4 #include "interpolate.h"
9 #define HOST_NAME_MAX 256
16 static int log_syslog
;
20 static const char daemon_usage
[] =
21 "git daemon [--verbose] [--syslog] [--export-all]\n"
22 " [--timeout=n] [--init-timeout=n] [--max-connections=n]\n"
23 " [--strict-paths] [--base-path=path] [--base-path-relaxed]\n"
24 " [--user-path | --user-path=path]\n"
25 " [--interpolated-path=path]\n"
26 " [--reuseaddr] [--detach] [--pid-file=file]\n"
27 " [--[enable|disable|allow-override|forbid-override]=service]\n"
28 " [--inetd | [--listen=host_or_ipaddr] [--port=n]\n"
29 " [--user=user [--group=group]]\n"
32 /* List of acceptable pathname prefixes */
33 static char **ok_paths
;
34 static int strict_paths
;
36 /* If this is set, git-daemon-export-ok is not required */
37 static int export_all_trees
;
39 /* Take all paths relative to this one if non-NULL */
40 static char *base_path
;
41 static char *interpolated_path
;
42 static int base_path_relaxed
;
44 /* Flag indicating client sent extra args. */
45 static int saw_extended_args
;
47 /* If defined, ~user notation is allowed and the string is inserted
48 * after ~user/. E.g. a request to git://host/~alice/frotz would
49 * go to /home/alice/pub_git/frotz with --user-path=pub_git.
51 static const char *user_path
;
53 /* Timeout, and initial timeout */
54 static unsigned int timeout
;
55 static unsigned int init_timeout
;
58 * Static table for now. Ugh.
59 * Feel free to make dynamic as needed.
61 #define INTERP_SLOT_HOST (0)
62 #define INTERP_SLOT_CANON_HOST (1)
63 #define INTERP_SLOT_IP (2)
64 #define INTERP_SLOT_PORT (3)
65 #define INTERP_SLOT_DIR (4)
66 #define INTERP_SLOT_PERCENT (5)
68 static struct interp interp_table
[] = {
78 static void logreport(int priority
, const char *err
, va_list params
)
82 vsnprintf(buf
, sizeof(buf
), err
, params
);
83 syslog(priority
, "%s", buf
);
86 * Since stderr is set to linebuffered mode, the
87 * logging of different processes will not overlap
89 fprintf(stderr
, "[%d] ", (int)getpid());
90 vfprintf(stderr
, err
, params
);
95 static void logerror(const char *err
, ...)
98 va_start(params
, err
);
99 logreport(LOG_ERR
, err
, params
);
103 static void loginfo(const char *err
, ...)
108 va_start(params
, err
);
109 logreport(LOG_INFO
, err
, params
);
113 static void NORETURN
daemon_die(const char *err
, va_list params
)
115 logreport(LOG_ERR
, err
, params
);
119 static int avoid_alias(char *p
)
124 * This resurrects the belts and suspenders paranoia check by HPA
125 * done in <435560F7.4080006@zytor.com> thread, now enter_repo()
126 * does not do getcwd() based path canonicalizations.
128 * sl becomes true immediately after seeing '/' and continues to
129 * be true as long as dots continue after that without intervening
132 if (!p
|| (*p
!= '/' && *p
!= '~'))
142 else if (ch
== '/') {
144 /* reject //, /./ and /../ */
149 if (0 < ndot
&& ndot
< 3)
150 /* reject /.$ and /..$ */
159 else if (ch
== '/') {
166 static char *path_ok(struct interp
*itable
)
168 static char rpath
[PATH_MAX
];
169 static char interp_path
[PATH_MAX
];
170 int retried_path
= 0;
174 dir
= itable
[INTERP_SLOT_DIR
].value
;
176 if (avoid_alias(dir
)) {
177 logerror("'%s': aliased", dir
);
183 logerror("'%s': User-path not allowed", dir
);
187 /* Got either "~alice" or "~alice/foo";
188 * rewrite them to "~alice/%s" or
191 int namlen
, restlen
= strlen(dir
);
192 char *slash
= strchr(dir
, '/');
194 slash
= dir
+ restlen
;
195 namlen
= slash
- dir
;
197 loginfo("userpath <%s>, request <%s>, namlen %d, restlen %d, slash <%s>", user_path
, dir
, namlen
, restlen
, slash
);
198 snprintf(rpath
, PATH_MAX
, "%.*s/%s%.*s",
199 namlen
, dir
, user_path
, restlen
, slash
);
203 else if (interpolated_path
&& saw_extended_args
) {
205 /* Allow only absolute */
206 logerror("'%s': Non-absolute path denied (interpolated-path active)", dir
);
210 interpolate(interp_path
, PATH_MAX
, interpolated_path
,
211 interp_table
, ARRAY_SIZE(interp_table
));
212 loginfo("Interpolated dir '%s'", interp_path
);
216 else if (base_path
) {
218 /* Allow only absolute */
219 logerror("'%s': Non-absolute path denied (base-path active)", dir
);
222 snprintf(rpath
, PATH_MAX
, "%s%s", base_path
, dir
);
227 path
= enter_repo(dir
, strict_paths
);
232 * if we fail and base_path_relaxed is enabled, try without
233 * prefixing the base path
235 if (base_path
&& base_path_relaxed
&& !retried_path
) {
236 dir
= itable
[INTERP_SLOT_DIR
].value
;
244 logerror("'%s': unable to chdir or not a git archive", dir
);
248 if ( ok_paths
&& *ok_paths
) {
250 int pathlen
= strlen(path
);
252 /* The validation is done on the paths after enter_repo
253 * appends optional {.git,.git/.git} and friends, but
254 * it does not use getcwd(). So if your /pub is
255 * a symlink to /mnt/pub, you can whitelist /pub and
256 * do not have to say /mnt/pub.
