Patch to remove any dependency on perl-suid. AlternC now uses sudo for all those former setuid scripts

bureau/class/m_admin.php

@@ -354,7 +354,7 @@ class m_admin {
       $db->query("INSERT INTO membres (uid,login,pass,mail,creator,canpass,type,created, notes) VALUES ('$uid','$login','$pass','$mail','$cuid','$canpass', '$type', NOW(), '$notes');");
       $db->query("INSERT INTO local(uid,nom,prenom) VALUES('$uid','$nom','$prenom');");
       $this->renew_update($uid, $duration);
-      exec("/usr/lib/alternc/mem_add ".$login." ".$uid);
+      exec("sudo /usr/lib/alternc/mem_add ".$login." ".$uid);
       // Triggering hooks
       $mem->su($uid);
       // TODO: old hook method FIXME: when unused remove this
@@ -562,7 +562,7 @@ EOF;
     
     if (($db->query("DELETE FROM membres WHERE uid='$uid';")) &&
 	($db->query("DELETE FROM local WHERE uid='$uid';"))) {
-      exec("/usr/lib/alternc/mem_del ".$tt["login"]);
+      exec("sudo /usr/lib/alternc/mem_del ".$tt["login"]);
       $mem->unsu();
       // If this user was (one day) an administrator one, he may have a list of his own accounts. Let's associate those accounts to nobody as a creator.
       $db->query("UPDATE membres SET creator=2000 WHERE creator='$uid';");

bureau/class/m_quota.php

@@ -182,9 +182,9 @@ class m_quota {
     if (floatval($size)==0) $size="0";
     if (isset($this->disk[$ressource])) {
       // It's a disk resource, update it with shell command
-      exec("/usr/lib/alternc/quota_edit $cuid $size &> /dev/null &");
+      exec("sudo /usr/lib/alternc/quota_edit $cuid $size &> /dev/null &");
       // Now we check that the value has been written properly : 
-      exec("/usr/lib/alternc/quota_get $cuid &> /dev/null &",$a);
+      exec("sudo /usr/lib/alternc/quota_get $cuid &> /dev/null &",$a);
       if ($size!=$a[1]) {
 	$err->raise("quota",_("Error writing the quota entry!"));
 	return false;

debian/po/de.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: AlternC 2.0\n"
 "Report-Msgid-Bugs-To: alternc@packages.debian.org\n"
-"POT-Creation-Date: 2012-10-17 11:21+0200\n"
+"POT-Creation-Date: 2012-11-27 22:31+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: <i18n@alternc.org>\n"
 "Language-Team: <i18n@alternc.org>\n"
@@ -502,8 +502,8 @@ msgstr ""
 #. Description
 #: ../alternc.templates:30001
 msgid ""
-"A local MySQL connexion was established on the server. Do you Want to Use "
-"it. If not remote MySQL server connexion parameters will be needed."
+"A local MySQL connection was established on the server. Do you Want to Use "
+"it. If not remote MySQL server connection parameters will be needed."
 msgstr ""
 
 #. Type: boolean

debian/po/es.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: AlternC-awstats module 2.0\n"
 "Report-Msgid-Bugs-To: alternc@packages.debian.org\n"
-"POT-Creation-Date: 2012-10-17 11:21+0200\n"
+"POT-Creation-Date: 2012-11-27 22:31+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -502,8 +502,8 @@ msgstr ""
 #. Description
 #: ../alternc.templates:30001
 msgid ""
-"A local MySQL connexion was established on the server. Do you Want to Use "
-"it. If not remote MySQL server connexion parameters will be needed."
+"A local MySQL connection was established on the server. Do you Want to Use "
+"it. If not remote MySQL server connection parameters will be needed."
 msgstr ""
 
