4 #include "run-command.h"
10 #define HOST_NAME_MAX 256
17 static int log_syslog
;
21 static const char daemon_usage
[] =
22 "git daemon [--verbose] [--syslog] [--export-all]\n"
23 " [--timeout=n] [--init-timeout=n] [--max-connections=n]\n"
24 " [--strict-paths] [--base-path=path] [--base-path-relaxed]\n"
25 " [--user-path | --user-path=path]\n"
26 " [--interpolated-path=path]\n"
27 " [--reuseaddr] [--detach] [--pid-file=file]\n"
28 " [--[enable|disable|allow-override|forbid-override]=service]\n"
29 " [--inetd | [--listen=host_or_ipaddr] [--port=n]\n"
30 " [--user=user [--group=group]]\n"
33 /* List of acceptable pathname prefixes */
34 static char **ok_paths
;
35 static int strict_paths
;
37 /* If this is set, git-daemon-export-ok is not required */
38 static int export_all_trees
;
40 /* Take all paths relative to this one if non-NULL */
41 static char *base_path
;
42 static char *interpolated_path
;
43 static int base_path_relaxed
;
45 /* Flag indicating client sent extra args. */
46 static int saw_extended_args
;
48 /* If defined, ~user notation is allowed and the string is inserted
49 * after ~user/. E.g. a request to git://host/~alice/frotz would
50 * go to /home/alice/pub_git/frotz with --user-path=pub_git.
52 static const char *user_path
;
54 /* Timeout, and initial timeout */
55 static unsigned int timeout
;
56 static unsigned int init_timeout
;
58 static char *hostname
;
59 static char *canon_hostname
;
60 static char *ip_address
;
61 static char *tcp_port
;
63 static void logreport(int priority
, const char *err
, va_list params
)
67 vsnprintf(buf
, sizeof(buf
), err
, params
);
68 syslog(priority
, "%s", buf
);
71 * Since stderr is set to linebuffered mode, the
72 * logging of different processes will not overlap
74 fprintf(stderr
, "[%"PRIuMAX
"] ", (uintmax_t)getpid());
75 vfprintf(stderr
, err
, params
);
80 static void logerror(const char *err
, ...)
83 va_start(params
, err
);
84 logreport(LOG_ERR
, err
, params
);
88 static void loginfo(const char *err
, ...)
93 va_start(params
, err
);
94 logreport(LOG_INFO
, err
, params
);
98 static void NORETURN
daemon_die(const char *err
, va_list params
)
100 logreport(LOG_ERR
, err
, params
);
104 static int avoid_alias(char *p
)
109 * This resurrects the belts and suspenders paranoia check by HPA
110 * done in <435560F7.4080006@zytor.com> thread, now enter_repo()
111 * does not do getcwd() based path canonicalizations.
113 * sl becomes true immediately after seeing '/' and continues to
114 * be true as long as dots continue after that without intervening
117 if (!p
|| (*p
!= '/' && *p
!= '~'))
127 else if (ch
== '/') {
129 /* reject //, /./ and /../ */
134 if (0 < ndot
&& ndot
< 3)
135 /* reject /.$ and /..$ */
144 else if (ch
== '/') {
151 static char *path_ok(char *directory
)
153 static char rpath
[PATH_MAX
];
154 static char interp_path
[PATH_MAX
];
160 if (avoid_alias(dir
)) {
161 logerror("'%s': aliased", dir
);
167 logerror("'%s': User-path not allowed", dir
);
171 /* Got either "~alice" or "~alice/foo";
172 * rewrite them to "~alice/%s" or
175 int namlen
, restlen
= strlen(dir
);
176 char *slash
= strchr(dir
, '/');
178 slash
= dir
+ restlen
;
179 namlen
= slash
- dir
;
181 loginfo("userpath <%s>, request <%s>, namlen %d, restlen %d, slash <%s>", user_path
, dir
, namlen
, restlen
, slash
);
182 snprintf(rpath
, PATH_MAX
, "%.*s/%s%.*s",
183 namlen
, dir
, user_path
, restlen
, slash
);
187 else if (interpolated_path
&& saw_extended_args
) {
188 struct strbuf expanded_path
= STRBUF_INIT
;
189 struct strbuf_expand_dict_entry dict
[] = {
191 { "CH", canon_hostname
},
192 { "IP", ip_address
},
200 /* Allow only absolute */
201 logerror("'%s': Non-absolute path denied (interpolated-path active)", dir
);
205 strbuf_expand(&expanded_path
, interpolated_path
,
206 strbuf_expand_dict_cb
, &dict
);
207 strlcpy(interp_path
, expanded_path
.buf
, PATH_MAX
);
208 strbuf_release(&expanded_path
);
209 loginfo("Interpolated dir '%s'", interp_path
);
213 else if (base_path
) {
215 /* Allow only absolute */
216 logerror("'%s': Non-absolute path denied (base-path active)", dir
);
219 snprintf(rpath
, PATH_MAX
, "%s%s", base_path
, dir
);
223 path
= enter_repo(dir
, strict_paths
);
224 if (!path
&& base_path
&& base_path_relaxed
) {
226 * if we fail and base_path_relaxed is enabled, try without
227 * prefixing the base path
230 path
= enter_repo(dir
, strict_paths
);
234 logerror("'%s' does not appear to be a git repository", dir
);
238 if ( ok_paths
&& *ok_paths
) {
240 int pathlen
= strlen(path
);
242 /* The validation is done on the paths after enter_repo
243 * appends optional {.git,.git/.git} and friends, but
244 * it does not use getcwd(). So if your /pub is
245 * a symlink to /mnt/pub, you can whitelist /pub and
246 * do not have to say /mnt/pub.
249 for ( pp
= ok_paths
; *pp
; pp
++ ) {
250 int len
= strlen(*pp
);
251 if (len
<= pathlen
&&
252 !memcmp(*pp
, path
, len
) &&
253 (path
[len
] == '\0' ||
254 (!strict_paths
&& path
[len
] == '/')))
259 /* be backwards compatible */
264 logerror("'%s': not in whitelist", path
);
265 return NULL
; /* Fallthrough. Deny by default */
268 typedef int (*daemon_service_fn
)(void);
269 struct daemon_service
{
271 const char *config_name
;
272 daemon_service_fn fn
;
277 static struct daemon_service
*service_looking_at
;
278 static int service_enabled
;
280 static int git_daemon_config(const char *var
, const char *value
, void *cb
)
282 if (!prefixcmp(var
, "daemon.") &&
283 !strcmp(var
+ 7, service_looking_at
->config_name
)) {
284 service_enabled
= git_config_bool(var
, value
);
288 /* we are not interested in parsing any other configuration here */
292 static int run_service(char *dir
, struct daemon_service
*service
)
295 int enabled
= service
->enabled
;
297 loginfo("Request %s for '%s'", service
->name
, dir
);
299 if (!enabled
&& !service
->overridable
) {
300 logerror("'%s': service not enabled.", service
->name
);
305 if (!(path
= path_ok(dir
)))
309 * Security on the cheap.
311 * We want a readable HEAD, usable "objects" directory, and
312 * a "git-daemon-export-ok" flag that says that the other side
313 * is ok with us doing this.
315 * path_ok() uses enter_repo() and does whitelist checking.
316 * We only need to make sure the repository is exported.
