Commit 541a3586 authored by Leigh B. Stoller's avatar Leigh B. Stoller

Minor reorg of cvsupd startup. It now gets started by perl script that

flips the uid/gid to nobody/nobody. It would be good to run this in a
chroot shell, but that would be difficult given that we cannot easily
rebuild cvsupd (modula-3). The right solution is to either run it in a
jail or to move it to ops.

Note, files in the sup tree obviously have to be world readable for
cvsupd to send them off.
parent 4e5dc07e
......@@ -2,6 +2,11 @@
# Utah Network Testbed local startup
if [ -x @prefix@/sbin/ -a -x /usr/local/sbin/cvsupd ]; then
echo -n " cvsupd"
if [ -x @prefix@/sbin/dbboot ]; then
echo -n " dbboot"
......@@ -8,7 +8,7 @@ SUBDIR = rc.d
include $(OBJDIR)/Makeconf
# Force dependencies to make sure configure regenerates if the .in file
# is changed.
if [ -x /usr/local/sbin/cvsupd ];
/usr/local/sbin/cvsupd -l /var/log/cvsup.log -C 100 -b @prefix@/sup
......@@ -13,8 +13,8 @@ UNIFIED = @UNIFIED_BOSS_AND_OPS@
include $(OBJDIR)/Makeconf
BIN_SCRIPTS = delay_config sshtb create_image node_admin
SBIN_SCRIPTS = vlandiff vlansync withadminprivs export_tables
LIBEXEC_SCRIPTS = webcreateimage
SBIN_SCRIPTS = vlandiff vlansync withadminprivs export_tables
LIBEXEC_SCRIPTS = webcreateimage webaddpubkey
# These are the ones installed on plastic (users, control, etc).
#!/usr/bin/perl -w
# Copyright (c) 2000-2002 University of Utah and the Flux Group.
# All rights reserved.
use English;
my $TB = "/usr/testbed";
my $cvsupd = "/usr/local/sbin/cvsupd";
my $log = "cvsupd.log";
chdir("$TB/sup") or
die("Could no chdir to $TB/sup: $!\n");
my (undef,undef,$unix_uid) = getpwnam("nobody") or
die("No such user nobody\n");
my (undef,undef,$unix_gid) = getgrnam("nobody") or
die("No such group nobody\n");
if (! -e $log) {
system("touch $log");
chown($unix_uid, $unix_gid, $log);
# Flip to the user/group nobody.
$EGID = $GID = $unix_gid;
$EUID = $UID = $unix_uid;
exec "$cvsupd -l $log -C 100 -b .";
die("*** $0:\n".
" Could not exec cvsupd: $!\n");
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment