int main(int argc, char *argv[]) { const enum master_service_flags service_flags = MASTER_SERVICE_FLAG_UPDATE_PROCTITLE; const char *error; master_service = master_service_init("ipc", service_flags, &argc, &argv, ""); if (master_getopt(master_service) > 0) return FATAL_DEFAULT; if (master_service_settings_read_simple(master_service, NULL, &error) < 0) i_fatal("Error reading configuration: %s", error); master_service_init_log(master_service, "ipc: "); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); ipc_groups_init(); master_service_init_finish(master_service); master_service_run(master_service, client_connected); clients_destroy_all(); ipc_groups_deinit(); master_service_deinit(&master_service); return 0; }
int main(int argc, char *argv[]) { const char *error; master_service = master_service_init("indexer", 0, &argc, &argv, ""); if (master_getopt(master_service) > 0) return FATAL_DEFAULT; if (master_service_settings_read_simple(master_service, NULL, &error) < 0) i_fatal("Error reading configuration: %s", error); set = master_service_settings_get(master_service); master_service_init_log(master_service, "indexer: "); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); master_service_set_idle_die_callback(master_service, idle_die); queue = indexer_queue_init(indexer_client_status_callback); indexer_queue_set_listen_callback(queue, queue_listen_callback); worker_pool = worker_pool_init("indexer-worker", worker_status_callback); master_service_init_finish(master_service); master_service_run(master_service, client_connected); indexer_queue_cancel_all(queue); indexer_clients_destroy_all(); worker_pool_deinit(&worker_pool); indexer_queue_deinit(&queue); master_service_deinit(&master_service); return 0; }
int main(int argc, char *argv[]) { const struct setting_parser_info *set_roots[] = { &aggregator_setting_parser_info, NULL }; const char *error; master_service = master_service_init("aggregator", 0, &argc, &argv, ""); if (master_getopt(master_service) > 0) return FATAL_DEFAULT; if (master_service_settings_read_simple(master_service, set_roots, &error) < 0) i_fatal("Error reading configuration: %s", error); master_service_init_log(master_service, "aggregator: "); main_preinit(); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); master_service_init_finish(master_service); master_service_run(master_service, client_connected); notify_connections_destroy_all(); replicator_connection_destroy(&replicator); master_service_deinit(&master_service); return 0; }
int main(int argc, char *argv[]) { const char *path, *error; master_service = master_service_init("config", 0, &argc, &argv, NULL); if (master_getopt(master_service) > 0) return FATAL_DEFAULT; master_service_init_log(master_service, "config: "); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); master_service_init_finish(master_service); config_parse_load_modules(); path = master_service_get_config_path(master_service); if (config_parse_file(path, TRUE, "", &error) <= 0) i_fatal("%s", error); master_service_run(master_service, client_connected); config_connections_destroy_all(); config_filter_deinit(&config_filter); module_dir_unload(&modules); master_service_deinit(&master_service); return 0; }
int main(int argc, char *argv[]) { const char *path, *error; master_service = master_service_init("config", 0, &argc, &argv, ""); if (master_getopt(master_service) > 0) return FATAL_DEFAULT; master_service_init_log(master_service, "config: "); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); config_parse_load_modules(); path = master_service_get_config_path(master_service); if (config_parse_file(path, TRUE, NULL, &error) <= 0) i_fatal("%s", error); /* notify about our success only after successfully parsing the config file, so if the parsing fails, master won't immediately just recreate this process (and fail again and so on). */ master_service_init_finish(master_service); master_service_run(master_service, client_connected); config_connections_destroy_all(); config_filter_deinit(&config_filter); module_dir_unload(&modules); master_service_deinit(&master_service); return 0; }
