search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4:server: avoid using pid=0 for the parent 'samba' process
[Samba.git] / source4 / smbd / server.c
blob274a45d600cbdd470de27792b74602bf5ae987e7
1 /*
2 Unix SMB/CIFS implementation.
3
4 Main SMB server routines
5
6 Copyright (C) Andrew Tridgell 1992-2005
7 Copyright (C) Martin Pool 2002
8 Copyright (C) Jelmer Vernooij 2002
9 Copyright (C) James J Myers 2003 <myersjj@samba.org>
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "version.h"
28 #include "lib/cmdline/popt_common.h"
29 #include "system/dir.h"
30 #include "system/filesys.h"
31 #include "auth/gensec/gensec.h"
32 #include "libcli/auth/schannel.h"
33 #include "smbd/process_model.h"
34 #include "param/secrets.h"
35 #include "lib/util/pidfile.h"
36 #include "param/param.h"
37 #include "dsdb/samdb/samdb.h"
38 #include "auth/session.h"
39 #include "lib/messaging/irpc.h"
40 #include "librpc/gen_ndr/ndr_irpc.h"
41 #include "cluster/cluster.h"
42 #include "dynconfig/dynconfig.h"
43 #include "lib/util/samba_modules.h"
44 #include "nsswitch/winbind_client.h"
45 #include "libds/common/roles.h"
46 #include "lib/util/tfork.h"
47
48 #ifdef HAVE_PTHREAD
49 #include <pthread.h>
50 #endif
51
52 struct server_state {
53 struct tevent_context *event_ctx;
54 const char *binary_name;
55 };
56
57 /*
58 recursively delete a directory tree
59 */
60 static void recursive_delete(const char *path)
61 {
62 DIR *dir;
63 struct dirent *de;
64
65 dir = opendir(path);
66 if (!dir) {
67 return;
68 }
69
70 for (de=readdir(dir);de;de=readdir(dir)) {
71 char *fname;
72 struct stat st;
73
74 if (ISDOT(de->d_name) || ISDOTDOT(de->d_name)) {
75 continue;
76 }
77
78 fname = talloc_asprintf(path, "%s/%s", path, de->d_name);
79 if (stat(fname, &st) != 0) {
80 continue;
81 }
82 if (S_ISDIR(st.st_mode)) {
83 recursive_delete(fname);
84 talloc_free(fname);
85 continue;
86 }
87 if (unlink(fname) != 0) {
88 DBG_ERR("Unabled to delete '%s' - %s\n",
89 fname, strerror(errno));
90 smb_panic("unable to cleanup tmp files");
91 }
92 talloc_free(fname);
93 }
94 closedir(dir);
95 }
96
97 /*
98 cleanup temporary files. This is the new alternative to
99 TDB_CLEAR_IF_FIRST. Unfortunately TDB_CLEAR_IF_FIRST is not
100 efficient on unix systems due to the lack of scaling of the byte
101 range locking system. So instead of putting the burden on tdb to
102 cleanup tmp files, this function deletes them.
103 */
104 static void cleanup_tmp_files(struct loadparm_context *lp_ctx)
105 {
106 char *path;
107 TALLOC_CTX *mem_ctx = talloc_new(NULL);
108 if (mem_ctx == NULL) {
109 exit_daemon("Failed to create memory context",
110 ENOMEM);
111 }
112
113 path = smbd_tmp_path(mem_ctx, lp_ctx, NULL);
114 if (path == NULL) {
115 exit_daemon("Failed to cleanup temporary files",
116 EINVAL);
117 }
118
119 recursive_delete(path);
120 talloc_free(mem_ctx);
121 }
122
123 static void sig_hup(int sig)
124 {
125 debug_schedule_reopen_logs();
126 }
127
128 static void sig_term(int sig)
129 {
130 #if HAVE_GETPGRP
131 if (getpgrp() == getpid()) {
132 /*
133 * We're the process group leader, send
134 * SIGTERM to our process group.
