/* Main routine of the remote AFS system call server. The calling process will
* never return; this is currently called from afsd (when "-rmtsys" is passed
* as a parameter) */
void
rmtsysd(void)
{
/* void catchsig(int); */
struct rx_securityClass *(securityObjects[N_SECURITY_OBJECTS]);
struct rx_service *service;
/*
* Ignore SIGHUP signal since apparently is sent to the processes that
* start up from /etc/rc for some systems like hpux and aix3.1...
*/
signal(SIGHUP, SIG_IGN);
/* Initialize the rx-based RMTSYS server */
if (rx_Init(htons(AFSCONF_RMTSYSPORT)) < 0)
rmt_Quit("rx_init");
securityObjects[RX_SECIDX_NULL] = rxnull_NewServerSecurityObject();
if (securityObjects[RX_SECIDX_NULL] == (struct rx_securityClass *)0)
rmt_Quit("rxnull_NewServerSecurityObject");
service =
rx_NewService(0, RMTSYS_SERVICEID, AFSCONF_RMTSYSSERVICE,
securityObjects, N_SECURITY_OBJECTS,
RMTSYS_ExecuteRequest);
if (service == NULL)
rmt_Quit("rx_NewService");
/* One may wish to tune some default RX params for better performance
* at some point... */
rx_SetMaxProcs(service, 2);
rx_StartServer(1); /* Donate this process to the server process pool */
}
static int
CommandProc(struct cmd_syndesc *as, void *arock)
{
struct rx_connection *conn;
register char *hostName;
register struct hostent *thp;
afs_int32 port;
struct rx_securityClass *secobj;
int int32p;
afs_int32 addr;
hostName = as->parms[0].items->data;
if (as->parms[1].items)
port = atoi(as->parms[1].items->data);
else
port = 7001;
thp = hostutil_GetHostByName(hostName);
if (!thp) {
printf("cmdebug: can't resolve address for host %s.\n", hostName);
exit(1);
}
memcpy(&addr, thp->h_addr, sizeof(afs_int32));
secobj = rxnull_NewServerSecurityObject();
conn = rx_NewConnection(addr, htons(port), 1, secobj, 0);
if (!conn) {
printf("cmdebug: failed to create connection for host %s\n", hostName);
exit(1);
}
if (as->parms[2].items) int32p = 1;
else int32p = 0;
PrintCacheEntries(conn, int32p);
return 0;
}
main()
{
struct rx_securityClass *(securityObjects[N_SECURITY_OBJECTS]);
struct rx_service *service;
signal(SIGINT, InterruptSignal);
/* Initialize Rx, telling it port number this server will use for its single service */
if (rx_Init(BULK_SERVER_PORT) < 0)
Quit("rx_init");
/* Create a single security object, in this case the null security object, for unauthenticated connections, which will be used to control security on connections made to this server */
securityObjects[RX_SECIDX_NULL] = rxnull_NewServerSecurityObject();
if (securityObjects[RX_SECIDX_NULL] == (struct rx_securityClass *)0)
Quit("rxnull_NewServerSecurityObject");
/* Instantiate a single BULK service. The rxgen-generated procedure which is called to decode requests is passed in here (BULK_ExecuteRequest). */
service =
rx_NewService(0, BULK_SERVICE_ID, "BULK", securityObjects,
N_SECURITY_OBJECTS, BULK_ExecuteRequest);
if (service == (struct rx_service *)0)
Quit("rx_NewService");
rx_SetMaxProcs(service, 5);
rx_StartServer(1); /* Donate this process to the server process pool */
Quit("StartServer returned?");
}
int
main(int argc, char **argv)
{
struct rx_securityClass *(securityObjects[N_SECURITY_OBJECTS]);
struct rx_service *service;
/* Initialize Rx, telling it port number this server will use for its single service */
if (rx_Init(SAMPLE_SERVER_PORT) < 0)
Quit("rx_init");
/* Create a single security object, in this case the null security object, for unauthenticated connections, which will be used to control security on connections made to this server */
securityObjects[SAMPLE_NULL] = rxnull_NewServerSecurityObject();
if (securityObjects[SAMPLE_NULL] == (struct rx_securityClass *)0)
Quit("rxnull_NewServerSecurityObject");
/* Instantiate a single sample service. The rxgen-generated procedure which is called to decode requests is passed in here (TEST_ExecuteRequest). */
service =
rx_NewService(0, SAMPLE_SERVICE_ID, "sample", securityObjects,
N_SECURITY_OBJECTS, TEST_ExecuteRequest);
if (service == (struct rx_service *)0)
Quit("rx_NewService");
rx_StartServer(1); /* Donate this process to the server process pool */
Quit("StartServer returned?");
return 0;
}
static void
get_sec(int serverp, struct rx_securityClass **sec, int *secureindex)
{
if (serverp) {
*sec = rxnull_NewServerSecurityObject();
*secureindex = 1;
} else {
*sec = rxnull_NewClientSecurityObject();
*secureindex = 0;
}
}
extern int
start_cb_server(void)
{
struct rx_service *s;
sc = rxnull_NewServerSecurityObject();
s = rx_NewService(0, 1, "afs", &sc, 1, RXAFSCB_ExecuteRequest);
if (!s)
return 1;
rx_StartServer(0);
return 0;
}
static void *
init_callback_service_lwp(void *arg)
{
struct rx_securityClass *sc;
struct rx_service *svc;
afs_int32 code = 0;
rpc_test_request_ctx *ctx = (rpc_test_request_ctx *) arg;
printf("%s: init_callback_service_lwp: listen_addr: %s "
"(%d) cb_port: %d\n",
prog, ctx->cb_listen_addr_s, ctx->cb_listen_addr.addr_in[0],
ctx->cb_port);
sc = (struct rx_securityClass *) rxnull_NewServerSecurityObject();
if (!sc) {
fprintf(stderr,"rxnull_NewServerSecurityObject failed for callback "
"service\n");
exit(1);
}
#if defined(RPC_TEST_GLOBAL_RX_INIT)
svc = rx_NewServiceHost(htonl(INADDR_ANY), htons(ctx->cb_port), 1,
ctx->cb_svc_name, &sc, 1, RXAFSCB_ExecuteRequest);
#else
svc = rx_NewService(0, 1, ctx->cb_svc_name, &sc, 1, RXAFSCB_ExecuteRequest);
#endif
/* stash context */
rx_SetServiceSpecific(svc, ctx_key, ctx);
if (!svc) {
fprintf(stderr,"rx_NewServiceHost failed for callback service\n");
exit(1);
}
/* XXX stash service so we can hijack its rx_socket when inititiating
* RPC calls */
ctx->svc = svc;
/* release pkg mutex before entering rx processing loop */
pthread_mutex_unlock(&rpc_test_params.mtx);
rx_StartServer(1);
printf("%s: init_callback_service_lwp: finished");
return (NULL);
} /* callback_service_lwp */
void
afsconf_BuildServerSecurityObjects(struct afsconf_dir *dir,
afs_uint32 flags,
struct rx_securityClass ***classes,
afs_int32 *numClasses)
{
if (flags & AFSCONF_SEC_OBJS_RXKAD_CRYPT)
*numClasses = 4;
else
*numClasses = 3;
*classes = calloc(*numClasses, sizeof(**classes));
(*classes)[0] = rxnull_NewServerSecurityObject();
(*classes)[1] = NULL;
(*classes)[2] = rxkad_NewServerSecurityObject(0, dir,
afsconf_GetKey, NULL);
if (flags & AFSCONF_SEC_OBJS_RXKAD_CRYPT)
(*classes)[3] = rxkad_NewServerSecurityObject(rxkad_crypt, dir,
afsconf_GetKey, NULL);
}
static int
WorkerBee(struct cmd_syndesc *as, void *arock)
{
afs_int32 code;
struct rx_securityClass *(securityObjects[3]);
struct rx_service *service;
time_t tokenExpires;
char cellName[64];
int localauth;
/*process arguments */
afs_int32 portOffset = 0;
#ifdef AFS_PTHREAD_ENV
pthread_t dbWatcherPid;
pthread_attr_t tattr;
AFS_SIGSET_DECL;
#else
PROCESS dbWatcherPid;
#endif
afs_uint32 host = htonl(INADDR_ANY);
debugLevel = 0;
/*initialize the error tables */
initialize_KA_error_table();
initialize_RXK_error_table();
initialize_KTC_error_table();
initialize_ACFG_error_table();
initialize_CMD_error_table();
initialize_VL_error_table();
initialize_BUTM_error_table();
initialize_BUTC_error_table();
#ifdef xbsa
initialize_BUTX_error_table();
#endif /*xbs */
initialize_VOLS_error_table();
initialize_BUDB_error_table();
initialize_BUCD_error_table();
if (as->parms[0].items) {
portOffset = SafeATOL(as->parms[0].items->data);
if (portOffset == -1) {
fprintf(stderr, "Illegal port offset '%s'\n",
as->parms[0].items->data);
exit(1);
} else if (portOffset > BC_MAXPORTOFFSET) {
fprintf(stderr, "%u exceeds max port offset %u\n", portOffset,
BC_MAXPORTOFFSET);
exit(1);
}
}
xbsaType = XBSA_SERVER_TYPE_NONE; /* default */
if (as->parms[3].items) { /* -device */
globalTapeConfig.capacity = 0x7fffffff; /* 2T for max tape capacity */
globalTapeConfig.fileMarkSize = 0;
globalTapeConfig.portOffset = portOffset;
strncpy(globalTapeConfig.device, as->parms[3].items->data, 100);
xbsaType = XBSA_SERVER_TYPE_NONE; /* Not XBSA */
} else {
/* Search for an entry in tapeconfig file */
code = GetDeviceConfig(tapeConfigFile, &globalTapeConfig, portOffset);
if (code == -1) {
fprintf(stderr, "Problem in reading config file %s\n",
tapeConfigFile);
exit(1);
}
/* Set xbsaType. If code == 1, no entry was found in the tapeconfig file so
* it's an XBSA server. Don't know if its ADSM or not so its unknown.
