lib/param: Create a seperate server role for "active directory domain controller"
[Samba/bb.git] / source4 / smbd / server.c
blob21560f981f801ec864179c8bdb568da9d82d1877
1 /*
2 Unix SMB/CIFS implementation.
4 Main SMB server routines
6 Copyright (C) Andrew Tridgell 1992-2005
7 Copyright (C) Martin Pool 2002
8 Copyright (C) Jelmer Vernooij 2002
9 Copyright (C) James J Myers 2003 <myersjj@samba.org>
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "includes.h"
26 #include "lib/events/events.h"
27 #include "version.h"
28 #include "lib/cmdline/popt_common.h"
29 #include "system/dir.h"
30 #include "system/filesys.h"
31 #include "ntvfs/ntvfs.h"
32 #include "ntptr/ntptr.h"
33 #include "auth/gensec/gensec.h"
34 #include "libcli/auth/schannel.h"
35 #include "smbd/process_model.h"
36 #include "param/secrets.h"
37 #include "smbd/pidfile.h"
38 #include "param/param.h"
39 #include "dsdb/samdb/samdb.h"
40 #include "auth/session.h"
41 #include "lib/messaging/irpc.h"
42 #include "librpc/gen_ndr/ndr_irpc.h"
43 #include "cluster/cluster.h"
44 #include "dynconfig/dynconfig.h"
45 #include "lib/util/samba_modules.h"
48 recursively delete a directory tree
50 static void recursive_delete(const char *path)
52 DIR *dir;
53 struct dirent *de;
55 dir = opendir(path);
56 if (!dir) {
57 return;
60 for (de=readdir(dir);de;de=readdir(dir)) {
61 char *fname;
62 struct stat st;
64 if (ISDOT(de->d_name) || ISDOTDOT(de->d_name)) {
65 continue;
68 fname = talloc_asprintf(path, "%s/%s", path, de->d_name);
69 if (stat(fname, &st) != 0) {
70 continue;
72 if (S_ISDIR(st.st_mode)) {
73 recursive_delete(fname);
74 talloc_free(fname);
75 continue;
77 if (unlink(fname) != 0) {
78 DEBUG(0,("Unabled to delete '%s' - %s\n",
79 fname, strerror(errno)));
80 smb_panic("unable to cleanup tmp files");
82 talloc_free(fname);
84 closedir(dir);
88 cleanup temporary files. This is the new alternative to
89 TDB_CLEAR_IF_FIRST. Unfortunately TDB_CLEAR_IF_FIRST is not
90 efficient on unix systems due to the lack of scaling of the byte
91 range locking system. So instead of putting the burden on tdb to
92 cleanup tmp files, this function deletes them.
94 static void cleanup_tmp_files(struct loadparm_context *lp_ctx)
96 char *path;
97 TALLOC_CTX *mem_ctx = talloc_new(NULL);
99 path = smbd_tmp_path(mem_ctx, lp_ctx, NULL);
101 recursive_delete(path);
102 talloc_free(mem_ctx);
105 static void sig_hup(int sig)
107 debug_schedule_reopen_logs();
110 static void sig_term(int sig)
112 #if HAVE_GETPGRP
113 static int done_sigterm;
114 if (done_sigterm == 0 && getpgrp() == getpid()) {
115 DEBUG(0,("SIGTERM: killing children\n"));
116 done_sigterm = 1;
117 kill(-getpgrp(), SIGTERM);
119 #endif
120 DEBUG(0,("Exiting pid %d on SIGTERM\n", (int)getpid()));
121 exit(127);
125 setup signal masks
127 static void setup_signals(void)
129 /* we are never interested in SIGPIPE */
130 BlockSignals(true,SIGPIPE);
132 #if defined(SIGFPE)
133 /* we are never interested in SIGFPE */
134 BlockSignals(true,SIGFPE);
135 #endif
137 /* We are no longer interested in USR1 */
138 BlockSignals(true, SIGUSR1);
140 #if defined(SIGUSR2)
141 /* We are no longer interested in USR2 */
142 BlockSignals(true,SIGUSR2);
143 #endif
145 /* POSIX demands that signals are inherited. If the invoking process has
146 * these signals masked, we will have problems, as we won't receive them. */
147 BlockSignals(false, SIGHUP);
148 BlockSignals(false, SIGTERM);
