6 files changed, 71 insertions, 23 deletions

diff --git a/boca-1.5.0/doc/dump.sh b/boca-1.5.0/doc/dump.sh
index caf03ef..f3f3282 100755
--- a/boca-1.5.0/doc/dump.sh
+++ b/boca-1.5.0/doc/dump.sh
@@ -1,4 +1,10 @@
 #!/bin/bash
+if [ "`id -u`" != "0" ]; then
+  echo "Must be run as root"
+  exit 1
+fi
+bocadir=/var/www/boca
+[ -r /etc/boca.conf ] && . /etc/boca.conf
 
 for i in pg_dump grep cut gzip date; do
   if [ "`which $i`" == "" ]; then
@@ -8,10 +14,10 @@ for i in pg_dump grep cut gzip date; do
 done
 da=`date +%d%b%Y-%Hh%Mmin`
 echo "I will create the file `pwd`/bocadb.$da.tar.gz"
-f=/var/www/boca/private/conf.php
-[ -r $f ] || f=/var/www/private/conf.php
+f=$bocadir/src/private/conf.php
+[ -r $f ] || f=$bocadir/src/private/conf.php
 if [ -r $f ]; then
-  echo I believe the password is `grep "\$conf\[\"dbpass\"\]=" /var/www/boca/private/conf.php | cut -d'"' -f4`
+  echo I believe the password is `grep "\$conf\[\"dbpass\"\]=" $bocadir/src/private/conf.php | cut -d'"' -f4`
 else
   echo "The password can be found in private/conf.php of the boca directory"
 fi
diff --git a/boca-1.5.0/tools/autojudge.sh b/boca-1.5.0/tools/autojudge.sh
index 799c257..6123eed 100755
--- a/boca-1.5.0/tools/autojudge.sh
+++ b/boca-1.5.0/tools/autojudge.sh
@@ -22,5 +22,5 @@ if [ "`id -u`" != "0" ]; then
 fi
 bocadir=/var/www/boca
 [ -r /etc/boca.conf ] && . /etc/boca.conf
-cd $bocadir
+cd $bocadir/src
 php private/autojudging.php
diff --git a/boca-1.5.0/tools/etc/icpc/becomeserver.sh b/boca-1.5.0/tools/etc/icpc/becomeserver.sh
index bbbc43b..31db6db 100755
--- a/boca-1.5.0/tools/etc/icpc/becomeserver.sh
+++ b/boca-1.5.0/tools/etc/icpc/becomeserver.sh
@@ -15,7 +15,7 @@
 # //    You should have received a copy of the GNU General Public License
 # //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 # ////////////////////////////////////////////////////////////////////////////////
-# // Last modified 05/aug/2012 by cassio@ime.usp.br
+# // Last modified 06/aug/2012 by cassio@ime.usp.br
 for i in id chown chmod cut awk grep cat sed makepasswd ifconfig iptables php touch mkdir update-rc.d su rm mv; do
   p=`which $i`
   if [ -x "$p" ]; then
@@ -26,7 +26,14 @@ for i in id chown chmod cut awk grep cat sed makepasswd ifconfig iptables php to
   fi
 done
 
-privatedir=/var/www/boca/private
+if [ "`id -u`" != "0" ]; then
+  echo "Must be run as root"
+  exit 1
+fi
+bocadir=/var/www/boca
+[ -r /etc/boca.conf ] && . /etc/boca.conf
+
+privatedir=$bocadir/src/private
 if [ ! -d $privatedir ]; then
   echo "Could not find directory $privatedir"
   exit 1
@@ -36,7 +43,10 @@ apacheuser=
 [ -r /etc/icpc/apacheuser ] && apacheuser=`cat /etc/icpc/apacheuser | sed 's/ \t\n//g'`
 [ "$apacheuser" == "" ] && apacheuser=www-data
 id -u $apacheuser >/dev/null 2>/dev/null
-[ $? != 0 ] && echo "User $apacheuser not found -- error to set permissions with chown/chmod"
+if [ $? != 0 ]; then
+  echo "User $apacheuser not found -- error to set permissions with chown/chmod"
+  apacheuser=root
+fi
 
 postgresuser=postgres
 id -u $postgresuser >/dev/null 2>/dev/null
@@ -45,12 +55,6 @@ if [ $? != 0 ]; then
   exit 1
 fi
 
