static int do_global_checks(struct loadparm_context *lp_ctx)
{
int ret = 0;
if (!directory_exist(lp_lockdir(lp_ctx))) {
fprintf(stderr, "ERROR: lock directory %s does not exist\n",
lp_lockdir(lp_ctx));
ret = 1;
}
if (!directory_exist(lp_piddir(lp_ctx))) {
fprintf(stderr, "ERROR: pid directory %s does not exist\n",
lp_piddir(lp_ctx));
ret = 1;
}
if (strlen(lp_winbind_separator(lp_ctx)) != 1) {
fprintf(stderr,"ERROR: the 'winbind separator' parameter must be a single character.\n");
ret = 1;
}
if (*lp_winbind_separator(lp_ctx) == '+') {
fprintf(stderr,"'winbind separator = +' might cause problems with group membership.\n");
}
return ret;
}
static BOOL irix_oplocks_available(void)
{
int fd;
int pfd[2];
pstring tmpname;
oplock_set_capability(True, False);
slprintf(tmpname,sizeof(tmpname)-1, "%s/koplock.%d", lp_lockdir(), (int)sys_getpid());
if(pipe(pfd) != 0) {
DEBUG(0,("check_kernel_oplocks: Unable to create pipe. Error was %s\n",
strerror(errno) ));
return False;
}
if((fd = sys_open(tmpname, O_RDWR|O_CREAT|O_EXCL|O_TRUNC, 0600)) < 0) {
DEBUG(0,("check_kernel_oplocks: Unable to open temp test file %s. Error was %s\n",
tmpname, strerror(errno) ));
unlink( tmpname );
close(pfd[0]);
close(pfd[1]);
return False;
}
unlink(tmpname);
if(sys_fcntl_long(fd, F_OPLKREG, pfd[1]) == -1) {
DEBUG(0,("check_kernel_oplocks: Kernel oplocks are not available on this machine. \
Disabling kernel oplock support.\n" ));
close(pfd[0]);
close(pfd[1]);
close(fd);
return False;
}
BOOL gencache_init(void)
{
char* cache_fname = NULL;
/* skip file open if it's already opened */
if (cache) return True;
asprintf(&cache_fname, "%s/%s", lp_lockdir(), "gencache.tdb");
if (cache_fname)
DEBUG(5, ("Opening cache file at %s\n", cache_fname));
else {
DEBUG(0, ("Filename allocation failed.\n"));
return False;
}
cache = tdb_open_log(cache_fname, 0, TDB_DEFAULT,
O_RDWR|O_CREAT, 0644);
SAFE_FREE(cache_fname);
if (!cache) {
DEBUG(5, ("Attempt to open gencache.tdb has failed.\n"));
return False;
}
return True;
}
const char *get_dyn_CACHEDIR(void)
{
#ifdef FHS_COMPATIBLE
return CACHEDIR;
#else
return lp_lockdir();
#endif
}
void sync_browse_lists(struct work_record *work,
char *name, int nm_type,
struct in_addr ip, bool local, bool servers)
{
struct sync_record *s;
static int counter;
START_PROFILE(sync_browse_lists);
/* Check we're not trying to sync with ourselves. This can
happen if we are a domain *and* a local master browser. */
if (ismyip_v4(ip)) {
done:
END_PROFILE(sync_browse_lists);
return;
}
s = SMB_MALLOC_P(struct sync_record);
if (!s) goto done;
ZERO_STRUCTP(s);
unstrcpy(s->workgroup, work->work_group);
unstrcpy(s->server, name);
s->ip = ip;
if (asprintf(&s->fname, "%s/sync.%d", lp_lockdir(), counter++) < 0) {
SAFE_FREE(s);
goto done;
}
/* Safe to use as 0 means no size change. */
all_string_sub(s->fname,"//", "/", 0);
DLIST_ADD(syncs, s);
/* the parent forks and returns, leaving the child to do the
actual sync and call END_PROFILE*/
CatchChild();
if ((s->pid = sys_fork())) return;
BlockSignals( False, SIGTERM );
DEBUG(2,("Initiating browse sync for %s to %s(%s)\n",
work->work_group, name, inet_ntoa(ip)));
fp = x_fopen(s->fname,O_WRONLY|O_CREAT|O_TRUNC, 0644);
if (!fp) {
END_PROFILE(sync_browse_lists);
_exit(1);
}
sync_child(name, nm_type, work->work_group, ip, local, servers,
s->fname);
x_fclose(fp);
END_PROFILE(sync_browse_lists);
_exit(0);
}
static BOOL irix_oplocks_available(void)
{
int fd;
int pfd[2];
pstring tmpname;
set_effective_capability(KERNEL_OPLOCK_CAPABILITY);
slprintf(tmpname,sizeof(tmpname)-1, "%s/koplock.%d", lp_lockdir(),
(int)sys_getpid());
if(pipe(pfd) != 0) {
DEBUG(0,("check_kernel_oplocks: Unable to create pipe. Error "
"was %s\n",
strerror(errno) ));
return False;
}
if((fd = sys_open(tmpname, O_RDWR|O_CREAT|O_EXCL|O_TRUNC, 0600)) < 0) {
DEBUG(0,("check_kernel_oplocks: Unable to open temp test file "
"%s. Error was %s\n",
tmpname, strerror(errno) ));
unlink( tmpname );
close(pfd[0]);
close(pfd[1]);
return False;
}
unlink(tmpname);
if(sys_fcntl_long(fd, F_OPLKREG, pfd[1]) == -1) {
DEBUG(0,("check_kernel_oplocks: Kernel oplocks are not "
"available on this machine. Disabling kernel oplock "
"support.\n" ));
close(pfd[0]);
close(pfd[1]);
close(fd);
return False;
}
if(sys_fcntl_long(fd, F_OPLKACK, OP_REVOKE) < 0 ) {
DEBUG(0,("check_kernel_oplocks: Error when removing kernel "
"oplock. Error was %s. Disabling kernel oplock "
"support.\n", strerror(errno) ));
close(pfd[0]);
close(pfd[1]);
close(fd);
return False;
}
close(pfd[0]);
close(pfd[1]);
close(fd);
return True;
}
/*******************************************************************
name a share file
******************************************************************/
static BOOL share_name(int cnum, uint32 dev, uint32 inode, char *name)
{
int len;
pstrcpy(name,lp_lockdir());
trim_string(name,"","/");
if (!*name) return(False);
len = strlen(name);
name += len;
slprintf(name,sizeof(pstring) - len - 1,"/share.%u.%u",dev,inode);
return(True);
}
int main2(int argc,const char *argv[])
{
/* shall I run as a daemon */
static BOOL is_daemon = False;
static BOOL interactive = False;
static BOOL Fork = True;
static BOOL no_process_group = False;
static BOOL log_stdout = False;
static char *ports = NULL;
int opt;
#ifndef _XBOX
poptContext pc;