150 CatchSignal(SIGHUP, sig_hup);
151 CatchSignal(SIGTERM, sig_term);
155 handle io on stdin
157 static void server_stdin_handler(struct tevent_context *event_ctx, struct tevent_fd *fde,
158 uint16_t flags, void *private_data)
160 const char *binary_name = (const char *)private_data;
161 uint8_t c;
162 if (read(0, &c, 1) == 0) {
163 DEBUG(0,("%s: EOF on stdin - terminating\n", binary_name));
164 #if HAVE_GETPGRP
165 if (getpgrp() == getpid()) {
166 DEBUG(0,("Sending SIGTERM from pid %d\n", (int)getpid()));
167 kill(-getpgrp(), SIGTERM);
169 #endif
170 exit(0);
175 die if the user selected maximum runtime is exceeded
177 _NORETURN_ static void max_runtime_handler(struct tevent_context *ev,
178 struct tevent_timer *te,
179 struct timeval t, void *private_data)
181 const char *binary_name = (const char *)private_data;
182 DEBUG(0,("%s: maximum runtime exceeded - terminating at %llu, current ts: %llu\n",
183 binary_name, (unsigned long long)t.tv_sec, (unsigned long long) time(NULL)));
184 exit(0);
188 pre-open the key databases. This saves a lot of time in child
189 processes
191 static void prime_ldb_databases(struct tevent_context *event_ctx)
193 TALLOC_CTX *db_context;
194 db_context = talloc_new(event_ctx);
196 samdb_connect(db_context, event_ctx, cmdline_lp_ctx, system_session(cmdline_lp_ctx), 0);
197 privilege_connect(db_context, cmdline_lp_ctx);
199 /* we deliberately leave these open, which allows them to be
200 * re-used in ldb_wrap_connect() */
205 called when a fatal condition occurs in a child task
207 static NTSTATUS samba_terminate(struct irpc_message *msg,
208 struct samba_terminate *r)
210 DEBUG(0,("samba_terminate: %s\n", r->in.reason));
211 exit(1);
215 setup messaging for the top level samba (parent) task
217 static NTSTATUS setup_parent_messaging(struct tevent_context *event_ctx,
218 struct loadparm_context *lp_ctx)
220 struct imessaging_context *msg;
221 NTSTATUS status;
223 msg = imessaging_init(talloc_autofree_context(),
224 lp_ctx,
225 cluster_id(0, SAMBA_PARENT_TASKID), event_ctx, false);
226 NT_STATUS_HAVE_NO_MEMORY(msg);
228 irpc_add_name(msg, "samba");
230 status = IRPC_REGISTER(msg, irpc, SAMBA_TERMINATE,
231 samba_terminate, NULL);
233 return status;
238 show build info
240 static void show_build(void)
242 #define CONFIG_OPTION(n) { #n, dyn_ ## n }
243 struct {
244 const char *name;
245 const char *value;
246 } config_options[] = {
247 CONFIG_OPTION(BINDIR),
248 CONFIG_OPTION(SBINDIR),
249 CONFIG_OPTION(CONFIGFILE),
250 CONFIG_OPTION(NCALRPCDIR),
251 CONFIG_OPTION(LOGFILEBASE),
252 CONFIG_OPTION(LMHOSTSFILE),
253 CONFIG_OPTION(DATADIR),
254 CONFIG_OPTION(MODULESDIR),
255 CONFIG_OPTION(LOCKDIR),
256 CONFIG_OPTION(STATEDIR),
257 CONFIG_OPTION(CACHEDIR),
258 CONFIG_OPTION(PIDDIR),
259 CONFIG_OPTION(PRIVATE_DIR),
260 CONFIG_OPTION(SWATDIR),
261 CONFIG_OPTION(CODEPAGEDIR),
262 CONFIG_OPTION(SETUPDIR),
263 CONFIG_OPTION(WINBINDD_SOCKET_DIR),
264 CONFIG_OPTION(WINBINDD_PRIVILEGED_SOCKET_DIR),
265 CONFIG_OPTION(NTP_SIGND_SOCKET_DIR),
266 { NULL, NULL}
268 int i;
270 printf("Samba version: %s\n", SAMBA_VERSION_STRING);
271 printf("Build environment:\n");
272 #ifdef BUILD_SYSTEM
273 printf(" Build host: %s\n", BUILD_SYSTEM);
274 #endif
276 printf("Paths:\n");
277 for (i=0; config_options[i].name; i++) {
278 printf(" %s: %s\n", config_options[i].name, config_options[i].value);
281 exit(0);
285 main server.
