X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FUID.pm;h=0b10612c53e852504253b11828e8b8bc5db7af72;hp=5cb5572afda56bf5dd6b4a0b9674ea63380833ef;hb=5786c8244a188823b01b87e2d7e9fd6bc72644b3;hpb=d220c8a4bfa1aee8f17ed71c2dba655160dd3595 diff --git a/FS/FS/UID.pm b/FS/FS/UID.pm index 5cb5572af..0b10612c5 100644 --- a/FS/FS/UID.pm +++ b/FS/FS/UID.pm @@ -15,8 +15,8 @@ use DBI; use FS::Conf; @ISA = qw(Exporter); -@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup - adminsuidsetup getotaker dbh datasrc getsecrets driver_name ); +@EXPORT_OK = qw(checkeuid checkruid cgisuidsetup adminsuidsetup forksuidsetup + getotaker dbh datasrc getsecrets driver_name ); $freeside_uid = scalar(getpwnam('freeside')); @@ -31,7 +31,7 @@ FS::UID - Subroutines for database login and assorted other stuff =head1 SYNOPSIS use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker - checkeuid checkruid swapuid); + checkeuid checkruid); adminsuidsetup $user; @@ -65,10 +65,17 @@ Returns the DBI database handle (usually you don't need this). =cut sub adminsuidsetup { + $dbh->disconnect if $dbh; + &forksuidsetup(@_); +} +sub forksuidsetup { $user = shift; croak "fatal: adminsuidsetup called without arguements" unless $user; + $user =~ /^([\w\-\.]+)$/ or croak "fatal: illegal user $user"; + $user = $1; + $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin'; $ENV{'SHELL'} = '/bin/sh'; $ENV{'IFS'} = " \t\n"; @@ -79,14 +86,13 @@ sub adminsuidsetup { croak "Not running uid freeside!" unless checkeuid(); getsecrets; $dbh = DBI->connect($datasrc,$db_user,$db_pass, { - 'AutoCommit' => 'false', - 'ChopBlanks' => 'true', + 'AutoCommit' => 0, + 'ChopBlanks' => 1, } ) or die "DBI->connect error: $DBI::errstr\n"; - swapuid(); #go to non-privledged user if running setuid freeside - foreach ( keys %callback ) { &{$callback{$_}}; + # breaks multi-database installs # delete $callback{$_}; #run once } $dbh; @@ -185,7 +191,8 @@ sub cgisetotaker { } elsif ( $cgi && $cgi->isa('Apache') ) { $user = lc ( $cgi->connection->user ); } else { - die "fatal: Can't get REMOTE_USER! for cgi $cgi"; + die "fatal: Can't get REMOTE_USER! for cgi $cgi - you need to setup ". + "Apache user authentication as documented in httemplate/docs/install.html"; } $user; } @@ -210,16 +217,6 @@ sub checkruid { ( $< == $freeside_uid ); } -=item swapuid - -Swaps real and effective UIDs. - -=cut - -sub swapuid { - ($<,$>) = ($>,$<) if $< != $>; -} - =item getsecrets [ USER ] Sets the user to USER, if supplied. @@ -234,7 +231,7 @@ sub getsecrets { die "No user!" unless $user; my($conf) = new FS::Conf $conf_dir; my($line) = grep /^\s*$user\s/, $conf->config('mapsecrets'); - die "User not found in mapsecrets!" unless $line; + die "User $user not found in mapsecrets!" unless $line; $line =~ /^\s*$user\s+(.*)$/; $secrets = $1; die "Illegal mapsecrets line for user?!" unless $secrets; @@ -259,7 +256,7 @@ coderef into the hash %FS::UID::callback : =head1 VERSION -$Id: UID.pm,v 1.4 2001-02-03 14:03:49 ivan Exp $ +$Id: UID.pm,v 1.18 2002-07-03 11:23:25 ivan Exp $ =head1 BUGS