259 for ( pp
= ok_paths
; *pp
; pp
++ ) {
260 int len
= strlen(*pp
);
261 if (len
<= pathlen
&&
262 !memcmp(*pp
, path
, len
) &&
263 (path
[len
] == '\0' ||
264 (!strict_paths
&& path
[len
] == '/')))
269 /* be backwards compatible */
274 logerror("'%s': not in whitelist", path
);
275 return NULL
; /* Fallthrough. Deny by default */
278 typedef int (*daemon_service_fn
)(void);
279 struct daemon_service
{
281 const char *config_name
;
282 daemon_service_fn fn
;
287 static struct daemon_service
*service_looking_at
;
288 static int service_enabled
;
290 static int git_daemon_config(const char *var
, const char *value
, void *cb
)
292 if (!prefixcmp(var
, "daemon.") &&
293 !strcmp(var
+ 7, service_looking_at
->config_name
)) {
294 service_enabled
= git_config_bool(var
, value
);
298 /* we are not interested in parsing any other configuration here */
302 static int run_service(struct interp
*itable
, struct daemon_service
*service
)
305 int enabled
= service
->enabled
;
307 loginfo("Request %s for '%s'",
309 itable
[INTERP_SLOT_DIR
].value
);
311 if (!enabled
&& !service
->overridable
) {
312 logerror("'%s': service not enabled.", service
->name
);
317 if (!(path
= path_ok(itable
)))
321 * Security on the cheap.
323 * We want a readable HEAD, usable "objects" directory, and
324 * a "git-daemon-export-ok" flag that says that the other side
325 * is ok with us doing this.
327 * path_ok() uses enter_repo() and does whitelist checking.
328 * We only need to make sure the repository is exported.
331 if (!export_all_trees
&& access("git-daemon-export-ok", F_OK
)) {
332 logerror("'%s': repository not exported.", path
);
337 if (service
->overridable
) {
338 service_looking_at
= service
;
339 service_enabled
= -1;
340 git_config(git_daemon_config
, NULL
);
341 if (0 <= service_enabled
)
342 enabled
= service_enabled
;
345 logerror("'%s': service not enabled for '%s'",
346 service
->name
, path
);
352 * We'll ignore SIGTERM from now on, we have a
355 signal(SIGTERM
, SIG_IGN
);
357 return service
->fn();
360 static int upload_pack(void)
362 /* Timeout as string */
363 char timeout_buf
[64];
365 snprintf(timeout_buf
, sizeof timeout_buf
, "--timeout=%u", timeout
);
367 /* git-upload-pack only ever reads stuff, so this is safe */
368 execl_git_cmd("upload-pack", "--strict", timeout_buf
, ".", NULL
);
372 static int upload_archive(void)
374 execl_git_cmd("upload-archive", ".", NULL
);
378 static int receive_pack(void)
380 execl_git_cmd("receive-pack", ".", NULL
);
384 static struct daemon_service daemon_service
[] = {
385 { "upload-archive", "uploadarch", upload_archive
, 0, 1 },
386 { "upload-pack", "uploadpack", upload_pack
, 1, 1 },
387 { "receive-pack", "receivepack", receive_pack
, 0, 1 },
390 static void enable_service(const char *name
, int ena
)
393 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
394 if (!strcmp(daemon_service
[i
].name
, name
)) {
395 daemon_service
[i
].enabled
= ena
;
399 die("No such service %s", name
);
402 static void make_service_overridable(const char *name
, int ena
)
405 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
406 if (!strcmp(daemon_service
[i
].name
, name
)) {
407 daemon_service
[i
].overridable
= ena
;
411 die("No such service %s", name
);
415 * Separate the "extra args" information as supplied by the client connection.
