search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dynconfig/wscript: add dynconfig_varnames()
[Samba.git] / source4 / smbd / server.c
blob8a9de48c0a12e721ba865e84aaa50e4b93d83c92
1 /*
2 Unix SMB/CIFS implementation.
3
4 Main SMB server routines
5
6 Copyright (C) Andrew Tridgell 1992-2005
7 Copyright (C) Martin Pool 2002
8 Copyright (C) Jelmer Vernooij 2002
9 Copyright (C) James J Myers 2003 <myersjj@samba.org>
10
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "version.h"
28 #include "lib/cmdline/popt_common.h"
29 #include "system/dir.h"
30 #include "system/filesys.h"
31 #include "ntvfs/ntvfs.h"
32 #include "ntptr/ntptr.h"
33 #include "auth/gensec/gensec.h"
34 #include "libcli/auth/schannel.h"
35 #include "smbd/process_model.h"
36 #include "param/secrets.h"
37 #include "lib/util/pidfile.h"
38 #include "param/param.h"
39 #include "dsdb/samdb/samdb.h"
40 #include "auth/session.h"
41 #include "lib/messaging/irpc.h"
42 #include "librpc/gen_ndr/ndr_irpc.h"
43 #include "cluster/cluster.h"
44 #include "dynconfig/dynconfig.h"
45 #include "lib/util/samba_modules.h"
46 #include "nsswitch/winbind_client.h"
47
48 /*
49 recursively delete a directory tree
50 */
51 static void recursive_delete(const char *path)
52 {
53 DIR *dir;
54 struct dirent *de;
55
56 dir = opendir(path);
57 if (!dir) {
58 return;
59 }
60
61 for (de=readdir(dir);de;de=readdir(dir)) {
62 char *fname;
63 struct stat st;
64
65 if (ISDOT(de->d_name) || ISDOTDOT(de->d_name)) {
66 continue;
67 }
68
69 fname = talloc_asprintf(path, "%s/%s", path, de->d_name);
70 if (stat(fname, &st) != 0) {
71 continue;
72 }
73 if (S_ISDIR(st.st_mode)) {
74 recursive_delete(fname);
75 talloc_free(fname);
76 continue;
77 }
78 if (unlink(fname) != 0) {
79 DEBUG(0,("Unabled to delete '%s' - %s\n",
80 fname, strerror(errno)));
81 smb_panic("unable to cleanup tmp files");
82 }
83 talloc_free(fname);
84 }
85 closedir(dir);
86 }
87
88 /*
89 cleanup temporary files. This is the new alternative to
90 TDB_CLEAR_IF_FIRST. Unfortunately TDB_CLEAR_IF_FIRST is not
91 efficient on unix systems due to the lack of scaling of the byte
92 range locking system. So instead of putting the burden on tdb to
93 cleanup tmp files, this function deletes them.
94 */
95 static void cleanup_tmp_files(struct loadparm_context *lp_ctx)
96 {
97 char *path;
98 TALLOC_CTX *mem_ctx = talloc_new(NULL);
99
100 path = smbd_tmp_path(mem_ctx, lp_ctx, NULL);
101
102 recursive_delete(path);
103 talloc_free(mem_ctx);
104 }
105
106 static void sig_hup(int sig)
107 {
108 debug_schedule_reopen_logs();
109 }
110
111 static void sig_term(int sig)
112 {
113 #if HAVE_GETPGRP
114 static int done_sigterm;
115 if (done_sigterm == 0 && getpgrp() == getpid()) {
116 DEBUG(0,("SIGTERM: killing children\n"));
117 done_sigterm = 1;
118 kill(-getpgrp(), SIGTERM);
119 }
120 #endif
121 DEBUG(0,("Exiting pid %d on SIGTERM\n", (int)getpid()));
122 exit(127);
123 }
124
125 /*
126 setup signal masks
127 */
128 static void setup_signals(void)
129 {
130 /* we are never interested in SIGPIPE */
131 BlockSignals(true,SIGPIPE);
132
133 #if defined(SIGFPE)
134 /* we are never interested in SIGFPE */
135 BlockSignals(true,SIGFPE);
136 #endif
137
138 /* We are no longer interested in USR1 */
139 BlockSignals(true, SIGUSR1);
140
141 #if defined(SIGUSR2)
142 /* We are no longer interested in USR2 */
143 BlockSignals(true,SIGUSR2);
144 #endif
145
146 /* POSIX demands that signals are inherited. If the invoking process has
147 * these signals masked, we will have problems, as we won't receive them. */
148 BlockSignals(false, SIGHUP);
149 BlockSignals(false, SIGTERM);
150
151 CatchSignal(SIGHUP, sig_hup);
152 CatchSignal(SIGTERM, sig_term);
