version 1.3, 2002/07/17 17:55:07
|
version 1.8, 2002/11/26 15:26:44
|
Line 1
|
Line 1
|
|
<!DOCTYPE piml PUBLIC "-//TUX/DTD piml 1.0 Final//EN" |
|
"http://lpml.sourceforge.net/DTD/piml.dtd"> |
<!-- sanitycheck.piml --> |
<!-- sanitycheck.piml --> |
<!-- Scott Harrison --> |
<!-- Scott Harrison --> |
|
|
Line 31 http://www.lon-capa.org/
|
Line 33 http://www.lon-capa.org/
|
<targetroot>/</targetroot> |
<targetroot>/</targetroot> |
<files> |
<files> |
<file> |
<file> |
|
<target dist='default'>/var/lib/mysql/mysql.sock</target> |
|
<target dist='redhat7.2 redhat7.3'>/tmp/mysql.sock</target> |
|
<perlscript mode='fg'> |
|
unless |
|
(-e '<TARGET />') # Does file exist? |
|
{ |
|
print("**** ERROR **** Missing <TARGET />\n"); |
|
} |
|
else # It exists, so look at the file metadata more closely. |
|
{ |
|
my @s = stat('<TARGET />'); |
|
my $uid = $s[4]; |
|
my $mode = $s[2]; |
|
my $web_uid = getpwnam('www'); |
|
my $smode = sprintf("%04o",$mode & 07777); |
|
|
|
if ($uid ne $web_uid) # If file owned by someone else other than www. |
|
{ |
|
print('**** ERROR **** <TARGET /> should be owned by'. |
|
' www.'."\n".'Try these commands to make things right:'."\n". |
|
'chown www:www <TARGET />'."\n". |
|
'chmod a-rwx,u+rwx <TARGET />'."\n"); |
|
} |
|
else # Check permissions on the file to make sure it is private to www. |
|
{ |
|
$smode =~ /^.(.)..$/; |
|
my $wflag = $1; |
|
if ($wflag != 7) # Can www use this socket? (Hope so!) |
|
{ |
|
print('**** ERROR **** '. |
|
'<TARGET /> should be user "rwx" (by'. |
|
' www).'."\n".'Try these commands to make things right:'."\n". |
|
'chown www:www <TARGET />'."\n". |
|
'chmod a-rwx,u+rwx <TARGET />'."\n"); |
|
} |
|
$smode=~/^..(..)$/; |
|
$wflag=$1; |
|
if ($wflag ne "00") # Can others use this socket? (Hope not!) |
|
{ |
|
print('**** ERROR **** '. |
|
'<TARGET /> should not be group or everybody accessible'. |
|
'.'."\n".'Try these commands to make things right:'."\n". |
|
'chown www:www <TARGET />'."\n". |
|
'chmod a-rwx,u+rwx <TARGET />'."\n"); |
|
} |
|
} |
|
} |
|
</perlscript> |
|
</file> |
|
<file> |
<target dist='default'>/etc/httpd/conf/loncapa.conf</target> |
<target dist='default'>/etc/httpd/conf/loncapa.conf</target> |
<perlscript mode='fg'> |
<perlscript mode='fg'> |
open IN, "<<TARGET />"; |
open IN, "<<TARGET />"; |
Line 48 while (<IN>) {
|
Line 100 while (<IN>) {
|
$dbug=0; |
$dbug=0; |
$dbug=1 if $v=~/\W/; |
$dbug=1 if $v=~/\W/; |
$dbug=1 if $v=~/\_/; |
$dbug=1 if $v=~/\_/; |
|
# Avoid namespace conflicts under the web server's DocumentRoot. |
|
my @badnames=('raw','userfiles','priv','adm','uploaded'); |
|
foreach my $bad (@badnames) { |
|
$dbug=1 if $v eq $bad; |
|
} |
} |
} |
} |
} |
if ($hbug) { |
if ($hbug) { |