search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add test for 'samba-tool user edit'
[Samba.git] / source3 / smbd / server.c
blobfa13dbc9b18c7038e1fd08ae6c59cd415b3f00f4
1 /*
2 Unix SMB/CIFS implementation.
3 Main SMB server routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Martin Pool 2002
6 Copyright (C) Jelmer Vernooij 2002-2003
7 Copyright (C) Volker Lendecke 1993-2007
8 Copyright (C) Jeremy Allison 1993-2007
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "system/filesys.h"
26 #include "lib/util/server_id.h"
27 #include "popt_common.h"
28 #include "smbd/smbd.h"
29 #include "smbd/globals.h"
30 #include "registry/reg_init_full.h"
31 #include "libcli/auth/schannel.h"
32 #include "secrets.h"
33 #include "../lib/util/memcache.h"
34 #include "ctdbd_conn.h"
35 #include "util_cluster.h"
36 #include "printing/queue_process.h"
37 #include "rpc_server/rpc_service_setup.h"
38 #include "rpc_server/rpc_config.h"
39 #include "serverid.h"
40 #include "passdb.h"
41 #include "auth.h"
42 #include "messages.h"
43 #include "messages_ctdbd.h"
44 #include "smbprofile.h"
45 #include "lib/id_cache.h"
46 #include "lib/param/param.h"
47 #include "lib/background.h"
48 #include "lib/conn_tdb.h"
49 #include "../lib/util/pidfile.h"
50 #include "lib/smbd_shim.h"
51 #include "scavenger.h"
52 #include "locking/leases_db.h"
53 #include "smbd/notifyd/notifyd.h"
54 #include "smbd/smbd_cleanupd.h"
55 #include "lib/util/sys_rw.h"
56 #include "cleanupdb.h"
57 #include "g_lock.h"
58
59 #ifdef CLUSTER_SUPPORT
60 #include "ctdb_protocol.h"
61 #endif
62
63 struct smbd_open_socket;
64 struct smbd_child_pid;
65
66 struct smbd_parent_context {
67 bool interactive;
68
69 struct tevent_context *ev_ctx;
70 struct messaging_context *msg_ctx;
71
72 /* the list of listening sockets */
73 struct smbd_open_socket *sockets;
74
75 /* the list of current child processes */
76 struct smbd_child_pid *children;
77 size_t num_children;
78
79 struct server_id cleanupd;
80 struct server_id notifyd;
81
82 struct tevent_timer *cleanup_te;
83 };
84
85 struct smbd_open_socket {
86 struct smbd_open_socket *prev, *next;
87 struct smbd_parent_context *parent;
88 int fd;
89 struct tevent_fd *fde;
90 };
91
92 struct smbd_child_pid {
93 struct smbd_child_pid *prev, *next;
94 pid_t pid;
95 };
96
97 extern void start_epmd(struct tevent_context *ev_ctx,
98 struct messaging_context *msg_ctx);
99
100 extern void start_lsasd(struct tevent_context *ev_ctx,
101 struct messaging_context *msg_ctx);
102
103 extern void start_fssd(struct tevent_context *ev_ctx,
104 struct messaging_context *msg_ctx);
105
106 extern void start_mdssd(struct tevent_context *ev_ctx,
107 struct messaging_context *msg_ctx);
108
109 /*******************************************************************
110 What to do when smb.conf is updated.
111 ********************************************************************/
112
113 static void smbd_parent_conf_updated(struct messaging_context *msg,
114 void *private_data,
115 uint32_t msg_type,
116 struct server_id server_id,
117 DATA_BLOB *data)
118 {
119 struct tevent_context *ev_ctx =
120 talloc_get_type_abort(private_data, struct tevent_context);
121
122 DEBUG(10,("smbd_parent_conf_updated: Got message saying smb.conf was "
123 "updated. Reloading.\n"));
124 change_to_root_user();
125 reload_services(NULL, NULL, false);
126 printing_subsystem_update(ev_ctx, msg, false);
127 }
128
129 /*******************************************************************
130 Delete a statcache entry.
131 ********************************************************************/
132
133 static void smb_stat_cache_delete(struct messaging_context *msg,
134 void *private_data,
135 uint32_t msg_tnype,
136 struct server_id server_id,
137 DATA_BLOB *data)
138 {
139 const char *name = (const char *)data->data;
140 DEBUG(10,("smb_stat_cache_delete: delete name %s\n", name));
141 stat_cache_delete(name);
142 }
143
144 /****************************************************************************
145 Send a SIGTERM to our process group.
146 *****************************************************************************/
147
148 static void killkids(void)
149 {
150 if(am_parent) kill(0,SIGTERM);
151 }
152
153 static void msg_exit_server(struct messaging_context *msg,
154 void *private_data,
155 uint32_t msg_type,
156 struct server_id server_id,
157 DATA_BLOB *data)
158 {
159 DEBUG(3, ("got a SHUTDOWN message\n"));
160 exit_server_cleanly(NULL);
161 }
162
163 #ifdef DEVELOPER
164 static void msg_inject_fault(struct messaging_context *msg,
165 void *private_data,
166 uint32_t msg_type,
167 struct server_id src,
168 DATA_BLOB *data)
169 {
170 int sig;
171 struct server_id_buf tmp;
172
173 if (data->length != sizeof(sig)) {
174 DEBUG(0, ("Process %s sent bogus signal injection request\n",
175 server_id_str_buf(src, &tmp)));
176 return;
177 }
178
179 sig = *(int *)data->data;
180 if (sig == -1) {
181 exit_server("internal error injected");
182 return;
183 }
184
185 #if HAVE_STRSIGNAL
186 DEBUG(0, ("Process %s requested injection of signal %d (%s)\n",
187 server_id_str_buf(src, &tmp), sig, strsignal(sig)));
188 #else
189 DEBUG(0, ("Process %s requested injection of signal %d\n",
190 server_id_str_buf(src, &tmp), sig));
191 #endif
192
193 kill(getpid(), sig);
194 }
195 #endif /* DEVELOPER */
196
197 static NTSTATUS messaging_send_to_children(struct messaging_context *msg_ctx,
198 uint32_t msg_type, DATA_BLOB* data)
199 {
200 NTSTATUS status;
201 struct smbd_parent_context *parent = am_parent;
202 struct smbd_child_pid *child;
203
204 if (parent == NULL) {
205 return NT_STATUS_INTERNAL_ERROR;
206 }
207
208 for (child = parent->children; child != NULL; child = child->next) {
209 status = messaging_send(parent->msg_ctx,
210 pid_to_procid(child->pid),
211 msg_type, data);
212 if (!NT_STATUS_IS_OK(status)) {
213 DBG_DEBUG("messaging_send(%d) failed: %s\n",
214 (int)child->pid, nt_errstr(status));
215 }
216 }
217 return NT_STATUS_OK;
218 }
219
220 static void smb_parent_send_to_children(struct messaging_context *ctx,
221 void* data,
222 uint32_t msg_type,
223 struct server_id srv_id,
224 DATA_BLOB* msg_data)
225 {
226 messaging_send_to_children(ctx, msg_type, msg_data);
227 }
228
229 /*
230 * Parent smbd process sets its own debug level first and then
231 * sends a message to all the smbd children to adjust their debug
232 * level to that of the parent.
233 */
234
235 static void smbd_msg_debug(struct messaging_context *msg_ctx,
236 void *private_data,
237 uint32_t msg_type,
238 struct server_id server_id,
239 DATA_BLOB *data)
240 {
241 debug_message(msg_ctx, private_data, MSG_DEBUG, server_id, data);
242
243 messaging_send_to_children(msg_ctx, MSG_DEBUG, data);
244 }
245
246 static void smbd_parent_id_cache_kill(struct messaging_context *msg_ctx,
247 void *private_data,
248 uint32_t msg_type,
249 struct server_id server_id,
250 DATA_BLOB* data)
251 {
252 const char *msg = (data && data->data)
253 ? (const char *)data->data : "<NULL>";
254 struct id_cache_ref id;
255
256 if (!id_cache_ref_parse(msg, &id)) {
257 DEBUG(0, ("Invalid ?ID: %s\n", msg));
258 return;
259 }
260
261 id_cache_delete_from_cache(&id);
262
263 messaging_send_to_children(msg_ctx, msg_type, data);
264 }
265
266 static void smbd_parent_id_cache_delete(struct messaging_context *ctx,
267 void* data,
268 uint32_t msg_type,
269 struct server_id srv_id,
270 DATA_BLOB* msg_data)
271 {
272 id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
273
274 messaging_send_to_children(ctx, msg_type, msg_data);
275 }
276
277 #ifdef CLUSTER_SUPPORT
278 static int smbd_parent_ctdb_reconfigured(
279 uint32_t src_vnn, uint32_t dst_vnn, uint64_t dst_srvid,
280 const uint8_t *msg, size_t msglen, void *private_data)
281 {
282 struct messaging_context *msg_ctx = talloc_get_type_abort(
283 private_data, struct messaging_context);
284
285 DEBUG(10, ("Got %s message\n", (dst_srvid == CTDB_SRVID_RECONFIGURE)
286 ? "cluster reconfigure" : "SAMBA_NOTIFY"));
287
288 /*
289 * Someone from the family died, validate our locks
290 */
291
292 if (am_parent) {
293 messaging_send_buf(msg_ctx, am_parent->cleanupd,
294 MSG_SMB_BRL_VALIDATE, NULL, 0);
295 }
296
297 return 0;
298 }
299 #endif
300
301 static void add_child_pid(struct smbd_parent_context *parent,
302 pid_t pid)
303 {
304 struct smbd_child_pid *child;
305
306 child = talloc_zero(parent, struct smbd_child_pid);
307 if (child == NULL) {
308 DEBUG(0, ("Could not add child struct -- malloc failed\n"));
309 return;
310 }
311 child->pid = pid;
312 DLIST_ADD(parent->children, child);
313 parent->num_children += 1;
314 }
315
316 static void smb_tell_num_children(struct messaging_context *ctx, void *data,
317 uint32_t msg_type, struct server_id srv_id,
318 DATA_BLOB *msg_data)
319 {
320 uint8_t buf[sizeof(uint32_t)];
321
322 if (am_parent) {
323 SIVAL(buf, 0, am_parent->num_children);
324 messaging_send_buf(ctx, srv_id, MSG_SMB_NUM_CHILDREN,
325 buf, sizeof(buf));
326 }
327 }
328
329 static void notifyd_stopped(struct tevent_req *req);
330
331 static struct tevent_req *notifyd_req(struct messaging_context *msg_ctx,
332 struct tevent_context *ev)
333 {
334 struct tevent_req *req;
335 sys_notify_watch_fn sys_notify_watch = NULL;
336 struct sys_notify_context *sys_notify_ctx = NULL;
337
338 if (lp_kernel_change_notify()) {
339
340 #ifdef HAVE_INOTIFY
341 if (lp_parm_bool(-1, "notify", "inotify", true)) {
342 sys_notify_watch = inotify_watch;
343 }
344 #endif
345
346 #ifdef HAVE_FAM
347 if (lp_parm_bool(-1, "notify", "fam",
348 (sys_notify_watch == NULL))) {
349 sys_notify_watch = fam_watch;
350 }
351 #endif
352 }
353
354 if (sys_notify_watch != NULL) {
355 sys_notify_ctx = sys_notify_context_create(msg_ctx, ev);
356 if (sys_notify_ctx == NULL) {
357 return NULL;
358 }
359 }
360
361 req = notifyd_send(msg_ctx, ev, msg_ctx,
362 messaging_ctdbd_connection(),
363 sys_notify_watch, sys_notify_ctx);
364 if (req == NULL) {
365 TALLOC_FREE(sys_notify_ctx);
366 return NULL;
367 }
368 tevent_req_set_callback(req, notifyd_stopped, msg_ctx);
369
370 return req;
371 }
372
373 static void notifyd_stopped(struct tevent_req *req)
374 {
375 int ret;
376
377 ret = notifyd_recv(req);
378 TALLOC_FREE(req);
379 DEBUG(1, ("notifyd stopped: %s\n", strerror(ret)));
380 }
381
382 static bool smbd_notifyd_init(struct messaging_context *msg, bool interactive,
383 struct server_id *ppid)
384 {
385 struct tevent_context *ev = messaging_tevent_context(msg);
386 struct tevent_req *req;
387 pid_t pid;
388 NTSTATUS status;
389
390 if (interactive) {
391 req = notifyd_req(msg, ev);
392 return (req != NULL);
393 }
394
395 pid = fork();
396 if (pid == -1) {
397 DEBUG(1, ("%s: fork failed: %s\n", __func__,
398 strerror(errno)));
399 return false;
400 }
401
402 if (pid != 0) {
403 if (am_parent != 0) {
404 add_child_pid(am_parent, pid);
405 }
406 *ppid = pid_to_procid(pid);
407 return true;
408 }
409
410 status = smbd_reinit_after_fork(msg, ev, true, "smbd-notifyd");
411 if (!NT_STATUS_IS_OK(status)) {
412 DEBUG(1, ("%s: reinit_after_fork failed: %s\n",
413 __func__, nt_errstr(status)));
414 exit(1);
415 }
416
417 req = notifyd_req(msg, ev);
418 if (req == NULL) {
419 exit(1);
420 }
421 tevent_req_set_callback(req, notifyd_stopped, msg);
422
423 /* Block those signals that we are not handling */
424 BlockSignals(True, SIGHUP);
425 BlockSignals(True, SIGUSR1);
426
427 messaging_send(msg, pid_to_procid(getppid()), MSG_SMB_NOTIFY_STARTED,
428 NULL);
429
430 return tevent_req_poll(req, ev);
431 }
432
433 static void notifyd_init_trigger(struct tevent_req *req);
434
435 struct notifyd_init_state {
436 bool ok;
437 struct tevent_context *ev;
438 struct messaging_context *msg;
439 struct server_id *ppid;
440 };
441
442 static struct tevent_req *notifyd_init_send(struct tevent_context *ev,
443 TALLOC_CTX *mem_ctx,
444 struct messaging_context *msg,
445 struct server_id *ppid)
446 {
447 struct tevent_req *req = NULL;
448 struct tevent_req *subreq = NULL;
449 struct notifyd_init_state *state = NULL;
450
451 req = tevent_req_create(mem_ctx, &state, struct notifyd_init_state);
452 if (req == NULL) {
453 return NULL;
454 }
455
456 *state = (struct notifyd_init_state) {
457 .msg = msg,
458 .ev = ev,
459 .ppid = ppid
460 };
461
462 subreq = tevent_wakeup_send(state, ev, tevent_timeval_current_ofs(1, 0));
463 if (tevent_req_nomem(subreq, req)) {
464 return tevent_req_post(req, ev);
465 }
466
467 tevent_req_set_callback(subreq, notifyd_init_trigger, req);
468 return req;
469 }
470
471 static void notifyd_init_trigger(struct tevent_req *subreq)
472 {
473 struct tevent_req *req = tevent_req_callback_data(
474 subreq, struct tevent_req);
475 struct notifyd_init_state *state = tevent_req_data(
476 req, struct notifyd_init_state);
477 bool ok;
478
479 DBG_NOTICE("Triggering notifyd startup\n");
480
481 ok = tevent_wakeup_recv(subreq);
482 TALLOC_FREE(subreq);
483 if (!ok) {
484 tevent_req_error(req, ENOMEM);
485 return;
486 }
487
488 state->ok = smbd_notifyd_init(state->msg, false, state->ppid);
489 if (state->ok) {
490 DBG_WARNING("notifyd restarted\n");
491 tevent_req_done(req);
492 return;
493 }
494
495 DBG_NOTICE("notifyd startup failed, rescheduling\n");
496
497 subreq = tevent_wakeup_send(state, state->ev,
498 tevent_timeval_current_ofs(1, 0));
499 if (tevent_req_nomem(subreq, req)) {
500 DBG_ERR("scheduling notifyd restart failed, giving up\n");
501 return;
502 }
503
504 tevent_req_set_callback(subreq, notifyd_init_trigger, req);
505 return;
506 }
507
508 static bool notifyd_init_recv(struct tevent_req *req)
509 {
510 struct notifyd_init_state *state = tevent_req_data(
511 req, struct notifyd_init_state);
512
513 return state->ok;
514 }
515
516 static void notifyd_started(struct tevent_req *req)
517 {
518 bool ok;
519
520 ok = notifyd_init_recv(req);
521 TALLOC_FREE(req);
522 if (!ok) {
523 DBG_ERR("Failed to restart notifyd, giving up\n");
524 return;
525 }
526 }
527
528 static void cleanupd_stopped(struct tevent_req *req);
529
530 static bool cleanupd_init(struct messaging_context *msg, bool interactive,
531 struct server_id *ppid)
532 {
533 struct tevent_context *ev = messaging_tevent_context(msg);
534 struct server_id parent_id = messaging_server_id(msg);
535 struct tevent_req *req;
536 pid_t pid;
537 NTSTATUS status;
538 ssize_t rwret;
539 int ret;
540 bool ok;
541 char c;
542 int up_pipe[2];
543
544 if (interactive) {
545 req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
546 *ppid = messaging_server_id(msg);
547 return (req != NULL);
548 }
549
550 ret = pipe(up_pipe);
551 if (ret == -1) {
552 DBG_WARNING("pipe failed: %s\n", strerror(errno));
553 return false;
554 }
555
556 pid = fork();
557 if (pid == -1) {
558 DBG_WARNING("fork failed: %s\n", strerror(errno));
559 close(up_pipe[0]);
560 close(up_pipe[1]);
561 return false;
562 }
563
564 if (pid != 0) {
565
566 close(up_pipe[1]);
567 rwret = sys_read(up_pipe[0], &c, 1);
568 close(up_pipe[0]);
569
570 if (rwret == -1) {
571 DBG_WARNING("sys_read failed: %s\n", strerror(errno));
572 return false;
573 }
574 if (rwret == 0) {
575 DBG_WARNING("cleanupd could not start\n");
576 return false;
577 }
578 if (c != 0) {
579 DBG_WARNING("cleanupd returned %d\n", (int)c);
580 return false;
581 }
582
583 DBG_DEBUG("Started cleanupd pid=%d\n", (int)pid);
584
585 if (am_parent != NULL) {
586 add_child_pid(am_parent, pid);
587 }
588
589 *ppid = pid_to_procid(pid);
590 return true;
591 }
592
593 close(up_pipe[0]);
594
595 status = smbd_reinit_after_fork(msg, ev, true, "cleanupd");
596 if (!NT_STATUS_IS_OK(status)) {
597 DBG_WARNING("reinit_after_fork failed: %s\n",
598 nt_errstr(status));
599 c = 1;
600 sys_write(up_pipe[1], &c, 1);
601
602 exit(1);
603 }
604
605 req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
606 if (req == NULL) {
607 DBG_WARNING("smbd_cleanupd_send failed\n");
608 c = 2;
609 sys_write(up_pipe[1], &c, 1);
610
611 exit(1);
612 }
613
614 tevent_req_set_callback(req, cleanupd_stopped, msg);
615
616 c = 0;
617 rwret = sys_write(up_pipe[1], &c, 1);
618 close(up_pipe[1]);
619
620 if (rwret == -1) {
621 DBG_WARNING("sys_write failed: %s\n", strerror(errno));
622 exit(1);
623 }
624 if (rwret != 1) {
625 DBG_WARNING("sys_write could not write result\n");
626 exit(1);
627 }
628
629 ok = tevent_req_poll(req, ev);
630 if (!ok) {
631 DBG_WARNING("tevent_req_poll returned %s\n", strerror(errno));
632 }
633 exit(0);
634 }
635
636 static void cleanupd_stopped(struct tevent_req *req)
637 {
638 NTSTATUS status;
639
640 status = smbd_cleanupd_recv(req);
641 DBG_WARNING("cleanupd stopped: %s\n", nt_errstr(status));
642 }
643
644 static void cleanupd_init_trigger(struct tevent_req *req);
645
646 struct cleanup_init_state {
647 bool ok;
648 struct tevent_context *ev;
649 struct messaging_context *msg;
650 struct server_id *ppid;
651 };
652
653 static struct tevent_req *cleanupd_init_send(struct tevent_context *ev,
654 TALLOC_CTX *mem_ctx,
655 struct messaging_context *msg,
656 struct server_id *ppid)
657 {
658 struct tevent_req *req = NULL;
659 struct tevent_req *subreq = NULL;
660 struct cleanup_init_state *state = NULL;
661
662 req = tevent_req_create(mem_ctx, &state, struct cleanup_init_state);
663 if (req == NULL) {
664 return NULL;
665 }
666
667 *state = (struct cleanup_init_state) {
668 .msg = msg,
669 .ev = ev,
670 .ppid = ppid
671 };
672
673 subreq = tevent_wakeup_send(state, ev, tevent_timeval_current_ofs(0, 0));
674 if (tevent_req_nomem(subreq, req)) {
675 return tevent_req_post(req, ev);
676 }
677
678 tevent_req_set_callback(subreq, cleanupd_init_trigger, req);
679 return req;
680 }
681
682 static void cleanupd_init_trigger(struct tevent_req *subreq)
683 {
684 struct tevent_req *req = tevent_req_callback_data(
685 subreq, struct tevent_req);
686 struct cleanup_init_state *state = tevent_req_data(
687 req, struct cleanup_init_state);
688 bool ok;
689
690 DBG_NOTICE("Triggering cleanupd startup\n");
691
692 ok = tevent_wakeup_recv(subreq);
693 TALLOC_FREE(subreq);
694 if (!ok) {
695 tevent_req_error(req, ENOMEM);
696 return;
697 }
698
699 state->ok = cleanupd_init(state->msg, false, state->ppid);
700 if (state->ok) {
701 DBG_WARNING("cleanupd restarted\n");
702 tevent_req_done(req);
703 return;
704 }
705
706 DBG_NOTICE("cleanupd startup failed, rescheduling\n");
707
708 subreq = tevent_wakeup_send(state, state->ev,
709 tevent_timeval_current_ofs(1, 0));
710 if (tevent_req_nomem(subreq, req)) {
711 DBG_ERR("scheduling cleanupd restart failed, giving up\n");
712 return;
713 }
714
715 tevent_req_set_callback(subreq, cleanupd_init_trigger, req);
716 return;
717 }
718
719 static bool cleanupd_init_recv(struct tevent_req *req)
720 {
721 struct cleanup_init_state *state = tevent_req_data(
722 req, struct cleanup_init_state);
723
724 return state->ok;
725 }
726
727 /*
728 at most every smbd:cleanuptime seconds (default 20), we scan the BRL
729 and locking database for entries to cleanup. As a side effect this
730 also cleans up dead entries in the connections database (due to the
731 traversal in message_send_all()
732
733 Using a timer for this prevents a flood of traversals when a large
734 number of clients disconnect at the same time (perhaps due to a
735 network outage).
736 */
737
738 static void cleanup_timeout_fn(struct tevent_context *event_ctx,
739 struct tevent_timer *te,
740 struct timeval now,
741 void *private_data)
742 {
743 struct smbd_parent_context *parent =
744 talloc_get_type_abort(private_data,
745 struct smbd_parent_context);
746
747 parent->cleanup_te = NULL;
748
749 messaging_send_buf(parent->msg_ctx, parent->cleanupd,
750 MSG_SMB_UNLOCK, NULL, 0);
751 }
752
753 static void cleanupd_started(struct tevent_req *req)
754 {
755 bool ok;
756 NTSTATUS status;
757 struct smbd_parent_context *parent = tevent_req_callback_data(
758 req, struct smbd_parent_context);
759
760 ok = cleanupd_init_recv(req);
761 TALLOC_FREE(req);
762 if (!ok) {
763 DBG_ERR("Failed to restart cleanupd, giving up\n");
764 return;
765 }
766
767 status = messaging_send(parent->msg_ctx,
768 parent->cleanupd,
769 MSG_SMB_NOTIFY_CLEANUP,
770 &data_blob_null);
771 if (!NT_STATUS_IS_OK(status)) {
772 DBG_ERR("messaging_send returned %s\n",
773 nt_errstr(status));
774 }
775 }
776
777 static void remove_child_pid(struct smbd_parent_context *parent,
778 pid_t pid,
779 bool unclean_shutdown)
780 {
781 struct smbd_child_pid *child;
782 NTSTATUS status;
783 bool ok;
784
785 for (child = parent->children; child != NULL; child = child->next) {
786 if (child->pid == pid) {
787 struct smbd_child_pid *tmp = child;
788 DLIST_REMOVE(parent->children, child);
789 TALLOC_FREE(tmp);
790 parent->num_children -= 1;
791 break;
792 }
793 }
794
795 if (child == NULL) {
796 /* not all forked child processes are added to the children list */
797 DEBUG(2, ("Could not find child %d -- ignoring\n", (int)pid));
798 return;
799 }
800
801 if (pid == procid_to_pid(&parent->cleanupd)) {
802 struct tevent_req *req;
803
804 server_id_set_disconnected(&parent->cleanupd);
805
806 DBG_WARNING("Restarting cleanupd\n");
807 req = cleanupd_init_send(messaging_tevent_context(parent->msg_ctx),
808 parent,
809 parent->msg_ctx,
810 &parent->cleanupd);
811 if (req == NULL) {
812 DBG_ERR("Failed to restart cleanupd\n");
813 return;
814 }
815 tevent_req_set_callback(req, cleanupd_started, parent);
816 return;
817 }
818
819 if (pid == procid_to_pid(&parent->notifyd)) {
820 struct tevent_req *req;
821 struct tevent_context *ev = messaging_tevent_context(
822 parent->msg_ctx);
823
824 server_id_set_disconnected(&parent->notifyd);
825
826 DBG_WARNING("Restarting notifyd\n");
827 req = notifyd_init_send(ev,
828 parent,
829 parent->msg_ctx,
830 &parent->notifyd);
831 if (req == NULL) {
832 DBG_ERR("Failed to restart notifyd\n");
833 return;
834 }
835 tevent_req_set_callback(req, notifyd_started, parent);
836 return;
837 }
838
839 ok = cleanupdb_store_child(pid, unclean_shutdown);
840 if (!ok) {
841 DBG_ERR("cleanupdb_store_child failed\n");
842 return;
843 }
844
845 if (!server_id_is_disconnected(&parent->cleanupd)) {
846 status = messaging_send(parent->msg_ctx,
847 parent->cleanupd,
848 MSG_SMB_NOTIFY_CLEANUP,
849 &data_blob_null);
850 if (!NT_STATUS_IS_OK(status)) {
851 DBG_ERR("messaging_send returned %s\n",
852 nt_errstr(status));
853 }
854 }
855
856 if (unclean_shutdown) {
857 /* a child terminated uncleanly so tickle all
858 processes to see if they can grab any of the
859 pending locks
860 */
861 DEBUG(3,(__location__ " Unclean shutdown of pid %u\n",
862 (unsigned int)pid));
863 if (parent->cleanup_te == NULL) {
864 /* call the cleanup timer, but not too often */
865 int cleanup_time = lp_parm_int(-1, "smbd", "cleanuptime", 20);
866 parent->cleanup_te = tevent_add_timer(parent->ev_ctx,
867 parent,
868 timeval_current_ofs(cleanup_time, 0),
869 cleanup_timeout_fn,
870 parent);
871 DEBUG(1,("Scheduled cleanup of brl and lock database after unclean shutdown\n"));
872 }
873 }
874 }
875
876 /****************************************************************************
877 Have we reached the process limit ?
878 ****************************************************************************/
879
880 static bool allowable_number_of_smbd_processes(struct smbd_parent_context *parent)
881 {
882 int max_processes = lp_max_smbd_processes();
883
884 if (!max_processes)
885 return True;
886
887 return parent->num_children < max_processes;
888 }
889
890 static void smbd_sig_chld_handler(struct tevent_context *ev,
891 struct tevent_signal *se,
892 int signum,
893 int count,
894 void *siginfo,
895 void *private_data)
896 {
897 pid_t pid;
898 int status;
899 struct smbd_parent_context *parent =
900 talloc_get_type_abort(private_data,
901 struct smbd_parent_context);
902
903 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
904 bool unclean_shutdown = False;
905
906 /* If the child terminated normally, assume
907 it was an unclean shutdown unless the
908 status is 0
909 */
910 if (WIFEXITED(status)) {
911 unclean_shutdown = WEXITSTATUS(status);
912 }
913 /* If the child terminated due to a signal
914 we always assume it was unclean.
915 */
916 if (WIFSIGNALED(status)) {
917 unclean_shutdown = True;
918 }
919 remove_child_pid(parent, pid, unclean_shutdown);
920 }
921 }
922
923 static void smbd_setup_sig_chld_handler(struct smbd_parent_context *parent)
924 {
925 struct tevent_signal *se;
926
927 se = tevent_add_signal(parent->ev_ctx,
928 parent, /* mem_ctx */
929 SIGCHLD, 0,
930 smbd_sig_chld_handler,
931 parent);
932 if (!se) {
933 exit_server("failed to setup SIGCHLD handler");
934 }
935 }
936
937 static void smbd_open_socket_close_fn(struct tevent_context *ev,
938 struct tevent_fd *fde,
939 int fd,
940 void *private_data)
941 {
942 /* this might be the socket_wrapper swrap_close() */
943 close(fd);
944 }
945
946 static void smbd_accept_connection(struct tevent_context *ev,
947 struct tevent_fd *fde,
948 uint16_t flags,
949 void *private_data)
950 {
951 struct smbd_open_socket *s = talloc_get_type_abort(private_data,
952 struct smbd_open_socket);
953 struct messaging_context *msg_ctx = s->parent->msg_ctx;
954 struct sockaddr_storage addr;
955 socklen_t in_addrlen = sizeof(addr);
956 int fd;
957 pid_t pid = 0;
958
959 fd = accept(s->fd, (struct sockaddr *)(void *)&addr,&in_addrlen);
960 if (fd == -1 && errno == EINTR)
961 return;
962
963 if (fd == -1) {
964 DEBUG(0,("accept: %s\n",
965 strerror(errno)));
966 return;
967 }
968
969 if (s->parent->interactive) {
970 reinit_after_fork(msg_ctx, ev, true, NULL);
971 smbd_process(ev, msg_ctx, fd, true);
972 exit_server_cleanly("end of interactive mode");
973 return;
974 }
975
976 if (!allowable_number_of_smbd_processes(s->parent)) {
977 close(fd);
978 return;
979 }
980
981 pid = fork();
982 if (pid == 0) {
983 NTSTATUS status = NT_STATUS_OK;
984
985 /*
986 * Can't use TALLOC_FREE here. Nulling out the argument to it
987 * would overwrite memory we've just freed.
988 */
989 talloc_free(s->parent);
990 s = NULL;
991
992 /* Stop zombies, the parent explicitly handles
993 * them, counting worker smbds. */
994 CatchChild();
995
996 status = smbd_reinit_after_fork(msg_ctx, ev, true, NULL);
997 if (!NT_STATUS_IS_OK(status)) {
998 if (NT_STATUS_EQUAL(status,
999 NT_STATUS_TOO_MANY_OPENED_FILES)) {
1000 DEBUG(0,("child process cannot initialize "
1001 "because too many files are open\n"));
1002 goto exit;
1003 }
1004 if (lp_clustering() &&
1005 (NT_STATUS_EQUAL(
1006 status, NT_STATUS_INTERNAL_DB_ERROR) ||
1007 NT_STATUS_EQUAL(
1008 status, NT_STATUS_CONNECTION_REFUSED))) {
1009 DEBUG(1, ("child process cannot initialize "
1010 "because connection to CTDB "
1011 "has failed: %s\n",
1012 nt_errstr(status)));
1013 goto exit;
1014 }
1015
1016 DEBUG(0,("reinit_after_fork() failed\n"));
1017 smb_panic("reinit_after_fork() failed");
1018 }
1019
1020 smbd_process(ev, msg_ctx, fd, false);
1021 exit:
1022 exit_server_cleanly("end of child");
1023 return;
1024 }
1025
1026 if (pid < 0) {
1027 DEBUG(0,("smbd_accept_connection: fork() failed: %s\n",
1028 strerror(errno)));
1029 }
1030
1031 /* The parent doesn't need this socket */
1032 close(fd);
1033
1034 /* Sun May 6 18:56:14 2001 ackley@cs.unm.edu:
1035 Clear the closed fd info out of server_fd --
1036 and more importantly, out of client_fd in
1037 util_sock.c, to avoid a possible
1038 getpeername failure if we reopen the logs
1039 and use %I in the filename.
1040 */
1041
1042 if (pid != 0) {
1043 add_child_pid(s->parent, pid);
1044 }
1045
1046 /* Force parent to check log size after
1047 * spawning child. Fix from
1048 * klausr@ITAP.Physik.Uni-Stuttgart.De. The
1049 * parent smbd will log to logserver.smb. It
1050 * writes only two messages for each child
1051 * started/finished. But each child writes,
1052 * say, 50 messages also in logserver.smb,
1053 * begining with the debug_count of the
1054 * parent, before the child opens its own log
1055 * file logserver.client. In a worst case
1056 * scenario the size of logserver.smb would be
1057 * checked after about 50*50=2500 messages
1058 * (ca. 100kb).
1059 * */
1060 force_check_log_size();
1061 }
1062
1063 static bool smbd_open_one_socket(struct smbd_parent_context *parent,
1064 struct tevent_context *ev_ctx,
1065 const struct sockaddr_storage *ifss,
1066 uint16_t port)
1067 {
1068 struct smbd_open_socket *s;
1069
1070 s = talloc(parent, struct smbd_open_socket);
1071 if (!s) {
1072 return false;
1073 }
1074
1075 s->parent = parent;
1076 s->fd = open_socket_in(SOCK_STREAM,
1077 port,
1078 parent->sockets == NULL ? 0 : 2,
1079 ifss,
1080 true);
1081 if (s->fd == -1) {
1082 DEBUG(0,("smbd_open_one_socket: open_socket_in: "
1083 "%s\n", strerror(errno)));
1084 TALLOC_FREE(s);
1085 /*
1086 * We ignore an error here, as we've done before
1087 */
1088 return true;
1089 }
1090
1091 /* ready to listen */
1092 set_socket_options(s->fd, "SO_KEEPALIVE");
1093 set_socket_options(s->fd, lp_socket_options());
1094
1095 /* Set server socket to
1096 * non-blocking for the accept. */
1097 set_blocking(s->fd, False);
1098
1099 if (listen(s->fd, SMBD_LISTEN_BACKLOG) == -1) {
1100 DEBUG(0,("smbd_open_one_socket: listen: "
1101 "%s\n", strerror(errno)));
1102 close(s->fd);
1103 TALLOC_FREE(s);
1104 return false;
1105 }
1106
1107 s->fde = tevent_add_fd(ev_ctx,
1108 s,
1109 s->fd, TEVENT_FD_READ,
1110 smbd_accept_connection,
1111 s);
1112 if (!s->fde) {
1113 DEBUG(0,("smbd_open_one_socket: "
1114 "tevent_add_fd: %s\n",
1115 strerror(errno)));
1116 close(s->fd);
1117 TALLOC_FREE(s);
1118 return false;
1119 }
1120 tevent_fd_set_close_fn(s->fde, smbd_open_socket_close_fn);
1121
1122 DLIST_ADD_END(parent->sockets, s);
1123
1124 return true;
1125 }
1126
1127 /****************************************************************************
1128 Open the socket communication.
1129 ****************************************************************************/
1130
1131 static bool open_sockets_smbd(struct smbd_parent_context *parent,
1132 struct tevent_context *ev_ctx,
1133 struct messaging_context *msg_ctx,
1134 const char *smb_ports)
1135 {
1136 int num_interfaces = iface_count();
1137 int i,j;
1138 const char **ports;
1139 unsigned dns_port = 0;
1140
1141 #ifdef HAVE_ATEXIT
1142 atexit(killkids);
1143 #endif
1144
1145 /* Stop zombies */
1146 smbd_setup_sig_chld_handler(parent);
1147
1148 ports = lp_smb_ports();
1149
1150 /* use a reasonable default set of ports - listing on 445 and 139 */
1151 if (smb_ports) {
1152 char **l;
1153 l = str_list_make_v3(talloc_tos(), smb_ports, NULL);
1154 ports = discard_const_p(const char *, l);
1155 }
1156
1157 for (j = 0; ports && ports[j]; j++) {
1158 unsigned port = atoi(ports[j]);
1159
1160 if (port == 0 || port > 0xffff) {
1161 exit_server_cleanly("Invalid port in the config or on "
1162 "the commandline specified!");
1163 }
1164 }
1165
1166 if (lp_interfaces() && lp_bind_interfaces_only()) {
1167 /* We have been given an interfaces line, and been
1168 told to only bind to those interfaces. Create a
1169 socket per interface and bind to only these.
1170 */
1171
1172 /* Now open a listen socket for each of the
1173 interfaces. */
1174 for(i = 0; i < num_interfaces; i++) {
1175 const struct sockaddr_storage *ifss =
1176 iface_n_sockaddr_storage(i);
1177 if (ifss == NULL) {
1178 DEBUG(0,("open_sockets_smbd: "
1179 "interface %d has NULL IP address !\n",
1180 i));
1181 continue;
1182 }
1183
1184 for (j = 0; ports && ports[j]; j++) {
1185 unsigned port = atoi(ports[j]);
1186
1187 /* Keep the first port for mDNS service
1188 * registration.
1189 */
1190 if (dns_port == 0) {
1191 dns_port = port;
1192 }
1193
1194 if (!smbd_open_one_socket(parent,
1195 ev_ctx,
1196 ifss,
1197 port)) {
1198 return false;
1199 }
1200 }
1201 }
1202 } else {
1203 /* Just bind to 0.0.0.0 - accept connections
1204 from anywhere. */
1205
1206 const char *sock_addr;
1207 char *sock_tok;
1208 const char *sock_ptr;
1209
1210 #if HAVE_IPV6
1211 sock_addr = "::,0.0.0.0";
1212 #else
1213 sock_addr = "0.0.0.0";
1214 #endif
1215
1216 for (sock_ptr=sock_addr;
1217 next_token_talloc(talloc_tos(), &sock_ptr, &sock_tok, " \t,"); ) {
1218 for (j = 0; ports && ports[j]; j++) {
1219 struct sockaddr_storage ss;
1220 unsigned port = atoi(ports[j]);
1221
1222 /* Keep the first port for mDNS service
1223 * registration.
1224 */
1225 if (dns_port == 0) {
1226 dns_port = port;
1227 }
1228
1229 /* open an incoming socket */
1230 if (!interpret_string_addr(&ss, sock_tok,
1231 AI_NUMERICHOST|AI_PASSIVE)) {
1232 continue;
1233 }
1234
1235 /*
1236 * If we fail to open any sockets
1237 * in this loop the parent-sockets == NULL
1238 * case below will prevent us from starting.
1239 */
1240
1241 (void)smbd_open_one_socket(parent,
1242 ev_ctx,
1243 &ss,
1244 port);
1245 }
1246 }
1247 }
1248
1249 if (parent->sockets == NULL) {
1250 DEBUG(0,("open_sockets_smbd: No "
1251 "sockets available to bind to.\n"));
1252 return false;
1253 }
1254
1255 /* Setup the main smbd so that we can get messages. Note that
1256 do this after starting listening. This is needed as when in
1257 clustered mode, ctdb won't allow us to start doing database
1258 operations until it has gone thru a full startup, which
1259 includes checking to see that smbd is listening. */
1260
1261 if (!serverid_register(messaging_server_id(msg_ctx),
1262 FLAG_MSG_GENERAL|FLAG_MSG_SMBD
1263 |FLAG_MSG_PRINT_GENERAL
1264 |FLAG_MSG_DBWRAP)) {
1265 DEBUG(0, ("open_sockets_smbd: Failed to register "
1266 "myself in serverid.tdb\n"));
1267 return false;
1268 }
1269
1270 /* Listen to messages */
1271
1272 messaging_register(msg_ctx, NULL, MSG_SHUTDOWN, msg_exit_server);
1273 messaging_register(msg_ctx, ev_ctx, MSG_SMB_CONF_UPDATED,
1274 smbd_parent_conf_updated);
1275 messaging_register(msg_ctx, NULL, MSG_SMB_STAT_CACHE_DELETE,
1276 smb_stat_cache_delete);
1277 messaging_register(msg_ctx, NULL, MSG_DEBUG, smbd_msg_debug);
1278 messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS,
1279 smb_parent_send_to_children);
1280 messaging_register(msg_ctx, NULL, MSG_SMB_KILL_CLIENT_IP,
1281 smb_parent_send_to_children);
1282 messaging_register(msg_ctx, NULL, MSG_SMB_TELL_NUM_CHILDREN,
1283 smb_tell_num_children);
1284
1285 messaging_register(msg_ctx, NULL,
1286 ID_CACHE_DELETE, smbd_parent_id_cache_delete);
1287 messaging_register(msg_ctx, NULL,
1288 ID_CACHE_KILL, smbd_parent_id_cache_kill);
1289 messaging_register(msg_ctx, NULL, MSG_SMB_NOTIFY_STARTED,
1290 smb_parent_send_to_children);
1291
1292 #ifdef CLUSTER_SUPPORT
1293 if (lp_clustering()) {
1294 struct ctdbd_connection *conn = messaging_ctdbd_connection();
1295
1296 register_with_ctdbd(conn, CTDB_SRVID_RECONFIGURE,
1297 smbd_parent_ctdb_reconfigured, msg_ctx);
1298 register_with_ctdbd(conn, CTDB_SRVID_SAMBA_NOTIFY,
1299 smbd_parent_ctdb_reconfigured, msg_ctx);
1300 }
1301 #endif
1302
1303 #ifdef DEVELOPER
1304 messaging_register(msg_ctx, NULL, MSG_SMB_INJECT_FAULT,
1305 msg_inject_fault);
1306 #endif
1307
1308 if (lp_multicast_dns_register() && (dns_port != 0)) {
1309 #ifdef WITH_DNSSD_SUPPORT
1310 smbd_setup_mdns_registration(ev_ctx,
1311 parent, dns_port);
1312 #endif
1313 #ifdef WITH_AVAHI_SUPPORT
1314 void *avahi_conn;
1315
1316 avahi_conn = avahi_start_register(ev_ctx,
1317 ev_ctx,
1318 dns_port);
1319 if (avahi_conn == NULL) {
1320 DEBUG(10, ("avahi_start_register failed\n"));
1321 }
1322 #endif
1323 }
1324
1325 return true;
1326 }
1327
1328
1329 /*
1330 handle stdin becoming readable when we are in --foreground mode
1331 */
1332 static void smbd_stdin_handler(struct tevent_context *ev,
1333 struct tevent_fd *fde,
1334 uint16_t flags,
1335 void *private_data)
1336 {
1337 char c;
1338 if (read(0, &c, 1) != 1) {
1339 /* we have reached EOF on stdin, which means the
1340 parent has exited. Shutdown the server */
1341 exit_server_cleanly("EOF on stdin");
1342 }
1343 }
1344
1345 struct smbd_parent_tevent_trace_state {
1346 TALLOC_CTX *frame;
1347 };
1348
1349 static void smbd_parent_tevent_trace_callback(enum tevent_trace_point point,
1350 void *private_data)
1351 {
1352 struct smbd_parent_tevent_trace_state *state =
1353 (struct smbd_parent_tevent_trace_state *)private_data;
1354
1355 switch (point) {
1356 case TEVENT_TRACE_BEFORE_WAIT:
1357 break;
1358 case TEVENT_TRACE_AFTER_WAIT:
1359 break;
1360 case TEVENT_TRACE_BEFORE_LOOP_ONCE:
1361 TALLOC_FREE(state->frame);
1362 state->frame = talloc_stackframe();
1363 break;
1364 case TEVENT_TRACE_AFTER_LOOP_ONCE:
1365 TALLOC_FREE(state->frame);
1366 break;
1367 }
1368
1369 errno = 0;
1370 }
1371
1372 static void smbd_parent_loop(struct tevent_context *ev_ctx,
1373 struct smbd_parent_context *parent)
1374 {
1375 struct smbd_parent_tevent_trace_state trace_state = {
1376 .frame = NULL,
1377 };
1378 int ret = 0;
1379
1380 tevent_set_trace_callback(ev_ctx, smbd_parent_tevent_trace_callback,
1381 &trace_state);
1382
1383 /* now accept incoming connections - forking a new process
1384 for each incoming connection */
1385 DEBUG(2,("waiting for connections\n"));
1386
1387 ret = tevent_loop_wait(ev_ctx);
1388 if (ret != 0) {
1389 DEBUG(0, ("tevent_loop_wait failed: %d, %s, exiting\n",
1390 ret, strerror(errno)));
1391 }
1392
1393 TALLOC_FREE(trace_state.frame);
1394
1395 /* NOTREACHED return True; */
1396 }
1397
1398
1399 /****************************************************************************
1400 Initialise connect, service and file structs.
1401 ****************************************************************************/
1402
1403 static bool init_structs(void )
1404 {
1405 /*
1406 * Set the machine NETBIOS name if not already
1407 * set from the config file.