*/
xbsaType =
((code == 1) ? XBSA_SERVER_TYPE_UNKNOWN : XBSA_SERVER_TYPE_NONE);
}
if (as->parms[6].items) { /* -restoretofile */
int s = strlen(as->parms[6].items->data);
restoretofile = malloc(s + 1);
strncpy(restoretofile, as->parms[6].items->data, s + 1);
printf("Restore to file '%s'\n", restoretofile);
}
/* Go and read the config file: CFG_<device> or CFG_<port>. We will also set
* the exact xbsaType within the call (won't be unknown) - double check.
*/
code = GetConfigParams(pFile, portOffset);
if (code)
exit(code);
#ifdef xbsa
if (xbsaType == XBSA_SERVER_TYPE_UNKNOWN) {
printf
("\nConfiguration file error, the TYPE parameter must be specified, or\n");
printf("an entry must exist in %s for port %d\n", tapeConfigFile,
portOffset);
exit(1);
}
#else
/* Not compiled for XBSA code so we can't support it */
if (CONF_XBSA) {
printf("\nNo entry found in %s for port %d\n", tapeConfigFile,
portOffset);
printf("This binary does not have XBSA support\n");
exit(1);
}
#endif
/* Open the log files. The pathnames were set in GetConfigParams() */
logIO = fopen(logFile, "a");
if (!logIO) {
fprintf(stderr, "Failed to open %s\n", logFile);
exit(1);
}
ErrorlogIO = fopen(ErrorlogFile, "a");
if (!ErrorlogIO) {
fprintf(stderr, "Failed to open %s\n", ErrorlogFile);
exit(1);
}
if (lastLog) {
lastLogIO = fopen(lastLogFile, "a");
if (!lastLogIO) {
fprintf(stderr, "Failed to open %s\n", lastLogFile);
exit(1);
}
}
if (centralLogFile) {
struct stat sbuf;
afs_int32 statcode;
#ifndef AFS_NT40_ENV
char path[AFSDIR_PATH_MAX];
#endif
statcode = stat(centralLogFile, &sbuf);
centralLogIO = fopen(centralLogFile, "a");
if (!centralLogIO) {
fprintf(stderr, "Failed to open %s; error %d\n", centralLogFile,
errno);
exit(1);
}
#ifndef AFS_NT40_ENV
/* Make sure it is not in AFS, has to have been created first */
if (!realpath(centralLogFile, path)) {
fprintf(stderr,
"Warning: can't determine real path of '%s' (%d)\n",
centralLogFile, errno);
} else {
if (strncmp(path, "/afs/", 5) == 0) {
fprintf(stderr, "The central log '%s' should not be in AFS\n",
centralLogFile);
exit(1);
}
}
#endif
/* Write header if created it */
if (statcode) {
char *h1 =
"TASK START DATE/TIME END DATE/TIME ELAPSED VOLUMESET\n";
char *h2 =
"----- ------------------- ------------------- -------- ---------\n";
/* File didn't exist before so write the header lines */
fwrite(h1, strlen(h1), 1, centralLogIO);
fwrite(h2, strlen(h2), 1, centralLogIO);
fflush(centralLogIO);
}
}
if (as->parms[1].items) {
debugLevel = SafeATOL(as->parms[1].items->data);
if (debugLevel == -1) {
TLog(0, "Illegal debug level '%s'\n", as->parms[1].items->data);
exit(1);
}
}
#ifdef xbsa
/* Setup XBSA library interface */
if (CONF_XBSA) {
afs_int32 rc;
rc = xbsa_MountLibrary(&butxInfo, xbsaType);
if (rc != XBSA_SUCCESS) {
TapeLog(0, 0, rc, 0, "Unable to mount the XBSA library\n");
return (1);
}
forcemultiple = (as->parms[7].items ? 1 : 0);/*-xbsaforcemultiple */
if (forcemultiple)
printf("Force XBSA multiple server support\n");
rc = InitToServer(0 /*taskid */ , &butxInfo, adsmServerName);
if (rc != XBSA_SUCCESS)
return (1);
}
#endif /*xbsa */
/* cell switch */
if (as->parms[2].items)
strncpy(cellName, as->parms[2].items->data, sizeof(cellName));
else
cellName[0] = '\0';
if (as->parms[4].items)
autoQuery = 0;
localauth = (as->parms[5].items ? 1 : 0);
rxBind = (as->parms[8].items ? 1 : 0);
if (rxBind) {
afs_int32 ccode;
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = parseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
if (ccode == 1)
host = SHostAddrs[0];
}
code = rx_InitHost(host, htons(BC_TAPEPORT + portOffset));
if (code) {
TapeLog(0, 0, code, 0, "rx init failed on port %u\n",
BC_TAPEPORT + portOffset);
exit(1);
}
rx_SetRxDeadTime(150);
/* Establish connection with the vldb server */
code = vldbClientInit(0, localauth, cellName, &cstruct, &tokenExpires);
if (code) {
TapeLog(0, 0, code, 0, "Can't access vldb\n");
return code;
}
strcpy(globalCellName, cellName);
/*initialize the dumpNode list */
InitNodeList(portOffset);
deviceLatch =
(struct deviceSyncNode *)(malloc(sizeof(struct deviceSyncNode)));
Lock_Init(&(deviceLatch->lock));
deviceLatch->flags = 0;
/* initialize database support, volume support, and logs */
/* Create a single security object, in this case the null security
* object, for unauthenticated connections, which will be used to control
* security on connections made to this server
*/
securityObjects[0] = rxnull_NewServerSecurityObject();
securityObjects[1] = (struct rx_securityClass *)0; /* don't bother with rxvab */
if (!securityObjects[0]) {
TLog(0, "rxnull_NewServerSecurityObject");
exit(1);
}
service =
rx_NewServiceHost(host, 0, 1, "BUTC", securityObjects, 3, TC_ExecuteRequest);
if (!service) {
TLog(0, "rx_NewService");
exit(1);
}
rx_SetMaxProcs(service, 4);
/* Establish connection to the backup database */
code = udbClientInit(0, localauth, cellName);
if (code) {
TapeLog(0, 0, code, 0, "Can't access backup database\n");
exit(1);
}
/* This call is here to verify that we are authentiated.
* The call does nothing and will return BUDB_NOTPERMITTED
* if we don't belong.