-uid=`id -u`
-if [ "$uid" != "0" ]; then
-  echo "Must be root to run this script. Use sudo /bin/bash first"
-  exit 1
-fi
-
 grep -iq "iface.*eth0.*inet.*static" /etc/network/interfaces
 if [ $? != 0 ]; then
 	echo "*****************************************"
@@ -83,6 +87,12 @@ for i in `ls /etc/postgresql/*/main/pg_hba.conf`; do
    echo "I AM GIVING ACCESS TO THE DATABASE FROM ANY IP (AS LONG AS THE PASSWORD IS OK)"
    echo "In order to improve security, it is possible to alter the file $i"
    echo "and perform a finer tune. Nevertheless, if the password of the DB is safe, there is no big threat"
+   echo "For doing that, I am using the line:"
+   echo ""
+   echo -e "echo \"host bocadb bocauser 0/0 md5\" >> $i"
+   echo ""
+   echo "==> IDEALLY FOR IMPROVED SECURITY, REPLACE THE 0/0 ABOVE (IN THAT FILE) WITH THE IP ADDRESS OF THE AUTOJUDGE MACHINE <=="
+   echo "==> IF YOU HAVE MULTIPLE AUTOJUDGE MACHINES, WRITE ONE LINE FOR EACH IP ADDRESS THERE IN THE FILE <=="
    echo "############"
    echo "host bocadb bocauser 0/0 md5" >> $i
   fi
@@ -178,13 +188,13 @@ if [ $? == 0 ]; then
   done
 fi
 if [ "$OK" == "y" ]; then
-cd /var/www/boca
+cd $bocadir/src
 php private/createdb.php
 cd -
  echo "database renewed. Data on bocadb has been lost"
 else
  echo "*** database not erased. Check if BOCA is compatible. You can always erase the database and"
- echo "*** fix the problem by running (as root) cd /var/www/boca; php private/createdb.php"
+ echo "*** fix the problem by running (as root) cd $bocadir/src; php private/createdb.php"
  echo "*** still, all data regarding BOCA in the database will be lost" 
 fi
 touch /etc/icpc/.isserver
diff --git a/boca-1.5.0/tools/etc/icpc/installboca.sh b/boca-1.5.0/tools/etc/icpc/installboca.sh
index 13b8f43..073d432 100644
--- a/boca-1.5.0/tools/etc/icpc/installboca.sh
+++ b/boca-1.5.0/tools/etc/icpc/installboca.sh
@@ -66,8 +66,18 @@ if [ -f boca-$bocaver.$di/src/private/conf.php ]; then
    echo "You probably need to update the new file boca-$bocaver/src/private/conf.php with the correct passwords - PLEASE CHECK IT - NOT DONE AUTOMATICALLY"
  fi
 fi
+
+apacheuser=
+[ -r /etc/icpc/apacheuser ] && apacheuser=`cat /etc/icpc/apacheuser | sed 's/ \t\n//g'`
+[ "$apacheuser" == "" ] && apacheuser=www-data
+id -u $apacheuser >/dev/null 2>/dev/null
+if [ $? != 0 ]; then
+  echo "User $apacheuser not found -- error to set permissions with chown/chmod"
+  apacheuser=root
+fi
+
 tar xzf boca-$bocaver.tgz
-chown -R root.www-data boca-$bocaver/
+chown -R root.$apacheuser boca-$bocaver/
 chmod -R g+rx,u+rwx boca-$bocaver/
 
 chmod 600 boca-$bocaver/src/private/*.php
@@ -94,11 +104,8 @@ cp boca-$bocaver/tools/.htaccess boca-$bocaver/old/.htaccess
 cp boca-$bocaver/tools/.htaccess boca-$bocaver/src/private/.htaccess
 cp boca-$bocaver/tools/.htaccess boca-$bocaver/src/webcast/.htaccess
 
-chmod -R 770 boca-$bocaver/src/balloons
-chmod -R 770 boca-$bocaver/src/private/problemtmp
-chmod -R 770 boca-$bocaver/src/private/runtmp
-chmod -R 770 boca-$bocaver/src/private/scoretmp
-chmod -R 770 boca-$bocaver/src/private/remotescores
+chmod -R 770 boca-$bocaver/src/private
+chmod -R 775 boca-$bocaver/src/balloons
 
 echo "=========================================================================================="
 echo "=========== SETTING UP SOME LINKS (main apache server index.html updated)  ==============="
@@ -137,3 +144,21 @@ if [ "$OK" == "y" -o "$OK" == "Y" ]; then
   /etc/icpc/becomeserver.sh
   fi
 fi
+
+cat > /etc/apache2/conf.d/boca <<EOF
+<Directory $basedir/boca/src>
+       AllowOverride Options AuthConfig Limit
+       Order Allow,Deny
+       Allow from all
+       AddDefaultCharset utf-8
+</Directory>
+<Directory $basedir/boca/src/private>
+       AllowOverride Options AuthConfig Limit
+       Deny from all
+</Directory>
+<Directory $basedir/boca>
+       AllowOverride Options AuthConfig Limit
+       Deny from all
+</Directory>
+Alias /boca $basedir/boca/src
+EOF
diff --git a/boca-1.5.0/tools/icpc.etc.tgz b/boca-1.5.0/tools/icpc.etc.tgz
index 890dc3a..ed8306a 100644
--- a/boca-1.5.0/tools/icpc.etc.tgz
+++ b/boca-1.5.0/tools/icpc.etc.tgz
diff --git a/boca-1.5.0/tools/updatescore.sh b/boca-1.5.0/tools/updatescore.sh
index 65522b7..d8cf8e0 100755
--- a/boca-1.5.0/tools/updatescore.sh
+++ b/boca-1.5.0/tools/updatescore.sh
@@ -15,8 +15,15 @@
 # //    You should have received a copy of the GNU General Public License
 # //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 # ////////////////////////////////////////////////////////////////////////////////
-# last updated 10/jul/2012 by cassio@ime.usp.br
-privatedir=/var/www/boca/src/private/remotescores
+# last updated 06/aug/2012 by cassio@ime.usp.br
+if [ "`id -u`" != "0" ]; then
+  echo "Must be run as root"
+  exit 1
+fi
+bocadir=/var/www/boca
+[ -r /etc/boca.conf ] && . /etc/boca.conf
+
+privatedir=$bocadir/src/private/remotescores
 others=$privatedir/otherservers
 if [ "$1" == "" -o "$2" == "" ]; then
   echo "Usage $0 <remotescorefolder> <serversfile>"