/***************************************************************************
create a child process to handle DNS lookups
****************************************************************************/
void start_async_dns(void)
{
int fd1[2], fd2[2];
CatchChild();
if (pipe(fd1) || pipe(fd2)) {
DEBUG(0,("can't create asyncdns pipes\n"));
return;
}
child_pid = sys_fork();
if (child_pid) {
fd_in = fd1[0];
fd_out = fd2[1];
close(fd1[1]);
close(fd2[0]);
DEBUG(0,("started asyncdns process %d\n", (int)child_pid));
return;
}
fd_in = fd2[0];
fd_out = fd1[1];
CatchSignal(SIGUSR2, SIG_IGN);
CatchSignal(SIGUSR1, SIG_IGN);
CatchSignal(SIGHUP, SIG_IGN);
CatchSignal(SIGTERM, SIGNAL_CAST sig_term );
asyncdns_process();
}
void sync_browse_lists(struct work_record *work,
char *name, int nm_type,
struct in_addr ip, bool local, bool servers)
{
struct sync_record *s;
static int counter;
START_PROFILE(sync_browse_lists);
/* Check we're not trying to sync with ourselves. This can
happen if we are a domain *and* a local master browser. */
if (ismyip_v4(ip)) {
done:
END_PROFILE(sync_browse_lists);
return;
}
s = SMB_MALLOC_P(struct sync_record);
if (!s) goto done;
ZERO_STRUCTP(s);
unstrcpy(s->workgroup, work->work_group);
unstrcpy(s->server, name);
s->ip = ip;
if (asprintf(&s->fname, "%s/sync.%d", lp_lockdir(), counter++) < 0) {
SAFE_FREE(s);
goto done;
}
/* Safe to use as 0 means no size change. */
all_string_sub(s->fname,"//", "/", 0);
DLIST_ADD(syncs, s);
/* the parent forks and returns, leaving the child to do the
actual sync and call END_PROFILE*/
CatchChild();
if ((s->pid = sys_fork())) return;
BlockSignals( False, SIGTERM );
DEBUG(2,("Initiating browse sync for %s to %s(%s)\n",
work->work_group, name, inet_ntoa(ip)));
fp = x_fopen(s->fname,O_WRONLY|O_CREAT|O_TRUNC, 0644);
if (!fp) {
END_PROFILE(sync_browse_lists);
_exit(1);
}
sync_child(name, nm_type, work->work_group, ip, local, servers,
s->fname);
x_fclose(fp);
END_PROFILE(sync_browse_lists);
_exit(0);
}
static void winbind_msg_validate_cache(struct messaging_context *msg_ctx,
void *private_data,
uint32_t msg_type,
struct server_id server_id,
DATA_BLOB *data)
{
uint8 ret;
pid_t child_pid;
struct sigaction act;
struct sigaction oldact;
DEBUG(10, ("winbindd_msg_validate_cache: got validate-cache "
"message.\n"));
/*
* call the validation code from a child:
* so we don't block the main winbindd and the validation
* code can safely use fork/waitpid...
*/
CatchChild();
child_pid = sys_fork();
if (child_pid == -1) {
DEBUG(1, ("winbind_msg_validate_cache: Could not fork: %s\n",
strerror(errno)));
return;
}
if (child_pid != 0) {
/* parent */
DEBUG(5, ("winbind_msg_validate_cache: child created with "
"pid %d.\n", (int)child_pid));
return;
}
/* child */
/* install default SIGCHLD handler: validation code uses fork/waitpid */
ZERO_STRUCT(act);
act.sa_handler = SIG_DFL;
#ifdef SA_RESTART
/* We *want* SIGALRM to interrupt a system call. */
act.sa_flags = SA_RESTART;
#endif
sigemptyset(&act.sa_mask);
sigaddset(&act.sa_mask,SIGCHLD);
sigaction(SIGCHLD,&act,&oldact);
ret = (uint8)winbindd_validate_cache_nobackup();
DEBUG(10, ("winbindd_msg_validata_cache: got return value %d\n", ret));
messaging_send_buf(msg_ctx, server_id, MSG_WINBIND_VALIDATE_CACHE, &ret,
(size_t)1);
_exit(0);
}
static void start_filter(char *desthost)
{
int s, c;
struct in_addr dest_ip;
CatchChild();
/* start listening on port 445 locally */
s = open_socket_in(SOCK_STREAM, 445, 0, 0, True);
if (s == -1) {
d_printf("bind failed\n");
exit(1);
}
if (listen(s, 5) == -1) {
d_printf("listen failed\n");
}
if (!resolve_name(desthost, &dest_ip, 0x20)) {
d_printf("Unable to resolve host %s\n", desthost);
exit(1);
}
while (1) {
fd_set fds;
int num;
struct sockaddr addr;
socklen_t in_addrlen = sizeof(addr);
FD_ZERO(&fds);
FD_SET(s, &fds);
num = sys_select_intr(s+1,&fds,NULL,NULL,NULL);
if (num > 0) {
c = accept(s, &addr, &in_addrlen);
if (c != -1) {
if (fork() == 0) {
close(s);
filter_child(c, dest_ip);
exit(0);
} else {
close(c);
}
}
}
}
}
static void start_filter(char *desthost)
{
int s, c;
struct sockaddr_storage dest_ss;
struct sockaddr_storage my_ss;
CatchChild();
/* start listening on port 445 locally */
zero_sockaddr(&my_ss);
s = open_socket_in(SOCK_STREAM, TCP_SMB_PORT, 0, &my_ss, True);
if (s == -1) {
d_printf("bind failed\n");
exit(1);
}
if (listen(s, 5) == -1) {
d_printf("listen failed\n");
}
if (!resolve_name(desthost, &dest_ss, 0x20, false)) {
d_printf("Unable to resolve host %s\n", desthost);
exit(1);
}
while (1) {
int num, revents;
struct sockaddr_storage ss;
socklen_t in_addrlen = sizeof(ss);
num = poll_intr_one_fd(s, POLLIN|POLLHUP, -1, &revents);
if ((num > 0) && (revents & (POLLIN|POLLHUP|POLLERR))) {
c = accept(s, (struct sockaddr *)&ss, &in_addrlen);
if (c != -1) {
if (fork() == 0) {
close(s);
filter_child(c, &dest_ss);
exit(0);
} else {
close(c);
}
}
}
}
}
static BOOL chat_with_program(char *passwordprogram,char *name,char *chatsequence, BOOL as_root)
{
char *slavedev;
int master;
pid_t pid, wpid;
int wstat;
BOOL chstat = False;
/* allocate a pseudo-terminal device */
if ((master = findpty (&slavedev)) < 0) {
DEBUG(3,("Cannot Allocate pty for password change: %s\n",name));
return(False);
}
/*
* We need to temporarily stop CatchChild from eating
* SIGCLD signals as it also eats the exit status code. JRA.
*/
CatchChildLeaveStatus();
#ifdef __uClinux__
/* Hmmm, need to check this one further... */
DEBUG(0,("%s(%d): vfork()ing\n",__FILE__,__LINE__));
if ((pid = vfork()) < 0) {
#else
if ((pid = fork()) < 0) {
#endif
DEBUG(3,("Cannot fork() child for password change: %s\n",name));
close(master);
CatchChild();
return(False);
}
/* we now have a pty */
if (pid > 0){ /* This is the parent process */
if ((chstat = talktochild(master, chatsequence)) == False) {
DEBUG(3,("Child failed to change password: %s\n",name));
kill(pid, SIGKILL); /* be sure to end this process */
}
while((wpid = sys_waitpid(pid, &wstat, 0)) < 0) {
if(errno == EINTR) {
errno = 0;
continue;
}
break;
}
if (wpid < 0) {
DEBUG(3,("The process is no longer waiting!\n\n"));
close(master);
CatchChild();
return(False);
}
/*
* Go back to ignoring children.