416 * Any resulting data is squirreled away in the given interpolation table.
418 static void parse_extra_args(struct interp
*table
, char *extra_args
, int buflen
)
422 char *end
= extra_args
+ buflen
;
424 while (extra_args
< end
&& *extra_args
) {
425 saw_extended_args
= 1;
426 if (strncasecmp("host=", extra_args
, 5) == 0) {
427 val
= extra_args
+ 5;
428 vallen
= strlen(val
) + 1;
430 /* Split <host>:<port> at colon. */
432 char *port
= strrchr(host
, ':');
436 interp_set_entry(table
, INTERP_SLOT_PORT
, port
);
438 interp_set_entry(table
, INTERP_SLOT_HOST
, host
);
441 /* On to the next one */
442 extra_args
= val
+ vallen
;
447 static void fill_in_extra_table_entries(struct interp
*itable
)
452 * Replace literal host with lowercase-ized hostname.
454 hp
= interp_table
[INTERP_SLOT_HOST
].value
;
461 * Locate canonical hostname and its IP address.
465 struct addrinfo hints
;
466 struct addrinfo
*ai
, *ai0
;
468 static char addrbuf
[HOST_NAME_MAX
+ 1];
470 memset(&hints
, 0, sizeof(hints
));
471 hints
.ai_flags
= AI_CANONNAME
;
473 gai
= getaddrinfo(interp_table
[INTERP_SLOT_HOST
].value
, 0, &hints
, &ai0
);
475 for (ai
= ai0
; ai
; ai
= ai
->ai_next
) {
476 struct sockaddr_in
*sin_addr
= (void *)ai
->ai_addr
;
478 inet_ntop(AF_INET
, &sin_addr
->sin_addr
,
479 addrbuf
, sizeof(addrbuf
));
480 interp_set_entry(interp_table
,
481 INTERP_SLOT_CANON_HOST
, ai
->ai_canonname
);
482 interp_set_entry(interp_table
,
483 INTERP_SLOT_IP
, addrbuf
);
491 struct hostent
*hent
;
492 struct sockaddr_in sa
;
494 static char addrbuf
[HOST_NAME_MAX
+ 1];
496 hent
= gethostbyname(interp_table
[INTERP_SLOT_HOST
].value
);
498 ap
= hent
->h_addr_list
;
499 memset(&sa
, 0, sizeof sa
);
500 sa
.sin_family
= hent
->h_addrtype
;
501 sa
.sin_port
= htons(0);
502 memcpy(&sa
.sin_addr
, *ap
, hent
->h_length
);
504 inet_ntop(hent
->h_addrtype
, &sa
.sin_addr
,
505 addrbuf
, sizeof(addrbuf
));
507 interp_set_entry(interp_table
, INTERP_SLOT_CANON_HOST
, hent
->h_name
);
508 interp_set_entry(interp_table
, INTERP_SLOT_IP
, addrbuf
);
514 static int execute(struct sockaddr
*addr
)
516 static char line
[1000];
520 char addrbuf
[256] = "";
523 if (addr
->sa_family
== AF_INET
) {
524 struct sockaddr_in
*sin_addr
= (void *) addr
;
525 inet_ntop(addr
->sa_family
, &sin_addr
->sin_addr
, addrbuf
, sizeof(addrbuf
));
526 port
= ntohs(sin_addr
->sin_port
);
528 } else if (addr
&& addr
->sa_family
== AF_INET6
) {
529 struct sockaddr_in6
*sin6_addr
= (void *) addr
;
532 *buf
++ = '['; *buf
= '\0'; /* stpcpy() is cool */
533 inet_ntop(AF_INET6
, &sin6_addr
->sin6_addr
, buf
, sizeof(addrbuf
) - 1);
536 port
= ntohs(sin6_addr
->sin6_port
);
539 loginfo("Connection from %s:%d", addrbuf
, port
);
542 alarm(init_timeout
? init_timeout
: timeout
);
543 pktlen
= packet_read_line(0, line
, sizeof(line
));
548 loginfo("Extended attributes (%d bytes) exist <%.*s>",
550 (int) pktlen
- len
, line
+ len
+ 1);
551 if (len
&& line
[len
-1] == '\n') {
557 * Initialize the path interpolation table for this connection.