135 */
136 kill(-getpgrp(), SIGTERM);
137 }
138 #endif
139 _exit(127);
140 }
141
142 static void sigterm_signal_handler(struct tevent_context *ev,
143 struct tevent_signal *se,
144 int signum, int count, void *siginfo,
145 void *private_data)
146 {
147 struct server_state *state = talloc_get_type_abort(
148 private_data, struct server_state);
149
150 DBG_DEBUG("Process %s got SIGTERM\n", state->binary_name);
151 TALLOC_FREE(state);
152 sig_term(SIGTERM);
153 }
154
155 /*
156 setup signal masks
157 */
158 static void setup_signals(void)
159 {
160 /* we are never interested in SIGPIPE */
161 BlockSignals(true,SIGPIPE);
162
163 #if defined(SIGFPE)
164 /* we are never interested in SIGFPE */
165 BlockSignals(true,SIGFPE);
166 #endif
167
168 /* We are no longer interested in USR1 */
169 BlockSignals(true, SIGUSR1);
170
171 #if defined(SIGUSR2)
172 /* We are no longer interested in USR2 */
173 BlockSignals(true,SIGUSR2);
174 #endif
175
176 /* POSIX demands that signals are inherited. If the invoking process has
177 * these signals masked, we will have problems,
178 * as we won't receive them. */
179 BlockSignals(false, SIGHUP);
180 BlockSignals(false, SIGTERM);
181
182 CatchSignal(SIGHUP, sig_hup);
183 CatchSignal(SIGTERM, sig_term);
184 }
185
186 /*
187 handle io on stdin
188 */
189 static void server_stdin_handler(struct tevent_context *event_ctx,
190 struct tevent_fd *fde,
191 uint16_t flags,
192 void *private_data)
193 {
194 struct server_state *state = talloc_get_type_abort(
195 private_data, struct server_state);
196 uint8_t c;
197 if (read(0, &c, 1) == 0) {
198 DBG_ERR("%s: EOF on stdin - PID %d terminating\n",
199 state->binary_name, (int)getpid());
200 #if HAVE_GETPGRP
201 if (getpgrp() == getpid()) {
202 DBG_ERR("Sending SIGTERM from pid %d\n",
203 (int)getpid());
204 kill(-getpgrp(), SIGTERM);
205 }
206 #endif
207 TALLOC_FREE(state);
208 exit(0);
209 }
210 }
211
212 /*
213 die if the user selected maximum runtime is exceeded
214 */
215 _NORETURN_ static void max_runtime_handler(struct tevent_context *ev,
216 struct tevent_timer *te,
217 struct timeval t, void *private_data)
218 {
219 struct server_state *state = talloc_get_type_abort(
220 private_data, struct server_state);
221 DBG_ERR("%s: maximum runtime exceeded - "
222 "terminating PID %d at %llu, current ts: %llu\n",
223 state->binary_name,
224 (int)getpid(),
225 (unsigned long long)t.tv_sec,
226 (unsigned long long)time(NULL));
227 TALLOC_FREE(state);
228 exit(0);
229 }
230
231 /*
232 pre-open the key databases. This saves a lot of time in child
233 processes
234 */
235 static void prime_ldb_databases(struct tevent_context *event_ctx)
236 {
237 TALLOC_CTX *db_context;
238 db_context = talloc_new(event_ctx);
239
240 samdb_connect(db_context,
241 event_ctx,
242 cmdline_lp_ctx,
243 system_session(cmdline_lp_ctx),
244 0);
245 privilege_connect(db_context, cmdline_lp_ctx);
246
247 /* we deliberately leave these open, which allows them to be
248 * re-used in ldb_wrap_connect() */
249 }
250
251
252 /*
253 called when a fatal condition occurs in a child task
254 */
255 static NTSTATUS samba_terminate(struct irpc_message *msg,
256 struct samba_terminate *r)
257 {
258 struct server_state *state = talloc_get_type(msg->private_data,
259 struct server_state);
260 DBG_ERR("samba_terminate of %s %d: %s\n",
261 state->binary_name, (int)getpid(), r->in.reason);
262 TALLOC_FREE(state);
263 exit(1);
264 }
265
266 /*
267 setup messaging for the top level samba (parent) task
268 */
269 static NTSTATUS setup_parent_messaging(struct server_state *state,
270 struct loadparm_context *lp_ctx)
271 {
272 struct imessaging_context *msg;
273 NTSTATUS status;
274
275 msg = imessaging_init(state->event_ctx,
276 lp_ctx,
277 cluster_id(getpid(), SAMBA_PARENT_TASKID),
