static int do_global_checks(struct loadparm_context *lp_ctx) { int ret = 0; if (!directory_exist(lp_lockdir(lp_ctx))) { fprintf(stderr, "ERROR: lock directory %s does not exist\n", lp_lockdir(lp_ctx)); ret = 1; } if (!directory_exist(lp_piddir(lp_ctx))) { fprintf(stderr, "ERROR: pid directory %s does not exist\n", lp_piddir(lp_ctx)); ret = 1; } if (strlen(lp_winbind_separator(lp_ctx)) != 1) { fprintf(stderr,"ERROR: the 'winbind separator' parameter must be a single character.\n"); ret = 1; } if (*lp_winbind_separator(lp_ctx) == '+') { fprintf(stderr,"'winbind separator = +' might cause problems with group membership.\n"); } return ret; }
static BOOL irix_oplocks_available(void) { int fd; int pfd[2]; pstring tmpname; oplock_set_capability(True, False); slprintf(tmpname,sizeof(tmpname)-1, "%s/koplock.%d", lp_lockdir(), (int)sys_getpid()); if(pipe(pfd) != 0) { DEBUG(0,("check_kernel_oplocks: Unable to create pipe. Error was %s\n", strerror(errno) )); return False; } if((fd = sys_open(tmpname, O_RDWR|O_CREAT|O_EXCL|O_TRUNC, 0600)) < 0) { DEBUG(0,("check_kernel_oplocks: Unable to open temp test file %s. Error was %s\n", tmpname, strerror(errno) )); unlink( tmpname ); close(pfd[0]); close(pfd[1]); return False; } unlink(tmpname); if(sys_fcntl_long(fd, F_OPLKREG, pfd[1]) == -1) { DEBUG(0,("check_kernel_oplocks: Kernel oplocks are not available on this machine. \ Disabling kernel oplock support.\n" )); close(pfd[0]); close(pfd[1]); close(fd); return False; }
BOOL gencache_init(void) { char* cache_fname = NULL; /* skip file open if it's already opened */ if (cache) return True; asprintf(&cache_fname, "%s/%s", lp_lockdir(), "gencache.tdb"); if (cache_fname) DEBUG(5, ("Opening cache file at %s\n", cache_fname)); else { DEBUG(0, ("Filename allocation failed.\n")); return False; } cache = tdb_open_log(cache_fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0644); SAFE_FREE(cache_fname); if (!cache) { DEBUG(5, ("Attempt to open gencache.tdb has failed.\n")); return False; } return True; }
const char *get_dyn_CACHEDIR(void) { #ifdef FHS_COMPATIBLE return CACHEDIR; #else return lp_lockdir(); #endif }
void sync_browse_lists(struct work_record *work, char *name, int nm_type, struct in_addr ip, bool local, bool servers) { struct sync_record *s; static int counter; START_PROFILE(sync_browse_lists); /* Check we're not trying to sync with ourselves. This can happen if we are a domain *and* a local master browser. */ if (ismyip_v4(ip)) { done: END_PROFILE(sync_browse_lists); return; } s = SMB_MALLOC_P(struct sync_record); if (!s) goto done; ZERO_STRUCTP(s); unstrcpy(s->workgroup, work->work_group); unstrcpy(s->server, name); s->ip = ip; if (asprintf(&s->fname, "%s/sync.%d", lp_lockdir(), counter++) < 0) { SAFE_FREE(s); goto done; } /* Safe to use as 0 means no size change. */ all_string_sub(s->fname,"//", "/", 0); DLIST_ADD(syncs, s); /* the parent forks and returns, leaving the child to do the actual sync and call END_PROFILE*/ CatchChild(); if ((s->pid = sys_fork())) return; BlockSignals( False, SIGTERM ); DEBUG(2,("Initiating browse sync for %s to %s(%s)\n", work->work_group, name, inet_ntoa(ip))); fp = x_fopen(s->fname,O_WRONLY|O_CREAT|O_TRUNC, 0644); if (!fp) { END_PROFILE(sync_browse_lists); _exit(1); } sync_child(name, nm_type, work->work_group, ip, local, servers, s->fname); x_fclose(fp); END_PROFILE(sync_browse_lists); _exit(0); }
static BOOL irix_oplocks_available(void) { int fd; int pfd[2]; pstring tmpname; set_effective_capability(KERNEL_OPLOCK_CAPABILITY); slprintf(tmpname,sizeof(tmpname)-1, "%s/koplock.%d", lp_lockdir(), (int)sys_getpid()); if(pipe(pfd) != 0) { DEBUG(0,("check_kernel_oplocks: Unable to create pipe. Error " "was %s\n", strerror(errno) )); return False; } if((fd = sys_open(tmpname, O_RDWR|O_CREAT|O_EXCL|O_TRUNC, 0600)) < 0) { DEBUG(0,("check_kernel_oplocks: Unable to open temp test file " "%s. Error was %s\n", tmpname, strerror(errno) )); unlink( tmpname ); close(pfd[0]); close(pfd[1]); return False; } unlink(tmpname); if(sys_fcntl_long(fd, F_OPLKREG, pfd[1]) == -1) { DEBUG(0,("check_kernel_oplocks: Kernel oplocks are not " "available on this machine. Disabling kernel oplock " "support.\n" )); close(pfd[0]); close(pfd[1]); close(fd); return False; } if(sys_fcntl_long(fd, F_OPLKACK, OP_REVOKE) < 0 ) { DEBUG(0,("check_kernel_oplocks: Error when removing kernel " "oplock. Error was %s. Disabling kernel oplock " "support.\n", strerror(errno) )); close(pfd[0]); close(pfd[1]); close(fd); return False; } close(pfd[0]); close(pfd[1]); close(fd); return True; }
/******************************************************************* name a share file ******************************************************************/ static BOOL share_name(int cnum, uint32 dev, uint32 inode, char *name) { int len; pstrcpy(name,lp_lockdir()); trim_string(name,"","/"); if (!*name) return(False); len = strlen(name); name += len; slprintf(name,sizeof(pstring) - len - 1,"/share.%u.%u",dev,inode); return(True); }
int main2(int argc,const char *argv[]) { /* shall I run as a daemon */ static BOOL is_daemon = False; static BOOL interactive = False; static BOOL Fork = True; static BOOL no_process_group = False; static BOOL log_stdout = False; static char *ports = NULL; int opt; #ifndef _XBOX poptContext pc; struct poptOption long_options[] = { POPT_AUTOHELP {"daemon", 'D', POPT_ARG_VAL, &is_daemon, True, "Become a daemon (default)" }, {"interactive", 'i', POPT_ARG_VAL, &interactive, True, "Run interactive (not a daemon)"}, {"foreground", 'F', POPT_ARG_VAL, &Fork, False, "Run daemon in foreground (for daemontools, etc.)" }, {"no-process-group", '\0', POPT_ARG_VAL, &no_process_group, True, "Don't create a new process group" }, {"log-stdout", 'S', POPT_ARG_VAL, &log_stdout, True, "Log to stdout" }, {"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" }, {"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"}, POPT_COMMON_SAMBA POPT_COMMON_DYNCONFIG POPT_TABLEEND }; #else interactive = True; log_stdout = True; #endif load_case_tables(); #ifdef HAVE_SET_AUTH_PARAMETERS set_auth_parameters(argc,argv); #endif #ifndef _XBOX pc = poptGetContext("smbd", argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { switch (opt) { case 'b': build_options(True); /* Display output to screen as well as debug */ exit(0); break; } } poptFreeContext(pc); #endif #ifdef HAVE_SETLUID /* needed for SecureWare on SCO */ setluid(0); #endif sec_init(); set_remote_machine_name("smbd", False); if (interactive) { Fork = False; log_stdout = True; } if (interactive && (DEBUGLEVEL >= 9)) { talloc_enable_leak_report(); } if (log_stdout && Fork) { DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n")); exit(1); } setup_logging(argv[0],log_stdout); /* we want to re-seed early to prevent time delays causing client problems at a later date. (tridge) */ generate_random_buffer(NULL, 0); /* make absolutely sure we run as root - to handle cases where people are crazy enough to have it setuid */ gain_root_privilege(); gain_root_group_privilege(); #ifndef _XBOX fault_setup((void (*)(void *))exit_server_fault); dump_core_setup("smbd"); #endif CatchSignal(SIGTERM , SIGNAL_CAST sig_term); #ifndef _XBOX CatchSignal(SIGHUP,SIGNAL_CAST sig_hup); /* we are never interested in SIGPIPE */ BlockSignals(True,SIGPIPE); #endif #if defined(SIGFPE) /* we are never interested in SIGFPE */ BlockSignals(True,SIGFPE); #endif #if defined(SIGUSR2) /* We are no longer interested in USR2 */ BlockSignals(True,SIGUSR2); #endif /* POSIX demands that signals are inherited. If the invoking process has * these signals masked, we will have problems, as we won't recieve them. */ #ifndef _XBOX BlockSignals(False, SIGHUP); #endif BlockSignals(False, SIGUSR1); BlockSignals(False, SIGTERM); /* we want total control over the permissions on created files, so set our umask to 0 */ umask(0); init_sec_ctx(); reopen_logs(); DEBUG(0,( "smbd version %s started.\n", SAMBA_VERSION_STRING)); DEBUGADD( 0, ( "%s\n", COPYRIGHT_STARTUP_MESSAGE ) ); DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n", (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid())); /* Output the build options to the debug log */ build_options(False); if (sizeof(uint16) < 2 || sizeof(uint32) < 4) { DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n")); exit(1); } /* * Do this before reload_services. */ if (!reload_services(False)) return(-1); init_structs(); #ifdef WITH_PROFILE if (!profile_setup(False)) { DEBUG(0,("ERROR: failed to setup profiling\n")); return -1; } #endif DEBUG(3,( "loaded services\n")); if (!is_daemon && !is_a_socket(0)) { if (!interactive) DEBUG(0,("standard input is not a socket, assuming -D option\n")); /* * Setting is_daemon here prevents us from eventually calling * the open_sockets_inetd() */ is_daemon = True; } if (is_daemon && !interactive) { DEBUG( 3, ( "Becoming a daemon.\n" ) ); become_daemon(Fork, no_process_group); } #if HAVE_SETPGID /* * If we're interactive we want to set our own process group for * signal management. */ if (interactive && !no_process_group) setpgid( (pid_t)0, (pid_t)0); #endif if (!directory_exist(lp_lockdir(), NULL)) mkdir(lp_lockdir(), 0755); #ifndef _XBOX if (is_daemon) pidfile_create("smbd"); #endif /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */ if (!message_init()) exit(1); /* Initialize our global sam sid first -- quite a lot of the other * initialization routines further down depend on it. */ /* Initialise the password backed before the global_sam_sid to ensure that we fetch from ldap before we make a domain sid up */ if(!initialize_password_db(False)) exit(1); /* Fail gracefully if we can't open secrets.tdb */ if (!secrets_init()) { DEBUG(0, ("ERROR: smbd can not open secrets.tdb\n")); exit(1); } if(!get_global_sam_sid()) { DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n")); exit(1); } if (!session_init()) exit(1); if (conn_tdb_ctx() == NULL) exit(1); if (!locking_init(0)) exit(1); namecache_enable(); if (!init_registry()) exit(1); #if 0 if (!init_svcctl_db()) exit(1); #endif #ifndef _XBOX if (!print_backend_init()) exit(1); #endif if (!init_guest_info()) { DEBUG(0,("ERROR: failed to setup guest info.\n")); return -1; } /* Setup the main smbd so that we can get messages. */ /* don't worry about general printing messages here */ claim_connection(NULL,"",0,True,FLAG_MSG_GENERAL|FLAG_MSG_SMBD); /* only start the background queue daemon if we are running as a daemon -- bad things will happen if smbd is launched via inetd and we fork a copy of ourselves here */ #ifndef _XBOX if ( is_daemon && !interactive ) start_background_queue(); #endif /* Always attempt to initialize DMAPI. We will only use it later if * lp_dmapi_support is set on the share, but we need a single global * session to work with. */ dmapi_init_session(); if (!open_sockets_smbd(is_daemon, interactive, ports)) exit(1); /* * everything after this point is run after the fork() */ static_init_rpc; init_modules(); /* possibly reload the services file. */ reload_services(True); if (!init_account_policy()) { DEBUG(0,("Could not open account policy tdb.\n")); exit(1); } if (*lp_rootdir()) { if (sys_chroot(lp_rootdir()) == 0) DEBUG(2,("Changed root to %s\n", lp_rootdir())); } /* Setup oplocks */ if (!init_oplocks()) exit(1); /* Setup change notify */ if (!init_change_notify()) exit(1); /* Setup aio signal handler. */ initialize_async_io_handler(); /* re-initialise the timezone */ TimeInit(); /* register our message handlers */ message_register(MSG_SMB_FORCE_TDIS, msg_force_tdis); smbd_process(); #ifdef _XBOX xb_DecClientCount(); #endif namecache_shutdown(); exit_server_cleanly(NULL); return(0); }
