/*!
* Pick a security class to use for an outgoing connection
*
* This function selects an RX security class to use for an outgoing
* connection, based on the set of security flags provided.
*
* @param[in] dir
* The configuration directory structure for this cell. If NULL,
* no classes requiring local configuration will be returned.
* @param[in] flags
* A set of flags to determine the properties of the security class which
* is selected
* - AFSCONF_SECOPTS_NOAUTH - return an anonymous secirty class
* - AFSCONF_SECOPTS_LOCALAUTH - use classes which have local key
* material available.
* - AFSCONF_SECOPTS_ALWAYSENCRYPT - use classes in encrypting, rather
* than authentication or integrity modes.
* - AFSCONF_SECOPTS_FALLBACK_NULL - if no suitable class can be found,
* then fallback to the rxnull security class.
* @param[in] info
* The cell information structure for the current cell. If this is NULL,
* then use a version locally obtained using the cellName.
* @param[in] cellName
* The cellName to use when obtaining cell information (may be NULL if
* info is specified)
* @param[out] sc
* The selected security class
* @param[out] scIndex
* The index of the selected security class
* @param[out] expires
* The expiry time of the tokens used to construct the class. Will be
* NEVER_DATE if the class has an unlimited lifetime. If NULL, the
* function won't store the expiry date.
*
* @return
* Returns 0 on success, or a com_err error code on failure.
*/
afs_int32
afsconf_PickClientSecObj(struct afsconf_dir *dir, afsconf_secflags flags,
struct afsconf_cell *info,
char *cellName, struct rx_securityClass **sc,
afs_int32 *scIndex, time_t *expires) {
struct afsconf_cell localInfo;
afs_int32 code = 0;
*sc = NULL;
*scIndex = RX_SECIDX_NULL;
if (expires)
expires = 0;
if ( !(flags & AFSCONF_SECOPTS_NOAUTH) ) {
if (!dir)
return AFSCONF_NOCELLDB;
if (flags & AFSCONF_SECOPTS_LOCALAUTH) {
code = afsconf_GetLatestKey(dir, 0, 0);
if (code)
goto out;
if (flags & AFSCONF_SECOPTS_ALWAYSENCRYPT)
code = afsconf_ClientAuthSecure(dir, sc, scIndex);
else
code = afsconf_ClientAuth(dir, sc, scIndex);
if (code)
goto out;
if (expires)
*expires = NEVERDATE;
} else {
if (info == NULL) {
code = afsconf_GetCellInfo(dir, cellName, NULL, &localInfo);
if (code)
goto out;
info = &localInfo;
}
code = afsconf_ClientAuthToken(info, flags, sc, scIndex, expires);
if (code && !(flags & AFSCONF_SECOPTS_FALLBACK_NULL))
goto out;
/* If we didn't get a token, we'll just run anonymously */
code = 0;
}
}
if (*sc == NULL) {
*sc = rxnull_NewClientSecurityObject();
*scIndex = RX_SECIDX_NULL;
if (expires)
*expires = NEVERDATE;
}
out:
return code;
}
static afs_int32
GenericAuth(struct afsconf_dir *adir,
struct rx_securityClass **astr,
afs_int32 *aindex,
rxkad_level enclevel)
{
char tbuffer[256];
struct ktc_encryptionKey key, session;
struct rx_securityClass *tclass;
afs_int32 kvno;
afs_int32 ticketLen;
register afs_int32 code;
/* first, find the right key and kvno to use */
code = afsconf_GetLatestKey(adir, &kvno, &key);
if (code) {
return QuickAuth(astr, aindex);
}
/* next create random session key, using key for seed to good random */
des_init_random_number_generator(ktc_to_cblock(&key));
code = des_random_key(ktc_to_cblock(&session));
if (code) {
return QuickAuth(astr, aindex);
}
/* now create the actual ticket */
ticketLen = sizeof(tbuffer);
memset(tbuffer, '\0', sizeof(tbuffer));
code =
tkt_MakeTicket(tbuffer, &ticketLen, &key, AUTH_SUPERUSER, "", "", 0,
0xffffffff, &session, 0, "afs", "");
/* parms were buffer, ticketlen, key to seal ticket with, principal
* name, instance and cell, start time, end time, session key to seal
* in ticket, inet host, server name and server instance */
if (code) {
return QuickAuth(astr, aindex);
}
/* Next, we have ticket, kvno and session key, authenticate the connection.
* We use a magic # instead of a constant because of basic compilation
* order when compiling the system from scratch (rx/rxkad.h isn't installed
* yet). */
tclass = (struct rx_securityClass *)
rxkad_NewClientSecurityObject(enclevel, &session, kvno, ticketLen,
tbuffer);
*astr = tclass;
*aindex = RX_SECIDX_KAD;
return 0;
}
static int
_GetLocalSecurityObject(struct afscp_cell *cell,
char *aname, char *ainst)
{
int code = 0;
char tbuffer[256];
struct ktc_encryptionKey key, session;
struct rx_securityClass *tc;
afs_int32 kvno;
afs_int32 ticketLen;
rxkad_level lev;
struct afsconf_dir *tdir;
tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH);
if (!tdir) {
code = AFSCONF_FAILURE;
goto done;
}
code = afsconf_GetLatestKey(tdir, &kvno, &key);
if (code) {
goto done;
}
DES_init_random_number_generator((DES_cblock *)&key);
code = DES_new_random_key((DES_cblock *)&session);
if (code) {
goto done;
}
ticketLen = sizeof(tbuffer);
memset(tbuffer, 0, sizeof(tbuffer));
code = tkt_MakeTicket(tbuffer, &ticketLen, &key, aname, ainst, "", 0,
0xffffffff, &session, 0, "afs", "");
if (code) {
goto done;
}
if (insecure) {
lev = rxkad_clear;
} else {
lev = rxkad_crypt;
}
tc = (struct rx_securityClass *)
rxkad_NewClientSecurityObject(lev, &session, kvno, ticketLen,
tbuffer);
if (!tc) {
code = RXKADBADKEY;
goto done;
}
cell->security = tc;
cell->scindex = 2;
done:
if (tdir) {
afsconf_Close(tdir);
}
return code;
}
afs_int32
pr_Initialize(IN afs_int32 secLevel, IN const char *confDir, IN char *cell)
{
afs_int32 code;
struct rx_connection *serverconns[MAXSERVERS];
struct rx_securityClass *sc = NULL;
static struct afsconf_dir *tdir = (struct afsconf_dir *)NULL; /* only do this once */
static char tconfDir[100] = "";
static char tcell[64] = "";
afs_int32 scIndex;
afs_int32 secFlags;
static struct afsconf_cell info;
afs_int32 i;
#if !defined(UKERNEL)
char cellstr[64];
#endif
afs_int32 gottdir = 0;
afs_int32 refresh = 0;
initialize_PT_error_table();
initialize_RXK_error_table();
initialize_ACFG_error_table();
initialize_KTC_error_table();
#if defined(UKERNEL)
if (!cell) {
cell = afs_LclCellName;
}
#else /* defined(UKERNEL) */
if (!cell) {
if (!tdir)
tdir = afsconf_Open(confDir);
if (!tdir) {
if (confDir && strcmp(confDir, ""))
fprintf(stderr,
"%s: Could not open configuration directory: %s.\n",
whoami, confDir);
else
fprintf(stderr,
"%s: No configuration directory specified.\n",
whoami);
return -1;
}
gottdir = 1;
code = afsconf_GetLocalCell(tdir, cellstr, sizeof(cellstr));
if (code) {
fprintf(stderr,
"libprot: Could not get local cell. [%d]\n", code);
return code;
}
cell = cellstr;
}
#endif /* defined(UKERNEL) */
if (tdir == NULL || strcmp(confDir, tconfDir) || strcmp(cell, tcell)) {
/*
* force re-evaluation. we either don't have an afsconf_dir,
* the directory has changed or the cell has changed.
*/
if (tdir && !gottdir) {
afsconf_Close(tdir);
tdir = (struct afsconf_dir *)NULL;
}
pruclient = (struct ubik_client *)NULL;
refresh = 1;
}
if (refresh) {
strncpy(tconfDir, confDir, sizeof(tconfDir));
strncpy(tcell, cell, sizeof(tcell));
#if defined(UKERNEL)
tdir = afs_cdir;
#else /* defined(UKERNEL) */
if (!gottdir)
tdir = afsconf_Open(confDir);
if (!tdir) {
if (confDir && strcmp(confDir, ""))
fprintf(stderr,
"libprot: Could not open configuration directory: %s.\n",
confDir);
else
fprintf(stderr,
"libprot: No configuration directory specified.\n");
return -1;
}
#endif /* defined(UKERNEL) */
code = afsconf_GetCellInfo(tdir, cell, "afsprot", &info);
if (code) {
fprintf(stderr, "libprot: Could not locate cell %s in %s/%s\n",
cell, confDir, AFSDIR_CELLSERVDB_FILE);
return code;
}
}
/* If we already have a client and it is at the security level we
* want, don't get a new one. Unless the security level is 2 in
* which case we will get one (and re-read the key file).