*/
code = bcdb_deleteDump(0, 0, 0, 0);
if (code == BUDB_NOTPERMITTED) {
TapeLog(0, 0, code, 0, "Can't access backup database\n");
exit(1);
}
initStatus();
#ifdef AFS_PTHREAD_ENV
code = pthread_attr_init(&tattr);
if (code) {
TapeLog(0, 0, code, 0,
"Can't pthread_attr_init database monitor task");
exit(1);
}
code = pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_DETACHED);
if (code) {
TapeLog(0, 0, code, 0,
"Can't pthread_attr_setdetachstate database monitor task");
exit(1);
}
AFS_SIGSET_CLEAR();
code = pthread_create(&dbWatcherPid, &tattr, dbWatcher, (void *)2);
AFS_SIGSET_RESTORE();
#else
code =
LWP_CreateProcess(dbWatcher, 20480, LWP_NORMAL_PRIORITY, (void *)2,
"dbWatcher", &dbWatcherPid);
#endif
if (code) {
TapeLog(0, 0, code, 0, "Can't create database monitor task");
exit(1);
}
TLog(0, "Starting Tape Coordinator: Port offset %u Debug level %u\n",
portOffset, debugLevel);
TLog(0, "Token expires: %s\n", cTIME(&tokenExpires));
rx_StartServer(1); /* Donate this process to the server process pool */
TLog(0, "Error: StartServer returned");
exit(1);
}
int
main(int argc, char *argv[])
{
afs_int32 code;
char *whoami = argv[0];
afs_uint32 serverList[MAXSERVERS];
struct afsconf_cell cellinfo;
char *cell;
const char *cellservdb, *dbpath, *lclpath;
int a;
char arg[32];
char default_lclpath[AFSDIR_PATH_MAX];
int servers;
int initFlags;
int level; /* security level for Ubik */
afs_int32 i;
char clones[MAXHOSTSPERCELL];
afs_uint32 host = ntohl(INADDR_ANY);
char *auditFileName = NULL;
struct rx_service *tservice;
struct rx_securityClass *sca[1];
struct rx_securityClass *scm[3];
extern int rx_stackSize;
#ifdef AFS_AIX32_ENV
/*
* The following signal action for AIX is necessary so that in case of a
* crash (i.e. core is generated) we can include the user's data section
* in the core dump. Unfortunately, by default, only a partial core is
* generated which, in many cases, isn't too useful.
*/
struct sigaction nsa;
sigemptyset(&nsa.sa_mask);
nsa.sa_handler = SIG_DFL;
nsa.sa_flags = SA_FULLDUMP;
sigaction(SIGABRT, &nsa, NULL);
sigaction(SIGSEGV, &nsa, NULL);
#endif
osi_audit_init();
if (argc == 0) {
usage:
printf("Usage: kaserver [-noAuth] [-database <dbpath>] "
"[-auditlog <log path>] [-audit-interface <file|sysvmq>] "
"[-rxbind] [-localfiles <lclpath>] [-minhours <n>] "
"[-servers <serverlist>] [-crossrealm] "
/*" [-enable_peer_stats] [-enable_process_stats] " */
"[-help]\n");
exit(1);
}
#ifdef AFS_NT40_ENV
/* initialize winsock */
if (afs_winsockInit() < 0) {
ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0);
fprintf(stderr, "%s: Couldn't initialize winsock.\n", whoami);
exit(1);
}
#endif
/* Initialize dirpaths */
if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
#ifdef AFS_NT40_ENV
ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0);
#endif
fprintf(stderr, "%s: Unable to obtain AFS server directory.\n",
argv[0]);
exit(2);
}
cellservdb = AFSDIR_SERVER_ETC_DIRPATH;
dbpath = AFSDIR_SERVER_KADB_FILEPATH;
strcompose(default_lclpath, AFSDIR_PATH_MAX, AFSDIR_SERVER_LOCAL_DIRPATH,
"/", AFSDIR_KADB_FILE, NULL);
lclpath = default_lclpath;
debugOutput = 0;
servers = 0;
initFlags = 0;
level = rxkad_crypt;
for (a = 1; a < argc; a++) {
int arglen = strlen(argv[a]);
lcstring(arg, argv[a], sizeof(arg));
#define IsArg(a) (strncmp (arg,a, arglen) == 0)
if (strcmp(arg, "-database") == 0) {
dbpath = argv[++a];
if (strcmp(lclpath, default_lclpath) == 0)
lclpath = dbpath;
}
else if (strncmp(arg, "-auditlog", arglen) == 0) {
auditFileName = argv[++a];
} else if (strncmp(arg, "-audit-interface", arglen) == 0) {
char *interface = argv[++a];
if (osi_audit_interface(interface)) {
printf("Invalid audit interface '%s'\n", interface);
exit(1);
}
} else if (strcmp(arg, "-localfiles") == 0)
lclpath = argv[++a];
else if (strcmp(arg, "-servers") == 0)
debugOutput++, servers = 1;
else if (strcmp(arg, "-noauth") == 0)
debugOutput++, initFlags |= 1;
else if (strcmp(arg, "-fastkeys") == 0)
debugOutput++, initFlags |= 4;
else if (strcmp(arg, "-dbfixup") == 0)
debugOutput++, initFlags |= 8;
else if (strcmp(arg, "-cellservdb") == 0) {
cellservdb = argv[++a];
initFlags |= 2;
debugOutput++;
}
else if (IsArg("-crypt"))
level = rxkad_crypt;
else if (IsArg("-safe"))
level = rxkad_crypt;
else if (IsArg("-clear"))
level = rxkad_clear;
else if (IsArg("-sorry"))
level = rxkad_clear;
else if (IsArg("-debug"))
verbose_track = 0;
else if (IsArg("-crossrealm"))
krb4_cross = 1;
else if (IsArg("-rxbind"))
rxBind = 1;
else if (IsArg("-minhours")) {
MinHours = atoi(argv[++a]);
} else if (IsArg("-enable_peer_stats")) {
rx_enablePeerRPCStats();
} else if (IsArg("-enable_process_stats")) {
rx_enableProcessRPCStats();
} else if (*arg == '-') {
/* hack to support help flag */
goto usage;
}
}
if (auditFileName) {
osi_audit_file(auditFileName);
}
if ((code = ka_CellConfig(cellservdb)))
goto abort;
cell = ka_LocalCell();
KA_conf = afsconf_Open(cellservdb);
if (!KA_conf) {
code = KANOCELLS;
abort:
afs_com_err(whoami, code, "Failed getting cell info");
exit(1);
}
#ifdef AUTH_DBM_LOG
kalog_Init();
#else
/* NT & HPUX do not have dbm package support. So we can only do some
* text logging. So open the AuthLog file for logging and redirect
* stdin and stdout to it
*/
OpenLog(AFSDIR_SERVER_KALOG_FILEPATH);
SetupLogSignals();
#endif
fprintf(stderr, "%s: WARNING: kaserver is deprecated due to its weak security "
"properties. Migrating to a Kerberos 5 KDC is advised. "
"http://www.openafs.org/no-more-des.html\n", whoami);
ViceLog(0, ("WARNING: kaserver is deprecated due to its weak security properties. "
"Migrating to a Kerberos 5 KDC is advised. "
"http://www.openafs.org/no-more-des.html\n"));
code =
afsconf_GetExtendedCellInfo(KA_conf, cell, AFSCONF_KAUTHSERVICE,
&cellinfo, clones);
if (servers) {
if ((code = ubik_ParseServerList(argc, argv, &myHost, serverList))) {
afs_com_err(whoami, code, "Couldn't parse server list");
exit(1);
}
cellinfo.hostAddr[0].sin_addr.s_addr = myHost;
for (i = 1; i < MAXSERVERS; i++) {
if (!serverList[i])
break;
cellinfo.hostAddr[i].sin_addr.s_addr = serverList[i];
}
cellinfo.numServers = i;
} else {
code = convert_cell_to_ubik(&cellinfo, &myHost, serverList);
if (code)
goto abort;
ViceLog(0, ("Using server list from %s cell database.\n", cell));
}
/* initialize audit user check */
osi_audit_set_user_check(KA_conf, KA_IsLocalRealmMatch);
/* initialize ubik */
if (level == rxkad_clear)
ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate,
KA_conf);
else if (level == rxkad_crypt)
ubik_SetClientSecurityProcs(afsconf_ClientAuthSecure,
afsconf_UpToDate, KA_conf);
else {
ViceLog(0, ("Unsupported security level %d\n", level));
exit(5);
}
ViceLog(0,
("Using level %s for Ubik connections.\n",
(level == rxkad_crypt ? "crypt" : "clear")));
ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
afsconf_CheckAuth,
KA_conf);
ubik_nBuffers = 80;
if (rxBind) {
afs_int32 ccode;
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = parseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
if (ccode == 1) {
host = SHostAddrs[0];
rx_InitHost(host, htons(AFSCONF_KAUTHPORT));
}
}
/* Disable jumbograms */
rx_SetNoJumbo();
