int main(int argc, const char *argv[])
{
bool is_daemon = false;
bool opt_interactive = false;
bool Fork = true;
bool no_process_group = false;
bool log_stdout = false;
poptContext pc;
char *p_lmhosts = NULL;
int opt;
struct messaging_context *msg;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_FORK,
OPT_NO_PROCESS_GROUP,
OPT_LOG_STDOUT
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon(default)" },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)" },
{"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools & etc)" },
{"no-process-group", 0, POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
{"hosts", 'H', POPT_ARG_STRING, &p_lmhosts, 0, "Load a netbios hosts file"},
{"port", 'p', POPT_ARG_INT, &global_nmb_port, 0, "Listen on the specified port" },
POPT_COMMON_SAMBA
POPT_COMMON_DYNCONFIG
POPT_TABLEEND
};
TALLOC_CTX *frame;
NTSTATUS status;
bool ok;
/*
* Do this before any other talloc operation
*/
talloc_enable_null_tracking();
frame = talloc_stackframe();
/*
* We want total control over the permissions on created files,
* so set our umask to 0.
*/
umask(0);
setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
load_case_tables();
global_nmb_port = NMB_PORT;
pc = poptGetContext("nmbd", argc, argv, long_options, 0);
while ((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_DAEMON:
is_daemon = true;
break;
case OPT_INTERACTIVE:
opt_interactive = true;
break;
case OPT_FORK:
Fork = false;
break;
case OPT_NO_PROCESS_GROUP:
no_process_group = true;
break;
case OPT_LOG_STDOUT:
log_stdout = true;
break;
default:
d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
exit(1);
}
};
poptFreeContext(pc);
global_in_nmbd = true;
StartupTime = time(NULL);
sys_srandom(time(NULL) ^ getpid());
if (!override_logfile) {
char *lfile = NULL;
if (asprintf(&lfile, "%s/log.nmbd", get_dyn_LOGFILEBASE()) < 0) {
exit(1);
}
lp_set_logfile(lfile);
SAFE_FREE(lfile);
}
fault_setup();
dump_core_setup("nmbd", lp_logfile(talloc_tos()));
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked, we will have problems, as we won't receive them. */
BlockSignals(False, SIGHUP);
BlockSignals(False, SIGUSR1);
BlockSignals(False, SIGTERM);
#if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals(True,SIGFPE);
#endif
/* We no longer use USR2... */
#if defined(SIGUSR2)
BlockSignals(True, SIGUSR2);
#endif
/* Ignore children - no zombies. */
CatchChild();
if ( opt_interactive ) {
Fork = False;
log_stdout = True;
}
if ( log_stdout && Fork ) {
DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
exit(1);
}
if (log_stdout) {
setup_logging(argv[0], DEBUG_STDOUT);
} else {
setup_logging( argv[0], DEBUG_FILE);
}
reopen_logs();
DEBUG(0,("nmbd version %s started.\n", samba_version_string()));
DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
exit(1);
}
reopen_logs();
if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC
&& !lp_parm_bool(-1, "server role check", "inhibit", false)) {
/* TODO: when we have a merged set of defaults for
* loadparm, we could possibly check if the internal
* nbt server is in the list, and allow a startup if disabled */
DEBUG(0, ("server role = 'active directory domain controller' not compatible with running nmbd standalone. \n"));
DEBUGADD(0, ("You should start 'samba' instead, and it will control starting the internal nbt server\n"));
exit(1);
}
msg = messaging_init(NULL, server_event_context());
if (msg == NULL) {
return 1;
}
if ( !reload_nmbd_services(False) )
return(-1);
if(!init_names())
return -1;
reload_nmbd_services( True );
if (strequal(lp_workgroup(),"*")) {
DEBUG(0,("ERROR: a workgroup name of * is no longer supported\n"));
exit(1);
}
set_samba_nb_type();
if (!is_daemon && !is_a_socket(0)) {
DEBUG(0,("standard input is not a socket, assuming -D option\n"));
is_daemon = True;
}
if (is_daemon && !opt_interactive) {
DEBUG( 2, ( "Becoming a daemon.\n" ) );
become_daemon(Fork, no_process_group, log_stdout);
}
#if HAVE_SETPGID
/*
* If we're interactive we want to set our own process group for
* signal management.