*/
if (pruclient && (lastLevel == secLevel) && (secLevel != 2)) {
return 0;
}
code = rx_Init(0);
if (code) {
fprintf(stderr, "libprot: Could not initialize rx.\n");
return code;
}
/* Most callers use secLevel==1, however, the fileserver uses secLevel==2
* to force use of the KeyFile. secLevel == 0 implies -noauth was
* specified. */
if (secLevel == 2) {
code = afsconf_GetLatestKey(tdir, 0, 0);
if (code) {
afs_com_err(whoami, code, "(getting key from local KeyFile)\n");
} else {
/* If secLevel is two assume we're on a file server and use
* ClientAuthSecure if possible. */
code = afsconf_ClientAuthSecure(tdir, &sc, &scIndex);
if (code)
afs_com_err(whoami, code, "(calling client secure)\n");
}
} else if (secLevel > 0) {
secFlags = 0;
if (secLevel > 1)
secFlags |= AFSCONF_SECOPTS_ALWAYSENCRYPT;
code = afsconf_ClientAuthToken(&info, secFlags, &sc, &scIndex, NULL);
if (code) {
afs_com_err(whoami, code, "(getting token)");
if (secLevel > 1)
return code;
}
}
if (sc == NULL) {
sc = rxnull_NewClientSecurityObject();
scIndex = RX_SECIDX_NULL;
}
if ((scIndex == RX_SECIDX_NULL) && (secLevel != 0))
fprintf(stderr,
"%s: Could not get afs tokens, running unauthenticated\n",
whoami);
memset(serverconns, 0, sizeof(serverconns)); /* terminate list!!! */
for (i = 0; i < info.numServers; i++)
serverconns[i] =
rx_NewConnection(info.hostAddr[i].sin_addr.s_addr,
info.hostAddr[i].sin_port, PRSRV, sc,
scIndex);
code = ubik_ClientInit(serverconns, &pruclient);
if (code) {
afs_com_err(whoami, code, "ubik client init failed.");
return code;
}
lastLevel = scIndex;
code = rxs_Release(sc);
return code;
}
int
main(int argc, char **argv)
{
register afs_int32 code;
afs_uint32 myHost;
register struct hostent *th;
char hostname[64];
struct rx_service *tservice;
struct rx_securityClass **securityClasses;
afs_int32 numClasses;
int kerberosKeys; /* set if found some keys */
int lwps = 3;
char clones[MAXHOSTSPERCELL];
afs_uint32 host = htonl(INADDR_ANY);
const char *pr_dbaseName;
char *whoami = "ptserver";
int a;
char arg[100];
char *auditFileName = NULL;
#ifdef AFS_AIX32_ENV
/*
* The following signal action for AIX is necessary so that in case of a
* crash (i.e. core is generated) we can include the user's data section
* in the core dump. Unfortunately, by default, only a partial core is
* generated which, in many cases, isn't too useful.
*/
struct sigaction nsa;
sigemptyset(&nsa.sa_mask);
nsa.sa_handler = SIG_DFL;
nsa.sa_flags = SA_FULLDUMP;
sigaction(SIGABRT, &nsa, NULL);
sigaction(SIGSEGV, &nsa, NULL);
#endif
osi_audit_init();
osi_audit(PTS_StartEvent, 0, AUD_END);
/* Initialize dirpaths */
if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
#ifdef AFS_NT40_ENV
ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0);
#endif
fprintf(stderr, "%s: Unable to obtain AFS server directory.\n",
argv[0]);
exit(2);
}
pr_dbaseName = AFSDIR_SERVER_PRDB_FILEPATH;
#if defined(SUPERGROUPS)
/* make sure the structures for database records are the same size */
if ((sizeof(struct prentry) != ENTRYSIZE)
|| (sizeof(struct prentryg) != ENTRYSIZE)) {
fprintf(stderr,
"The structures for the database records are different"
" sizes\n" "struct prentry = %" AFS_SIZET_FMT "\n"
"struct prentryg = %" AFS_SIZET_FMT "\n"
"ENTRYSIZE = %d\n", sizeof(struct prentry),
sizeof(struct prentryg), ENTRYSIZE);
PT_EXIT(1);
}
#endif
for (a = 1; a < argc; a++) {
int alen;
lcstring(arg, argv[a], sizeof(arg));
alen = strlen(arg);
if (strcmp(argv[a], "-d") == 0) {
if ((a + 1) >= argc) {
fprintf(stderr, "missing argument for -d\n");
return -1;
}
debuglevel = atoi(argv[++a]);
LogLevel = debuglevel;
} else if ((strncmp(arg, "-database", alen) == 0)
|| (strncmp(arg, "-db", alen) == 0)) {
pr_dbaseName = argv[++a]; /* specify a database */
} else if (strncmp(arg, "-p", alen) == 0) {
lwps = atoi(argv[++a]);
if (lwps > 16) { /* maximum of 16 */
printf("Warning: '-p %d' is too big; using %d instead\n",
lwps, 16);
lwps = 16;
} else if (lwps < 3) { /* minimum of 3 */
printf("Warning: '-p %d' is too small; using %d instead\n",
lwps, 3);
lwps = 3;
}
#if defined(SUPERGROUPS)
} else if ((strncmp(arg, "-groupdepth", alen) == 0)
|| (strncmp(arg, "-depth", alen) == 0)) {
depthsg = atoi(argv[++a]); /* Max search depth for supergroups */
#endif
} else if (strncmp(arg, "-default_access", alen) == 0) {
prp_user_default = prp_access_mask(argv[++a]);
prp_group_default = prp_access_mask(argv[++a]);
}
else if (strncmp(arg, "-restricted", alen) == 0) {
restricted = 1;
}
else if (strncmp(arg, "-rxbind", alen) == 0) {
rxBind = 1;
}
else if (strncmp(arg, "-allow-dotted-principals", alen) == 0) {
rxkadDisableDotCheck = 1;
}
else if (strncmp(arg, "-enable_peer_stats", alen) == 0) {
rx_enablePeerRPCStats();
} else if (strncmp(arg, "-enable_process_stats", alen) == 0) {
rx_enableProcessRPCStats();
}
#ifndef AFS_NT40_ENV
else if (strncmp(arg, "-syslog", alen) == 0) {
/* set syslog logging flag */
serverLogSyslog = 1;
} else if (strncmp(arg, "-syslog=", MIN(8, alen)) == 0) {
serverLogSyslog = 1;
serverLogSyslogFacility = atoi(arg + 8);
}
#endif
else if (strncmp(arg, "-auditlog", alen) == 0) {
auditFileName = argv[++a];
} else if (strncmp(arg, "-audit-interface", alen) == 0) {
char *interface = argv[++a];
if (osi_audit_interface(interface)) {
printf("Invalid audit interface '%s'\n", interface);
PT_EXIT(1);
}
}
else if (!strncmp(arg, "-rxmaxmtu", alen)) {
if ((a + 1) >= argc) {
fprintf(stderr, "missing argument for -rxmaxmtu\n");
PT_EXIT(1);
}
rxMaxMTU = atoi(argv[++a]);
if ((rxMaxMTU < RX_MIN_PACKET_SIZE) ||
(rxMaxMTU > RX_MAX_PACKET_DATA_SIZE)) {
printf("rxMaxMTU %d invalid; must be between %d-%" AFS_SIZET_FMT "\n",
rxMaxMTU, RX_MIN_PACKET_SIZE,
RX_MAX_PACKET_DATA_SIZE);
PT_EXIT(1);
}
}
else if (*arg == '-') {
/* hack in help flag support */
#if defined(SUPERGROUPS)
#ifndef AFS_NT40_ENV
printf("Usage: ptserver [-database <db path>] "
"[-auditlog <log path>] "
"[-audit-interface <file|sysvmq> (default is file)] "
"[-syslog[=FACILITY]] [-d <debug level>] "
"[-p <number of processes>] [-rebuild] "
"[-groupdepth <depth>] "
"[-restricted] [-rxmaxmtu <bytes>] [-rxbind] "
"[-allow-dotted-principals] "
"[-enable_peer_stats] [-enable_process_stats] "
"[-default_access default_user_access default_group_access] "