319 if (!export_all_trees
&& access("git-daemon-export-ok", F_OK
)) {
320 logerror("'%s': repository not exported.", path
);
325 if (service
->overridable
) {
326 service_looking_at
= service
;
327 service_enabled
= -1;
328 git_config(git_daemon_config
, NULL
);
329 if (0 <= service_enabled
)
330 enabled
= service_enabled
;
333 logerror("'%s': service not enabled for '%s'",
334 service
->name
, path
);
340 * We'll ignore SIGTERM from now on, we have a
343 signal(SIGTERM
, SIG_IGN
);
345 return service
->fn();
348 static void copy_to_log(int fd
)
350 struct strbuf line
= STRBUF_INIT
;
353 fp
= fdopen(fd
, "r");
355 logerror("fdopen of error channel failed");
360 while (strbuf_getline(&line
, fp
, '\n') != EOF
) {
361 logerror("%s", line
.buf
);
362 strbuf_setlen(&line
, 0);
365 strbuf_release(&line
);
369 static int run_service_command(const char **argv
)
371 struct child_process cld
;
373 memset(&cld
, 0, sizeof(cld
));
377 if (start_command(&cld
))
383 copy_to_log(cld
.err
);
385 return finish_command(&cld
);
388 static int upload_pack(void)
390 /* Timeout as string */
391 char timeout_buf
[64];
392 const char *argv
[] = { "upload-pack", "--strict", timeout_buf
, ".", NULL
};
394 snprintf(timeout_buf
, sizeof timeout_buf
, "--timeout=%u", timeout
);
395 return run_service_command(argv
);
398 static int upload_archive(void)
400 static const char *argv
[] = { "upload-archive", ".", NULL
};
401 return run_service_command(argv
);
404 static int receive_pack(void)
406 static const char *argv
[] = { "receive-pack", ".", NULL
};
407 return run_service_command(argv
);
410 static struct daemon_service daemon_service
[] = {
411 { "upload-archive", "uploadarch", upload_archive
, 0, 1 },
412 { "upload-pack", "uploadpack", upload_pack
, 1, 1 },
413 { "receive-pack", "receivepack", receive_pack
, 0, 1 },
416 static void enable_service(const char *name
, int ena
)
419 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
420 if (!strcmp(daemon_service
[i
].name
, name
)) {
421 daemon_service
[i
].enabled
= ena
;
425 die("No such service %s", name
);
428 static void make_service_overridable(const char *name
, int ena
)
431 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
432 if (!strcmp(daemon_service
[i
].name
, name
)) {
433 daemon_service
[i
].overridable
= ena
;
437 die("No such service %s", name
);
440 static char *xstrdup_tolower(const char *str
)
442 char *p
, *dup
= xstrdup(str
);
443 for (p
= dup
; *p
; p
++)
449 * Read the host as supplied by the client connection.
451 static void parse_host_arg(char *extra_args
, int buflen
)
455 char *end
= extra_args
+ buflen
;
457 if (extra_args
< end
&& *extra_args
) {
458 saw_extended_args
= 1;
459 if (strncasecmp("host=", extra_args
, 5) == 0) {
460 val
= extra_args
+ 5;
461 vallen
= strlen(val
) + 1;
463 /* Split <host>:<port> at colon. */
465 char *port
= strrchr(host
, ':');
470 tcp_port
= xstrdup(port
);
473 hostname
= xstrdup_tolower(host
);
476 /* On to the next one */
477 extra_args
= val
+ vallen
;
479 if (extra_args
< end
&& *extra_args
)
480 die("Invalid request");
484 * Locate canonical hostname and its IP address.
488 struct addrinfo hints
;
491 static char addrbuf
[HOST_NAME_MAX
+ 1];
493 memset(&hints
, 0, sizeof(hints
));
494 hints
.ai_flags
= AI_CANONNAME
;
496 gai
= getaddrinfo(hostname
, NULL
, &hints
, &ai
);
498 struct sockaddr_in
*sin_addr
= (void *)ai
->ai_addr
;
500 inet_ntop(AF_INET
, &sin_addr
->sin_addr
,
501 addrbuf
, sizeof(addrbuf
));
503 ip_address
= xstrdup(addrbuf
);
505 free(canon_hostname
);
506 canon_hostname
= xstrdup(ai
->ai_canonname
?