1408 */
1409
1410 if (!init_names())
1411 return False;
1412
1413 if (!secrets_init())
1414 return False;
1415
1416 return True;
1417 }
1418
1419 static void smbd_parent_sig_term_handler(struct tevent_context *ev,
1420 struct tevent_signal *se,
1421 int signum,
1422 int count,
1423 void *siginfo,
1424 void *private_data)
1425 {
1426 exit_server_cleanly("termination signal");
1427 }
1428
1429 static void smbd_parent_sig_hup_handler(struct tevent_context *ev,
1430 struct tevent_signal *se,
1431 int signum,
1432 int count,
1433 void *siginfo,
1434 void *private_data)
1435 {
1436 struct smbd_parent_context *parent =
1437 talloc_get_type_abort(private_data,
1438 struct smbd_parent_context);
1439
1440 change_to_root_user();
1441 DEBUG(1,("parent: Reloading services after SIGHUP\n"));
1442 reload_services(NULL, NULL, false);
1443
1444 printing_subsystem_update(parent->ev_ctx, parent->msg_ctx, true);
1445 }
1446
1447 struct smbd_claim_version_state {
1448 TALLOC_CTX *mem_ctx;
1449 char *version;
1450 };
1451
1452 static void smbd_claim_version_parser(const struct g_lock_rec *locks,
1453 size_t num_locks,
1454 const uint8_t *data,
1455 size_t datalen,
1456 void *private_data)
1457 {
1458 struct smbd_claim_version_state *state = private_data;
1459
1460 if (datalen == 0) {
1461 state->version = NULL;
1462 return;
1463 }
1464 if (data[datalen-1] != '\0') {
1465 DBG_WARNING("Invalid samba version\n");
1466 dump_data(DBGLVL_WARNING, data, datalen);
1467 state->version = NULL;
1468 return;
1469 }
1470 state->version = talloc_strdup(state->mem_ctx, (const char *)data);
1471 }
1472
1473 static NTSTATUS smbd_claim_version(struct messaging_context *msg,
1474 const char *version)
1475 {
1476 const char *name = "samba_version_string";
1477 struct smbd_claim_version_state state;
1478 struct g_lock_ctx *ctx;
1479 NTSTATUS status;
1480
1481 ctx = g_lock_ctx_init(msg, msg);
1482 if (ctx == NULL) {
1483 DBG_WARNING("g_lock_ctx_init failed\n");
1484 return NT_STATUS_UNSUCCESSFUL;
1485 }
1486
1487 status = g_lock_lock(ctx, name, G_LOCK_READ,
1488 (struct timeval) { .tv_sec = 60 });
1489 if (!NT_STATUS_IS_OK(status)) {
1490 DBG_WARNING("g_lock_lock(G_LOCK_READ) failed: %s\n",
1491 nt_errstr(status));
1492 TALLOC_FREE(ctx);
1493 return status;
1494 }
1495
1496 state = (struct smbd_claim_version_state) { .mem_ctx = ctx };
1497
1498 status = g_lock_dump(ctx, name, smbd_claim_version_parser, &state);
1499 if (!NT_STATUS_IS_OK(status) &&
1500 !NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
1501 DBG_ERR("Could not read samba_version_string\n");
1502 g_lock_unlock(ctx, name);
1503 TALLOC_FREE(ctx);
1504 return status;
1505 }
1506
1507 if ((state.version != NULL) && (strcmp(version, state.version) == 0)) {
1508 /*
1509 * Leave the read lock for us around. Someone else already
1510 * set the version correctly
1511 */
1512 TALLOC_FREE(ctx);
1513 return NT_STATUS_OK;
1514 }
1515
1516 status = g_lock_lock(ctx, name, G_LOCK_WRITE,
1517 (struct timeval) { .tv_sec = 60 });
1518 if (!NT_STATUS_IS_OK(status)) {
1519 DBG_WARNING("g_lock_lock(G_LOCK_WRITE) failed: %s\n",
1520 nt_errstr(status));
1521 DBG_ERR("smbd %s already running, refusing to start "
1522 "version %s\n", state.version, version);
1523 TALLOC_FREE(ctx);
1524 return NT_STATUS_SXS_VERSION_CONFLICT;
1525 }
1526
1527 status = g_lock_write_data(ctx, name, (const uint8_t *)version,
1528 strlen(version)+1);
1529 if (!NT_STATUS_IS_OK(status)) {
1530 DBG_WARNING("g_lock_write_data failed: %s\n",
1531 nt_errstr(status));
1532 TALLOC_FREE(ctx);
1533 return status;
1534 }
1535
1536 status = g_lock_lock(ctx, name, G_LOCK_READ,
1537 (struct timeval) { .tv_sec = 60 });
1538 if (!NT_STATUS_IS_OK(status)) {
1539 DBG_WARNING("g_lock_lock(G_LOCK_READ) failed: %s\n",
1540 nt_errstr(status));
1541 TALLOC_FREE(ctx);
1542 return status;
1543 }
1544
1545 /*
1546 * Leave "ctx" dangling so that g_lock.tdb keeps opened.
1547 */
1548 return NT_STATUS_OK;
1549 }
1550
1551 /****************************************************************************
1552 main program.