153 }
154
155 /*
156 handle io on stdin
157 */
158 static void server_stdin_handler(struct tevent_context *event_ctx, struct tevent_fd *fde,
159 uint16_t flags, void *private_data)
160 {
161 const char *binary_name = (const char *)private_data;
162 uint8_t c;
163 if (read(0, &c, 1) == 0) {
164 DEBUG(0,("%s: EOF on stdin - terminating\n", binary_name));
165 #if HAVE_GETPGRP
166 if (getpgrp() == getpid()) {
167 DEBUG(0,("Sending SIGTERM from pid %d\n", (int)getpid()));
168 kill(-getpgrp(), SIGTERM);
169 }
170 #endif
171 exit(0);
172 }
173 }
174
175 /*
176 die if the user selected maximum runtime is exceeded
177 */
178 _NORETURN_ static void max_runtime_handler(struct tevent_context *ev,
179 struct tevent_timer *te,
180 struct timeval t, void *private_data)
181 {
182 const char *binary_name = (const char *)private_data;
183 DEBUG(0,("%s: maximum runtime exceeded - terminating at %llu, current ts: %llu\n",
184 binary_name, (unsigned long long)t.tv_sec, (unsigned long long) time(NULL)));
185 exit(0);
186 }
187
188 /*
189 pre-open the key databases. This saves a lot of time in child
190 processes
191 */
192 static void prime_ldb_databases(struct tevent_context *event_ctx)
193 {
194 TALLOC_CTX *db_context;
195 db_context = talloc_new(event_ctx);
196
197 samdb_connect(db_context, event_ctx, cmdline_lp_ctx, system_session(cmdline_lp_ctx), 0);
198 privilege_connect(db_context, cmdline_lp_ctx);
199
200 /* we deliberately leave these open, which allows them to be
201 * re-used in ldb_wrap_connect() */
202 }
203
204
205 /*
206 called when a fatal condition occurs in a child task
207 */
208 static NTSTATUS samba_terminate(struct irpc_message *msg,
209 struct samba_terminate *r)
210 {
211 DEBUG(0,("samba_terminate: %s\n", r->in.reason));
212 exit(1);
213 }
214
215 /*
216 setup messaging for the top level samba (parent) task
217 */
218 static NTSTATUS setup_parent_messaging(struct tevent_context *event_ctx,
219 struct loadparm_context *lp_ctx)
220 {
221 struct imessaging_context *msg;
222 NTSTATUS status;
223
224 msg = imessaging_init(talloc_autofree_context(),
225 lp_ctx,
226 cluster_id(0, SAMBA_PARENT_TASKID), event_ctx, false);
227 NT_STATUS_HAVE_NO_MEMORY(msg);
228
229 status = irpc_add_name(msg, "samba");
230 if (!NT_STATUS_IS_OK(status)) {
231 return status;
232 }
233
234 status = IRPC_REGISTER(msg, irpc, SAMBA_TERMINATE,
235 samba_terminate, NULL);
236
237 return status;
238 }
239
240
241 /*
242 show build info
243 */
244 static void show_build(void)
245 {
246 #define CONFIG_OPTION(n) { #n, dyn_ ## n }
247 struct {
248 const char *name;
249 const char *value;
250 } config_options[] = {
251 CONFIG_OPTION(BINDIR),
252 CONFIG_OPTION(SBINDIR),
253 CONFIG_OPTION(CONFIGFILE),
254 CONFIG_OPTION(NCALRPCDIR),
255 CONFIG_OPTION(LOGFILEBASE),
256 CONFIG_OPTION(LMHOSTSFILE),
257 CONFIG_OPTION(DATADIR),
258 CONFIG_OPTION(MODULESDIR),
259 CONFIG_OPTION(LOCKDIR),
260 CONFIG_OPTION(STATEDIR),
261 CONFIG_OPTION(CACHEDIR),
262 CONFIG_OPTION(PIDDIR),
263 CONFIG_OPTION(PRIVATE_DIR),
264 CONFIG_OPTION(SWATDIR),
265 CONFIG_OPTION(CODEPAGEDIR),
266 CONFIG_OPTION(SETUPDIR),
267 CONFIG_OPTION(WINBINDD_SOCKET_DIR),
268 CONFIG_OPTION(WINBINDD_PRIVILEGED_SOCKET_DIR),
269 CONFIG_OPTION(NTP_SIGND_SOCKET_DIR),
270 { NULL, NULL}
271 };
272 int i;
273
274 printf("Samba version: %s\n", SAMBA_VERSION_STRING);
275 printf("Build environment:\n");
276 #ifdef BUILD_SYSTEM
277 printf(" Build host: %s\n", BUILD_SYSTEM);
278 #endif
279
280 printf("Paths:\n");
281 for (i=0; config_options[i].name; i++) {
282 printf(" %s: %s\n", config_options[i].name, config_options[i].value);
283 }
284
285 exit(0);
286 }
287
288 /*
289 main server.