507 ai
->ai_canonname
: ip_address
);
512 struct hostent
*hent
;
513 struct sockaddr_in sa
;
515 static char addrbuf
[HOST_NAME_MAX
+ 1];
517 hent
= gethostbyname(hostname
);
519 ap
= hent
->h_addr_list
;
520 memset(&sa
, 0, sizeof sa
);
521 sa
.sin_family
= hent
->h_addrtype
;
522 sa
.sin_port
= htons(0);
523 memcpy(&sa
.sin_addr
, *ap
, hent
->h_length
);
525 inet_ntop(hent
->h_addrtype
, &sa
.sin_addr
,
526 addrbuf
, sizeof(addrbuf
));
528 free(canon_hostname
);
529 canon_hostname
= xstrdup(hent
->h_name
);
531 ip_address
= xstrdup(addrbuf
);
537 static int execute(struct sockaddr
*addr
)
539 static char line
[1000];
543 char addrbuf
[256] = "";
546 if (addr
->sa_family
== AF_INET
) {
547 struct sockaddr_in
*sin_addr
= (void *) addr
;
548 inet_ntop(addr
->sa_family
, &sin_addr
->sin_addr
, addrbuf
, sizeof(addrbuf
));
549 port
= ntohs(sin_addr
->sin_port
);
551 } else if (addr
&& addr
->sa_family
== AF_INET6
) {
552 struct sockaddr_in6
*sin6_addr
= (void *) addr
;
555 *buf
++ = '['; *buf
= '\0'; /* stpcpy() is cool */
556 inet_ntop(AF_INET6
, &sin6_addr
->sin6_addr
, buf
, sizeof(addrbuf
) - 1);
559 port
= ntohs(sin6_addr
->sin6_port
);
562 loginfo("Connection from %s:%d", addrbuf
, port
);
563 setenv("REMOTE_ADDR", addrbuf
, 1);
566 unsetenv("REMOTE_ADDR");
569 alarm(init_timeout
? init_timeout
: timeout
);
570 pktlen
= packet_read_line(0, line
, sizeof(line
));
575 loginfo("Extended attributes (%d bytes) exist <%.*s>",
577 (int) pktlen
- len
, line
+ len
+ 1);
578 if (len
&& line
[len
-1] == '\n') {
584 free(canon_hostname
);
587 hostname
= canon_hostname
= ip_address
= tcp_port
= NULL
;
590 parse_host_arg(line
+ len
+ 1, pktlen
- len
- 1);
592 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
593 struct daemon_service
*s
= &(daemon_service
[i
]);
594 int namelen
= strlen(s
->name
);
595 if (!prefixcmp(line
, "git-") &&
596 !strncmp(s
->name
, line
+ 4, namelen
) &&
597 line
[namelen
+ 4] == ' ') {
599 * Note: The directory here is probably context sensitive,
600 * and might depend on the actual service being performed.
602 return run_service(line
+ namelen
+ 5, s
);
606 logerror("Protocol error: '%s'", line
);
610 static int max_connections
= 32;
612 static unsigned int live_children
;
614 static struct child
{
617 struct sockaddr_storage address
;
620 static void add_child(pid_t pid
, struct sockaddr
*addr
, int addrlen
)
622 struct child
*newborn
, **cradle
;
625 * This must be xcalloc() -- we'll compare the whole sockaddr_storage
626 * but individual address may be shorter.
628 newborn
= xcalloc(1, sizeof(*newborn
));
631 memcpy(&newborn
->address
, addr
, addrlen
);
632 for (cradle
= &firstborn
; *cradle
; cradle
= &(*cradle
)->next
)
633 if (!memcmp(&(*cradle
)->address
, &newborn
->address
,
634 sizeof(newborn
->address
)))
636 newborn
->next
= *cradle
;
640 static void remove_child(pid_t pid
)
642 struct child
**cradle
, *blanket
;
644 for (cradle
= &firstborn
; (blanket
= *cradle
); cradle
= &blanket
->next
)
645 if (blanket
->pid
== pid
) {
646 *cradle
= blanket
->next
;
654 * This gets called if the number of connections grows
655 * past "max_connections".
657 * We kill the newest connection from a duplicate IP.