1553 ****************************************************************************/
1554
1555 /* Declare prototype for build_options() to avoid having to run it through
1556 mkproto.h. Mixing $(builddir) and $(srcdir) source files in the current
1557 prototype generation system is too complicated. */
1558
1559 extern void build_options(bool screen);
1560
1561 int main(int argc,const char *argv[])
1562 {
1563 /* shall I run as a daemon */
1564 bool is_daemon = false;
1565 bool interactive = false;
1566 bool Fork = true;
1567 bool no_process_group = false;
1568 bool log_stdout = false;
1569 char *ports = NULL;
1570 char *profile_level = NULL;
1571 int opt;
1572 poptContext pc;
1573 bool print_build_options = False;
1574 struct server_id main_server_id = {0};
1575 enum {
1576 OPT_DAEMON = 1000,
1577 OPT_INTERACTIVE,
1578 OPT_FORK,
1579 OPT_NO_PROCESS_GROUP,
1580 OPT_LOG_STDOUT
1581 };
1582 struct poptOption long_options[] = {
1583 POPT_AUTOHELP
1584 {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" },
1585 {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"},
1586 {"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" },
1587 {"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
1588 {"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
1589 {"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" },
1590 {"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"},
1591 {"profiling-level", 'P', POPT_ARG_STRING, &profile_level, 0, "Set profiling level","PROFILE_LEVEL"},
1592 POPT_COMMON_SAMBA
1593 POPT_TABLEEND
1594 };
1595 struct smbd_parent_context *parent = NULL;
1596 TALLOC_CTX *frame;
1597 NTSTATUS status;
1598 struct tevent_context *ev_ctx;
1599 struct messaging_context *msg_ctx;
1600 struct server_id server_id;
1601 struct tevent_signal *se;
1602 int profiling_level;
1603 char *np_dir = NULL;
1604 static const struct smbd_shim smbd_shim_fns =
1605 {
1606 .cancel_pending_lock_requests_by_fid = smbd_cancel_pending_lock_requests_by_fid,
1607 .send_stat_cache_delete_message = smbd_send_stat_cache_delete_message,
1608 .change_to_root_user = smbd_change_to_root_user,
1609 .become_authenticated_pipe_user = smbd_become_authenticated_pipe_user,
1610 .unbecome_authenticated_pipe_user = smbd_unbecome_authenticated_pipe_user,
1611
1612 .contend_level2_oplocks_begin = smbd_contend_level2_oplocks_begin,
1613 .contend_level2_oplocks_end = smbd_contend_level2_oplocks_end,
1614
1615 .become_root = smbd_become_root,
1616 .unbecome_root = smbd_unbecome_root,
1617
1618 .exit_server = smbd_exit_server,
1619 .exit_server_cleanly = smbd_exit_server_cleanly,
1620 };
1621
1622 /*
1623 * Do this before any other talloc operation
1624 */
1625 talloc_enable_null_tracking();
1626 frame = talloc_stackframe();
1627
1628 setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
1629
1630 smb_init_locale();
1631
1632 set_smbd_shim(&smbd_shim_fns);
1633
1634 smbd_init_globals();
1635
1636 TimeInit();
1637
1638 #ifdef HAVE_SET_AUTH_PARAMETERS
1639 set_auth_parameters(argc,argv);
1640 #endif
1641
1642 pc = poptGetContext("smbd", argc, argv, long_options, 0);
1643 while((opt = poptGetNextOpt(pc)) != -1) {
1644 switch (opt) {
1645 case OPT_DAEMON:
1646 is_daemon = true;
1647 break;
1648 case OPT_INTERACTIVE:
1649 interactive = true;
1650 break;
1651 case OPT_FORK:
1652 Fork = false;
1653 break;
1654 case OPT_NO_PROCESS_GROUP:
1655 no_process_group = true;
1656 break;
1657 case OPT_LOG_STDOUT:
1658 log_stdout = true;
1659 break;
1660 case 'b':
1661 print_build_options = True;
1662 break;
1663 default:
1664 d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
1665 poptBadOption(pc, 0), poptStrerror(opt));
1666 poptPrintUsage(pc, stderr, 0);
1667 exit(1);
1668 }
1669 }
1670 poptFreeContext(pc);
1671
1672 if (interactive) {
1673 Fork = False;
1674 log_stdout = True;
1675 }
1676
1677 if (log_stdout) {
1678 setup_logging(argv[0], DEBUG_STDOUT);
1679 } else {
1680 setup_logging(argv[0], DEBUG_FILE);
1681 }
1682
1683 if (print_build_options) {
1684 build_options(True); /* Display output to screen as well as debug */
1685 exit(0);
1686 }
1687
1688 #ifdef HAVE_SETLUID
1689 /* needed for SecureWare on SCO */
1690 setluid(0);
1691 #endif
1692
1693 set_remote_machine_name("smbd", False);
1694
1695 if (interactive && (DEBUGLEVEL >= 9)) {
1696 talloc_enable_leak_report();
1697 }
1698
1699 if (log_stdout && Fork) {
1700 DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
1701 exit(1);
1702 }
1703
1704 /*
1705 * We want to die early if we can't open /dev/urandom
1706 */
1707 generate_random_buffer(NULL, 0);
1708
1709 /* get initial effective uid and gid */
1710 sec_init();
1711
1712 /* make absolutely sure we run as root - to handle cases where people
1713 are crazy enough to have it setuid */
1714 gain_root_privilege();
1715 gain_root_group_privilege();
1716
1717 fault_setup();
1718 dump_core_setup("smbd", lp_logfile(talloc_tos()));
1719
1720 /* we are never interested in SIGPIPE */
1721 BlockSignals(True,SIGPIPE);
1722
1723 #if defined(SIGFPE)
1724 /* we are never interested in SIGFPE */
1725 BlockSignals(True,SIGFPE);
1726 #endif
1727
1728 #if defined(SIGUSR2)
1729 /* We are no longer interested in USR2 */
1730 BlockSignals(True,SIGUSR2);
1731 #endif
1732
1733 /* POSIX demands that signals are inherited. If the invoking process has
1734 * these signals masked, we will have problems, as we won't recieve them. */
1735 BlockSignals(False, SIGHUP);
1736 BlockSignals(False, SIGUSR1);
1737 BlockSignals(False, SIGTERM);
1738
1739 /* Ensure we leave no zombies until we
1740 * correctly set up child handling below. */
1741
1742 CatchChild();
1743
1744 /* we want total control over the permissions on created files,
1745 so set our umask to 0 */
1746 umask(0);
1747
1748 reopen_logs();
1749
1750 DEBUG(0,("smbd version %s started.\n", samba_version_string()));
1751 DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
1752
1753 DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
1754 (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
1755
1756 /* Output the build options to the debug log */
1757 build_options(False);
1758
1759 if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4) {
1760 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
1761 exit(1);
1762 }
1763
1764 if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
1765 DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
1766 exit(1);
1767 }
1768
1769 if (!cluster_probe_ok()) {
1770 exit(1);
1771 }
1772
1773 /* Init the security context and global current_user */
1774 init_sec_ctx();
1775
1776 /*
1777 * Initialize the event context. The event context needs to be
1778 * initialized before the messaging context, cause the messaging
1779 * context holds an event context.
1780 */
1781 ev_ctx = server_event_context();
1782 if (ev_ctx == NULL) {
1783 exit(1);
1784 }
1785
1786 /*
1787 * Init the messaging context
1788 * FIXME: This should only call messaging_init()
1789 */
1790 msg_ctx = server_messaging_context();
1791 if (msg_ctx == NULL) {
1792 exit(1);
1793 }
1794
1795 /*
1796 * Reloading of the printers will not work here as we don't have a
1797 * server info and rpc services set up. It will be called later.
1798 */
1799 if (!reload_services(NULL, NULL, false)) {
1800 exit(1);
1801 }
1802
1803 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC
1804 && !lp_parm_bool(-1, "server role check", "inhibit", false)) {
1805 DEBUG(0, ("server role = 'active directory domain controller' not compatible with running smbd standalone. \n"));
1806 DEBUGADD(0, ("You should start 'samba' instead, and it will control starting smbd if required\n"));
1807 exit(1);
1808 }
1809
1810 /* ...NOTE... Log files are working from this point! */
1811
1812 DEBUG(3,("loaded services\n"));
1813
1814 init_structs();
1815
1816 if (!profile_setup(msg_ctx, False)) {
1817 DEBUG(0,("ERROR: failed to setup profiling\n"));
1818 return -1;
1819 }
1820
1821 if (profile_level != NULL) {
1822 profiling_level = atoi(profile_level);
1823 } else {
1824 profiling_level = lp_smbd_profiling_level();
1825 }
1826 main_server_id = messaging_server_id(msg_ctx);
1827 set_profile_level(profiling_level, &main_server_id);
1828
1829 if (!is_daemon && !is_a_socket(0)) {
1830 if (!interactive) {
1831 DEBUG(3, ("Standard input is not a socket, "
1832 "assuming -D option\n"));
1833 }
1834
1835 /*
1836 * Setting is_daemon here prevents us from eventually calling
1837 * the open_sockets_inetd()
1838 */
1839
1840 is_daemon = True;
1841 }
1842
1843 if (is_daemon && !interactive) {
1844 DEBUG(3, ("Becoming a daemon.\n"));
1845 become_daemon(Fork, no_process_group, log_stdout);
1846 }
1847
1848 #if HAVE_SETPGID
1849 /*
1850 * If we're interactive we want to set our own process group for
1851 * signal management.
1852 */
1853 if (interactive && !no_process_group)
1854 setpgid( (pid_t)0, (pid_t)0);
1855 #endif
1856
1857 if (!directory_exist(lp_lock_directory()))
1858 mkdir(lp_lock_directory(), 0755);
1859
1860 if (!directory_exist(lp_pid_directory()))
1861 mkdir(lp_pid_directory(), 0755);
1862
1863 if (is_daemon)
1864 pidfile_create(lp_pid_directory(), "smbd");
1865
1866 status = reinit_after_fork(msg_ctx, ev_ctx, false, NULL);
1867 if (!NT_STATUS_IS_OK(status)) {
1868 exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status));
1869 }
1870
1871 if (!interactive) {
1872 /*
1873 * Do not initialize the parent-child-pipe before becoming a
1874 * daemon: this is used to detect a died parent in the child
1875 * process.