"[-help]\n");
#else /* AFS_NT40_ENV */
printf("Usage: ptserver [-database <db path>] "
"[-auditlog <log path>] "
"[-audit-interface <file|sysvmq> (default is file)] "
"[-d <debug level>] "
"[-p <number of processes>] [-rebuild] [-rxbind] "
"[-allow-dotted-principals] "
"[-default_access default_user_access default_group_access] "
"[-restricted] [-rxmaxmtu <bytes>] [-rxbind] "
"[-groupdepth <depth>] " "[-help]\n");
#endif
#else
#ifndef AFS_NT40_ENV
printf("Usage: ptserver [-database <db path>] "
"[-auditlog <log path>] "
"[-audit-interface <file|sysvmq> (default is file)] "
"[-d <debug level>] "
"[-syslog[=FACILITY]] "
"[-p <number of processes>] [-rebuild] "
"[-enable_peer_stats] [-enable_process_stats] "
"[-default_access default_user_access default_group_access] "
"[-restricted] [-rxmaxmtu <bytes>] [-rxbind] "
"[-allow-dotted-principals] "
"[-help]\n");
#else /* AFS_NT40_ENV */
printf("Usage: ptserver [-database <db path>] "
"[-auditlog <log path>] [-d <debug level>] "
"[-default_access default_user_access default_group_access] "
"[-restricted] [-rxmaxmtu <bytes>] [-rxbind] "
"[-allow-dotted-principals] "
"[-p <number of processes>] [-rebuild] " "[-help]\n");
#endif
#endif
fflush(stdout);
PT_EXIT(1);
}
#if defined(SUPERGROUPS)
else {
fprintf(stderr, "Unrecognized arg: '%s' ignored!\n", arg);
}
#endif
}
if (auditFileName) {
osi_audit_file(auditFileName);
osi_audit(PTS_StartEvent, 0, AUD_END);
}
#ifndef AFS_NT40_ENV
serverLogSyslogTag = "ptserver";
#endif
OpenLog(AFSDIR_SERVER_PTLOG_FILEPATH); /* set up logging */
SetupLogSignals();
prdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH);
if (!prdir) {
fprintf(stderr, "ptserver: can't open configuration directory.\n");
PT_EXIT(1);
}
if (afsconf_GetNoAuthFlag(prdir))
printf("ptserver: running unauthenticated\n");
#ifdef AFS_NT40_ENV
/* initialize winsock */
if (afs_winsockInit() < 0) {
ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0);
fprintf(stderr, "ptserver: couldn't initialize winsock. \n");
PT_EXIT(1);
}
#endif
/* get this host */
gethostname(hostname, sizeof(hostname));
th = gethostbyname(hostname);
if (!th) {
fprintf(stderr, "ptserver: couldn't get address of this host.\n");
PT_EXIT(1);
}
memcpy(&myHost, th->h_addr, sizeof(afs_uint32));
/* get list of servers */
code =
afsconf_GetExtendedCellInfo(prdir, NULL, "afsprot", &info, clones);
if (code) {
afs_com_err(whoami, code, "Couldn't get server list");
PT_EXIT(2);
}
pr_realmName = info.name;
{
afs_int32 kvno; /* see if there is a KeyFile here */
struct ktc_encryptionKey key;
code = afsconf_GetLatestKey(prdir, &kvno, &key);
kerberosKeys = (code == 0);
if (!kerberosKeys)
printf
("ptserver: can't find any Kerberos keys, code = %d, ignoring\n",
code);
}
if (kerberosKeys) {
/* initialize ubik */
ubik_CRXSecurityProc = afsconf_ClientAuth;
ubik_CRXSecurityRock = prdir;
ubik_SRXSecurityProc = afsconf_ServerAuth;
ubik_SRXSecurityRock = prdir;
ubik_CheckRXSecurityProc = afsconf_CheckAuth;
ubik_CheckRXSecurityRock = prdir;
}
/* The max needed is when deleting an entry. A full CoEntry deletion
* required removal from 39 entries. Each of which may refers to the entry
* being deleted in one of its CoEntries. If a CoEntry is freed its
* predecessor CoEntry will be modified as well. Any freed blocks also
* modifies the database header. Counting the entry being deleted and its
* CoEntry this adds up to as much as 1+1+39*3 = 119. If all these entries
* and the header are in separate Ubik buffers then 120 buffers may be
* required. */
ubik_nBuffers = 120 + /*fudge */ 40;
if (rxBind) {
afs_int32 ccode;
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = parseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
if (ccode == 1) {
host = SHostAddrs[0];
/* the following call is idempotent so if/when it gets called
* again by the ubik init stuff, it doesn't really matter
* -- klm
*/
rx_InitHost(host, htons(AFSCONF_PROTPORT));
}
}
code =
ubik_ServerInitByInfo(myHost, htons(AFSCONF_PROTPORT), &info, clones,
pr_dbaseName, &dbase);
if (code) {
afs_com_err(whoami, code, "Ubik init failed");
PT_EXIT(2);
}
#if defined(SUPERGROUPS)
pt_hook_write();
#endif
afsconf_BuildServerSecurityObjects(prdir, 0, &securityClasses,
&numClasses);
/* Disable jumbograms */
rx_SetNoJumbo();
if (rxMaxMTU != -1) {
rx_SetMaxMTU(rxMaxMTU);
}
tservice =
rx_NewServiceHost(host, 0, PRSRV, "Protection Server", securityClasses,
numClasses, PR_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
fprintf(stderr, "ptserver: Could not create new rx service.\n");
PT_EXIT(3);
}
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, lwps);
if (rxkadDisableDotCheck) {
rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS,
(void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
}
tservice =
rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats",
securityClasses, numClasses, RXSTATS_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
fprintf(stderr, "ptserver: Could not create new rx service.\n");
PT_EXIT(3);
}
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, 4);
/* allow super users to manage RX statistics */
rx_SetRxStatUserOk(pr_rxstat_userok);
LogCommandLine(argc, argv, "ptserver",
#if defined(SUPERGROUPS)
"1.1",
#else
"1.0",
#endif
"Starting AFS", FSLog);
rx_StartServer(1);
osi_audit(PTS_FinishEvent, -1, AUD_END);
exit(0);
}
int
main(int argc, char **argv)
{
afs_int32 code;
afs_uint32 myHost;
struct rx_service *tservice;
struct rx_securityClass **securityClasses;
afs_int32 numClasses;
struct afsconf_dir *tdir;
struct ktc_encryptionKey tkey;
struct afsconf_cell info;
struct hostent *th;
char hostname[VL_MAXNAMELEN];
int noAuth = 0;
char clones[MAXHOSTSPERCELL];
afs_uint32 host = ntohl(INADDR_ANY);
struct cmd_syndesc *opts;
struct logOptions logopts;
char *vl_dbaseName;
char *configDir;
char *auditFileName = NULL;
char *interface = NULL;
char *optstring = NULL;
char *restricted_query_parameter = NULL;
#ifdef AFS_AIX32_ENV
/*
* The following signal action for AIX is necessary so that in case of a
* crash (i.e. core is generated) we can include the user's data section
* in the core dump. Unfortunately, by default, only a partial core is
* generated which, in many cases, isn't too useful.
