X-Git-Url: http://git.freeside.biz/gitweb/?p=freeside.git;a=blobdiff_plain;f=FS%2FFS%2FUID.pm;h=15f15a171c8bc01b390e7801759fe52b2a0e3c87;hp=88d7338290fa59c732566aa26cf00b867b75e348;hb=98567e531e90ee1c7c195d5f1e708898d47a8452;hpb=b4a403644cb80a612dd028882f971bdd20839275 diff --git a/FS/FS/UID.pm b/FS/FS/UID.pm index 88d733829..15f15a171 100644 --- a/FS/FS/UID.pm +++ b/FS/FS/UID.pm @@ -4,6 +4,7 @@ use strict; use vars qw( @ISA @EXPORT_OK $cgi $dbh $freeside_uid $user $conf_dir $secrets $datasrc $db_user $db_pass %callback $driver_name + $AutoCommit ); use subs qw( getsecrets cgisetotaker @@ -14,13 +15,15 @@ use DBI; use FS::Conf; @ISA = qw(Exporter); -@EXPORT_OK = qw(checkeuid checkruid swapuid cgisuidsetup - adminsuidsetup getotaker dbh datasrc getsecrets driver_name ); +@EXPORT_OK = qw(checkeuid checkruid cgisuidsetup adminsuidsetup forksuidsetup + getotaker dbh datasrc getsecrets driver_name ); $freeside_uid = scalar(getpwnam('freeside')); $conf_dir = "/usr/local/etc/freeside/"; +$AutoCommit = 1; #ours, not DBI + =head1 NAME FS::UID - Subroutines for database login and assorted other stuff @@ -28,7 +31,7 @@ FS::UID - Subroutines for database login and assorted other stuff =head1 SYNOPSIS use FS::UID qw(adminsuidsetup cgisuidsetup dbh datasrc getotaker - checkeuid checkruid swapuid); + checkeuid checkruid); adminsuidsetup $user; @@ -62,10 +65,17 @@ Returns the DBI database handle (usually you don't need this). =cut sub adminsuidsetup { + $dbh->disconnect if $dbh; + &forksuidsetup(@_); +} +sub forksuidsetup { $user = shift; croak "fatal: adminsuidsetup called without arguements" unless $user; + $user =~ /^([\w\-\.]+)$/ or croak "fatal: illegal user $user"; + $user = $1; + $ENV{'PATH'} ='/usr/local/bin:/usr/bin:/usr/ucb:/bin'; $ENV{'SHELL'} = '/bin/sh'; $ENV{'IFS'} = " \t\n"; @@ -73,17 +83,16 @@ sub adminsuidsetup { $ENV{'ENV'} = ''; $ENV{'BASH_ENV'} = ''; - croak "Not running uid freeside!" unless checkeuid(); + croak "Not running uid freeside!" unless checkeuid() || !$>; getsecrets; $dbh = DBI->connect($datasrc,$db_user,$db_pass, { - 'AutoCommit' => 'true', - 'ChopBlanks' => 'true', + 'AutoCommit' => 0, + 'ChopBlanks' => 1, } ) or die "DBI->connect error: $DBI::errstr\n"; - swapuid(); #go to non-privledged user if running setuid freeside - foreach ( keys %callback ) { &{$callback{$_}}; + # breaks multi-database installs # delete $callback{$_}; #run once } $dbh; @@ -182,7 +191,8 @@ sub cgisetotaker { } elsif ( $cgi && $cgi->isa('Apache') ) { $user = lc ( $cgi->connection->user ); } else { - die "fatal: Can't get REMOTE_USER! for cgi $cgi"; + die "fatal: Can't get REMOTE_USER! for cgi $cgi - you need to setup ". + "Apache user authentication as documented in httemplate/docs/install.html"; } $user; } @@ -207,16 +217,6 @@ sub checkruid { ( $< == $freeside_uid ); } -=item swapuid - -Swaps real and effective UIDs. - -=cut - -sub swapuid { - ($<,$>) = ($>,$<) if $< != $>; -} - =item getsecrets [ USER ] Sets the user to USER, if supplied. @@ -231,7 +231,7 @@ sub getsecrets { die "No user!" unless $user; my($conf) = new FS::Conf $conf_dir; my($line) = grep /^\s*$user\s/, $conf->config('mapsecrets'); - die "User not found in mapsecrets!" unless $line; + die "User $user not found in mapsecrets!" unless $line; $line =~ /^\s*$user\s+(.*)$/; $secrets = $1; die "Illegal mapsecrets line for user?!" unless $secrets; @@ -256,7 +256,7 @@ coderef into the hash %FS::UID::callback : =head1 VERSION -$Id: UID.pm,v 1.3 2000-06-23 12:25:59 ivan Exp $ +$Id: UID.pm,v 1.17 2002-07-03 11:10:12 ivan Exp $ =head1 BUGS