/[smeserver]/rpms/e-smith-base/sme9/e-smith-base-5.4.0-fixwww.patch
ViewVC logotype

Annotation of /rpms/e-smith-base/sme9/e-smith-base-5.4.0-fixwww.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.2 - (hide annotations) (download)
Mon Mar 24 03:05:36 2014 UTC (10 years, 7 months ago) by wellsi
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +0 -0 lines
FILE REMOVED
* Sun Mar 23 2014 Ian Wells <esmith@wellsi.com> 5.6.0-1.sme
- Roll new stream to remove obsolete images [SME: 7962]

1 slords 1.1 diff -up e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.fixwww e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts
2     --- e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.fixwww 2013-03-09 15:25:42.230988632 -0700
3     +++ e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts 2013-03-09 15:25:25.879950605 -0700
4     @@ -48,6 +48,53 @@ system(qw(/usr/sbin/groupadd -g 21 -r -f
5     system(qw(/usr/sbin/useradd -u 38 -s /sbin/nologin -d /etc/ntp ntp))
6     unless (getpwnam("ntp"));
7    
8     +#--------------------------------------------------
9     +# create user "www" if not already present; otherwise change comment to
10     +# "e-smith private web server" (used to just say "e-smith web server")
11     +#--------------------------------------------------
12     +
13     +if ( !getpwnam("www") )
14     +{
15     + if ($ldapauth eq 'enabled')
16     + {
17     + `/usr/sbin/cpu groupadd -g 102 www`;
18     + `/usr/sbin/cpu useradd -u 102 -g 102 -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`;
19     + }
20     + else
21     + {
22     + die "Error creating www user or group" unless (
23     + system("/usr/sbin/groupadd -g 102 -o www") == 0 &&
24     + system("/usr/sbin/useradd -u 102 -g 102 -o -c 'e-smith web server' -d /home/e-smith -M -s /bin/false www") == 0
25     + );
26     + }
27     +}
28     +else
29     +{
30     + my $uid = `/usr/bin/id -u www`;
31     + chomp($uid);
32     + my $gid = `/usr/bin/id -g www`;
33     + chomp($gid);
34     + if ( $uid ne '102' || $gid ne '102' )
35     + {
36     + if ($ldapauth eq 'enabled')
37     + {
38     + die "Error changing www uid or gid" unless (
39     + system("/usr/sbin/cpu groupmod -g 102 www") == 0 &&
40     + system("/usr/sbin/cpu usermod -u 102 -g 102 www") == 0
41     + );
42     + }
43     + else
44     + {
45     + die "Error changing www uid or gid" unless (
46     + system("/usr/sbin/groupmod -g 102 -o www") == 0 &&
47     + system("/usr/sbin/usermod -u 102 -g 102 -o www") == 0
48     + );
49     + }
50     + warn "failed to fix permissions for www" unless (
51     + system("/bin/rpm --setugids horde imp-h3 ingo-h3 turba-h3 2> /dev/null") == 0
52     + );
53     + }
54     +}
55    
56     # create user "admin" if not already present;
57     if ( !getpwnam("admin") )
58     @@ -127,91 +174,46 @@ if ( !getpwnam("public") )
59     }
60    
61     #--------------------------------------------------
62     -# create user "www" if not already present; otherwise change comment to
63     -# "e-smith private web server" (used to just say "e-smith web server")
64     +# www account already exists. Make sure that it is in groups "admin"
65     +# and "shared" without disturbing any other group memberships.
66     +# First get list of existing groups for www.
67     #--------------------------------------------------
68    
69     -if ( !getpwnam("www") )
70     +my $groups = `/usr/bin/id -G -n www 2>/dev/null`;
71     +if ($? != 0)
72     {
73     - if ($ldapauth eq 'enabled')
74     - {
75     - `/usr/sbin/cpu useradd -u 102 -g 102 -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`;
76     - }
77     - else
78     - {
79     - `/usr/sbin/useradd -u 102 -g 102 -c 'e-smith web server' -d /home/e-smith -G shared -M -s /bin/false www`;
80     - }
81     + die "Failed to get supplementary group list for www.\n";