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_VAL, &is_daemon, True, "Become a daemon (default)" },
{"interactive", 'i', POPT_ARG_VAL, &interactive, True, "Run interactive (not a daemon)"},
{"foreground", 'F', POPT_ARG_VAL, &Fork, False, "Run daemon in foreground (for daemontools, etc.)" },
{"no-process-group", '\0', POPT_ARG_VAL, &no_process_group, True, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_VAL, &log_stdout, True, "Log to stdout" },
{"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" },
{"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"},
POPT_COMMON_SAMBA
POPT_COMMON_DYNCONFIG
POPT_TABLEEND
};
#else
interactive = True;
log_stdout = True;
#endif
load_case_tables();
#ifdef HAVE_SET_AUTH_PARAMETERS
set_auth_parameters(argc,argv);
#endif
#ifndef _XBOX
pc = poptGetContext("smbd", argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case 'b':
build_options(True); /* Display output to screen as well as debug */
exit(0);
break;
}
}
poptFreeContext(pc);
#endif
#ifdef HAVE_SETLUID
/* needed for SecureWare on SCO */
setluid(0);
#endif
sec_init();
set_remote_machine_name("smbd", False);
if (interactive) {
Fork = False;
log_stdout = True;
}
if (interactive && (DEBUGLEVEL >= 9)) {
talloc_enable_leak_report();
}
if (log_stdout && Fork) {
DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
exit(1);
}
setup_logging(argv[0],log_stdout);
/* we want to re-seed early to prevent time delays causing
client problems at a later date. (tridge) */
generate_random_buffer(NULL, 0);
/* make absolutely sure we run as root - to handle cases where people
are crazy enough to have it setuid */
gain_root_privilege();
gain_root_group_privilege();
#ifndef _XBOX
fault_setup((void (*)(void *))exit_server_fault);
dump_core_setup("smbd");
#endif
CatchSignal(SIGTERM , SIGNAL_CAST sig_term);
#ifndef _XBOX
CatchSignal(SIGHUP,SIGNAL_CAST sig_hup);
/* we are never interested in SIGPIPE */
BlockSignals(True,SIGPIPE);
#endif
#if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals(True,SIGFPE);
#endif
#if defined(SIGUSR2)
/* We are no longer interested in USR2 */
BlockSignals(True,SIGUSR2);
#endif
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked, we will have problems, as we won't recieve them. */
#ifndef _XBOX
BlockSignals(False, SIGHUP);
#endif
BlockSignals(False, SIGUSR1);
BlockSignals(False, SIGTERM);
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask(0);
init_sec_ctx();
reopen_logs();
DEBUG(0,( "smbd version %s started.\n", SAMBA_VERSION_STRING));
DEBUGADD( 0, ( "%s\n", COPYRIGHT_STARTUP_MESSAGE ) );
DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
(int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
/* Output the build options to the debug log */
build_options(False);
if (sizeof(uint16) < 2 || sizeof(uint32) < 4) {
DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
exit(1);
}
/*
* Do this before reload_services.
*/
if (!reload_services(False))
return(-1);
init_structs();
#ifdef WITH_PROFILE
if (!profile_setup(False)) {
DEBUG(0,("ERROR: failed to setup profiling\n"));
return -1;
}
#endif
DEBUG(3,( "loaded services\n"));
if (!is_daemon && !is_a_socket(0)) {
if (!interactive)
DEBUG(0,("standard input is not a socket, assuming -D option\n"));
/*
* Setting is_daemon here prevents us from eventually calling
* the open_sockets_inetd()
*/
is_daemon = True;
}
if (is_daemon && !interactive) {
DEBUG( 3, ( "Becoming a daemon.\n" ) );
become_daemon(Fork, no_process_group);
}
#if HAVE_SETPGID
/*
* If we're interactive we want to set our own process group for
* signal management.
*/
if (interactive && !no_process_group)
setpgid( (pid_t)0, (pid_t)0);
#endif
if (!directory_exist(lp_lockdir(), NULL))
mkdir(lp_lockdir(), 0755);
#ifndef _XBOX
if (is_daemon)
pidfile_create("smbd");
#endif
/* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
if (!message_init())
exit(1);
/* Initialize our global sam sid first -- quite a lot of the other
* initialization routines further down depend on it.
*/
/* Initialise the password backed before the global_sam_sid
to ensure that we fetch from ldap before we make a domain sid up */
if(!initialize_password_db(False))
exit(1);
/* Fail gracefully if we can't open secrets.tdb */
if (!secrets_init()) {
DEBUG(0, ("ERROR: smbd can not open secrets.tdb\n"));
exit(1);
}
if(!get_global_sam_sid()) {
DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n"));
exit(1);
}
if (!session_init())
exit(1);
if (conn_tdb_ctx() == NULL)
exit(1);
if (!locking_init(0))
exit(1);
namecache_enable();
if (!init_registry())
exit(1);
#if 0
if (!init_svcctl_db())
exit(1);
#endif
#ifndef _XBOX
if (!print_backend_init())
exit(1);
#endif
if (!init_guest_info()) {
DEBUG(0,("ERROR: failed to setup guest info.\n"));
return -1;
}
/* Setup the main smbd so that we can get messages. */
/* don't worry about general printing messages here */
claim_connection(NULL,"",0,True,FLAG_MSG_GENERAL|FLAG_MSG_SMBD);
/* only start the background queue daemon if we are
running as a daemon -- bad things will happen if
smbd is launched via inetd and we fork a copy of
ourselves here */
#ifndef _XBOX
if ( is_daemon && !interactive )
start_background_queue();
#endif
/* Always attempt to initialize DMAPI. We will only use it later if
* lp_dmapi_support is set on the share, but we need a single global
* session to work with.
*/
dmapi_init_session();
if (!open_sockets_smbd(is_daemon, interactive, ports))
exit(1);
/*
* everything after this point is run after the fork()
*/
static_init_rpc;
init_modules();
/* possibly reload the services file. */
reload_services(True);
if (!init_account_policy()) {
DEBUG(0,("Could not open account policy tdb.\n"));
exit(1);
}
if (*lp_rootdir()) {
if (sys_chroot(lp_rootdir()) == 0)
DEBUG(2,("Changed root to %s\n", lp_rootdir()));
}
/* Setup oplocks */
if (!init_oplocks())
exit(1);
/* Setup change notify */
if (!init_change_notify())
exit(1);
/* Setup aio signal handler. */
initialize_async_io_handler();
/* re-initialise the timezone */
TimeInit();
/* register our message handlers */
message_register(MSG_SMB_FORCE_TDIS, msg_force_tdis);
smbd_process();
#ifdef _XBOX
xb_DecClientCount();
#endif
namecache_shutdown();
exit_server_cleanly(NULL);
return(0);
}
static bool irix_oplocks_available(void)
{
int fd;
int pfd[2];
TALLOC_CTX *ctx = talloc_stackframe();
char *tmpname = NULL;
set_effective_capability(KERNEL_OPLOCK_CAPABILITY);
tmpname = talloc_asprintf(ctx,
"%s/koplock.%d",
lp_lockdir(),
(int)getpid());
if (!tmpname) {
TALLOC_FREE(ctx);
return False;
}
if(pipe(pfd) != 0) {
DEBUG(0,("check_kernel_oplocks: Unable to create pipe. Error "
"was %s\n",
strerror(errno) ));
TALLOC_FREE(ctx);
return False;
}
if((fd = open(tmpname, O_RDWR|O_CREAT|O_EXCL|O_TRUNC, 0600)) < 0) {
DEBUG(0,("check_kernel_oplocks: Unable to open temp test file "
"%s. Error was %s\n",
tmpname, strerror(errno) ));
unlink( tmpname );
close(pfd[0]);
close(pfd[1]);
TALLOC_FREE(ctx);
return False;
}
unlink(tmpname);
TALLOC_FREE(ctx);
if(sys_fcntl_long(fd, F_OPLKREG, pfd[1]) == -1) {
DEBUG(0,("check_kernel_oplocks: Kernel oplocks are not "
"available on this machine. Disabling kernel oplock "
"support.\n" ));
close(pfd[0]);
close(pfd[1]);
close(fd);
return False;
}
if(sys_fcntl_long(fd, F_OPLKACK, OP_REVOKE) < 0 ) {
DEBUG(0,("check_kernel_oplocks: Error when removing kernel "
"oplock. Error was %s. Disabling kernel oplock "
"support.\n", strerror(errno) ));
close(pfd[0]);
close(pfd[1]);
close(fd);
return False;
}
close(pfd[0]);
close(pfd[1]);
close(fd);
return True;
}
int main(int argc,const char *argv[])
{
/* shall I run as a daemon */
bool is_daemon = false;
bool interactive = false;
bool Fork = true;
bool no_process_group = false;
bool log_stdout = false;
char *ports = NULL;
char *profile_level = NULL;
int opt;
poptContext pc;
bool print_build_options = False;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_FORK,
OPT_NO_PROCESS_GROUP,
OPT_LOG_STDOUT
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"},
{"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" },
{"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
{"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" },
{"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"},
{"profiling-level", 'P', POPT_ARG_STRING, &profile_level, 0, "Set profiling level","PROFILE_LEVEL"},
POPT_COMMON_SAMBA
POPT_COMMON_DYNCONFIG
POPT_TABLEEND
};
struct smbd_parent_context *parent = NULL;
TALLOC_CTX *frame;
NTSTATUS status;
uint64_t unique_id;
struct tevent_context *ev_ctx;
struct messaging_context *msg_ctx;
/*
* Do this before any other talloc operation
*/
talloc_enable_null_tracking();
frame = talloc_stackframe();
setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
load_case_tables();
smbd_init_globals();
TimeInit();
#ifdef HAVE_SET_AUTH_PARAMETERS
set_auth_parameters(argc,argv);
#endif
pc = poptGetContext("smbd", argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_DAEMON:
is_daemon = true;
break;
case OPT_INTERACTIVE:
interactive = true;
break;
case OPT_FORK:
Fork = false;
break;
case OPT_NO_PROCESS_GROUP:
no_process_group = true;
break;
case OPT_LOG_STDOUT:
log_stdout = true;
break;
case 'b':
print_build_options = True;
break;
default:
d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
exit(1);
}
}
poptFreeContext(pc);
if (interactive) {
Fork = False;
log_stdout = True;
}
if (log_stdout) {
setup_logging(argv[0], DEBUG_STDOUT);
} else {
setup_logging(argv[0], DEBUG_FILE);
}
if (print_build_options) {
build_options(True); /* Display output to screen as well as debug */
exit(0);
}
#ifdef HAVE_SETLUID
/* needed for SecureWare on SCO */
setluid(0);
#endif
set_remote_machine_name("smbd", False);
if (interactive && (DEBUGLEVEL >= 9)) {
talloc_enable_leak_report();
}
if (log_stdout && Fork) {
DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
exit(1);
}
/* we want to re-seed early to prevent time delays causing
client problems at a later date. (tridge) */
generate_random_buffer(NULL, 0);
/* get initial effective uid and gid */
sec_init();
/* make absolutely sure we run as root - to handle cases where people
are crazy enough to have it setuid */
gain_root_privilege();
gain_root_group_privilege();
fault_setup();
dump_core_setup("smbd", lp_logfile());
/* we are never interested in SIGPIPE */
BlockSignals(True,SIGPIPE);
#if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals(True,SIGFPE);
#endif
#if defined(SIGUSR2)
/* We are no longer interested in USR2 */
BlockSignals(True,SIGUSR2);
#endif
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked, we will have problems, as we won't recieve them. */
BlockSignals(False, SIGHUP);
BlockSignals(False, SIGUSR1);
BlockSignals(False, SIGTERM);
/* Ensure we leave no zombies until we
* correctly set up child handling below. */
CatchChild();
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask(0);
reopen_logs();
DEBUG(0,("smbd version %s started.\n", samba_version_string()));
DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
(int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
/* Output the build options to the debug log */
build_options(False);
if (sizeof(uint16) < 2 || sizeof(uint32) < 4) {
DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
exit(1);
}
if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
exit(1);
}
/* Init the security context and global current_user */
init_sec_ctx();
/*
* Initialize the event context. The event context needs to be
* initialized before the messaging context, cause the messaging
* context holds an event context.
* FIXME: This should be s3_tevent_context_init()
*/
ev_ctx = server_event_context();
if (ev_ctx == NULL) {
exit(1);
}
/*
* Init the messaging context
* FIXME: This should only call messaging_init()
*/
msg_ctx = server_messaging_context();
if (msg_ctx == NULL) {
exit(1);
}
/*
* Reloading of the printers will not work here as we don't have a
* server info and rpc services set up. It will be called later.
*/
if (!reload_services(NULL, -1, False)) {
exit(1);
}
/* ...NOTE... Log files are working from this point! */
DEBUG(3,("loaded services\n"));
init_structs();
#ifdef WITH_PROFILE
if (!profile_setup(msg_ctx, False)) {
DEBUG(0,("ERROR: failed to setup profiling\n"));
return -1;
}
if (profile_level != NULL) {
int pl = atoi(profile_level);
struct server_id src;
DEBUG(1, ("setting profiling level: %s\n",profile_level));
src.pid = getpid();
set_profile_level(pl, src);
}
#endif
if (!is_daemon && !is_a_socket(0)) {
if (!interactive)
DEBUG(0,("standard input is not a socket, assuming -D option\n"));
/*
* Setting is_daemon here prevents us from eventually calling
* the open_sockets_inetd()
*/
is_daemon = True;
}
if (is_daemon && !interactive) {
DEBUG( 3, ( "Becoming a daemon.\n" ) );
become_daemon(Fork, no_process_group, log_stdout);
}
generate_random_buffer((uint8_t *)&unique_id, sizeof(unique_id));
set_my_unique_id(unique_id);
#if HAVE_SETPGID
/*
* If we're interactive we want to set our own process group for
* signal management.