*/
CatchChild();
close(master);
if (pid != wpid) {
DEBUG(3,("We were waiting for the wrong process ID\n"));
return(False);
}
if (WIFEXITED(wstat) == 0) {
DEBUG(3,("The process exited while we were waiting\n"));
return(False);
}
if (WEXITSTATUS(wstat) != 0) {
DEBUG(3,("The status of the process exiting was %d\n", wstat));
return(False);
}
} else {
/* CHILD */
/*
* Lose any oplock capabilities.
*/
set_process_capability(KERNEL_OPLOCK_CAPABILITY, False);
set_inherited_process_capability(KERNEL_OPLOCK_CAPABILITY, False);
/* make sure it doesn't freeze */
alarm(20);
if (as_root)
become_root(False);
DEBUG(3,("Dochild for user %s (uid=%d,gid=%d)\n",name,(int)getuid(),(int)getgid()));
chstat = dochild(master, slavedev, name, passwordprogram, as_root);
/*
* The child should never return from dochild() ....
*/
DEBUG(0,("chat_with_program: Error: dochild() returned %d\n", chstat ));
exit(1);
}
if (chstat)
DEBUG(3,("Password change %ssuccessful for user %s\n", (chstat?"":"un"), name));
return (chstat);
}
BOOL chgpasswd(char *name,char *oldpass,char *newpass, BOOL as_root)
{
pstring passwordprogram;
pstring chatsequence;
size_t i;
size_t len;
strlower(name);
DEBUG(3,("Password change for user: %s\n",name));
#if DEBUG_PASSWORD
DEBUG(100,("Passwords: old=%s new=%s\n",oldpass,newpass));
#endif
/* Take the passed information and test it for minimum criteria */
/* Minimum password length */
if (strlen(newpass) < lp_min_passwd_length()) /* too short, must be at least MINPASSWDLENGTH */
{
DEBUG(0,("Password Change: user %s, New password is shorter than minimum password length = %d\n",
name, lp_min_passwd_length()));
return (False); /* inform the user */
}
/* Password is same as old password */
if (strcmp(oldpass,newpass) == 0) /* don't allow same password */
{
DEBUG(2,("Password Change: %s, New password is same as old\n",name)); /* log the attempt */
return (False); /* inform the user */
}
pstrcpy(passwordprogram,lp_passwd_program());
pstrcpy(chatsequence,lp_passwd_chat());
if (!*chatsequence) {
DEBUG(2,("Null chat sequence - no password changing\n"));
return(False);
}
if (!*passwordprogram) {
DEBUG(2,("Null password program - no password changing\n"));
return(False);
}
/*
* Check the old and new passwords don't contain any control
* characters.
*/
len = strlen(oldpass);
for(i = 0; i < len; i++) {
if (iscntrl((int)oldpass[i])) {
DEBUG(0,("chat_with_program: oldpass contains control characters (disallowed).\n"));
return False;
}
}
len = strlen(newpass);
for(i = 0; i < len; i++) {
if (iscntrl((int)newpass[i])) {
DEBUG(0,("chat_with_program: newpass contains control characters (disallowed).\n"));
return False;
}
}
pstring_sub(passwordprogram,"%u",name);
/* note that we do NOT substitute the %o and %n in the password program
as this would open up a security hole where the user could use
a new password containing shell escape characters */
pstring_sub(chatsequence,"%u",name);
all_string_sub(chatsequence,"%o",oldpass,sizeof(pstring));
all_string_sub(chatsequence,"%n",newpass,sizeof(pstring));
return(chat_with_program(passwordprogram,name,chatsequence, as_root));
}
/****************************************************************************
run a command being careful about uid/gid handling and putting the output in
outfile (or discard it if outfile is NULL).
if shared is True then ensure the file will be writeable by all users
but created such that its owned by root. This overcomes a security hole.
if shared is not set then open the file with O_EXCL set
****************************************************************************/
int smbrun(char *cmd,char *outfile,BOOL shared)
{
int fd;
pid_t pid;
uid_t uid = current_user.uid;
gid_t gid = current_user.gid;
/*
* Lose any kernel oplock capabilities we may have.
*/
set_process_capability(KERNEL_OPLOCK_CAPABILITY, False);
set_inherited_process_capability(KERNEL_OPLOCK_CAPABILITY, False);
#ifndef HAVE_EXECL
int ret;
pstring syscmd;
char *path = lp_smbrun();
/* in the old method we use system() to execute smbrun which then
executes the command (using system() again!). This involves lots
of shell launches and is very slow. It also suffers from a
potential security hole */
if (!file_exist(path,NULL)) {
DEBUG(0,("SMBRUN ERROR: Can't find %s. Installation problem?\n",path));
return(1);
}
slprintf(syscmd,sizeof(syscmd)-1,"%s %d %d \"(%s 2>&1) > %s\"",
path,(int)uid,(int)gid,cmd,
outfile?outfile:"/dev/null");
DEBUG(5,("smbrun - running %s ",syscmd));
ret = system(syscmd);
DEBUG(5,("gave %d\n",ret));
return(ret);
#else
/* in this newer method we will exec /bin/sh with the correct
arguments, after first setting stdout to point at the file */
/*
* We need to temporarily stop CatchChild from eating
* SIGCLD signals as it also eats the exit status code. JRA.
*/
CatchChildLeaveStatus();
if ((pid=fork()) < 0) {
DEBUG(0,("smbrun: fork failed with error %s\n", strerror(errno) ));
CatchChild();
return errno;
}
if (pid) {
/*
* Parent.
*/
int status=0;
pid_t wpid;
/* the parent just waits for the child to exit */
while((wpid = sys_waitpid(pid,&status,0)) < 0) {
if(errno == EINTR) {
errno = 0;
continue;
}
break;
}
CatchChild();
if (wpid != pid) {
DEBUG(2,("waitpid(%d) : %s\n",(int)pid,strerror(errno)));
return -1;
}
#if defined(WIFEXITED) && defined(WEXITSTATUS)
if (WIFEXITED(status)) {
return WEXITSTATUS(status);
}
#endif
return status;
}
CatchChild();
/* we are in the child. we exec /bin/sh to do the work for us. we
don't directly exec the command we want because it may be a
pipeline or anything else the config file specifies */
/* point our stdout at the file we want output to go into */
if (outfile && !setup_stdout_file(outfile,shared)) {
exit(80);
}
/* now completely lose our privileges. This is a fairly paranoid
way of doing it, but it does work on all systems that I know of */
become_user_permanently(uid, gid);
if (getuid() != uid || geteuid() != uid ||
getgid() != gid || getegid() != gid) {
/* we failed to lose our privileges - do not execute
the command */
exit(81); /* we can't print stuff at this stage,
instead use exit codes for debugging */
}
/* close all other file descriptors, leaving only 0, 1 and 2. 0 and
2 point to /dev/null from the startup code */
for (fd=3;fd<256;fd++) close(fd);
execl("/bin/sh","sh","-c",cmd,NULL);
/* not reached */
exit(82);
#endif
return 1;
}
static BOOL chat_with_program(char *passwordprogram,char *name,char *chatsequence, BOOL as_root)
{
char *slavedev;
int master;
pid_t pid, wpid;
int wstat;
BOOL chstat = False;
/* allocate a pseudo-terminal device */
if ((master = findpty (&slavedev)) < 0) {
DEBUG(3,("Cannot Allocate pty for password change: %s\n",name));
return(False);
}
/*
* We need to temporarily stop CatchChild from eating
* SIGCLD signals as it also eats the exit status code. JRA.