290 */
291 static int binary_smbd_main(const char *binary_name, int argc, const char *argv[])
292 {
293 bool opt_daemon = false;
294 bool opt_interactive = false;
295 int opt;
296 poptContext pc;
297 #define _MODULE_PROTO(init) extern NTSTATUS init(void);
298 STATIC_service_MODULES_PROTO;
299 init_module_fn static_init[] = { STATIC_service_MODULES };
300 init_module_fn *shared_init;
301 struct tevent_context *event_ctx;
302 uint16_t stdin_event_flags;
303 NTSTATUS status;
304 const char *model = "standard";
305 int max_runtime = 0;
306 struct stat st;
307 enum {
308 OPT_DAEMON = 1000,
309 OPT_INTERACTIVE,
310 OPT_PROCESS_MODEL,
311 OPT_SHOW_BUILD
312 };
313 struct poptOption long_options[] = {
314 POPT_AUTOHELP
315 {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
316 "Become a daemon (default)", NULL },
317 {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
318 "Run interactive (not a daemon)", NULL},
319 {"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
320 "Select process model", "MODEL"},
321 {"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0,
322 "set maximum runtime of the server process, till autotermination", "seconds"},
323 {"show-build", 'b', POPT_ARG_NONE, NULL, OPT_SHOW_BUILD, "show build info", NULL },
324 POPT_COMMON_SAMBA
325 POPT_COMMON_VERSION
326 { NULL }
327 };
328
329 pc = poptGetContext(binary_name, argc, argv, long_options, 0);
330 while((opt = poptGetNextOpt(pc)) != -1) {
331 switch(opt) {
332 case OPT_DAEMON:
333 opt_daemon = true;
334 break;
335 case OPT_INTERACTIVE:
336 opt_interactive = true;
337 break;
338 case OPT_PROCESS_MODEL:
339 model = poptGetOptArg(pc);
340 break;
341 case OPT_SHOW_BUILD:
342 show_build();
343 break;
344 default:
345 fprintf(stderr, "\nInvalid option %s: %s\n\n",
346 poptBadOption(pc, 0), poptStrerror(opt));
347 poptPrintUsage(pc, stderr, 0);
348 return 1;
349 }
350 }
351
352 if (opt_daemon && opt_interactive) {
353 fprintf(stderr,"\nERROR: "
354 "Option -i|--interactive is not allowed together with -D|--daemon\n\n");
355 poptPrintUsage(pc, stderr, 0);
356 return 1;
357 } else if (!opt_interactive) {
358 /* default is --daemon */
359 opt_daemon = true;
360 }
361
362 poptFreeContext(pc);
363
364 setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
365 setup_signals();
366
367 /* we want total control over the permissions on created files,
368 so set our umask to 0 */
369 umask(0);
370
371 DEBUG(0,("%s version %s started.\n", binary_name, SAMBA_VERSION_STRING));
372 DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team 1992-2012\n"));
373
374 if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4 || sizeof(uint64_t) < 8) {
375 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
376 DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, sizeof(uint64_t) = %u\n",
377 (unsigned int)sizeof(uint16_t), (unsigned int)sizeof(uint32_t), (unsigned int)sizeof(uint64_t)));
378 return 1;
379 }
380
381 if (opt_daemon) {
382 DEBUG(3,("Becoming a daemon.\n"));
383 become_daemon(true, false, false);
384 }
385
386 cleanup_tmp_files(cmdline_lp_ctx);
387
388 if (!directory_exist(lpcfg_lockdir(cmdline_lp_ctx))) {
389 mkdir(lpcfg_lockdir(cmdline_lp_ctx), 0755);
390 }
391
392 pidfile_create(lpcfg_piddir(cmdline_lp_ctx), binary_name);
393
394 /* Set up a database to hold a random seed, in case we don't
395 * have /dev/urandom */
396 if (!randseed_init(talloc_autofree_context(), cmdline_lp_ctx)) {
397 return 1;
398 }
399
400 if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) {
401 if (!open_schannel_session_store(talloc_autofree_context(), cmdline_lp_ctx)) {