278 state->event_ctx);
279 NT_STATUS_HAVE_NO_MEMORY(msg);
280
281 status = irpc_add_name(msg, "samba");
282 if (!NT_STATUS_IS_OK(status)) {
283 return status;
284 }
285
286 status = IRPC_REGISTER(msg, irpc, SAMBA_TERMINATE,
287 samba_terminate, state);
288
289 return status;
290 }
291
292
293 /*
294 show build info
295 */
296 static void show_build(void)
297 {
298 #define CONFIG_OPTION(n) { #n, dyn_ ## n }
299 struct {
300 const char *name;
301 const char *value;
302 } config_options[] = {
303 CONFIG_OPTION(BINDIR),
304 CONFIG_OPTION(SBINDIR),
305 CONFIG_OPTION(CONFIGFILE),
306 CONFIG_OPTION(NCALRPCDIR),
307 CONFIG_OPTION(LOGFILEBASE),
308 CONFIG_OPTION(LMHOSTSFILE),
309 CONFIG_OPTION(DATADIR),
310 CONFIG_OPTION(MODULESDIR),
311 CONFIG_OPTION(LOCKDIR),
312 CONFIG_OPTION(STATEDIR),
313 CONFIG_OPTION(CACHEDIR),
314 CONFIG_OPTION(PIDDIR),
315 CONFIG_OPTION(PRIVATE_DIR),
316 CONFIG_OPTION(CODEPAGEDIR),
317 CONFIG_OPTION(SETUPDIR),
318 CONFIG_OPTION(WINBINDD_SOCKET_DIR),
319 CONFIG_OPTION(NTP_SIGND_SOCKET_DIR),
320 { NULL, NULL}
321 };
322 int i;
323
324 printf("Samba version: %s\n", SAMBA_VERSION_STRING);
325 printf("Build environment:\n");
326
327 printf("Paths:\n");
328 for (i=0; config_options[i].name; i++) {
329 printf(" %s: %s\n",
330 config_options[i].name,
331 config_options[i].value);
332 }
333
334 exit(0);
335 }
336
337 static int event_ctx_destructor(struct tevent_context *event_ctx)
338 {
339 imessaging_dgm_unref_ev(event_ctx);
340 return 0;
341 }
342
343 #ifdef HAVE_PTHREAD
344 static int to_children_fd = -1;
345 static void atfork_prepare(void) {
346 }
347 static void atfork_parent(void) {
348 }
349 static void atfork_child(void) {
350 if (to_children_fd != -1) {
351 close(to_children_fd);
352 to_children_fd = -1;
353 }
354 }
355 #endif
356
357 /*
358 main server.
359 */
360 static int binary_smbd_main(const char *binary_name,
361 int argc,
362 const char *argv[])
363 {
364 bool opt_daemon = false;
365 bool opt_fork = true;
366 bool opt_interactive = false;
367 bool opt_no_process_group = false;
368 int opt;
369 poptContext pc;
370 #define _MODULE_PROTO(init) extern NTSTATUS init(TALLOC_CTX *);
371 STATIC_service_MODULES_PROTO;
372 init_module_fn static_init[] = { STATIC_service_MODULES };
373 init_module_fn *shared_init;
374 uint16_t stdin_event_flags;
375 NTSTATUS status;
376 const char *model = "standard";
377 int max_runtime = 0;
378 struct stat st;
379 enum {
380 OPT_DAEMON = 1000,
381 OPT_FOREGROUND,
382 OPT_INTERACTIVE,
383 OPT_PROCESS_MODEL,
384 OPT_SHOW_BUILD,
385 OPT_NO_PROCESS_GROUP,
386 };
387 struct poptOption long_options[] = {
388 POPT_AUTOHELP
389 {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
390 "Become a daemon (default)", NULL },
391 {"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FOREGROUND,
392 "Run the daemon in foreground", NULL },
393 {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
394 "Run interactive (not a daemon)", NULL},
395 {"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
396 "Select process model", "MODEL"},
397 {"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0,
398 "set maximum runtime of the server process, "
399 "till autotermination", "seconds"},
400 {"show-build", 'b', POPT_ARG_NONE, NULL, OPT_SHOW_BUILD,
401 "show build info", NULL },
402 {"no-process-group", '\0', POPT_ARG_NONE, NULL,
403 OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
404 POPT_COMMON_SAMBA
405 POPT_COMMON_VERSION
406 { NULL }
407 };
408 struct server_state *state = NULL;
409 struct tevent_signal *se = NULL;
410
411 setproctitle("root process");
412
413 pc = poptGetContext(binary_name, argc, argv, long_options, 0);
414 while((opt = poptGetNextOpt(pc)) != -1) {
415 switch(opt) {
416 case OPT_DAEMON:
417 opt_daemon = true;