static bool irix_oplocks_available(void) { int fd; int pfd[2]; TALLOC_CTX *ctx = talloc_stackframe(); char *tmpname = NULL; set_effective_capability(KERNEL_OPLOCK_CAPABILITY); tmpname = talloc_asprintf(ctx, "%s/koplock.%d", lp_lockdir(), (int)getpid()); if (!tmpname) { TALLOC_FREE(ctx); return False; } if(pipe(pfd) != 0) { DEBUG(0,("check_kernel_oplocks: Unable to create pipe. Error " "was %s\n", strerror(errno) )); TALLOC_FREE(ctx); return False; } if((fd = open(tmpname, O_RDWR|O_CREAT|O_EXCL|O_TRUNC, 0600)) < 0) { DEBUG(0,("check_kernel_oplocks: Unable to open temp test file " "%s. Error was %s\n", tmpname, strerror(errno) )); unlink( tmpname ); close(pfd[0]); close(pfd[1]); TALLOC_FREE(ctx); return False; } unlink(tmpname); TALLOC_FREE(ctx); if(sys_fcntl_long(fd, F_OPLKREG, pfd[1]) == -1) { DEBUG(0,("check_kernel_oplocks: Kernel oplocks are not " "available on this machine. Disabling kernel oplock " "support.\n" )); close(pfd[0]); close(pfd[1]); close(fd); return False; } if(sys_fcntl_long(fd, F_OPLKACK, OP_REVOKE) < 0 ) { DEBUG(0,("check_kernel_oplocks: Error when removing kernel " "oplock. Error was %s. Disabling kernel oplock " "support.\n", strerror(errno) )); close(pfd[0]); close(pfd[1]); close(fd); return False; } close(pfd[0]); close(pfd[1]); close(fd); return True; }
int main(int argc,const char *argv[]) { /* shall I run as a daemon */ bool is_daemon = false; bool interactive = false; bool Fork = true; bool no_process_group = false; bool log_stdout = false; char *ports = NULL; char *profile_level = NULL; int opt; poptContext pc; bool print_build_options = False; enum { OPT_DAEMON = 1000, OPT_INTERACTIVE, OPT_FORK, OPT_NO_PROCESS_GROUP, OPT_LOG_STDOUT }; struct poptOption long_options[] = { POPT_AUTOHELP {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" }, {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"}, {"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" }, {"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" }, {"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" }, {"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" }, {"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"}, {"profiling-level", 'P', POPT_ARG_STRING, &profile_level, 0, "Set profiling level","PROFILE_LEVEL"}, POPT_COMMON_SAMBA POPT_COMMON_DYNCONFIG POPT_TABLEEND }; struct smbd_parent_context *parent = NULL; TALLOC_CTX *frame; NTSTATUS status; uint64_t unique_id; struct tevent_context *ev_ctx; struct messaging_context *msg_ctx; /* * Do this before any other talloc operation */ talloc_enable_null_tracking(); frame = talloc_stackframe(); setup_logging(argv[0], DEBUG_DEFAULT_STDOUT); load_case_tables(); smbd_init_globals(); TimeInit(); #ifdef HAVE_SET_AUTH_PARAMETERS set_auth_parameters(argc,argv); #endif pc = poptGetContext("smbd", argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { switch (opt) { case OPT_DAEMON: is_daemon = true; break; case OPT_INTERACTIVE: interactive = true; break; case OPT_FORK: Fork = false; break; case OPT_NO_PROCESS_GROUP: no_process_group = true; break; case OPT_LOG_STDOUT: log_stdout = true; break; case 'b': print_build_options = True; break; default: d_fprintf(stderr, "\nInvalid option %s: %s\n\n", poptBadOption(pc, 0), poptStrerror(opt)); poptPrintUsage(pc, stderr, 0); exit(1); } } poptFreeContext(pc); if (interactive) { Fork = False; log_stdout = True; } if (log_stdout) { setup_logging(argv[0], DEBUG_STDOUT); } else { setup_logging(argv[0], DEBUG_FILE); } if (print_build_options) { build_options(True); /* Display output to screen as well as debug */ exit(0); } #ifdef HAVE_SETLUID /* needed for SecureWare on SCO */ setluid(0); #endif set_remote_machine_name("smbd", False); if (interactive && (DEBUGLEVEL >= 9)) { talloc_enable_leak_report(); } if (log_stdout && Fork) { DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n")); exit(1); } /* we want to re-seed early to prevent time delays causing client problems at a later date. (tridge) */ generate_random_buffer(NULL, 0); /* get initial effective uid and gid */ sec_init(); /* make absolutely sure we run as root - to handle cases where people are crazy enough to have it setuid */ gain_root_privilege(); gain_root_group_privilege(); fault_setup(); dump_core_setup("smbd", lp_logfile()); /* we are never interested in SIGPIPE */ BlockSignals(True,SIGPIPE); #if defined(SIGFPE) /* we are never interested in SIGFPE */ BlockSignals(True,SIGFPE); #endif #if defined(SIGUSR2) /* We are no longer interested in USR2 */ BlockSignals(True,SIGUSR2); #endif /* POSIX demands that signals are inherited. If the invoking process has * these signals masked, we will have problems, as we won't recieve them. */ BlockSignals(False, SIGHUP); BlockSignals(False, SIGUSR1); BlockSignals(False, SIGTERM); /* Ensure we leave no zombies until we * correctly set up child handling below. */ CatchChild(); /* we want total control over the permissions on created files, so set our umask to 0 */ umask(0); reopen_logs(); DEBUG(0,("smbd version %s started.\n", samba_version_string())); DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE)); DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n", (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid())); /* Output the build options to the debug log */ build_options(False); if (sizeof(uint16) < 2 || sizeof(uint32) < 4) { DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n")); exit(1); } if (!lp_load_initial_only(get_dyn_CONFIGFILE())) { DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE())); exit(1); } /* Init the security context and global current_user */ init_sec_ctx(); /* * Initialize the event context. The event context needs to be * initialized before the messaging context, cause the messaging * context holds an event context. * FIXME: This should be s3_tevent_context_init() */ ev_ctx = server_event_context(); if (ev_ctx == NULL) { exit(1); } /* * Init the messaging context * FIXME: This should only call messaging_init() */ msg_ctx = server_messaging_context(); if (msg_ctx == NULL) { exit(1); } /* * Reloading of the printers will not work here as we don't have a * server info and rpc services set up. It will be called later. */ if (!reload_services(NULL, -1, False)) { exit(1); } /* ...NOTE... Log files are working from this point! */ DEBUG(3,("loaded services\n")); init_structs(); #ifdef WITH_PROFILE if (!profile_setup(msg_ctx, False)) { DEBUG(0,("ERROR: failed to setup profiling\n")); return -1; } if (profile_level != NULL) { int pl = atoi(profile_level); struct server_id src; DEBUG(1, ("setting profiling level: %s\n",profile_level)); src.pid = getpid(); set_profile_level(pl, src); } #endif if (!is_daemon && !is_a_socket(0)) { if (!interactive) DEBUG(0,("standard input is not a socket, assuming -D option\n")); /* * Setting is_daemon here prevents us from eventually calling * the open_sockets_inetd() */ is_daemon = True; } if (is_daemon && !interactive) { DEBUG( 3, ( "Becoming a daemon.