*/
CatchChildLeaveStatus();
if ((pid = fork()) < 0) {
DEBUG(3,("Cannot fork() child for password change: %s\n",name));
close(master);
CatchChild();
return(False);
}
/* we now have a pty */
if (pid > 0){ /* This is the parent process */
if ((chstat = talktochild(master, chatsequence)) == False) {
DEBUG(3,("Child failed to change password: %s\n",name));
kill(pid, SIGKILL); /* be sure to end this process */
}
while((wpid = sys_waitpid(pid, &wstat, 0)) < 0) {
if(errno == EINTR) {
errno = 0;
continue;
}
break;
}
if (wpid < 0) {
DEBUG(3,("The process is no longer waiting!\n\n"));
close(master);
CatchChild();
return(False);
}
/*
* Go back to ignoring children.
*/
CatchChild();
close(master);
if (pid != wpid) {
DEBUG(3,("We were waiting for the wrong process ID\n"));
return(False);
}
if (WIFEXITED(wstat) == 0) {
DEBUG(3,("The process exited while we were waiting\n"));
return(False);
}
if (WEXITSTATUS(wstat) != 0) {
DEBUG(3,("The status of the process exiting was %d\n", wstat));
return(False);
}
} else {
/* CHILD */
/*
* Lose any oplock capabilities.
*/
set_process_capability(KERNEL_OPLOCK_CAPABILITY, False);
set_inherited_process_capability(KERNEL_OPLOCK_CAPABILITY, False);
/* make sure it doesn't freeze */
alarm(20);
if (as_root)
become_root(False);
DEBUG(3,("Dochild for user %s (uid=%d,gid=%d)\n",name,(int)getuid(),(int)getgid()));
chstat = dochild(master, slavedev, name, passwordprogram, as_root);
/*
* The child should never return from dochild() ....
*/
DEBUG(0,("chat_with_program: Error: dochild() returned %d\n", chstat ));
exit(1);
}
if (chstat)
DEBUG(3,("Password change %ssuccessful for user %s\n", (chstat?"":"un"), name));
return (chstat);
}
int main(int argc,const char *argv[])
{
/* shall I run as a daemon */
bool is_daemon = false;
bool interactive = false;
bool Fork = true;
bool no_process_group = false;
bool log_stdout = false;
char *ports = NULL;
char *profile_level = NULL;
int opt;
poptContext pc;
bool print_build_options = False;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_FORK,
OPT_NO_PROCESS_GROUP,
OPT_LOG_STDOUT
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"},
{"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" },
{"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
{"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" },
{"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"},
{"profiling-level", 'P', POPT_ARG_STRING, &profile_level, 0, "Set profiling level","PROFILE_LEVEL"},
POPT_COMMON_SAMBA
POPT_COMMON_DYNCONFIG
POPT_TABLEEND
};
struct smbd_parent_context *parent = NULL;
TALLOC_CTX *frame;
NTSTATUS status;
uint64_t unique_id;
struct tevent_context *ev_ctx;
struct messaging_context *msg_ctx;
/*
* Do this before any other talloc operation
*/
talloc_enable_null_tracking();
frame = talloc_stackframe();
setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
load_case_tables();
smbd_init_globals();
TimeInit();
#ifdef HAVE_SET_AUTH_PARAMETERS
set_auth_parameters(argc,argv);
#endif
pc = poptGetContext("smbd", argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_DAEMON:
is_daemon = true;
break;
case OPT_INTERACTIVE:
interactive = true;
break;
case OPT_FORK:
Fork = false;
break;
case OPT_NO_PROCESS_GROUP:
no_process_group = true;
break;
case OPT_LOG_STDOUT:
log_stdout = true;
break;
case 'b':
print_build_options = True;
break;
default:
d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
exit(1);
}
}
poptFreeContext(pc);
if (interactive) {
Fork = False;
log_stdout = True;
}
if (log_stdout) {
setup_logging(argv[0], DEBUG_STDOUT);
} else {
setup_logging(argv[0], DEBUG_FILE);
}
if (print_build_options) {
build_options(True); /* Display output to screen as well as debug */
exit(0);
}
#ifdef HAVE_SETLUID
/* needed for SecureWare on SCO */
setluid(0);
#endif
set_remote_machine_name("smbd", False);
if (interactive && (DEBUGLEVEL >= 9)) {
talloc_enable_leak_report();
}
if (log_stdout && Fork) {
DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
exit(1);
}
/* we want to re-seed early to prevent time delays causing
client problems at a later date. (tridge) */
generate_random_buffer(NULL, 0);
/* get initial effective uid and gid */
sec_init();
/* make absolutely sure we run as root - to handle cases where people
are crazy enough to have it setuid */
gain_root_privilege();
gain_root_group_privilege();
fault_setup();
dump_core_setup("smbd", lp_logfile());
/* we are never interested in SIGPIPE */
BlockSignals(True,SIGPIPE);
#if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals(True,SIGFPE);
#endif
#if defined(SIGUSR2)
/* We are no longer interested in USR2 */
BlockSignals(True,SIGUSR2);
#endif
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked, we will have problems, as we won't recieve them. */
BlockSignals(False, SIGHUP);
BlockSignals(False, SIGUSR1);
BlockSignals(False, SIGTERM);
/* Ensure we leave no zombies until we
* correctly set up child handling below. */
CatchChild();
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask(0);
reopen_logs();
DEBUG(0,("smbd version %s started.\n", samba_version_string()));
DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
(int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
/* Output the build options to the debug log */
build_options(False);
if (sizeof(uint16) < 2 || sizeof(uint32) < 4) {
DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
exit(1);
}
if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
exit(1);
}
/* Init the security context and global current_user */
init_sec_ctx();
/*
* Initialize the event context. The event context needs to be
* initialized before the messaging context, cause the messaging
* context holds an event context.
* FIXME: This should be s3_tevent_context_init()
*/
ev_ctx = server_event_context();
if (ev_ctx == NULL) {
exit(1);
}
/*
* Init the messaging context
* FIXME: This should only call messaging_init()
*/
msg_ctx = server_messaging_context();
if (msg_ctx == NULL) {
exit(1);
}
/*
* Reloading of the printers will not work here as we don't have a
* server info and rpc services set up. It will be called later.