*/
struct sigaction nsa;
rx_extraPackets = 100; /* should be a switch, I guess... */
sigemptyset(&nsa.sa_mask);
nsa.sa_handler = SIG_DFL;
nsa.sa_flags = SA_FULLDUMP;
sigaction(SIGABRT, &nsa, NULL);
sigaction(SIGSEGV, &nsa, NULL);
#endif
osi_audit_init();
memset(&logopts, 0, sizeof(logopts));
/* Initialize dirpaths */
if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
#ifdef AFS_NT40_ENV
ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0);
#endif
fprintf(stderr, "%s: Unable to obtain AFS server directory.\n",
argv[0]);
exit(2);
}
vl_dbaseName = strdup(AFSDIR_SERVER_VLDB_FILEPATH);
configDir = strdup(AFSDIR_SERVER_ETC_DIRPATH);
cmd_DisableAbbreviations();
cmd_DisablePositionalCommands();
opts = cmd_CreateSyntax(NULL, NULL, NULL, 0, NULL);
/* vlserver specific options */
cmd_AddParmAtOffset(opts, OPT_noauth, "-noauth", CMD_FLAG,
CMD_OPTIONAL, "disable authentication");
cmd_AddParmAtOffset(opts, OPT_smallmem, "-smallmem", CMD_FLAG,
CMD_OPTIONAL, "optimise for small memory systems");
/* general server options */
cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
CMD_OPTIONAL, "location of audit log");
cmd_AddParmAtOffset(opts, OPT_auditiface, "-audit-interface", CMD_SINGLE,
CMD_OPTIONAL, "interface to use for audit logging");
cmd_AddParmAtOffset(opts, OPT_config, "-config", CMD_SINGLE,
CMD_OPTIONAL, "configuration location");
cmd_AddParmAtOffset(opts, OPT_debug, "-d", CMD_SINGLE,
CMD_OPTIONAL, "debug level");
cmd_AddParmAtOffset(opts, OPT_database, "-database", CMD_SINGLE,
CMD_OPTIONAL, "database file");
cmd_AddParmAlias(opts, OPT_database, "-db");
cmd_AddParmAtOffset(opts, OPT_logfile, "-logfile", CMD_SINGLE,
CMD_OPTIONAL, "location of logfile");
cmd_AddParmAtOffset(opts, OPT_threads, "-p", CMD_SINGLE, CMD_OPTIONAL,
"number of threads");
#ifdef HAVE_SYSLOG
cmd_AddParmAtOffset(opts, OPT_syslog, "-syslog", CMD_SINGLE_OR_FLAG,
CMD_OPTIONAL, "log to syslog");
#endif
cmd_AddParmAtOffset(opts, OPT_transarc_logs, "-transarc-logs", CMD_FLAG,
CMD_OPTIONAL, "enable Transarc style logging");
/* rx options */
cmd_AddParmAtOffset(opts, OPT_peer, "-enable_peer_stats", CMD_FLAG,
CMD_OPTIONAL, "enable RX transport statistics");
cmd_AddParmAtOffset(opts, OPT_process, "-enable_process_stats", CMD_FLAG,
CMD_OPTIONAL, "enable RX RPC statistics");
cmd_AddParmAtOffset(opts, OPT_nojumbo, "-nojumbo", CMD_FLAG,
CMD_OPTIONAL, "disable jumbograms");
cmd_AddParmAtOffset(opts, OPT_jumbo, "-jumbo", CMD_FLAG,
CMD_OPTIONAL, "enable jumbograms");
cmd_AddParmAtOffset(opts, OPT_rxbind, "-rxbind", CMD_FLAG,
CMD_OPTIONAL, "bind only to the primary interface");
cmd_AddParmAtOffset(opts, OPT_rxmaxmtu, "-rxmaxmtu", CMD_SINGLE,
CMD_OPTIONAL, "maximum MTU for RX");
cmd_AddParmAtOffset(opts, OPT_trace, "-trace", CMD_SINGLE,
CMD_OPTIONAL, "rx trace file");
cmd_AddParmAtOffset(opts, OPT_restricted_query, "-restricted_query",
CMD_SINGLE, CMD_OPTIONAL, "anyuser | admin");
/* rxkad options */
cmd_AddParmAtOffset(opts, OPT_dotted, "-allow-dotted-principals",
CMD_FLAG, CMD_OPTIONAL,
"permit Kerberos 5 principals with dots");
code = cmd_Parse(argc, argv, &opts);
if (code == CMD_HELP) {
exit(0);
}
if (code)
return -1;
cmd_OptionAsString(opts, OPT_config, &configDir);
cmd_OpenConfigFile(AFSDIR_SERVER_CONFIG_FILE_FILEPATH);
cmd_SetCommandName("vlserver");
/* vlserver options */
cmd_OptionAsFlag(opts, OPT_noauth, &noAuth);
cmd_OptionAsFlag(opts, OPT_smallmem, &smallMem);
if (cmd_OptionAsString(opts, OPT_trace, &optstring) == 0) {
extern char rxi_tracename[80];
strcpy(rxi_tracename, optstring);
free(optstring);
optstring = NULL;
}
/* general server options */
cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);
if (cmd_OptionAsString(opts, OPT_auditiface, &interface) == 0) {
if (osi_audit_interface(interface)) {
printf("Invalid audit interface '%s'\n", interface);
return -1;
}
free(interface);
}
cmd_OptionAsString(opts, OPT_database, &vl_dbaseName);
if (cmd_OptionAsInt(opts, OPT_threads, &lwps) == 0) {
if (lwps > MAXLWP) {
printf("Warning: '-p %d' is too big; using %d instead\n",
lwps, MAXLWP);
lwps = MAXLWP;
}
}
cmd_OptionAsInt(opts, OPT_debug, &logopts.lopt_logLevel);
#ifdef HAVE_SYSLOG
if (cmd_OptionPresent(opts, OPT_syslog)) {
if (cmd_OptionPresent(opts, OPT_logfile)) {
fprintf(stderr, "Invalid options: -syslog and -logfile are exclusive.\n");
return -1;
}
if (cmd_OptionPresent(opts, OPT_transarc_logs)) {
fprintf(stderr, "Invalid options: -syslog and -transarc-logs are exclusive.\n");
return -1;
}
logopts.lopt_dest = logDest_syslog;
logopts.lopt_facility = LOG_DAEMON; /* default value */
logopts.lopt_tag = "vlserver";
cmd_OptionAsInt(opts, OPT_syslog, &logopts.lopt_facility);
} else
#endif
{
logopts.lopt_dest = logDest_file;
if (cmd_OptionPresent(opts, OPT_transarc_logs)) {
logopts.lopt_rotateOnOpen = 1;
logopts.lopt_rotateStyle = logRotate_old;
}
if (cmd_OptionPresent(opts, OPT_logfile))
cmd_OptionAsString(opts, OPT_logfile, (char**)&logopts.lopt_filename);
else
logopts.lopt_filename = AFSDIR_SERVER_VLOG_FILEPATH;
}
/* rx options */
if (cmd_OptionPresent(opts, OPT_peer))
rx_enablePeerRPCStats();
if (cmd_OptionPresent(opts, OPT_process))
rx_enableProcessRPCStats();
if (cmd_OptionPresent(opts, OPT_nojumbo))
rxJumbograms = 0;
if (cmd_OptionPresent(opts, OPT_jumbo))
rxJumbograms = 1;
cmd_OptionAsFlag(opts, OPT_rxbind, &rxBind);
cmd_OptionAsInt(opts, OPT_rxmaxmtu, &rxMaxMTU);
/* rxkad options */
cmd_OptionAsFlag(opts, OPT_dotted, &rxkadDisableDotCheck);
/* restricted query */
if (cmd_OptionAsString(opts, OPT_restricted_query,
&restricted_query_parameter) == 0) {
if (strcmp(restricted_query_parameter, "anyuser") == 0)
restrictedQueryLevel = RESTRICTED_QUERY_ANYUSER;
else if (strcmp(restricted_query_parameter, "admin") == 0)
restrictedQueryLevel = RESTRICTED_QUERY_ADMIN;
else {
printf("invalid argument for -restricted_query: %s\n",
restricted_query_parameter);
return -1;
}
free(restricted_query_parameter);
}
if (auditFileName) {
osi_audit_file(auditFileName);
}
OpenLog(&logopts);
#ifdef AFS_PTHREAD_ENV
opr_softsig_Init();
SetupLogSoftSignals();
#else
SetupLogSignals();
#endif
tdir = afsconf_Open(configDir);
if (!tdir) {
VLog(0,
("vlserver: can't open configuration files in dir %s, giving up.\n",
configDir));
exit(1);
}
/* initialize audit user check */
osi_audit_set_user_check(tdir, vldb_IsLocalRealmMatch);
#ifdef AFS_NT40_ENV
/* initialize winsock */
if (afs_winsockInit() < 0) {
ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0);
VLog(0, ("vlserver: couldn't initialize winsock. \n"));
exit(1);
}
#endif
/* get this host */
gethostname(hostname, sizeof(hostname));
th = gethostbyname(hostname);
if (!th) {
VLog(0, ("vlserver: couldn't get address of this host (%s).\n",
hostname));
exit(1);
}
memcpy(&myHost, th->h_addr, sizeof(afs_uint32));
#if !defined(AFS_HPUX_ENV) && !defined(AFS_NT40_ENV)
signal(SIGXCPU, CheckSignal_Signal);
#endif
/* get list of servers */
code =
afsconf_GetExtendedCellInfo(tdir, NULL, AFSCONF_VLDBSERVICE, &info,
clones);
if (code) {
printf("vlserver: Couldn't get cell server list for 'afsvldb'.\n");
exit(2);
}
vldb_confdir = tdir; /* Preserve our configuration dir */
/* rxvab no longer supported */
memset(&tkey, 0, sizeof(tkey));
if (noAuth)
afsconf_SetNoAuthFlag(tdir, 1);
if (rxBind) {
afs_int32 ccode;
#ifndef AFS_NT40_ENV
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
#endif
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
if (ccode == 1) {
host = SHostAddrs[0];
rx_InitHost(host, htons(AFSCONF_VLDBPORT));
}
}
if (!rxJumbograms) {
rx_SetNoJumbo();
}
if (rxMaxMTU != -1) {
if (rx_SetMaxMTU(rxMaxMTU) != 0) {
VLog(0, ("rxMaxMTU %d invalid\n", rxMaxMTU));
return -1;
}
}
ubik_nBuffers = 512;
ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, tdir);
ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
afsconf_CheckAuth, tdir);
ubik_SyncWriterCacheProc = vlsynccache;
code =
ubik_ServerInitByInfo(myHost, htons(AFSCONF_VLDBPORT), &info, clones,
vl_dbaseName, &VL_dbase);
if (code) {
VLog(0, ("vlserver: Ubik init failed: %s\n", afs_error_message(code)));
exit(2);
}
rx_SetRxDeadTime(50);
memset(rd_HostAddress, 0, sizeof(rd_HostAddress));
memset(wr_HostAddress, 0, sizeof(wr_HostAddress));
initialize_dstats();
afsconf_BuildServerSecurityObjects(tdir, &securityClasses, &numClasses);
tservice =
rx_NewServiceHost(host, 0, USER_SERVICE_ID, "Vldb server",
securityClasses, numClasses,
VL_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
VLog(0, ("vlserver: Could not create VLDB_SERVICE rx service\n"));
exit(3);
}
rx_SetMinProcs(tservice, 2);
if (lwps < 4)
lwps = 4;
rx_SetMaxProcs(tservice, lwps);
if (rxkadDisableDotCheck) {
rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS,
(void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
}
tservice =
rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats",
securityClasses, numClasses,
RXSTATS_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
VLog(0, ("vlserver: Could not create rpc stats rx service\n"));
exit(3);
}
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, 4);
LogCommandLine(argc, argv, "vlserver", VldbVersion, "Starting AFS", FSLog);
if (afsconf_GetLatestKey(tdir, NULL, NULL) == 0) {
LogDesWarning();
}
VLog(0, ("%s\n", cml_version_number));
/* allow super users to manage RX statistics */
rx_SetRxStatUserOk(vldb_rxstat_userok);
rx_StartServer(1); /* Why waste this idle process?? */
return 0; /* not reachable */
}
int
main(int argc, char **argv)
{
afs_int32 code;
struct rx_securityClass **securityClasses;
afs_int32 numClasses;
struct rx_service *service;
struct ktc_encryptionKey tkey;
int rxpackets = 100;
int rxJumbograms = 0; /* default is to send and receive jumbograms. */
int rxMaxMTU = -1;
int bufSize = 0; /* temp variable to read in udp socket buf size */
afs_uint32 host = ntohl(INADDR_ANY);
char *auditFileName = NULL;
VolumePackageOptions opts;
#ifdef AFS_AIX32_ENV
/*
* The following signal action for AIX is necessary so that in case of a
* crash (i.e. core is generated) we can include the user's data section
* in the core dump. Unfortunately, by default, only a partial core is
* generated which, in many cases, isn't too useful.