\n" ) ); become_daemon(Fork, no_process_group, log_stdout); } generate_random_buffer((uint8_t *)&unique_id, sizeof(unique_id)); set_my_unique_id(unique_id); #if HAVE_SETPGID /* * If we're interactive we want to set our own process group for * signal management. */ if (interactive && !no_process_group) setpgid( (pid_t)0, (pid_t)0); #endif if (!directory_exist(lp_lockdir())) mkdir(lp_lockdir(), 0755); if (is_daemon) pidfile_create("smbd"); status = reinit_after_fork(msg_ctx, ev_ctx, procid_self(), false); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("reinit_after_fork() failed\n")); exit(1); } smbd_server_conn->msg_ctx = msg_ctx; smbd_setup_sig_term_handler(); smbd_setup_sig_hup_handler(ev_ctx, msg_ctx); /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */ if (smbd_memcache() == NULL) { exit(1); } memcache_set_global(smbd_memcache()); /* Initialise the password backed before the global_sam_sid to ensure that we fetch from ldap before we make a domain sid up */ if(!initialize_password_db(false, ev_ctx)) exit(1); if (!secrets_init()) { DEBUG(0, ("ERROR: smbd can not open secrets.tdb\n")); exit(1); } if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) { struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_context()); if (!open_schannel_session_store(NULL, lp_ctx)) { DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n")); exit(1); } TALLOC_FREE(lp_ctx); } if(!get_global_sam_sid()) { DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n")); exit(1); } if (!sessionid_init()) { exit(1); } if (!connections_init(True)) exit(1); if (!locking_init()) exit(1); if (!messaging_tdb_parent_init(ev_ctx)) { exit(1); } if (!notify_internal_parent_init(ev_ctx)) { exit(1); } if (!serverid_parent_init(ev_ctx)) { exit(1); } if (!W_ERROR_IS_OK(registry_init_full())) exit(1); /* Open the share_info.tdb here, so we don't have to open after the fork on every single connection. This is a small performance improvment and reduces the total number of system fds used. */ if (!share_info_db_init()) { DEBUG(0,("ERROR: failed to load share info db.\n")); exit(1); } status = init_system_info(); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("ERROR: failed to setup system user info: %s.\n", nt_errstr(status))); return -1; } if (!init_guest_info()) { DEBUG(0,("ERROR: failed to setup guest info.\n")); return -1; } if (!file_init(smbd_server_conn)) { DEBUG(0, ("ERROR: file_init failed\n")); return -1; } /* This MUST be done before start_epmd() because otherwise * start_epmd() forks and races against dcesrv_ep_setup() to * call directory_create_or_exist() */ if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) { DEBUG(0, ("Failed to create pipe directory %s - %s\n", lp_ncalrpc_dir(), strerror(errno))); return -1; } if (is_daemon && !interactive) { if (rpc_epmapper_daemon() == RPC_DAEMON_FORK) { start_epmd(ev_ctx, msg_ctx); } } if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) { exit(1); } /* only start other daemons if we are running as a daemon * -- bad things will happen if smbd is launched via inetd * and we fork a copy of ourselves here */ if (is_daemon && !interactive) { if (rpc_lsasd_daemon() == RPC_DAEMON_FORK) { start_lsasd(ev_ctx, msg_ctx); } if (!_lp_disable_spoolss() && (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) { bool bgq = lp_parm_bool(-1, "smbd", "backgroundqueue", true); if (!printing_subsystem_init(ev_ctx, msg_ctx, true, bgq)) { exit(1); } } } else if (!_lp_disable_spoolss() && (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) { if (!printing_subsystem_init(ev_ctx, msg_ctx, false, false)) { exit(1); } } if (!is_daemon) { /* inetd mode */ TALLOC_FREE(frame); /* Started from inetd. fd 0 is the socket. */ /* We will abort gracefully when the client or remote system goes away */ smbd_server_conn->sock = dup(0); /* close our standard file descriptors */ if (!debug_get_output_is_stdout()) { close_low_fds(False); /* Don't close stderr */ } #ifdef HAVE_ATEXIT atexit(killkids); #endif /* Stop zombies */ smbd_setup_sig_chld_handler(ev_ctx); smbd_process(ev_ctx, smbd_server_conn); exit_server_cleanly(NULL); return(0); } parent = talloc_zero(ev_ctx, struct smbd_parent_context); if (!parent) { exit_server("talloc(struct smbd_parent_context) failed"); } parent->interactive = interactive; if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports)) exit_server("open_sockets_smbd() failed"); /* do a printer update now that all messaging has been set up, * before we allow clients to start connecting */ printing_subsystem_update(ev_ctx, msg_ctx, false); TALLOC_FREE(frame); /* make sure we always have a valid stackframe */ frame = talloc_stackframe(); smbd_parent_loop(ev_ctx, parent); exit_server_cleanly(NULL); TALLOC_FREE(frame); return(0); }
int main(int argc, const char *argv[]) { static bool is_daemon; static bool opt_interactive; static bool Fork = true; static bool no_process_group; static bool log_stdout; poptContext pc; char *p_lmhosts = NULL; int opt; enum { OPT_DAEMON = 1000, OPT_INTERACTIVE, OPT_FORK, OPT_NO_PROCESS_GROUP, OPT_LOG_STDOUT }; struct poptOption long_options[] = { POPT_AUTOHELP {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon(default)" }, {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)" }, {"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools & etc)" }, {"no-process-group", 0, POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" }, {"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" }, {"hosts", 'H', POPT_ARG_STRING, &p_lmhosts, 0, "Load a netbios hosts file"}, {"port", 'p', POPT_ARG_INT, &global_nmb_port, 0, "Listen on the specified port" }, POPT_COMMON_SAMBA { NULL } }; TALLOC_CTX *frame; NTSTATUS status; /* * Do this before any other talloc operation */ talloc_enable_null_tracking(); frame = talloc_stackframe(); setup_logging(argv[0], DEBUG_DEFAULT_STDOUT); load_case_tables(); global_nmb_port = NMB_PORT; pc = poptGetContext("nmbd", argc, argv, long_options, 0); while ((opt = poptGetNextOpt(pc)) != -1) { switch (opt) { case OPT_DAEMON: is_daemon = true; break; case OPT_INTERACTIVE: opt_interactive = true; break; case OPT_FORK: Fork = false; break; case OPT_NO_PROCESS_GROUP: no_process_group = true; break; case OPT_LOG_STDOUT: log_stdout = true; break; default: d_fprintf(stderr, "\nInvalid option %s: %s\n\n", poptBadOption(pc, 0), poptStrerror(opt)); poptPrintUsage(pc, stderr, 0); exit(1); } }; poptFreeContext(pc); global_in_nmbd = true; StartupTime = time(NULL); sys_srandom(time(NULL) ^ sys_getpid()); if (!override_logfile) { char *lfile = NULL; if (asprintf(&lfile, "%s/log.nmbd", get_dyn_LOGFILEBASE()) < 0) { exit(1); } lp_set_logfile(lfile); SAFE_FREE(lfile); } fault_setup(); dump_core_setup("nmbd", lp_logfile()); /* POSIX demands that signals are inherited. If the invoking process has * these signals masked, we will have problems, as we won't receive them. */ BlockSignals(False, SIGHUP); BlockSignals(False, SIGUSR1); BlockSignals(False, SIGTERM); #if defined(SIGFPE) /* we are never interested in SIGFPE */ BlockSignals(True,SIGFPE); #endif /* We no longer use USR2... */ #if defined(SIGUSR2) BlockSignals(True, SIGUSR2); #endif if ( opt_interactive ) { Fork = False; log_stdout = True; } if ( log_stdout && Fork ) { DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n")); exit(1); } if (log_stdout) { setup_logging(argv[0], DEBUG_STDOUT); } else { setup_logging( argv[0], DEBUG_FILE); } reopen_logs(); DEBUG(0,("nmbd version %s started.\n", samba_version_string())); DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE)); if (!lp_load_initial_only(get_dyn_CONFIGFILE())) { DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE())); exit(1); } if (nmbd_messaging_context() == NULL) { return 1; } if ( !reload_nmbd_services(False) ) return(-1); if(!init_names()) return -1; reload_nmbd_services( True ); if (strequal(lp_workgroup(),"*")) { DEBUG(0,("ERROR: a workgroup name of * is no longer supported\n")); exit(1); } set_samba_nb_type(); if (!is_daemon && !is_a_socket(0)) { DEBUG(0,("standard input is not a socket, assuming -D option\n")); is_daemon = True; } if (is_daemon && !opt_interactive) { DEBUG( 2, ( "Becoming a daemon.\n" ) ); become_daemon(Fork, no_process_group, log_stdout); } #if HAVE_SETPGID /* * If we're interactive we want to set our own process group for * signal management. */ if (opt_interactive && !no_process_group) setpgid( (pid_t)0, (pid_t)0 ); #endif if (nmbd_messaging_context() == NULL) { return 1; } #ifndef SYNC_DNS /* Setup the async dns. We do it here so it doesn't have all the other stuff initialised and thus chewing memory and sockets */ if(lp_we_are_a_wins_server() && lp_dns_proxy()) { start_async_dns(); } #endif if (!directory_exist(lp_lockdir())) { mkdir(lp_lockdir(), 0755); } pidfile_create("nmbd"); status = reinit_after_fork(nmbd_messaging_context(), nmbd_event_context(), procid_self(), false); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("reinit_after_fork() failed\n")); exit(1); } if (!nmbd_setup_sig_term_handler()) exit(1); if (!nmbd_setup_sig_hup_handler()) exit(1); /* get broadcast messages */ if (!serverid_register(procid_self(), FLAG_MSG_GENERAL | FLAG_MSG_NMBD | FLAG_MSG_DBWRAP)) { DEBUG(1, ("Could not register myself in serverid.tdb\n")); exit(1); } messaging_register(nmbd_messaging_context(), NULL, MSG_FORCE_ELECTION, nmbd_message_election); #if 0 /* Until winsrepl is done. */ messaging_register(nmbd_messaging_context(), NULL, MSG_WINS_NEW_ENTRY, nmbd_wins_new_entry); #endif messaging_register(nmbd_messaging_context(), NULL, MSG_SHUTDOWN, nmbd_terminate); messaging_register(nmbd_messaging_context(), NULL, MSG_SMB_CONF_UPDATED, msg_reload_nmbd_services); messaging_register(nmbd_messaging_context(), NULL, MSG_SEND_PACKET, msg_nmbd_send_packet); TimeInit(); DEBUG( 3, ( "Opening sockets %d\n", global_nmb_port ) ); if ( !open_sockets( is_daemon, global_nmb_port ) ) { kill_async_dns_child(); return 1; } /* Determine all the IP addresses we have. */ load_interfaces(); /* Create an nmbd subnet record for each of the above. */ if( False == create_subnets() ) { DEBUG(0,("ERROR: Failed when creating subnet lists. Exiting.\n")); kill_async_dns_child(); exit(1); } /* Load in any static local names. */ if (p_lmhosts) { set_dyn_LMHOSTSFILE(p_lmhosts); } load_lmhosts_file(get_dyn_LMHOSTSFILE()); DEBUG(3,("Loaded hosts file %s\n", get_dyn_LMHOSTSFILE())); /* If we are acting as a WINS server, initialise data structures. */ if( !initialise_wins() ) { DEBUG( 0, ( "nmbd: Failed when initialising WINS server.\n" ) ); kill_async_dns_child(); exit(1); } /* * Register nmbd primary workgroup and nmbd names on all * the broadcast subnets, and on the WINS server (if specified). * Also initiate the startup of our primary workgroup (start * elections if we are setup as being able to be a local * master browser. */ if( False == register_my_workgroup_and_names() ) { DEBUG(0,("ERROR: Failed when creating my my workgroup. Exiting.\n")); kill_async_dns_child(); exit(1); } if (!initialize_nmbd_proxy_logon()) { DEBUG(0,("ERROR: Failed setup nmbd_proxy_logon.\n")); kill_async_dns_child(); exit(1); } if (!nmbd_init_packet_server()) { kill_async_dns_child(); exit(1); } TALLOC_FREE(frame); process(); kill_async_dns_child(); return(0); }