402 DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n"));
403 exit(1);
404 }
405 }
406
407 /* make sure we won't go through nss_winbind */
408 if (!winbind_off()) {
409 DEBUG(0,("Failed to disable recusive winbindd calls. Exiting.\n"));
410 exit(1);
411 }
412
413 gensec_init(); /* FIXME: */
414
415 ntptr_init(); /* FIXME: maybe run this in the initialization function
416 of the spoolss RPC server instead? */
417
418 ntvfs_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization functions
419 of the SMB[,2] server instead? */
420
421 process_model_init(cmdline_lp_ctx);
422
423 shared_init = load_samba_modules(NULL, "service");
424
425 run_init_functions(static_init);
426 run_init_functions(shared_init);
427
428 talloc_free(shared_init);
429
430 /* the event context is the top level structure in smbd. Everything else
431 should hang off that */
432 event_ctx = s4_event_context_init(talloc_autofree_context());
433
434 if (event_ctx == NULL) {
435 DEBUG(0,("Initializing event context failed\n"));
436 return 1;
437 }
438
439 if (opt_interactive) {
440 /* terminate when stdin goes away */
441 stdin_event_flags = TEVENT_FD_READ;
442 } else {
443 /* stay alive forever */
444 stdin_event_flags = 0;
445 }
446
447 /* catch EOF on stdin */
448 #ifdef SIGTTIN
449 signal(SIGTTIN, SIG_IGN);
450 #endif
451
452 if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
453 tevent_add_fd(event_ctx,
454 event_ctx,
455 0,
456 stdin_event_flags,
457 server_stdin_handler,
458 discard_const(binary_name));
459 }
460
461 if (max_runtime) {
462 DEBUG(0,("Called with maxruntime %d - current ts %llu\n",
463 max_runtime, (unsigned long long) time(NULL)));
464 tevent_add_timer(event_ctx, event_ctx,
465 timeval_current_ofs(max_runtime, 0),
466 max_runtime_handler,
467 discard_const(binary_name));
468 }
469
470 if (lpcfg_server_role(cmdline_lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC
471 && !lpcfg_parm_bool(cmdline_lp_ctx, NULL, "server role check", "inhibit", false)
472 && !str_list_check_ci(lpcfg_server_services(cmdline_lp_ctx), "smb")
473 && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx), "remote")
474 && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx), "mapiproxy")) {
475 DEBUG(0, ("At this time the 'samba' binary should only be used for either:\n"));
476 DEBUGADD(0, ("'server role = active directory domain controller' or to access the ntvfs file server with 'server services = +smb' or the rpc proxy with 'dcerpc endpoint servers = remote'\n"));
477 DEBUGADD(0, ("You should start smbd/nmbd/winbindd instead for domain member and standalone file server tasks\n"));
478 exit(1);
479 };
480
481 prime_ldb_databases(event_ctx);
482
483 status = setup_parent_messaging(event_ctx, cmdline_lp_ctx);
484 if (!NT_STATUS_IS_OK(status)) {
485 DEBUG(0,("Failed to setup parent messaging - %s\n", nt_errstr(status)));
486 return 1;
487 }
488
489 DEBUG(0,("%s: using '%s' process model\n", binary_name, model));
490
491 status = server_service_startup(event_ctx, cmdline_lp_ctx, model,
492 lpcfg_server_services(cmdline_lp_ctx));
493 if (!NT_STATUS_IS_OK(status)) {
494 DEBUG(0,("Starting Services failed - %s\n", nt_errstr(status)));
495 return 1;
496 }
497
498 /* wait for events - this is where smbd sits for most of its
499 life */
500 tevent_loop_wait(event_ctx);
501
502 /* as everything hangs off this event context, freeing it
503 should initiate a clean shutdown of all services */
504 talloc_free(event_ctx);
505
506 return 0;
507 }
508
509 int main(int argc, const char *argv[])
510 {
511 return binary_smbd_main("samba", argc, argv);
512 }
Samba GIT mirror