 #. Type: boolean

debian/po/fr.po

@@ -15,7 +15,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: 0.3.1\n"
 "Report-Msgid-Bugs-To: alternc@packages.debian.org\n"
-"POT-Creation-Date: 2012-10-17 11:21+0200\n"
+"POT-Creation-Date: 2012-11-27 22:31+0100\n"
 "PO-Revision-Date: 2005-05-15 18:24+0200\n"
 "Last-Translator: Benjamin Sonntag <benjamin@altercn.org>\n"
 "Language-Team: french <dev@alternc.org>\n"
@@ -603,8 +603,8 @@ msgstr ""
 #. Description
 #: ../alternc.templates:30001
 msgid ""
-"A local MySQL connexion was established on the server. Do you Want to Use "
-"it. If not remote MySQL server connexion parameters will be needed."
+"A local MySQL connection was established on the server. Do you Want to Use "
+"it. If not remote MySQL server connection parameters will be needed."
 msgstr ""
 
 #. Type: boolean

debian/po/it.po

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: alternc@packages.debian.org\n"
-"POT-Creation-Date: 2012-10-17 11:21+0200\n"
+"POT-Creation-Date: 2012-11-27 22:31+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -503,8 +503,8 @@ msgstr ""
 #. Description
 #: ../alternc.templates:30001
 msgid ""
-"A local MySQL connexion was established on the server. Do you Want to Use "
-"it. If not remote MySQL server connexion parameters will be needed."
+"A local MySQL connection was established on the server. Do you Want to Use "
+"it. If not remote MySQL server connection parameters will be needed."
 msgstr ""
 
 #. Type: boolean

debian/po/pt.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: AlternC 2.0\n"
 "Report-Msgid-Bugs-To: alternc@packages.debian.org\n"
-"POT-Creation-Date: 2012-10-17 11:21+0200\n"
+"POT-Creation-Date: 2012-11-27 22:31+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: <i18n@alternc.org>\n"
 "Language-Team: <i18n@alternc.org>\n"
@@ -502,8 +502,8 @@ msgstr ""
 #. Description
 #: ../alternc.templates:30001
 msgid ""
-"A local MySQL connexion was established on the server. Do you Want to Use "
-"it. If not remote MySQL server connexion parameters will be needed."
+"A local MySQL connection was established on the server. Do you Want to Use "
+"it. If not remote MySQL server connection parameters will be needed."
 msgstr ""
 
 #. Type: boolean

debian/po/templates.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: alternc@packages.debian.org\n"
-"POT-Creation-Date: 2012-10-17 11:21+0200\n"
+"POT-Creation-Date: 2012-11-27 22:31+0100\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -503,8 +503,8 @@ msgstr ""
 #. Description
 #: ../alternc.templates:30001
 msgid ""
-"A local MySQL connexion was established on the server. Do you Want to Use "
-"it. If not remote MySQL server connexion parameters will be needed."
+"A local MySQL connection was established on the server. Do you Want to Use "
+"it. If not remote MySQL server connection parameters will be needed."
 msgstr ""
 
 #. Type: boolean

etc/alternc/alternc-sudoers

@@ -1,2 +1,2 @@
-alterncpanel	ALL = NOPASSWD : /usr/bin/quota, /usr/sbin/setquota, /usr/lib/alternc/fixperms.sh
+alterncpanel	ALL = NOPASSWD : /usr/bin/quota, /usr/sbin/setquota, /usr/lib/alternc/fixperms.sh, /usr/lib/alternc/mem_add, /usr/lib/alternc/mem_del, /usr/lib/alternc/quota_edit, /usr/lib/alternc/quota_get, /usr/lib/alternc/du.pl
 vmail		ALL = NOPASSWD : /usr/lib/dovecot/deliver

src/Makefile

@@ -19,8 +19,7 @@
 # ----------------------------------------------------------------------
 # Purpose of file: Makefile des binaires de /usr/lib/alternc
 # ----------------------------------------------------------------------
-SETUID=quota_edit quota_get mem_add mem_del du.pl
-SCRIPTS=sqlbackup.sh quota_init quota_delete update_domains.sh slave_dns sendmail spoolsize.php fixperms.sh alternc-dboptimize export_account.php cron_users_doit.sh cron_users.sh compress_logs.sh delete_logs.sh quota-warning.sh update_mails.sh alternc_add_policy_dovecot rebuild_all_webconf.sh courier-dovecot-migrate.pl popimap-log-login.sh
+SCRIPTS=sqlbackup.sh quota_init quota_delete update_domains.sh slave_dns sendmail spoolsize.php fixperms.sh alternc-dboptimize export_account.php cron_users_doit.sh cron_users.sh compress_logs.sh delete_logs.sh quota-warning.sh update_mails.sh alternc_add_policy_dovecot rebuild_all_webconf.sh courier-dovecot-migrate.pl popimap-log-login.sh mem_add mem_del quota_edit quota_get du.pl
 LIBS=functions.sh functions_hosting.sh functions_dns.sh
 BIN=$(DESTDIR)/usr/lib/alternc/
 
