/**
* Open session, adjust UID if required
*/
public static function open($admin = false)
{
if (PHP_SESSION_ACTIVE == session_status()) {
throw new \LogicException('Session already open');
}
// automatic admin mode for command line testing if root
$session_file = session_save_path() . DIRECTORY_SEPARATOR . 'sess_' . static::SESSION_ID;
if (file_exists($session_file) && is_readable($session_file)) {
$session_owner = fileowner($session_file);
if ($session_owner !== posix_getuid() && 0 === posix_getuid()) {
// echo("o: $session_owner\n");
$admin = true;
}
$_SESSION['_dirty'] = microtime();
}
// set effective uid of session owner
if ($admin) {
static::$pre_session_uid = posix_getuid();
posix_seteuid(posix_getpwnam(static::SESSION_ADMIN_USER)['uid']);
}
// tie all users to single session
session_id(static::SESSION_ID);
if (false === session_start()) {
throw new \RuntimeException('Could not start session');
}
// update sesson with current configuration
// TODO check if necessary
foreach (ConfigDB::read('cfg_engine') as $row) {
$_SESSION[$row['param']] = $row['value'];
}
}
function migrateGroup($group)
{
$groups = parseGroupFile();
if (!isset($groups[$group])) {
return false;
}
$group = $groups[$group];
global $wgAuth;
$dbw = $wgAuth->getDB(DB_WRITE);
if (false == $dbw->insert('groups', array('grp_name' => $group['name'], 'grp_password' => $group['password'], 'grp_gid' => $group['gid']), __METHOD__)) {
return false;
}
foreach ($group['members'] as $user) {
$pwd = posix_getpwnam($user);
if (!$pwd) {
return false;
}
print "Migrating {$pwd['name']}\n";
if (false == $dbw->insert('group_membership', array('gm_group' => $group['name'], 'gm_user' => $pwd['uid']), __METHOD__)) {
$dbw->rollback();
return false;
}
}
$dbw->commit();
wfDoUpdates();
return true;
}
public function import($login_)
{
Logger::debug('main', 'UserDB::unix::import(' . $login_ . ')');
$tab = posix_getpwnam($login_);
if (is_array($tab)) {
$u = new User();
if (isset($tab['name'])) {
$u->setAttribute('login', $tab['name']);
}
if (isset($tab['gecos'])) {
$ex = explode(',', $tab['gecos']);
$u->setAttribute('displayname', $ex[0]);
}
if (isset($tab['uid'])) {
$u->setAttribute('uid', $tab['uid']);
}
if (isset($tab['gid'])) {
$u->setAttribute('gid', $tab['gid'], 1);
}
if (isset($tab['dir'])) {
$u->setAttribute('homedir', $tab['dir']);
}
return $u;
}
return NULL;
}
private function doPut($token, $payload, $user = null)
{
Assert::string($token, "Token must be a string. Got: %s");
Assert::string($payload, "Payload must be a string. Got: %s");
Assert::nullOrString($user, "User must be a string or null. Got: %s");
$path = $this->docroot . "/.well-known/acme-challenge";
$realpath = realpath($path);
if (!realpath($this->docroot)) {
throw new ChallengeStoreException("Document root doesn't exist: '{$this->docroot}'");
}
if (!$realpath && !@mkdir($path, 0755, true)) {
throw new ChallengeStoreException("Couldn't create public directory to serve the challenges: '{$path}'");
}
if ($user) {
if (!($userInfo = posix_getpwnam($user))) {
throw new ChallengeStoreException("Unknown user: '******'");
}
}
if (isset($userInfo)) {
(yield \Amp\File\chown($this->docroot . "/.well-known", $userInfo["uid"], -1));
(yield \Amp\File\chown($this->docroot . "/.well-known/acme-challenge", $userInfo["uid"], -1));
}
(yield \Amp\File\put("{$path}/{$token}", $payload));
if (isset($userInfo)) {
(yield \Amp\File\chown("{$path}/{$token}", $userInfo["uid"], -1));
}
(yield \Amp\File\chmod("{$path}/{$token}", 0644));
}
/**
* @version $Id: footer.php 107 2008-07-22 17:27:12Z soeren $
* @package eXtplorer
* @copyright soeren 2007
* @author The eXtplorer project (http://sourceforge.net/projects/extplorer)
* @author The The QuiX project (http://quixplorer.sourceforge.net)
*
* @license
* The contents of this file are subject to the Mozilla Public License
* Version 1.1 (the "License"); you may not use this file except in
* compliance with the License. You may obtain a copy of the License at
* http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS IS"
* basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the
* License for the specific language governing rights and limitations
* under the License.