/**************************************************************************** ** main program **************************************************************************** */ int main(int argc, const char *argv[]) { pstring logfile; static BOOL opt_interactive; poptContext pc; static char *p_lmhosts = dyn_LMHOSTSFILE; static BOOL no_process_group = False; struct poptOption long_options[] = { POPT_AUTOHELP {"daemon", 'D', POPT_ARG_VAL, &is_daemon, True, "Become a daemon(default)" }, {"interactive", 'i', POPT_ARG_VAL, &opt_interactive, True, "Run interactive (not a daemon)" }, {"foreground", 'F', POPT_ARG_VAL, &Fork, False, "Run daemon in foreground (for daemontools & etc)" }, {"no-process-group", 0, POPT_ARG_VAL, &no_process_group, True, "Don't create a new process group" }, {"log-stdout", 'S', POPT_ARG_VAL, &log_stdout, True, "Log to stdout" }, {"hosts", 'H', POPT_ARG_STRING, &p_lmhosts, 'H', "Load a netbios hosts file"}, {"port", 'p', POPT_ARG_INT, &global_nmb_port, NMB_PORT, "Listen on the specified port" }, POPT_COMMON_SAMBA { NULL } }; load_case_tables(); global_nmb_port = NMB_PORT; pc = poptGetContext("nmbd", argc, argv, long_options, 0); while (poptGetNextOpt(pc) != -1) {}; poptFreeContext(pc); global_in_nmbd = True; StartupTime = time(NULL); sys_srandom(time(NULL) ^ sys_getpid()); if (!override_logfile) { slprintf(logfile, sizeof(logfile)-1, "%s/log.nmbd", dyn_LOGFILEBASE); lp_set_logfile(logfile); } fault_setup((void (*)(void *))fault_continue ); dump_core_setup("nmbd"); /* POSIX demands that signals are inherited. If the invoking process has * these signals masked, we will have problems, as we won't receive them. */ BlockSignals(False, SIGHUP); BlockSignals(False, SIGUSR1); BlockSignals(False, SIGTERM); CatchSignal( SIGHUP, SIGNAL_CAST sig_hup ); CatchSignal( SIGTERM, SIGNAL_CAST sig_term ); #if defined(SIGFPE) /* we are never interested in SIGFPE */ BlockSignals(True,SIGFPE); #endif /* We no longer use USR2... */ #if defined(SIGUSR2) BlockSignals(True, SIGUSR2); #endif if ( opt_interactive ) { Fork = False; log_stdout = True; } if ( log_stdout && Fork ) { DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n")); exit(1); } setup_logging( argv[0], log_stdout ); reopen_logs(); DEBUG( 0, ( "Netbios nameserver version %s started.\n", SAMBA_VERSION_STRING) ); DEBUGADD( 0, ( "%s\n", COPYRIGHT_STARTUP_MESSAGE ) ); if ( !reload_nmbd_services(False) ) return(-1); if(!init_names()) return -1; reload_nmbd_services( True ); if (strequal(lp_workgroup(),"*")) { DEBUG(0,("ERROR: a workgroup name of * is no longer supported\n")); exit(1); } set_samba_nb_type(); if (!is_daemon && !is_a_socket(0)) { DEBUG(0,("standard input is not a socket, assuming -D option\n")); is_daemon = True; } if (is_daemon && !opt_interactive) { DEBUG( 2, ( "Becoming a daemon.\n" ) ); become_daemon(Fork, no_process_group); } #if HAVE_SETPGID /* * If we're interactive we want to set our own process group for * signal management. */ if (opt_interactive && !no_process_group) setpgid( (pid_t)0, (pid_t)0 ); #endif #ifndef SYNC_DNS /* Setup the async dns. We do it here so it doesn't have all the other stuff initialised and thus chewing memory and sockets */ if(lp_we_are_a_wins_server() && lp_dns_proxy()) { start_async_dns(); } #endif if (!directory_exist(lp_lockdir(), NULL)) { mkdir(lp_lockdir(), 0755); } pidfile_create("nmbd"); message_init(); message_register(MSG_FORCE_ELECTION, nmbd_message_election, NULL); #if 0 /* Until winsrepl is done. */ message_register(MSG_WINS_NEW_ENTRY, nmbd_wins_new_entry, NULL); #endif message_register(MSG_SHUTDOWN, nmbd_terminate, NULL); message_register(MSG_SMB_CONF_UPDATED, msg_reload_nmbd_services, NULL); message_register(MSG_SEND_PACKET, msg_nmbd_send_packet, NULL); TimeInit(); DEBUG( 3, ( "Opening sockets %d\n", global_nmb_port ) ); if ( !open_sockets( is_daemon, global_nmb_port ) ) { kill_async_dns_child(); return 1; } /* Determine all the IP addresses we have. */ load_interfaces(); /* Create an nmbd subnet record for each of the above. */ if( False == create_subnets() ) { DEBUG(0,("ERROR: Failed when creating subnet lists. Exiting.\n")); kill_async_dns_child(); exit(1); } /* Load in any static local names. */ load_lmhosts_file(p_lmhosts); DEBUG(3,("Loaded hosts file %s\n", p_lmhosts)); /* If we are acting as a WINS server, initialise data structures. */ if( !initialise_wins() ) { DEBUG( 0, ( "nmbd: Failed when initialising WINS server.\n" ) ); kill_async_dns_child(); exit(1); } /* * Register nmbd primary workgroup and nmbd names on all * the broadcast subnets, and on the WINS server (if specified). * Also initiate the startup of our primary workgroup (start * elections if we are setup as being able to be a local * master browser. */ if( False == register_my_workgroup_and_names() ) { DEBUG(0,("ERROR: Failed when creating my my workgroup. Exiting.\n")); kill_async_dns_child(); exit(1); } /* We can only take signals in the select. */ BlockSignals( True, SIGTERM ); process(); if (dbf) x_fclose(dbf); kill_async_dns_child(); return(0); }
int main(int argc, char *argv[]) { FILE *f; pstring fname; int uid, c; static pstring servicesf = CONFIGFILE; extern char *optarg; int verbose = 0, brief =0; BOOL processes_only=False; int last_pid=0; struct session_record *ptr; TimeInit(); setup_logging(argv[0],True); charset_initialise(); DEBUGLEVEL = 0; dbf = fopen("/dev/null","w"); if (getuid() != geteuid()) { printf("smbstatus should not be run setuid\n"); return(1); } while ((c = getopt(argc, argv, "pds:u:b")) != EOF) { switch (c) { case 'b': brief = 1; break; case 'd': verbose = 1; break; case 'p': processes_only = 1; break; case 's': pstrcpy(servicesf, optarg); break; case 'u': /* added by OH */ Ucrit_addUsername(optarg); /* added by OH */ break; default: fprintf(stderr, "Usage: %s [-d] [-p] [-s configfile] [-u username]\n", *argv); /* changed by OH */ return (-1); } } get_myname(myhostname, NULL); if (!lp_load(servicesf,False)) { fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf); return (-1); } if (verbose) { printf("using configfile = %s\n", servicesf); printf("lockdir = %s\n", *lp_lockdir() ? lp_lockdir() : "NULL"); } pstrcpy(fname,lp_lockdir()); standard_sub_basic(fname); trim_string(fname,"","/"); pstrcat(fname,"/STATUS..LCK"); f = fopen(fname,"r"); if (!f) { printf("Couldn't open status file %s\n",fname); if (!lp_status(-1)) printf("You need to have status=yes in your smb config file\n"); return(0); } else if (verbose) { printf("Opened status file %s\n", fname); } uid = getuid(); if (!processes_only) { printf("\nSamba version %s\n",VERSION); if (brief) { printf("PID Username Machine Time logged in\n"); printf("-------------------------------------------------------------------\n"); } else { printf("Service uid gid pid machine\n"); printf("----------------------------------------------\n"); } } while (!feof(f)) { if (fread(&crec,sizeof(crec),1,f) != 1) break; if ( crec.magic == 0x280267 && process_exists(crec.pid) && Ucrit_checkUsername(uidtoname(crec.uid)) /* added by OH */ ) { if (brief) { ptr=srecs; while (ptr!