void
sfssrv_sockpath::launch ()
{
int fd = unixsocket_connect (path);
if (fd < 0)
warn << path << ": " << strerror (errno) << "\n";
else
setx (axprt_unix::alloc (fd));
}
int
agentconn::cagent_fd (bool required)
{
if (agentfd >= 0)
return agentfd;
static rxx sockfdre ("^-(\\d+)?$");
if (agentsock && sockfdre.search (agentsock)) {
if (sockfdre[1])
agentfd = atoi (sockfdre[1]);
else
agentfd = 0;
if (!isunixsocket (agentfd))
fatal << "fd specified with '-S' not unix domain socket\n";
}
else if (agentsock) {
agentfd = unixsocket_connect (agentsock);
if (agentfd < 0 && required)
fatal ("%s: %m\n", agentsock.cstr ());
}
else if (ccd (false)) {
int32_t res;
if (clnt_stat err = ccd ()->scall (AGENT_GETAGENT, NULL, &res)) {
if (required)
fatal << "sfscd: " << err << "\n";
}
else if (res) {
if (required)
fatal << "connecting to agent via sfscd: " << strerror (res) << "\n";
}
else if ((agentfd = sfscdxprt->recvfd ()) < 0) {
fatal << "connecting to agent via sfscd: "
<< "could not get file descriptor\n";
}
}
else {
if (str sock = agent_usersock (true))
agentfd = unixsocket_connect (sock);
if (agentfd < 0 && required)
fatal << "sfscd not running and no standalone agent socket\n";
}
return agentfd;
}
ptr<aclnt>
dhblock_srv::get_maint_aclnt (str msock)
{
int fd = unixsocket_connect (msock);
if (fd < 0)
fatal ("get_maint_aclnt: Error connecting to %s: %m\n", msock.cstr ());
make_async (fd);
ptr<aclnt> c = aclnt::alloc (axprt_unix::alloc (fd, 1024*1025),
maint_program_1);
return c;
}
dhashclient::dhashclient (str sockname)
{
int fd = unixsocket_connect(sockname);
if (fd < 0) {
fatal ("dhashclient: Error connecting to %s: %s\n",
sockname.cstr (), strerror (errno));
}
gwclnt = aclnt::alloc
(axprt_unix::alloc (fd, 1024*1025), dhashgateway_program_1);
}
static ptr<aclnt>
lsdctl_connect (str sockname)
{
int fd = unixsocket_connect (sockname);
if (fd < 0) {
fatal ("lsdctl_connect: Error connecting to %s: %s\n",
sockname.cstr (), strerror (errno));
}
ptr<aclnt> c = aclnt::alloc (axprt_unix::alloc (fd, 10*1024),
lsdctl_prog_1);
return c;
}
void
sfs_unixserv (str sock, cbi cb, mode_t mode)
{
/* We set the permissions of the socket because on some OS's this
* gives an extra measure of protection. However, the real
* protection comes from the fact that sfssockdir is not world
* readable or executable. */
mode_t m = runinplace ? umask (0) : umask (~(mode & 0777));
int lfd = unixsocket (sock);
if (lfd < 0 && errno == EADDRINUSE) {
/* XXX - This is a slightly race-prone way of cleaning up after a
* server bails without unlinking the socket. If we can't connect
* to the socket, it's dead and should be unlinked and rebound.
* Two daemons's could do this simultaneously, however. */
int fd = unixsocket_connect (sock);
if (fd < 0) {
unlink (sock);
lfd = unixsocket (sock);
}
else {
close (fd);
errno = EADDRINUSE;
}
}
if (lfd < 0)
fatal ("%s: %m\n", sock.cstr ());
sockets.push_back (sock);
umask (m);
listen (lfd, 5);
make_async (lfd);
fdcb (lfd, selread, wrap (accept_cb, lfd, cb));
#if 0 /* A nice idea that unfortunately doesn't work... */
struct stat sb1, sb2;
if (stat (sock, &sb1) < 0 || fstat (lfd, &sb2) < 0)
fatal ("%s: %m\n", sock);
if (sb1.st_ino != sb2.st_ino || sb1.st_dev != sb2.st_dev)
fatal ("%s: changed while binding\n", sock);
#endif
}
static bool
gid_alloc (gid_t *gidp, uid_t uid)
{
str path (sfssockdir << "/agent.sock");
int fd = unixsocket_connect (path);
if (fd < 0) {
warn << path << ": " << strerror (errno) << "\n";
return false;
}
close_on_exec (fd);
AUTH *auth = authunixint_create ("localhost", uid, getgid (), 0, NULL);
if (!auth)
fatal ("could not create RPC authunix credentials\n");
int32_t res (EIO);
srpc_callraw (fd, SETUID_PROG, SETUID_VERS, SETUIDPROC_SETUID,
xdr_void, NULL, xdr_int32_t, &res, auth);
if (res) {
close (fd);
warn ("sfscd rejected credentials: %s\n", strerror (errno));
return false;
}
u_int32_t gid (static_cast<u_int32_t> (sfs_badgid));
clnt_stat stat = srpc_callraw (fd, AGENT_PROG, AGENT_VERS, AGENT_AIDALLOC,
xdr_void, NULL, xdr_u_int32_t, &gid, NULL);
close (fd);
if (stat || gid < sfs_resvgid_start
|| gid >= (sfs_resvgid_start + sfs_resvgid_count)) {
warn << "no free group IDs.\n";
return false;
}
*gidp = static_cast<gid_t> (gid);
return true;
}