if (servers)
code =
ubik_ServerInit(myHost, htons(AFSCONF_KAUTHPORT), serverList,
dbpath, &KA_dbase);
else
code =
ubik_ServerInitByInfo(myHost, htons(AFSCONF_KAUTHPORT), &cellinfo,
clones, dbpath, &KA_dbase);
if (code) {
afs_com_err(whoami, code, "Ubik init failed");
exit(2);
}
sca[RX_SCINDEX_NULL] = rxnull_NewServerSecurityObject();
tservice =
rx_NewServiceHost(host, 0, KA_AUTHENTICATION_SERVICE,
"AuthenticationService", sca, 1, KAA_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
ViceLog(0, ("Could not create Authentication rx service\n"));
exit(3);
}
rx_SetMinProcs(tservice, 1);
rx_SetMaxProcs(tservice, 1);
tservice =
rx_NewServiceHost(host, 0, KA_TICKET_GRANTING_SERVICE, "TicketGrantingService",
sca, 1, KAT_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
ViceLog(0, ("Could not create Ticket Granting rx service\n"));
exit(3);
}
rx_SetMinProcs(tservice, 1);
rx_SetMaxProcs(tservice, 1);
scm[RX_SCINDEX_NULL] = sca[RX_SCINDEX_NULL];
scm[RX_SCINDEX_VAB] = 0;
scm[RX_SCINDEX_KAD] =
rxkad_NewServerSecurityObject(rxkad_crypt, 0, kvno_admin_key, 0);
tservice =
rx_NewServiceHost(host, 0, KA_MAINTENANCE_SERVICE, "Maintenance", scm, 3,
KAM_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
ViceLog(0, ("Could not create Maintenance rx service\n"));
exit(3);
}
rx_SetMinProcs(tservice, 1);
rx_SetMaxProcs(tservice, 1);
rx_SetStackSize(tservice, 10000);
tservice =
rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats", scm, 3,
RXSTATS_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
ViceLog(0, ("Could not create rpc stats rx service\n"));
exit(3);
}
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, 4);
initialize_dstats();
/* allow super users to manage RX statistics */
rx_SetRxStatUserOk(KA_rxstat_userok);
rx_StartServer(0); /* start handling req. of all types */
if (init_kaprocs(lclpath, initFlags))
return -1;
if ((code = init_krb_udp())) {
ViceLog(0,
("Failed to initialize UDP interface; code = %d.\n", code));
ViceLog(0, ("Running without UDP access.\n"));
}
ViceLog(0, ("Starting to process AuthServer requests\n"));
rx_ServerProc(NULL); /* donate this LWP */
return 0;
}
int
main(int argc, char **argv)
{
afs_int32 code, i;
afs_uint32 serverList[MAXSERVERS];
afs_uint32 myHost;
struct rx_service *tservice;
struct rx_securityClass *sc[2];
char dbfileName[128];
if (argc == 1) {
printf("usage: userver -servers <serverlist> {-sleep <sleeptime>}\n");
exit(0);
}
#ifdef AFS_NT40_ENV
/* initialize winsock */
if (afs_winsockInit() < 0)
return -1;
#endif
/* parse our own local arguments */
sleepTime = 0;
for (i = 1; i < argc; i++) {
if (strcmp(argv[i], "-sleep") == 0) {
if (i >= argc - 1) {
printf("missing time in -sleep argument\n");
exit(1);
}
sleepTime = atoi(argv[i + 1]);
i++;
}
}
/* call routine to parse command line -servers switch, filling in
* myHost and serverList arrays appropriately */
code = ubik_ParseServerList(argc, argv, &myHost, serverList);
if (code) {
printf("could not parse server list, code %d\n", code);
exit(1);
}
/* call ServerInit with the values from ParseServerList. Also specify the
* name to use for the database files (/tmp/testdb), and the port (3000)
* for RPC requests. ServerInit returns a pointer to the database (in
* dbase), which is required for creating new transactions */
sprintf(dbfileName, "%s/testdb", gettmpdir());
code =
ubik_ServerInit(myHost, htons(3000), serverList, dbfileName, &dbase);
if (code) {
printf("ubik init failed with code %d\n", code);
exit(1);
}
sc[0] = rxnull_NewServerSecurityObject();
#if 0
sc[1] = rxvab_NewServerSecurityObject("applexx", 0);
#endif
tservice = rx_NewService(0, USER_SERVICE_ID, "Sample", sc, 1 /*2 */ ,
SAMPLE_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
printf("Could not create SAMPLE rx service\n");
exit(3);
}
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, 3);
rx_StartServer(1); /* Why waste this idle process?? */
return 0;
}
int
CommandProc(struct cmd_syndesc *as, void *arock)
{
struct rx_connection *conn;
char *hostName;
struct hostent *thp;
afs_int32 port;
struct rx_securityClass *secobj;
int int32p;
afs_int32 addr;
hostName = as->parms[0].items->data;
if (as->parms[1].items)
port = atoi(as->parms[1].items->data);
else
port = 7001;
thp = hostutil_GetHostByName(hostName);
if (!thp) {
printf("cmdebug: can't resolve address for host %s.\n", hostName);
exit(1);
}
memcpy(&addr, thp->h_addr, sizeof(afs_int32));
secobj = rxnull_NewServerSecurityObject();
conn = rx_NewConnection(addr, htons(port), 1, secobj, 0);
if (!conn) {
printf("cmdebug: failed to create connection for host %s\n",
hostName);
exit(1);
}
if (as->parms[6].items) {
/* -addrs */
PrintInterfaces(conn);
return 0;
}
if (as->parms[7].items) {
/* -cache */
PrintCacheConfig(conn);
return 0;
}
if (as->parms[8].items) {
/* -cellservdb */
PrintCellServDB(conn);
return 0;
}
if (as->parms[5].items)
print_ctime = 1;
if (as->parms[2].items)
/* -long */
int32p = 1;
else if (as->parms[3].items)
/* -refcounts */
int32p = 2;
else if (as->parms[4].items)
/* -callbacks */
int32p = 4;
else
int32p = 0;
if (int32p == 0 || int32p == 1)
PrintLocks(conn, int32p);
if (int32p >= 0 || int32p <= 4)
PrintCacheEntries(conn, int32p);
return 0;
}
int
fsprobe_Init(int a_numServers, struct sockaddr_in *a_socketArray,
int a_ProbeFreqInSecs, int (*a_ProbeHandler)(void),
int a_debug)
{ /*fsprobe_Init */
static char rn[] = "fsprobe_Init"; /*Routine name */
register afs_int32 code; /*Return value */
static struct rx_securityClass *CBsecobj; /*Callback security object */
struct rx_securityClass *secobj; /*Client security object */
struct rx_service *rxsrv_afsserver; /*Server for AFS */
int arg_errfound; /*Argument error found? */
int curr_srv; /*Current server idx */
struct fsprobe_ConnectionInfo *curr_conn; /*Ptr to current conn */
char *hostNameFound; /*Ptr to returned host name */
int conn_err; /*Connection error? */
int PortToUse; /*Callback port to use */
/*
* If we've already been called, snicker at the bozo, gently
* remind him of his doubtful heritage, and return success.
*/
if (fsprobe_initflag) {
fprintf(stderr, "[%s] Called multiple times!\n", rn);
return (0);
} else
fsprobe_initflag = 1;
/*
* Check the parameters for bogosities.
*/
arg_errfound = 0;
if (a_numServers <= 0) {
fprintf(stderr, "[%s] Illegal number of servers: %d\n", rn,
a_numServers);
arg_errfound = 1;
}
if (a_socketArray == (struct sockaddr_in *)0) {
fprintf(stderr, "[%s] Null server socket array argument\n", rn);
arg_errfound = 1;
}
if (a_ProbeFreqInSecs <= 0) {
fprintf(stderr, "[%s] Illegal probe frequency: %d\n", rn,
a_ProbeFreqInSecs);
arg_errfound = 1;
}
if (a_ProbeHandler == (int (*)())0) {
fprintf(stderr, "[%s] Null probe handler function argument\n", rn);
arg_errfound = 1;
}
if (arg_errfound)
return (-1);
/*
* Record our passed-in info.
*/
fsprobe_debug = a_debug;
fsprobe_numServers = a_numServers;
fsprobe_Handler = a_ProbeHandler;
fsprobe_ProbeFreqInSecs = a_ProbeFreqInSecs;
/*
* Get ready in case we have to do a cleanup - basically, zero
* everything out.
*/
fsprobe_CleanupInit();
/*
* Allocate the necessary data structures and initialize everything
* else.