=NULL) { if ((ptr->pid==crec.pid)&&(strncmp(ptr->machine,crec.machine,30)==0)) { if (ptr->start > crec.start) ptr->start=crec.start; break; } ptr=ptr->next; } if (ptr==NULL) { ptr=(struct session_record *) malloc(sizeof(struct session_record)); ptr->uid=crec.uid; ptr->pid=crec.pid; ptr->start=crec.start; strncpy(ptr->machine,crec.machine,30); ptr->machine[30]='\0'; ptr->next=srecs; srecs=ptr; } } else { Ucrit_addPid(crec.pid); /* added by OH */ if (processes_only) { if (last_pid != crec.pid) printf("%d\n",crec.pid); last_pid = crec.pid; /* XXXX we can still get repeats, have to add a sort at some time */ } else printf("%-10.10s %-8s %-8s %5d %-8s (%s) %s", crec.name,uidtoname(crec.uid),gidtoname(crec.gid),crec.pid, crec.machine,crec.addr, asctime(LocalTime(&crec.start))); } } } fclose(f); if (processes_only) exit(0); if (brief) { ptr=srecs; while (ptr!=NULL) { printf("%-8d%-10.10s%-30.30s%s",ptr->pid,uidtoname(ptr->uid),ptr->machine,asctime(LocalTime(&(ptr->start)))); ptr=ptr->next; } printf("\n"); exit(0); } printf("\n"); locking_init(1); if (share_mode_forall(print_share_mode) <= 0) printf("No locked files\n"); printf("\n"); share_status(stdout); locking_end(); return (0); }
/* main server. */ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[]) { bool opt_daemon = false; bool opt_interactive = false; int opt; poptContext pc; extern NTSTATUS server_service_wrepl_init(void); extern NTSTATUS server_service_kdc_init(void); extern NTSTATUS server_service_ldap_init(void); extern NTSTATUS server_service_web_init(void); extern NTSTATUS server_service_ldap_init(void); extern NTSTATUS server_service_winbind_init(void); extern NTSTATUS server_service_nbtd_init(void); extern NTSTATUS server_service_auth_init(void); extern NTSTATUS server_service_cldapd_init(void); extern NTSTATUS server_service_smb_init(void); extern NTSTATUS server_service_drepl_init(void); extern NTSTATUS server_service_rpc_init(void); extern NTSTATUS server_service_ntp_signd_init(void); extern NTSTATUS server_service_samba3_smb_init(void); init_module_fn static_init[] = { STATIC_service_MODULES }; init_module_fn *shared_init; struct tevent_context *event_ctx; uint16_t stdin_event_flags; NTSTATUS status; const char *model = "standard"; int max_runtime = 0; enum { OPT_DAEMON = 1000, OPT_INTERACTIVE, OPT_PROCESS_MODEL }; struct poptOption long_options[] = { POPT_AUTOHELP {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)", NULL }, {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)", NULL}, {"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL, "Select process model", "MODEL"}, {"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0, "set maximum runtime of the server process, till autotermination", "seconds"}, POPT_COMMON_SAMBA POPT_COMMON_VERSION { NULL } }; pc = poptGetContext(binary_name, argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { switch(opt) { case OPT_DAEMON: opt_daemon = true; break; case OPT_INTERACTIVE: opt_interactive = true; break; case OPT_PROCESS_MODEL: model = poptGetOptArg(pc); break; default: fprintf(stderr, "\nInvalid option %s: %s\n\n", poptBadOption(pc, 0), poptStrerror(opt)); poptPrintUsage(pc, stderr, 0); exit(1); } } if (opt_daemon && opt_interactive) { fprintf(stderr,"\nERROR: " "Option -i|--interactive is not allowed together with -D|--daemon\n\n"); poptPrintUsage(pc, stderr, 0); exit(1); } else if (!opt_interactive) { /* default is --daemon */ opt_daemon = true; } poptFreeContext(pc); setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE); setup_signals(); /* we want total control over the permissions on created files, so set our umask to 0 */ umask(0); DEBUG(0,("%s version %s started.\n", binary_name, SAMBA_VERSION_STRING)); DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team 1992-2009\n")); if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4 || sizeof(uint64_t) < 8) { DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n")); DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, sizeof(uint64_t) = %u\n", (unsigned int)sizeof(uint16_t), (unsigned int)sizeof(uint32_t), (unsigned int)sizeof(uint64_t))); exit(1); } if (opt_daemon) { DEBUG(3,("Becoming a daemon.\n")); become_daemon(true, false); } cleanup_tmp_files(cmdline_lp_ctx); if (!directory_exist(lp_lockdir(cmdline_lp_ctx))) { mkdir(lp_lockdir(cmdline_lp_ctx), 0755); } pidfile_create(lp_piddir(cmdline_lp_ctx), binary_name); /* Do *not* remove this, until you have removed * passdb/secrets.c, and proved that Samba still builds... */ /* Setup the SECRETS subsystem */ if (secrets_init(talloc_autofree_context(), cmdline_lp_ctx) == NULL) { exit(1); } gensec_init(cmdline_lp_ctx); /* FIXME: */ ntptr_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization function of the spoolss RPC server instead? */ ntvfs_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization functions of the SMB[,2] server instead? */ process_model_init(cmdline_lp_ctx); shared_init = load_samba_modules(NULL, cmdline_lp_ctx, "service"); run_init_functions(static_init); run_init_functions(shared_init); talloc_free(shared_init); /* the event context is the top level structure in smbd. Everything else should hang off that */ event_ctx = s4_event_context_init(talloc_autofree_context()); if (event_ctx == NULL) { DEBUG(0,("Initializing event context failed\n")); return 1; } if (opt_interactive) { /* terminate when stdin goes away */ stdin_event_flags = TEVENT_FD_READ; } else { /* stay alive forever */ stdin_event_flags = 0; } /* catch EOF on stdin */ #ifdef SIGTTIN signal(SIGTTIN, SIG_IGN); #endif tevent_add_fd(event_ctx, event_ctx, 0, stdin_event_flags, server_stdin_handler, discard_const(binary_name)); if (max_runtime) { tevent_add_timer(event_ctx, event_ctx, timeval_current_ofs(max_runtime, 0), max_runtime_handler, discard_const(binary_name)); } DEBUG(0,("%s: using '%s' process model\n", binary_name, model)); status = server_service_startup(event_ctx, cmdline_lp_ctx, model, lp_server_services(cmdline_lp_ctx)); if (!NT_STATUS_IS_OK(status)) { DEBUG(0,("Starting Services failed - %s\n", nt_errstr(status))); return 1; } /* wait for events - this is where smbd sits for most of its life */ tevent_loop_wait(event_ctx); /* as everything hangs off this event context, freeing it should initiate a clean shutdown of all services */ talloc_free(event_ctx); return 0; }