559 interp_clear_table(interp_table
, ARRAY_SIZE(interp_table
));
560 interp_set_entry(interp_table
, INTERP_SLOT_PERCENT
, "%");
563 parse_extra_args(interp_table
, line
+ len
+ 1, pktlen
- len
- 1);
564 fill_in_extra_table_entries(interp_table
);
567 for (i
= 0; i
< ARRAY_SIZE(daemon_service
); i
++) {
568 struct daemon_service
*s
= &(daemon_service
[i
]);
569 int namelen
= strlen(s
->name
);
570 if (!prefixcmp(line
, "git-") &&
571 !strncmp(s
->name
, line
+ 4, namelen
) &&
572 line
[namelen
+ 4] == ' ') {
574 * Note: The directory here is probably context sensitive,
575 * and might depend on the actual service being performed.
577 interp_set_entry(interp_table
,
578 INTERP_SLOT_DIR
, line
+ namelen
+ 5);
579 return run_service(interp_table
, s
);
583 logerror("Protocol error: '%s'", line
);
587 static int max_connections
= 32;
589 static unsigned int live_children
;
591 static struct child
{
594 struct sockaddr_storage address
;
597 static void add_child(pid_t pid
, struct sockaddr
*addr
, int addrlen
)
599 struct child
*newborn
, **cradle
;
602 * This must be xcalloc() -- we'll compare the whole sockaddr_storage
603 * but individual address may be shorter.
605 newborn
= xcalloc(1, sizeof(*newborn
));
608 memcpy(&newborn
->address
, addr
, addrlen
);
609 for (cradle
= &firstborn
; *cradle
; cradle
= &(*cradle
)->next
)
610 if (!memcmp(&(*cradle
)->address
, &newborn
->address
,
611 sizeof(newborn
->address
)))
613 newborn
->next
= *cradle
;
617 static void remove_child(pid_t pid
)
619 struct child
**cradle
, *blanket
;
621 for (cradle
= &firstborn
; (blanket
= *cradle
); cradle
= &blanket
->next
)
622 if (blanket
->pid
== pid
) {
623 *cradle
= blanket
->next
;
631 * This gets called if the number of connections grows
632 * past "max_connections".
634 * We kill the newest connection from a duplicate IP.
636 static void kill_some_child(void)
638 const struct child
*blanket
, *next
;
640 if (!(blanket
= firstborn
))
643 for (; (next
= blanket
->next
); blanket
= next
)
644 if (!memcmp(&blanket
->address
, &next
->address
,
645 sizeof(next
->address
))) {
646 kill(blanket
->pid
, SIGTERM
);
651 static void check_dead_children(void)
656 while ((pid
= waitpid(-1, &status
, WNOHANG
)) > 0) {
657 const char *dead
= "";
659 if (!WIFEXITED(status
) || (WEXITSTATUS(status
) > 0))
660 dead
= " (with error)";
661 loginfo("[%d] Disconnected%s", (int)pid
, dead
);
665 static void handle(int incoming
, struct sockaddr
*addr
, int addrlen
)
669 if (max_connections
&& live_children
>= max_connections
) {
671 sleep(1); /* give it some time to die */
672 check_dead_children();
673 if (live_children
>= max_connections
) {
675 logerror("Too many children, dropping connection");
680 if ((pid
= fork())) {
683 logerror("Couldn't fork %s", strerror(errno
));
687 add_child(pid
, addr
, addrlen
);
698 static void child_handler(int signo
)
701 * Otherwise empty handler because systemcalls will get interrupted
702 * upon signal receipt
703 * SysV needs the handler to be rearmed
705 signal(SIGCHLD
, child_handler
);
708 static int set_reuse_addr(int sockfd
)
714 return setsockopt(sockfd
, SOL_SOCKET
, SO_REUSEADDR
,
720 static int socksetup(char *listen_addr
, int listen_port
, int **socklist_p
)
722 int socknum
= 0, *socklist
= NULL
;
724 char pbuf
[NI_MAXSERV
];
725 struct addrinfo hints
, *ai0
, *ai
;
729 sprintf(pbuf
, "%d", listen_port