*/
struct sigaction nsa;
sigemptyset(&nsa.sa_mask);
nsa.sa_handler = SIG_DFL;
nsa.sa_flags = SA_FULLDUMP;
sigaction(SIGABRT, &nsa, NULL);
sigaction(SIGSEGV, &nsa, NULL);
#endif
osi_audit_init();
osi_audit(VS_StartEvent, 0, AUD_END);
/* Initialize dirpaths */
if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
#ifdef AFS_NT40_ENV
ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0);
#endif
fprintf(stderr, "%s: Unable to obtain AFS server directory.\n",
argv[0]);
exit(2);
}
TTsleep = TTrun = 0;
/* parse cmd line */
for (code = 1; code < argc; code++) {
if (strcmp(argv[code], "-log") == 0) {
/* set extra logging flag */
DoLogging = 1;
} else if (strcmp(argv[code], "-help") == 0) {
goto usage;
} else if (strcmp(argv[code], "-rxbind") == 0) {
rxBind = 1;
} else if (strcmp(argv[code], "-allow-dotted-principals") == 0) {
rxkadDisableDotCheck = 1;
} else if (strcmp(argv[code], "-d") == 0) {
if ((code + 1) >= argc) {
fprintf(stderr, "missing argument for -d\n");
return -1;
}
debuglevel = atoi(argv[++code]);
LogLevel = debuglevel;
} else if (strcmp(argv[code], "-p") == 0) {
lwps = atoi(argv[++code]);
if (lwps > MAXLWP) {
printf("Warning: '-p %d' is too big; using %d instead\n",
lwps, MAXLWP);
lwps = MAXLWP;
}
} else if (strcmp(argv[code], "-auditlog") == 0) {
auditFileName = argv[++code];
} else if (strcmp(argv[code], "-audit-interface") == 0) {
char *interface = argv[++code];
if (osi_audit_interface(interface)) {
printf("Invalid audit interface '%s'\n", interface);
return -1;
}
} else if (strcmp(argv[code], "-nojumbo") == 0) {
rxJumbograms = 0;
} else if (strcmp(argv[code], "-jumbo") == 0) {
rxJumbograms = 1;
} else if (!strcmp(argv[code], "-rxmaxmtu")) {
if ((code + 1) >= argc) {
fprintf(stderr, "missing argument for -rxmaxmtu\n");
exit(1);
}
rxMaxMTU = atoi(argv[++code]);
if ((rxMaxMTU < RX_MIN_PACKET_SIZE) ||
(rxMaxMTU > RX_MAX_PACKET_DATA_SIZE)) {
printf("rxMaxMTU %d invalid; must be between %d-%" AFS_SIZET_FMT "\n",
rxMaxMTU, RX_MIN_PACKET_SIZE,
RX_MAX_PACKET_DATA_SIZE);
exit(1);
}
} else if (strcmp(argv[code], "-sleep") == 0) {
sscanf(argv[++code], "%d/%d", &TTsleep, &TTrun);
if ((TTsleep < 0) || (TTrun <= 0)) {
printf("Warning: '-sleep %d/%d' is incorrect; ignoring\n",
TTsleep, TTrun);
TTsleep = TTrun = 0;
}
} else if (strcmp(argv[code], "-mbpersleep") == 0) {
sscanf(argv[++code], "%d", &MBperSecSleep);
if (MBperSecSleep < 0)
MBperSecSleep = 0;
} else if (strcmp(argv[code], "-udpsize") == 0) {
if ((code + 1) >= argc) {
printf("You have to specify -udpsize <integer value>\n");
exit(1);
}
sscanf(argv[++code], "%d", &bufSize);
if (bufSize < rx_GetMinUdpBufSize())
printf
("Warning:udpsize %d is less than minimum %d; ignoring\n",
bufSize, rx_GetMinUdpBufSize());
else
udpBufSize = bufSize;
} else if (strcmp(argv[code], "-enable_peer_stats") == 0) {
rx_enablePeerRPCStats();
} else if (strcmp(argv[code], "-enable_process_stats") == 0) {
rx_enableProcessRPCStats();
} else if (strcmp(argv[code], "-preserve-vol-stats") == 0) {
DoPreserveVolumeStats = 1;
} else if (strcmp(argv[code], "-sync") == 0) {
if ((code + 1) >= argc) {
printf("You have to specify -sync <sync_behavior>\n");
exit(1);
}
ih_PkgDefaults();
if (ih_SetSyncBehavior(argv[++code])) {
printf("Invalid -sync value %s\n", argv[code]);
exit(1);
}
}
#ifndef AFS_NT40_ENV
else if (strcmp(argv[code], "-syslog") == 0) {
/* set syslog logging flag */
serverLogSyslog = 1;
} else if (strncmp(argv[code], "-syslog=", 8) == 0) {
serverLogSyslog = 1;
serverLogSyslogFacility = atoi(argv[code] + 8);
}
#endif
#ifdef AFS_PTHREAD_ENV
else if (strcmp(argv[code], "-convert") == 0)
convertToOsd = 1;
else if (strcmp(argv[code], "-libafsosd") == 0)
libafsosd = 1;
#endif
else {
printf("volserver: unrecognized flag '%s'\n", argv[code]);
usage:
#ifndef AFS_NT40_ENV
printf("Usage: volserver [-log] [-p <number of processes>] "
"[-auditlog <log path>] [-d <debug level>] "
"[-nojumbo] [-jumbo] [-rxmaxmtu <bytes>] [-rxbind] [-allow-dotted-principals] "
"[-udpsize <size of socket buffer in bytes>] "
"[-syslog[=FACILITY]] -mbpersleep <MB / 1 sec sleep>"
"%s"
"[-enable_peer_stats] [-enable_process_stats] "
"[-sync <always | delayed | onclose | never>] "
#ifdef AFS_PTHREAD_ENV
, libafsosd ? "[-convert] ":"",
#endif
"[-help]\n");
#else
printf("Usage: volserver [-log] [-p <number of processes>] "
"[-auditlog <log path>] [-d <debug level>] "
"[-nojumbo] [-jumbo] [-rxmaxmtu <bytes>] [-rxbind] [-allow-dotted-principals] "
"[-udpsize <size of socket buffer in bytes>] "
"[-enable_peer_stats] [-enable_process_stats] "
"[-sync <always | delayed | onclose | never>] "
"[-help]\n");
#endif
VS_EXIT(1);
}
}
if (auditFileName) {
osi_audit_file(auditFileName);
osi_audit(VS_StartEvent, 0, AUD_END);
}
#ifdef AFS_SGI_VNODE_GLUE
if (afs_init_kernel_config(-1) < 0) {
printf
("Can't determine NUMA configuration, not starting volserver.\n");
exit(1);
}
#endif
InitErrTabs();
#ifdef AFS_PTHREAD_ENV
SetLogThreadNumProgram( threadNum );
#endif
#ifdef AFS_NT40_ENV
if (afs_winsockInit() < 0) {
ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0);
printf("Volume server unable to start winsock, exiting.\n");
exit(1);
}
#endif
/* Open VolserLog and map stdout, stderr into it; VInitVolumePackage2 can
log, so we need to do this here */
OpenLog(AFSDIR_SERVER_VOLSERLOG_FILEPATH);
VOptDefaults(volumeServer, &opts);