int psec_setsec(char *printer) { DOM_SID user_sid, group_sid; SEC_ACE *ace_list = NULL; SEC_ACL *dacl = NULL; SEC_DESC *sd; SEC_DESC_BUF *sdb = NULL; int result = 0, num_aces = 0; fstring line, keystr, tdb_path; size_t size; prs_struct ps; TALLOC_CTX *mem_ctx = NULL; BOOL has_user_sid = False, has_group_sid = False; ZERO_STRUCT(ps); /* Open tdb for reading */ slprintf(tdb_path, sizeof(tdb_path) - 1, "%s/ntdrivers.tdb", lp_lockdir()); tdb = tdb_open(tdb_path, 0, 0, O_RDWR, 0600); if (!tdb) { printf("psec: failed to open nt drivers database: %s\n", sys_errlist[errno]); result = 1; goto done; } /* Read owner and group sid */ fgets(line, sizeof(fstring), stdin); if (line[0] != '\n') { string_to_sid(&user_sid, line); has_user_sid = True; } fgets(line, sizeof(fstring), stdin); if (line[0] != '\n') { string_to_sid(&group_sid, line); has_group_sid = True; } /* Read ACEs from standard input for discretionary ACL */ while(fgets(line, sizeof(fstring), stdin)) { int ace_type, ace_flags; uint32 ace_mask; fstring sidstr; DOM_SID sid; SEC_ACCESS sa; if (sscanf(line, "%d %d 0x%x %s", &ace_type, &ace_flags, &ace_mask, sidstr) != 4) { continue; } string_to_sid(&sid, sidstr); ace_list = Realloc(ace_list, sizeof(SEC_ACE) * (num_aces + 1)); init_sec_access(&sa, ace_mask); init_sec_ace(&ace_list[num_aces], &sid, ace_type, sa, ace_flags); num_aces++; } dacl = make_sec_acl(ACL_REVISION, num_aces, ace_list); free(ace_list); /* Create security descriptor */ sd = make_sec_desc(SEC_DESC_REVISION, has_user_sid ? &user_sid : NULL, has_group_sid ? &group_sid : NULL, NULL, /* System ACL */ dacl, /* Discretionary ACL */ &size); free_sec_acl(&dacl); sdb = make_sec_desc_buf(size, sd); free_sec_desc(&sd); /* Write security descriptor to tdb */ mem_ctx = talloc_init(); if (!mem_ctx) { printf("memory allocation error\n"); result = 1; goto done; } prs_init(&ps, (uint32)sec_desc_size(sdb->sec) + sizeof(SEC_DESC_BUF), 4, mem_ctx, MARSHALL); if (!sec_io_desc_buf("nt_printing_setsec", &sdb, &ps, 1)) { printf("sec_io_desc_buf failed\n"); goto done; } slprintf(keystr, sizeof(keystr) - 1, "SECDESC/%s", printer); if (!tdb_prs_store(tdb, keystr, &ps)==0) { printf("Failed to store secdesc for %s\n", printer); goto done; } done: if (tdb) tdb_close(tdb); if (sdb) free_sec_desc_buf(&sdb); if (mem_ctx) talloc_destroy(mem_ctx); prs_mem_free(&ps); return result; }
int psec_setsec(char *printer) { struct dom_sid user_sid, group_sid; SEC_ACE *ace_list = NULL; SEC_ACL *dacl = NULL; SEC_DESC *sd; SEC_DESC_BUF *sdb = NULL; int result = 0, num_aces = 0; fstring line, keystr, tdb_path; size_t size; prs_struct ps; TALLOC_CTX *mem_ctx = NULL; BOOL has_user_sid = False, has_group_sid = False; ZERO_STRUCT(ps); /* Open tdb for reading */ slprintf(tdb_path, sizeof(tdb_path) - 1, "%s/ntdrivers.tdb", lp_lockdir()); tdb = tdb_open(tdb_path, 0, 0, O_RDWR, 0600); if (!tdb) { printf("psec: failed to open nt drivers database: %s\n", sys_errlist[errno]); result = 1; goto done; } /* Read owner and group sid */ fgets(line, sizeof(fstring), stdin); if (line[0] != '\n') { string_to_sid(&user_sid, line); has_user_sid = True; } fgets(line, sizeof(fstring), stdin); if (line[0] != '\n') { string_to_sid(&group_sid, line); has_group_sid = True; } /* Read ACEs from standard input for discretionary ACL */ while(fgets(line, sizeof(fstring), stdin)) { int ace_type, ace_flags; uint32 ace_mask; fstring sidstr; struct dom_sid sid; SEC_ACCESS sa; if (sscanf(line, "%d %d 0x%x %s", &ace_type, &ace_flags, &ace_mask, sidstr) != 4) { continue; } string_to_sid(&sid, sidstr); ace_list = Realloc(ace_list, sizeof(SEC_ACE) * (num_aces + 1)); init_sec_access(&sa, ace_mask); init_sec_ace(&ace_list[num_aces], &sid, ace_type, sa, ace_flags); num_aces++; } dacl = make_sec_acl(ACL_REVISION, num_aces, ace_list); free(ace_list); /* Create security descriptor */ sd = make_sec_desc(SEC_DESC_REVISION, has_user_sid ? &user_sid : NULL, has_group_sid ? &group_sid : NULL
int psec_getsec(char *printer) { SEC_DESC_BUF *secdesc_ctr = NULL; TALLOC_CTX *mem_ctx = NULL; fstring keystr, sidstr, tdb_path; prs_struct ps; int result = 0, i; ZERO_STRUCT(ps); /* Open tdb for reading */ slprintf(tdb_path, sizeof(tdb_path) - 1, "%s/ntdrivers.tdb", lp_lockdir()); tdb = tdb_open(tdb_path, 0, 0, O_RDONLY, 0600); if (!tdb) { printf("psec: failed to open nt drivers database: %s\n", sys_errlist[errno]); return 1; } /* Get security blob from tdb */ slprintf(keystr, sizeof(keystr) - 1, "SECDESC/%s", printer); mem_ctx = talloc_init(); if (!mem_ctx) { printf("memory allocation error\n"); result = 1; goto done; } if (tdb_prs_fetch(tdb, keystr, &ps, mem_ctx) != 0) { printf("error fetching descriptor for printer %s\n", printer); /* cannot do a prs_mem_free() when tdb_prs_fetch fails */ /* as the prs structure has not been initialized */ tdb_close(tdb); talloc_destroy(mem_ctx); return 1; } /* Unpack into security descriptor buffer */ if (!sec_io_desc_buf("nt_printing_getsec", &secdesc_ctr, &ps, 1)) { printf("error unpacking sec_desc_buf\n"); result = 1; goto done; } /* Print owner and group sid */ if (secdesc_ctr->sec->owner_sid) { sid_to_string(sidstr, secdesc_ctr->sec->owner_sid); } else { fstrcpy(sidstr, ""); } printf("%s\n", sidstr); if (secdesc_ctr->sec->grp_sid) { sid_to_string(sidstr, secdesc_ctr->sec->grp_sid); } else { fstrcpy(sidstr, ""); } printf("%s\n", sidstr); /* Print aces */ if (!secdesc_ctr->sec->dacl) { result = 0; goto done; } for (i = 0; i < secdesc_ctr->sec->dacl->num_aces; i++) { SEC_ACE *ace = &secdesc_ctr->sec->dacl->ace[i]; sid_to_string(sidstr, &ace->sid); printf("%d %d 0x%08x %s\n", ace->type, ace->flags, ace->info.mask, sidstr); } done: if (tdb) tdb_close(tdb); if (mem_ctx) talloc_destroy(mem_ctx); if (secdesc_ctr) free_sec_desc_buf(&secdesc_ctr); prs_mem_free(&ps); return result; }