659 static void kill_some_child(void)
661 const struct child
*blanket
, *next
;
663 if (!(blanket
= firstborn
))
666 for (; (next
= blanket
->next
); blanket
= next
)
667 if (!memcmp(&blanket
->address
, &next
->address
,
668 sizeof(next
->address
))) {
669 kill(blanket
->pid
, SIGTERM
);
674 static void check_dead_children(void)
679 while ((pid
= waitpid(-1, &status
, WNOHANG
)) > 0) {
680 const char *dead
= "";
682 if (!WIFEXITED(status
) || (WEXITSTATUS(status
) > 0))
683 dead
= " (with error)";
684 loginfo("[%"PRIuMAX
"] Disconnected%s", (uintmax_t)pid
, dead
);
688 static void handle(int incoming
, struct sockaddr
*addr
, int addrlen
)
692 if (max_connections
&& live_children
>= max_connections
) {
694 sleep(1); /* give it some time to die */
695 check_dead_children();
696 if (live_children
>= max_connections
) {
698 logerror("Too many children, dropping connection");
703 if ((pid
= fork())) {
706 logerror("Couldn't fork %s", strerror(errno
));
710 add_child(pid
, addr
, addrlen
);
721 static void child_handler(int signo
)
724 * Otherwise empty handler because systemcalls will get interrupted
725 * upon signal receipt
726 * SysV needs the handler to be rearmed
728 signal(SIGCHLD
, child_handler
);
731 static int set_reuse_addr(int sockfd
)
737 return setsockopt(sockfd
, SOL_SOCKET
, SO_REUSEADDR
,
743 static int socksetup(char *listen_addr
, int listen_port
, int **socklist_p
)
745 int socknum
= 0, *socklist
= NULL
;
747 char pbuf
[NI_MAXSERV
];
748 struct addrinfo hints
, *ai0
, *ai
;
752 sprintf(pbuf
, "%d", listen_port
);
753 memset(&hints
, 0, sizeof(hints
));
754 hints
.ai_family
= AF_UNSPEC
;
755 hints
.ai_socktype
= SOCK_STREAM
;
756 hints
.ai_protocol
= IPPROTO_TCP
;
757 hints
.ai_flags
= AI_PASSIVE
;
759 gai
= getaddrinfo(listen_addr
, pbuf
, &hints
, &ai0
);
761 die("getaddrinfo() failed: %s", gai_strerror(gai
));
763 for (ai
= ai0
; ai
; ai
= ai
->ai_next
) {
766 sockfd
= socket(ai
->ai_family
, ai
->ai_socktype
, ai
->ai_protocol
);
769 if (sockfd
>= FD_SETSIZE
) {
770 logerror("Socket descriptor too large");
776 if (ai
->ai_family
== AF_INET6
) {
778 setsockopt(sockfd
, IPPROTO_IPV6
, IPV6_V6ONLY
,
780 /* Note: error is not fatal */
784 if (set_reuse_addr(sockfd
)) {
789 if (bind(sockfd
, ai
->ai_addr
, ai
->ai_addrlen
) < 0) {
791 continue; /* not fatal */
793 if (listen(sockfd
, 5) < 0) {
795 continue; /* not fatal */
798 flags
= fcntl(sockfd
, F_GETFD
, 0);
800 fcntl(sockfd
, F_SETFD
, flags
| FD_CLOEXEC
);
802 socklist
= xrealloc(socklist
, sizeof(int) * (socknum
+ 1));
803 socklist
[socknum
++] = sockfd
;
811 *socklist_p
= socklist
;
817 static int socksetup(char *listen_addr
, int listen_port
, int **socklist_p
)
819 struct sockaddr_in sin
;
823 memset(&sin
, 0, sizeof sin
);
824 sin
.sin_family
= AF_INET
;
825 sin
.sin_port
= htons(listen_port
);
828 /* Well, host better be an IP address here. */