*/
if (interactive && !no_process_group)
setpgid( (pid_t)0, (pid_t)0);
#endif
if (!directory_exist(lp_lockdir()))
mkdir(lp_lockdir(), 0755);
if (is_daemon)
pidfile_create("smbd");
status = reinit_after_fork(msg_ctx,
ev_ctx,
procid_self(), false);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("reinit_after_fork() failed\n"));
exit(1);
}
smbd_server_conn->msg_ctx = msg_ctx;
smbd_setup_sig_term_handler();
smbd_setup_sig_hup_handler(ev_ctx,
msg_ctx);
/* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
if (smbd_memcache() == NULL) {
exit(1);
}
memcache_set_global(smbd_memcache());
/* Initialise the password backed before the global_sam_sid
to ensure that we fetch from ldap before we make a domain sid up */
if(!initialize_password_db(false, ev_ctx))
exit(1);
if (!secrets_init()) {
DEBUG(0, ("ERROR: smbd can not open secrets.tdb\n"));
exit(1);
}
if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) {
struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_context());
if (!open_schannel_session_store(NULL, lp_ctx)) {
DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n"));
exit(1);
}
TALLOC_FREE(lp_ctx);
}
if(!get_global_sam_sid()) {
DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n"));
exit(1);
}
if (!sessionid_init()) {
exit(1);
}
if (!connections_init(True))
exit(1);
if (!locking_init())
exit(1);
if (!messaging_tdb_parent_init(ev_ctx)) {
exit(1);
}
if (!notify_internal_parent_init(ev_ctx)) {
exit(1);
}
if (!serverid_parent_init(ev_ctx)) {
exit(1);
}
if (!W_ERROR_IS_OK(registry_init_full()))
exit(1);
/* Open the share_info.tdb here, so we don't have to open
after the fork on every single connection. This is a small
performance improvment and reduces the total number of system
fds used. */
if (!share_info_db_init()) {
DEBUG(0,("ERROR: failed to load share info db.\n"));
exit(1);
}
status = init_system_info();
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("ERROR: failed to setup system user info: %s.\n",
nt_errstr(status)));
return -1;
}
if (!init_guest_info()) {
DEBUG(0,("ERROR: failed to setup guest info.\n"));
return -1;
}
if (!file_init(smbd_server_conn)) {
DEBUG(0, ("ERROR: file_init failed\n"));
return -1;
}
/* This MUST be done before start_epmd() because otherwise
* start_epmd() forks and races against dcesrv_ep_setup() to
* call directory_create_or_exist() */
if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
DEBUG(0, ("Failed to create pipe directory %s - %s\n",
lp_ncalrpc_dir(), strerror(errno)));
return -1;
}
if (is_daemon && !interactive) {
if (rpc_epmapper_daemon() == RPC_DAEMON_FORK) {
start_epmd(ev_ctx, msg_ctx);
}
}
if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) {
exit(1);
}
/* only start other daemons if we are running as a daemon
* -- bad things will happen if smbd is launched via inetd
* and we fork a copy of ourselves here */
if (is_daemon && !interactive) {
if (rpc_lsasd_daemon() == RPC_DAEMON_FORK) {
start_lsasd(ev_ctx, msg_ctx);
}
if (!_lp_disable_spoolss() &&
(rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
bool bgq = lp_parm_bool(-1, "smbd", "backgroundqueue", true);
if (!printing_subsystem_init(ev_ctx, msg_ctx, true, bgq)) {
exit(1);
}
}
} else if (!_lp_disable_spoolss() &&
(rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
if (!printing_subsystem_init(ev_ctx, msg_ctx, false, false)) {
exit(1);
}
}
if (!is_daemon) {
/* inetd mode */
TALLOC_FREE(frame);
/* Started from inetd. fd 0 is the socket. */
/* We will abort gracefully when the client or remote system
goes away */
smbd_server_conn->sock = dup(0);
/* close our standard file descriptors */
if (!debug_get_output_is_stdout()) {
close_low_fds(False); /* Don't close stderr */
}
#ifdef HAVE_ATEXIT
atexit(killkids);
#endif
/* Stop zombies */
smbd_setup_sig_chld_handler(ev_ctx);
smbd_process(ev_ctx, smbd_server_conn);
exit_server_cleanly(NULL);
return(0);
}
parent = talloc_zero(ev_ctx, struct smbd_parent_context);
if (!parent) {
exit_server("talloc(struct smbd_parent_context) failed");
}
parent->interactive = interactive;
if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports))
exit_server("open_sockets_smbd() failed");
/* do a printer update now that all messaging has been set up,
* before we allow clients to start connecting */
printing_subsystem_update(ev_ctx, msg_ctx, false);
TALLOC_FREE(frame);
/* make sure we always have a valid stackframe */
frame = talloc_stackframe();
smbd_parent_loop(ev_ctx, parent);
exit_server_cleanly(NULL);
TALLOC_FREE(frame);
return(0);
}
int main(int argc, const char *argv[])
{
static bool is_daemon;
static bool opt_interactive;
static bool Fork = true;
static bool no_process_group;
static bool log_stdout;
poptContext pc;
char *p_lmhosts = NULL;
int opt;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_FORK,
OPT_NO_PROCESS_GROUP,
OPT_LOG_STDOUT
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon(default)" },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)" },
{"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools & etc)" },
{"no-process-group", 0, POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
{"hosts", 'H', POPT_ARG_STRING, &p_lmhosts, 0, "Load a netbios hosts file"},
{"port", 'p', POPT_ARG_INT, &global_nmb_port, 0, "Listen on the specified port" },
POPT_COMMON_SAMBA
{ NULL }
};
TALLOC_CTX *frame;
NTSTATUS status;
/*
* Do this before any other talloc operation
*/
talloc_enable_null_tracking();
frame = talloc_stackframe();
setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
load_case_tables();
global_nmb_port = NMB_PORT;
pc = poptGetContext("nmbd", argc, argv, long_options, 0);
while ((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_DAEMON:
is_daemon = true;
break;
case OPT_INTERACTIVE:
opt_interactive = true;
break;
case OPT_FORK:
Fork = false;
break;
case OPT_NO_PROCESS_GROUP:
no_process_group = true;
break;
case OPT_LOG_STDOUT:
log_stdout = true;
break;
default:
d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
exit(1);
}
};
poptFreeContext(pc);
global_in_nmbd = true;
StartupTime = time(NULL);
sys_srandom(time(NULL) ^ sys_getpid());
if (!override_logfile) {
char *lfile = NULL;
if (asprintf(&lfile, "%s/log.nmbd", get_dyn_LOGFILEBASE()) < 0) {
exit(1);
}
lp_set_logfile(lfile);
SAFE_FREE(lfile);
}
fault_setup();
dump_core_setup("nmbd", lp_logfile());
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked, we will have problems, as we won't receive them. */
BlockSignals(False, SIGHUP);
BlockSignals(False, SIGUSR1);
BlockSignals(False, SIGTERM);
#if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals(True,SIGFPE);
#endif
/* We no longer use USR2... */
#if defined(SIGUSR2)
BlockSignals(True, SIGUSR2);
#endif
if ( opt_interactive ) {
Fork = False;
log_stdout = True;
}
if ( log_stdout && Fork ) {
DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
exit(1);
}
if (log_stdout) {
setup_logging(argv[0], DEBUG_STDOUT);
} else {
setup_logging( argv[0], DEBUG_FILE);
}
reopen_logs();
DEBUG(0,("nmbd version %s started.\n", samba_version_string()));
DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
exit(1);
}
if (nmbd_messaging_context() == NULL) {
return 1;
}
if ( !reload_nmbd_services(False) )
return(-1);
if(!init_names())
return -1;
reload_nmbd_services( True );
if (strequal(lp_workgroup(),"*")) {
DEBUG(0,("ERROR: a workgroup name of * is no longer supported\n"));
exit(1);
}
set_samba_nb_type();
if (!is_daemon && !is_a_socket(0)) {
DEBUG(0,("standard input is not a socket, assuming -D option\n"));
is_daemon = True;
}
if (is_daemon && !opt_interactive) {
DEBUG( 2, ( "Becoming a daemon.\n" ) );
become_daemon(Fork, no_process_group, log_stdout);
}
#if HAVE_SETPGID
/*
* If we're interactive we want to set our own process group for
* signal management.