*/
if (!reload_services(NULL, -1, False)) {
exit(1);
}
/* ...NOTE... Log files are working from this point! */
DEBUG(3,("loaded services\n"));
init_structs();
#ifdef WITH_PROFILE
if (!profile_setup(msg_ctx, False)) {
DEBUG(0,("ERROR: failed to setup profiling\n"));
return -1;
}
if (profile_level != NULL) {
int pl = atoi(profile_level);
struct server_id src;
DEBUG(1, ("setting profiling level: %s\n",profile_level));
src.pid = getpid();
set_profile_level(pl, src);
}
#endif
if (!is_daemon && !is_a_socket(0)) {
if (!interactive)
DEBUG(0,("standard input is not a socket, assuming -D option\n"));
/*
* Setting is_daemon here prevents us from eventually calling
* the open_sockets_inetd()
*/
is_daemon = True;
}
if (is_daemon && !interactive) {
DEBUG( 3, ( "Becoming a daemon.\n" ) );
become_daemon(Fork, no_process_group, log_stdout);
}
generate_random_buffer((uint8_t *)&unique_id, sizeof(unique_id));
set_my_unique_id(unique_id);
#if HAVE_SETPGID
/*
* If we're interactive we want to set our own process group for
* signal management.
*/
if (interactive && !no_process_group)
setpgid( (pid_t)0, (pid_t)0);
#endif
if (!directory_exist(lp_lockdir()))
mkdir(lp_lockdir(), 0755);
if (is_daemon)
pidfile_create("smbd");
status = reinit_after_fork(msg_ctx,
ev_ctx,
procid_self(), false);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("reinit_after_fork() failed\n"));
exit(1);
}
smbd_server_conn->msg_ctx = msg_ctx;
smbd_setup_sig_term_handler();
smbd_setup_sig_hup_handler(ev_ctx,
msg_ctx);
/* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
if (smbd_memcache() == NULL) {
exit(1);
}
memcache_set_global(smbd_memcache());
/* Initialise the password backed before the global_sam_sid
to ensure that we fetch from ldap before we make a domain sid up */
if(!initialize_password_db(false, ev_ctx))
exit(1);
if (!secrets_init()) {
DEBUG(0, ("ERROR: smbd can not open secrets.tdb\n"));
exit(1);
}
if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) {
struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_context());
if (!open_schannel_session_store(NULL, lp_ctx)) {
DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n"));
exit(1);
}
TALLOC_FREE(lp_ctx);
}
if(!get_global_sam_sid()) {
DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n"));
exit(1);
}
if (!sessionid_init()) {
exit(1);
}
if (!connections_init(True))
exit(1);
if (!locking_init())
exit(1);
if (!messaging_tdb_parent_init(ev_ctx)) {
exit(1);
}
if (!notify_internal_parent_init(ev_ctx)) {
exit(1);
}
if (!serverid_parent_init(ev_ctx)) {
exit(1);
}
if (!W_ERROR_IS_OK(registry_init_full()))
exit(1);
/* Open the share_info.tdb here, so we don't have to open
after the fork on every single connection. This is a small
performance improvment and reduces the total number of system
fds used. */
if (!share_info_db_init()) {
DEBUG(0,("ERROR: failed to load share info db.\n"));
exit(1);
}
status = init_system_info();
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("ERROR: failed to setup system user info: %s.\n",
nt_errstr(status)));
return -1;
}
if (!init_guest_info()) {
DEBUG(0,("ERROR: failed to setup guest info.\n"));
return -1;
}
if (!file_init(smbd_server_conn)) {
DEBUG(0, ("ERROR: file_init failed\n"));
return -1;
}
/* This MUST be done before start_epmd() because otherwise
* start_epmd() forks and races against dcesrv_ep_setup() to
* call directory_create_or_exist() */
if (!directory_create_or_exist(lp_ncalrpc_dir(), geteuid(), 0755)) {
DEBUG(0, ("Failed to create pipe directory %s - %s\n",
lp_ncalrpc_dir(), strerror(errno)));
return -1;
}
if (is_daemon && !interactive) {
if (rpc_epmapper_daemon() == RPC_DAEMON_FORK) {
start_epmd(ev_ctx, msg_ctx);
}
}
if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) {
exit(1);
}
/* only start other daemons if we are running as a daemon
* -- bad things will happen if smbd is launched via inetd
* and we fork a copy of ourselves here */
if (is_daemon && !interactive) {
if (rpc_lsasd_daemon() == RPC_DAEMON_FORK) {
start_lsasd(ev_ctx, msg_ctx);
}
if (!_lp_disable_spoolss() &&
(rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
bool bgq = lp_parm_bool(-1, "smbd", "backgroundqueue", true);
if (!printing_subsystem_init(ev_ctx, msg_ctx, true, bgq)) {
exit(1);
}
}
} else if (!_lp_disable_spoolss() &&
(rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
if (!printing_subsystem_init(ev_ctx, msg_ctx, false, false)) {
exit(1);
}
}
if (!is_daemon) {
/* inetd mode */
TALLOC_FREE(frame);
/* Started from inetd. fd 0 is the socket. */
/* We will abort gracefully when the client or remote system
goes away */
smbd_server_conn->sock = dup(0);
/* close our standard file descriptors */
if (!debug_get_output_is_stdout()) {
close_low_fds(False); /* Don't close stderr */
}
#ifdef HAVE_ATEXIT
atexit(killkids);
#endif
/* Stop zombies */
smbd_setup_sig_chld_handler(ev_ctx);
smbd_process(ev_ctx, smbd_server_conn);
exit_server_cleanly(NULL);
return(0);
}
parent = talloc_zero(ev_ctx, struct smbd_parent_context);
if (!parent) {
exit_server("talloc(struct smbd_parent_context) failed");
}
parent->interactive = interactive;
if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports))
exit_server("open_sockets_smbd() failed");
/* do a printer update now that all messaging has been set up,
* before we allow clients to start connecting */
printing_subsystem_update(ev_ctx, msg_ctx, false);
TALLOC_FREE(frame);
/* make sure we always have a valid stackframe */
frame = talloc_stackframe();
smbd_parent_loop(ev_ctx, parent);
exit_server_cleanly(NULL);
TALLOC_FREE(frame);
return(0);
}
static void smbd_accept_connection(struct tevent_context *ev,
struct tevent_fd *fde,
uint16_t flags,
void *private_data)
{
struct smbd_open_socket *s = talloc_get_type_abort(private_data,
struct smbd_open_socket);
struct messaging_context *msg_ctx = s->msg_ctx;
struct smbd_server_connection *sconn = msg_ctx_to_sconn(msg_ctx);
struct sockaddr_storage addr;
socklen_t in_addrlen = sizeof(addr);
int fd;
pid_t pid = 0;
uint64_t unique_id;
fd = accept(s->fd, (struct sockaddr *)(void *)&addr,&in_addrlen);
sconn->sock = fd;
if (fd == -1 && errno == EINTR)
return;
if (fd == -1) {
DEBUG(0,("open_sockets_smbd: accept: %s\n",
strerror(errno)));
return;
}
if (s->parent->interactive) {
smbd_process(ev, sconn);
exit_server_cleanly("end of interactive mode");
return;
}
if (!allowable_number_of_smbd_processes()) {
close(fd);
sconn->sock = -1;
return;
}
/*
* Generate a unique id in the parent process so that we use
* the global random state in the parent.
*/
generate_random_buffer((uint8_t *)&unique_id, sizeof(unique_id));
pid = sys_fork();
if (pid == 0) {
NTSTATUS status = NT_STATUS_OK;
/* Child code ... */
am_parent = 0;
set_my_unique_id(unique_id);
/* Stop zombies, the parent explicitly handles
* them, counting worker smbds. */
CatchChild();
/* close our standard file
descriptors */
if (!debug_get_output_is_stdout()) {
close_low_fds(False); /* Don't close stderr */
}
/*
* Can't use TALLOC_FREE here. Nulling out the argument to it
* would overwrite memory we've just freed.