*/
if (opt_interactive && !no_process_group)
setpgid( (pid_t)0, (pid_t)0 );
#endif
#ifndef SYNC_DNS
/* Setup the async dns. We do it here so it doesn't have all the other
stuff initialised and thus chewing memory and sockets */
if(lp_we_are_a_wins_server() && lp_wins_dns_proxy()) {
start_async_dns(msg);
}
#endif
ok = directory_create_or_exist(lp_lockdir(), geteuid(), 0755);
if (!ok) {
exit_daemon("Failed to create directory for lock files, check 'lock directory'", errno);
}
ok = directory_create_or_exist(lp_piddir(), geteuid(), 0755);
if (!ok) {
exit_daemon("Failed to create directory for pid files, check 'pid directory'", errno);
}
pidfile_create(lp_piddir(), "nmbd");
status = reinit_after_fork(msg, nmbd_event_context(),
false);
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status));
}
/*
* Do not initialize the parent-child-pipe before becoming
* a daemon: this is used to detect a died parent in the child
* process.
*/
status = init_before_fork();
if (!NT_STATUS_IS_OK(status)) {
exit_daemon(nt_errstr(status), map_errno_from_nt_status(status));
}
if (!nmbd_setup_sig_term_handler(msg))
exit_daemon("NMBD failed to setup signal handler", EINVAL);
if (!nmbd_setup_stdin_handler(msg, !Fork))
exit_daemon("NMBD failed to setup stdin handler", EINVAL);
if (!nmbd_setup_sig_hup_handler(msg))
exit_daemon("NMBD failed to setup SIGHUP handler", EINVAL);
/* get broadcast messages */
if (!serverid_register(messaging_server_id(msg),
FLAG_MSG_GENERAL |
FLAG_MSG_NMBD |
FLAG_MSG_DBWRAP)) {
exit_daemon("Could not register NMBD process in serverid.tdb", EACCES);
}
messaging_register(msg, NULL, MSG_FORCE_ELECTION,
nmbd_message_election);
#if 0
/* Until winsrepl is done. */
messaging_register(msg, NULL, MSG_WINS_NEW_ENTRY,
nmbd_wins_new_entry);
#endif
messaging_register(msg, NULL, MSG_SHUTDOWN,
nmbd_terminate);
messaging_register(msg, NULL, MSG_SMB_CONF_UPDATED,
msg_reload_nmbd_services);
messaging_register(msg, NULL, MSG_SEND_PACKET,
msg_nmbd_send_packet);
TimeInit();
DEBUG( 3, ( "Opening sockets %d\n", global_nmb_port ) );
if ( !open_sockets( is_daemon, global_nmb_port ) ) {
kill_async_dns_child();
return 1;
}
/* Determine all the IP addresses we have. */
load_interfaces();
/* Create an nmbd subnet record for each of the above. */
if( False == create_subnets() ) {
kill_async_dns_child();
exit_daemon("NMBD failed when creating subnet lists", EACCES);
}
/* Load in any static local names. */
if (p_lmhosts) {
set_dyn_LMHOSTSFILE(p_lmhosts);
}
load_lmhosts_file(get_dyn_LMHOSTSFILE());
DEBUG(3,("Loaded hosts file %s\n", get_dyn_LMHOSTSFILE()));
/* If we are acting as a WINS server, initialise data structures. */
if( !initialise_wins() ) {
kill_async_dns_child();
exit_daemon( "NMBD failed when initialising WINS server.", EACCES);
}
/*
* Register nmbd primary workgroup and nmbd names on all
* the broadcast subnets, and on the WINS server (if specified).
* Also initiate the startup of our primary workgroup (start
* elections if we are setup as being able to be a local
* master browser.
*/
if( False == register_my_workgroup_and_names() ) {
kill_async_dns_child();
exit_daemon( "NMBD failed when creating my workgroup.", EACCES);
}
if (!initialize_nmbd_proxy_logon()) {
kill_async_dns_child();
exit_daemon( "NMBD failed to setup nmbd_proxy_logon.", EACCES);
}
if (!nmbd_init_packet_server()) {
kill_async_dns_child();
exit_daemon( "NMBD failed to setup packet server.", EACCES);
}
if (is_daemon && !opt_interactive) {
daemon_ready("nmbd");
}
TALLOC_FREE(frame);
process(msg);
kill_async_dns_child();
return(0);
}
int main(int argc,const char *argv[])
{
/* shall I run as a daemon */
bool is_daemon = false;
bool interactive = false;
bool Fork = true;
bool no_process_group = false;
bool log_stdout = false;
char *ports = NULL;
char *profile_level = NULL;
int opt;
poptContext pc;
bool print_build_options = False;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_FORK,
OPT_NO_PROCESS_GROUP,
OPT_LOG_STDOUT
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"},
{"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" },
{"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
{"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" },
{"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"},
{"profiling-level", 'P', POPT_ARG_STRING, &profile_level, 0, "Set profiling level","PROFILE_LEVEL"},
POPT_COMMON_SAMBA
POPT_TABLEEND
};
struct smbd_parent_context *parent = NULL;
TALLOC_CTX *frame;
NTSTATUS status;
struct tevent_context *ev_ctx;
struct messaging_context *msg_ctx;
struct server_id server_id;
struct tevent_signal *se;
int profiling_level;
char *np_dir = NULL;
static const struct smbd_shim smbd_shim_fns =
{
.cancel_pending_lock_requests_by_fid = smbd_cancel_pending_lock_requests_by_fid,
.send_stat_cache_delete_message = smbd_send_stat_cache_delete_message,
.change_to_root_user = smbd_change_to_root_user,
.become_authenticated_pipe_user = smbd_become_authenticated_pipe_user,
.unbecome_authenticated_pipe_user = smbd_unbecome_authenticated_pipe_user,
.contend_level2_oplocks_begin = smbd_contend_level2_oplocks_begin,
.contend_level2_oplocks_end = smbd_contend_level2_oplocks_end,
.become_root = smbd_become_root,
.unbecome_root = smbd_unbecome_root,
.exit_server = smbd_exit_server,
.exit_server_cleanly = smbd_exit_server_cleanly,
};
/*
* Do this before any other talloc operation
*/
talloc_enable_null_tracking();
frame = talloc_stackframe();
setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
smb_init_locale();
set_smbd_shim(&smbd_shim_fns);
smbd_init_globals();
TimeInit();
#ifdef HAVE_SET_AUTH_PARAMETERS
set_auth_parameters(argc,argv);
#endif
pc = poptGetContext("smbd", argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case OPT_DAEMON:
is_daemon = true;
break;
case OPT_INTERACTIVE:
interactive = true;
break;
case OPT_FORK:
Fork = false;
break;
case OPT_NO_PROCESS_GROUP:
no_process_group = true;
break;
case OPT_LOG_STDOUT:
log_stdout = true;
break;
case 'b':
print_build_options = True;
break;
default:
d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
exit(1);
}
}
poptFreeContext(pc);
if (interactive) {
Fork = False;
log_stdout = True;
}
if (log_stdout) {
setup_logging(argv[0], DEBUG_STDOUT);
} else {
setup_logging(argv[0], DEBUG_FILE);
}
if (print_build_options) {
build_options(True); /* Display output to screen as well as debug */
exit(0);
}
#ifdef HAVE_SETLUID
/* needed for SecureWare on SCO */
setluid(0);
#endif
set_remote_machine_name("smbd", False);
if (interactive && (DEBUGLEVEL >= 9)) {
talloc_enable_leak_report();
}
if (log_stdout && Fork) {
DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
exit(1);
}
/* we want to re-seed early to prevent time delays causing
client problems at a later date. (tridge) */
generate_random_buffer(NULL, 0);
/* get initial effective uid and gid */
sec_init();
/* make absolutely sure we run as root - to handle cases where people
are crazy enough to have it setuid */
gain_root_privilege();
gain_root_group_privilege();
fault_setup();
dump_core_setup("smbd", lp_logfile(talloc_tos()));
/* we are never interested in SIGPIPE */
BlockSignals(True,SIGPIPE);
#if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals(True,SIGFPE);
#endif
#if defined(SIGUSR2)
/* We are no longer interested in USR2 */
BlockSignals(True,SIGUSR2);
#endif
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked, we will have problems, as we won't recieve them. */
BlockSignals(False, SIGHUP);
BlockSignals(False, SIGUSR1);
BlockSignals(False, SIGTERM);
/* Ensure we leave no zombies until we
* correctly set up child handling below. */
CatchChild();
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask(0);
reopen_logs();
DEBUG(0,("smbd version %s started.\n", samba_version_string()));
DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
(int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
/* Output the build options to the debug log */
build_options(False);
if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4) {
DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
exit(1);
}
if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
exit(1);
}
if (!cluster_probe_ok()) {
exit(1);
}
/* Init the security context and global current_user */
init_sec_ctx();
/*
* Initialize the event context. The event context needs to be
* initialized before the messaging context, cause the messaging
* context holds an event context.
* FIXME: This should be s3_tevent_context_init()
*/
ev_ctx = server_event_context();
if (ev_ctx == NULL) {
exit(1);
}
/*
* Init the messaging context
* FIXME: This should only call messaging_init()
*/
msg_ctx = server_messaging_context();
if (msg_ctx == NULL) {
exit(1);
}
/*
* Reloading of the printers will not work here as we don't have a
* server info and rpc services set up. It will be called later.
*/
if (!reload_services(NULL, NULL, false)) {
exit(1);
}
if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC
&& !lp_parm_bool(-1, "server role check", "inhibit", false)) {
DEBUG(0, ("server role = 'active directory domain controller' not compatible with running smbd standalone. \n"));
DEBUGADD(0, ("You should start 'samba' instead, and it will control starting smbd if required\n"));
exit(1);
}
/* ...NOTE... Log files are working from this point! */
DEBUG(3,("loaded services\n"));
init_structs();
if (!profile_setup(msg_ctx, False)) {
DEBUG(0,("ERROR: failed to setup profiling\n"));
return -1;
}
if (profile_level != NULL) {
profiling_level = atoi(profile_level);
} else {
profiling_level = lp_smbd_profiling_level();
}
set_profile_level(profiling_level, messaging_server_id(msg_ctx));
if (!is_daemon && !is_a_socket(0)) {
if (!interactive) {
DEBUG(3, ("Standard input is not a socket, "
"assuming -D option\n"));
}
/*
* Setting is_daemon here prevents us from eventually calling
* the open_sockets_inetd()
*/
is_daemon = True;
}
if (is_daemon && !interactive) {
DEBUG(3, ("Becoming a daemon.\n"));
become_daemon(Fork, no_process_group, log_stdout);
}
#if HAVE_SETPGID
/*
* If we're interactive we want to set our own process group for
* signal management.
*/
if (interactive && !no_process_group)
setpgid( (pid_t)0, (pid_t)0);
#endif
if (!directory_exist(lp_lock_directory()))
mkdir(lp_lock_directory(), 0755);
if (!directory_exist(lp_pid_directory()))
mkdir(lp_pid_directory(), 0755);
if (is_daemon)
pidfile_create(lp_pid_directory(), "smbd");
status = reinit_after_fork(msg_ctx, ev_ctx, false, NULL);
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status));
}
if (!interactive) {
/*
* Do not initialize the parent-child-pipe before becoming a
* daemon: this is used to detect a died parent in the child
* process.
*/
status = init_before_fork();
if (!NT_STATUS_IS_OK(status)) {
exit_daemon(nt_errstr(status), map_errno_from_nt_status(status));
}
}
parent = talloc_zero(ev_ctx, struct smbd_parent_context);
if (!parent) {
exit_server("talloc(struct smbd_parent_context) failed");
}
parent->interactive = interactive;
parent->ev_ctx = ev_ctx;
parent->msg_ctx = msg_ctx;
am_parent = parent;
se = tevent_add_signal(parent->ev_ctx,
parent,
SIGTERM, 0,
smbd_parent_sig_term_handler,
parent);
if (!se) {
exit_server("failed to setup SIGTERM handler");
}
se = tevent_add_signal(parent->ev_ctx,
parent,
SIGHUP, 0,
smbd_parent_sig_hup_handler,
parent);
if (!se) {
exit_server("failed to setup SIGHUP handler");
}
/* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
if (smbd_memcache() == NULL) {
exit_daemon("no memcache available", EACCES);
}
memcache_set_global(smbd_memcache());
/* Initialise the password backed before the global_sam_sid
to ensure that we fetch from ldap before we make a domain sid up */
if(!initialize_password_db(false, ev_ctx))
exit(1);
if (!secrets_init()) {
exit_daemon("smbd can not open secrets.tdb", EACCES);
}
if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) {
struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_helpers());
if (!open_schannel_session_store(NULL, lp_ctx)) {
exit_daemon("ERROR: Samba cannot open schannel store for secured NETLOGON operations.", EACCES);
}
TALLOC_FREE(lp_ctx);
}
if(!get_global_sam_sid()) {
exit_daemon("Samba cannot create a SAM SID", EACCES);
}
server_id = messaging_server_id(msg_ctx);
status = smbXsrv_version_global_init(&server_id);
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("Samba cannot init server context", EACCES);
}
status = smbXsrv_session_global_init();
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("Samba cannot init session context", EACCES);
}
status = smbXsrv_tcon_global_init();
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("Samba cannot init tcon context", EACCES);
}
if (!locking_init())
exit_daemon("Samba cannot init locking", EACCES);
if (!leases_db_init(false)) {
exit_daemon("Samba cannot init leases", EACCES);
}
if (!smbd_notifyd_init(msg_ctx, interactive)) {
exit_daemon("Samba cannot init notification", EACCES);
}
if (!messaging_parent_dgm_cleanup_init(msg_ctx)) {
exit(1);
}
if (!smbd_scavenger_init(NULL, msg_ctx, ev_ctx)) {
exit_daemon("Samba cannot init scavenging", EACCES);
}
if (!serverid_parent_init(ev_ctx)) {
exit_daemon("Samba cannot init server id", EACCES);
}
if (!W_ERROR_IS_OK(registry_init_full()))
exit_daemon("Samba cannot init registry", EACCES);
/* Open the share_info.tdb here, so we don't have to open
after the fork on every single connection. This is a small
performance improvment and reduces the total number of system
fds used. */
if (!share_info_db_init()) {
exit_daemon("ERROR: failed to load share info db.", EACCES);
}
status = init_system_session_info();
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("ERROR: failed to setup system user info: %s.\n",
nt_errstr(status)));
return -1;
}
if (!init_guest_info()) {
DEBUG(0,("ERROR: failed to setup guest info.\n"));
return -1;
}
if (!file_init_global()) {
DEBUG(0, ("ERROR: file_init_global() failed\n"));
return -1;
}
status = smbXsrv_open_global_init();
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("Samba cannot init global open", map_errno_from_nt_status(status));
}
/* This MUST be done before start_epmd() because otherwise
* start_epmd() forks and races against dcesrv_ep_setup() to
* call directory_create_or_exist() */
if (!directory_create_or_exist(lp_ncalrpc_dir(), 0755)) {
DEBUG(0, ("Failed to create pipe directory %s - %s\n",
lp_ncalrpc_dir(), strerror(errno)));
return -1;
}
np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
if (!np_dir) {
DEBUG(0, ("%s: Out of memory\n", __location__));
return -1;
}
if (!directory_create_or_exist_strict(np_dir, geteuid(), 0700)) {
DEBUG(0, ("Failed to create pipe directory %s - %s\n",
np_dir, strerror(errno)));
return -1;
}
if (is_daemon && !interactive) {
if (rpc_epmapper_daemon() == RPC_DAEMON_FORK) {
start_epmd(ev_ctx, msg_ctx);
}
}
if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) {
exit_daemon("Samba cannot setup ep pipe", EACCES);
}
if (is_daemon && !interactive) {
daemon_ready("smbd");
}
/* only start other daemons if we are running as a daemon
* -- bad things will happen if smbd is launched via inetd
* and we fork a copy of ourselves here */
if (is_daemon && !interactive) {
if (rpc_lsasd_daemon() == RPC_DAEMON_FORK) {
start_lsasd(ev_ctx, msg_ctx);
}
if (rpc_fss_daemon() == RPC_DAEMON_FORK) {
start_fssd(ev_ctx, msg_ctx);
}
if (!lp__disable_spoolss() &&
(rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
bool bgq = lp_parm_bool(-1, "smbd", "backgroundqueue", true);
if (!printing_subsystem_init(ev_ctx, msg_ctx, true, bgq)) {
exit_daemon("Samba failed to init printing subsystem", EACCES);
}
}
#ifdef WITH_SPOTLIGHT
if ((rpc_mdssvc_mode() == RPC_SERVICE_MODE_EXTERNAL) &&
(rpc_mdssd_daemon() == RPC_DAEMON_FORK)) {
start_mdssd(ev_ctx, msg_ctx);
}
#endif
} else if (!lp__disable_spoolss() &&
(rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
if (!printing_subsystem_init(ev_ctx, msg_ctx, false, false)) {
exit(1);
}
}
if (!is_daemon) {
int sock;
/* inetd mode */
TALLOC_FREE(frame);
/* Started from inetd. fd 0 is the socket. */
/* We will abort gracefully when the client or remote system
goes away */
sock = dup(0);
/* close stdin, stdout (if not logging to it), but not stderr */
close_low_fds(true, !debug_get_output_is_stdout(), false);
#ifdef HAVE_ATEXIT
atexit(killkids);
#endif
/* Stop zombies */
smbd_setup_sig_chld_handler(parent);
smbd_process(ev_ctx, msg_ctx, sock, true);
exit_server_cleanly(NULL);
return(0);
}
if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports))
exit_server("open_sockets_smbd() failed");
/* do a printer update now that all messaging has been set up,
* before we allow clients to start connecting */
if (!lp__disable_spoolss() &&
(rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
printing_subsystem_update(ev_ctx, msg_ctx, false);
}
TALLOC_FREE(frame);
/* make sure we always have a valid stackframe */
frame = talloc_stackframe();
if (!Fork) {
/* if we are running in the foreground then look for
EOF on stdin, and exit if it happens. This allows
us to die if the parent process dies
Only do this on a pipe or socket, no other device.
*/
struct stat st;
if (fstat(0, &st) != 0) {
return false;
}
if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
tevent_add_fd(ev_ctx,
parent,
0,
TEVENT_FD_READ,
smbd_stdin_handler,
NULL);
}
}
smbd_parent_loop(ev_ctx, parent);
exit_server_cleanly(NULL);
TALLOC_FREE(frame);
return(0);
}
// forked daemon lets the spawner know it's up and running OK
// should be called only once!
void shairport_startup_complete(void) {
if (config.daemonise) {
daemon_ready();
}
}
int
main(int argc, char *argv[])
{
int get_creds = 1;
int fg = 0;
int verbosity = 0;
int rpc_verbosity = 0;
int idmap_verbosity = 0;
int opt, status;
extern char *optarg;
char *progname;
char *principal = NULL;
while ((opt = getopt(argc, argv, "fivrnp:")) != -1) {
switch (opt) {
case 'f':
fg = 1;
break;
case 'i':
idmap_verbosity++;
break;
case 'n':
get_creds = 0;
break;
case 'v':
verbosity++;
break;
case 'r':
rpc_verbosity++;
break;
case 'p':
principal = optarg;
break;
default:
usage(argv[0]);
break;
}
}
if ((progname = strrchr(argv[0], '/')))
progname++;
else
progname = argv[0];
initerr(progname, verbosity, fg);
#ifdef HAVE_AUTHGSS_SET_DEBUG_LEVEL
if (verbosity && rpc_verbosity == 0)
rpc_verbosity = verbosity;
authgss_set_debug_level(rpc_verbosity);
#elif HAVE_LIBTIRPC_SET_DEBUG
/*
* Only set the libtirpc debug level if explicitly requested via -r...
* svcgssd is chatty enough as it is.
*/
if (rpc_verbosity > 0)
libtirpc_set_debug(progname, rpc_verbosity, fg);
#else
if (rpc_verbosity > 0)
printerr(0, "Warning: rpcsec_gss library does not "
"support setting debug level\n");
#endif
#ifdef HAVE_NFS4_SET_DEBUG
if (verbosity && idmap_verbosity == 0)
idmap_verbosity = verbosity;
nfs4_set_debug(idmap_verbosity, NULL);
#else
if (idmap_verbosity > 0)
printerr(0, "Warning: your nfsidmap library does not "
"support setting debug level\n");
#endif
if (gssd_check_mechs() != 0) {
printerr(0, "ERROR: Problem with gssapi library\n");
exit(1);
}
daemon_init(fg);
signal(SIGINT, sig_die);
signal(SIGTERM, sig_die);
signal(SIGHUP, sig_hup);
if (get_creds) {
if (principal)
status = gssd_acquire_cred(principal,
((const gss_OID)GSS_C_NT_USER_NAME));
else
status = gssd_acquire_cred(GSSD_SERVICE_NAME,
(const gss_OID)GSS_C_NT_HOSTBASED_SERVICE);
if (status == FALSE) {
printerr(0, "unable to obtain root (machine) credentials\n");
printerr(0, "do you have a keytab entry for "
"nfs/<your.host>@<YOUR.REALM> in "
"/etc/krb5.keytab?\n");
exit(1);
}
} else {
status = gssd_acquire_cred(NULL,
(const gss_OID)GSS_C_NT_HOSTBASED_SERVICE);
if (status == FALSE) {
printerr(0, "unable to obtain nameless credentials\n");
exit(1);
}
}
daemon_ready();
nfs4_init_name_mapping(NULL); /* XXX: should only do this once */
gssd_run();
printerr(0, "gssd_run returned!\n");
abort();
}
/*
main server.
*/
static int binary_smbd_main(const char *binary_name, int argc, const char *argv[])
{
bool opt_daemon = false;
bool opt_interactive = false;
int opt;
poptContext pc;
#define _MODULE_PROTO(init) extern NTSTATUS init(void);
STATIC_service_MODULES_PROTO;
init_module_fn static_init[] = { STATIC_service_MODULES };
init_module_fn *shared_init;
struct tevent_context *event_ctx;
uint16_t stdin_event_flags;
NTSTATUS status;
const char *model = "standard";
int max_runtime = 0;
struct stat st;
enum {
OPT_DAEMON = 1000,
OPT_INTERACTIVE,
OPT_PROCESS_MODEL,
OPT_SHOW_BUILD
};
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
"Become a daemon (default)", NULL },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
"Run interactive (not a daemon)", NULL},
{"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
"Select process model", "MODEL"},
{"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0,
"set maximum runtime of the server process, till autotermination", "seconds"},
{"show-build", 'b', POPT_ARG_NONE, NULL, OPT_SHOW_BUILD, "show build info", NULL },
POPT_COMMON_SAMBA
POPT_COMMON_VERSION
{ NULL }
};
pc = poptGetContext(binary_name, argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
case OPT_DAEMON:
opt_daemon = true;
break;
case OPT_INTERACTIVE:
opt_interactive = true;
break;
case OPT_PROCESS_MODEL:
model = poptGetOptArg(pc);
break;
case OPT_SHOW_BUILD:
show_build();
break;
default:
fprintf(stderr, "\nInvalid option %s: %s\n\n",
poptBadOption(pc, 0), poptStrerror(opt));
poptPrintUsage(pc, stderr, 0);
return 1;
}
}
if (opt_daemon && opt_interactive) {
fprintf(stderr,"\nERROR: "
"Option -i|--interactive is not allowed together with -D|--daemon\n\n");
poptPrintUsage(pc, stderr, 0);
return 1;
} else if (!opt_interactive) {
/* default is --daemon */
opt_daemon = true;
}
poptFreeContext(pc);
talloc_enable_null_tracking();
setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
setup_signals();
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask(0);
DEBUG(0,("%s version %s started.\n", binary_name, SAMBA_VERSION_STRING));
DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team 1992-2016\n"));
if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4 || sizeof(uint64_t) < 8) {
DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, sizeof(uint64_t) = %u\n",
(unsigned int)sizeof(uint16_t), (unsigned int)sizeof(uint32_t), (unsigned int)sizeof(uint64_t)));
return 1;
}
if (opt_daemon) {
DEBUG(3,("Becoming a daemon.\n"));
become_daemon(true, false, false);
}
cleanup_tmp_files(cmdline_lp_ctx);
if (!directory_exist(lpcfg_lock_directory(cmdline_lp_ctx))) {
mkdir(lpcfg_lock_directory(cmdline_lp_ctx), 0755);
}
pidfile_create(lpcfg_pid_directory(cmdline_lp_ctx), binary_name);
if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) {
if (!open_schannel_session_store(talloc_autofree_context(), cmdline_lp_ctx)) {
exit_daemon("Samba cannot open schannel store for secured NETLOGON operations.", EACCES);
}
}
/* make sure we won't go through nss_winbind */
if (!winbind_off()) {
exit_daemon("Samba failed to disable recusive winbindd calls.", EACCES);
}
gensec_init(); /* FIXME: */
ntptr_init(); /* FIXME: maybe run this in the initialization function
of the spoolss RPC server instead? */
ntvfs_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization functions
of the SMB[,2] server instead? */
process_model_init(cmdline_lp_ctx);
shared_init = load_samba_modules(NULL, "service");
run_init_functions(static_init);
run_init_functions(shared_init);
talloc_free(shared_init);
/* the event context is the top level structure in smbd. Everything else
should hang off that */
event_ctx = s4_event_context_init(talloc_autofree_context());
if (event_ctx == NULL) {
exit_daemon("Initializing event context failed", EACCES);
}
if (opt_interactive) {
/* terminate when stdin goes away */
stdin_event_flags = TEVENT_FD_READ;
} else {
/* stay alive forever */
stdin_event_flags = 0;
}
/* catch EOF on stdin */
#ifdef SIGTTIN
signal(SIGTTIN, SIG_IGN);
#endif
if (fstat(0, &st) != 0) {
exit_daemon("Samba failed to set standard input handler", ENOTTY);
}
if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
tevent_add_fd(event_ctx,
event_ctx,
0,
stdin_event_flags,
server_stdin_handler,
discard_const(binary_name));
}
if (max_runtime) {
DEBUG(0,("Called with maxruntime %d - current ts %llu\n",
max_runtime, (unsigned long long) time(NULL)));
tevent_add_timer(event_ctx, event_ctx,
timeval_current_ofs(max_runtime, 0),
max_runtime_handler,
discard_const(binary_name));
}
if (lpcfg_server_role(cmdline_lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC
&& !lpcfg_parm_bool(cmdline_lp_ctx, NULL, "server role check", "inhibit", false)
&& !str_list_check_ci(lpcfg_server_services(cmdline_lp_ctx), "smb")
&& !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx), "remote")
&& !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx), "mapiproxy")) {
DEBUG(0, ("At this time the 'samba' binary should only be used for either:\n"));
DEBUGADD(0, ("'server role = active directory domain controller' or to access the ntvfs file server with 'server services = +smb' or the rpc proxy with 'dcerpc endpoint servers = remote'\n"));
DEBUGADD(0, ("You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks\n"));
exit_daemon("Samba detected misconfigured 'server role' and exited. Check logs for details", EINVAL);
};
prime_ldb_databases(event_ctx);
status = setup_parent_messaging(event_ctx, cmdline_lp_ctx);
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("Samba failed to setup parent messaging", NT_STATUS_V(status));
}
DEBUG(0,("%s: using '%s' process model\n", binary_name, model));
status = server_service_startup(event_ctx, cmdline_lp_ctx, model,
lpcfg_server_services(cmdline_lp_ctx));
if (!NT_STATUS_IS_OK(status)) {
exit_daemon("Samba failed to start services", NT_STATUS_V(status));
}
if (opt_daemon) {
daemon_ready("samba");
}
/* wait for events - this is where smbd sits for most of its
life */
tevent_loop_wait(event_ctx);
/* as everything hangs off this event context, freeing it
should initiate a clean shutdown of all services */
talloc_free(event_ctx);
return 0;
}