*/
if (opt_interactive && !no_process_group)
setpgid( (pid_t)0, (pid_t)0 );
#endif
if (nmbd_messaging_context() == NULL) {
return 1;
}
#ifndef SYNC_DNS
/* Setup the async dns. We do it here so it doesn't have all the other
stuff initialised and thus chewing memory and sockets */
if(lp_we_are_a_wins_server() && lp_dns_proxy()) {
start_async_dns();
}
#endif
if (!directory_exist(lp_lockdir())) {
mkdir(lp_lockdir(), 0755);
}
pidfile_create("nmbd");
status = reinit_after_fork(nmbd_messaging_context(),
nmbd_event_context(),
procid_self(), false);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("reinit_after_fork() failed\n"));
exit(1);
}
if (!nmbd_setup_sig_term_handler())
exit(1);
if (!nmbd_setup_sig_hup_handler())
exit(1);
/* get broadcast messages */
if (!serverid_register(procid_self(),
FLAG_MSG_GENERAL |
FLAG_MSG_NMBD |
FLAG_MSG_DBWRAP)) {
DEBUG(1, ("Could not register myself in serverid.tdb\n"));
exit(1);
}
messaging_register(nmbd_messaging_context(), NULL,
MSG_FORCE_ELECTION, nmbd_message_election);
#if 0
/* Until winsrepl is done. */
messaging_register(nmbd_messaging_context(), NULL,
MSG_WINS_NEW_ENTRY, nmbd_wins_new_entry);
#endif
messaging_register(nmbd_messaging_context(), NULL,
MSG_SHUTDOWN, nmbd_terminate);
messaging_register(nmbd_messaging_context(), NULL,
MSG_SMB_CONF_UPDATED, msg_reload_nmbd_services);
messaging_register(nmbd_messaging_context(), NULL,
MSG_SEND_PACKET, msg_nmbd_send_packet);
TimeInit();
DEBUG( 3, ( "Opening sockets %d\n", global_nmb_port ) );
if ( !open_sockets( is_daemon, global_nmb_port ) ) {
kill_async_dns_child();
return 1;
}
/* Determine all the IP addresses we have. */
load_interfaces();
/* Create an nmbd subnet record for each of the above. */
if( False == create_subnets() ) {
DEBUG(0,("ERROR: Failed when creating subnet lists. Exiting.\n"));
kill_async_dns_child();
exit(1);
}
/* Load in any static local names. */
if (p_lmhosts) {
set_dyn_LMHOSTSFILE(p_lmhosts);
}
load_lmhosts_file(get_dyn_LMHOSTSFILE());
DEBUG(3,("Loaded hosts file %s\n", get_dyn_LMHOSTSFILE()));
/* If we are acting as a WINS server, initialise data structures. */
if( !initialise_wins() ) {
DEBUG( 0, ( "nmbd: Failed when initialising WINS server.\n" ) );
kill_async_dns_child();
exit(1);
}
/*
* Register nmbd primary workgroup and nmbd names on all
* the broadcast subnets, and on the WINS server (if specified).
* Also initiate the startup of our primary workgroup (start
* elections if we are setup as being able to be a local
* master browser.
*/
if( False == register_my_workgroup_and_names() ) {
DEBUG(0,("ERROR: Failed when creating my my workgroup. Exiting.\n"));
kill_async_dns_child();
exit(1);
}
if (!initialize_nmbd_proxy_logon()) {
DEBUG(0,("ERROR: Failed setup nmbd_proxy_logon.\n"));
kill_async_dns_child();
exit(1);
}
if (!nmbd_init_packet_server()) {
kill_async_dns_child();
exit(1);
}
TALLOC_FREE(frame);
process();
kill_async_dns_child();
return(0);
}
/**************************************************************************** **
main program
**************************************************************************** */
int main(int argc, const char *argv[])
{
pstring logfile;
static BOOL opt_interactive;
poptContext pc;
static char *p_lmhosts = dyn_LMHOSTSFILE;
static BOOL no_process_group = False;
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_VAL, &is_daemon, True, "Become a daemon(default)" },
{"interactive", 'i', POPT_ARG_VAL, &opt_interactive, True, "Run interactive (not a daemon)" },
{"foreground", 'F', POPT_ARG_VAL, &Fork, False, "Run daemon in foreground (for daemontools & etc)" },
{"no-process-group", 0, POPT_ARG_VAL, &no_process_group, True, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_VAL, &log_stdout, True, "Log to stdout" },
{"hosts", 'H', POPT_ARG_STRING, &p_lmhosts, 'H', "Load a netbios hosts file"},
{"port", 'p', POPT_ARG_INT, &global_nmb_port, NMB_PORT, "Listen on the specified port" },
POPT_COMMON_SAMBA
{ NULL }
};
load_case_tables();
global_nmb_port = NMB_PORT;
pc = poptGetContext("nmbd", argc, argv, long_options, 0);
while (poptGetNextOpt(pc) != -1) {};
poptFreeContext(pc);
global_in_nmbd = True;
StartupTime = time(NULL);
sys_srandom(time(NULL) ^ sys_getpid());
if (!override_logfile) {
slprintf(logfile, sizeof(logfile)-1, "%s/log.nmbd", dyn_LOGFILEBASE);
lp_set_logfile(logfile);
}
fault_setup((void (*)(void *))fault_continue );
dump_core_setup("nmbd");
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked, we will have problems, as we won't receive them. */
BlockSignals(False, SIGHUP);
BlockSignals(False, SIGUSR1);
BlockSignals(False, SIGTERM);
CatchSignal( SIGHUP, SIGNAL_CAST sig_hup );
CatchSignal( SIGTERM, SIGNAL_CAST sig_term );
#if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals(True,SIGFPE);
#endif
/* We no longer use USR2... */
#if defined(SIGUSR2)
BlockSignals(True, SIGUSR2);
#endif
if ( opt_interactive ) {
Fork = False;
log_stdout = True;
}
if ( log_stdout && Fork ) {
DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
exit(1);
}
setup_logging( argv[0], log_stdout );
reopen_logs();
DEBUG( 0, ( "Netbios nameserver version %s started.\n", SAMBA_VERSION_STRING) );
DEBUGADD( 0, ( "%s\n", COPYRIGHT_STARTUP_MESSAGE ) );
if ( !reload_nmbd_services(False) )
return(-1);
if(!init_names())
return -1;
reload_nmbd_services( True );
if (strequal(lp_workgroup(),"*")) {
DEBUG(0,("ERROR: a workgroup name of * is no longer supported\n"));
exit(1);
}
set_samba_nb_type();
if (!is_daemon && !is_a_socket(0)) {
DEBUG(0,("standard input is not a socket, assuming -D option\n"));
is_daemon = True;
}
if (is_daemon && !opt_interactive) {
DEBUG( 2, ( "Becoming a daemon.\n" ) );
become_daemon(Fork, no_process_group);
}
#if HAVE_SETPGID
/*
* If we're interactive we want to set our own process group for
* signal management.