@@ -28,6 +27,5 @@ install:
 	# Group 1999 references alterncpanel
 	chown root:1999 $(BIN)
 	chmod 755 $(BIN)
-	install -o root -g 1999 -m4750 $(SETUID) $(BIN)
 	install -o root -g 1999 -m0750 $(SCRIPTS) $(BIN)
 	install -o root -g 1999 -m0644 $(LIBS) $(BIN)

src/mem_add

@@ -5,7 +5,7 @@ use strict;
 my ($name,$uid) = @ARGV;
 
 if (!$name || !$uid) {
-    print "Usage: mem_add <name> <uid>\n";
+    print "Usage: sudo mem_add <name> <uid>\n";
     print " Create the AlternC account <name> having uid number <uid>\n";
     exit(1);
 }
@@ -22,8 +22,11 @@ if (!($uid =~ /^([0-9]+)$/)) {
 }
 $uid=$1;
 
-$< = $>;
-$( = $);
+if ( $< != 0 ) {
+    die "please launch mem_add as root (or using sudo)";
+}
+#$< = $>;
+#$( = $);
 
 my $PTH="/var/alternc/html/".substr($name,0,1)."/".$name;
 

src/mem_del

@@ -18,8 +18,11 @@ if (!($name =~ /^([a-z0-9]+)$/)) {
 }
 $name=$1;
 
-$< = $>;
-$( = $);
+if ( $< != 0 ) {
+    die "please launch mem_del as root (or using sudo)";
+}
+#$< = $>;
+#$( = $);
 
 my $PTH="/var/alternc/html/".substr($name,0,1)."/".$name;
 

src/spoolsize.php

@@ -9,7 +9,7 @@ echo "---------------------------\n Generating size-cache for web accounts\n\n";
 $r=mysql_query("SELECT uid,login FROM membres;");
 while ($c=mysql_fetch_array($r)) {
   echo $c["login"]; flush();
-  $size=exec("/usr/lib/alternc/du.pl /var/alternc/html/".substr($c["login"],0,1)."/".$c["login"]);
+  $size=exec("sudo /usr/lib/alternc/du.pl /var/alternc/html/".substr($c["login"],0,1)."/".$c["login"]);
   mysql_query("REPLACE INTO size_web SET uid='".$c["uid"]."',size='$size';");
   echo " done ($size KB) \n"; flush();
 }
@@ -33,9 +33,9 @@ $r=@mysql_query("SELECT uid, name FROM mailman;");
 if ($r) {
   while ($c=mysql_fetch_array($r)) {
     echo $c["uid"]."/".$c["name"]; flush();
-    $size1=exec("/usr/lib/alternc/du.pl /var/lib/mailman/lists/".$c["name"]);
-    $size2=exec("/usr/lib/alternc/du.pl /var/lib/mailman/archives/private/".$c["name"]);
-    $size3=exec("/usr/lib/alternc/du.pl /var/lib/mailman/archives/private/".$c["name"].".mbox");
+    $size1=exec("sudo /usr/lib/alternc/du.pl /var/lib/mailman/lists/".$c["name"]);
+    $size2=exec("sudo /usr/lib/alternc/du.pl /var/lib/mailman/archives/private/".$c["name"]);
+    $size3=exec("sudo /usr/lib/alternc/du.pl /var/lib/mailman/archives/private/".$c["name"].".mbox");
     $size=(intval($size1)+intval($size2)+intval($size3));
     mysql_query("REPLACE INTO size_mailman SET uid='".$c["uid"]."',list='".$c["name"]."', size='$size';");
     echo " done ($size KB) \n"; flush();