418 break;
419 case OPT_FOREGROUND:
420 opt_fork = false;
421 break;
422 case OPT_INTERACTIVE:
423 opt_interactive = true;
424 break;
425 case OPT_PROCESS_MODEL:
426 model = poptGetOptArg(pc);
427 break;
428 case OPT_SHOW_BUILD:
429 show_build();
430 break;
431 case OPT_NO_PROCESS_GROUP:
432 opt_no_process_group = true;
433 break;
434 default:
435 fprintf(stderr, "\nInvalid option %s: %s\n\n",
436 poptBadOption(pc, 0), poptStrerror(opt));
437 poptPrintUsage(pc, stderr, 0);
438 return 1;
439 }
440 }
441
442 if (opt_daemon && opt_interactive) {
443 fprintf(stderr,"\nERROR: "
444 "Option -i|--interactive is "
445 "not allowed together with -D|--daemon\n\n");
446 poptPrintUsage(pc, stderr, 0);
447 return 1;
448 } else if (!opt_interactive && opt_fork) {
449 /* default is --daemon */
450 opt_daemon = true;
451 }
452
453 poptFreeContext(pc);
454
455 talloc_enable_null_tracking();
456
457 setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
458 setup_signals();
459
460 /* we want total control over the permissions on created files,
461 so set our umask to 0 */
462 umask(0);
463
464 DEBUG(0,("%s version %s started.\n",
465 binary_name,
466 SAMBA_VERSION_STRING));
467 DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team"
468 " 1992-2018\n"));
469
470 if (sizeof(uint16_t) < 2 ||
471 sizeof(uint32_t) < 4 ||
472 sizeof(uint64_t) < 8) {
473 DEBUG(0,("ERROR: Samba is not configured correctly "
474 "for the word size on your machine\n"));
475 DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, "
476 "sizeof(uint64_t) = %u\n",
477 (unsigned int)sizeof(uint16_t),
478 (unsigned int)sizeof(uint32_t),
479 (unsigned int)sizeof(uint64_t)));
480 return 1;
481 }
482
483 if (opt_daemon) {
484 DBG_NOTICE("Becoming a daemon.\n");
485 become_daemon(opt_fork, opt_no_process_group, false);
486 }
487
488 /* Create the memory context to hang everything off. */
489 state = talloc_zero(NULL, struct server_state);
490 if (state == NULL) {
491 exit_daemon("Samba cannot create server state", ENOMEM);
492 };
493 state->binary_name = binary_name;
494
495 cleanup_tmp_files(cmdline_lp_ctx);
496
497 if (!directory_exist(lpcfg_lock_directory(cmdline_lp_ctx))) {
498 mkdir(lpcfg_lock_directory(cmdline_lp_ctx), 0755);
499 }
500
501 pidfile_create(lpcfg_pid_directory(cmdline_lp_ctx), binary_name);
502
503 if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) {
504 if (!open_schannel_session_store(state,
505 cmdline_lp_ctx)) {
506 TALLOC_FREE(state);
507 exit_daemon("Samba cannot open schannel store "
508 "for secured NETLOGON operations.", EACCES);
509 }
510 }
511
512 /* make sure we won't go through nss_winbind */
513 if (!winbind_off()) {
514 TALLOC_FREE(state);
515 exit_daemon("Samba failed to disable recusive "
516 "winbindd calls.", EACCES);
517 }
518
519 gensec_init(); /* FIXME: */
520
521 process_model_init(cmdline_lp_ctx);
522
523 shared_init = load_samba_modules(NULL, "service");
524
525 run_init_functions(NULL, static_init);
526 run_init_functions(NULL, shared_init);
527
528 talloc_free(shared_init);
529
530 /* the event context is the top level structure in smbd. Everything else
531 should hang off that */
532 state->event_ctx = s4_event_context_init(state);
533
534 if (state->event_ctx == NULL) {
535 TALLOC_FREE(state);
536 exit_daemon("Initializing event context failed", EACCES);
537 }
538
539 talloc_set_destructor(state->event_ctx, event_ctx_destructor);
540
541 if (opt_interactive) {
542 /* terminate when stdin goes away */
543 stdin_event_flags = TEVENT_FD_READ;
544 } else {
545 /* stay alive forever */
546 stdin_event_flags = 0;
547 }
548
549 #if HAVE_SETPGID
550 /*
551 * If we're interactive we want to set our own process group for
552 * signal management, unless --no-process-group specified.
