void ns_os_inituserinfo (const char *username) { char strbuf[ISC_STRERRORSIZE]; if (username == NULL) return; if (all_digits (username)) runas_pw = getpwuid ((uid_t) atoi (username)); else runas_pw = getpwnam (username); endpwent (); if (runas_pw == NULL) ns_main_earlyfatal ("user '%s' unknown", username); if (getuid () == 0) { if (initgroups (runas_pw->pw_name, runas_pw->pw_gid) < 0) { isc__strerror (errno, strbuf, sizeof (strbuf)); ns_main_earlyfatal ("initgroups(): %s", strbuf); } } }
void ns_os_chroot(const char *root) { char strbuf[ISC_STRERRORSIZE]; #ifdef HAVE_LIBSCF ns_smf_chroot = 0; #endif if (root != NULL) { #ifdef HAVE_CHROOT if (chroot(root) < 0) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("chroot(): %s", strbuf); } #else ns_main_earlyfatal("chroot(): disabled"); #endif if (chdir("/") < 0) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("chdir(/): %s", strbuf); } #ifdef HAVE_LIBSCF /* Set ns_smf_chroot flag on successful chroot. */ ns_smf_chroot = 1; #endif } }
static int parse_int(char *arg, const char *desc) { char *endp; int tmp; long int ltmp; ltmp = strtol(arg, &endp, 10); tmp = (int) ltmp; if (*endp != '\0') ns_main_earlyfatal("%s '%s' must be numeric", desc, arg); if (tmp < 0 || tmp != ltmp) ns_main_earlyfatal("%s '%s' out of range", desc, arg); return (tmp); }
static void set_flags(const char *arg, struct flag_def *defs, unsigned int *ret) { isc_boolean_t clear = ISC_FALSE; for (;;) { const struct flag_def *def; const char *end = strchr(arg, ','); int arglen; if (end == NULL) end = arg + strlen(arg); arglen = (int)(end - arg); for (def = defs; def->name != NULL; def++) { if (arglen == (int)strlen(def->name) && memcmp(arg, def->name, arglen) == 0) { if (def->value == 0) clear = ISC_TRUE; *ret |= def->value; goto found; } } ns_main_earlyfatal("unrecognized flag '%.*s'", arglen, arg); found: if (clear || (*end == '\0')) break; arg = end + 1; } if (clear) *ret = 0; }
void ns_os_changeuser (void) { char strbuf[ISC_STRERRORSIZE]; if (runas_pw == NULL || done_setuid) return; done_setuid = ISC_TRUE; #ifdef HAVE_LINUXTHREADS #ifdef HAVE_LINUX_CAPABILITY_H if (!non_root_caps) ns_main_earlyfatal ("-u with Linux threads not supported: " "requires kernel support for " "prctl(PR_SET_KEEPCAPS)"); #else ns_main_earlyfatal ("-u with Linux threads not supported: " "no capabilities support or capabilities " "disabled at build time"); #endif #endif if (setgid (runas_pw->pw_gid) < 0) { isc__strerror (errno, strbuf, sizeof (strbuf)); ns_main_earlyfatal ("setgid(): %s", strbuf); } if (setuid (runas_pw->pw_uid) < 0) { isc__strerror (errno, strbuf, sizeof (strbuf)); ns_main_earlyfatal ("setuid(): %s", strbuf); } #if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE) /* * Restore the ability of named to drop core after the setuid() * call has disabled it. */ if (prctl (PR_SET_DUMPABLE, 1, 0, 0, 0) < 0) { isc__strerror (errno, strbuf, sizeof (strbuf)); ns_main_earlywarning ("prctl(PR_SET_DUMPABLE) failed: %s", strbuf); } #endif #if defined(HAVE_LINUX_CAPABILITY_H) && !defined(HAVE_LINUXTHREADS) linux_minprivs (); #endif }
isc_boolean_t ns_os_issingleton(const char *filename) { char strbuf[ISC_STRERRORSIZE]; struct flock lock; if (singletonfd != -1) return (ISC_TRUE); if (strcasecmp(filename, "none") == 0) return (ISC_TRUE); /* * Make the containing directory if it doesn't exist. */ lockfile = strdup(filename); if (lockfile == NULL) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("couldn't allocate memory for '%s': %s", filename, strbuf); } else { int ret = mkdirpath(lockfile, ns_main_earlywarning); if (ret == -1) { ns_main_earlywarning("couldn't create '%s'", filename); cleanup_lockfile(); return (ISC_FALSE); } } /* * ns_os_openfile() uses safeopen() which removes any existing * files. We can't use that here. */ singletonfd = open(filename, O_WRONLY | O_CREAT, S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH); if (singletonfd == -1) { cleanup_lockfile(); return (ISC_FALSE); } memset(&lock, 0, sizeof(lock)); lock.l_type = F_WRLCK; lock.l_whence = SEEK_SET; lock.l_start = 0; lock.l_len = 1; /* Non-blocking (does not wait for lock) */ if (fcntl(singletonfd, F_SETLK, &lock) == -1) { close(singletonfd); singletonfd = -1; return (ISC_FALSE); } return (ISC_TRUE); }
void ns_os_started(void) { char buf = 0; /* * Signal to the parent that we started successfully. */ if (dfd[0] != -1 && dfd[1] != -1) { if (write(dfd[1], &buf, 1) != 1) ns_main_earlyfatal("unable to signal parent that we " "otherwise started successfully."); close(dfd[1]); dfd[0] = dfd[1] = -1; } }
/* * Initialize the Service by registering it. */ void ntservice_init(void) { if (!foreground) { /* Register handler with the SCM */ hServiceStatus = RegisterServiceCtrlHandler(BIND_SERVICE_NAME, (LPHANDLER_FUNCTION)ServiceControl); if (!hServiceStatus) { ns_main_earlyfatal( "could not register service control handler"); UpdateSCM(SERVICE_STOPPED); exit(1); } UpdateSCM(SERVICE_RUNNING); } else { strcpy(ConsoleTitle, "BIND Version "); strcat(ConsoleTitle, VERSION); SetConsoleTitle(ConsoleTitle); } }
static void linux_keepcaps(void) { char strbuf[ISC_STRERRORSIZE]; /*% * Ask the kernel to allow us to keep our capabilities after we * setuid(). */ if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) { if (errno != EINVAL) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("prctl() failed: %s", strbuf); } } else { non_root_caps = ISC_TRUE; if (getuid() != 0) non_root = ISC_TRUE; } }
static void linux_setcaps(unsigned int caps) { struct __user_cap_header_struct caphead; struct __user_cap_data_struct cap; char strbuf[ISC_STRERRORSIZE]; if ((getuid() != 0 && !non_root_caps) || non_root) return; memset(&caphead, 0, sizeof(caphead)); caphead.version = _LINUX_CAPABILITY_VERSION; caphead.pid = 0; memset(&cap, 0, sizeof(cap)); cap.effective = caps; cap.permitted = caps; cap.inheritable = 0; if (syscall(SYS_capset, &caphead, &cap) < 0) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("capset failed: %s:" " please ensure that the capset kernel" " module is loaded. see insmod(8)", strbuf); } }
static void setup(void) { isc_result_t result; isc_resourcevalue_t old_openfiles; #ifdef HAVE_LIBSCF char *instance = NULL; #endif /* * Get the user and group information before changing the root * directory, so the administrator does not need to keep a copy * of the user and group databases in the chroot'ed environment. */ ns_os_inituserinfo(ns_g_username); /* * Initialize time conversion information */ ns_os_tzset(); ns_os_opendevnull(); #ifdef HAVE_LIBSCF /* Check if named is under smf control, before chroot. */ result = ns_smf_get_instance(&instance, 0, ns_g_mctx); /* We don't care about instance, just check if we got one. */ if (result == ISC_R_SUCCESS) ns_smf_got_instance = 1; else ns_smf_got_instance = 0; if (instance != NULL) isc_mem_free(ns_g_mctx, instance); #endif /* HAVE_LIBSCF */ #ifdef PATH_RANDOMDEV /* * Initialize system's random device as fallback entropy source * if running chroot'ed. */ if (ns_g_chrootdir != NULL) { result = isc_entropy_create(ns_g_mctx, &ns_g_fallbackentropy); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("isc_entropy_create() failed: %s", isc_result_totext(result)); result = isc_entropy_createfilesource(ns_g_fallbackentropy, PATH_RANDOMDEV); if (result != ISC_R_SUCCESS) { ns_main_earlywarning("could not open pre-chroot " "entropy source %s: %s", PATH_RANDOMDEV, isc_result_totext(result)); isc_entropy_detach(&ns_g_fallbackentropy); } } #endif #ifdef ISC_PLATFORM_USETHREADS /* * Check for the number of cpu's before ns_os_chroot(). */ ns_g_cpus_detected = isc_os_ncpus(); #endif ns_os_chroot(ns_g_chrootdir); /* * For operating systems which have a capability mechanism, now * is the time to switch to minimal privs and change our user id. * On traditional UNIX systems, this call will be a no-op, and we * will change the user ID after reading the config file the first * time. (We need to read the config file to know which possibly * privileged ports to bind() to.) */ ns_os_minprivs(); result = ns_log_init(ISC_TF(ns_g_username != NULL)); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("ns_log_init() failed: %s", isc_result_totext(result)); /* * Now is the time to daemonize (if we're not running in the * foreground). We waited until now because we wanted to get * a valid logging context setup. We cannot daemonize any later, * because calling create_managers() will create threads, which * would be lost after fork(). */ if (!ns_g_foreground) ns_os_daemonize(); /* * We call isc_app_start() here as some versions of FreeBSD's fork() * destroys all the signal handling it sets up. */ result = isc_app_start(); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("isc_app_start() failed: %s", isc_result_totext(result)); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "starting %s %s%s%s <id:%s>%s", ns_g_product, ns_g_version, *ns_g_description ? " " : "", ns_g_description, ns_g_srcid, saved_command_line); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "running on %s", ns_os_uname()); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "built with %s", ns_g_configargs); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "----------------------------------------------------"); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "BIND 9 is maintained by Internet Systems Consortium,"); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "Inc. (ISC), a non-profit 501(c)(3) public-benefit "); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "corporation. Support and training for BIND 9 are "); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "available at https://www.isc.org/support"); isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "----------------------------------------------------"); dump_symboltable(); /* * Get the initial resource limits. */ (void)isc_resource_getlimit(isc_resource_stacksize, &ns_g_initstacksize); (void)isc_resource_getlimit(isc_resource_datasize, &ns_g_initdatasize); (void)isc_resource_getlimit(isc_resource_coresize, &ns_g_initcoresize); (void)isc_resource_getlimit(isc_resource_openfiles, &ns_g_initopenfiles); /* * System resources cannot effectively be tuned on some systems. * Raise the limit in such cases for safety. */ old_openfiles = ns_g_initopenfiles; ns_os_adjustnofile(); (void)isc_resource_getlimit(isc_resource_openfiles, &ns_g_initopenfiles); if (old_openfiles != ns_g_initopenfiles) { isc_log_write(ns_g_lctx, NS_LOGCATEGORY_GENERAL, NS_LOGMODULE_MAIN, ISC_LOG_NOTICE, "adjusted limit on open files from " "%" ISC_PRINT_QUADFORMAT "u to " "%" ISC_PRINT_QUADFORMAT "u", old_openfiles, ns_g_initopenfiles); } /* * If the named configuration filename is relative, prepend the current * directory's name before possibly changing to another directory. */ if (! isc_file_isabsolute(ns_g_conffile)) { result = isc_file_absolutepath(ns_g_conffile, absolute_conffile, sizeof(absolute_conffile)); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("could not construct absolute path " "of configuration file: %s", isc_result_totext(result)); ns_g_conffile = absolute_conffile; } /* * Record the server's startup time. */ result = isc_time_now(&ns_g_boottime); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("isc_time_now() failed: %s", isc_result_totext(result)); result = create_managers(); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("create_managers() failed: %s", isc_result_totext(result)); ns_builtin_init(); /* * Add calls to register sdb drivers here. */ /* xxdb_init(); */ #ifdef ISC_DLZ_DLOPEN /* * Register the DLZ "dlopen" driver. */ result = dlz_dlopen_init(ns_g_mctx); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("dlz_dlopen_init() failed: %s", isc_result_totext(result)); #endif #if CONTRIB_DLZ /* * Register any other contributed DLZ drivers. */ result = dlz_drivers_init(); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("dlz_drivers_init() failed: %s", isc_result_totext(result)); #endif ns_server_create(ns_g_mctx, &ns_g_server); #ifdef HAVE_LIBSECCOMP setup_seccomp(); #endif /* HAVE_LIBSECCOMP */ }
static void parse_command_line(int argc, char *argv[]) { int ch; int port; const char *p; save_command_line(argc, argv); /* * NS_MAIN_ARGS is defined in main.h, so that it can be used * both by named and by ntservice hooks. */ isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv, NS_MAIN_ARGS)) != -1) { switch (ch) { case '4': if (ns_g_disable4) ns_main_earlyfatal("cannot specify -4 and -6"); if (isc_net_probeipv4() != ISC_R_SUCCESS) ns_main_earlyfatal("IPv4 not supported by OS"); isc_net_disableipv6(); ns_g_disable6 = ISC_TRUE; break; case '6': if (ns_g_disable6) ns_main_earlyfatal("cannot specify -4 and -6"); if (isc_net_probeipv6() != ISC_R_SUCCESS) ns_main_earlyfatal("IPv6 not supported by OS"); isc_net_disableipv4(); ns_g_disable4 = ISC_TRUE; break; case 'c': ns_g_conffile = isc_commandline_argument; lwresd_g_conffile = isc_commandline_argument; if (lwresd_g_useresolvconf) ns_main_earlyfatal("cannot specify -c and -C"); ns_g_conffileset = ISC_TRUE; break; case 'C': lwresd_g_resolvconffile = isc_commandline_argument; if (ns_g_conffileset) ns_main_earlyfatal("cannot specify -c and -C"); lwresd_g_useresolvconf = ISC_TRUE; break; case 'd': ns_g_debuglevel = parse_int(isc_commandline_argument, "debug level"); break; case 'D': /* Descriptive comment for 'ps'. */ break; case 'E': ns_g_engine = isc_commandline_argument; break; case 'f': ns_g_foreground = ISC_TRUE; break; case 'g': ns_g_foreground = ISC_TRUE; ns_g_logstderr = ISC_TRUE; break; /* XXXBEW -i should be removed */ case 'i': lwresd_g_defaultpidfile = isc_commandline_argument; break; case 'l': ns_g_lwresdonly = ISC_TRUE; break; case 'M': if (strcmp(isc_commandline_argument, "external") == 0) isc_mem_defaultflags = 0; break; case 'm': set_flags(isc_commandline_argument, mem_debug_flags, &isc_mem_debugging); break; case 'N': /* Deprecated. */ case 'n': ns_g_cpus = parse_int(isc_commandline_argument, "number of cpus"); if (ns_g_cpus == 0) ns_g_cpus = 1; break; case 'p': port = parse_int(isc_commandline_argument, "port"); if (port < 1 || port > 65535) ns_main_earlyfatal("port '%s' out of range", isc_commandline_argument); ns_g_port = port; break; /* XXXBEW Should -P be removed? */ case 'P': port = parse_int(isc_commandline_argument, "port"); if (port < 1 || port > 65535) ns_main_earlyfatal("port '%s' out of range", isc_commandline_argument); lwresd_g_listenport = port; break; case 's': /* XXXRTH temporary syntax */ want_stats = ISC_TRUE; break; case 'S': maxsocks = parse_int(isc_commandline_argument, "max number of sockets"); break; case 't': /* XXXJAB should we make a copy? */ ns_g_chrootdir = isc_commandline_argument; break; case 'T': /* NOT DOCUMENTED */ /* * force the server to behave (or misbehave) in * specified ways for testing purposes. * * clienttest: make clients single shot with their * own memory context. * delay=xxxx: delay client responses by xxxx ms to * simulate remote servers. * dscp=x: check that dscp values are as * expected and assert otherwise. */ if (!strcmp(isc_commandline_argument, "clienttest")) ns_g_clienttest = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "nosoa")) ns_g_nosoa = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "noaa")) ns_g_noaa = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "maxudp512")) maxudp = 512; else if (!strcmp(isc_commandline_argument, "maxudp1460")) maxudp = 1460; else if (!strcmp(isc_commandline_argument, "dropedns")) ns_g_dropedns = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "noedns")) ns_g_noedns = ISC_TRUE; else if (!strncmp(isc_commandline_argument, "maxudp=", 7)) maxudp = atoi(isc_commandline_argument + 7); else if (!strncmp(isc_commandline_argument, "delay=", 6)) ns_g_delay = atoi(isc_commandline_argument + 6); else if (!strcmp(isc_commandline_argument, "nosyslog")) ns_g_nosyslog = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "nonearest")) ns_g_nonearest = ISC_TRUE; else if (!strncmp(isc_commandline_argument, "dscp=", 5)) isc_dscp_check_value = atoi(isc_commandline_argument + 5); else if (!strncmp(isc_commandline_argument, "mkeytimers=", 11)) { p = strtok(isc_commandline_argument + 11, "/"); if (p == NULL) ns_main_earlyfatal("bad mkeytimer"); dns_zone_mkey_hour = atoi(p); if (dns_zone_mkey_hour == 0) ns_main_earlyfatal("bad mkeytimer"); p = strtok(NULL, "/"); if (p == NULL) { dns_zone_mkey_day = (24 * dns_zone_mkey_hour); dns_zone_mkey_month = (30 * dns_zone_mkey_day); break; } dns_zone_mkey_day = atoi(p); if (dns_zone_mkey_day < dns_zone_mkey_hour) ns_main_earlyfatal("bad mkeytimer"); p = strtok(NULL, "/"); if (p == NULL) { dns_zone_mkey_month = (30 * dns_zone_mkey_day); break; } dns_zone_mkey_month = atoi(p); if (dns_zone_mkey_month < dns_zone_mkey_day) ns_main_earlyfatal("bad mkeytimer"); } else if (!strcmp(isc_commandline_argument, "notcp")) ns_g_notcp = ISC_TRUE; else fprintf(stderr, "unknown -T flag '%s\n", isc_commandline_argument); break; case 'U': ns_g_udpdisp = parse_int(isc_commandline_argument, "number of UDP listeners " "per interface"); break; case 'u': ns_g_username = isc_commandline_argument; break; case 'v': printf("%s %s%s%s <id:%s>\n", ns_g_product, ns_g_version, (*ns_g_description != '\0') ? " " : "", ns_g_description, ns_g_srcid); exit(0); case 'V': printf("%s %s%s%s <id:%s>\n", ns_g_product, ns_g_version, (*ns_g_description != '\0') ? " " : "", ns_g_description, ns_g_srcid); printf("running on %s\n", ns_os_uname()); printf("built by %s with %s\n", ns_g_builder, ns_g_configargs); #ifdef __clang__ printf("compiled by CLANG %s\n", __VERSION__); #else #if defined(__ICC) || defined(__INTEL_COMPILER) printf("compiled by ICC %s\n", __VERSION__); #else #ifdef __GNUC__ printf("compiled by GCC %s\n", __VERSION__); #endif #endif #endif #ifdef _MSC_VER printf("compiled by MSVC %d\n", _MSC_VER); #endif #ifdef __SUNPRO_C printf("compiled by Solaris Studio %x\n", __SUNPRO_C); #endif #ifdef OPENSSL printf("compiled with OpenSSL version: %s\n", OPENSSL_VERSION_TEXT); printf("linked to OpenSSL version: %s\n", SSLeay_version(SSLEAY_VERSION)); #endif #ifdef HAVE_LIBXML2 printf("compiled with libxml2 version: %s\n", LIBXML_DOTTED_VERSION); printf("linked to libxml2 version: %s\n", xmlParserVersion); #endif #if defined(HAVE_JSON) && defined(JSON_C_VERSION) printf("compiled with libjson-c version: %s\n", JSON_C_VERSION); printf("linked to libjson-c version: %s\n", json_c_version()); #endif exit(0); case 'F': /* Reserved for FIPS mode */ /* FALLTHROUGH */ case '?': usage(); if (isc_commandline_option == '?') exit(0); p = strchr(NS_MAIN_ARGS, isc_commandline_option); if (p == NULL || *++p != ':') ns_main_earlyfatal("unknown option '-%c'", isc_commandline_option); else ns_main_earlyfatal("option '-%c' requires " "an argument", isc_commandline_option); /* FALLTHROUGH */ default: ns_main_earlyfatal("parsing options returned %d", ch); } } argc -= isc_commandline_index; argv += isc_commandline_index; POST(argv); if (argc > 0) { usage(); ns_main_earlyfatal("extra command line arguments"); } }
static void parse_command_line(int argc, char *argv[]) { int ch; int port; const char *p; isc_boolean_t disable6 = ISC_FALSE; isc_boolean_t disable4 = ISC_FALSE; save_command_line(argc, argv); /* PLEASE keep options synchronized when main is hooked! */ #define CMDLINE_FLAGS "46c:C:d:D:E:fFgi:lm:n:N:p:P:sS:t:T:U:u:vVx:" isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv, CMDLINE_FLAGS)) != -1) { switch (ch) { case '4': if (disable4) ns_main_earlyfatal("cannot specify -4 and -6"); if (isc_net_probeipv4() != ISC_R_SUCCESS) ns_main_earlyfatal("IPv4 not supported by OS"); isc_net_disableipv6(); disable6 = ISC_TRUE; break; case '6': if (disable6) ns_main_earlyfatal("cannot specify -4 and -6"); if (isc_net_probeipv6() != ISC_R_SUCCESS) ns_main_earlyfatal("IPv6 not supported by OS"); isc_net_disableipv4(); disable4 = ISC_TRUE; break; case 'c': ns_g_conffile = isc_commandline_argument; lwresd_g_conffile = isc_commandline_argument; if (lwresd_g_useresolvconf) ns_main_earlyfatal("cannot specify -c and -C"); ns_g_conffileset = ISC_TRUE; break; case 'C': lwresd_g_resolvconffile = isc_commandline_argument; if (ns_g_conffileset) ns_main_earlyfatal("cannot specify -c and -C"); lwresd_g_useresolvconf = ISC_TRUE; break; case 'd': ns_g_debuglevel = parse_int(isc_commandline_argument, "debug level"); break; case 'D': /* Descriptive comment for 'ps'. */ break; case 'E': ns_g_engine = isc_commandline_argument; break; case 'f': ns_g_foreground = ISC_TRUE; break; case 'g': ns_g_foreground = ISC_TRUE; ns_g_logstderr = ISC_TRUE; break; /* XXXBEW -i should be removed */ case 'i': lwresd_g_defaultpidfile = isc_commandline_argument; break; case 'l': ns_g_lwresdonly = ISC_TRUE; break; case 'm': set_flags(isc_commandline_argument, mem_debug_flags, &isc_mem_debugging); break; case 'N': /* Deprecated. */ case 'n': ns_g_cpus = parse_int(isc_commandline_argument, "number of cpus"); if (ns_g_cpus == 0) ns_g_cpus = 1; break; case 'p': port = parse_int(isc_commandline_argument, "port"); if (port < 1 || port > 65535) ns_main_earlyfatal("port '%s' out of range", isc_commandline_argument); ns_g_port = port; break; /* XXXBEW Should -P be removed? */ case 'P': port = parse_int(isc_commandline_argument, "port"); if (port < 1 || port > 65535) ns_main_earlyfatal("port '%s' out of range", isc_commandline_argument); lwresd_g_listenport = port; break; case 's': /* XXXRTH temporary syntax */ want_stats = ISC_TRUE; break; case 'S': maxsocks = parse_int(isc_commandline_argument, "max number of sockets"); break; case 't': /* XXXJAB should we make a copy? */ ns_g_chrootdir = isc_commandline_argument; break; case 'T': /* NOT DOCUMENTED */ /* * force the server to behave (or misbehave) in * specified ways for testing purposes. * * clienttest: make clients single shot with their * own memory context. * delay=xxxx: delay client responses by xxxx ms to * simulate remote servers. * dscp=x: check that dscp values are as * expected and assert otherwise. */ if (!strcmp(isc_commandline_argument, "clienttest")) ns_g_clienttest = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "nosoa")) ns_g_nosoa = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "noaa")) ns_g_noaa = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "maxudp512")) maxudp = 512; else if (!strcmp(isc_commandline_argument, "maxudp1460")) maxudp = 1460; else if (!strcmp(isc_commandline_argument, "dropedns")) ns_g_dropedns = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "noedns")) ns_g_noedns = ISC_TRUE; else if (!strncmp(isc_commandline_argument, "maxudp=", 7)) maxudp = atoi(isc_commandline_argument + 7); else if (!strncmp(isc_commandline_argument, "delay=", 6)) ns_g_delay = atoi(isc_commandline_argument + 6); else if (!strcmp(isc_commandline_argument, "nosyslog")) ns_g_nosyslog = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "nonearest")) ns_g_nonearest = ISC_TRUE; else if (!strncmp(isc_commandline_argument, "dscp=", 5)) isc_dscp_check_value = atoi(isc_commandline_argument + 5); else fprintf(stderr, "unknown -T flag '%s\n", isc_commandline_argument); break; case 'U': ns_g_udpdisp = parse_int(isc_commandline_argument, "number of UDP listeners " "per interface"); break; case 'u': ns_g_username = isc_commandline_argument; break; case 'v': printf("%s %s", ns_g_product, ns_g_version); if (*ns_g_description != 0) printf(" %s", ns_g_description); printf("\n"); exit(0); case 'V': printf("%s %s", ns_g_product, ns_g_version); if (*ns_g_description != 0) printf(" %s", ns_g_description); printf(" <id:%s> built by %s with %s\n", ns_g_srcid, ns_g_builder, ns_g_configargs); #ifdef __clang__ printf("compiled by CLANG %s\n", __VERSION__); #else #if defined(__ICC) || defined(__INTEL_COMPILER) printf("compiled by ICC %s\n", __VERSION__); #else #ifdef __GNUC__ printf("compiled by GCC %s\n", __VERSION__); #endif #endif #endif #ifdef _MSC_VER printf("compiled by MSVC %d\n", _MSC_VER); #endif #ifdef __SUNPRO_C printf("compiled by Solaris Studio %x\n", __SUNPRO_C); #endif #ifdef OPENSSL printf("using OpenSSL version: %s\n", OPENSSL_VERSION_TEXT); #endif #ifdef HAVE_LIBXML2 printf("using libxml2 version: %s\n", LIBXML_DOTTED_VERSION); #endif exit(0); case 'F': /* Reserved for FIPS mode */ /* FALLTHROUGH */ case '?': usage(); if (isc_commandline_option == '?') exit(0); p = strchr(CMDLINE_FLAGS, isc_commandline_option); if (p == NULL || *++p != ':') ns_main_earlyfatal("unknown option '-%c'", isc_commandline_option); else ns_main_earlyfatal("option '-%c' requires " "an argument", isc_commandline_option); /* FALLTHROUGH */ default: ns_main_earlyfatal("parsing options returned %d", ch); } } argc -= isc_commandline_index; argv += isc_commandline_index; POST(argv); if (argc > 0) { usage(); ns_main_earlyfatal("extra command line arguments"); } }
int main(int argc, char *argv[]) { isc_result_t result; #ifdef HAVE_LIBSCF char *instance = NULL; #endif #ifdef HAVE_GPERFTOOLS_PROFILER (void) ProfilerStart(NULL); #endif /* * Record version in core image. * strings named.core | grep "named version:" */ strlcat(version, #if defined(NO_VERSION_DATE) || !defined(__DATE__) "named version: BIND " VERSION " <" SRCID ">", #else "named version: BIND " VERSION " <" SRCID "> (" __DATE__ ")", #endif sizeof(version)); result = isc_file_progname(*argv, program_name, sizeof(program_name)); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("program name too long"); if (strcmp(program_name, "lwresd") == 0) ns_g_lwresdonly = ISC_TRUE; if (result != ISC_R_SUCCESS) ns_main_earlyfatal("failed to build internal symbol table"); isc_assertion_setcallback(assertion_failed); isc_error_setfatal(library_fatal_error); isc_error_setunexpected(library_unexpected_error); ns_os_init(program_name); dns_result_register(); dst_result_register(); isccc_result_register(); #ifdef PKCS11CRYPTO pk11_result_register(); #endif parse_command_line(argc, argv); pfilter_open(); /* * Warn about common configuration error. */ if (ns_g_chrootdir != NULL) { int len = strlen(ns_g_chrootdir); if (strncmp(ns_g_chrootdir, ns_g_conffile, len) == 0 && (ns_g_conffile[len] == '/' || ns_g_conffile[len] == '\\')) ns_main_earlywarning("config filename (-c %s) contains " "chroot path (-t %s)", ns_g_conffile, ns_g_chrootdir); } result = isc_mem_create(0, 0, &ns_g_mctx); if (result != ISC_R_SUCCESS) ns_main_earlyfatal("isc_mem_create() failed: %s", isc_result_totext(result)); isc_mem_setname(ns_g_mctx, "main", NULL); setup(); /* * Start things running and then wait for a shutdown request * or reload. */ do { result = isc_app_run(); if (result == ISC_R_RELOAD) { ns_server_reloadwanted(ns_g_server); } else if (result != ISC_R_SUCCESS) { UNEXPECTED_ERROR(__FILE__, __LINE__, "isc_app_run(): %s", isc_result_totext(result)); /* * Force exit. */ result = ISC_R_SUCCESS; } } while (result != ISC_R_SUCCESS); #ifdef HAVE_LIBSCF if (ns_smf_want_disable == 1) { result = ns_smf_get_instance(&instance, 1, ns_g_mctx); if (result == ISC_R_SUCCESS && instance != NULL) { if (smf_disable_instance(instance, 0) != 0) UNEXPECTED_ERROR(__FILE__, __LINE__, "smf_disable_instance() " "failed for %s : %s", instance, scf_strerror(scf_error())); } if (instance != NULL) isc_mem_free(ns_g_mctx, instance); } #endif /* HAVE_LIBSCF */ cleanup(); if (want_stats) { isc_mem_stats(ns_g_mctx, stdout); isc_mutex_stats(stdout); } if (ns_g_memstatistics && memstats != NULL) { FILE *fp = NULL; result = isc_stdio_open(memstats, "w", &fp); if (result == ISC_R_SUCCESS) { isc_mem_stats(ns_g_mctx, fp); isc_mutex_stats(fp); isc_stdio_close(fp); } } isc_mem_destroy(&ns_g_mctx); isc_mem_checkdestroyed(stderr); ns_main_setmemstats(NULL); isc_app_finish(); ns_os_closedevnull(); ns_os_shutdown(); #ifdef HAVE_GPERFTOOLS_PROFILER ProfilerStop(); #endif return (0); }
void ns_os_chroot(const char *root) { if (root != NULL) ns_main_earlyfatal("chroot(): isn't supported by Win32 API"); }
static void parse_command_line(int argc, char *argv[]) { int ch; int port; isc_boolean_t disable6 = ISC_FALSE; isc_boolean_t disable4 = ISC_FALSE; save_command_line(argc, argv); isc_commandline_errprint = ISC_FALSE; while ((ch = isc_commandline_parse(argc, argv, "46c:C:d:E:fFgi:lm:n:N:p:P:" "sS:t:T:u:vVx:")) != -1) { switch (ch) { case '4': if (disable4) ns_main_earlyfatal("cannot specify -4 and -6"); if (isc_net_probeipv4() != ISC_R_SUCCESS) ns_main_earlyfatal("IPv4 not supported by OS"); isc_net_disableipv6(); disable6 = ISC_TRUE; break; case '6': if (disable6) ns_main_earlyfatal("cannot specify -4 and -6"); if (isc_net_probeipv6() != ISC_R_SUCCESS) ns_main_earlyfatal("IPv6 not supported by OS"); isc_net_disableipv4(); disable4 = ISC_TRUE; break; case 'c': ns_g_conffile = isc_commandline_argument; lwresd_g_conffile = isc_commandline_argument; if (lwresd_g_useresolvconf) ns_main_earlyfatal("cannot specify -c and -C"); ns_g_conffileset = ISC_TRUE; break; case 'C': lwresd_g_resolvconffile = isc_commandline_argument; if (ns_g_conffileset) ns_main_earlyfatal("cannot specify -c and -C"); lwresd_g_useresolvconf = ISC_TRUE; break; case 'd': ns_g_debuglevel = parse_int(isc_commandline_argument, "debug level"); break; case 'E': ns_g_engine = isc_commandline_argument; break; case 'f': ns_g_foreground = ISC_TRUE; break; case 'g': ns_g_foreground = ISC_TRUE; ns_g_logstderr = ISC_TRUE; break; /* XXXBEW -i should be removed */ case 'i': lwresd_g_defaultpidfile = isc_commandline_argument; break; case 'l': ns_g_lwresdonly = ISC_TRUE; break; case 'm': set_flags(isc_commandline_argument, mem_debug_flags, &isc_mem_debugging); break; case 'N': /* Deprecated. */ case 'n': ns_g_cpus = parse_int(isc_commandline_argument, "number of cpus"); if (ns_g_cpus == 0) ns_g_cpus = 1; break; case 'p': port = parse_int(isc_commandline_argument, "port"); if (port < 1 || port > 65535) ns_main_earlyfatal("port '%s' out of range", isc_commandline_argument); ns_g_port = port; break; /* XXXBEW Should -P be removed? */ case 'P': port = parse_int(isc_commandline_argument, "port"); if (port < 1 || port > 65535) ns_main_earlyfatal("port '%s' out of range", isc_commandline_argument); lwresd_g_listenport = port; break; case 's': /* XXXRTH temporary syntax */ want_stats = ISC_TRUE; break; case 'S': maxsocks = parse_int(isc_commandline_argument, "max number of sockets"); break; case 't': /* XXXJAB should we make a copy? */ ns_g_chrootdir = isc_commandline_argument; break; case 'T': /* * clienttest: make clients single shot with their * own memory context. */ if (!strcmp(isc_commandline_argument, "clienttest")) ns_g_clienttest = ISC_TRUE; else if (!strcmp(isc_commandline_argument, "maxudp512")) maxudp = 512; else if (!strcmp(isc_commandline_argument, "maxudp1460")) maxudp = 1460; else fprintf(stderr, "unknown -T flag '%s\n", isc_commandline_argument); break; case 'u': ns_g_username = isc_commandline_argument; break; case 'v': printf("BIND %s\n", ns_g_version); exit(0); case 'V': printf("BIND %s built with %s\n", ns_g_version, ns_g_configargs); exit(0); case 'F': /* Reserved for FIPS mode */ /* FALLTHROUGH */ case '?': usage(); if (isc_commandline_option == '?') exit(0); ns_main_earlyfatal("unknown option '-%c'", isc_commandline_option); /* FALLTHROUGH */ default: ns_main_earlyfatal("parsing options returned %d", ch); } } argc -= isc_commandline_index; argv += isc_commandline_index; if (argc > 0) { usage(); ns_main_earlyfatal("extra command line arguments"); } }
void ns_os_daemonize(void) { pid_t pid; char strbuf[ISC_STRERRORSIZE]; if (pipe(dfd) == -1) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("pipe(): %s", strbuf); } pid = fork(); if (pid == -1) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("fork(): %s", strbuf); } if (pid != 0) { int n; /* * Wait for the child to finish loading for the first time. * This would be so much simpler if fork() worked once we * were multi-threaded. */ (void)close(dfd[1]); do { char buf; n = read(dfd[0], &buf, 1); if (n == 1) _exit(0); } while (n == -1 && errno == EINTR); _exit(1); } (void)close(dfd[0]); /* * We're the child. */ #ifdef HAVE_LINUXTHREADS mainpid = getpid(); #endif if (setsid() == -1) { isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal("setsid(): %s", strbuf); } /* * Try to set stdin, stdout, and stderr to /dev/null, but press * on even if it fails. * * XXXMLG The close() calls here are unneeded on all but NetBSD, but * are harmless to include everywhere. dup2() is supposed to close * the FD if it is in use, but unproven-pthreads-0.16 is broken * and will end up closing the wrong FD. This will be fixed eventually, * and these calls will be removed. */ if (devnullfd != -1) { if (devnullfd != STDIN_FILENO) { (void)close(STDIN_FILENO); (void)dup2(devnullfd, STDIN_FILENO); } if (devnullfd != STDOUT_FILENO) { (void)close(STDOUT_FILENO); (void)dup2(devnullfd, STDOUT_FILENO); } if (devnullfd != STDERR_FILENO) { (void)close(STDERR_FILENO); (void)dup2(devnullfd, STDERR_FILENO); } } }
static void linux_setcaps(cap_t caps) { #ifndef HAVE_LIBCAP struct __user_cap_header_struct caphead; struct __user_cap_data_struct cap; #endif char strbuf[ISC_STRERRORSIZE]; if ((getuid() != 0 && !non_root_caps) || non_root) return; #ifndef HAVE_LIBCAP memset(&caphead, 0, sizeof(caphead)); caphead.version = _LINUX_CAPABILITY_VERSION; caphead.pid = 0; memset(&cap, 0, sizeof(cap)); cap.effective = caps; cap.permitted = caps; cap.inheritable = 0; #endif #ifdef HAVE_LIBCAP if (cap_set_proc(caps) < 0) { #else if (syscall(SYS_capset, &caphead, &cap) < 0) { #endif isc__strerror(errno, strbuf, sizeof(strbuf)); ns_main_earlyfatal(SETCAPS_FUNC "failed: %s:" " please ensure that the capset kernel" " module is loaded. see insmod(8)", strbuf); } } #ifdef HAVE_LIBCAP #define SET_CAP(flag) \ do { \ capval = (flag); \ cap_flag_value_t curval; \ err = cap_get_flag(curcaps, capval, CAP_PERMITTED, &curval); \ if (err != -1 && curval) { \ err = cap_set_flag(caps, CAP_EFFECTIVE, 1, &capval, CAP_SET); \ if (err == -1) { \ isc__strerror(errno, strbuf, sizeof(strbuf)); \ ns_main_earlyfatal("cap_set_proc failed: %s", strbuf); \ } \ \ err = cap_set_flag(caps, CAP_PERMITTED, 1, &capval, CAP_SET); \ if (err == -1) { \ isc__strerror(errno, strbuf, sizeof(strbuf)); \ ns_main_earlyfatal("cap_set_proc failed: %s", strbuf); \ } \ } \ } while (0) #define INIT_CAP \ do { \ caps = cap_init(); \ if (caps == NULL) { \ isc__strerror(errno, strbuf, sizeof(strbuf)); \ ns_main_earlyfatal("cap_init failed: %s", strbuf); \ } \ curcaps = cap_get_proc(); \ if (curcaps == NULL) { \ isc__strerror(errno, strbuf, sizeof(strbuf)); \ ns_main_earlyfatal("cap_get_proc failed: %s", strbuf); \ } \ } while (0) #define FREE_CAP \ { \ cap_free(caps); \ cap_free(curcaps); \ } while (0) #else #define SET_CAP(flag) do { caps |= (1 << (flag)); } while (0) #define INIT_CAP do { caps = 0; } while (0) #endif /* HAVE_LIBCAP */ static void linux_initialprivs(void) { cap_t caps; #ifdef HAVE_LIBCAP cap_t curcaps; cap_value_t capval; char strbuf[ISC_STRERRORSIZE]; int err; #endif /*% * We don't need most privileges, so we drop them right away. * Later on linux_minprivs() will be called, which will drop our * capabilities to the minimum needed to run the server. */ INIT_CAP; /* * We need to be able to bind() to privileged ports, notably port 53! */ SET_CAP(CAP_NET_BIND_SERVICE); /* * We need chroot() initially too. */ SET_CAP(CAP_SYS_CHROOT); #if defined(HAVE_SYS_PRCTL_H) || !defined(HAVE_LINUXTHREADS) /* * We can setuid() only if either the kernel supports keeping * capabilities after setuid() (which we don't know until we've * tried) or we're not using threads. If either of these is * true, we want the setuid capability. */ SET_CAP(CAP_SETUID); #endif /* * Since we call initgroups, we need this. */ SET_CAP(CAP_SETGID); /* * Without this, we run into problems reading a configuration file * owned by a non-root user and non-world-readable on startup. */ SET_CAP(CAP_DAC_READ_SEARCH); /* * XXX We might want to add CAP_SYS_RESOURCE, though it's not * clear it would work right given the way linuxthreads work. * XXXDCL But since we need to be able to set the maximum number * of files, the stack size, data size, and core dump size to * support named.conf options, this is now being added to test. */ SET_CAP(CAP_SYS_RESOURCE); /* * We need to be able to set the ownership of the containing * directory of the pid file when we create it. */ SET_CAP(CAP_CHOWN); linux_setcaps(caps); #ifdef HAVE_LIBCAP FREE_CAP; #endif }