*/
if (opt_interactive && !no_process_group)
setpgid( (pid_t)0, (pid_t)0 );
#endif
#ifndef SYNC_DNS
/* Setup the async dns. We do it here so it doesn't have all the other
stuff initialised and thus chewing memory and sockets */
if(lp_we_are_a_wins_server() && lp_dns_proxy()) {
start_async_dns();
}
#endif
if (!directory_exist(lp_lockdir(), NULL)) {
mkdir(lp_lockdir(), 0755);
}
pidfile_create("nmbd");
message_init();
message_register(MSG_FORCE_ELECTION, nmbd_message_election, NULL);
#if 0
/* Until winsrepl is done. */
message_register(MSG_WINS_NEW_ENTRY, nmbd_wins_new_entry, NULL);
#endif
message_register(MSG_SHUTDOWN, nmbd_terminate, NULL);
message_register(MSG_SMB_CONF_UPDATED, msg_reload_nmbd_services, NULL);
message_register(MSG_SEND_PACKET, msg_nmbd_send_packet, NULL);
TimeInit();
DEBUG( 3, ( "Opening sockets %d\n", global_nmb_port ) );
if ( !open_sockets( is_daemon, global_nmb_port ) ) {
kill_async_dns_child();
return 1;
}
/* Determine all the IP addresses we have. */
load_interfaces();
/* Create an nmbd subnet record for each of the above. */
if( False == create_subnets() ) {
DEBUG(0,("ERROR: Failed when creating subnet lists. Exiting.\n"));
kill_async_dns_child();
exit(1);
}
/* Load in any static local names. */
load_lmhosts_file(p_lmhosts);
DEBUG(3,("Loaded hosts file %s\n", p_lmhosts));
/* If we are acting as a WINS server, initialise data structures. */
if( !initialise_wins() ) {
DEBUG( 0, ( "nmbd: Failed when initialising WINS server.\n" ) );
kill_async_dns_child();
exit(1);
}
/*
* Register nmbd primary workgroup and nmbd names on all
* the broadcast subnets, and on the WINS server (if specified).
* Also initiate the startup of our primary workgroup (start
* elections if we are setup as being able to be a local
* master browser.
*/
if( False == register_my_workgroup_and_names() ) {
DEBUG(0,("ERROR: Failed when creating my my workgroup. Exiting.\n"));
kill_async_dns_child();
exit(1);
}
/* We can only take signals in the select. */
BlockSignals( True, SIGTERM );
process();
if (dbf)
x_fclose(dbf);
kill_async_dns_child();
return(0);
}
int main(int argc, char *argv[])
{
FILE *f;
pstring fname;
int uid, c;
static pstring servicesf = CONFIGFILE;
extern char *optarg;
int verbose = 0, brief =0;
BOOL processes_only=False;
int last_pid=0;
struct session_record *ptr;
TimeInit();
setup_logging(argv[0],True);
charset_initialise();
DEBUGLEVEL = 0;
dbf = fopen("/dev/null","w");
if (getuid() != geteuid()) {
printf("smbstatus should not be run setuid\n");
return(1);
}
while ((c = getopt(argc, argv, "pds:u:b")) != EOF) {
switch (c) {
case 'b':
brief = 1;
break;
case 'd':
verbose = 1;
break;
case 'p':
processes_only = 1;
break;
case 's':
pstrcpy(servicesf, optarg);
break;
case 'u': /* added by OH */
Ucrit_addUsername(optarg); /* added by OH */
break;
default:
fprintf(stderr, "Usage: %s [-d] [-p] [-s configfile] [-u username]\n", *argv); /* changed by OH */
return (-1);
}
}
get_myname(myhostname, NULL);
if (!lp_load(servicesf,False)) {
fprintf(stderr, "Can't load %s - run testparm to debug it\n", servicesf);
return (-1);
}
if (verbose) {
printf("using configfile = %s\n", servicesf);
printf("lockdir = %s\n", *lp_lockdir() ? lp_lockdir() : "NULL");
}
pstrcpy(fname,lp_lockdir());
standard_sub_basic(fname);
trim_string(fname,"","/");
pstrcat(fname,"/STATUS..LCK");
f = fopen(fname,"r");
if (!f) {
printf("Couldn't open status file %s\n",fname);
if (!lp_status(-1))
printf("You need to have status=yes in your smb config file\n");
return(0);
}
else if (verbose) {
printf("Opened status file %s\n", fname);
}
uid = getuid();
if (!processes_only) {
printf("\nSamba version %s\n",VERSION);
if (brief)
{
printf("PID Username Machine Time logged in\n");
printf("-------------------------------------------------------------------\n");
}
else
{
printf("Service uid gid pid machine\n");
printf("----------------------------------------------\n");
}
}
while (!feof(f))
{
if (fread(&crec,sizeof(crec),1,f) != 1)
break;
if ( crec.magic == 0x280267 && process_exists(crec.pid)
&& Ucrit_checkUsername(uidtoname(crec.uid)) /* added by OH */
)
{
if (brief)
{
ptr=srecs;
while (ptr!=NULL)
{
if ((ptr->pid==crec.pid)&&(strncmp(ptr->machine,crec.machine,30)==0))
{
if (ptr->start > crec.start)
ptr->start=crec.start;
break;
}
ptr=ptr->next;
}
if (ptr==NULL)
{
ptr=(struct session_record *) malloc(sizeof(struct session_record));
ptr->uid=crec.uid;
ptr->pid=crec.pid;
ptr->start=crec.start;
strncpy(ptr->machine,crec.machine,30);
ptr->machine[30]='\0';
ptr->next=srecs;
srecs=ptr;
}
}
else
{
Ucrit_addPid(crec.pid); /* added by OH */
if (processes_only) {
if (last_pid != crec.pid)
printf("%d\n",crec.pid);
last_pid = crec.pid; /* XXXX we can still get repeats, have to
add a sort at some time */
}
else
printf("%-10.10s %-8s %-8s %5d %-8s (%s) %s",
crec.name,uidtoname(crec.uid),gidtoname(crec.gid),crec.pid,
crec.machine,crec.addr,
asctime(LocalTime(&crec.start)));
}
}
}
fclose(f);
if (processes_only) exit(0);
if (brief)
{
ptr=srecs;
while (ptr!=NULL)
{
printf("%-8d%-10.10s%-30.30s%s",ptr->pid,uidtoname(ptr->uid),ptr->machine,asctime(LocalTime(&(ptr->start))));
ptr=ptr->next;
}
printf("\n");
exit(0);
}
printf("\n");
locking_init(1);
if (share_mode_forall(print_share_mode) <= 0)
printf("No locked files\n");
printf("\n");
share_status(stdout);
locking_end();
return (0);
}
/*
main server.