*/
fsprobe_ConnInfo = (struct fsprobe_ConnectionInfo *)
malloc(a_numServers * sizeof(struct fsprobe_ConnectionInfo));
if (fsprobe_ConnInfo == (struct fsprobe_ConnectionInfo *)0) {
fprintf(stderr,
"[%s] Can't allocate %d connection info structs (%"AFS_SIZET_FMT" bytes)\n",
rn, a_numServers,
(a_numServers * sizeof(struct fsprobe_ConnectionInfo)));
return (-1); /*No cleanup needs to be done yet */
}
#if 0
else
fprintf(stderr, "[%s] fsprobe_ConnInfo allocated (%d bytes)\n", rn,
a_numServers * sizeof(struct fsprobe_ConnectionInfo));
#endif /* 0 */
fsprobe_statsBytes = a_numServers * sizeof(struct ProbeViceStatistics);
fsprobe_Results.stats = (struct ProbeViceStatistics *)
malloc(fsprobe_statsBytes);
if (fsprobe_Results.stats == NULL) {
fprintf(stderr,
"[%s] Can't allocate %d statistics structs (%d bytes)\n", rn,
a_numServers, fsprobe_statsBytes);
fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */
return (-1);
} else if (fsprobe_debug)
fprintf(stderr, "[%s] fsprobe_Results.stats allocated (%d bytes)\n",
rn, fsprobe_statsBytes);
fsprobe_probeOKBytes = a_numServers * sizeof(int);
fsprobe_Results.probeOK = (int *)malloc(fsprobe_probeOKBytes);
if (fsprobe_Results.probeOK == (int *)0) {
fprintf(stderr,
"[%s] Can't allocate %d probeOK array entries (%d bytes)\n",
rn, a_numServers, fsprobe_probeOKBytes);
fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */
return (-1);
} else if (fsprobe_debug)
fprintf(stderr, "[%s] fsprobe_Results.probeOK allocated (%d bytes)\n",
rn, fsprobe_probeOKBytes);
fsprobe_Results.probeNum = 0;
fsprobe_Results.probeTime = 0;
memset(fsprobe_Results.stats, 0,
(a_numServers * sizeof(struct ProbeViceStatistics)));
/*
* Initialize the Rx subsystem, just in case nobody's done it.
*/
if (fsprobe_debug)
fprintf(stderr, "[%s] Initializing Rx\n", rn);
PortToUse = FSPROBE_CBPORT;
do {
code = rx_Init(htons(PortToUse));
if (code) {
if (code == RX_ADDRINUSE) {
if (fsprobe_debug)
fprintf(stderr,
"[%s] Callback port %d in use, advancing\n", rn,
PortToUse);
PortToUse++;
} else {
fprintf(stderr, "[%s] Fatal error in rx_Init()\n", rn);
return (-1);
}
}
} while (code);
if (fsprobe_debug)
fprintf(stderr, "[%s] Rx initialized on port %d\n", rn, PortToUse);
/*
* Create a null Rx server security object, to be used by the
* Callback listener.
*/
CBsecobj = rxnull_NewServerSecurityObject();
if (CBsecobj == (struct rx_securityClass *)0) {
fprintf(stderr,
"[%s] Can't create null security object for the callback listener.\n",
rn);
fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */
return (-1);
}
if (fsprobe_debug)
fprintf(stderr, "[%s] Callback server security object created\n", rn);
/*
* Create a null Rx client security object, to be used by the
* probe LWP.
*/
secobj = rxnull_NewClientSecurityObject();
if (secobj == (struct rx_securityClass *)0) {
fprintf(stderr,
"[%s] Can't create client security object for probe LWP.\n",
rn);
fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */
return (-1);
}
if (fsprobe_debug)
fprintf(stderr, "[%s] Probe LWP client security object created\n",
rn);
curr_conn = fsprobe_ConnInfo;
conn_err = 0;
for (curr_srv = 0; curr_srv < a_numServers; curr_srv++) {
/*
* Copy in the socket info for the current server, resolve its
* printable name if possible.
*/
if (fsprobe_debug) {
fprintf(stderr, "[%s] Copying in the following socket info:\n",
rn);
fprintf(stderr, "[%s] IP addr 0x%x, port %d\n", rn,
(a_socketArray + curr_srv)->sin_addr.s_addr,
(a_socketArray + curr_srv)->sin_port);
}
memcpy(&(curr_conn->skt), a_socketArray + curr_srv,
sizeof(struct sockaddr_in));
hostNameFound =
hostutil_GetNameByINet(curr_conn->skt.sin_addr.s_addr);
if (hostNameFound == NULL) {
fprintf(stderr,
"[%s] Can't map Internet address %u to a string name\n",
rn, curr_conn->skt.sin_addr.s_addr);
curr_conn->hostName[0] = '\0';
} else {
strcpy(curr_conn->hostName, hostNameFound);
if (fsprobe_debug)
fprintf(stderr, "[%s] Host name for server index %d is %s\n",
rn, curr_srv, curr_conn->hostName);
}
/*
* Make an Rx connection to the current server.
*/
if (fsprobe_debug)
fprintf(stderr,
"[%s] Connecting to srv idx %d, IP addr 0x%x, port %d, service 1\n",
rn, curr_srv, curr_conn->skt.sin_addr.s_addr,
curr_conn->skt.sin_port);
curr_conn->rxconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */
curr_conn->skt.sin_port, /*Server port */
1, /*AFS service num */
secobj, /*Security object */
0); /*Number of above */
if (curr_conn->rxconn == (struct rx_connection *)0) {
fprintf(stderr,
"[%s] Can't create Rx connection to server %s (%u)\n",
rn, curr_conn->hostName, curr_conn->skt.sin_addr.s_addr);
conn_err = 1;
}
if (fsprobe_debug)
fprintf(stderr, "[%s] New connection at %p\n", rn,
curr_conn->rxconn);
/*
* Make an Rx connection to the current volume server.
*/
if (fsprobe_debug)
fprintf(stderr,
"[%s] Connecting to srv idx %d, IP addr 0x%x, port %d, service 1\n",
rn, curr_srv, curr_conn->skt.sin_addr.s_addr,
htons(7005));
curr_conn->rxVolconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */
htons(AFSCONF_VOLUMEPORT), /*Volume Server port */
VOLSERVICE_ID, /*AFS service num */
secobj, /*Security object */
0); /*Number of above */
if (curr_conn->rxVolconn == (struct rx_connection *)0) {
fprintf(stderr,
"[%s] Can't create Rx connection to volume server %s (%u)\n",
rn, curr_conn->hostName, curr_conn->skt.sin_addr.s_addr);
conn_err = 1;
} else {
int i, cnt;
memset(&curr_conn->partList, 0, sizeof(struct partList));
curr_conn->partCnt = 0;
i = XListPartitions(curr_conn->rxVolconn, &curr_conn->partList,
&cnt);
if (!i) {
curr_conn->partCnt = cnt;
}
}
if (fsprobe_debug)
fprintf(stderr, "[%s] New connection at %p\n", rn,
curr_conn->rxVolconn);
/*
* Bump the current fsprobe connection to set up.
*/
curr_conn++;
} /*for curr_srv */
/*
* Create the AFS callback service (listener).
*/
if (fsprobe_debug)
fprintf(stderr, "[%s] Creating AFS callback listener\n", rn);
rxsrv_afsserver = rx_NewService(0, /*Use default port */
1, /*Service ID */
"afs", /*Service name */
&CBsecobj, /*Ptr to security object(s) */
1, /*Number of security objects */
RXAFSCB_ExecuteRequest); /*Dispatcher */
if (rxsrv_afsserver == (struct rx_service *)0) {
fprintf(stderr, "[%s] Can't create callback Rx service/listener\n",
rn);
fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */
return (-1);
}
if (fsprobe_debug)
fprintf(stderr, "[%s] Callback listener created\n", rn);
/*
* Start up the AFS callback service.
*/
if (fsprobe_debug)
fprintf(stderr, "[%s] Starting up callback listener.\n", rn);
rx_StartServer(0 /*Don't donate yourself to LWP pool */ );
/*
* Start up the probe LWP.
*/
if (fsprobe_debug)
fprintf(stderr, "[%s] Creating the probe LWP\n", rn);
code = LWP_CreateProcess(fsprobe_LWP, /*Function to start up */
LWP_STACK_SIZE, /*Stack size in bytes */
1, /*Priority */
(void *)0, /*Parameters */
"fsprobe Worker", /*Name to use */
&probeLWP_ID); /*Returned LWP process ID */
if (code) {
fprintf(stderr, "[%s] Can't create fsprobe LWP! Error is %d\n", rn,
code);
fsprobe_Cleanup(1); /*Delete already-malloc'ed areas */
return (code);
}
if (fsprobe_debug)
fprintf(stderr, "[%s] Probe LWP process structure located at %p\n",
rn, probeLWP_ID);
#if 0
/*
* Do I need to do this?
