi - you need to setup ".
+ "Apache user authentication as documented in httemplate/docs/install.html";
}
$user;
}
( $< == $freeside_uid );
}
-=item swapuid
-
-Swaps real and effective UIDs.
-
-=cut
-
-sub swapuid {
- ($<,$>) = ($>,$<) if $< != $>;
-}
-
=item getsecrets [ USER ]
Sets the user to USER, if supplied.
=head1 VERSION
-$Id: UID.pm,v 1.5 2001-02-21 01:45:07 ivan Exp $
+$Id: UID.pm,v 1.13 2002-02-23 02:14:25 jeff Exp $
=head1 BUGS