*/
static int binary_smbd_main(const char *binary_name, int argc, const char *argv[])
{
bool opt_daemon = false;
bool opt_interactive = false;
int opt;
poptContext pc;
extern NTSTATUS server_service_wrepl_init(void);
extern NTSTATUS server_service_kdc_init(void);
extern NTSTATUS server_service_ldap_init(void);
extern NTSTATUS server_service_web_init(void);
extern NTSTATUS server_service_ldap_init(void);
extern NTSTATUS server_service_winbind_init(void);
extern NTSTATUS server_service_nbtd_init(void);
extern NTSTATUS server_service_auth_init(void);
extern NTSTATUS server_service_cldapd_init(void);
extern NTSTATUS server_service_smb_init(void);
extern NTSTATUS server_service_drepl_init(void);
extern NTSTATUS server_service_rpc_init(void);
extern NTSTATUS server_service_ntp_signd_init(void);
extern NTSTATUS server_service_samba3_smb_init(void);
init_module_fn static_init[] = { STATIC_service_MODULES };
init_module_fn *shared_init;
struct tevent_context *event_ctx;
uint16_t stdin_event_flags;
NTSTATUS status;
const char *model = "standard";
int max_runtime = 0;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_PROCESS_MODEL
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
"Become a daemon (default)", NULL },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
"Run interactive (not a daemon)", NULL},
{"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
"Select process model", "MODEL"},
{"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0,
"set maximum runtime of the server process, till autotermination", "seconds"},
POPT_COMMON_SAMBA
POPT_COMMON_VERSION
{ NULL }
};
pc = poptGetContext(binary_name, argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
case OPT_DAEMON:
opt_daemon = true;
break;
case OPT_INTERACTIVE:
opt_interactive = true;
break;
case OPT_PROCESS_MODEL:
model = poptGetOptArg(pc);
break;
default:
fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
exit(1);
}
}
if (opt_daemon && opt_interactive) {
fprintf(stderr,"\nERROR: "
"Option -i|--interactive is not allowed together with -D|--daemon\n\n");
poptPrintUsage(pc, stderr, 0);
exit(1);
} else if (!opt_interactive) {
/* default is --daemon */
opt_daemon = true;
}
poptFreeContext(pc);
setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
setup_signals();
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask(0);
DEBUG(0,("%s version %s started.\n", binary_name, SAMBA_VERSION_STRING));
DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team 1992-2009\n"));
if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4 || sizeof(uint64_t) < 8) {
DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, sizeof(uint64_t) = %u\n",
(unsigned int)sizeof(uint16_t), (unsigned int)sizeof(uint32_t), (unsigned int)sizeof(uint64_t)));
exit(1);
}
if (opt_daemon) {
DEBUG(3,("Becoming a daemon.\n"));
become_daemon(true, false);
}
cleanup_tmp_files(cmdline_lp_ctx);
if (!directory_exist(lp_lockdir(cmdline_lp_ctx))) {
mkdir(lp_lockdir(cmdline_lp_ctx), 0755);
}
pidfile_create(lp_piddir(cmdline_lp_ctx), binary_name);
/* Do *not* remove this, until you have removed
* passdb/secrets.c, and proved that Samba still builds... */
/* Setup the SECRETS subsystem */
if (secrets_init(talloc_autofree_context(), cmdline_lp_ctx) == NULL) {
exit(1);
}
gensec_init(cmdline_lp_ctx); /* FIXME: */
ntptr_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization function
of the spoolss RPC server instead? */
ntvfs_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization functions
of the SMB[,2] server instead? */
process_model_init(cmdline_lp_ctx);
shared_init = load_samba_modules(NULL, cmdline_lp_ctx, "service");
run_init_functions(static_init);
run_init_functions(shared_init);
talloc_free(shared_init);
/* the event context is the top level structure in smbd. Everything else
should hang off that */
event_ctx = s4_event_context_init(talloc_autofree_context());
if (event_ctx == NULL) {
DEBUG(0,("Initializing event context failed\n"));
return 1;
}
if (opt_interactive) {
/* terminate when stdin goes away */
stdin_event_flags = TEVENT_FD_READ;
} else {
/* stay alive forever */
stdin_event_flags = 0;
}
/* catch EOF on stdin */
#ifdef SIGTTIN
signal(SIGTTIN, SIG_IGN);
#endif
tevent_add_fd(event_ctx, event_ctx, 0, stdin_event_flags,
server_stdin_handler,
discard_const(binary_name));
if (max_runtime) {
tevent_add_timer(event_ctx, event_ctx,
timeval_current_ofs(max_runtime, 0),
max_runtime_handler,
discard_const(binary_name));
}
DEBUG(0,("%s: using '%s' process model\n", binary_name, model));
status = server_service_startup(event_ctx, cmdline_lp_ctx, model,
lp_server_services(cmdline_lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("Starting Services failed - %s\n", nt_errstr(status)));
return 1;
}
/* wait for events - this is where smbd sits for most of its
life */
tevent_loop_wait(event_ctx);
/* as everything hangs off this event context, freeing it
should initiate a clean shutdown of all services */
talloc_free(event_ctx);
return 0;
}
int psec_setsec(char *printer)
{
DOM_SID user_sid, group_sid;
SEC_ACE *ace_list = NULL;
SEC_ACL *dacl = NULL;
SEC_DESC *sd;
SEC_DESC_BUF *sdb = NULL;
int result = 0, num_aces = 0;
fstring line, keystr, tdb_path;
size_t size;
prs_struct ps;
TALLOC_CTX *mem_ctx = NULL;
BOOL has_user_sid = False, has_group_sid = False;
ZERO_STRUCT(ps);
/* Open tdb for reading */
slprintf(tdb_path, sizeof(tdb_path) - 1, "%s/ntdrivers.tdb",