1876 */
1877 status = init_before_fork();
1878 if (!NT_STATUS_IS_OK(status)) {
1879 exit_daemon(nt_errstr(status), map_errno_from_nt_status(status));
1880 }
1881 }
1882
1883 parent = talloc_zero(ev_ctx, struct smbd_parent_context);
1884 if (!parent) {
1885 exit_server("talloc(struct smbd_parent_context) failed");
1886 }
1887 parent->interactive = interactive;
1888 parent->ev_ctx = ev_ctx;
1889 parent->msg_ctx = msg_ctx;
1890 am_parent = parent;
1891
1892 se = tevent_add_signal(parent->ev_ctx,
1893 parent,
1894 SIGTERM, 0,
1895 smbd_parent_sig_term_handler,
1896 parent);
1897 if (!se) {
1898 exit_server("failed to setup SIGTERM handler");
1899 }
1900 se = tevent_add_signal(parent->ev_ctx,
1901 parent,
1902 SIGHUP, 0,
1903 smbd_parent_sig_hup_handler,
1904 parent);
1905 if (!se) {
1906 exit_server("failed to setup SIGHUP handler");
1907 }
1908
1909 /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
1910
1911 if (smbd_memcache() == NULL) {
1912 exit_daemon("no memcache available", EACCES);
1913 }
1914
1915 memcache_set_global(smbd_memcache());
1916
1917 /* Initialise the password backed before the global_sam_sid
1918 to ensure that we fetch from ldap before we make a domain sid up */
1919
1920 if(!initialize_password_db(false, ev_ctx))
1921 exit(1);
1922
1923 if (!secrets_init()) {
1924 exit_daemon("smbd can not open secrets.tdb", EACCES);
1925 }
1926
1927 if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) {
1928 struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_helpers());
1929 if (!open_schannel_session_store(NULL, lp_ctx)) {
1930 exit_daemon("ERROR: Samba cannot open schannel store for secured NETLOGON operations.", EACCES);
1931 }
1932 TALLOC_FREE(lp_ctx);
1933 }
1934
1935 if(!get_global_sam_sid()) {
1936 exit_daemon("Samba cannot create a SAM SID", EACCES);
1937 }
1938
1939 server_id = messaging_server_id(msg_ctx);
1940 status = smbXsrv_version_global_init(&server_id);
1941 if (!NT_STATUS_IS_OK(status)) {
1942 exit_daemon("Samba cannot init server context", EACCES);
1943 }
1944
1945 status = smbXsrv_session_global_init(msg_ctx);
1946 if (!NT_STATUS_IS_OK(status)) {
1947 exit_daemon("Samba cannot init session context", EACCES);
1948 }
1949
1950 status = smbXsrv_tcon_global_init();
1951 if (!NT_STATUS_IS_OK(status)) {
1952 exit_daemon("Samba cannot init tcon context", EACCES);
1953 }
1954
1955 if (!locking_init())
1956 exit_daemon("Samba cannot init locking", EACCES);
1957
1958 if (!leases_db_init(false)) {
1959 exit_daemon("Samba cannot init leases", EACCES);
1960 }
1961
1962 if (!smbd_notifyd_init(msg_ctx, interactive, &parent->notifyd)) {
1963 exit_daemon("Samba cannot init notification", EACCES);
1964 }
1965
1966 if (!cleanupd_init(msg_ctx, interactive, &parent->cleanupd)) {
1967 exit_daemon("Samba cannot init the cleanupd", EACCES);
1968 }
1969
1970 if (!messaging_parent_dgm_cleanup_init(msg_ctx)) {
1971 exit(1);
1972 }
1973
1974 if (!smbd_scavenger_init(NULL, msg_ctx, ev_ctx)) {
1975 exit_daemon("Samba cannot init scavenging", EACCES);
1976 }
1977
1978 if (!serverid_parent_init(ev_ctx)) {
1979 exit_daemon("Samba cannot init server id", EACCES);
1980 }
1981
1982 if (!W_ERROR_IS_OK(registry_init_full()))
1983 exit_daemon("Samba cannot init registry", EACCES);
1984
1985 /* Open the share_info.tdb here, so we don't have to open
1986 after the fork on every single connection. This is a small
1987 performance improvment and reduces the total number of system
1988 fds used. */
1989 if (!share_info_db_init()) {
1990 exit_daemon("ERROR: failed to load share info db.", EACCES);
1991 }
1992
1993 status = init_system_session_info();
1994 if (!NT_STATUS_IS_OK(status)) {
1995 DEBUG(1, ("ERROR: failed to setup system user info: %s.\n",
1996 nt_errstr(status)));
1997 return -1;
1998 }
1999
2000 if (!init_guest_info()) {
2001 DEBUG(0,("ERROR: failed to setup guest info.\n"));
2002 return -1;
2003 }
2004
2005 if (!file_init_global()) {
2006 DEBUG(0, ("ERROR: file_init_global() failed\n"));
2007 return -1;
2008 }
2009 status = smbXsrv_open_global_init();
2010 if (!NT_STATUS_IS_OK(status)) {
2011 exit_daemon("Samba cannot init global open", map_errno_from_nt_status(status));
2012 }
2013
2014 if (lp_clustering() && !lp_allow_unsafe_cluster_upgrade()) {
2015 status = smbd_claim_version(msg_ctx, samba_version_string());
2016 if (!NT_STATUS_IS_OK(status)) {
2017 DBG_WARNING("Could not claim version: %s\n",
2018 nt_errstr(status));
2019 return -1;
2020 }
2021 }
2022
2023 /* This MUST be done before start_epmd() because otherwise
2024 * start_epmd() forks and races against dcesrv_ep_setup() to
2025 * call directory_create_or_exist() */
2026 if (!directory_create_or_exist(lp_ncalrpc_dir(), 0755)) {
2027 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
2028 lp_ncalrpc_dir(), strerror(errno)));
2029 return -1;
2030 }
2031
2032 np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
2033 if (!np_dir) {
2034 DEBUG(0, ("%s: Out of memory\n", __location__));
2035 return -1;
2036 }
2037
2038 if (!directory_create_or_exist_strict(np_dir, geteuid(), 0700)) {
2039 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
2040 np_dir, strerror(errno)));
2041 return -1;
2042 }
2043
2044 if (is_daemon && !interactive) {
2045 if (rpc_epmapper_daemon() == RPC_DAEMON_FORK) {
2046 start_epmd(ev_ctx, msg_ctx);
2047 }
2048 }
2049
2050 if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) {
2051 exit_daemon("Samba cannot setup ep pipe", EACCES);
2052 }
2053
2054 if (is_daemon && !interactive) {
2055 daemon_ready("smbd");
2056 }
2057
2058 /* only start other daemons if we are running as a daemon
2059 * -- bad things will happen if smbd is launched via inetd
2060 * and we fork a copy of ourselves here */
2061 if (is_daemon && !interactive) {
2062
2063 if (rpc_lsasd_daemon() == RPC_DAEMON_FORK) {
2064 start_lsasd(ev_ctx, msg_ctx);
2065 }
2066
2067 if (rpc_fss_daemon() == RPC_DAEMON_FORK) {
2068 start_fssd(ev_ctx, msg_ctx);
2069 }
2070
2071 if (!lp__disable_spoolss() &&
2072 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
2073 bool bgq = lp_parm_bool(-1, "smbd", "backgroundqueue", true);
2074
2075 if (!printing_subsystem_init(ev_ctx, msg_ctx, true, bgq)) {
2076 exit_daemon("Samba failed to init printing subsystem", EACCES);
2077 }
2078 }
2079
2080 #ifdef WITH_SPOTLIGHT
2081 if ((rpc_mdssvc_mode() == RPC_SERVICE_MODE_EXTERNAL) &&
2082 (rpc_mdssd_daemon() == RPC_DAEMON_FORK)) {
2083 start_mdssd(ev_ctx, msg_ctx);
2084 }
2085 #endif
2086 } else if (!lp__disable_spoolss() &&
2087 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
2088 if (!printing_subsystem_init(ev_ctx, msg_ctx, false, false)) {
2089 exit(1);
2090 }
2091 }
2092
2093 if (!is_daemon) {
2094 int sock;
2095
2096 /* inetd mode */
2097 TALLOC_FREE(frame);
2098
2099 /* Started from inetd. fd 0 is the socket. */
2100 /* We will abort gracefully when the client or remote system
2101 goes away */
2102 sock = dup(0);
2103
2104 /* close stdin, stdout (if not logging to it), but not stderr */
2105 close_low_fds(true, !debug_get_output_is_stdout(), false);
2106
2107 #ifdef HAVE_ATEXIT
2108 atexit(killkids);
2109 #endif
2110
2111 /* Stop zombies */
2112 smbd_setup_sig_chld_handler(parent);
2113
2114 smbd_process(ev_ctx, msg_ctx, sock, true);
2115
2116 exit_server_cleanly(NULL);
2117 return(0);
2118 }
2119
2120 if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports))
2121 exit_server("open_sockets_smbd() failed");
2122
2123 /* do a printer update now that all messaging has been set up,
2124 * before we allow clients to start connecting */
2125 if (!lp__disable_spoolss() &&
2126 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
2127 printing_subsystem_update(ev_ctx, msg_ctx, false);
2128 }
2129
2130 TALLOC_FREE(frame);
2131 /* make sure we always have a valid stackframe */
2132 frame = talloc_stackframe();
2133
2134 if (!Fork) {
2135 /* if we are running in the foreground then look for
2136 EOF on stdin, and exit if it happens. This allows
2137 us to die if the parent process dies
2138 Only do this on a pipe or socket, no other device.
2139 */
2140 struct stat st;
2141 if (fstat(0, &st) != 0) {
2142 return false;
2143 }
2144 if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
2145 tevent_add_fd(ev_ctx,
2146 parent,
2147 0,
2148 TEVENT_FD_READ,
2149 smbd_stdin_handler,
2150 NULL);
2151 }
2152 }
2153
2154 smbd_parent_loop(ev_ctx, parent);
2155
2156 exit_server_cleanly(NULL);
2157 TALLOC_FREE(frame);
2158 return(0);
2159 }
Samba GIT mirror