*
* Alternatively, the contents of this file may be used under the terms
* of the GNU General Public License Version 2 or later (the "GPL"), in
* which case the provisions of the GPL are applicable instead of
* those above. If you wish to allow use of your version of this file only
* under the terms of the GPL and not to allow others to use
* your version of this file under the MPL, indicate your decision by
* deleting the provisions above and replace them with the notice and
* other provisions required by the GPL. If you do not delete
* the provisions above, a recipient may use your version of this file
* under either the MPL or the GPL."
*
* Shows the About Box!
*/
function show_about()
{
// footer for html-page
echo "\n<div id=\"ext_footer\" style=\"text-align:center;\">\r\n\t<img src=\"" . _EXT_URL . "/images/MangosWeb_small.png\" align=\"middle\" alt=\"Mangosweb Enhanced Logo\" />\r\n\t<br />\r\n\t" . ext_Lang::msg('your_version') . ": <a href=\"" . $GLOBALS['ext_home'] . "\" target=\"_blank\">eXtplorer {$GLOBALS['ext_version']}</a>\r\n\t<br />\r\n (<a href=\"http://virtuemart.net/index2.php?option=com_versions&catid=5&myVersion=" . $GLOBALS['ext_version'] . "\" onclick=\"javascript:void window.open('http://virtuemart.net/index2.php?option=com_versions&catid=5&myVersion=" . $GLOBALS['ext_version'] . "', 'win2', 'status=no,toolbar=no,scrollbars=yes,titlebar=no,menubar=no,resizable=yes,width=640,height=580,directories=no,location=no'); return false;\" title=\"" . $GLOBALS["messages"]["check_version"] . "\">" . $GLOBALS["messages"]["check_version"] . "</a>)\r\n\t\r\n\t";
if (function_exists("disk_free_space")) {
$size = disk_free_space($GLOBALS['home_dir'] . $GLOBALS['separator']);
$free = parse_file_size($size);
} elseif (function_exists("diskfreespace")) {
$size = diskfreespace($GLOBALS['home_dir'] . $GLOBALS['separator']);
$free = parse_file_size($size);
} else {
$free = "?";
}
echo '<br />' . $GLOBALS["messages"]["miscfree"] . ": " . $free . " \n";
if (extension_loaded("posix")) {
$owner_info = '<br /><br />' . ext_Lang::msg('current_user') . ' ';
if (ext_isFTPMode()) {
$my_user_info = posix_getpwnam($_SESSION['ftp_login']);
$my_group_info = posix_getgrgid($my_user_info['gid']);
} else {
$my_user_info = posix_getpwuid(posix_geteuid());
$my_group_info = posix_getgrgid(posix_getegid());
}
$owner_info .= $my_user_info['name'] . ' (' . $my_user_info['uid'] . '), ' . $my_group_info['name'] . ' (' . $my_group_info['gid'] . ')';
echo $owner_info;
}
echo "\r\n\t</div>";
}
/**
* Check the username / password against the PAM system
*/
function SQUID_PAM_check($username, $password)
{
global $c;
$script = $c->authenticate_hook['config']['script'];
if (empty($script)) {
$script = $c->authenticate_hook['config']['path'];
}
$cmd = sprintf('echo %s %s | %s -n common-auth', escapeshellarg($username), escapeshellarg($password), $script);
$auth_result = exec($cmd);
if ($auth_result == "OK") {
dbg_error_log('pwauth', 'User %s successfully authenticated', $username);
$principal = new Principal('username', $username);
if (!$principal->Exists()) {
dbg_error_log('pwauth', 'User %s does not exist in local db, creating', $username);
$pwent = posix_getpwnam($username);
$gecos = explode(',', $pwent['gecos']);
$fullname = $gecos[0];
$principal->Create(array('username' => $username, 'user_active' => 't', 'email' => sprintf('%s@%s', $username, $email_base), 'fullname' => $fullname));
if (!$principal->Exists()) {
dbg_error_log("PAM", "Unable to create local principal for '%s'", $username);
return false;
}
CreateHomeCalendar($username);
}
return $principal;
} else {
dbg_error_log("PAM", "User %s is not a valid username (or password was wrong)", $username);
return false;
}
}
public static function setuidgid($user)
{
$uid = posix_getuid();
if ($uid !== 0) {
throw new \RuntimeException("setuidgid is only root");
}
$nam = posix_getpwnam($user);
if (!$nam) {
throw new \RuntimeException("unkonwn user \"{$user}\"");
}
$uid = $nam['uid'];
$gid = $nam['gid'];
if (!posix_setgid($gid)) {
throw new \RuntimeException("unable setgid({$gid})");
}
if (!posix_setegid($gid)) {
throw new \RuntimeException("unable setegid({$gid})");
}
if (!posix_setuid($uid)) {
throw new \RuntimeException("unable setuid({$uid})");
}
if (!posix_seteuid($uid)) {
throw new \RuntimeException("unable seteuid({$uid})");
}
}
/**
* 检查启动worker进程的的用户是否合法
* @return void
*/
public static function checkWorkerUserName($worker_user)
{
if ($worker_user) {
$user_info = posix_getpwnam($worker_user);
return !empty($user_info);
}
}
/**
* Defines the current user name.