829 if (inet_pton(AF_INET
, listen_addr
, &sin
.sin_addr
.s_addr
) <= 0)
832 sin
.sin_addr
.s_addr
= htonl(INADDR_ANY
);
835 sockfd
= socket(AF_INET
, SOCK_STREAM
, 0);
839 if (set_reuse_addr(sockfd
)) {
844 if ( bind(sockfd
, (struct sockaddr
*)&sin
, sizeof sin
) < 0 ) {
849 if (listen(sockfd
, 5) < 0) {
854 flags
= fcntl(sockfd
, F_GETFD
, 0);
856 fcntl(sockfd
, F_SETFD
, flags
| FD_CLOEXEC
);
858 *socklist_p
= xmalloc(sizeof(int));
859 **socklist_p
= sockfd
;
865 static int service_loop(int socknum
, int *socklist
)
870 pfd
= xcalloc(socknum
, sizeof(struct pollfd
));
872 for (i
= 0; i
< socknum
; i
++) {
873 pfd
[i
].fd
= socklist
[i
];
874 pfd
[i
].events
= POLLIN
;
877 signal(SIGCHLD
, child_handler
);
882 check_dead_children();
884 if (poll(pfd
, socknum
, -1) < 0) {
885 if (errno
!= EINTR
) {
886 logerror("Poll failed, resuming: %s",
893 for (i
= 0; i
< socknum
; i
++) {
894 if (pfd
[i
].revents
& POLLIN
) {
895 struct sockaddr_storage ss
;
896 unsigned int sslen
= sizeof(ss
);
897 int incoming
= accept(pfd
[i
].fd
, (struct sockaddr
*)&ss
, &sslen
);
905 die("accept returned %s", strerror(errno
));
908 handle(incoming
, (struct sockaddr
*)&ss
, sslen
);
914 /* if any standard file descriptor is missing open it to /dev/null */
915 static void sanitize_stdfds(void)
917 int fd
= open("/dev/null", O_RDWR
, 0);
918 while (fd
!= -1 && fd
< 2)
921 die("open /dev/null or dup failed: %s", strerror(errno
));
926 static void daemonize(void)
932 die("fork failed: %s", strerror(errno
));
937 die("setsid failed: %s", strerror(errno
));
944 static void store_pid(const char *path
)
946 FILE *f
= fopen(path
, "w");
948 die("cannot open pid file %s: %s", path
, strerror(errno
));
949 if (fprintf(f
, "%"PRIuMAX
"\n", (uintmax_t) getpid()) < 0 || fclose(f
) != 0)
950 die("failed to write pid file %s: %s", path
, strerror(errno
));
953 static int serve(char *listen_addr
, int listen_port
, struct passwd
*pass
, gid_t gid
)
955 int socknum
, *socklist
;
957 socknum
= socksetup(listen_addr
, listen_port
, &socklist
);
959 die("unable to allocate any listen sockets on host %s port %u",
960 listen_addr
, listen_port
);
963 (initgroups(pass
->pw_name
, gid
) || setgid (gid
) ||
964 setuid(pass
->pw_uid
)))
965 die("cannot drop privileges");
967 return service_loop(socknum
, socklist
);
970 int main(int argc
, char **argv
)
973 char *listen_addr
= NULL
;
975 const char *pid_file
= NULL
, *user_name
= NULL
, *group_name
= NULL
;
977 struct passwd
*pass
= NULL
;
982 git_extract_argv0_path(argv
[0]);
984 for (i
= 1; i
< argc
; i
++) {
987 if (!prefixcmp(arg
, "--listen=")) {
988 listen_addr
= xstrdup_tolower(arg
+ 9);
991 if (!prefixcmp(arg
, "--port=")) {
994 n
= strtoul(arg
+7, &end
, 0);
995 if (arg
[7] && !*end
) {
1000 if (!strcmp(arg
, "--inetd")) {
1005 if (!strcmp(arg
, "--verbose")) {
1009 if (!strcmp(arg
, "--syslog")) {
1013 if (!strcmp(arg
