public/ws-vacation Changeset - r33:49ea552911f9

Changeset - r33:49ea552911f9

Parent rev.

Child rev.

[Not reviewed]

v0.9 default

0 4 1

Wolfgang Scherer (ws) - 12 years ago 2013-04-24 19:31:24
wolfgang.scherer@gmx.de

Functions test_readable/cat-file using sudo to allow home directories with permission 700.

5 files changed with 159 insertions and 12 deletions:

index.php

lib/config.php

lib/test_readable.sh

103

lib/util.php

lib/ws-vacation-sudo.in

0 comments (0 inline, 0 general)

index.php

➞

Show inline comments

@@ @@ -191,12 +191,12 @@ if ($_debug) { @@
 $vacation_msg_file = sprintf('%s/%s', $home, $VACATION_MSG_FILE);
 $vacation_db_file = sprintf('%s/%s', $home, $VACATION_DB_FILE);
 $forward_file = sprintf('%s/%s', $home, $FORWARD_FILE);
-$forward_active = file_exists($forward_file);
+$forward_active = test_readable($forward_file, $user);
 $forward_settings = Array(
     '\\'.$user, '', sprintf($VACATION_FORWARD_ENTRY, $user));
 if ($forward_active)
+{
-    $forward_settings = file_get_contents($forward_file);
+    $forward_settings = cat_file($forward_file, $user);
     $lines = explode("\n", $forward_settings);
     $forward_settings = preg_split('/, */', $lines[0]);
     if (count($forward_settings) < 3) {
@@ @@ -207,7 +207,7 @@ if ($forward_active) @@
 $vacation_setup_raw = isset($_REQUEST["raw"]);
 $vacation_clear = isset($_REQUEST['clear']);
-if ($vacation_clear || !file_exists($vacation_msg_file)) {
+if ($vacation_clear || !test_readable($vacation_msg_file, $user)) {
     // Reset to default
     $vacation_msg = get_text('vacation');
     $vacation_parts = vacation_split($vacation_msg, False);
@@ @@ -216,7 +216,7 @@ if ($vacation_clear || !file_exists($vac @@
     $vacation_msg = vacation_join($vacation_subject, $vacation_body);
     $vacation_setup_raw = False;
 } else {
-    $vacation_msg = file_get_contents($vacation_msg_file);
+    $vacation_msg = cat_file($vacation_msg_file, $user);
+}
 $message_parts = message_split($vacation_msg);
@@ @@ -335,7 +335,7 @@ if ($vacation_setup || $vacation_setup_r @@
         pclose($vacation_msg_pipe);
         // Initialize vacation(1) if necessary.
-        if (!file_exists($vacation_db_file)) {
+        if (!test_readable($vacation_db_file, $user)) {
             system(sprintf(
                        '%s -u %s %s %s -i',
                        $SUDO_CMD, $user, $SUDO_OPT_H, $VACATION_CMD));
@@ @@ -358,8 +358,8 @@ if ($vacation_setup || $vacation_setup_r @@
             pclose($forward_file_pipe);
         } else {
             system(sprintf(
                        '%s -u %s %s /bin/rm -f %s',
                        $SUDO_CMD, $user, $SUDO_OPT_H, $forward_file));
                        '%s -u %s %s %s %s',
                        $SUDO_CMD, $user, $SUDO_OPT_H, $RM_CMD, $forward_file));
+        }
         break;
+    }

lib/config.php

➞

Show inline comments

@@ @@ -71,6 +71,10 @@ @@
 $USER_ID_MAX = 60000;
 $SUDO_CMD = '/usr/bin/sudo';
 $SUDO_OPT_H = ' -H';
 $TEST_CMD = dirname(__FILE__) . '/test_readable.sh';
 $RM_CMD = '/bin/rm -f';
 $CAT_CMD = '/bin/cat';
 $WRITE_TO_CMD = dirname(__FILE__) . '/write_to.sh';
 $FORMAIL_CMD = '/usr/bin/formail';