287 static int binary_smbd_main(const char *binary_name, int argc, const char *argv[])
289 bool opt_daemon = false;
290 bool opt_interactive = false;
291 int opt;
292 poptContext pc;
293 #define _MODULE_PROTO(init) extern NTSTATUS init(void);
294 STATIC_service_MODULES_PROTO;
295 init_module_fn static_init[] = { STATIC_service_MODULES };
296 init_module_fn *shared_init;
297 struct tevent_context *event_ctx;
298 uint16_t stdin_event_flags;
299 NTSTATUS status;
300 const char *model = "standard";
301 int max_runtime = 0;
302 enum {
303 OPT_DAEMON = 1000,
304 OPT_INTERACTIVE,
305 OPT_PROCESS_MODEL,
306 OPT_SHOW_BUILD
308 struct poptOption long_options[] = {
309 POPT_AUTOHELP
310 {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
311 "Become a daemon (default)", NULL },
312 {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
313 "Run interactive (not a daemon)", NULL},
314 {"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
315 "Select process model", "MODEL"},
316 {"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0,
317 "set maximum runtime of the server process, till autotermination", "seconds"},
318 {"show-build", 'b', POPT_ARG_NONE, NULL, OPT_SHOW_BUILD, "show build info", NULL },
319 POPT_COMMON_SAMBA
320 POPT_COMMON_VERSION
321 { NULL }
324 pc = poptGetContext(binary_name, argc, argv, long_options, 0);
325 while((opt = poptGetNextOpt(pc)) != -1) {
326 switch(opt) {
327 case OPT_DAEMON:
328 opt_daemon = true;
329 break;
330 case OPT_INTERACTIVE:
331 opt_interactive = true;
332 break;
333 case OPT_PROCESS_MODEL:
334 model = poptGetOptArg(pc);
335 break;
336 case OPT_SHOW_BUILD:
337 show_build();
338 break;
339 default:
340 fprintf(stderr, "\nInvalid option %s: %s\n\n",
341 poptBadOption(pc, 0), poptStrerror(opt));
342 poptPrintUsage(pc, stderr, 0);
343 return 1;
347 if (opt_daemon && opt_interactive) {
348 fprintf(stderr,"\nERROR: "
349 "Option -i|--interactive is not allowed together with -D|--daemon\n\n");
350 poptPrintUsage(pc, stderr, 0);
351 return 1;
352 } else if (!opt_interactive) {
353 /* default is --daemon */
354 opt_daemon = true;
357 poptFreeContext(pc);
359 setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
360 setup_signals();
362 /* we want total control over the permissions on created files,
363 so set our umask to 0 */
364 umask(0);
366 DEBUG(0,("%s version %s started.\n", binary_name, SAMBA_VERSION_STRING));
367 DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team 1992-2012\n"));
369 if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4 || sizeof(uint64_t) < 8) {
370 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
371 DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, sizeof(uint64_t) = %u\n",
372 (unsigned int)sizeof(uint16_t), (unsigned int)sizeof(uint32_t), (unsigned int)sizeof(uint64_t)));
373 return 1;
376 if (opt_daemon) {
377 DEBUG(3,("Becoming a daemon.\n"));
378 become_daemon(true, false, false);