*/
if (fsprobe_debug)
fprintf(stderr, "[%s] Calling osi_Wakeup()\n", rn);
osi_Wakeup(&rxsrv_afsserver); /*Wake up anyone waiting for it */
#endif /* 0 */
/*
* Return the final results.
*/
if (conn_err)
return (-2);
else
return (0);
} /*fsprobe_Init */
static int
WorkerBee(struct cmd_syndesc *as, void *arock)
{
afs_int32 code, numClasses;
struct rx_securityClass *(nullObjects[1]), **secObjs, **allObjs;
struct rx_service *service;
time_t tokenExpires;
char cellName[64];
int localauth;
/*process arguments */
afs_int32 portOffset = 0;
#ifdef AFS_PTHREAD_ENV
pthread_t dbWatcherPid;
pthread_attr_t tattr;
AFS_SIGSET_DECL;
#else
PROCESS dbWatcherPid;
#endif
char hoststr[16];
afs_uint32 host = htonl(INADDR_ANY);
char *auditFileName = NULL;
char *auditInterface = NULL;
debugLevel = 0;
/*initialize the error tables */
initialize_KA_error_table();
initialize_RXK_error_table();
initialize_KTC_error_table();
initialize_ACFG_error_table();
initialize_CMD_error_table();
initialize_VL_error_table();
initialize_BUTM_error_table();
initialize_BUTC_error_table();
#ifdef xbsa
initialize_BUTX_error_table();
#endif /*xbs */
initialize_VOLS_error_table();
initialize_BUDB_error_table();
initialize_BUCD_error_table();
if (as->parms[0].items) {
portOffset = SafeATOL(as->parms[0].items->data);
if (portOffset == -1) {
fprintf(stderr, "Illegal port offset '%s'\n",
as->parms[0].items->data);
exit(1);
} else if (portOffset > BC_MAXPORTOFFSET) {
fprintf(stderr, "%u exceeds max port offset %u\n", portOffset,
BC_MAXPORTOFFSET);
exit(1);
}
}
xbsaType = XBSA_SERVER_TYPE_NONE; /* default */
if (as->parms[3].items) { /* -device */
globalTapeConfig.capacity = 0x7fffffff; /* 2T for max tape capacity */
globalTapeConfig.fileMarkSize = 0;
globalTapeConfig.portOffset = portOffset;
strncpy(globalTapeConfig.device, as->parms[3].items->data, 100);
xbsaType = XBSA_SERVER_TYPE_NONE; /* Not XBSA */
} else {
/* Search for an entry in tapeconfig file */
code = GetDeviceConfig(tapeConfigFile, &globalTapeConfig, portOffset);
if (code == -1) {
fprintf(stderr, "Problem in reading config file %s\n",
tapeConfigFile);
exit(1);
}
/* Set xbsaType. If code == 1, no entry was found in the tapeconfig file so
* it's an XBSA server. Don't know if its ADSM or not so its unknown.
*/
xbsaType =
((code == 1) ? XBSA_SERVER_TYPE_UNKNOWN : XBSA_SERVER_TYPE_NONE);
}
if (as->parms[6].items) { /* -restoretofile */
restoretofile = strdup(as->parms[6].items->data);
printf("Restore to file '%s'\n", restoretofile);
}
/* Go and read the config file: CFG_<device> or CFG_<port>. We will also set
* the exact xbsaType within the call (won't be unknown) - double check.
*/
code = GetConfigParams(pFile, portOffset);
if (code)
exit(code);
#ifdef xbsa
if (xbsaType == XBSA_SERVER_TYPE_UNKNOWN) {
printf
("\nConfiguration file error, the TYPE parameter must be specified, or\n");
printf("an entry must exist in %s for port %d\n", tapeConfigFile,
portOffset);
exit(1);
}
#else
/* Not compiled for XBSA code so we can't support it */
if (CONF_XBSA) {
printf("\nNo entry found in %s for port %d\n", tapeConfigFile,
portOffset);
printf("This binary does not have XBSA support\n");
exit(1);
}
#endif
/* Open the log files. The pathnames were set in GetConfigParams() */
logIO = fopen(logFile, "a");
if (!logIO) {
fprintf(stderr, "Failed to open %s\n", logFile);
exit(1);
}
ErrorlogIO = fopen(ErrorlogFile, "a");
if (!ErrorlogIO) {
fprintf(stderr, "Failed to open %s\n", ErrorlogFile);
exit(1);
}
if (lastLog) {
lastLogIO = fopen(lastLogFile, "a");
if (!lastLogIO) {
fprintf(stderr, "Failed to open %s\n", lastLogFile);
exit(1);
}
}
if (centralLogFile) {
struct stat sbuf;
afs_int32 statcode;
#ifndef AFS_NT40_ENV
char *path;
#endif
statcode = stat(centralLogFile, &sbuf);
centralLogIO = fopen(centralLogFile, "a");
if (!centralLogIO) {
fprintf(stderr, "Failed to open %s; error %d\n", centralLogFile,
errno);
exit(1);
}
#ifndef AFS_NT40_ENV
/* Make sure it is not in AFS, has to have been created first */
path = malloc(AFSDIR_PATH_MAX);
if (path == NULL || !realpath(centralLogFile, path)) {
fprintf(stderr,
"Warning: can't determine real path of '%s' (%d)\n",
centralLogFile, errno);
} else {
if (strncmp(path, "/afs/", 5) == 0) {
fprintf(stderr, "The central log '%s' should not be in AFS\n",
centralLogFile);
exit(1);
}
}
free(path);
#endif
/* Write header if created it */
if (statcode) {
char *h1 =
"TASK START DATE/TIME END DATE/TIME ELAPSED VOLUMESET\n";
char *h2 =
"----- ------------------- ------------------- -------- ---------\n";
/* File didn't exist before so write the header lines */
fwrite(h1, strlen(h1), 1, centralLogIO);
fwrite(h2, strlen(h2), 1, centralLogIO);
fflush(centralLogIO);
}
}
/* Open the configuration directory */
butc_confdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH);
if (butc_confdir == NULL) {
TLog(0, "Failed to open server configuration directory");
exit(1);
}
/* Start auditing */
osi_audit_init();
if (as->parms[9].items) {
auditFileName = as->parms[9].items->data;
}
if (auditFileName != NULL)
osi_audit_file(auditFileName);
if (as->parms[10].items) {
auditInterface = as->parms[10].items->data;
if (osi_audit_interface(auditInterface)) {
TLog(0, "Invalid audit interface '%s'\n", auditInterface);
exit(1);
}
}
osi_audit(TC_StartEvent, 0, AUD_END);
osi_audit_set_user_check(butc_confdir, tc_IsLocalRealmMatch);
if (as->parms[1].items) {
debugLevel = SafeATOL(as->parms[1].items->data);
if (debugLevel == -1) {
TLog(0, "Illegal debug level '%s'\n", as->parms[1].items->data);
exit(1);
}
}
#ifdef xbsa
/* Setup XBSA library interface */
if (CONF_XBSA) {
afs_int32 rc;
rc = xbsa_MountLibrary(&butxInfo, xbsaType);
if (rc != XBSA_SUCCESS) {
TapeLog(0, 0, rc, 0, "Unable to mount the XBSA library\n");
return (1);
}
forcemultiple = (as->parms[7].items ? 1 : 0);/*-xbsaforcemultiple */
if (forcemultiple)
printf("Force XBSA multiple server support\n");
rc = InitToServer(0 /*taskid */ , &butxInfo, adsmServerName);
if (rc != XBSA_SUCCESS)
return (1);
(void)signal(SIGINT, xbsa_shutdown);
(void)signal(SIGHUP, xbsa_shutdown);
}
#endif /*xbsa */
/* cell switch */
if (as->parms[2].items)
strncpy(cellName, as->parms[2].items->data, sizeof(cellName));
else
cellName[0] = '\0';
if (as->parms[4].items)
autoQuery = 0;
localauth = (as->parms[5].items ? 1 : 0);
rxBind = (as->parms[8].items ? 1 : 0);
allow_unauth = (as->parms[11].items ? 1 : 0);
if (!allow_unauth && !localauth) {
const char *errstr = "Neither -localauth nor -allow_unauthenticated was provided; refusing to start in unintended insecure configuration\n";
TLog(0, "%s", (char *)errstr);
exit(1);
}
if (rxBind) {
afs_int32 ccode;
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
if (ccode == 1)
host = SHostAddrs[0];
}
TLog(0, "butc binding rx to %s:%d\n",
afs_inet_ntoa_r(host, hoststr), BC_TAPEPORT + portOffset);
code = rx_InitHost(host, htons(BC_TAPEPORT + portOffset));
if (code) {
TapeLog(0, 0, code, 0, "rx init failed on port %u\n",
BC_TAPEPORT + portOffset);
exit(1);
}
rx_SetRxDeadTime(150);
/* Establish connection with the vldb server */
code = vldbClientInit(0, localauth, cellName, &cstruct, &tokenExpires);
if (code) {
TapeLog(0, 0, code, 0, "Can't access vldb\n");
return code;
}
strcpy(globalCellName, cellName);
/*initialize the dumpNode list */
InitNodeList(portOffset);
deviceLatch = malloc(sizeof(struct deviceSyncNode));
Lock_Init(&(deviceLatch->lock));
deviceLatch->flags = 0;
/* initialize database support, volume support, and logs */
/*
* Create security objects for the Rx server functionality. Historically
* this was a single rxnull security object, since the tape controller was
* run by an operator that had local access to the tape device and some
* administrative privilege in the cell (to be able to perform volume-level
* accesses), but on a machine that was not necessarily trusted to hold the
* cell-wide key.