*/
talloc_free(s->parent);
s = NULL;
status = reinit_after_fork(msg_ctx,
ev,
procid_self(),
true);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,
NT_STATUS_TOO_MANY_OPENED_FILES)) {
DEBUG(0,("child process cannot initialize "
"because too many files are open\n"));
goto exit;
}
if (lp_clustering() &&
NT_STATUS_EQUAL(status,
NT_STATUS_INTERNAL_DB_ERROR)) {
DEBUG(1,("child process cannot initialize "
"because connection to CTDB "
"has failed\n"));
goto exit;
}
DEBUG(0,("reinit_after_fork() failed\n"));
smb_panic("reinit_after_fork() failed");
}
smbd_setup_sig_term_handler();
smbd_setup_sig_hup_handler(ev,
msg_ctx);
if (!serverid_register(procid_self(),
FLAG_MSG_GENERAL|FLAG_MSG_SMBD
|FLAG_MSG_DBWRAP
|FLAG_MSG_PRINT_GENERAL)) {
exit_server_cleanly("Could not register myself in "
"serverid.tdb");
}
smbd_process(ev, sconn);
exit:
exit_server_cleanly("end of child");
return;
}
if (pid < 0) {
DEBUG(0,("smbd_accept_connection: sys_fork() failed: %s\n",
strerror(errno)));
}
/* The parent doesn't need this socket */
close(fd);
/* Sun May 6 18:56:14 2001 [email protected]:
Clear the closed fd info out of server_fd --
and more importantly, out of client_fd in
util_sock.c, to avoid a possible
getpeername failure if we reopen the logs
and use %I in the filename.
*/
sconn->sock = -1;
if (pid != 0) {
add_child_pid(pid);
}
/* Force parent to check log size after
* spawning child. Fix from
* [email protected]. The
* parent smbd will log to logserver.smb. It
* writes only two messages for each child
* started/finished. But each child writes,
* say, 50 messages also in logserver.smb,
* begining with the debug_count of the
* parent, before the child opens its own log
* file logserver.client. In a worst case
* scenario the size of logserver.smb would be
* checked after about 50*50=2500 messages
* (ca. 100kb).
* */
force_check_log_size();
}
int main(int argc, const char *argv[])
{
bool is_daemon = false;
bool opt_interactive = false;
bool Fork = true;
bool no_process_group = false;
bool log_stdout = false;
poptContext pc;
char *p_lmhosts = NULL;
int opt;
struct messaging_context *msg;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_FORK,
OPT_NO_PROCESS_GROUP,
OPT_LOG_STDOUT
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon(default)" },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)" },
{"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools & etc)" },
{"no-process-group", 0, POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
{"hosts", 'H', POPT_ARG_STRING, &p_lmhosts, 0, "Load a netbios hosts file"},
{"port", 'p', POPT_ARG_INT, &global_nmb_port, 0, "Listen on the specified port" },
POPT_COMMON_SAMBA
POPT_COMMON_DYNCONFIG
POPT_TABLEEND
};
TALLOC_CTX *frame;
NTSTATUS status;
bool ok;
/*
* Do this before any other talloc operation
*/
talloc_enable_null_tracking();
frame = talloc_stackframe();
/*
* We want total control over the permissions on created files,
* so set our umask to 0.
*/
umask(0);
setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
load_case_tables();
global_nmb_port = NMB_PORT;
pc = poptGetContext("nmbd", argc, argv, long_options, 0);
while ((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_DAEMON:
is_daemon = true;
break;
case OPT_INTERACTIVE:
opt_interactive = true;
break;
case OPT_FORK:
Fork = false;
break;
case OPT_NO_PROCESS_GROUP:
no_process_group = true;
break;
case OPT_LOG_STDOUT:
log_stdout = true;
break;
default:
d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
exit(1);
}
};
poptFreeContext(pc);
global_in_nmbd = true;
StartupTime = time(NULL);
sys_srandom(time(NULL) ^ getpid());
if (!override_logfile) {
char *lfile = NULL;
if (asprintf(&lfile, "%s/log.nmbd", get_dyn_LOGFILEBASE()) < 0) {
exit(1);
}
lp_set_logfile(lfile);
SAFE_FREE(lfile);
}
fault_setup();
dump_core_setup("nmbd", lp_logfile(talloc_tos()));
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked, we will have problems, as we won't receive them. */
BlockSignals(False, SIGHUP);
BlockSignals(False, SIGUSR1);
BlockSignals(False, SIGTERM);
#if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals(True,SIGFPE);
#endif
/* We no longer use USR2... */
#if defined(SIGUSR2)
BlockSignals(True, SIGUSR2);
#endif
/* Ignore children - no zombies. */
CatchChild();
if ( opt_interactive ) {
Fork = False;
log_stdout = True;
}
if ( log_stdout && Fork ) {
DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
exit(1);
}
if (log_stdout) {
setup_logging(argv[0], DEBUG_STDOUT);
} else {
setup_logging( argv[0], DEBUG_FILE);
}
reopen_logs();
DEBUG(0,("nmbd version %s started.\n", samba_version_string()));
DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
exit(1);
}
reopen_logs();
if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC
&& !lp_parm_bool(-1, "server role check", "inhibit", false)) {
/* TODO: when we have a merged set of defaults for
* loadparm, we could possibly check if the internal
* nbt server is in the list, and allow a startup if disabled */
DEBUG(0, ("server role = 'active directory domain controller' not compatible with running nmbd standalone. \n"));
DEBUGADD(0, ("You should start 'samba' instead, and it will control starting the internal nbt server\n"));
exit(1);
}
msg = messaging_init(NULL, server_event_context());
if (msg == NULL) {
return 1;
}
if ( !reload_nmbd_services(False) )
return(-1);
if(!init_names())
return -1;
reload_nmbd_services( True );
if (strequal(lp_workgroup(),"*")) {
DEBUG(0,("ERROR: a workgroup name of * is no longer supported\n"));
exit(1);
}
set_samba_nb_type();
if (!is_daemon && !is_a_socket(0)) {
DEBUG(0,("standard input is not a socket, assuming -D option\n"));
is_daemon = True;
}
if (is_daemon && !opt_interactive) {
DEBUG( 2, ( "Becoming a daemon.\n" ) );
become_daemon(Fork, no_process_group, log_stdout);
}
#if HAVE_SETPGID
/*
* If we're interactive we want to set our own process group for
* signal management.
*/
if (opt_interactive && !no_process_group)
setpgid( (pid_t)0, (pid_t)0 );
#endif
#ifndef SYNC_DNS
/* Setup the async dns. We do it here so it doesn't have all the other
stuff initialised and thus chewing memory and sockets */
if(lp_we_are_a_wins_server() && lp_wins_dns_proxy()) {
start_async_dns(msg);
}
#endif
ok = directory_create_or_exist(lp_lockdir(), geteuid(), 0755);
if (!ok) {
exit_daemon("Failed to create directory for lock files, check 'lock directory'", errno);
}
ok = directory_create_or_exist(lp_piddir(), geteuid(), 0755);
if (!ok) {
exit_daemon("Failed to create directory for pid files, check 'pid directory'", errno);
}
pidfile_create(lp_piddir(), "nmbd");
status = reinit_after_fork(msg, nmbd_event_context(),
false);
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status));
}
/*
* Do not initialize the parent-child-pipe before becoming
* a daemon: this is used to detect a died parent in the child
* process.
*/
status = init_before_fork();
if (!NT_STATUS_IS_OK(status)) {
exit_daemon(nt_errstr(status), map_errno_from_nt_status(status));
}
if (!nmbd_setup_sig_term_handler(msg))
exit_daemon("NMBD failed to setup signal handler", EINVAL);
if (!nmbd_setup_stdin_handler(msg, !Fork))
exit_daemon("NMBD failed to setup stdin handler", EINVAL);
if (!nmbd_setup_sig_hup_handler(msg))
exit_daemon("NMBD failed to setup SIGHUP handler", EINVAL);
/* get broadcast messages */
if (!serverid_register(messaging_server_id(msg),
FLAG_MSG_GENERAL |
FLAG_MSG_NMBD |
FLAG_MSG_DBWRAP)) {
exit_daemon("Could not register NMBD process in serverid.tdb", EACCES);
}
messaging_register(msg, NULL, MSG_FORCE_ELECTION,
nmbd_message_election);
#if 0
/* Until winsrepl is done. */
messaging_register(msg, NULL, MSG_WINS_NEW_ENTRY,
nmbd_wins_new_entry);
#endif
messaging_register(msg, NULL, MSG_SHUTDOWN,
nmbd_terminate);
messaging_register(msg, NULL, MSG_SMB_CONF_UPDATED,
msg_reload_nmbd_services);
messaging_register(msg, NULL, MSG_SEND_PACKET,
msg_nmbd_send_packet);
TimeInit();
DEBUG( 3, ( "Opening sockets %d\n", global_nmb_port ) );
if ( !open_sockets( is_daemon, global_nmb_port ) ) {
kill_async_dns_child();
return 1;
}
/* Determine all the IP addresses we have. */
load_interfaces();
/* Create an nmbd subnet record for each of the above. */
if( False == create_subnets() ) {
kill_async_dns_child();
exit_daemon("NMBD failed when creating subnet lists", EACCES);
}
/* Load in any static local names. */
if (p_lmhosts) {
set_dyn_LMHOSTSFILE(p_lmhosts);
}
load_lmhosts_file(get_dyn_LMHOSTSFILE());
DEBUG(3,("Loaded hosts file %s\n", get_dyn_LMHOSTSFILE()));
/* If we are acting as a WINS server, initialise data structures. */
if( !initialise_wins() ) {
kill_async_dns_child();
exit_daemon( "NMBD failed when initialising WINS server.", EACCES);
}
/*
* Register nmbd primary workgroup and nmbd names on all
* the broadcast subnets, and on the WINS server (if specified).
* Also initiate the startup of our primary workgroup (start
* elections if we are setup as being able to be a local
* master browser.
*/
if( False == register_my_workgroup_and_names() ) {
kill_async_dns_child();
exit_daemon( "NMBD failed when creating my workgroup.", EACCES);
}
if (!initialize_nmbd_proxy_logon()) {
kill_async_dns_child();
exit_daemon( "NMBD failed to setup nmbd_proxy_logon.", EACCES);
}
if (!nmbd_init_packet_server()) {
kill_async_dns_child();
exit_daemon( "NMBD failed to setup packet server.", EACCES);
}
if (is_daemon && !opt_interactive) {
daemon_ready("nmbd");
}
TALLOC_FREE(frame);
process(msg);
kill_async_dns_child();
return(0);
}
static void smbd_accept_connection(struct tevent_context *ev,
struct tevent_fd *fde,
uint16_t flags,
void *private_data)
{
struct smbd_open_socket *s = talloc_get_type_abort(private_data,
struct smbd_open_socket);
struct messaging_context *msg_ctx = s->parent->msg_ctx;
struct sockaddr_storage addr;
socklen_t in_addrlen = sizeof(addr);
int fd;
pid_t pid = 0;
fd = accept(s->fd, (struct sockaddr *)(void *)&addr,&in_addrlen);
if (fd == -1 && errno == EINTR)
return;
if (fd == -1) {
DEBUG(0,("accept: %s\n",
strerror(errno)));
return;
}
if (s->parent->interactive) {
reinit_after_fork(msg_ctx, ev, true, NULL);
smbd_process(ev, msg_ctx, fd, true);
exit_server_cleanly("end of interactive mode");
return;
}
if (!allowable_number_of_smbd_processes(s->parent)) {
close(fd);
return;
}
pid = fork();
if (pid == 0) {
NTSTATUS status = NT_STATUS_OK;
/*
* Can't use TALLOC_FREE here. Nulling out the argument to it
* would overwrite memory we've just freed.
*/
talloc_free(s->parent);
s = NULL;
/* Stop zombies, the parent explicitly handles
* them, counting worker smbds. */
CatchChild();
status = smbd_reinit_after_fork(msg_ctx, ev, true, NULL);
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,
NT_STATUS_TOO_MANY_OPENED_FILES)) {
DEBUG(0,("child process cannot initialize "
"because too many files are open\n"));
goto exit;
}
if (lp_clustering() &&
NT_STATUS_EQUAL(status,
NT_STATUS_INTERNAL_DB_ERROR)) {
DEBUG(1,("child process cannot initialize "
"because connection to CTDB "
"has failed\n"));
goto exit;
}
DEBUG(0,("reinit_after_fork() failed\n"));
smb_panic("reinit_after_fork() failed");
}
smbd_process(ev, msg_ctx, fd, false);
exit:
exit_server_cleanly("end of child");
return;
}
if (pid < 0) {
DEBUG(0,("smbd_accept_connection: fork() failed: %s\n",
strerror(errno)));
}
/* The parent doesn't need this socket */
close(fd);
/* Sun May 6 18:56:14 2001 [email protected]:
Clear the closed fd info out of server_fd --
and more importantly, out of client_fd in
util_sock.c, to avoid a possible
getpeername failure if we reopen the logs
and use %I in the filename.
*/
if (pid != 0) {
add_child_pid(s->parent, pid);
}
/* Force parent to check log size after
* spawning child. Fix from
* [email protected]. The
* parent smbd will log to logserver.smb. It
* writes only two messages for each child
* started/finished. But each child writes,
* say, 50 messages also in logserver.smb,
* begining with the debug_count of the
* parent, before the child opens its own log
* file logserver.client. In a worst case
* scenario the size of logserver.smb would be
* checked after about 50*50=2500 messages
* (ca. 100kb).
* */
force_check_log_size();
}
static bool chat_with_program(char *passwordprogram, const struct passwd *pass,
char *chatsequence, bool as_root)
{
char *slavedev = NULL;
int master;
pid_t pid, wpid;
int wstat;
bool chstat = False;
if (pass == NULL) {
DEBUG(0, ("chat_with_program: user doesn't exist in the UNIX password database.\n"));
return False;
}
/* allocate a pseudo-terminal device */
if ((master = findpty(&slavedev)) < 0) {
DEBUG(3, ("chat_with_program: Cannot Allocate pty for password change: %s\n", pass->pw_name));
return (False);
}
/*
* We need to temporarily stop CatchChild from eating
* SIGCLD signals as it also eats the exit status code. JRA.