553 */
554 if (opt_interactive && !opt_no_process_group)
555 setpgid((pid_t)0, (pid_t)0);
556 #endif
557
558 /* catch EOF on stdin */
559 #ifdef SIGTTIN
560 signal(SIGTTIN, SIG_IGN);
561 #endif
562
563 if (fstat(0, &st) != 0) {
564 TALLOC_FREE(state);
565 exit_daemon("Samba failed to set standard input handler",
566 ENOTTY);
567 }
568
569 if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
570 struct tevent_fd *fde = tevent_add_fd(state->event_ctx,
571 state->event_ctx,
572 0,
573 stdin_event_flags,
574 server_stdin_handler,
575 state);
576 if (fde == NULL) {
577 TALLOC_FREE(state);
578 exit_daemon("Initializing stdin failed", ENOMEM);
579 }
580 }
581
582 if (max_runtime) {
583 struct tevent_timer *te;
584 DBG_ERR("%s PID %d was called with maxruntime %d - "
585 "current ts %llu\n",
586 binary_name, (int)getpid(),
587 max_runtime, (unsigned long long) time(NULL));
588 te = tevent_add_timer(state->event_ctx, state->event_ctx,
589 timeval_current_ofs(max_runtime, 0),
590 max_runtime_handler,
591 state);
592 if (te == NULL) {
593 TALLOC_FREE(state);
594 exit_daemon("Maxruntime handler failed", ENOMEM);
595 }
596 }
597
598 se = tevent_add_signal(state->event_ctx,
599 state->event_ctx,
600 SIGTERM,
601 0,
602 sigterm_signal_handler,
603 state);
604 if (se == NULL) {
605 TALLOC_FREE(state);
606 exit_daemon("Initialize SIGTERM handler failed", ENOMEM);
607 }
608
609 if (lpcfg_server_role(cmdline_lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC
610 && !lpcfg_parm_bool(cmdline_lp_ctx, NULL,
611 "server role check", "inhibit", false)
612 && !str_list_check_ci(lpcfg_server_services(cmdline_lp_ctx), "smb")
613 && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx),
614 "remote")
615 && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx),
616 "mapiproxy")) {
617 DEBUG(0, ("At this time the 'samba' binary should only be used "
618 "for either:\n"));
619 DEBUGADD(0, ("'server role = active directory domain "
620 "controller' or to access the ntvfs file server "
621 "with 'server services = +smb' or the rpc proxy "
622 "with 'dcerpc endpoint servers = remote'\n"));
623 DEBUGADD(0, ("You should start smbd/nmbd/winbindd instead for "
624 "domain member and standalone file server tasks\n"));
625 exit_daemon("Samba detected misconfigured 'server role' "
626 "and exited. Check logs for details", EINVAL);
627 };
628
629 prime_ldb_databases(state->event_ctx);
630
631 status = setup_parent_messaging(state, cmdline_lp_ctx);
632 if (!NT_STATUS_IS_OK(status)) {
633 TALLOC_FREE(state);
634 exit_daemon("Samba failed to setup parent messaging",
635 NT_STATUS_V(status));
636 }
637
638 DBG_ERR("%s: using '%s' process model\n", binary_name, model);
639
640 {
641 int child_pipe[2];
642 int rc;
643 bool start_services = false;
644
645 rc = pipe(child_pipe);
646 if (rc < 0) {
647 TALLOC_FREE(state);
648 exit_daemon("Samba failed to open process control pipe",
649 errno);
650 }
651 smb_set_close_on_exec(child_pipe[0]);
652 smb_set_close_on_exec(child_pipe[1]);
653
654 #ifdef HAVE_PTHREAD
655 to_children_fd = child_pipe[1];
656 pthread_atfork(atfork_prepare, atfork_parent,
657 atfork_child);
658 start_services = true;
659 #else
660 pid_t pid;
661 struct tfork *t = NULL;
662 t = tfork_create();
663 if (t == NULL) {
664 exit_daemon(
665 "Samba unable to fork master process",
666 0);
667 }
668 pid = tfork_child_pid(t);
669 if (pid == 0) {
670 start_services = false;
671 } else {
672 /* In the child process */
673 start_services = true;
674 close(child_pipe[1]);
675 }
676 #endif
677 if (start_services) {
678 status = server_service_startup(
679 state->event_ctx, cmdline_lp_ctx, model,
680 lpcfg_server_services(cmdline_lp_ctx),
681 child_pipe[0]);
682 if (!NT_STATUS_IS_OK(status)) {
683 TALLOC_FREE(state);
684 exit_daemon("Samba failed to start services",
685 NT_STATUS_V(status));
686 }
687 }
688 }
689
690 if (opt_daemon) {
691 daemon_ready("samba");
692 }
693
694 /* wait for events - this is where smbd sits for most of its
695 life */
696 tevent_loop_wait(state->event_ctx);
697
698 /* as everything hangs off this state->event context, freeing state
699 will initiate a clean shutdown of all services */
700 TALLOC_FREE(state);
701
702 return 0;
703 }
704
705 int main(int argc, const char *argv[])
706 {
707 setproctitle_init(argc, discard_const(argv), environ);
708
709 return binary_smbd_main("samba", argc, argv);
710 }
Samba GIT mirror