From 6eed0200810e1b13fd1ca932d56e6029406e1095 Mon Sep 17 00:00:00 2001 From: Xavier Guimard Date: Fri, 26 Feb 2016 06:41:38 +0000 Subject: [PATCH] Try to change gid/uid when possible (#921) --- Makefile | 8 ++++---- lemonldap-ng-common/scripts/lemonldap-ng-cli | 6 ++++++ 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index 52402e631..aaa807c13 100644 --- a/Makefile +++ b/Makefile @@ -466,14 +466,14 @@ install_bin: install_conf_dir ${SRCCOMMONDIR}/scripts/lemonldap-ng-cli \ $(RBINDIR) @if [ ! "$(APACHEUSER)" ]; then \ - $(PERL) -i -pe 's#__APACHEUSER__#nobody#g;' $(RBINDIR)/lmConfigEditor; \ + $(PERL) -i -pe 's#__APACHEUSER__#nobody#g;' $(RBINDIR)/lmConfigEditor $(RBINDIR)/lemonldap-ng-cli; \ else \ - $(PERL) -i -pe 's#__APACHEUSER__#$(APACHEUSER)#g;' $(RBINDIR)/lmConfigEditor; \ + $(PERL) -i -pe 's#__APACHEUSER__#$(APACHEUSER)#g;' $(RBINDIR)/lmConfigEditor $(RBINDIR)/lemonldap-ng-cli; \ fi @if [ ! "$(APACHEGROUP)" ]; then \ - $(PERL) -i -pe 's#__APACHEGROUP__#nobody#g;' $(RBINDIR)/lmConfigEditor; \ + $(PERL) -i -pe 's#__APACHEGROUP__#nobody#g;' $(RBINDIR)/lmConfigEditor $(RBINDIR)/lemonldap-ng-cli; \ else \ - $(PERL) -i -pe 's#__APACHEGROUP__#$(APACHEGROUP)#g;' $(RBINDIR)/lmConfigEditor; \ + $(PERL) -i -pe 's#__APACHEGROUP__#$(APACHEGROUP)#g;' $(RBINDIR)/lmConfigEditor $(RBINDIR)/lemonldap-ng-cli; \ fi @chmod +x $(RBINDIR)/* diff --git a/lemonldap-ng-common/scripts/lemonldap-ng-cli b/lemonldap-ng-common/scripts/lemonldap-ng-cli index 2dfcaade7..139436871 100755 --- a/lemonldap-ng-common/scripts/lemonldap-ng-cli +++ b/lemonldap-ng-common/scripts/lemonldap-ng-cli @@ -2,9 +2,15 @@ use warnings; use strict; +use POSIX; my $action; +eval { + POSIX::setgid( scalar( getgrnam('__APACHEGROUP__') ) ); + POSIX::setuid( scalar( getpwnam('__APACHEUSER__') ) ); +}; + for ( my $i = 0 ; $i < @ARGV ; $i++ ) { if ( $ARGV[$i] =~ /^-/ ) { $i++;