, "--export-all")) {
1014 export_all_trees
= 1;
1017 if (!prefixcmp(arg
, "--timeout=")) {
1018 timeout
= atoi(arg
+10);
1021 if (!prefixcmp(arg
, "--init-timeout=")) {
1022 init_timeout
= atoi(arg
+15);
1025 if (!prefixcmp(arg
, "--max-connections=")) {
1026 max_connections
= atoi(arg
+18);
1027 if (max_connections
< 0)
1028 max_connections
= 0; /* unlimited */
1031 if (!strcmp(arg
, "--strict-paths")) {
1035 if (!prefixcmp(arg
, "--base-path=")) {
1039 if (!strcmp(arg
, "--base-path-relaxed")) {
1040 base_path_relaxed
= 1;
1043 if (!prefixcmp(arg
, "--interpolated-path=")) {
1044 interpolated_path
= arg
+20;
1047 if (!strcmp(arg
, "--reuseaddr")) {
1051 if (!strcmp(arg
, "--user-path")) {
1055 if (!prefixcmp(arg
, "--user-path=")) {
1056 user_path
= arg
+ 12;
1059 if (!prefixcmp(arg
, "--pid-file=")) {
1060 pid_file
= arg
+ 11;
1063 if (!strcmp(arg
, "--detach")) {
1068 if (!prefixcmp(arg
, "--user=")) {
1069 user_name
= arg
+ 7;
1072 if (!prefixcmp(arg
, "--group=")) {
1073 group_name
= arg
+ 8;
1076 if (!prefixcmp(arg
, "--enable=")) {
1077 enable_service(arg
+ 9, 1);
1080 if (!prefixcmp(arg
, "--disable=")) {
1081 enable_service(arg
+ 10, 0);
1084 if (!prefixcmp(arg
, "--allow-override=")) {
1085 make_service_overridable(arg
+ 17, 1);
1088 if (!prefixcmp(arg
, "--forbid-override=")) {
1089 make_service_overridable(arg
+ 18, 0);
1092 if (!strcmp(arg
, "--")) {
1093 ok_paths
= &argv
[i
+1];
1095 } else if (arg
[0] != '-') {
1096 ok_paths
= &argv
[i
];
1100 usage(daemon_usage
);
1104 openlog("git-daemon", LOG_PID
, LOG_DAEMON
);
1105 set_die_routine(daemon_die
);
1107 /* avoid splitting a message in the middle */
1108 setvbuf(stderr
, NULL
, _IOLBF
, 0);
1110 if (inetd_mode
&& (group_name
|| user_name
))
1111 die("--user and --group are incompatible with --inetd");
1113 if (inetd_mode
&& (listen_port
|| listen_addr
))
1114 die("--listen= and --port= are incompatible with --inetd");
1115 else if (listen_port
== 0)
1116 listen_port
= DEFAULT_GIT_PORT
;
1118 if (group_name
&& !user_name
)
1119 die("--group supplied without --user");
1122 pass
= getpwnam(user_name
);
1124 die("user not found - %s", user_name
);
1129 group
= getgrnam(group_name
);
1131 die("group not found - %s", group_name
);
1133 gid
= group
->gr_gid
;
1137 if (strict_paths
&& (!ok_paths
|| !*ok_paths
))
1138 die("option --strict-paths requires a whitelist");
1140 if (base_path
&& !is_directory(base_path
))
1141 die("base-path '%s' does not exist or is not a directory",
1145 struct sockaddr_storage ss
;
1146 struct sockaddr
*peer
= (struct sockaddr
*)&ss
;
1147 socklen_t slen
= sizeof(ss
);
1149 if (!freopen("/dev/null", "w", stderr
))
1150 die("failed to redirect stderr to /dev/null: %s",
1153 if (getpeername(0, peer
, &slen
))
1156 return execute(peer
);
1161 loginfo("Ready to rumble");
1167 store_pid(pid_file
);
1169 return serve(listen_addr
, listen_port
, pass
, gid
);