381 cleanup_tmp_files(cmdline_lp_ctx);
383 if (!directory_exist(lpcfg_lockdir(cmdline_lp_ctx))) {
384 mkdir(lpcfg_lockdir(cmdline_lp_ctx), 0755);
387 pidfile_create(lpcfg_piddir(cmdline_lp_ctx), binary_name);
389 /* Set up a database to hold a random seed, in case we don't
390 * have /dev/urandom */
391 if (!randseed_init(talloc_autofree_context(), cmdline_lp_ctx)) {
392 return 1;
395 if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) {
396 if (!open_schannel_session_store(talloc_autofree_context(), cmdline_lp_ctx)) {
397 DEBUG(0,("ERROR: Samba cannot open schannel store for secured NETLOGON operations.\n"));
398 exit(1);
402 gensec_init(); /* FIXME: */
404 ntptr_init(); /* FIXME: maybe run this in the initialization function
405 of the spoolss RPC server instead? */
407 ntvfs_init(cmdline_lp_ctx); /* FIXME: maybe run this in the initialization functions
408 of the SMB[,2] server instead? */
410 process_model_init(cmdline_lp_ctx);
412 shared_init = load_samba_modules(NULL, "service");
414 run_init_functions(static_init);
415 run_init_functions(shared_init);
417 talloc_free(shared_init);
419 /* the event context is the top level structure in smbd. Everything else
420 should hang off that */
421 event_ctx = s4_event_context_init(talloc_autofree_context());
423 if (event_ctx == NULL) {
424 DEBUG(0,("Initializing event context failed\n"));
425 return 1;
428 if (opt_interactive) {
429 /* terminate when stdin goes away */
430 stdin_event_flags = TEVENT_FD_READ;
431 } else {
432 /* stay alive forever */
433 stdin_event_flags = 0;
436 /* catch EOF on stdin */
437 #ifdef SIGTTIN
438 signal(SIGTTIN, SIG_IGN);
439 #endif
440 tevent_add_fd(event_ctx, event_ctx, 0, stdin_event_flags,
441 server_stdin_handler,
442 discard_const(binary_name));
444 if (max_runtime) {
445 DEBUG(0,("Called with maxruntime %d - current ts %llu\n",
446 max_runtime, (unsigned long long) time(NULL)));
447 tevent_add_timer(event_ctx, event_ctx,
448 timeval_current_ofs(max_runtime, 0),
449 max_runtime_handler,
450 discard_const(binary_name));
453 prime_ldb_databases(event_ctx);
455 status = setup_parent_messaging(event_ctx, cmdline_lp_ctx);
456 if (!NT_STATUS_IS_OK(status)) {
457 DEBUG(0,("Failed to setup parent messaging - %s\n", nt_errstr(status)));
458 return 1;
461 DEBUG(0,("%s: using '%s' process model\n", binary_name, model));
463 status = server_service_startup(event_ctx, cmdline_lp_ctx, model,
464 lpcfg_server_services(cmdline_lp_ctx));
465 if (!NT_STATUS_IS_OK(status)) {
466 DEBUG(0,("Starting Services failed - %s\n", nt_errstr(status)));
467 return 1;
470 /* wait for events - this is where smbd sits for most of its
471 life */
472 tevent_loop_wait(event_ctx);
474 /* as everything hangs off this event context, freeing it
475 should initiate a clean shutdown of all services */
476 talloc_free(event_ctx);
478 return 0;
481 int main(int argc, const char *argv[])
483 return binary_smbd_main("samba", argc, argv);