*
*
* @param string $userName Unix user name.
*
* @throws RuntimeException When unable to update current user name.
*/
public function setUserName($userName)
{
$user = posix_getpwnam($userName);
if (!isset($user['uid'])) {
throw new InvalidArgumentException(sprintf('"%s" is not a valid user name', $userName));
}
$this->setUserId($user['uid']);
}
/**
* @param string $username
* @throw UsernameNotFoundException
* @return string
*/
protected function getUserLogDir($username)
{
if (false === ($userinfo = posix_getpwnam($username))) {
throw new UsernameNotFoundException();
}
$homeDir = $userinfo['dir'];
return $homeDir . '/logs';
}
/**
* 此事件在worker进程启动时发生。这里创建的对象可以在worker进程生命周期内使用。
*
* @param ISwoole $sw
* @param int $worker_id
*/
function onWorkerStart($sw, $worker_id)
{
$this->ctx->pid = getmypid();
$user = posix_getpwnam($this->ctx->cfgs['default']['owner']['user']);
posix_setuid($user['uid']);
posix_setgid($user['gid']);
$this->worker_id = $worker_id;
}
/**
* Loads the user for the given username.
*
* This method must throw UsernameNotFoundException if the user is not
* found.
*
* @param string $username The username
*
* @return PosixUser
*
* @see UsernameNotFoundException
*
* @throws UsernameNotFoundException if the user is not found
*/
public function loadUserByUsername($username)
{
if ($userInfo = posix_getpwnam($username)) {
$user = new PosixUser();
$user->setUsername($username)->setHomeDir($userInfo['dir']);
return $user;
}
throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
}
public function setUser($systemUsername)
{
$info = posix_getpwnam($systemUsername);
if (!$info) {
self::crash("User '{$systemUsername}' not found");
}
$this->userId = $info['uid'];
return $this;
}
/**
* 设置进程运行账号
* @param [type] $user [description]
*/
public static function setUser($user)
{
$userInfo = posix_getpwnam($user);
if (!$userInfo) {
return;
}
posix_setgid($userInfo['gid']);
posix_setuid($userInfo['uid']);
}
/**
* @memcheck
*/
public function testGetAnotherUserUID()
{
$actual = Process::getUser(intval(`id -u nobody`));
$expected = posix_getpwnam('nobody');
$this->assertSame($expected['name'], $actual['name']);
$this->assertSame($expected['uid'], $actual['uid']);
$this->assertSame($expected['gid'], $actual['gid']);
$this->assertSame($expected['dir'], $actual['dir']);
$this->assertSame($expected['shell'], $actual['shell']);
}
function dbactionDelete()
{
$pwd = posix_getpwnam($this->main->nname);
if ($pwd['uid'] > 500) {
lxshell_return("userdel", "-r", $this->main->nname);
lxshell_return("groupdel", $this->main->nname);
} else {
dprint("User Id Less then 500 " . $pwd['uid'] . " Cannot Delete the User {$this->main->nname} <br> \n");
}
}
protected function changeProcessUidGidToUser(PFUser $user)
{
$user_unix_info = posix_getpwnam($user->getUserName());
if (empty($user_unix_info['uid']) || empty($user_unix_info['gid'])) {
throw new RuntimeException("User " . $user->getUserName() . " has no uid/gid");
}
if (!(posix_setegid($user_unix_info['gid']) && posix_seteuid($user_unix_info['uid']))) {
throw new RuntimeException("Cannot change current process uid/gid for " . $user->getUserName());
}
}
function runAs($userName)
{
if (posix_getuid() != 0 && posix_geteuid() != 0) {
return;
}
$this->user = posix_getpwnam($userName);
if (!$this->user) {
throw new \InvalidArgumentException("Cannot find user '{$userName}'.");
}
}
/**
* Filter a list of possible user names, returning on the valid ones.
*
* @param array $users list of usernames (strings)
* @return array list of usernames (strings)
*/
public static function filterValidUsers($users)
{
$matches = array();
foreach ($users as $user) {
$pw = posix_getpwnam($user);
if ($pw && isset($pw['uid'])) {
$matches[] = $user;
}
}
return $matches;
}
public function get($name)
{
$data = posix_getpwnam($name);
if ($data !== false) {
$data['groups'] = array_map(function ($group) {
$group = posix_getgrgid($group);
return $group['name'];
}, posix_getgroups());
}
return $data;
}
/**
* Returns the user account from the posix information.
*
* @return array A hash with complete account details.