82     }
83     -else
84     -{
85     - my $uid = `/usr/bin/id -u www`;
86     - chomp($uid);
87     - my $gid = `/usr/bin/id -g www`;
88     - chomp($gid);
89     - if ( $uid ne '102' || $gid ne '102' )
90     - {
91     - if ($ldapauth eq 'enabled')
92     - {
93     - die "Error changing www uid or gid" unless (
94     - system("/usr/sbin/cpu groupmod -g 102 www") == 0 &&
95     - system("/usr/sbin/cpu usermod -u 102 -g 102 www") == 0
96     - );
97     - }
98     - else
99     - {
100     - die "Error changing www uid or gid" unless (
101     - system("/usr/sbin/groupmod -g 102 -o www") == 0 &&
102     - system("/usr/sbin/usermod -u 102 -g 102 -o www") == 0
103     - );
104     - }
105     - warn "failed to fix permissions for www" unless (
106     - system("/bin/rpm --setugids horde imp-h3 ingo-h3 turba-h3 2> /dev/null") == 0
107     - );
108     - }
109     -
110     -
111     - #--------------------------------------------------
112     - # www account already exists. Make sure that it is in groups "admin"
113     - # and "shared" without disturbing any other group memberships.
114     - # First get list of existing groups for www.
115     - #--------------------------------------------------
116     -
117     - my $groups = `/usr/bin/id -G -n www 2>/dev/null`;
118     - if ($? != 0)
119     - {
120     - die "Failed to get supplementary group list for www.\n";
121     - }
122     - chomp ($groups);
123     +chomp ($groups);
124    
125     - my @groupList = split (/\s+/, $groups);
126     +my @groupList = split (/\s+/, $groups);
127    
128     - #--------------------------------------------------
129     - # Modify group list to make sure "admin" and "shared"
130     - # are listed exactly once each.
131     - #--------------------------------------------------
132     +#--------------------------------------------------
133     +# Modify group list to make sure "admin" and "shared"
134     +# are listed exactly once each.
135     +#--------------------------------------------------
136    
137     - @groupList = grep (!/^www$/, @groupList);
138     - @groupList = grep (!/^shared$/, @groupList);
139     +@groupList = grep (!/^www$/, @groupList);
140     +@groupList = grep (!/^shared$/, @groupList);
141    
142     - push @groupList, 'shared';
143     +push @groupList, 'shared';
144    
145     - #--------------------------------------------------
146     - # Run usermod command to update group list for www.
147     - #--------------------------------------------------
148     +#--------------------------------------------------
149     +# Run usermod command to update group list for www.
150     +#--------------------------------------------------
151    
152     - $groups = join (',', sort (@groupList));
153     - if ($ldapauth eq 'enabled')
154     - {
155     - `/usr/sbin/cpu usermod -f 'e-smith' -E 'web server' -d /home/e-smith -G '$groups' -s /bin/false www`;
156     - }
157     - else
158     - {
159     - `/usr/sbin/usermod -c 'e-smith web server' -d /home/e-smith -G '$groups' -s /bin/false www`;
160     - }
161     - if ($? != 0)
162     - {
163     - die "Failed to modify supplementary group list for www.\n";
164     - }
165     +$groups = join (',', sort (@groupList));
166     +if ($ldapauth eq 'enabled')
167     +{
168     + `/usr/sbin/cpu usermod -f 'e-smith' -E 'web server' -d /home/e-smith -G '$groups' -s /bin/false www`;
169     +}
170     +else
171     +{
172     + `/usr/sbin/usermod -c 'e-smith web server' -d /home/e-smith -G '$groups' -s /bin/false www`;
173     +}
174     +if ($? != 0)
175     +{
176     + die "Failed to modify supplementary group list for www.\n";
177     }
178    
179     # Now that www exists, change uid/gid of user and group apache

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed