1 /* Inner loops of cache daemon.
2 Copyright (C) 1998-2003, 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4 Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published
8 by the Free Software Foundation; version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software Foundation,
18 Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
34 #include <arpa/inet.h>
36 # include <sys/epoll.h>
39 #include <sys/param.h>
42 # include <sys/sendfile.h>
44 #include <sys/socket.h>
52 # include <kernel-features.h>
56 /* Wrapper functions with error checking for standard functions. */
57 extern void *xmalloc (size_t n
);
58 extern void *xcalloc (size_t n
, size_t s
);
59 extern void *xrealloc (void *o
, size_t n
);
61 /* Support to run nscd as an unprivileged user */
62 const char *server_user
;
63 static uid_t server_uid
;
64 static gid_t server_gid
;
65 const char *stat_user
;
67 static gid_t
*server_groups
;
71 static int server_ngroups
;
72 static volatile int sighup_pending
;
74 static pthread_attr_t attr
;
76 static void begin_drop_privileges (void);
77 static void finish_drop_privileges (void);
79 /* Map request type to a string. */
80 const char *const serv2str
[LASTREQ
] =
82 [GETPWBYNAME
] = "GETPWBYNAME",
83 [GETPWBYUID
] = "GETPWBYUID",
84 [GETGRBYNAME
] = "GETGRBYNAME",
85 [GETGRBYGID
] = "GETGRBYGID",
86 [GETHOSTBYNAME
] = "GETHOSTBYNAME",
87 [GETHOSTBYNAMEv6
] = "GETHOSTBYNAMEv6",
88 [GETHOSTBYADDR
] = "GETHOSTBYADDR",
89 [GETHOSTBYADDRv6
] = "GETHOSTBYADDRv6",
90 [SHUTDOWN
] = "SHUTDOWN",
91 [GETSTAT
] = "GETSTAT",
92 [INVALIDATE
] = "INVALIDATE",
93 [GETFDPW
] = "GETFDPW",
94 [GETFDGR
] = "GETFDGR",
95 [GETFDHST
] = "GETFDHST",
97 [INITGROUPS
] = "INITGROUPS",
98 [GETSERVBYNAME
] = "GETSERVBYNAME",
99 [GETSERVBYPORT
] = "GETSERVBYPORT",
100 [GETFDSERV
] = "GETFDSERV"
103 /* The control data structures for the services. */
104 struct database_dyn dbs
[lastdb
] =
107 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
108 .prunelock
= PTHREAD_MUTEX_INITIALIZER
,
114 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
116 .filename
= "/etc/passwd",
117 .db_filename
= _PATH_NSCD_PASSWD_DB
,
118 .disabled_iov
= &pwd_iov_disabled
,
126 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
127 .prunelock
= PTHREAD_MUTEX_INITIALIZER
,
133 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
135 .filename
= "/etc/group",
136 .db_filename
= _PATH_NSCD_GROUP_DB
,
137 .disabled_iov
= &grp_iov_disabled
,
145 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
146 .prunelock
= PTHREAD_MUTEX_INITIALIZER
,
150 .propagate
= 0, /* Not used. */
152 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
154 .filename
= "/etc/hosts",
155 .db_filename
= _PATH_NSCD_HOSTS_DB
,
156 .disabled_iov
= &hst_iov_disabled
,
164 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
165 .prunelock
= PTHREAD_MUTEX_INITIALIZER
,
169 .propagate
= 0, /* Not used. */
171 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
173 .filename
= "/etc/services",
174 .db_filename
= _PATH_NSCD_SERVICES_DB
,
175 .disabled_iov
= &serv_iov_disabled
,
185 /* Mapping of request type to database. */
189 struct database_dyn
*db
;
190 } const reqinfo
[LASTREQ
] =
192 [GETPWBYNAME
] = { true, &dbs
[pwddb
] },
193 [GETPWBYUID
] = { true, &dbs
[pwddb
] },
194 [GETGRBYNAME
] = { true, &dbs
[grpdb
] },
195 [GETGRBYGID
] = { true, &dbs
[grpdb
] },
196 [GETHOSTBYNAME
] = { true, &dbs
[hstdb
] },
197 [GETHOSTBYNAMEv6
] = { true, &dbs
[hstdb
] },
198 [GETHOSTBYADDR
] = { true, &dbs
[hstdb
] },
199 [GETHOSTBYADDRv6
] = { true, &dbs
[hstdb
] },
200 [SHUTDOWN
] = { false, NULL
},
201 [GETSTAT
] = { false, NULL
},
202 [SHUTDOWN
] = { false, NULL
},
203 [GETFDPW
] = { false, &dbs
[pwddb
] },
204 [GETFDGR
] = { false, &dbs
[grpdb
] },
205 [GETFDHST
] = { false, &dbs
[hstdb
] },
206 [GETAI
] = { true, &dbs
[hstdb
] },
207 [INITGROUPS
] = { true, &dbs
[grpdb
] },
208 [GETSERVBYNAME
] = { true, &dbs
[servdb
] },
209 [GETSERVBYPORT
] = { true, &dbs
[servdb
] },
210 [GETFDSERV
] = { false, &dbs
[servdb
] }
214 /* Number of seconds between two cache pruning runs. */
215 #define CACHE_PRUNE_INTERVAL 15
218 /* Initial number of threads to use. */
220 /* Maximum number of threads to use. */
221 int max_nthreads
= 32;
223 /* Socket for incoming connections. */
226 /* Number of times clients had to wait. */
227 unsigned long int client_queued
;
231 writeall (int fd
, const void *buf
, size_t len
)
237 ret
= TEMP_FAILURE_RETRY (send (fd
, buf
, n
, MSG_NOSIGNAL
));
240 buf
= (const char *) buf
+ ret
;
244 return ret
< 0 ? ret
: len
- n
;
250 sendfileall (int tofd
, int fromfd
, off_t off
, size_t len
)
257 ret
= TEMP_FAILURE_RETRY (sendfile (tofd
, fromfd
, &off
, n
));
263 return ret
< 0 ? ret
: len
- n
;
271 /* The following three are not really used, they are symbolic constants. */
277 use_he_begin
= use_he
| use_begin
,
278 use_he_end
= use_he
| use_end
,
281 use_key_begin
= use_key
| use_begin
,
282 use_key_end
= use_key
| use_end
,
283 use_key_first
= use_key_begin
| use_first
,
286 use_data_begin
= use_data
| use_begin
,
287 use_data_end
= use_data
| use_end
,
288 use_data_first
= use_data_begin
| use_first
293 check_use (const char *data
, nscd_ssize_t first_free
, uint8_t *usemap
,
294 enum usekey use
, ref_t start
, size_t len
)
298 if (start
> first_free
|| start
+ len
> first_free
299 || (start
& BLOCK_ALIGN_M1
))
302 if (usemap
[start
] == use_not
)
304 /* Add the start marker. */
305 usemap
[start
] = use
| use_begin
;
309 if (usemap
[++start
] != use_not
)
314 /* Add the end marker. */
315 usemap
[start
] = use
| use_end
;
317 else if ((usemap
[start
] & ~use_first
) == ((use
| use_begin
) & ~use_first
))
319 /* Hash entries can't be shared. */
323 usemap
[start
] |= (use
& use_first
);
327 if (usemap
[++start
] != use
)
330 if (usemap
[++start
] != (use
| use_end
))
334 /* Points to a wrong object or somewhere in the middle. */
341 /* Verify data in persistent database. */
343 verify_persistent_db (void *mem
, struct database_pers_head
*readhead
, int dbnr
)
345 assert (dbnr
== pwddb
|| dbnr
== grpdb
|| dbnr
== hstdb
|| dbnr
== servdb
);
347 time_t now
= time (NULL
);
349 struct database_pers_head
*head
= mem
;
350 struct database_pers_head head_copy
= *head
;
352 /* Check that the header that was read matches the head in the database. */
353 if (readhead
!= NULL
&& memcmp (head
, readhead
, sizeof (*head
)) != 0)
356 /* First some easy tests: make sure the database header is sane. */
357 if (head
->version
!= DB_VERSION
358 || head
->header_size
!= sizeof (*head
)
359 /* We allow a timestamp to be one hour ahead of the current time.
360 This should cover daylight saving time changes. */
361 || head
->timestamp
> now
+ 60 * 60 + 60
362 || (head
->gc_cycle
& 1)
363 || (size_t) head
->module
> INT32_MAX
/ sizeof (ref_t
)
364 || (size_t) head
->data_size
> INT32_MAX
- head
->module
* sizeof (ref_t
)
365 || head
->first_free
< 0
366 || head
->first_free
> head
->data_size
367 || (head
->first_free
& BLOCK_ALIGN_M1
) != 0
368 || head
->maxnentries
< 0
369 || head
->maxnsearched
< 0)
372 uint8_t *usemap
= calloc (head
->first_free
, 1);
376 const char *data
= (char *) &head
->array
[roundup (head
->module
,
377 ALIGN
/ sizeof (ref_t
))];
379 nscd_ssize_t he_cnt
= 0;
380 for (nscd_ssize_t cnt
= 0; cnt
< head
->module
; ++cnt
)
382 ref_t trail
= head
->array
[cnt
];
386 while (work
!= ENDREF
)
388 if (! check_use (data
, head
->first_free
, usemap
, use_he
, work
,
389 sizeof (struct hashentry
)))
392 /* Now we know we can dereference the record. */
393 struct hashentry
*here
= (struct hashentry
*) (data
+ work
);
397 /* Make sure the record is for this type of service. */
398 if (here
->type
>= LASTREQ
399 || reqinfo
[here
->type
].db
!= &dbs
[dbnr
])
402 /* Validate boolean field value. */
403 if (here
->first
!= false && here
->first
!= true)
411 || here
->packet
> head
->first_free
412 || here
->packet
+ sizeof (struct datahead
) > head
->first_free
)
415 struct datahead
*dh
= (struct datahead
*) (data
+ here
->packet
);
417 if (! check_use (data
, head
->first_free
, usemap
,
418 use_data
| (here
->first
? use_first
: 0),
419 here
->packet
, dh
->allocsize
))
422 if (dh
->allocsize
< sizeof (struct datahead
)
423 || dh
->recsize
> dh
->allocsize
424 || (dh
->notfound
!= false && dh
->notfound
!= true)
425 || (dh
->usable
!= false && dh
->usable
!= true))
428 if (here
->key
< here
->packet
+ sizeof (struct datahead
)
429 || here
->key
> here
->packet
+ dh
->allocsize
430 || here
->key
+ here
->len
> here
->packet
+ dh
->allocsize
)
433 /* If keys can appear outside of data, this should be done
434 instead. But gc doesn't mark the data in that case. */
435 if (! check_use (data
, head
->first_free
, usemap
,
436 use_key
| (here
->first
? use_first
: 0),
437 here
->key
, here
->len
))
445 /* A circular list, this must not happen. */
448 trail
= ((struct hashentry
*) (data
+ trail
))->next
;
453 if (he_cnt
!= head
->nentries
)
456 /* See if all data and keys had at least one reference from
457 he->first == true hashentry. */
458 for (ref_t idx
= 0; idx
< head
->first_free
; ++idx
)
461 if (usemap
[idx
] == use_key_begin
)
464 if (usemap
[idx
] == use_data_begin
)
468 /* Finally, make sure the database hasn't changed since the first test. */
469 if (memcmp (mem
, &head_copy
, sizeof (*head
)) != 0)
482 # define EXTRA_O_FLAGS O_CLOEXEC
484 # define EXTRA_O_FLAGS 0
488 /* Initialize database information structures. */
492 /* Look up unprivileged uid/gid/groups before we start listening on the
494 if (server_user
!= NULL
)
495 begin_drop_privileges ();
498 /* No configuration for this value, assume a default. */
499 nthreads
= 2 * lastdb
;
501 for (size_t cnt
= 0; cnt
< lastdb
; ++cnt
)
502 if (dbs
[cnt
].enabled
)
504 pthread_rwlock_init (&dbs
[cnt
].lock
, NULL
);
505 pthread_mutex_init (&dbs
[cnt
].memlock
, NULL
);
507 if (dbs
[cnt
].persistent
)
509 /* Try to open the appropriate file on disk. */
510 int fd
= open (dbs
[cnt
].db_filename
, O_RDWR
| EXTRA_O_FLAGS
);
516 struct database_pers_head head
;
517 ssize_t n
= TEMP_FAILURE_RETRY (read (fd
, &head
,
519 if (n
!= sizeof (head
) || fstat64 (fd
, &st
) != 0)
522 dbg_log (_("invalid persistent database file \"%s\": %s"),
523 dbs
[cnt
].db_filename
, strerror (errno
));
524 unlink (dbs
[cnt
].db_filename
);
526 else if (head
.module
== 0 && head
.data_size
== 0)
528 /* The file has been created, but the head has not been
529 initialized yet. Remove the old file. */
530 unlink (dbs
[cnt
].db_filename
);
532 else if (head
.header_size
!= (int) sizeof (head
))
534 dbg_log (_("invalid persistent database file \"%s\": %s"),
535 dbs
[cnt
].db_filename
,
536 _("header size does not match"));
537 unlink (dbs
[cnt
].db_filename
);
539 else if ((total
= (sizeof (head
)
540 + roundup (head
.module
* sizeof (ref_t
),
544 || total
< sizeof (head
))
546 dbg_log (_("invalid persistent database file \"%s\": %s"),
547 dbs
[cnt
].db_filename
,
548 _("file size does not match"));
549 unlink (dbs
[cnt
].db_filename
);
551 /* Note we map with the maximum size allowed for the
552 database. This is likely much larger than the
553 actual file size. This is OK on most OSes since
554 extensions of the underlying file will
555 automatically translate more pages available for
557 else if ((mem
= mmap (NULL
, dbs
[cnt
].max_db_size
,
558 PROT_READ
| PROT_WRITE
,
562 else if (!verify_persistent_db (mem
, &head
, cnt
))
565 dbg_log (_("invalid persistent database file \"%s\": %s"),
566 dbs
[cnt
].db_filename
,
567 _("verification failed"));
568 unlink (dbs
[cnt
].db_filename
);
572 /* Success. We have the database. */
574 dbs
[cnt
].memsize
= total
;
575 dbs
[cnt
].data
= (char *)
576 &dbs
[cnt
].head
->array
[roundup (dbs
[cnt
].head
->module
,
577 ALIGN
/ sizeof (ref_t
))];
578 dbs
[cnt
].mmap_used
= true;
580 if (dbs
[cnt
].suggested_module
> head
.module
)
581 dbg_log (_("suggested size of table for database %s larger than the persistent database's table"),
586 /* We also need a read-only descriptor. */
589 dbs
[cnt
].ro_fd
= open (dbs
[cnt
].db_filename
,
590 O_RDONLY
| EXTRA_O_FLAGS
);
591 if (dbs
[cnt
].ro_fd
== -1)
593 cannot create read-only descriptor for \"%s\"; no mmap"),
594 dbs
[cnt
].db_filename
);
597 // XXX Shall we test whether the descriptors actually
598 // XXX point to the same file?
601 /* Close the file descriptors in case something went
602 wrong in which case the variable have not been
609 if (dbs
[cnt
].head
== NULL
)
611 /* No database loaded. Allocate the data structure,
613 struct database_pers_head head
;
614 size_t total
= (sizeof (head
)
615 + roundup (dbs
[cnt
].suggested_module
616 * sizeof (ref_t
), ALIGN
)
617 + (dbs
[cnt
].suggested_module
618 * DEFAULT_DATASIZE_PER_BUCKET
));
620 /* Try to create the database. If we do not need a
621 persistent database create a temporary file. */
624 if (dbs
[cnt
].persistent
)
626 fd
= open (dbs
[cnt
].db_filename
,
627 O_RDWR
| O_CREAT
| O_EXCL
| O_TRUNC
| EXTRA_O_FLAGS
,
629 if (fd
!= -1 && dbs
[cnt
].shared
)
630 ro_fd
= open (dbs
[cnt
].db_filename
,
631 O_RDONLY
| EXTRA_O_FLAGS
);
635 char fname
[] = _PATH_NSCD_XYZ_DB_TMP
;
636 fd
= mkostemp (fname
, EXTRA_O_FLAGS
);
638 /* We do not need the file name anymore after we
639 opened another file descriptor in read-only mode. */
643 ro_fd
= open (fname
, O_RDONLY
| EXTRA_O_FLAGS
);
653 dbg_log (_("database for %s corrupted or simultaneously used; remove %s manually if necessary and restart"),
654 dbnames
[cnt
], dbs
[cnt
].db_filename
);
655 // XXX Correct way to terminate?
659 if (dbs
[cnt
].persistent
)
660 dbg_log (_("cannot create %s; no persistent database used"),
661 dbs
[cnt
].db_filename
);
663 dbg_log (_("cannot create %s; no sharing possible"),
664 dbs
[cnt
].db_filename
);
666 dbs
[cnt
].persistent
= 0;
667 // XXX remember: no mmap
671 /* Tell the user if we could not create the read-only
673 if (ro_fd
== -1 && dbs
[cnt
].shared
)
675 cannot create read-only descriptor for \"%s\"; no mmap"),
676 dbs
[cnt
].db_filename
);
678 /* Before we create the header, initialiye the hash
679 table. So that if we get interrupted if writing
680 the header we can recognize a partially initialized
682 size_t ps
= sysconf (_SC_PAGESIZE
);
684 assert (~ENDREF
== 0);
685 memset (tmpbuf
, '\xff', ps
);
687 size_t remaining
= dbs
[cnt
].suggested_module
* sizeof (ref_t
);
688 off_t offset
= sizeof (head
);
691 if (offset
% ps
!= 0)
693 towrite
= MIN (remaining
, ps
- (offset
% ps
));
694 if (pwrite (fd
, tmpbuf
, towrite
, offset
) != towrite
)
697 remaining
-= towrite
;
700 while (remaining
> ps
)
702 if (pwrite (fd
, tmpbuf
, ps
, offset
) == -1)
709 && pwrite (fd
, tmpbuf
, remaining
, offset
) != remaining
)
712 /* Create the header of the file. */
713 struct database_pers_head head
=
715 .version
= DB_VERSION
,
716 .header_size
= sizeof (head
),
717 .module
= dbs
[cnt
].suggested_module
,
718 .data_size
= (dbs
[cnt
].suggested_module
719 * DEFAULT_DATASIZE_PER_BUCKET
),
724 if ((TEMP_FAILURE_RETRY (write (fd
, &head
, sizeof (head
)))
726 || (TEMP_FAILURE_RETRY_VAL (posix_fallocate (fd
, 0, total
))
728 || (mem
= mmap (NULL
, dbs
[cnt
].max_db_size
,
729 PROT_READ
| PROT_WRITE
,
730 MAP_SHARED
, fd
, 0)) == MAP_FAILED
)
733 unlink (dbs
[cnt
].db_filename
);
734 dbg_log (_("cannot write to database file %s: %s"),
735 dbs
[cnt
].db_filename
, strerror (errno
));
736 dbs
[cnt
].persistent
= 0;
742 dbs
[cnt
].data
= (char *)
743 &dbs
[cnt
].head
->array
[roundup (dbs
[cnt
].head
->module
,
744 ALIGN
/ sizeof (ref_t
))];
745 dbs
[cnt
].memsize
= total
;
746 dbs
[cnt
].mmap_used
= true;
748 /* Remember the descriptors. */
750 dbs
[cnt
].ro_fd
= ro_fd
;
762 #if !defined O_CLOEXEC || !defined __ASSUME_O_CLOEXEC
763 /* We do not check here whether the O_CLOEXEC provided to the
764 open call was successful or not. The two fcntl calls are
765 only performed once each per process start-up and therefore
766 is not noticeable at all. */
768 && ((dbs
[cnt
].wr_fd
!= -1
769 && fcntl (dbs
[cnt
].wr_fd
, F_SETFD
, FD_CLOEXEC
) == -1)
770 || (dbs
[cnt
].ro_fd
!= -1
771 && fcntl (dbs
[cnt
].ro_fd
, F_SETFD
, FD_CLOEXEC
) == -1)))
774 cannot set socket to close on exec: %s; disabling paranoia mode"),
780 if (dbs
[cnt
].head
== NULL
)
782 /* We do not use the persistent database. Just
783 create an in-memory data structure. */
784 assert (! dbs
[cnt
].persistent
);
786 dbs
[cnt
].head
= xmalloc (sizeof (struct database_pers_head
)
787 + (dbs
[cnt
].suggested_module
789 memset (dbs
[cnt
].head
, '\0', sizeof (struct database_pers_head
));
790 assert (~ENDREF
== 0);
791 memset (dbs
[cnt
].head
->array
, '\xff',
792 dbs
[cnt
].suggested_module
* sizeof (ref_t
));
793 dbs
[cnt
].head
->module
= dbs
[cnt
].suggested_module
;
794 dbs
[cnt
].head
->data_size
= (DEFAULT_DATASIZE_PER_BUCKET
795 * dbs
[cnt
].head
->module
);
796 dbs
[cnt
].data
= xmalloc (dbs
[cnt
].head
->data_size
);
797 dbs
[cnt
].head
->first_free
= 0;
800 assert (dbs
[cnt
].ro_fd
== -1);
803 if (dbs
[cnt
].check_file
)
805 /* We need the modification date of the file. */
808 if (stat64 (dbs
[cnt
].filename
, &st
) < 0)
810 /* We cannot stat() the file, disable file checking. */
811 dbg_log (_("cannot stat() file `%s': %s"),
812 dbs
[cnt
].filename
, strerror (errno
));
813 dbs
[cnt
].check_file
= 0;
816 dbs
[cnt
].file_mtime
= st
.st_mtime
;
820 /* Create the socket. */
821 sock
= socket (AF_UNIX
, SOCK_STREAM
, 0);
824 dbg_log (_("cannot open socket: %s"), strerror (errno
));
825 exit (errno
== EACCES
? 4 : 1);
827 /* Bind a name to the socket. */
828 struct sockaddr_un sock_addr
;
829 sock_addr
.sun_family
= AF_UNIX
;
830 strcpy (sock_addr
.sun_path
, _PATH_NSCDSOCKET
);
831 if (bind (sock
, (struct sockaddr
*) &sock_addr
, sizeof (sock_addr
)) < 0)
833 dbg_log ("%s: %s", _PATH_NSCDSOCKET
, strerror (errno
));
834 exit (errno
== EACCES
? 4 : 1);
837 /* We don't want to get stuck on accept. */
838 int fl
= fcntl (sock
, F_GETFL
);
839 if (fl
== -1 || fcntl (sock
, F_SETFL
, fl
| O_NONBLOCK
) == -1)
841 dbg_log (_("cannot change socket to nonblocking mode: %s"),
846 /* The descriptor needs to be closed on exec. */
847 if (paranoia
&& fcntl (sock
, F_SETFD
, FD_CLOEXEC
) == -1)
849 dbg_log (_("cannot set socket to close on exec: %s"),
854 /* Set permissions for the socket. */
855 chmod (_PATH_NSCDSOCKET
, DEFFILEMODE
);
857 /* Set the socket up to accept connections. */
858 if (listen (sock
, SOMAXCONN
) < 0)
860 dbg_log (_("cannot enable socket to accept connections: %s"),
865 /* Change to unprivileged uid/gid/groups if specifed in config file */
866 if (server_user
!= NULL
)
867 finish_drop_privileges ();
871 /* Close the connections. */
880 invalidate_cache (char *key
, int fd
)
885 for (number
= pwddb
; number
< lastdb
; ++number
)
886 if (strcmp (key
, dbnames
[number
]) == 0)
888 if (dbs
[number
].reset_res
)
894 if (number
== lastdb
)
897 writeall (fd
, &resp
, sizeof (resp
));
901 if (dbs
[number
].enabled
)
902 prune_cache (&dbs
[number
], LONG_MAX
, fd
);
906 writeall (fd
, &resp
, sizeof (resp
));
913 send_ro_fd (struct database_dyn
*db
, char *key
, int fd
)
915 /* If we do not have an read-only file descriptor do nothing. */
919 /* We need to send some data along with the descriptor. */
920 uint64_t mapsize
= (db
->head
->data_size
921 + roundup (db
->head
->module
* sizeof (ref_t
), ALIGN
)
922 + sizeof (struct database_pers_head
));
924 iov
[0].iov_base
= key
;
925 iov
[0].iov_len
= strlen (key
) + 1;
926 iov
[1].iov_base
= &mapsize
;
927 iov
[1].iov_len
= sizeof (mapsize
);
929 /* Prepare the control message to transfer the descriptor. */
933 char bytes
[CMSG_SPACE (sizeof (int))];
935 struct msghdr msg
= { .msg_iov
= iov
, .msg_iovlen
= 2,
936 .msg_control
= buf
.bytes
,
937 .msg_controllen
= sizeof (buf
) };
938 struct cmsghdr
*cmsg
= CMSG_FIRSTHDR (&msg
);
940 cmsg
->cmsg_level
= SOL_SOCKET
;
941 cmsg
->cmsg_type
= SCM_RIGHTS
;
942 cmsg
->cmsg_len
= CMSG_LEN (sizeof (int));
944 *(int *) CMSG_DATA (cmsg
) = db
->ro_fd
;
946 msg
.msg_controllen
= cmsg
->cmsg_len
;
948 /* Send the control message. We repeat when we are interrupted but
949 everything else is ignored. */
951 # define MSG_NOSIGNAL 0
953 (void) TEMP_FAILURE_RETRY (sendmsg (fd
, &msg
, MSG_NOSIGNAL
));
955 if (__builtin_expect (debug_level
> 0, 0))
956 dbg_log (_("provide access to FD %d, for %s"), db
->ro_fd
, key
);
958 #endif /* SCM_RIGHTS */
961 /* Handle new request. */
963 handle_request (int fd
, request_header
*req
, void *key
, uid_t uid
)
965 if (__builtin_expect (req
->version
, NSCD_VERSION
) != NSCD_VERSION
)
969 cannot handle old request version %d; current version is %d"),
970 req
->version
, NSCD_VERSION
);
974 /* Make the SELinux check before we go on to the standard checks. */
975 if (selinux_enabled
&& nscd_request_avc_has_perm (fd
, req
->type
) != 0)
978 struct database_dyn
*db
= reqinfo
[req
->type
].db
;
980 /* See whether we can service the request from the cache. */
981 if (__builtin_expect (reqinfo
[req
->type
].data_request
, true))
983 if (__builtin_expect (debug_level
, 0) > 0)
985 if (req
->type
== GETHOSTBYADDR
|| req
->type
== GETHOSTBYADDRv6
)
987 char buf
[INET6_ADDRSTRLEN
];
989 dbg_log ("\t%s (%s)", serv2str
[req
->type
],
990 inet_ntop (req
->type
== GETHOSTBYADDR
991 ? AF_INET
: AF_INET6
,
992 key
, buf
, sizeof (buf
)));
995 dbg_log ("\t%s (%s)", serv2str
[req
->type
], (char *) key
);
998 /* Is this service enabled? */
999 if (__builtin_expect (!db
->enabled
, 0))
1001 /* No, sent the prepared record. */
1002 if (TEMP_FAILURE_RETRY (send (fd
, db
->disabled_iov
->iov_base
,
1003 db
->disabled_iov
->iov_len
,
1005 != (ssize_t
) db
->disabled_iov
->iov_len
1006 && __builtin_expect (debug_level
, 0) > 0)
1008 /* We have problems sending the result. */
1010 dbg_log (_("cannot write result: %s"),
1011 strerror_r (errno
, buf
, sizeof (buf
)));
1017 /* Be sure we can read the data. */
1018 if (__builtin_expect (pthread_rwlock_tryrdlock (&db
->lock
) != 0, 0))
1020 ++db
->head
->rdlockdelayed
;
1021 pthread_rwlock_rdlock (&db
->lock
);
1024 /* See whether we can handle it from the cache. */
1025 struct datahead
*cached
;
1026 cached
= (struct datahead
*) cache_search (req
->type
, key
, req
->key_len
,
1030 /* Hurray it's in the cache. */
1033 #ifdef HAVE_SENDFILE
1034 if (__builtin_expect (db
->mmap_used
, 1))
1036 assert (db
->wr_fd
!= -1);
1037 assert ((char *) cached
->data
> (char *) db
->data
);
1038 assert ((char *) cached
->data
- (char *) db
->head
1040 <= (sizeof (struct database_pers_head
)
1041 + db
->head
->module
* sizeof (ref_t
)
1042 + db
->head
->data_size
));
1043 nwritten
= sendfileall (fd
, db
->wr_fd
,
1044 (char *) cached
->data
1045 - (char *) db
->head
, cached
->recsize
);
1046 # ifndef __ASSUME_SENDFILE
1047 if (nwritten
== -1 && errno
== ENOSYS
)
1052 # ifndef __ASSUME_SENDFILE
1056 nwritten
= writeall (fd
, cached
->data
, cached
->recsize
);
1058 if (nwritten
!= cached
->recsize
1059 && __builtin_expect (debug_level
, 0) > 0)
1061 /* We have problems sending the result. */
1063 dbg_log (_("cannot write result: %s"),
1064 strerror_r (errno
, buf
, sizeof (buf
)));
1067 pthread_rwlock_unlock (&db
->lock
);
1072 pthread_rwlock_unlock (&db
->lock
);
1074 else if (__builtin_expect (debug_level
, 0) > 0)
1076 if (req
->type
== INVALIDATE
)
1077 dbg_log ("\t%s (%s)", serv2str
[req
->type
], (char *) key
);
1079 dbg_log ("\t%s", serv2str
[req
->type
]);
1082 /* Handle the request. */
1086 addpwbyname (db
, fd
, req
, key
, uid
);
1090 addpwbyuid (db
, fd
, req
, key
, uid
);
1094 addgrbyname (db
, fd
, req
, key
, uid
);
1098 addgrbygid (db
, fd
, req
, key
, uid
);
1102 addhstbyname (db
, fd
, req
, key
, uid
);
1105 case GETHOSTBYNAMEv6
:
1106 addhstbynamev6 (db
, fd
, req
, key
, uid
);
1110 addhstbyaddr (db
, fd
, req
, key
, uid
);
1113 case GETHOSTBYADDRv6
:
1114 addhstbyaddrv6 (db
, fd
, req
, key
, uid
);
1118 addhstai (db
, fd
, req
, key
, uid
);
1122 addinitgroups (db
, fd
, req
, key
, uid
);
1126 addservbyname (db
, fd
, req
, key
, uid
);
1130 addservbyport (db
, fd
, req
, key
, uid
);
1137 /* Get the callers credentials. */
1139 struct ucred caller
;
1140 socklen_t optlen
= sizeof (caller
);
1142 if (getsockopt (fd
, SOL_SOCKET
, SO_PEERCRED
, &caller
, &optlen
) < 0)
1146 dbg_log (_("error getting caller's id: %s"),
1147 strerror_r (errno
, buf
, sizeof (buf
)));
1153 /* Some systems have no SO_PEERCRED implementation. They don't
1154 care about security so we don't as well. */
1159 /* Accept shutdown, getstat and invalidate only from root. For
1160 the stat call also allow the user specified in the config file. */
1161 if (req
->type
== GETSTAT
)
1163 if (uid
== 0 || uid
== stat_uid
)
1164 send_stats (fd
, dbs
);
1168 if (req
->type
== INVALIDATE
)
1169 invalidate_cache (key
, fd
);
1171 termination_handler (0);
1180 send_ro_fd (reqinfo
[req
->type
].db
, key
, fd
);
1185 /* Ignore the command, it's nothing we know. */
1191 /* Restart the process. */
1195 /* First determine the parameters. We do not use the parameters
1196 passed to main() since in case nscd is started by running the
1197 dynamic linker this will not work. Yes, this is not the usual
1198 case but nscd is part of glibc and we occasionally do this. */
1199 size_t buflen
= 1024;
1200 char *buf
= alloca (buflen
);
1202 int fd
= open ("/proc/self/cmdline", O_RDONLY
);
1206 cannot open /proc/self/cmdline: %s; disabling paranoia mode"),
1215 ssize_t n
= TEMP_FAILURE_RETRY (read (fd
, buf
+ readlen
,
1220 cannot read /proc/self/cmdline: %s; disabling paranoia mode"),
1230 if (readlen
< buflen
)
1233 /* We might have to extend the buffer. */
1234 size_t old_buflen
= buflen
;
1235 char *newp
= extend_alloca (buf
, buflen
, 2 * buflen
);
1236 buf
= memmove (newp
, buf
, old_buflen
);
1241 /* Parse the command line. Worst case scenario: every two
1242 characters form one parameter (one character plus NUL). */
1243 char **argv
= alloca ((readlen
/ 2 + 1) * sizeof (argv
[0]));
1247 while (cp
< buf
+ readlen
)
1250 cp
= (char *) rawmemchr (cp
, '\0') + 1;
1254 /* Second, change back to the old user if we changed it. */
1255 if (server_user
!= NULL
)
1257 if (setresuid (old_uid
, old_uid
, old_uid
) != 0)
1260 cannot change to old UID: %s; disabling paranoia mode"),
1267 if (setresgid (old_gid
, old_gid
, old_gid
) != 0)
1270 cannot change to old GID: %s; disabling paranoia mode"),
1273 setuid (server_uid
);
1279 /* Next change back to the old working directory. */
1280 if (chdir (oldcwd
) == -1)
1283 cannot change to old working directory: %s; disabling paranoia mode"),
1286 if (server_user
!= NULL
)
1288 setuid (server_uid
);
1289 setgid (server_gid
);
1295 /* Synchronize memory. */
1296 for (int cnt
= 0; cnt
< lastdb
; ++cnt
)
1297 if (!dbs
[cnt
].enabled
)
1299 /* Make sure nobody keeps using the database. */
1300 dbs
[cnt
].head
->timestamp
= 0;
1302 if (dbs
[cnt
].persistent
)
1304 msync (dbs
[cnt
].head
, dbs
[cnt
].memsize
, MS_ASYNC
);
1307 /* The preparations are done. */
1308 execv ("/proc/self/exe", argv
);
1310 /* If we come here, we will never be able to re-exec. */
1311 dbg_log (_("re-exec failed: %s; disabling paranoia mode"),
1314 if (server_user
!= NULL
)
1316 setuid (server_uid
);
1317 setgid (server_gid
);
1319 if (chdir ("/") != 0)
1320 dbg_log (_("cannot change current working directory to \"/\": %s"),
1326 /* List of file descriptors. */
1330 struct fdlist
*next
;
1332 /* Memory allocated for the list. */
1333 static struct fdlist
*fdlist
;
1334 /* List of currently ready-to-read file descriptors. */
1335 static struct fdlist
*readylist
;
1337 /* Conditional variable and mutex to signal availability of entries in
1338 READYLIST. The condvar is initialized dynamically since we might
1339 use a different clock depending on availability. */
1340 static pthread_cond_t readylist_cond
;
1341 static pthread_mutex_t readylist_lock
= PTHREAD_MUTEX_INITIALIZER
;
1343 /* The clock to use with the condvar. */
1344 static clockid_t timeout_clock
= CLOCK_REALTIME
;
1346 /* Number of threads ready to handle the READYLIST. */
1347 static unsigned long int nready
;
1350 /* This is the main loop. It is replicated in different threads but the
1351 `poll' call makes sure only one thread handles an incoming connection. */
1353 __attribute__ ((__noreturn__
))
1356 const long int my_number
= (long int) p
;
1357 const int run_prune
= my_number
< lastdb
&& dbs
[my_number
].enabled
;
1358 struct timespec prune_ts
;
1364 setup_thread (&dbs
[my_number
]);
1366 /* We are running. */
1367 dbs
[my_number
].head
->timestamp
= time (NULL
);
1369 if (clock_gettime (timeout_clock
, &prune_ts
) == -1)
1370 /* Should never happen. */
1373 /* Compute timeout time. */
1374 prune_ts
.tv_sec
+= CACHE_PRUNE_INTERVAL
;
1377 /* Initial locking. */
1378 pthread_mutex_lock (&readylist_lock
);
1380 /* One more thread available. */
1385 while (readylist
== NULL
)
1389 /* Wait, but not forever. */
1390 to
= pthread_cond_timedwait (&readylist_cond
, &readylist_lock
,
1393 /* If we were woken and there is no work to be done,
1394 just start pruning. */
1395 if (readylist
== NULL
&& to
== ETIMEDOUT
)
1402 pthread_mutex_unlock (&readylist_lock
);
1407 /* No need to timeout. */
1408 pthread_cond_wait (&readylist_cond
, &readylist_lock
);
1414 pthread_cond_signal (&readylist_cond
);
1417 pthread_mutex_unlock (&readylist_lock
);
1419 /* Prune the password database. */
1420 if (dbs
[pwddb
].enabled
)
1421 prune_cache (&dbs
[pwddb
], LONG_MAX
, -1);
1423 /* Prune the group database. */
1424 if (dbs
[grpdb
].enabled
)
1425 prune_cache (&dbs
[grpdb
], LONG_MAX
, -1);
1427 /* Prune the host database. */
1428 if (dbs
[hstdb
].enabled
)
1429 prune_cache (&dbs
[hstdb
], LONG_MAX
, -1);
1432 pthread_mutex_lock (&readylist_lock
);
1434 /* One more thread available. */
1439 struct fdlist
*it
= readylist
->next
;
1440 if (readylist
->next
== readylist
)
1441 /* Just one entry on the list. */
1444 readylist
->next
= it
->next
;
1446 /* Extract the information and mark the record ready to be used
1451 /* One more thread available. */
1454 /* We are done with the list. */
1455 pthread_mutex_unlock (&readylist_lock
);
1457 /* We do not want to block on a short read or so. */
1458 int fl
= fcntl (fd
, F_GETFL
);
1459 if (fl
== -1 || fcntl (fd
, F_SETFL
, fl
| O_NONBLOCK
) == -1)
1462 /* Now read the request. */
1464 if (__builtin_expect (TEMP_FAILURE_RETRY (read (fd
, &req
, sizeof (req
)))
1465 != sizeof (req
), 0))
1467 /* We failed to read data. Note that this also might mean we
1468 failed because we would have blocked. */
1469 if (debug_level
> 0)
1470 dbg_log (_("short read while reading request: %s"),
1471 strerror_r (errno
, buf
, sizeof (buf
)));
1475 /* Check whether this is a valid request type. */
1476 if (req
.type
< GETPWBYNAME
|| req
.type
>= LASTREQ
)
1479 /* Some systems have no SO_PEERCRED implementation. They don't
1480 care about security so we don't as well. */
1485 if (__builtin_expect (debug_level
> 0, 0))
1487 struct ucred caller
;
1488 socklen_t optlen
= sizeof (caller
);
1490 if (getsockopt (fd
, SOL_SOCKET
, SO_PEERCRED
, &caller
, &optlen
) == 0)
1495 /* It should not be possible to crash the nscd with a silly
1496 request (i.e., a terribly large key). We limit the size to 1kb. */
1497 if (__builtin_expect (req
.key_len
, 1) < 0
1498 || __builtin_expect (req
.key_len
, 1) > MAXKEYLEN
)
1500 if (debug_level
> 0)
1501 dbg_log (_("key length in request too long: %d"), req
.key_len
);
1506 char keybuf
[MAXKEYLEN
];
1508 if (__builtin_expect (TEMP_FAILURE_RETRY (read (fd
, keybuf
,
1512 /* Again, this can also mean we would have blocked. */
1513 if (debug_level
> 0)
1514 dbg_log (_("short read while reading request key: %s"),
1515 strerror_r (errno
, buf
, sizeof (buf
)));
1519 if (__builtin_expect (debug_level
, 0) > 0)
1524 handle_request: request received (Version = %d) from PID %ld"),
1525 req
.version
, (long int) pid
);
1529 handle_request: request received (Version = %d)"), req
.version
);
1532 /* Phew, we got all the data, now process it. */
1533 handle_request (fd
, &req
, keybuf
, uid
);
1540 /* Check whether we should be pruning the cache. */
1541 assert (run_prune
|| to
== 0);
1542 if (to
== ETIMEDOUT
)
1545 /* The pthread_cond_timedwait() call timed out. It is time
1546 to clean up the cache. */
1547 assert (my_number
< lastdb
);
1548 prune_cache (&dbs
[my_number
], time (NULL
), -1);
1550 if (clock_gettime (timeout_clock
, &prune_ts
) == -1)
1551 /* Should never happen. */
1554 /* Compute next timeout time. */
1555 prune_ts
.tv_sec
+= CACHE_PRUNE_INTERVAL
;
1557 /* In case the list is emtpy we do not want to run the prune
1558 code right away again. */
1563 pthread_mutex_lock (&readylist_lock
);
1565 /* One more thread available. */
1571 static unsigned int nconns
;
1576 pthread_mutex_lock (&readylist_lock
);
1578 /* Find an empty entry in FDLIST. */
1580 for (inner
= 0; inner
< nconns
; ++inner
)
1581 if (fdlist
[inner
].next
== NULL
)
1583 assert (inner
< nconns
);
1585 fdlist
[inner
].fd
= fd
;
1587 if (readylist
== NULL
)
1588 readylist
= fdlist
[inner
].next
= &fdlist
[inner
];
1591 fdlist
[inner
].next
= readylist
->next
;
1592 readylist
= readylist
->next
= &fdlist
[inner
];
1595 bool do_signal
= true;
1596 if (__builtin_expect (nready
== 0, 0))
1601 /* Try to start another thread to help out. */
1603 if (nthreads
< max_nthreads
1604 && pthread_create (&th
, &attr
, nscd_run
,
1605 (void *) (long int) nthreads
) == 0)
1607 /* We got another thread. */
1609 /* The new thread might need a kick. */
1615 pthread_mutex_unlock (&readylist_lock
);
1617 /* Tell one of the worker threads there is work to do. */
1619 pthread_cond_signal (&readylist_cond
);
1623 /* Check whether restarting should happen. */
1625 restart_p (time_t now
)
1627 return (paranoia
&& readylist
== NULL
&& nready
== nthreads
1628 && now
>= restart_time
);
1632 /* Array for times a connection was accepted. */
1633 static time_t *starttime
;
1637 __attribute__ ((__noreturn__
))
1638 main_loop_poll (void)
1640 struct pollfd
*conns
= (struct pollfd
*) xmalloc (nconns
1641 * sizeof (conns
[0]));
1644 conns
[0].events
= POLLRDNORM
;
1646 size_t firstfree
= 1;
1650 /* Wait for any event. We wait at most a couple of seconds so
1651 that we can check whether we should close any of the accepted
1652 connections since we have not received a request. */
1653 #define MAX_ACCEPT_TIMEOUT 30
1654 #define MIN_ACCEPT_TIMEOUT 5
1655 #define MAIN_THREAD_TIMEOUT \
1656 (MAX_ACCEPT_TIMEOUT * 1000 \
1657 - ((MAX_ACCEPT_TIMEOUT - MIN_ACCEPT_TIMEOUT) * 1000 * nused) / (2 * nconns))
1659 int n
= poll (conns
, nused
, MAIN_THREAD_TIMEOUT
);
1661 time_t now
= time (NULL
);
1663 /* If there is a descriptor ready for reading or there is a new
1664 connection, process this now. */
1667 if (conns
[0].revents
!= 0)
1669 /* We have a new incoming connection. Accept the connection. */
1670 int fd
= TEMP_FAILURE_RETRY (accept (sock
, NULL
, NULL
));
1672 /* Use the descriptor if we have not reached the limit. */
1675 if (firstfree
< nconns
)
1677 conns
[firstfree
].fd
= fd
;
1678 conns
[firstfree
].events
= POLLRDNORM
;
1679 starttime
[firstfree
] = now
;
1680 if (firstfree
>= nused
)
1681 nused
= firstfree
+ 1;
1685 while (firstfree
< nused
&& conns
[firstfree
].fd
!= -1);
1688 /* We cannot use the connection so close it. */
1695 for (size_t cnt
= 1; cnt
< nused
&& n
> 0; ++cnt
)
1696 if (conns
[cnt
].revents
!= 0)
1698 fd_ready (conns
[cnt
].fd
);
1700 /* Clean up the CONNS array. */
1702 if (cnt
< firstfree
)
1704 if (cnt
== nused
- 1)
1707 while (conns
[nused
- 1].fd
== -1);
1713 /* Now find entries which have timed out. */
1716 /* We make the timeout length depend on the number of file
1717 descriptors currently used. */
1718 #define ACCEPT_TIMEOUT \
1719 (MAX_ACCEPT_TIMEOUT \
1720 - ((MAX_ACCEPT_TIMEOUT - MIN_ACCEPT_TIMEOUT) * nused) / nconns)
1721 time_t laststart
= now
- ACCEPT_TIMEOUT
;
1723 for (size_t cnt
= nused
- 1; cnt
> 0; --cnt
)
1725 if (conns
[cnt
].fd
!= -1 && starttime
[cnt
] < laststart
)
1727 /* Remove the entry, it timed out. */
1728 (void) close (conns
[cnt
].fd
);
1731 if (cnt
< firstfree
)
1733 if (cnt
== nused
- 1)
1736 while (conns
[nused
- 1].fd
== -1);
1740 if (restart_p (now
))
1748 main_loop_epoll (int efd
)
1750 struct epoll_event ev
= { 0, };
1754 /* Add the socket. */
1755 ev
.events
= EPOLLRDNORM
;
1757 if (epoll_ctl (efd
, EPOLL_CTL_ADD
, sock
, &ev
) == -1)
1758 /* We cannot use epoll. */
1763 struct epoll_event revs
[100];
1764 # define nrevs (sizeof (revs) / sizeof (revs[0]))
1766 int n
= epoll_wait (efd
, revs
, nrevs
, MAIN_THREAD_TIMEOUT
);
1768 time_t now
= time (NULL
);
1770 for (int cnt
= 0; cnt
< n
; ++cnt
)
1771 if (revs
[cnt
].data
.fd
== sock
)
1773 /* A new connection. */
1774 int fd
= TEMP_FAILURE_RETRY (accept (sock
, NULL
, NULL
));
1778 /* Try to add the new descriptor. */
1781 || epoll_ctl (efd
, EPOLL_CTL_ADD
, fd
, &ev
) == -1)
1782 /* The descriptor is too large or something went
1783 wrong. Close the descriptor. */
1787 /* Remember when we accepted the connection. */
1788 starttime
[fd
] = now
;
1799 /* Remove the descriptor from the epoll descriptor. */
1800 (void) epoll_ctl (efd
, EPOLL_CTL_DEL
, revs
[cnt
].data
.fd
, NULL
);
1802 /* Get a worker to handle the request. */
1803 fd_ready (revs
[cnt
].data
.fd
);
1805 /* Reset the time. */
1806 starttime
[revs
[cnt
].data
.fd
] = 0;
1807 if (revs
[cnt
].data
.fd
== highest
)
1810 while (highest
> 0 && starttime
[highest
] == 0);
1815 /* Now look for descriptors for accepted connections which have
1816 no reply in too long of a time. */
1817 time_t laststart
= now
- ACCEPT_TIMEOUT
;
1818 for (int cnt
= highest
; cnt
> STDERR_FILENO
; --cnt
)
1819 if (cnt
!= sock
&& starttime
[cnt
] != 0 && starttime
[cnt
] < laststart
)
1821 /* We are waiting for this one for too long. Close it. */
1822 (void) epoll_ctl (efd
, EPOLL_CTL_DEL
, cnt
, NULL
);
1830 else if (cnt
!= sock
&& starttime
[cnt
] == 0 && cnt
== highest
)
1833 if (restart_p (now
))
1840 /* Start all the threads we want. The initial process is thread no. 1. */
1842 start_threads (void)
1844 /* Initialize the conditional variable we will use. The only
1845 non-standard attribute we might use is the clock selection. */
1846 pthread_condattr_t condattr
;
1847 pthread_condattr_init (&condattr
);
1849 #if defined _POSIX_CLOCK_SELECTION && _POSIX_CLOCK_SELECTION >= 0 \
1850 && defined _POSIX_MONOTONIC_CLOCK && _POSIX_MONOTONIC_CLOCK >= 0
1851 /* Determine whether the monotonous clock is available. */
1852 struct timespec dummy
;
1853 # if _POSIX_MONOTONIC_CLOCK == 0
1854 if (sysconf (_SC_MONOTONIC_CLOCK
) > 0)
1856 # if _POSIX_CLOCK_SELECTION == 0
1857 if (sysconf (_SC_CLOCK_SELECTION
) > 0)
1859 if (clock_getres (CLOCK_MONOTONIC
, &dummy
) == 0
1860 && pthread_condattr_setclock (&condattr
, CLOCK_MONOTONIC
) == 0)
1861 timeout_clock
= CLOCK_MONOTONIC
;
1864 pthread_cond_init (&readylist_cond
, &condattr
);
1865 pthread_condattr_destroy (&condattr
);
1868 /* Create the attribute for the threads. They are all created
1870 pthread_attr_init (&attr
);
1871 pthread_attr_setdetachstate (&attr
, PTHREAD_CREATE_DETACHED
);
1872 /* Use 1MB stacks, twice as much for 64-bit architectures. */
1873 pthread_attr_setstacksize (&attr
, 1024 * 1024 * (sizeof (void *) / 4));
1875 /* We allow less than LASTDB threads only for debugging. */
1876 if (debug_level
== 0)
1877 nthreads
= MAX (nthreads
, lastdb
);
1880 for (long int i
= 0; i
< nthreads
; ++i
)
1883 if (pthread_create (&th
, &attr
, nscd_run
, (void *) (i
- nfailed
)) != 0)
1886 if (nthreads
- nfailed
< lastdb
)
1888 /* We could not start enough threads. */
1889 dbg_log (_("could only start %d threads; terminating"),
1890 nthreads
- nfailed
);
1894 /* Determine how much room for descriptors we should initially
1895 allocate. This might need to change later if we cap the number
1897 const long int nfds
= sysconf (_SC_OPEN_MAX
);
1899 #define MAXCONN 16384
1900 if (nfds
== -1 || nfds
> MAXCONN
)
1902 else if (nfds
< MINCONN
)
1907 /* We need memory to pass descriptors on to the worker threads. */
1908 fdlist
= (struct fdlist
*) xcalloc (nconns
, sizeof (fdlist
[0]));
1909 /* Array to keep track when connection was accepted. */
1910 starttime
= (time_t *) xcalloc (nconns
, sizeof (starttime
[0]));
1912 /* In the main thread we execute the loop which handles incoming
1915 int efd
= epoll_create (100);
1918 main_loop_epoll (efd
);
1927 /* Look up the uid, gid, and supplementary groups to run nscd as. When
1928 this function is called, we are not listening on the nscd socket yet so
1929 we can just use the ordinary lookup functions without causing a lockup */
1931 begin_drop_privileges (void)
1933 struct passwd
*pwd
= getpwnam (server_user
);
1937 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1938 error (EXIT_FAILURE
, 0, _("Failed to run nscd as user '%s'"),
1942 server_uid
= pwd
->pw_uid
;
1943 server_gid
= pwd
->pw_gid
;
1945 /* Save the old UID/GID if we have to change back. */
1948 old_uid
= getuid ();
1949 old_gid
= getgid ();
1952 if (getgrouplist (server_user
, server_gid
, NULL
, &server_ngroups
) == 0)
1954 /* This really must never happen. */
1955 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1956 error (EXIT_FAILURE
, errno
, _("initial getgrouplist failed"));
1959 server_groups
= (gid_t
*) xmalloc (server_ngroups
* sizeof (gid_t
));
1961 if (getgrouplist (server_user
, server_gid
, server_groups
, &server_ngroups
)
1964 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1965 error (EXIT_FAILURE
, errno
, _("getgrouplist failed"));
1970 /* Call setgroups(), setgid(), and setuid() to drop root privileges and
1971 run nscd as the user specified in the configuration file. */
1973 finish_drop_privileges (void)
1975 #if defined HAVE_LIBAUDIT && defined HAVE_LIBCAP
1976 /* We need to preserve the capabilities to connect to the audit daemon. */
1977 cap_t new_caps
= preserve_capabilities ();
1980 if (setgroups (server_ngroups
, server_groups
) == -1)
1982 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1983 error (EXIT_FAILURE
, errno
, _("setgroups failed"));
1988 res
= setresgid (server_gid
, server_gid
, old_gid
);
1990 res
= setgid (server_gid
);
1993 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1999 res
= setresuid (server_uid
, server_uid
, old_uid
);
2001 res
= setuid (server_uid
);
2004 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
2009 #if defined HAVE_LIBAUDIT && defined HAVE_LIBCAP
2010 /* Remove the temporary capabilities. */
2011 install_real_capabilities (new_caps
);
2015 /* Handle the HUP signal which will force a dump of the cache */
2017 sighup_handler (int signum
)