int main(int argc, char *argv[]) { ARRAY_TYPE(const_string) aenvs; const char *binary; const char *const *envs; int c, i; master_service = master_service_init("script", 0, &argc, &argv, "+e:"); t_array_init(&aenvs, 16); while ((c = master_getopt(master_service)) > 0) { switch (c) { case 'e': envs = t_strsplit_spaces(optarg,", \t"); while (*envs != NULL) { array_append(&aenvs, envs, 1); envs++; } break; default: return FATAL_DEFAULT; } } argc -= optind; argv += optind; array_append_zero(&aenvs); accepted_envs = p_strarray_dup(default_pool, array_idx(&aenvs, 0)); master_service_init_log(master_service, "script: "); if (argv[0] == NULL) i_fatal("Missing script path"); restrict_access_by_env(RESTRICT_ACCESS_FLAG_ALLOW_ROOT, NULL); restrict_access_allow_coredumps(TRUE); master_service_init_finish(master_service); master_service_set_service_count(master_service, 1); if (argv[0][0] == '/') binary = argv[0]; else binary = t_strconcat(PKG_LIBEXECDIR"/", argv[0], NULL); i_array_init(&exec_args, argc + 16); array_append(&exec_args, &binary, 1); for (i = 1; i < argc; i++) { const char *arg = argv[i]; array_append(&exec_args, &arg, 1); } master_service_run(master_service, client_connected); array_free(&exec_args); i_free(accepted_envs); master_service_deinit(&master_service); return 0; }
int main(int argc, char *argv[]) { enum master_service_flags flags = 0; int i, c; if (getenv(MASTER_IS_PARENT_ENV) == NULL) flags |= MASTER_SERVICE_FLAG_STANDALONE; master_service = master_service_init("script-login", flags, &argc, &argv, "+d"); while ((c = master_getopt(master_service)) > 0) { switch (c) { case 'd': drop_to_userdb_privileges = TRUE; break; default: return FATAL_DEFAULT; } } argc -= optind; argv += optind; master_service_init_log(master_service, "script-login: "******"Missing script path"); exec_args = i_new(const char *, argc + 2); for (i = 0; i < argc; i++) exec_args[i] = argv[i]; exec_args[i] = PKG_LIBEXECDIR"/script-login"; exec_args[i+1] = NULL; if (exec_args[0][0] != '/') { exec_args[0] = t_strconcat(PKG_LIBEXECDIR"/", exec_args[0], NULL); } master_service_run(master_service, client_connected); } master_service_deinit(&master_service); return 0; }
static void main_preinit(void) { /* Maybe needed. Have to open /dev/urandom before possible chrooting. */ random_init(); /* Load built-in SQL drivers (if any) */ sql_drivers_init(); sql_drivers_register_all(); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); }
static void main_preinit(void) { struct module_dir_load_settings mod_set; i_zero(&mod_set); mod_set.abi_version = DOVECOT_ABI_VERSION; mod_set.require_init_funcs = TRUE; modules = module_dir_load(STATS_MODULE_DIR, NULL, &mod_set); module_dir_init(modules); restrict_access_by_env(RESTRICT_ACCESS_FLAG_ALLOW_ROOT, NULL); restrict_access_allow_coredumps(TRUE); }
static void main_preinit(void) { struct module_dir_load_settings mod_set; memset(&mod_set, 0, sizeof(mod_set)); mod_set.abi_version = DOVECOT_ABI_VERSION; mod_set.require_init_funcs = TRUE; modules = module_dir_load(STATS_MODULE_DIR, NULL, &mod_set); module_dir_init(modules); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); }
int main(int argc, char *argv[]) { master_service = master_service_init("dns-client", 0, &argc, &argv, ""); if (master_getopt(master_service) > 0) return FATAL_DEFAULT; master_service_init_log(master_service, "dns-client: "); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); master_service_init_finish(master_service); master_service_run(master_service, client_connected); if (dns_client != NULL) dns_client_destroy(&dns_client); master_service_deinit(&master_service); return 0; }
static void drop_privileges(void) { struct restrict_access_settings set; const char *error; /* by default we don't drop any privileges, but keep running as root. */ restrict_access_get_env(&set); if (set.uid != 0) { /* open config connection before dropping privileges */ struct master_service_settings_input input; struct master_service_settings_output output; memset(&input, 0, sizeof(input)); input.module = "lmtp"; input.service = "lmtp"; (void)master_service_settings_read(master_service, &input, &output, &error); } restrict_access_by_env(NULL, FALSE); }
static void drop_privileges(void) { struct restrict_access_settings set; const char *error; /* by default we don't drop any privileges, but keep running as root. */ restrict_access_get_env(&set); if (set.uid != 0) { /* open config connection before dropping privileges */ struct master_service_settings_input input; struct master_service_settings_output output; i_zero(&input); input.module = "mail"; input.service = "indexer-worker"; (void)master_service_settings_read(master_service, &input, &output, &error); } restrict_access_by_env(RESTRICT_ACCESS_FLAG_ALLOW_ROOT, NULL); }
