Apache-Logmonster
view release on metacpan or search on metacpan
lib/Apache/Logmonster/Utility.pm view on Meta::CPAN
if ( -e "$archive.tar.gz" ) { $archive = "$archive.tar.gz" }
elsif ( -e "$archive.tgz" ) { $archive = "$archive.tgz" }
elsif ( -e "$archive.tar.bz2" ) { $archive = "$archive.tar.bz2" }
else {
return $log->error( "file $archive is missing!", %args );
}
}
$log->audit("found $archive");
$ENV{PATH} = '/bin:/usr/bin'; # do this or taint checks will blow up on ``
return $log->error( "unknown archive type: $archive", %args )
if $archive !~ /[bz2|gz]$/;
# find these binaries, we need them to inspect and expand the archive
my $tar = $self->find_bin( 'tar', %args );
my $file = $self->find_bin( 'file', %args );
my %types = (
gzip => { bin => 'gunzip', content => 'gzip', },
lib/Apache/Logmonster/Utility.pm view on Meta::CPAN
# cd into the package directory
my $sub_path;
if ( -d $package ) {
chdir $package or
return $log->error( "FAILED to chdir $package!", %args );
}
else {
# some packages (like daemontools) unpack within an enclosing directory
$sub_path = `find ./ -name $package`; # tainted data
chomp $sub_path;
($sub_path) = $sub_path =~ /^([-\w\/.]+)$/; # untaint it
$log->audit( "found sources in $sub_path" ) if $sub_path;
return $log->error( "FAILED to find $package sources!",fatal=>0)
unless ( -d $sub_path && chdir($sub_path) );
}
$self->install_from_source_apply_patches($src, $patches, $patch_args) or return;
# set default build targets if none are provided
if ( !@$targets[0] ) {
lib/Apache/Logmonster/Utility.pm view on Meta::CPAN
@_,
{ 'timeout' => { type => SCALAR, optional => 1 },
%std_opts,
},
);
my %args = $log->get_std_args( %p );
$log->audit("syscmd: $cmd");
my ( $is_safe, $tainted, $bin, @args );
# separate the program from its arguments
if ( $cmd =~ m/\s+/xm ) {
($cmd) = $cmd =~ /^\s*(.*?)\s*$/; # trim lead/trailing whitespace
@args = split /\s+/, $cmd; # split on whitespace
$bin = shift @args;
$is_safe++;
$log->audit("\tprogram: $bin, args : " . join ' ', @args, %args);
}
else {
lib/Apache/Logmonster/Utility.pm view on Meta::CPAN
$message .= " (safe)" if $is_safe;
$log->audit($message, %args );
if ( $bin && !-e $bin ) { # $bin is set, but we have not found it
$bin = $self->find_bin( $bin, fatal => 0, debug => 0 )
or return $log->error( "$bin was not found", %args);
}
unshift @args, $bin;
require Scalar::Util;
$tainted++ if Scalar::Util::tainted($cmd);
my $before_path = $ENV{PATH};
# instead of croaking, maybe try setting a
# very restrictive PATH? I'll err on the side of safety
# $ENV{PATH} = '';
return $log->error( "syscmd request has tainted data", %args)
if ( $tainted && !$is_safe );
if ($is_safe) {
my $prefix = "/usr/local"; # restrict the path
$prefix = "/opt/local" if -d "/opt/local";
$ENV{PATH} = "/bin:/sbin:/usr/bin:/usr/sbin:$prefix/bin:$prefix/sbin";
}
my $r;
eval {
if ( defined $p{timeout} ) {
t/Utility.t view on Meta::CPAN
# is_process_running
my $process_that_exists
= lc($OSNAME) eq 'darwin' ? 'launchd'
: lc($OSNAME) eq 'freebsd' ? 'cron'
: 'init'; # init does not run in a freebsd jail
ok( $util->is_process_running($process_that_exists), "is_process_running, $process_that_exists" )
; # or diag system "/bin/ps -ef && /bin/ps ax";
ok( !$util->is_process_running("nonexistent"), "is_process_running, nonexistent" );
# is_tainted
# logfile_append
$mod = "Date::Format";
if ( eval "require $mod" ) {
ok( $util->logfile_append(
file => $rwtest,
prog => $0,
lines => ['running tests'],
),
( run in 0.414 second using v1.01-cache-2.11-cpan-d6f9594c0a5 )