*/
CatchChildLeaveStatus();
if ((pid = sys_fork()) < 0) {
DEBUG(3, ("chat_with_program: Cannot fork() child for password change: %s\n", pass->pw_name));
SAFE_FREE(slavedev);
close(master);
CatchChild();
return (False);
}
/* we now have a pty */
if (pid > 0) { /* This is the parent process */
/* Don't need this anymore in parent. */
SAFE_FREE(slavedev);
if ((chstat = talktochild(master, chatsequence)) == False) {
DEBUG(3, ("chat_with_program: Child failed to change password: %s\n", pass->pw_name));
kill(pid, SIGKILL); /* be sure to end this process */
}
while ((wpid = sys_waitpid(pid, &wstat, 0)) < 0) {
if (errno == EINTR) {
errno = 0;
continue;
}
break;
}
if (wpid < 0) {
DEBUG(3, ("chat_with_program: The process is no longer waiting!\n\n"));
close(master);
CatchChild();
return (False);
}
/*
* Go back to ignoring children.
*/
CatchChild();
close(master);
if (pid != wpid) {
DEBUG(3, ("chat_with_program: We were waiting for the wrong process ID\n"));
return (False);
}
if (WIFEXITED(wstat) && (WEXITSTATUS(wstat) != 0)) {
DEBUG(3, ("chat_with_program: The process exited with status %d \
while we were waiting\n", WEXITSTATUS(wstat)));
return (False);
}
int smbrun(char *cmd, int *outfd)
{
pid_t pid;
uid_t uid = current_user.uid;
gid_t gid = current_user.gid;
/*
* Lose any kernel oplock capabilities we may have.
*/
oplock_set_capability(False, False);
/* point our stdout at the file we want output to go into */
if (outfd && ((*outfd = setup_out_fd()) == -1)) {
return -1;
}
/* in this method we will exec /bin/sh with the correct
arguments, after first setting stdout to point at the file */
/*
* We need to temporarily stop CatchChild from eating
* SIGCLD signals as it also eats the exit status code. JRA.
*/
CatchChildLeaveStatus();
if ((pid=sys_fork()) < 0) {
DEBUG(0,("smbrun: fork failed with error %s\n", strerror(errno) ));
CatchChild();
if (outfd) {
close(*outfd);
*outfd = -1;
}
return errno;
}
if (pid) {
/*
* Parent.
*/
int status=0;
pid_t wpid;
/* the parent just waits for the child to exit */
while((wpid = sys_waitpid(pid,&status,0)) < 0) {
if(errno == EINTR) {
errno = 0;
continue;
}
break;
}
CatchChild();
if (wpid != pid) {
DEBUG(2,("waitpid(%d) : %s\n",(int)pid,strerror(errno)));
if (outfd) {
close(*outfd);
*outfd = -1;
}
return -1;
}
/* Reset the seek pointer. */
if (outfd) {
sys_lseek(*outfd, 0, SEEK_SET);
}
#if defined(WIFEXITED) && defined(WEXITSTATUS)
if (WIFEXITED(status)) {
return WEXITSTATUS(status);
}
#endif
return status;
}
CatchChild();
/* we are in the child. we exec /bin/sh to do the work for us. we
don't directly exec the command we want because it may be a
pipeline or anything else the config file specifies */
/* point our stdout at the file we want output to go into */
if (outfd) {
close(1);
if (dup2(*outfd,1) != 1) {
DEBUG(2,("Failed to create stdout file descriptor\n"));
close(*outfd);
exit(80);
}
}
/* now completely lose our privileges. This is a fairly paranoid
way of doing it, but it does work on all systems that I know of */
become_user_permanently(uid, gid);
if (getuid() != uid || geteuid() != uid ||
getgid() != gid || getegid() != gid) {
/* we failed to lose our privileges - do not execute
the command */
exit(81); /* we can't print stuff at this stage,
instead use exit codes for debugging */
}
#ifndef __INSURE__
/* close all other file descriptors, leaving only 0, 1 and 2. 0 and
2 point to /dev/null from the startup code */
{
int fd;
for (fd=3;fd<256;fd++) close(fd);
}
#endif
execl("/bin/sh","sh","-c",cmd,NULL);
/* not reached */
exit(82);
return 1;
}
int smbrunsecret(const char *cmd, const char *secret)
{
OutputDebugString("smbrunsecret is not supported\n");
#ifndef _XBOX
pid_t pid;
uid_t uid = current_user.ut.uid;
gid_t gid = current_user.ut.gid;
int ifd[2];
/*
* Lose any elevated privileges.
*/
drop_effective_capability(KERNEL_OPLOCK_CAPABILITY);
drop_effective_capability(DMAPI_ACCESS_CAPABILITY);
/* build up an input pipe */
if(pipe(ifd)) {
return -1;
}
/* in this method we will exec /bin/sh with the correct
arguments, after first setting stdout to point at the file */
/*
* We need to temporarily stop CatchChild from eating
* SIGCLD signals as it also eats the exit status code. JRA.
*/
CatchChildLeaveStatus();
if ((pid=sys_fork()) < 0) {
DEBUG(0, ("smbrunsecret: fork failed with error %s\n", strerror(errno)));
CatchChild();
return errno;
}
if (pid) {
/*
* Parent.
*/
int status = 0;
pid_t wpid;
size_t towrite;
ssize_t wrote;
close(ifd[0]);
/* send the secret */
towrite = strlen(secret);
wrote = write(ifd[1], secret, towrite);
if ( wrote != towrite ) {
DEBUG(0,("smbrunsecret: wrote %ld of %lu bytes\n",(long)wrote,(unsigned long)towrite));
}
fsync(ifd[1]);
close(ifd[1]);
/* the parent just waits for the child to exit */
while((wpid = sys_waitpid(pid, &status, 0)) < 0) {
if(errno == EINTR) {
errno = 0;
continue;
}
break;
}
CatchChild();
if (wpid != pid) {
DEBUG(2, ("waitpid(%d) : %s\n", (int)pid, strerror(errno)));
return -1;
}
#if defined(WIFEXITED) && defined(WEXITSTATUS)
if (WIFEXITED(status)) {
return WEXITSTATUS(status);
}
#endif
return status;
}
CatchChild();
/* we are in the child. we exec /bin/sh to do the work for us. we
don't directly exec the command we want because it may be a
pipeline or anything else the config file specifies */
close(ifd[1]);
close(0);
if (sys_dup2(ifd[0], 0) != 0) {
DEBUG(2,("Failed to create stdin file descriptor\n"));
close(ifd[0]);
exit(80);
}
/* now completely lose our privileges. This is a fairly paranoid
way of doing it, but it does work on all systems that I know of */
become_user_permanently(uid, gid);
if (getuid() != uid || geteuid() != uid ||
getgid() != gid || getegid() != gid) {
/* we failed to lose our privileges - do not execute
the command */
exit(81); /* we can't print stuff at this stage,
instead use exit codes for debugging */
}
#ifndef __INSURE__
/* close all other file descriptors, leaving only 0, 1 and 2. 0 and
2 point to /dev/null from the startup code */
{
int fd;
for (fd = 3; fd < 256; fd++) close(fd);
}
#endif
execl("/bin/sh", "sh", "-c", cmd, NULL);
/* not reached */
exit(82);
#endif
return 1;
}
static BOOL open_sockets_smbd(BOOL is_daemon, BOOL interactive, const char *smb_ports)
{
int num_interfaces = iface_count();
int num_sockets = 0;
int fd_listenset[FD_SETSIZE];
fd_set listen_set;
int s;
int maxfd = 0;
int i;
char *ports;
if (!is_daemon) {
return open_sockets_inetd();
}
#ifdef HAVE_ATEXIT
{
static int atexit_set;
if(atexit_set == 0) {
atexit_set=1;
atexit(killkids);
}
}
#endif
#ifndef _XBOX
/* Stop zombies */
CatchChild();
#endif
FD_ZERO(&listen_set);
/* use a reasonable default set of ports - listing on 445 and 139 */
if (!smb_ports) {
ports = lp_smb_ports();
if (!ports || !*ports) {
ports = smb_xstrdup(SMB_PORTS);
} else {
ports = smb_xstrdup(ports);
}
} else {
ports = smb_xstrdup(smb_ports);
}
if (lp_interfaces() && lp_bind_interfaces_only()) {
/* We have been given an interfaces line, and been
told to only bind to those interfaces. Create a
socket per interface and bind to only these.