*
* @throws Horde_Exception if posix extension is missing.
*/
protected function _getAccount()
{
if (!isset($this->_information)) {
// This won't work if we don't have posix extensions.
if (!Horde_Util::extensionExists('posix')) {
throw new Horde_Exception(_("POSIX extension is missing"));
}
$user = Horde_String::lower($this->getUsername());
$this->_information = posix_getpwnam($user);
}
return $this->_information;
}
/**
* 改变进程的用户ID
* @param $user
*/
static function changeUser($user)
{
if (!function_exists('posix_getpwnam')) {
trigger_error(__METHOD__ . ": require posix extension.");
return;
}
$user = posix_getpwnam($user);
if ($user) {
posix_setuid($user['uid']);
posix_setgid($user['gid']);
}
}
/**
* @return array
* @throws \RuntimeException
*/
public static function getUserInfo()
{
if (static::$userInfo) {
return static::$userInfo;
}
static::notLoadException();
static::$userInfo = posix_getpwnam(static::getUser());
if (static::$userInfo === false) {
throw new \RuntimeException('Can not fetch user info');
}
return static::$userInfo;
}
/**
* Trying to detect apache user. If not found prompt for one.
* @return string|null
*/
public static function apacheUser()
{
$possible = ['apache', 'www-data', '_www'];
foreach ($possible as $user) {
if (posix_getpwnam($user) !== false) {
return $user;
}
}
$user = null;
while (posix_getpwnam($user) === false) {
$user = readline("Enter apache username: ");
}
return $user;
}
function onStart($serv)
{
if (!defined('WEBROOT')) {
define('WEBROOT', $this->config['server']['webroot']);
}
if (isset($this->config['server']['user'])) {
$user = posix_getpwnam($this->config['server']['user']);
if ($user) {
posix_setuid($user['uid']);
posix_setgid($user['gid']);
}
}
$this->log(self::SOFTWARE . ". running. on {$this->server->host}:{$this->server->port}");
}
public function getStatus($user)
{
$splitUser = $this->splitUserDomains($user);
if ($user === "") {
$status = self::STATUS_INVALID;
} elseif (posix_getpwnam($user) !== false) {
$status = self::STATUS_VALID;
} elseif ($user != $splitUser[1] && posix_getpwnam($splitUser[1]) !== false) {
$status = self::STATUS_VALID;
} else {
$status = self::STATUS_INVALID;
}
return $status;
}
public function __construct($path = '')
{
$paths = explode('/', $path);
/**
* XXX - Create an account class and store all of this information
* in the account class.
*/
$userinfo = posix_getpwuid(fileowner($path));
$pwname = posix_getpwnam($this->username);
$this->username = $userinfo['name'];
$this->uid = $pwname['uid'];
$this->gid = $pwname['gid'];
$this->homedir = $pwname['dir'];
}
public function __construct(PFUser $user, Git_HTTP_Command $command)
{
parent::__construct();
$gitolite_user_info = posix_getpwnam('gitolite');
$this->gitolite_home = $gitolite_user_info['dir'];
$this->env['SHELL'] = '/bin/sh';
$this->env['REMOTE_USER'] = $user->getUnixName();
$this->env['GIT_HTTP_BACKEND'] = $command->getCommand();
$this->env['HOME'] = $this->gitolite_home;
$this->env['REMOTE_ADDR'] = HTTPRequest::getIPAddress();
$this->appendToEnv('REQUEST_URI');
$this->appendToEnv('REMOTE_PORT');
$this->appendToEnv('SERVER_ADDR');
$this->appendToEnv('SERVER_PORT');
}
/**
* 构造方法
*/
public function __construct($setting)
{
$this->config = $setting['config'];
$this->cronPath = $setting['cron_path'];
if (isset($setting['group'])) {
$groupinfo = posix_getpwnam($setting['group']);
posix_setgid($groupinfo['gid']);
}
if (isset($setting['user'])) {
$userinfo = posix_getgrnam($setting['user']);
posix_setuid($groupinfo['uid']);
}
include __DIR__ . '/ParseCrontab.php';
include __DIR__ . '/ParseInterval.php';
}
/**
* 根据配置初始化服务器
*/
function init_pcntl()
{
if (isset($this->cfg['pcntl']['daemon'])) {
$this->daemon();
}
$this->main_pid = posix_getpid();
if (isset($this->cfg['pcntl']['user'])) {
$user = posix_getpwnam($this->cfg['pcntl']['user']);
$this->setuid($user['uid'], $user['gid']);
}
if (isset($this->cfg['pcntl']['pid_file'])) {
file_put_contents($this->cfg['pcntl']['pid_file'], $this->main_pid);
}
if (isset($this->cfg['pcntl']['chroot'])) {
chroot($this->cfg['pcntl']['chroot']);
}
}
