This file is indexed.

/usr/share/lemonldap-ng/bin/lmConfigEditor is in liblemonldap-ng-manager-perl 1.2.5-1.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
#!/usr/bin/perl

use Lemonldap::NG::Common::Conf;
use Lemonldap::NG::Common::Conf::Constants;
use Data::Dumper;
use English qw(-no_match_vars);
use File::Temp;
use POSIX qw(setuid setgid);
use strict;

eval {
    setgid( ( getgrnam('www-data') )[2] );
    setuid( ( getpwnam('www-data') )[2] );
    print STDERR "Running as uid $EUID and gid $EGID\n";
};

if ( $EUID == 0 ) {
    print STDERR
      "$0 must not be launched as root since local cache can be corrupted\n"
      . "Continue (y/N)? ";
    my $res = <STDIN>;
    exit 1 unless ( $res =~ /^y/i );
}

my $conf = Lemonldap::NG::Common::Conf->new();

unless ($conf) {
    print STDERR $Lemonldap::NG::Common::Conf::msg;
    exit 1;
}

my $tmp = $conf->getConf();
delete $tmp->{reVHosts};
delete $tmp->{cipher};
delete $tmp->{cfgAuthor};
delete $tmp->{cfgAuthorIP};
delete $tmp->{cfgDate};
$tmp = Dumper($tmp);
my $refFile  = File::Temp->new( UNLINK => 1 );
my $editFile = File::Temp->new( UNLINK => 1 );
print $refFile $tmp;
print $editFile $tmp;
close $refFile;
close $editFile;

system "editor $editFile";

if (`diff $refFile $editFile`) {
    my $VAR1;
    my $buf;

    # Check if the new configuration hash is valid
    open F1, $editFile->filename();
    while (<F1>) {
        $buf .= $_;
    }
    eval $buf;
    die $EVAL_ERROR if $EVAL_ERROR;

    # Update author and date
    $VAR1->{cfgAuthor}   = "lmConfigEditor";
    $VAR1->{cfgAuthorIP} = "localhost";
    $VAR1->{cfgDate}     = time();

    # Store new configuration
    my $res = $conf->saveConf($VAR1);
    if ( $res > 0 ) {
        print STDERR "Configuration $res saved\n";
    }
    else {
        print STDERR "Configuration was not saved:\n  ";
        if ( $res == CONFIG_WAS_CHANGED ) {
            print STDERR "Configuration has changed\n";
        }
        elsif ( $res == DATABASE_LOCKED ) {
            print STDERR "Configuration database is or can nor be locked\n";
        }
        elsif ( $res == UPLOAD_DENIED ) {
            print STDERR "You're not authorized to save this configuration\n";
        }
        elsif ( $res == SYNTAX_ERROR ) {
            print STDERR "Syntax error in your configuration\n";
        }
        elsif ( $res == UNKNOWN_ERROR ) {
            print STDERR "Unknown error\n";
        }
    }
}
else {
    print STDERR "Configuration not changed\n";
}