From 541a3586fb734cca94d79722fd9017a67bf15408 Mon Sep 17 00:00:00 2001 From: "Leigh B. Stoller" Date: Mon, 26 Aug 2002 14:54:35 +0000 Subject: [PATCH] Minor reorg of cvsupd startup. It now gets started by perl script that flips the uid/gid to nobody/nobody. It would be good to run this in a chroot shell, but that would be difficult given that we cannot easily rebuild cvsupd (modula-3). The right solution is to either run it in a jail or to move it to ops. Note, files in the sup tree obviously have to be world readable for cvsupd to send them off. --- rc.d/3.testbed.sh.in | 5 +++++ rc.d/GNUmakefile.in | 2 +- rc.d/cvsupd.sh.in | 6 ------ utils/GNUmakefile.in | 6 +++--- utils/cvsupd.pl.in | 32 ++++++++++++++++++++++++++++++++ 5 files changed, 41 insertions(+), 10 deletions(-) delete mode 100755 rc.d/cvsupd.sh.in create mode 100755 utils/cvsupd.pl.in diff --git a/rc.d/3.testbed.sh.in b/rc.d/3.testbed.sh.in index 94a1fe423..e32c2dd2d 100755 --- a/rc.d/3.testbed.sh.in +++ b/rc.d/3.testbed.sh.in @@ -2,6 +2,11 @@ # # Utah Network Testbed local startup # +if [ -x @prefix@/sbin/cvsupd.pl -a -x /usr/local/sbin/cvsupd ]; then + echo -n " cvsupd" + @prefix@/sbin/cvsupd.pl +fi + if [ -x @prefix@/sbin/dbboot ]; then echo -n " dbboot" @prefix@/sbin/dbboot diff --git a/rc.d/GNUmakefile.in b/rc.d/GNUmakefile.in index 708109b77..73587fac6 100644 --- a/rc.d/GNUmakefile.in +++ b/rc.d/GNUmakefile.in @@ -8,7 +8,7 @@ SUBDIR = rc.d include $(OBJDIR)/Makeconf -RC_SCRIPTS = 2.mysql-server.sh 3.testbed.sh cvsupd.sh 2.elvind.sh +RC_SCRIPTS = 2.mysql-server.sh 3.testbed.sh 2.elvind.sh # # Force dependencies to make sure configure regenerates if the .in file # is changed. diff --git a/rc.d/cvsupd.sh.in b/rc.d/cvsupd.sh.in deleted file mode 100755 index 4264b8180..000000000 --- a/rc.d/cvsupd.sh.in +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/sh - -if [ -x /usr/local/sbin/cvsupd ]; -then - /usr/local/sbin/cvsupd -l /var/log/cvsup.log -C 100 -b @prefix@/sup -fi diff --git a/utils/GNUmakefile.in b/utils/GNUmakefile.in index 009945ff1..85c504e9e 100644 --- a/utils/GNUmakefile.in +++ b/utils/GNUmakefile.in @@ -12,9 +12,9 @@ UNIFIED = @UNIFIED_BOSS_AND_OPS@ include $(OBJDIR)/Makeconf -BIN_SCRIPTS = delay_config sshtb create_image node_admin -SBIN_SCRIPTS = vlandiff vlansync withadminprivs export_tables -LIBEXEC_SCRIPTS = webcreateimage +BIN_SCRIPTS = delay_config sshtb create_image node_admin +SBIN_SCRIPTS = vlandiff vlansync withadminprivs export_tables cvsupd.pl +LIBEXEC_SCRIPTS = webcreateimage webaddpubkey # # These are the ones installed on plastic (users, control, etc). diff --git a/utils/cvsupd.pl.in b/utils/cvsupd.pl.in new file mode 100755 index 000000000..38a2b4cd2 --- /dev/null +++ b/utils/cvsupd.pl.in @@ -0,0 +1,32 @@ +#!/usr/bin/perl -w +# +# EMULAB-COPYRIGHT +# Copyright (c) 2000-2002 University of Utah and the Flux Group. +# All rights reserved. +# +use English; + +my $TB = "/usr/testbed"; +my $cvsupd = "/usr/local/sbin/cvsupd"; +my $log = "cvsupd.log"; + +chdir("$TB/sup") or + die("Could no chdir to $TB/sup: $!\n"); + +my (undef,undef,$unix_uid) = getpwnam("nobody") or + die("No such user nobody\n"); +my (undef,undef,$unix_gid) = getgrnam("nobody") or + die("No such group nobody\n"); + +if (! -e $log) { + system("touch $log"); + chown($unix_uid, $unix_gid, $log); +} + +# Flip to the user/group nobody. +$EGID = $GID = $unix_gid; +$EUID = $UID = $unix_uid; + +exec "$cvsupd -l $log -C 100 -b ."; +die("*** $0:\n". + " Could not exec cvsupd: $!\n"); -- GitLab