*
* Such a configuration is, of course, insecure because anyone can make
* inbound RPCs and manipulate the database, including creating bogus
* dumps and restoring them! Additionally, in modern usage, butc is
* frequently run with -localauth to authenticate its outbound connections
* to the volservers and budb with the cell-wide key, in which case the
* cell-wide key is present and could be used to authenticate incoming
* connections as well.
*
* If -localauth is in use, create the full barrage of server security
* objects, including rxkad, so that inbound connections can be verified
* to only be made by authenticated clients. Otherwise, only the rxnull
* class is in use with a single server security object. Note that butc
* will refuse to start in this configuration unless the
* "-allow_unauthenticated" flag is provided, indicating that the operator
* has ensured that incoming connections are appropriately restricted by
* firewall configuration or network topology.
*/
if (allow_unauth) {
nullObjects[RX_SECIDX_NULL] = rxnull_NewServerSecurityObject();
if (!nullObjects[RX_SECIDX_NULL]) {
TLog(0, "rxnull_NewServerSecurityObject");
exit(1);
}
numClasses = 1;
secObjs = nullObjects;
} else {
/* Must be -localauth, so the cell keys are available. */
afsconf_BuildServerSecurityObjects(butc_confdir, &allObjs, &numClasses);
secObjs = allObjs;
}
service =
rx_NewServiceHost(host, 0, 1, "BUTC", secObjs, numClasses, TC_ExecuteRequest);
if (!service) {
TLog(0, "rx_NewService");
exit(1);
}
rx_SetMaxProcs(service, 4);
/* Establish connection to the backup database */
code = udbClientInit(0, localauth, cellName);
if (code) {
TapeLog(0, 0, code, 0, "Can't access backup database\n");
exit(1);
}
/* This call is here to verify that we are authentiated.
* The call does nothing and will return BUDB_NOTPERMITTED
* if we don't belong.
*/
code = bcdb_deleteDump(0, 0, 0, 0);
if (code == BUDB_NOTPERMITTED) {
TapeLog(0, 0, code, 0, "Can't access backup database\n");
exit(1);
}
initStatus();
#ifdef AFS_PTHREAD_ENV
code = pthread_attr_init(&tattr);
if (code) {
TapeLog(0, 0, code, 0,
"Can't pthread_attr_init database monitor task");
exit(1);
}
code = pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_DETACHED);
if (code) {
TapeLog(0, 0, code, 0,
"Can't pthread_attr_setdetachstate database monitor task");
exit(1);
}
AFS_SIGSET_CLEAR();
code = pthread_create(&dbWatcherPid, &tattr, dbWatcher, (void *)2);
AFS_SIGSET_RESTORE();
#else
code =
LWP_CreateProcess(dbWatcher, 20480, LWP_NORMAL_PRIORITY, (void *)2,
"dbWatcher", &dbWatcherPid);
#endif
if (code) {
TapeLog(0, 0, code, 0, "Can't create database monitor task");
exit(1);
}
TLog(0, "Starting Tape Coordinator: Port offset %u Debug level %u\n",
portOffset, debugLevel);
TLog(0, "Token expires: %s\n", cTIME(&tokenExpires));
rx_StartServer(1); /* Donate this process to the server process pool */
TLog(0, "Error: StartServer returned");
exit(1);
}
int
xstat_fs_Init(int a_numServers, struct sockaddr_in *a_socketArray,
int a_ProbeFreqInSecs, int (*a_ProbeHandler) (void), int a_flags,
int a_numCollections, afs_int32 * a_collIDP)
{
static char rn[] = "xstat_fs_Init"; /*Routine name */
afs_int32 code; /*Return value */
static struct rx_securityClass *CBsecobj; /*Callback security object */
struct rx_securityClass *secobj; /*Client security object */
struct rx_service *rxsrv_afsserver; /*Server for AFS */
int arg_errfound; /*Argument error found? */
int curr_srv; /*Current server idx */
struct xstat_fs_ConnectionInfo *curr_conn; /*Ptr to current conn */
char *hostNameFound; /*Ptr to returned host name */
int conn_err; /*Connection error? */
int collIDBytes; /*Num bytes in coll ID array */
char hoststr[16];
/*
* If we've already been called, snicker at the bozo, gently
* remind him of his doubtful heritage, and return success.
*/
if (xstat_fs_initflag) {
fprintf(stderr, "[%s] Called multiple times!\n", rn);
return (0);
} else
xstat_fs_initflag = 1;
/*
* Check the parameters for bogosities.
*/
arg_errfound = 0;
if (a_numServers <= 0) {
fprintf(stderr, "[%s] Illegal number of servers: %d\n", rn,
a_numServers);
arg_errfound = 1;
}
if (a_socketArray == (struct sockaddr_in *)0) {
fprintf(stderr, "[%s] Null server socket array argument\n", rn);
arg_errfound = 1;
}
if (a_ProbeFreqInSecs <= 0) {
fprintf(stderr, "[%s] Illegal probe frequency: %d\n", rn,
a_ProbeFreqInSecs);
arg_errfound = 1;
}
if (a_ProbeHandler == (int (*)())0) {
fprintf(stderr, "[%s] Null probe handler function argument\n", rn);
arg_errfound = 1;
}
if (a_numCollections <= 0) {
fprintf(stderr, "[%s] Illegal collection count argument: %d\n", rn,
a_numServers);
arg_errfound = 1;
}
if (a_collIDP == NULL) {
fprintf(stderr, "[%s] Null collection ID array argument\n", rn);
arg_errfound = 1;
}
if (arg_errfound)
return (-1);
/*
* Record our passed-in info.
*/
xstat_fs_debug = (a_flags & XSTAT_FS_INITFLAG_DEBUGGING);
xstat_fs_oneShot = (a_flags & XSTAT_FS_INITFLAG_ONE_SHOT);
xstat_fs_numServers = a_numServers;
xstat_fs_Handler = a_ProbeHandler;
xstat_fs_ProbeFreqInSecs = a_ProbeFreqInSecs;
xstat_fs_numCollections = a_numCollections;
collIDBytes = xstat_fs_numCollections * sizeof(afs_int32);
xstat_fs_collIDP = malloc(collIDBytes);
memcpy(xstat_fs_collIDP, a_collIDP, collIDBytes);
if (xstat_fs_debug) {
printf("[%s] Asking for %d collection(s): ", rn,
xstat_fs_numCollections);
for (curr_srv = 0; curr_srv < xstat_fs_numCollections; curr_srv++)
printf("%d ", *(xstat_fs_collIDP + curr_srv));
printf("\n");
}
/*
* Get ready in case we have to do a cleanup - basically, zero
* everything out.
*/
code = xstat_fs_CleanupInit();
if (code)
return (code);
/*
* Allocate the necessary data structures and initialize everything
* else.