#ifdef AFS_PTHREAD_ENV
if (libafsosd) {
extern struct vol_data_v0 vol_data_v0;
extern struct volser_data_v0 volser_data_v0;
struct init_volser_inputs input = {
&vol_data_v0,
&volser_data_v0
};
struct init_volser_outputs output = {
&osdvol,
&osdvolser
};
code = load_libafsosd("init_volser_afsosd", &input, &output);
if (code) {
ViceLog(0, ("Loading libafsosd.so failed with code %d, aborting\n",
code));
return -1;
}
}
#endif
if (VInitVolumePackage2(volumeServer, &opts)) {
Log("Shutting down: errors encountered initializing volume package\n");
exit(1);
}
/* For nuke() */
Lock_Init(&localLock);
DInit(40);
#ifndef AFS_PTHREAD_ENV
vol_PollProc = IOMGR_Poll; /* tell vol pkg to poll io system periodically */
#endif
#ifndef AFS_NT40_ENV
rxi_syscallp = volser_syscall;
#endif
rx_nPackets = rxpackets; /* set the max number of packets */
if (udpBufSize)
rx_SetUdpBufSize(udpBufSize); /* set the UDP buffer size for receive */
if (rxBind) {
afs_int32 ccode;
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = parseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
if (ccode == 1)
host = SHostAddrs[0];
}
code = rx_InitHost(host, (int)htons(AFSCONF_VOLUMEPORT));
if (code) {
fprintf(stderr, "rx init failed on socket AFSCONF_VOLUMEPORT %u\n",
AFSCONF_VOLUMEPORT);
VS_EXIT(1);
}
if (!rxJumbograms) {
/* Don't allow 3.4 vos clients to send jumbograms and we don't send. */
rx_SetNoJumbo();
}
if (rxMaxMTU != -1) {
rx_SetMaxMTU(rxMaxMTU);
}
rx_GetIFInfo();
#ifndef AFS_PTHREAD_ENV
rx_SetRxDeadTime(420);
#endif
memset(busyFlags, 0, sizeof(busyFlags));
SetupLogSignals();
{
#ifdef AFS_PTHREAD_ENV
pthread_t tid;
pthread_attr_t tattr;
osi_Assert(pthread_attr_init(&tattr) == 0);
osi_Assert(pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_DETACHED) == 0);
osi_Assert(pthread_create(&tid, &tattr, BKGLoop, NULL) == 0);
#else
PROCESS pid;
LWP_CreateProcess(BKGLoop, 16*1024, 3, 0, "vol bkg daemon", &pid);
LWP_CreateProcess(BKGSleep,16*1024, 3, 0, "vol slp daemon", &pid);
#endif
}
/* Create a single security object, in this case the null security object, for unauthenticated connections, which will be used to control security on connections made to this server */
tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH);
if (!tdir) {
Abort("volser: could not open conf files in %s\n",
AFSDIR_SERVER_ETC_DIRPATH);
VS_EXIT(1);
}
afsconf_GetKey(tdir, 999, &tkey);
afsconf_BuildServerSecurityObjects(tdir, 0, &securityClasses, &numClasses);
if (securityClasses[0] == NULL)
Abort("rxnull_NewServerSecurityObject");
service =
rx_NewServiceHost(host, 0, VOLSERVICE_ID, "VOLSER", securityClasses,
numClasses, AFSVolExecuteRequest);
if (service == (struct rx_service *)0)
Abort("rx_NewService");
rx_SetBeforeProc(service, MyBeforeProc);
rx_SetAfterProc(service, MyAfterProc);
rx_SetIdleDeadTime(service, 0); /* never timeout */
if (lwps < 4)
lwps = 4;
rx_SetMaxProcs(service, lwps);
#if defined(AFS_XBSD_ENV)
rx_SetStackSize(service, (128 * 1024));
#elif defined(AFS_SGI_ENV)
rx_SetStackSize(service, (48 * 1024));
#else
rx_SetStackSize(service, (32 * 1024));
#endif
if (rxkadDisableDotCheck) {
rx_SetSecurityConfiguration(service, RXS_CONFIG_FLAGS,
(void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
}
service =
rx_NewService(0, RX_STATS_SERVICE_ID, "rpcstats", securityClasses,
numClasses, RXSTATS_ExecuteRequest);
if (service == (struct rx_service *)0)
Abort("rx_NewService");
rx_SetMinProcs(service, 2);
rx_SetMaxProcs(service, 4);
#ifdef AFS_PTHREAD_ENV
if (libafsosd) {
service =
rx_NewService(0, 7, "afsosd", securityClasses,
numClasses, (osdvolser->op_AFSVOLOSD_ExecuteRequest));
if (!service) {
ViceLog(0, ("Failed to initialize afsosd rpc service.\n"));
exit(-1);
}
rx_SetBeforeProc(service, MyBeforeProc);
rx_SetAfterProc(service, MyAfterProc);
rx_SetIdleDeadTime(service, 0); /* never timeout */
rx_SetMinProcs(service, 2);
if (lwps < 4)
lwps = 4;
rx_SetMaxProcs(service, lwps);
#if defined(AFS_XBSD_ENV)
rx_SetStackSize(service, (128 * 1024));
#elif defined(AFS_SGI_ENV)
rx_SetStackSize(service, (48 * 1024));
#else
rx_SetStackSize(service, (32 * 1024));
#endif
}
#endif /* AFS_PTHREAD_ENV */
LogCommandLine(argc, argv, "Volserver", VolserVersion, "Starting AFS",
Log);
FT_GetTimeOfDay(&statisticStart, 0);
if (afsconf_GetLatestKey(tdir, NULL, NULL) == 0) {
LogDesWarning();
}
if (TTsleep) {
Log("Will sleep %d second%s every %d second%s\n", TTsleep,
(TTsleep > 1) ? "s" : "", TTrun + TTsleep,
(TTrun + TTsleep > 1) ? "s" : "");
}
/* allow super users to manage RX statistics */
/* allow super users to manage RX statistics */
rx_SetRxStatUserOk(vol_rxstat_userok);
rx_StartServer(1); /* Donate this process to the server process pool */
osi_audit(VS_FinishEvent, (-1), AUD_END);
Abort("StartServer returned?");
return 0; /* not reached */
}
int
main(int argc, char **argv)
{
afs_int32 code;
struct rx_securityClass **securityClasses;
afs_int32 numClasses;
struct rx_service *service;
int rxpackets = 100;
char hoststr[16];
afs_uint32 host = ntohl(INADDR_ANY);
VolumePackageOptions opts;
#ifdef AFS_AIX32_ENV
/*
* The following signal action for AIX is necessary so that in case of a
* crash (i.e. core is generated) we can include the user's data section
* in the core dump. Unfortunately, by default, only a partial core is
* generated which, in many cases, isn't too useful.
