use strict;
BEGIN {
+ require Cwd;
+
+ my $dir = $0;
+ $dir = Cwd::getcwd() . '/' . $dir unless $dir =~ m|^/|;
+ $dir =~ s|[^/]+$|..|;
+
+ chdir($dir) || die "Cannot change directory to ${dir}\n";
+
unshift @INC, "modules/override"; # Use our own versions of various modules (e.g. YAML).
push @INC, "modules/fallback"; # Only use our own versions of modules if there's no system version.
}
use Data::Dumper;
use DateTime;
use English qw(-no_match_vars);
+use POSIX qw(setuid setgid);
use SL::Auth;
use SL::DB::BackgroundJob;
use SL::BackgroundJob::ALL;
use SL::LXDebug;
use SL::Locale;
-my %config;
+our %lx_office_conf;
# this is a cleaned up version of am.pl
# it lacks redirection, some html setup and most of the authentication process.
# it is assumed that anyone with physical access and execution rights on this script
# won't be hindered by authentication anyway.
sub lxinit {
- my $login = $config{task_server}->{login};
+ my $login = $lx_office_conf{task_server}->{login};
package main;
die "cannot find locale for user $login" unless $::locale = Locale->new('de');
}
+sub drop_privileges {
+ my $user = $lx_office_conf{task_server}->{run_as};
+ return unless $user;
+
+ my ($uid, $gid);
+ while (my @details = getpwent()) {
+ next unless $details[0] eq $user;
+ ($uid, $gid) = @details[2, 3];
+ last;
+ }
+ endpwent();
+
+ if (!$uid) {
+ print "Error: Cannot drop privileges to ${user}: user does not exist\n";
+ exit 1;
+ }
+
+ if (!setgid($gid)) {
+ print "Error: Cannot drop group privileges to ${user} (group ID $gid): $!\n";
+ exit 1;
+ }
+
+ if (!setuid($uid)) {
+ print "Error: Cannot drop user privileges to ${user} (user ID $uid): $!\n";
+ exit 1;
+ }
+}
+
sub gd_preconfig {
my $self = shift;
- read_config $self->{configfile} => %config;
+ read_config $self->{configfile} => %lx_office_conf;
- die "Missing section [task_server] in config file" unless $config{task_server};
- die "Missing key 'login' in section [task_server] in config file" unless $config{task_server}->{login};
+ die "Missing section [task_server] in config file" unless $lx_office_conf{task_server};
+ die "Missing key 'login' in section [task_server] in config file" unless $lx_office_conf{task_server}->{login};
+ drop_privileges();
lxinit();
return ();
sub gd_run {
while (1) {
my $ok = eval {
- $::lxdebug->message(0, "Retrieving jobs") if $config{task_server}->{debug};
+ $::lxdebug->message(0, "Retrieving jobs") if $lx_office_conf{task_server}->{debug};
my $jobs = SL::DB::Manager::BackgroundJob->get_all_need_to_run;
- $::lxdebug->message(0, " Found: " . join(' ', map { $_->package_name } @{ $jobs })) if $config{task_server}->{debug} && @{ $jobs };
+ $::lxdebug->message(0, " Found: " . join(' ', map { $_->package_name } @{ $jobs })) if $lx_office_conf{task_server}->{debug} && @{ $jobs };
+
+ foreach my $job (@{ $jobs }) {
+ # Provide fresh global variables in case legacy code modifies
+ # them somehow.
+ $::locale = Locale->new($::language);
+ $::form = Form->new;
- $_->run for @{ $jobs };
+ $job->run;
+ }
1;
};
- if ($config{task_server}->{debug}) {
+ if ($lx_office_conf{task_server}->{debug}) {
$::lxdebug->message(0, "Exception during execution: ${EVAL_ERROR}") if !$ok;
$::lxdebug->message(0, "Sleeping");
}
mkdir($pidbase) if !-d $pidbase;
-newdaemon(configfile => "${cwd}/config/task_server.conf",
+newdaemon(configfile => "${cwd}/config/lx_office.conf",
progname => 'lx-office-task-server',
pidbase => "${pidbase}/",
);
projects / mfinanz.git / blobdiff