lp_lockdir());
tdb = tdb_open(tdb_path, 0, 0, O_RDWR, 0600);
if (!tdb) {
printf("psec: failed to open nt drivers database: %s\n",
sys_errlist[errno]);
result = 1;
goto done;
}
/* Read owner and group sid */
fgets(line, sizeof(fstring), stdin);
if (line[0] != '\n') {
string_to_sid(&user_sid, line);
has_user_sid = True;
}
fgets(line, sizeof(fstring), stdin);
if (line[0] != '\n') {
string_to_sid(&group_sid, line);
has_group_sid = True;
}
/* Read ACEs from standard input for discretionary ACL */
while(fgets(line, sizeof(fstring), stdin)) {
int ace_type, ace_flags;
uint32 ace_mask;
fstring sidstr;
DOM_SID sid;
SEC_ACCESS sa;
if (sscanf(line, "%d %d 0x%x %s", &ace_type, &ace_flags,
&ace_mask, sidstr) != 4) {
continue;
}
string_to_sid(&sid, sidstr);
ace_list = Realloc(ace_list, sizeof(SEC_ACE) *
(num_aces + 1));
init_sec_access(&sa, ace_mask);
init_sec_ace(&ace_list[num_aces], &sid, ace_type, sa,
ace_flags);
num_aces++;
}
dacl = make_sec_acl(ACL_REVISION, num_aces, ace_list);
free(ace_list);
/* Create security descriptor */
sd = make_sec_desc(SEC_DESC_REVISION,
has_user_sid ? &user_sid : NULL,
has_group_sid ? &group_sid : NULL,
NULL, /* System ACL */
dacl, /* Discretionary ACL */
&size);
free_sec_acl(&dacl);
sdb = make_sec_desc_buf(size, sd);
free_sec_desc(&sd);
/* Write security descriptor to tdb */
mem_ctx = talloc_init();
if (!mem_ctx) {
printf("memory allocation error\n");
result = 1;
goto done;
}
prs_init(&ps, (uint32)sec_desc_size(sdb->sec) +
sizeof(SEC_DESC_BUF), 4, mem_ctx, MARSHALL);
if (!sec_io_desc_buf("nt_printing_setsec", &sdb, &ps, 1)) {
printf("sec_io_desc_buf failed\n");
goto done;
}
slprintf(keystr, sizeof(keystr) - 1, "SECDESC/%s", printer);
if (!tdb_prs_store(tdb, keystr, &ps)==0) {
printf("Failed to store secdesc for %s\n", printer);
goto done;
}
done:
if (tdb) tdb_close(tdb);
if (sdb) free_sec_desc_buf(&sdb);
if (mem_ctx) talloc_destroy(mem_ctx);
prs_mem_free(&ps);
return result;
}
int psec_setsec(char *printer)
{
struct dom_sid user_sid, group_sid;
SEC_ACE *ace_list = NULL;
SEC_ACL *dacl = NULL;
SEC_DESC *sd;
SEC_DESC_BUF *sdb = NULL;
int result = 0, num_aces = 0;
fstring line, keystr, tdb_path;
size_t size;
prs_struct ps;
TALLOC_CTX *mem_ctx = NULL;
BOOL has_user_sid = False, has_group_sid = False;
ZERO_STRUCT(ps);
/* Open tdb for reading */
slprintf(tdb_path, sizeof(tdb_path) - 1, "%s/ntdrivers.tdb",
lp_lockdir());
tdb = tdb_open(tdb_path, 0, 0, O_RDWR, 0600);
if (!tdb) {
printf("psec: failed to open nt drivers database: %s\n",
sys_errlist[errno]);
result = 1;
goto done;
}
/* Read owner and group sid */
fgets(line, sizeof(fstring), stdin);
if (line[0] != '\n') {
string_to_sid(&user_sid, line);
has_user_sid = True;
}
fgets(line, sizeof(fstring), stdin);
if (line[0] != '\n') {
string_to_sid(&group_sid, line);
has_group_sid = True;
}
/* Read ACEs from standard input for discretionary ACL */
while(fgets(line, sizeof(fstring), stdin)) {
int ace_type, ace_flags;
uint32 ace_mask;
fstring sidstr;
struct dom_sid sid;
SEC_ACCESS sa;
if (sscanf(line, "%d %d 0x%x %s", &ace_type, &ace_flags,
&ace_mask, sidstr) != 4) {
continue;
}
string_to_sid(&sid, sidstr);
ace_list = Realloc(ace_list, sizeof(SEC_ACE) *
(num_aces + 1));
init_sec_access(&sa, ace_mask);
init_sec_ace(&ace_list[num_aces], &sid, ace_type, sa,
ace_flags);
num_aces++;
}
dacl = make_sec_acl(ACL_REVISION, num_aces, ace_list);
free(ace_list);
/* Create security descriptor */
sd = make_sec_desc(SEC_DESC_REVISION,
has_user_sid ? &user_sid : NULL,
has_group_sid ? &group_sid : NULL
int psec_getsec(char *printer)
{
SEC_DESC_BUF *secdesc_ctr = NULL;
TALLOC_CTX *mem_ctx = NULL;
fstring keystr, sidstr, tdb_path;
prs_struct ps;
int result = 0, i;
ZERO_STRUCT(ps);
/* Open tdb for reading */
slprintf(tdb_path, sizeof(tdb_path) - 1, "%s/ntdrivers.tdb",
lp_lockdir());
tdb = tdb_open(tdb_path, 0, 0, O_RDONLY, 0600);
if (!tdb) {
printf("psec: failed to open nt drivers database: %s\n",
sys_errlist[errno]);
return 1;
}
/* Get security blob from tdb */
slprintf(keystr, sizeof(keystr) - 1, "SECDESC/%s", printer);
mem_ctx = talloc_init();
if (!mem_ctx) {
printf("memory allocation error\n");
result = 1;
goto done;
}
if (tdb_prs_fetch(tdb, keystr, &ps, mem_ctx) != 0) {
printf("error fetching descriptor for printer %s\n",
printer);
/* cannot do a prs_mem_free() when tdb_prs_fetch fails */
/* as the prs structure has not been initialized */
tdb_close(tdb);
talloc_destroy(mem_ctx);
return 1;
}
/* Unpack into security descriptor buffer */
if (!sec_io_desc_buf("nt_printing_getsec", &secdesc_ctr, &ps, 1)) {
printf("error unpacking sec_desc_buf\n");
result = 1;
goto done;
}
/* Print owner and group sid */
if (secdesc_ctr->sec->owner_sid) {
sid_to_string(sidstr, secdesc_ctr->sec->owner_sid);
} else {
fstrcpy(sidstr, "");
}
printf("%s\n", sidstr);
if (secdesc_ctr->sec->grp_sid) {
sid_to_string(sidstr, secdesc_ctr->sec->grp_sid);
} else {
fstrcpy(sidstr, "");
}
printf("%s\n", sidstr);
/* Print aces */
if (!secdesc_ctr->sec->dacl) {
result = 0;
goto done;
}
for (i = 0; i < secdesc_ctr->sec->dacl->num_aces; i++) {
SEC_ACE *ace = &secdesc_ctr->sec->dacl->ace[i];
sid_to_string(sidstr, &ace->sid);
printf("%d %d 0x%08x %s\n", ace->type, ace->flags,
ace->info.mask, sidstr);
}
done:
if (tdb) tdb_close(tdb);
if (mem_ctx) talloc_destroy(mem_ctx);
if (secdesc_ctr) free_sec_desc_buf(&secdesc_ctr);
prs_mem_free(&ps);
return result;
}