*/
struct sigaction nsa;
sigemptyset(&nsa.sa_mask);
nsa.sa_handler = SIG_DFL;
nsa.sa_flags = SA_FULLDUMP;
sigaction(SIGABRT, &nsa, NULL);
sigaction(SIGSEGV, &nsa, NULL);
#endif
osi_audit_init();
osi_audit(VS_StartEvent, 0, AUD_END);
/* Initialize dirpaths */
if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
#ifdef AFS_NT40_ENV
ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0);
#endif
fprintf(stderr, "%s: Unable to obtain AFS server directory.\n",
argv[0]);
exit(2);
}
configDir = strdup(AFSDIR_SERVER_ETC_DIRPATH);
if (ParseArgs(argc, argv)) {
exit(1);
}
if (auditFileName) {
osi_audit_file(auditFileName);
osi_audit(VS_StartEvent, 0, AUD_END);
}
#ifdef AFS_SGI_VNODE_GLUE
if (afs_init_kernel_config(-1) < 0) {
printf
("Can't determine NUMA configuration, not starting volserver.\n");
exit(1);
}
#endif
InitErrTabs();
#ifdef AFS_PTHREAD_ENV
SetLogThreadNumProgram( rx_GetThreadNum );
#endif
#ifdef AFS_NT40_ENV
if (afs_winsockInit() < 0) {
ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0);
printf("Volume server unable to start winsock, exiting.\n");
exit(1);
}
#endif
OpenLog(&logopts);
VOptDefaults(volumeServer, &opts);
if (VInitVolumePackage2(volumeServer, &opts)) {
Log("Shutting down: errors encountered initializing volume package\n");
exit(1);
}
/* For nuke() */
Lock_Init(&localLock);
DInit(40);
#ifndef AFS_PTHREAD_ENV
vol_PollProc = IOMGR_Poll; /* tell vol pkg to poll io system periodically */
#endif
#if !defined( AFS_NT40_ENV ) && !defined(AFS_DARWIN160_ENV)
rxi_syscallp = volser_syscall;
#endif
rx_nPackets = rxpackets; /* set the max number of packets */
if (udpBufSize)
rx_SetUdpBufSize(udpBufSize); /* set the UDP buffer size for receive */
if (rxBind) {
afs_int32 ccode;
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
if (ccode == 1)
host = SHostAddrs[0];
}
Log("Volserver binding rx to %s:%d\n",
afs_inet_ntoa_r(host, hoststr), AFSCONF_VOLUMEPORT);
code = rx_InitHost(host, (int)htons(AFSCONF_VOLUMEPORT));
if (code) {
fprintf(stderr, "rx init failed on socket AFSCONF_VOLUMEPORT %u\n",
AFSCONF_VOLUMEPORT);
VS_EXIT(1);
}
if (!rxJumbograms) {
/* Don't allow 3.4 vos clients to send jumbograms and we don't send. */
rx_SetNoJumbo();
}
if (rxMaxMTU != -1) {
if (rx_SetMaxMTU(rxMaxMTU) != 0) {
fprintf(stderr, "rxMaxMTU %d is invalid\n", rxMaxMTU);
VS_EXIT(1);
}
}
rx_GetIFInfo();
rx_SetRxDeadTime(420);
memset(busyFlags, 0, sizeof(busyFlags));
#ifdef AFS_PTHREAD_ENV
opr_softsig_Init();
SetupLogSoftSignals();
#else
SetupLogSignals();
#endif
{
#ifdef AFS_PTHREAD_ENV
pthread_t tid;
pthread_attr_t tattr;
opr_Verify(pthread_attr_init(&tattr) == 0);
opr_Verify(pthread_attr_setdetachstate(&tattr,
PTHREAD_CREATE_DETACHED) == 0);
opr_Verify(pthread_create(&tid, &tattr, BKGLoop, NULL) == 0);
#else
PROCESS pid;
LWP_CreateProcess(BKGLoop, 16*1024, 3, 0, "vol bkg daemon", &pid);
#endif
}
/* Create a single security object, in this case the null security object, for unauthenticated connections, which will be used to control security on connections made to this server */
tdir = afsconf_Open(configDir);
if (!tdir) {
Abort("volser: could not open conf files in %s\n",
configDir);
AFS_UNREACHED(VS_EXIT(1));
}
/* initialize audit user check */
osi_audit_set_user_check(tdir, vol_IsLocalRealmMatch);
afsconf_BuildServerSecurityObjects(tdir, &securityClasses, &numClasses);
if (securityClasses[0] == NULL)
Abort("rxnull_NewServerSecurityObject");
service =
rx_NewServiceHost(host, 0, VOLSERVICE_ID, "VOLSER", securityClasses,
numClasses, AFSVolExecuteRequest);
if (service == (struct rx_service *)0)
Abort("rx_NewService");
rx_SetBeforeProc(service, MyBeforeProc);
rx_SetAfterProc(service, MyAfterProc);
rx_SetIdleDeadTime(service, 0); /* never timeout */
if (lwps < 4)
lwps = 4;
rx_SetMaxProcs(service, lwps);
#if defined(AFS_XBSD_ENV)
rx_SetStackSize(service, (128 * 1024));
#elif defined(AFS_SGI_ENV)
rx_SetStackSize(service, (48 * 1024));
#else
rx_SetStackSize(service, (32 * 1024));
#endif
if (rxkadDisableDotCheck) {
code = rx_SetSecurityConfiguration(service, RXS_CONFIG_FLAGS,
(void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
if (code) {
fprintf(stderr,
"volser: failed to allow dotted principals: code %d\n",
code);
VS_EXIT(1);
}
}
service =
rx_NewService(0, RX_STATS_SERVICE_ID, "rpcstats", securityClasses,
numClasses, RXSTATS_ExecuteRequest);
if (service == (struct rx_service *)0)
Abort("rx_NewService");
rx_SetMinProcs(service, 2);
rx_SetMaxProcs(service, 4);
LogCommandLine(argc, argv, "Volserver", VolserVersion, "Starting AFS",
Log);
if (afsconf_GetLatestKey(tdir, NULL, NULL) == 0) {
LogDesWarning();
}
/* allow super users to manage RX statistics */
rx_SetRxStatUserOk(vol_rxstat_userok);
rx_StartServer(1); /* Donate this process to the server process pool */
osi_audit(VS_FinishEvent, (-1), AUD_END);
Abort("StartServer returned?");
AFS_UNREACHED(return 0);
}
int
main(int argc, char **argv)
{
afs_int32 code;
afs_uint32 myHost;
struct hostent *th;
char hostname[64];
struct rx_service *tservice;
struct rx_securityClass **securityClasses;
afs_int32 numClasses;
int lwps = 3;
char clones[MAXHOSTSPERCELL];
afs_uint32 host = htonl(INADDR_ANY);
struct cmd_syndesc *opts;
struct cmd_item *list;
char *pr_dbaseName;
char *configDir;
char *logFile;
char *whoami = "ptserver";
char *auditFileName = NULL;
char *interface = NULL;
#ifdef AFS_AIX32_ENV
/*
* The following signal action for AIX is necessary so that in case of a
* crash (i.e. core is generated) we can include the user's data section
* in the core dump. Unfortunately, by default, only a partial core is
* generated which, in many cases, isn't too useful.