*/
xstat_fs_ConnInfo = malloc(a_numServers
* sizeof(struct xstat_fs_ConnectionInfo));
if (xstat_fs_ConnInfo == (struct xstat_fs_ConnectionInfo *)0) {
fprintf(stderr,
"[%s] Can't allocate %d connection info structs (%" AFS_SIZET_FMT " bytes)\n",
rn, a_numServers,
(a_numServers * sizeof(struct xstat_fs_ConnectionInfo)));
return (-1); /*No cleanup needs to be done yet */
}
/*
* Initialize the Rx subsystem, just in case nobody's done it.
*/
if (xstat_fs_debug)
printf("[%s] Initializing Rx\n", rn);
code = rx_Init(0);
if (code) {
fprintf(stderr, "[%s] Fatal error in rx_Init()\n", rn);
return (-1);
}
if (xstat_fs_debug)
printf("[%s] Rx initialized\n", rn);
/*
* Create a null Rx server security object, to be used by the
* Callback listener.
*/
CBsecobj = (struct rx_securityClass *)
rxnull_NewServerSecurityObject();
if (CBsecobj == (struct rx_securityClass *)0) {
fprintf(stderr,
"[%s] Can't create callback listener's security object.\n",
rn);
xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */
return (-1);
}
if (xstat_fs_debug)
printf("[%s] Callback server security object created\n", rn);
/*
* Create a null Rx client security object, to be used by the
* probe LWP.
*/
secobj = rxnull_NewClientSecurityObject();
if (secobj == (struct rx_securityClass *)0) {
fprintf(stderr,
"[%s] Can't create probe LWP client security object.\n", rn);
xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */
return (-1);
}
if (xstat_fs_debug)
printf("[%s] Probe LWP client security object created\n", rn);
curr_conn = xstat_fs_ConnInfo;
conn_err = 0;
for (curr_srv = 0; curr_srv < a_numServers; curr_srv++) {
/*
* Copy in the socket info for the current server, resolve its
* printable name if possible.
*/
if (xstat_fs_debug) {
char hoststr[16];
printf("[%s] Copying in the following socket info:\n", rn);
printf("[%s] IP addr %s, port %d\n", rn,
afs_inet_ntoa_r((a_socketArray + curr_srv)->sin_addr.s_addr,hoststr),
ntohs((a_socketArray + curr_srv)->sin_port));
}
memcpy(&(curr_conn->skt), a_socketArray + curr_srv,
sizeof(struct sockaddr_in));
hostNameFound =
hostutil_GetNameByINet(curr_conn->skt.sin_addr.s_addr);
if (hostNameFound == NULL) {
fprintf(stderr,
"[%s] Can't map Internet address %s to a string name\n",
rn, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr));
curr_conn->hostName[0] = '\0';
} else {
strcpy(curr_conn->hostName, hostNameFound);
if (xstat_fs_debug)
printf("[%s] Host name for server index %d is %s\n", rn,
curr_srv, curr_conn->hostName);
}
/*
* Make an Rx connection to the current server.
*/
if (xstat_fs_debug)
printf
("[%s] Connecting to srv idx %d, IP addr %s, port %d, service 1\n",
rn, curr_srv, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr),
ntohs(curr_conn->skt.sin_port));
curr_conn->rxconn = rx_NewConnection(curr_conn->skt.sin_addr.s_addr, /*Server addr */
curr_conn->skt.sin_port, /*Server port */
1, /*AFS service # */
secobj, /*Security obj */
0); /*# of above */
if (curr_conn->rxconn == (struct rx_connection *)0) {
fprintf(stderr,
"[%s] Can't create Rx connection to server '%s' (%s)\n",
rn, curr_conn->hostName, afs_inet_ntoa_r(curr_conn->skt.sin_addr.s_addr,hoststr));
conn_err = 1;
}
if (xstat_fs_debug)
printf("[%s] New connection at %" AFS_PTR_FMT "\n", rn, curr_conn->rxconn);
/*
* Bump the current xstat_fs connection to set up.
*/
curr_conn++;
} /*for curr_srv */
/*
* Create the AFS callback service (listener).
*/
if (xstat_fs_debug)
printf("[%s] Creating AFS callback listener\n", rn);
rxsrv_afsserver = rx_NewService(0, /*Use default port */
1, /*Service ID */
"afs", /*Service name */
&CBsecobj, /*Ptr to security object(s) */
1, /*# of security objects */
RXAFSCB_ExecuteRequest); /*Dispatcher */
if (rxsrv_afsserver == (struct rx_service *)0) {
fprintf(stderr, "[%s] Can't create callback Rx service/listener\n",
rn);
xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */
return (-1);
}
if (xstat_fs_debug)
printf("[%s] Callback listener created\n", rn);
/*
* Start up the AFS callback service.
*/
if (xstat_fs_debug)
printf("[%s] Starting up callback listener.\n", rn);
rx_StartServer(0); /*Don't donate yourself to LWP pool */
/*
* Start up the probe LWP.
*/
if (xstat_fs_debug)
printf("[%s] Creating the probe LWP\n", rn);
code = LWP_CreateProcess(xstat_fs_LWP, /*Function to start up */
LWP_STACK_SIZE, /*Stack size in bytes */
1, /*Priority */
(void *)0, /*Parameters */
"xstat_fs Worker", /*Name to use */
&probeLWP_ID); /*Returned LWP process ID */
if (code) {
fprintf(stderr, "[%s] Can't create xstat_fs LWP! Error is %d\n", rn,
code);
xstat_fs_Cleanup(1); /*Delete already-malloc'ed areas */
return (code);
}
if (xstat_fs_debug)
printf("[%s] Probe LWP process structure located at %" AFS_PTR_FMT "\n", rn,
probeLWP_ID);
/*
* Return the final results.
*/
if (conn_err)
return (-2);
else
return (0);
}
void
afspag_Init(afs_int32 nfs_server_addr)
{
struct clientcred ccred;
struct rmtbulk idata, odata;
afs_int32 code, err, addr, obuf;
int i;
afs_uuid_create(&afs_cb_interface.uuid);
AFS_GLOCK();
afs_InitStats();
rx_Init(htons(7001));
AFS_STATCNT(afs_ResourceInit);
AFS_RWLOCK_INIT(&afs_xuser, "afs_xuser");
AFS_RWLOCK_INIT(&afs_xpagcell, "afs_xpagcell");
AFS_RWLOCK_INIT(&afs_xpagsys, "afs_xpagsys");
AFS_RWLOCK_INIT(&afs_icl_lock, "afs_icl_lock");
afs_resourceinit_flag = 1;
afs_nfs_server_addr = nfs_server_addr;
for (i = 0; i < MAXNUMSYSNAMES; i++) {
afs_sysnamelist[i] = afs_osi_Alloc(MAXSYSNAME);
osi_Assert(afs_sysnamelist[i] != NULL);
}
afs_sysname = afs_sysnamelist[0];
strcpy(afs_sysname, SYS_NAME);
afs_sysnamecount = 1;
afs_sysnamegen++;
srv_secobj = rxnull_NewServerSecurityObject();
stats_svc = rx_NewService(0, RX_STATS_SERVICE_ID, "rpcstats", &srv_secobj,
1, RXSTATS_ExecuteRequest);
pagcb_svc = rx_NewService(0, PAGCB_SERVICEID, "pagcb", &srv_secobj,
1, PAGCB_ExecuteRequest);
rx_StartServer(0);
clt_secobj = rxnull_NewClientSecurityObject();
rmtsys_conn = rx_NewConnection(nfs_server_addr, htons(7009),
RMTSYS_SERVICEID, clt_secobj, 0);
#ifdef RXK_LISTENER_ENV
afs_start_thread(rxk_Listener, "Rx Listener");
#endif
afs_start_thread((void *)(void *)rx_ServerProc, "Rx Server Thread");
afs_start_thread(afs_rxevent_daemon, "Rx Event Daemon");
afs_start_thread(afs_Daemon, "AFS PAG Daemon");
afs_icl_InitLogs();
AFS_GUNLOCK();
/* If it's reachable, tell the translator to nuke our creds.
* We should be more agressive about making sure this gets done,
* even if the translator is unreachable when we boot.
*/
addr = obuf = err = 0;
idata.rmtbulk_len = sizeof(addr);
idata.rmtbulk_val = (char *)&addr;
odata.rmtbulk_len = sizeof(obuf);
odata.rmtbulk_val = (char *)&obuf;
memset(&ccred, 0, sizeof(ccred));
code = RMTSYS_Pioctl(rmtsys_conn, &ccred, NIL_PATHP, 0x4F01, 0,
&idata, &odata, &err);
} /*afs_ResourceInit */
