X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FUID.pm;h=15f15a171c8bc01b390e7801759fe52b2a0e3c87;hp=7ebe592c3259f53a5398e6e817a3ba4e2d61d1fe;hb=98567e531e90ee1c7c195d5f1e708898d47a8452;hpb=20149aef93d4f0f5425d9581a914fd8215c835d7

diff --git a/FS/FS/UID.pm b/FS/FS/UID.pm
index 7ebe592c3..15f15a171 100644
--- a/FS/FS/UID.pm
+++ b/FS/FS/UID.pm
@@ -15,8 +15,8 @@ use DBI;
 use FS::Conf;
 
 @ISA = qw(Exporter);
-@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup
-                adminsuidsetup getotaker dbh datasrc getsecrets driver_name );
+@EXPORT_OK = qw(checkeuid checkruid cgisuidsetup adminsuidsetup forksuidsetup
+                getotaker dbh datasrc getsecrets driver_name );
 
 $freeside_uid = scalar(getpwnam('freeside'));
 
@@ -31,7 +31,7 @@ FS::UID - Subroutines for database login and assorted other stuff
 =head1 SYNOPSIS
 
   use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker
-  checkeuid checkruid swapuid);
+  checkeuid checkruid);
 
   adminsuidsetup $user;
 
@@ -65,10 +65,17 @@ Returns the DBI database handle (usually you don't need this).
 =cut
 
 sub adminsuidsetup {
+  $dbh->disconnect if $dbh;
+  &forksuidsetup(@_);
+}
 
+sub forksuidsetup {
   $user = shift;
   croak "fatal: adminsuidsetup called without arguements" unless $user;
 
+  $user =~ /^([\w\-\.]+)$/ or croak "fatal: illegal user $user";
+  $user = $1;
+
   $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin';
   $ENV{'SHELL'} = '/bin/sh';
   $ENV{'IFS'} = " \t\n";
@@ -76,18 +83,16 @@ sub adminsuidsetup {
   $ENV{'ENV'} = '';
   $ENV{'BASH_ENV'} = '';
 
-  croak "Not running uid freeside!" unless checkeuid();
+  croak "Not running uid freeside!" unless checkeuid() || !$>;
   getsecrets;
-  $dbh->disconnect if $dbh;
   $dbh = DBI->connect($datasrc,$db_user,$db_pass, {
                           'AutoCommit' => 0,
                           'ChopBlanks' => 1,
   } ) or die "DBI->connect error: $DBI::errstr\n";
 
-  swapuid(); #go to non-privledged user if running setuid freeside
-
   foreach ( keys %callback ) {
     &{$callback{$_}};
+    # breaks multi-database installs # delete $callback{$_}; #run once
   }
 
   $dbh;
@@ -187,7 +192,7 @@ sub cgisetotaker {
     $user = lc ( $cgi->connection->user );
   } else {
     die "fatal: Can't get REMOTE_USER! for cgi $cgi - you need to setup ".
-        "Apache user authentication as documented in htdocs/docs/config.html";
+        "Apache user authentication as documented in httemplate/docs/install.html";
   }
   $user;
 }
@@ -212,16 +217,6 @@ sub checkruid {
   ( $< == $freeside_uid );
 }
 
-=item swapuid
-
-Swaps real and effective UIDs.
-
-=cut
-
-sub swapuid {
-  ($<,$>) = ($>,$<) if $< != $>;
-}
-
 =item getsecrets [ USER ]
 
 Sets the user to USER, if supplied.
@@ -236,7 +231,7 @@ sub getsecrets {
   die "No user!" unless $user;
   my($conf) = new FS::Conf $conf_dir;
   my($line) = grep /^\s*$user\s/, $conf->config('mapsecrets');
-  die "User not found in mapsecrets!" unless $line;
+  die "User $user not found in mapsecrets!" unless $line;
   $line =~ /^\s*$user\s+(.*)$/;
   $secrets = $1;
   die "Illegal mapsecrets line for user?!" unless $secrets;
@@ -261,7 +256,7 @@ coderef into the hash %FS::UID::callback :
 
 =head1 VERSION
 
-$Id: UID.pm,v 1.7 2001-06-21 16:27:52 ivan Exp $
+$Id: UID.pm,v 1.17 2002-07-03 11:10:12 ivan Exp $
 
 =head1 BUGS