*/
struct sigaction nsa;
sigemptyset(&nsa.sa_mask);
nsa.sa_handler = SIG_DFL;
nsa.sa_flags = SA_FULLDUMP;
sigaction(SIGABRT, &nsa, NULL);
sigaction(SIGSEGV, &nsa, NULL);
#endif
osi_audit_init();
osi_audit(PTS_StartEvent, 0, AUD_END);
/* Initialize dirpaths */
if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
#ifdef AFS_NT40_ENV
ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0);
#endif
fprintf(stderr, "%s: Unable to obtain AFS server directory.\n",
argv[0]);
exit(2);
}
pr_dbaseName = strdup(AFSDIR_SERVER_PRDB_FILEPATH);
configDir = strdup(AFSDIR_SERVER_ETC_DIRPATH);
logFile = strdup(AFSDIR_SERVER_PTLOG_FILEPATH);
#if defined(SUPERGROUPS)
/* make sure the structures for database records are the same size */
if ((sizeof(struct prentry) != ENTRYSIZE)
|| (sizeof(struct prentryg) != ENTRYSIZE)) {
fprintf(stderr,
"The structures for the database records are different"
" sizes\n" "struct prentry = %" AFS_SIZET_FMT "\n"
"struct prentryg = %" AFS_SIZET_FMT "\n"
"ENTRYSIZE = %d\n", sizeof(struct prentry),
sizeof(struct prentryg), ENTRYSIZE);
PT_EXIT(1);
}
#endif
cmd_DisableAbbreviations();
cmd_DisablePositionalCommands();
opts = cmd_CreateSyntax(NULL, NULL, NULL, NULL);
/* ptserver specific options */
cmd_AddParmAtOffset(opts, OPT_database, "-database", CMD_SINGLE,
CMD_OPTIONAL, "database file");
cmd_AddParmAlias(opts, OPT_database, "-db");
cmd_AddParmAtOffset(opts, OPT_access, "-default_access", CMD_SINGLE,
CMD_OPTIONAL, "default access flags for new entries");
#if defined(SUPERGROUPS)
cmd_AddParmAtOffset(opts, OPT_groupdepth, "-groupdepth", CMD_SINGLE,
CMD_OPTIONAL, "max search depth for supergroups");
cmd_AddParmAlias(opts, OPT_groupdepth, "-depth");
#endif
cmd_AddParmAtOffset(opts, OPT_restricted, "-restricted", CMD_FLAG,
CMD_OPTIONAL, "enable restricted mode");
/* general server options */
cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
CMD_OPTIONAL, "location of audit log");
cmd_AddParmAtOffset(opts, OPT_auditiface, "-audit-interface", CMD_SINGLE,
CMD_OPTIONAL, "interface to use for audit logging");
cmd_AddParmAtOffset(opts, OPT_config, "-config", CMD_SINGLE,
CMD_OPTIONAL, "configuration location");
cmd_AddParmAtOffset(opts, OPT_debug, "-d", CMD_SINGLE,
CMD_OPTIONAL, "debug level");
cmd_AddParmAtOffset(opts, OPT_logfile, "-logfile", CMD_SINGLE,
CMD_OPTIONAL, "location of logfile");
cmd_AddParmAtOffset(opts, OPT_threads, "-p", CMD_SINGLE,
CMD_OPTIONAL, "number of threads");
#if !defined(AFS_NT40_ENV)
cmd_AddParmAtOffset(opts, OPT_syslog, "-syslog", CMD_SINGLE_OR_FLAG,
CMD_OPTIONAL, "log to syslog");
#endif
/* rx options */
cmd_AddParmAtOffset(opts, OPT_peer, "-enable_peer_stats", CMD_FLAG,
CMD_OPTIONAL, "enable RX transport statistics");
cmd_AddParmAtOffset(opts, OPT_process, "-enable_process_stats", CMD_FLAG,
CMD_OPTIONAL, "enable RX RPC statistics");
cmd_AddParmAtOffset(opts, OPT_rxbind, "-rxbind", CMD_FLAG,
CMD_OPTIONAL, "bind only to the primary interface");
cmd_AddParmAtOffset(opts, OPT_rxmaxmtu, "-rxmaxmtu", CMD_SINGLE,
CMD_OPTIONAL, "maximum MTU for RX");
/* rxkad options */
cmd_AddParmAtOffset(opts, OPT_dotted, "-allow-dotted-principals",
CMD_FLAG, CMD_OPTIONAL,
"permit Kerberos 5 principals with dots");
code = cmd_Parse(argc, argv, &opts);
if (code == CMD_HELP) {
PT_EXIT(0);
}
if (code)
PT_EXIT(1);
cmd_OptionAsString(opts, OPT_config, &configDir);
cmd_OpenConfigFile(AFSDIR_SERVER_CONFIG_FILE_FILEPATH);
cmd_SetCommandName("ptserver");
if (cmd_OptionAsList(opts, OPT_access, &list) == 0) {
prp_user_default = prp_access_mask(list->data);
if (list->next == NULL || list->next->data == NULL) {
fprintf(stderr, "Missing second argument for -default_access\n");
PT_EXIT(1);
}
prp_group_default = prp_access_mask(list->next->data);
}
#if defined(SUPERGROUPS)
cmd_OptionAsInt(opts, OPT_groupdepth, &depthsg);
#endif
cmd_OptionAsFlag(opts, OPT_restricted, &restricted);
/* general server options */
cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);
if (cmd_OptionAsString(opts, OPT_auditiface, &interface) == 0) {
if (osi_audit_interface(interface)) {
printf("Invalid audit interface '%s'\n", interface);
PT_EXIT(1);
}
free(interface);
}
cmd_OptionAsInt(opts, OPT_debug, &LogLevel);
cmd_OptionAsString(opts, OPT_database, &pr_dbaseName);
cmd_OptionAsString(opts, OPT_logfile, &logFile);
if (cmd_OptionAsInt(opts, OPT_threads, &lwps) == 0) {
if (lwps > 64) { /* maximum of 64 */
printf("Warning: '-p %d' is too big; using %d instead\n",
lwps, 64);
lwps = 64;
} else if (lwps < 3) { /* minimum of 3 */
printf("Warning: '-p %d' is too small; using %d instead\n",
lwps, 3);
lwps = 3;
}
}
#ifndef AFS_NT40_ENV
if (cmd_OptionPresent(opts, OPT_syslog)) {
serverLogSyslog = 1;
cmd_OptionAsInt(opts, OPT_syslog, &serverLogSyslogFacility);
}
#endif
/* rx options */
if (cmd_OptionPresent(opts, OPT_peer))
rx_enablePeerRPCStats();
if (cmd_OptionPresent(opts, OPT_process))
rx_enableProcessRPCStats();
cmd_OptionAsFlag(opts, OPT_rxbind, &rxBind);
cmd_OptionAsInt(opts, OPT_rxmaxmtu, &rxMaxMTU);
/* rxkad options */
cmd_OptionAsFlag(opts, OPT_dotted, &rxkadDisableDotCheck);
cmd_FreeOptions(&opts);
if (auditFileName) {
osi_audit_file(auditFileName);
osi_audit(PTS_StartEvent, 0, AUD_END);
}
#ifndef AFS_NT40_ENV
serverLogSyslogTag = "ptserver";
#endif
OpenLog(logFile); /* set up logging */
SetupLogSignals();
prdir = afsconf_Open(configDir);
if (!prdir) {
fprintf(stderr, "ptserver: can't open configuration directory.\n");
PT_EXIT(1);
}
if (afsconf_GetNoAuthFlag(prdir))
printf("ptserver: running unauthenticated\n");
#ifdef AFS_NT40_ENV
/* initialize winsock */
if (afs_winsockInit() < 0) {
ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0);
fprintf(stderr, "ptserver: couldn't initialize winsock. \n");
PT_EXIT(1);
}
#endif
/* get this host */
gethostname(hostname, sizeof(hostname));
th = gethostbyname(hostname);
if (!th) {
fprintf(stderr, "ptserver: couldn't get address of this host.\n");
PT_EXIT(1);
}
memcpy(&myHost, th->h_addr, sizeof(afs_uint32));
/* get list of servers */
code =
afsconf_GetExtendedCellInfo(prdir, NULL, "afsprot", &info, clones);
if (code) {
afs_com_err(whoami, code, "Couldn't get server list");
PT_EXIT(2);
}
/* initialize audit user check */
osi_audit_set_user_check(prdir, pr_IsLocalRealmMatch);
/* initialize ubik */
ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, prdir);
ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
afsconf_CheckAuth, prdir);
/* The max needed is when deleting an entry. A full CoEntry deletion
* required removal from 39 entries. Each of which may refers to the entry
* being deleted in one of its CoEntries. If a CoEntry is freed its
* predecessor CoEntry will be modified as well. Any freed blocks also
* modifies the database header. Counting the entry being deleted and its
* CoEntry this adds up to as much as 1+1+39*3 = 119. If all these entries
* and the header are in separate Ubik buffers then 120 buffers may be
* required. */
ubik_nBuffers = 120 + /*fudge */ 40;
if (rxBind) {
afs_int32 ccode;
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL,
ADDRSPERSITE, reason,
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
if (ccode == 1) {
host = SHostAddrs[0];
/* the following call is idempotent so if/when it gets called
* again by the ubik init stuff, it doesn't really matter
* -- klm
*/
rx_InitHost(host, htons(AFSCONF_PROTPORT));
}
}
/* Disable jumbograms */
rx_SetNoJumbo();
if (rxMaxMTU != -1) {
if (rx_SetMaxMTU(rxMaxMTU) != 0) {
printf("rxMaxMTU %d is invalid\n", rxMaxMTU);
PT_EXIT(1);
}
}
code =
ubik_ServerInitByInfo(myHost, htons(AFSCONF_PROTPORT), &info, clones,
pr_dbaseName, &dbase);
if (code) {
afs_com_err(whoami, code, "Ubik init failed");
PT_EXIT(2);
}
#if defined(SUPERGROUPS)
pt_hook_write();
#endif
afsconf_BuildServerSecurityObjects(prdir, &securityClasses, &numClasses);
tservice =
rx_NewServiceHost(host, 0, PRSRV, "Protection Server", securityClasses,
numClasses, PR_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
fprintf(stderr, "ptserver: Could not create new rx service.\n");
PT_EXIT(3);
}
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, lwps);
if (rxkadDisableDotCheck) {
rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS,
(void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
}
tservice =
rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats",
securityClasses, numClasses, RXSTATS_ExecuteRequest);
if (tservice == (struct rx_service *)0) {
fprintf(stderr, "ptserver: Could not create new rx service.\n");
PT_EXIT(3);
}
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, 4);
/* allow super users to manage RX statistics */
rx_SetRxStatUserOk(pr_rxstat_userok);
LogCommandLine(argc, argv, "ptserver",
#if defined(SUPERGROUPS)
"1.1",
#else
"1.0",
#endif
"Starting AFS", FSLog);
if (afsconf_GetLatestKey(prdir, NULL, NULL) == 0) {
LogDesWarning();
}
rx_StartServer(1);
osi_audit(PTS_FinishEvent, -1, AUD_END);
exit(0);
}