int main(int argc, char *argv[]) { const char *binary; int i; master_service = master_service_init("script", 0, &argc, &argv, "+"); if (master_getopt(master_service) > 0) return FATAL_DEFAULT; argc -= optind; argv += optind; master_service_init_log(master_service, "script: "); if (argv[0] == NULL) i_fatal("Missing script path"); restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); master_service_init_finish(master_service); master_service_set_service_count(master_service, 1); if (argv[0][0] == '/') binary = argv[0]; else binary = t_strconcat(PKG_LIBEXECDIR"/", argv[0], NULL); i_array_init(&exec_args, argc + 16); array_append(&exec_args, &binary, 1); for (i = 1; i < argc; i++) { const char *arg = argv[i]; array_append(&exec_args, &arg, 1); } master_service_run(master_service, client_connected); master_service_deinit(&master_service); return 0; }
static void client_connected(struct master_service_connection *conn) { enum mail_storage_service_flags flags = MAIL_STORAGE_SERVICE_FLAG_NO_PLUGINS; string_t *instr, *keys; const char **args, *key, *value, *error, *version_line, *data_line; struct mail_storage_service_ctx *service_ctx; struct mail_storage_service_input input; struct mail_storage_service_user *user; char buf[1024]; unsigned int i, socket_count; int fd = -1; ssize_t ret; alarm(SCRIPT_LOGIN_READ_TIMEOUT_SECS); net_set_nonblock(conn->fd, FALSE); instr = t_str_new(1024); ret = fd_read(conn->fd, buf, sizeof(buf), &fd); while (ret > 0) { str_append_n(instr, buf, ret); if (buf[ret-1] == '\n' && strchr(str_c(instr), '\n')[1] != '\0') { str_truncate(instr, str_len(instr)-1); break; } ret = read(conn->fd, buf, sizeof(buf)); } version_line = str_c(instr); data_line = strchr(version_line, '\n'); if (data_line != NULL) version_line = t_strdup_until(version_line, data_line++); else version_line = NULL; if (ret > 0 || version_line != NULL) { if (version_line == NULL || !version_string_verify(version_line, "script-login", SCRIPT_LOGIN_PROTOCOL_VERSION_MAJOR)) { i_fatal("Client not compatible with this binary " "(connecting to wrong socket?)"); } } if (ret <= 0) { if (ret < 0) i_fatal("read() failed: %m"); else i_fatal("read() failed: disconnected"); } if (fd == -1) i_fatal("client fd not received"); alarm(0); /* put everything to environment */ env_clean(); keys = t_str_new(256); args = t_strsplit_tab(data_line); if (str_array_length(args) < 3) i_fatal("Missing input fields"); i = 0; memset(&input, 0, sizeof(input)); input.module = "mail"; /* need to get mail_uid, mail_gid */ input.service = "script-login"; (void)net_addr2ip(args[i++], &input.local_ip); (void)net_addr2ip(args[i++], &input.remote_ip); input.username = args[i++]; input.userdb_fields = args + i; env_put(t_strconcat("LOCAL_IP=", net_ip2addr(&input.local_ip), NULL)); env_put(t_strconcat("IP=", net_ip2addr(&input.remote_ip), NULL)); env_put(t_strconcat("USER="******"%s ", key); } } env_put(t_strconcat(ENV_USERDB_KEYS"=", str_c(keys), NULL)); master_service_init_log(master_service, t_strdup_printf("script-login(%s): ", input.username)); if (drop_to_userdb_privileges) { service_ctx = mail_storage_service_init(master_service, NULL, flags); if (mail_storage_service_lookup(service_ctx, &input, &user, &error) <= 0) i_fatal("%s", error); mail_storage_service_restrict_setenv(service_ctx, user); /* we can't exec anything in a chroot */ env_remove("RESTRICT_CHROOT"); restrict_access_by_env(getenv("HOME"), TRUE); } if (dup2(fd, STDIN_FILENO) < 0) i_fatal("dup2() failed: %m"); if (dup2(fd, STDOUT_FILENO) < 0) i_fatal("dup2() failed: %m"); if (close(fd) < 0) i_fatal("close() failed: %m"); if (conn->fd != SCRIPT_COMM_FD) { if (dup2(conn->fd, SCRIPT_COMM_FD) < 0) i_fatal("dup2() failed: %m"); if (close(conn->fd) < 0) i_fatal("close() failed: %m"); } /* close all listener sockets */ socket_count = master_service_get_socket_count(master_service); for (i = 0; i < socket_count; i++) { if (close(MASTER_LISTEN_FD_FIRST + i) < 0) i_error("close(listener) failed: %m"); } if (close(MASTER_STATUS_FD) < 0) i_error("close(status) failed: %m"); execvp_const(exec_args[0], exec_args); }
static void main_preinit(void) { restrict_access_by_env(NULL, FALSE); restrict_access_allow_coredumps(TRUE); }