*/
/* Now open a listen socket for each of the
interfaces. */
for(i = 0; i < num_interfaces; i++) {
struct in_addr *ifip = iface_n_ip(i);
fstring tok;
const char *ptr;
if(ifip == NULL) {
DEBUG(0,("open_sockets_smbd: interface %d has NULL IP address !\n", i));
continue;
}
for (ptr=ports; next_token(&ptr, tok, " \t,", sizeof(tok)); ) {
unsigned port = atoi(tok);
if (port == 0) {
continue;
}
s = fd_listenset[num_sockets] = open_socket_in(SOCK_STREAM, port, 0, ifip->s_addr, True);
if(s == -1)
return False;
/* ready to listen */
set_socket_options(s,"SO_KEEPALIVE");
set_socket_options(s,user_socket_options);
/* Set server socket to non-blocking for the accept. */
set_blocking(s,False);
if (listen(s, SMBD_LISTEN_BACKLOG) == -1) {
DEBUG(0,("listen: %s\n",strerror(errno)));
close(s);
return False;
}
FD_SET(s,&listen_set);
maxfd = MAX( maxfd, s);
num_sockets++;
if (num_sockets >= FD_SETSIZE) {
DEBUG(0,("open_sockets_smbd: Too many sockets to bind to\n"));
return False;
}
}
}
} else {
/* Just bind to 0.0.0.0 - accept connections
from anywhere. */
fstring tok;
const char *ptr;
num_interfaces = 1;
for (ptr=ports; next_token(&ptr, tok, " \t,", sizeof(tok)); ) {
unsigned port = atoi(tok);
if (port == 0) continue;
/* open an incoming socket */
s = open_socket_in(SOCK_STREAM, port, 0,
interpret_addr(lp_socket_address()),True);
if (s == -1)
return(False);
/* ready to listen */
#ifndef _XBOX
set_socket_options(s,"SO_KEEPALIVE");
#endif
set_socket_options(s,user_socket_options);
/* Set server socket to non-blocking for the accept. */
set_blocking(s,False);
if (listen(s, SMBD_LISTEN_BACKLOG) == -1) {
DEBUG(0,("open_sockets_smbd: listen: %s\n",
strerror(errno)));
close(s);
return False;
}
fd_listenset[num_sockets] = s;
FD_SET(s,&listen_set);
maxfd = MAX( maxfd, s);
num_sockets++;
if (num_sockets >= FD_SETSIZE) {
DEBUG(0,("open_sockets_smbd: Too many sockets to bind to\n"));
return False;
}
}
}
SAFE_FREE(ports);
/* Listen to messages */
message_register(MSG_SMB_SAM_SYNC, msg_sam_sync);
message_register(MSG_SMB_SAM_REPL, msg_sam_repl);
message_register(MSG_SHUTDOWN, msg_exit_server);
message_register(MSG_SMB_FILE_RENAME, msg_file_was_renamed);
message_register(MSG_SMB_CONF_UPDATED, smb_conf_updated);
#ifdef DEVELOPER
message_register(MSG_SMB_INJECT_FAULT, msg_inject_fault);
#endif
/* now accept incoming connections - forking a new process
for each incoming connection */
DEBUG(2,("waiting for a connection\n"));
while (1) {
fd_set lfds;
int num;
/* Free up temporary memory from the main smbd. */
lp_TALLOC_FREE();
/* Ensure we respond to PING and DEBUG messages from the main smbd. */
message_dispatch();
memcpy((char *)&lfds, (char *)&listen_set,
sizeof(listen_set));
num = sys_select(maxfd+1,&lfds,NULL,NULL,NULL);
if (num == -1 && errno == EINTR) {
if (got_sig_term) {
exit_server_cleanly(NULL);
}
/* check for sighup processing */
if (reload_after_sighup) {
change_to_root_user();
DEBUG(1,("Reloading services after SIGHUP\n"));
reload_services(False);
reload_after_sighup = 0;
}
continue;
}
/* check if we need to reload services */
check_reload(time(NULL));
/* Find the sockets that are read-ready -
accept on these. */
for( ; num > 0; num--) {
struct sockaddr addr;
socklen_t in_addrlen = sizeof(addr);
s = -1;
for(i = 0; i < num_sockets; i++) {
if(FD_ISSET(fd_listenset[i],&lfds)) {
s = fd_listenset[i];
/* Clear this so we don't look
at it again. */
FD_CLR(fd_listenset[i],&lfds);
break;
}
}
smbd_set_server_fd(accept(s,&addr,&in_addrlen));
if (smbd_server_fd() == -1 && errno == EINTR)
continue;
if (smbd_server_fd() == -1) {
DEBUG(0,("open_sockets_smbd: accept: %s\n",
strerror(errno)));
continue;
}
/* Ensure child is set to blocking mode */
set_blocking(smbd_server_fd(),True);
if (smbd_server_fd() != -1 && interactive) {
#ifdef _XBOX
xb_IncClientCount();
#endif
return True;
}
if (allowable_number_of_smbd_processes() && smbd_server_fd() != -1 && sys_fork()==0) {
/* Child code ... */
/* close the listening socket(s) */
for(i = 0; i < num_sockets; i++)
close(fd_listenset[i]);
/* close our standard file
descriptors */
close_low_fds(False);
am_parent = 0;
set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
set_socket_options(smbd_server_fd(),user_socket_options);
/* this is needed so that we get decent entries
in smbstatus for port 445 connects */
set_remote_machine_name(get_peer_addr(smbd_server_fd()), False);
/* Reset the state of the random
* number generation system, so
* children do not get the same random
* numbers as each other */
set_need_random_reseed();
/* tdb needs special fork handling - remove CLEAR_IF_FIRST flags */
if (tdb_reopen_all(1) == -1) {
DEBUG(0,("tdb_reopen_all failed.\n"));
smb_panic("tdb_reopen_all failed.");
}
return True;
}
/* The parent doesn't need this socket */
close(smbd_server_fd());
/* Sun May 6 18:56:14 2001 [email protected]:
Clear the closed fd info out of server_fd --
and more importantly, out of client_fd in
util_sock.c, to avoid a possible
getpeername failure if we reopen the logs
and use %I in the filename.
*/
smbd_set_server_fd(-1);
/* Force parent to check log size after
* spawning child. Fix from
* [email protected]. The
* parent smbd will log to logserver.smb. It
* writes only two messages for each child
* started/finished. But each child writes,
* say, 50 messages also in logserver.smb,
* begining with the debug_count of the
* parent, before the child opens its own log
* file logserver.client. In a worst case
* scenario the size of logserver.smb would be
* checked after about 50*50=2500 messages
* (ca. 100kb).
* */
force_check_log_size();
} /* end for num */
} /* end while 1 */
/* NOTREACHED return True; */
}
