#!/usr/bin/perl
#
# Copyright Michigan State University Board of Trustees
#
# $Id: lcinstallfile,v 1.4 2009/05/13 15:04:03 raeburn Exp $
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or 
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# /home/httpd/html/adm/gpl.txt
#
#
#
# 2/17/2009 - Ron Fox
#
# http://www.lon-capa.org/
#
#  This file is a setuid script that allows lond or other www programs to install
#  a file in the lon capa table directory.
#
#  Invocation is as follows:
#    lcinstallfile  source_file_name dest_name
#
#  source_file_name - The full path for the source file.
#  dest_name        - The destination filename.  This will always be in the
#                     table file directory for this server.
#


use strict;

use lib "/home/httpd/lib/perl";     # Adjust if loncapa lib isn't installed here.
use LONCAPA;
use LONCAPA::Configuration;
use IO::File;
use File::Copy;



#
# Exit codes:
#
# 0    - ok
# 1    - Initial user ID was not www
# 3    - Usage error not enough command line arguments.
# 4    - source_file_name does not exist.
# 5    - destination file does not exist (not allowed to create new files).
# 6    - Some file operation failed.
# 7    - Invalid table filename.
#
my $noprint = 1;
#
#   Ensure we are www:
#
# 
print ("In lcinstallfile\n") unless $noprint;

my $wwwid=getpwnam('www');
&disable_root_capability;
if ($wwwid!=$>) {
    print("User ID mismatch.  This program must be run as user 'www'\n")
	unless $noprint;
    exit 1;
}
#
#  Ensure we have the right number of command args:
#
my $argc = scalar(@ARGV);
if ($argc != 2) {
    print("Usage: lcinstallfile sourcepath destfile had $argc parameters\n") unless $noprint;
    exit 2;
}
my $sourcepath = $ARGV[0];
my $destfile  = $ARGV[1];

print("From: $sourcepath to: $destfile\n") unless $noprint;


# Ensure the source file exists, and root can write it.:

# since this is a setuid program, the sourcepath and destfile
# must be pattern extracted else they are considered insecure and
# therefore not validated.  
# loncapa table files are all of the form.
#  something.tab where something is all letters and _'s.
#
if ($sourcepath =~ /^([\w\/]+\.\w+)$/) {
    $sourcepath = $1;
} else {
    print ("Invalid characters in filename '$sourcepath' \n") unless $noprint;
    exit 7;
}


if (! -r $sourcepath) {
    print("File $sourcepath either does not exist or cannot be read") unless $noprint;
    exit 4;
    
}
&enable_root_capability;

#
#  Figure out where the lontab directory is and create the destinationfile name:
#
#  We're not allowed to create new files, only replace existing files
#  so ensure that the final destination file actually exists.
#


#
# Now sanitize the final file:

my $final_file;
if ($destfile =~ /^([\w\/]+\.\w+)$/) {
    $final_file = $1;
} else {
    print ("'$final_file' failed regexp match\n") unless $noprint;
    exit 7;
}

if (! -w $final_file) {
    &disable_root_capability;
    print("The $final_file is either not writable, or does not exist.\n") unless $noprint;
    exit 5;
}
#
# Copy the destination file to a backup:
#
if (!copy($final_file, $final_file.'.backup')) {
    &disable_root_capability;
    print ("Failed to create backup copy of $final_file\n") unless $noprint;
    exit 6;
}
&enable_root_capability;

#  Install the new file to a temp file in the same dir so it can be mv'd in place
#  this prevents the possibility we wind up with a partial file.:

if (!copy($sourcepath, $final_file.'.new')) {
    &disable_root_capability;
    print("Failed to copy $sourcepath to a tempfile\n") unless $noprint;
    exit 6;
}
#
#  Move the temp file to the final file
#
if (!rename($final_file.'.new', $final_file)) {
    &disable_root_capability;
    print ("Failed to move installed file $final_file.new to final resting place\n")
	unless $noprint;
    exit 6;
}

#  Ready to exit with success

&disable_root_capability;
print ("$sourcepath installed to $final_file\n") unless $noprint;
exit 0;


#-------------------------------------------------------------------------
#
#  subs that control the setuid-edness of the program.

#  have setuid script run as root
sub enable_root_capability {
    if ($wwwid==$>) {
	($<,$>)=($>,0);
	($(,$))=($),0);
    } else {
	# root capability is already enabled
    }
    print ("Effective uid = $>\n");
    return $>;
}

#  have setuid script run as www
sub disable_root_capability {
    if ($wwwid==$<) {
	($<,$>)=($>,$<);
	($(,$))=($),$();
    } else {
	# root capability is already disabled
    }
}
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>500 Internal Server Error</title>
</head><body>
<h1>Internal Server Error</h1>
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>Please contact the server administrator at 
 root@localhost to inform them of the time this error occurred,
 and the actions you performed just before this error.</p>
<p>More information about this error may be available
in the server error log.</p>
</body></html>