lib/test_readable.sh

➞

Show inline comments

@@ new file 100755 @@
 #!/bin/sh
 # test_readable.sh - check whether file exists and is readable
 # usage: test_readable.sh file
 # Copyright (C) 2013, Wolfgang Scherer, <Wolfgang.Scherer at gmx.de>
 # Sponsored by WIEDENMANN SEILE GMBH, http://www.wiedenmannseile.de
+#
 # This file is part of Wiedenmann Vacation.
+#
 :  # script help
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 3 of the License, or
 # (at your option) any later version.
+#
 # This program is distributed in the hope that it will be useful, but
 # WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 # General Public License for more details.
+#
 # You should have received a copy of the GNU General Public License
 # along with this program. If not, see <http://www.gnu.org/licenses/>,
 # or write to Wolfgang Scherer, <Wolfgang.Scherer at gmx.de>
 # (progn (forward-line 1) (snip-insert "gen_hd-configuration" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh_b.prog-path" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh_b.config.sh" t t "sh") (insert ""))
 # --------------------------------------------------
 # |||:sec:||| FUNCTIONS
 # --------------------------------------------------
 usage ()
+{
     script_help="script-help"
     ( "${script_help}" ${1+"$@"} "${0}" ) 2>/dev/null \
     || ${SED__PROG-sed} -n '3,/^[^#]/{;/^[^#]/d;p;}' "${0}";
+}
 ## (progn (forward-line 1) (snip-insert "sh_f.hl" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh_f.vexec" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh_wsrfid.f.config_dump" t t "sh") (insert ""))
 ## (progn (forward-line 1) (snip-insert "sh.scr.sed" t t "sh") (insert "\n"))
 ## (progn (forward-line 1) (snip-insert "sh.scr.awk" t t "sh") (insert "\n"))
 ## (progn (forward-line 1) (snip-insert "sh.scr.perl" t t "sh") (insert "\n"))
 ## (progn (forward-line 1) (snip-insert "sh.scr.python" t t "sh") (insert "\n"))
 # (progn (forward-line 1) (snip-insert "sh_b.opt-loop" t t "sh") (insert "\n"))
 test x"${1+set}" = xset && \
 case "${1}" in
 -\?|-h|--help) usage; exit 0;;
 --docu) usage --full; exit 0;;
 esac
 # --------------------------------------------------
 # |||:sec:||| MAIN
 # --------------------------------------------------
 # |:here:|
 ## (progn (forward-line 1) (snip-insert-mode "sh.b.wrf.loop" t t) (insert "\n"))
 if test -r "${1}"
 then
     printf "yes\n"
 else
     printf "no\n"
 fi
 exit # |||:here:|||
+#
 # :ide-menu: Emacs IDE Main Menu - Buffer @BUFFER@
 # . M-x `eIDE-menu' (eIDE-menu "z")
 # :ide: OCCUR-OUTLINE: Sections: `||: sec :||'
 # . (x-symbol-tag-occur-outline "sec" '("||:" ":||") '("|:" ":|"))
 # :ide: MENU-OUTLINE:  Sections `||: sec :||'
 # . (x-eIDE-menu-outline "sec" '("||:" ":||") '("|:" ":|"))
 # :ide: +-#+
 # . Buffer Outline Sections ()
 # :ide: SHELL: Run with --docu
 # . (progn (save-buffer) (shell-command (concat "sh " (file-name-nondirectory (buffer-file-name)) " --docu")))
 # :ide: SHELL: Run with --help
 # . (progn (save-buffer) (shell-command (concat "sh " (file-name-nondirectory (buffer-file-name)) " --help")))
 # :ide: SHELL: Run w/o args
 # . (progn (save-buffer) (shell-command (concat "sh " (file-name-nondirectory (buffer-file-name)) " ")))
+#
 # Local Variables:
 # mode: sh
 # comment-start: "#"
 # comment-start-skip: "#+"
 # comment-column: 0
 # End:
 # mmm-classes: (here-doc ide-entries)

lib/util.php

➞

Show inline comments

@@ @@ -24,6 +24,36 @@ require_once(dirname(__FILE__) . '/../li @@
 require_once(dirname(__FILE__) . '/../lib/language.php');
 // --------------------------------------------------
 // |||:sec:||| Files
 // --------------------------------------------------
 function test_readable($file, $user)
+{
     global $SUDO_CMD, $SUDO_OPT_H, $TEST_CMD;
     $test_cmd = sprintf(
         "%s -u %s %s %s '%s'",
         $SUDO_CMD, $user, $SUDO_OPT_H, $TEST_CMD, $file);
     $test_ausgabe = popen ($test_cmd, 'r');
     $result = stream_get_contents($test_ausgabe);
     pclose($test_ausgabe);
     return (trim($result) == 'yes');
+}
 function cat_file($file, $user)
+{
     global $SUDO_CMD, $SUDO_OPT_H, $CAT_CMD;
     $cat_cmd = sprintf(
         "%s -u %s %s %s '%s'",
         $SUDO_CMD, $user, $SUDO_OPT_H, $CAT_CMD, $file);
     $cat_ausgabe = popen ($cat_cmd, 'r');
     $result = stream_get_contents($cat_ausgabe);
     pclose($cat_ausgabe);
     return $result;
+}
 // --------------------------------------------------
 // |||:sec:||| Benutzer
 // --------------------------------------------------

lib/ws-vacation-sudo.in

➞

Show inline comments

@@ @@ -3,9 +3,19 @@ User_Alias WWWRUN = wwwrun,www-data @@
 Runas_Alias NOTROOT = ALL,!root
 Cmnd_Alias VACATION=/usr/bin/vacation *
 Cmnd_Alias RM_FORWARD=/bin/rm -f /home/*/.forward
 Cmnd_Alias CAT_FORWARD=@base_dir@/lib/write_to.sh /home/*/.forward
 Cmnd_Alias CAT_VACATION_MSG=@base_dir@/lib/write_to.sh /home/*/.vacation.msg
 WWWRUN ALL=(NOTROOT) NOPASSWD: VACATION
 Cmnd_Alias TEST_FORWARD=@base_dir@/lib/test_readable.sh /home/*/.forward
 Cmnd_Alias TEST_VACATION_MSG=@base_dir@/lib/test_readable.sh /home/*/.vacation.msg
 Cmnd_Alias TEST_VACATION_DB=@base_dir@/lib/test_readable.sh /home/*/.vacation.db
 Cmnd_Alias GET_FORWARD=/bin/cat /home/*/.forward
 Cmnd_Alias GET_VACATION_MSG=/bin/cat /home/*/.vacation.msg
 Cmnd_Alias PUT_FORWARD=@base_dir@/lib/write_to.sh /home/*/.forward
 Cmnd_Alias PUT_VACATION_MSG=@base_dir@/lib/write_to.sh /home/*/.vacation.msg
 WWWRUN ALL=(NOTROOT) NOPASSWD: VACATION
 WWWRUN ALL=(NOTROOT) NOPASSWD: RM_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: CAT_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: CAT_VACATION_MSG
 WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_VACATION_MSG
 WWWRUN ALL=(NOTROOT) NOPASSWD: TEST_VACATION_DB
 WWWRUN ALL=(NOTROOT) NOPASSWD: GET_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: GET_VACATION_MSG
 WWWRUN ALL=(NOTROOT) NOPASSWD: PUT_FORWARD
 WWWRUN ALL=(NOTROOT) NOPASSWD: PUT_VACATION_MSG

0 comments (0 inline, 0 general)