From 51c4629eed723d422d6754fd16c31dfd213821eb Mon Sep 17 00:00:00 2001 From: following Date: Tue, 11 Jun 2013 20:30:43 +0200 Subject: [PATCH] force runcron to be run by the right user --- htdocs/config2/settings-dist.inc.php | 1 + htdocs/util2/cron/runcron.php | 11 ++++++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/htdocs/config2/settings-dist.inc.php b/htdocs/config2/settings-dist.inc.php index 800b0d38..d44118ff 100644 --- a/htdocs/config2/settings-dist.inc.php +++ b/htdocs/config2/settings-dist.inc.php @@ -406,6 +406,7 @@ /* cronjob */ $opt['cron']['pidfile'] = $opt['rootpath'] . 'cache2/runcron.pid'; + $opt['cron']['username'] = 'apache'; // system username for cronjobs /* phpbb news integration (index.php) * diff --git a/htdocs/util2/cron/runcron.php b/htdocs/util2/cron/runcron.php index 4ec920a8..bbade666 100644 --- a/htdocs/util2/cron/runcron.php +++ b/htdocs/util2/cron/runcron.php @@ -18,18 +18,23 @@ require($opt['rootpath'] . 'lib2/cli.inc.php'); + // test for user who runs the cronjob + $processUser = posix_getpwuid(posix_geteuid()); + if ($processUser['name'] != $opt['cron']['username']) + die("ERROR: runcron must be run by '" . $opt['cron']['username'] . "' but was called by '" . $processUser['name'] . "'\n"); + // use posix pid-files to lock process if (!CreatePidFile($opt['cron']['pidfile'])) { - CleanupAndExit($opt['cron']['pidfile'], "Another instance is running!"); - exit; + CleanupAndExit($opt['cron']['pidfile'], "Another instance is running!"); + exit; } // Run as system user, if possible. // This is relevant e.g. for publishing and for auto-archiving caches. if ($opt['logic']['systemuser']['user'] != '') if (!$login->system_login($opt['logic']['systemuser']['user'])) - die("runcron: system user login failed"); + die("ERROR: runcron system user login failed"); $modules_dir = $opt['rootpath'] . 'util2/cron/modules/';