Changeset 1474


Ignore:
Timestamp:
Feb 19, 2010, 4:18:13 PM (13 years ago)
Author:
ezyang
Message:
Specify uid 102 is signup, and remove dead SELinux code.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/server/common/patches/httpd-suexec-scripts.patch

    r1464 r1474  
    185185      */
    186186-    if ((uid == 0) || (uid < AP_UID_MIN)) {
    187 +    if ((uid == 0) || (uid < AP_UID_MIN && uid != 102)) {
     187+    if ((uid == 0) || (uid < AP_UID_MIN && uid != 102)) { /* uid 102 = signup  */
    188188         log_err("cannot run as forbidden uid (%d/%s)\n", uid, cmd);
    189189         exit(107);
    190190     }
    191 @@ -484,6 +563,21 @@
     191@@ -484,6 +563,7 @@
    192192         log_err("failed to setuid (%ld: %s)\n", uid, cmd);
    193193         exit(110);
    194194     }
    195 +    if (is_selinux_enabled()) {
    196 +        if (uid == 102) {
    197 +            if (setexeccon("system_u:system_r:signup_t:s0") == -1) {
    198 +                log_err("failed to setexeccon (%ld: %s) to signup_t\n", uid, cmd);
    199 +                exit(201);
    200 +            }
    201 +        } else {
    202 +            if (setexeccon("user_u:user_r:user_t:s0") == -1) {
    203 +                log_err("failed to setexeccon (%ld: %s) to user_t\n", uid, cmd);
    204 +                exit(202);
    205 +            }
    206 +        }
    207 +    }
    208 +
    209195+    setenv("HOME", target_homedir, 1);
    210196 
Note: See TracChangeset for help on using the changeset viewer.