1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
#!/usr/bin/perl
# $Id: youri-submit-proxy.in 1530 2007-03-08 20:42:13Z guillomovitch $
=head1 NAME
youri-submit-proxy - proxy wrapper over youri-submit-restricted
=head1 VERSION
Version 1.0
=head1 SYNOPSIS
youri-submit-proxy [options] <target> <files>
=head1 DESCRIPTION
youri-submit-proxy is a proxy wrapper over youri-submit-restricted, intended to
be used in collaborative work to change uid before calling it through sudo.
=head1 SEE ALSO
youri-submit-restricted(1), youri-submit(1)
=head1 COPYRIGHT AND LICENSE
Copyright (C) 2002-2006, YOURI project
This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
=cut
use strict;
use warnings;
use lib '@perllibdir@';
use Fcntl ':mode';
use File::Basename;
my ($uid, $gid);
if (-l $0) {
# this is a symlink, get uid and gid from it
($uid, $gid) = (lstat($0))[4, 5];
} else {
($uid, $gid) = (stat($0))[4, 5];
}
my $user = getpwuid($uid) or die "unknown uid $uid\n";
my $prog = '@bindir@/youri-submit-restricted';
my %dirs;
my @options;
foreach my $arg (@ARGV) {
if (-f $arg) {
# push parent dir in list
my $parent = dirname($arg);
$dirs{$parent}++;
}
push(@options, $arg);
}
foreach my $dir (keys %dirs) {
# save original perms and gid
my ($orig_mode, $orig_gid) = (stat($dir))[2,5];
$dirs{$dir} = {
mode => $orig_mode,
gid => $orig_gid
};
# ensure correct perms and gid
chown -1, $gid, $dir;
chmod $orig_mode|S_IRGRP|S_IWGRP, $dir;
}
# call wrapped program
my $status = system('sudo', '-H', '-u', $user, $prog, @options);
foreach my $dir (keys %dirs) {
# restore original perms and gid
chown -1, $dirs{$dir}->{gid}, $dir;
chmod $dirs{$dir}->{mode}, $dir;
}
exit($status >> 8);
|