);
730 memset(&hints
, 0, sizeof(hints
));
731 hints
.ai_family
= AF_UNSPEC
;
732 hints
.ai_socktype
= SOCK_STREAM
;
733 hints
.ai_protocol
= IPPROTO_TCP
;
734 hints
.ai_flags
= AI_PASSIVE
;
736 gai
= getaddrinfo(listen_addr
, pbuf
, &hints
, &ai0
);
738 die("getaddrinfo() failed: %s\n", gai_strerror(gai
));
740 for (ai
= ai0
; ai
; ai
= ai
->ai_next
) {
743 sockfd
= socket(ai
->ai_family
, ai
->ai_socktype
, ai
->ai_protocol
);
746 if (sockfd
>= FD_SETSIZE
) {
747 logerror("Socket descriptor too large");
753 if (ai
->ai_family
== AF_INET6
) {
755 setsockopt(sockfd
, IPPROTO_IPV6
, IPV6_V6ONLY
,
757 /* Note: error is not fatal */
761 if (set_reuse_addr(sockfd
)) {
766 if (bind(sockfd
, ai
->ai_addr
, ai
->ai_addrlen
) < 0) {
768 continue; /* not fatal */
770 if (listen(sockfd
, 5) < 0) {
772 continue; /* not fatal */
775 flags
= fcntl(sockfd
, F_GETFD
, 0);
777 fcntl(sockfd
, F_SETFD
, flags
| FD_CLOEXEC
);
779 socklist
= xrealloc(socklist
, sizeof(int) * (socknum
+ 1));
780 socklist
[socknum
++] = sockfd
;
788 *socklist_p
= socklist
;
794 static int socksetup(char *listen_addr
, int listen_port
, int **socklist_p
)
796 struct sockaddr_in sin
;
800 memset(&sin
, 0, sizeof sin
);
801 sin
.sin_family
= AF_INET
;
802 sin
.sin_port
= htons(listen_port
);
805 /* Well, host better be an IP address here. */
806 if (inet_pton(AF_INET
, listen_addr
, &sin
.sin_addr
.s_addr
) <= 0)
809 sin
.sin_addr
.s_addr
= htonl(INADDR_ANY
);
812 sockfd
= socket(AF_INET
, SOCK_STREAM
, 0);
816 if (set_reuse_addr(sockfd
)) {
821 if ( bind(sockfd
, (struct sockaddr
*)&sin
, sizeof sin
) < 0 ) {
826 if (listen(sockfd
, 5) < 0) {
831 flags
= fcntl(sockfd
, F_GETFD
, 0);
833 fcntl(sockfd
, F_SETFD
, flags
| FD_CLOEXEC
);
835 *socklist_p
= xmalloc(sizeof(int));
836 **socklist_p
= sockfd
;
842 static int service_loop(int socknum
, int *socklist
)
847 pfd
= xcalloc(socknum
, sizeof(struct pollfd
));
849 for (i
= 0; i
< socknum
; i
++) {
850 pfd
[i
].fd
= socklist
[i
];
851 pfd
[i
].events
= POLLIN
;
854 signal(SIGCHLD
, child_handler
);
859 check_dead_children();
861 if (poll(pfd
, socknum
, -1) < 0) {
862 if (errno
!= EINTR
) {
863 logerror("Poll failed, resuming: %s",
870 for (i
= 0; i
< socknum
; i
++) {
871 if (pfd
[i
].revents
& POLLIN
) {
872 struct sockaddr_storage ss
;
873 unsigned int sslen
= sizeof(ss
);
874 int incoming
= accept(pfd
[i
].fd
, (struct sockaddr
*)&ss
, &sslen
);
882 die("accept returned %s", strerror(errno
));
885 handle(incoming
, (struct sockaddr
*)&ss
, sslen
);
891 /* if any standard file descriptor is missing open it to /dev/null */
892 static void sanitize_stdfds(void)
894 int fd
= open("/dev/null", O_RDWR
, 0);
895 while (fd
!= -1 && fd
< 2)
898 die("open /dev/null or dup failed: %s", strerror(errno
));
903 static void daemonize(void)
909 die("fork failed: %s", strerror(errno
));
914 die("setsid failed: %s", strerror(errno
));
921 static void store_pid(const char *path
)
923 FILE *f
= fopen(path
, "w");
925 die("cannot open pid file %s: %s", path
, strerror(errno
));
926 if (fprintf(f
, "%d\n", getpid()) < 0 || fclose(f
) != 0)
927 die("failed to write pid file %s: %s", path
, strerror(errno
));
930 static int serve(char *listen_addr
, int listen_port
, struct passwd
*pass
, gid_t gid
)
932 int socknum
, *socklist
;
934 socknum
= socksetup(listen_addr
, listen_port
, &socklist
);
936 die("unable to allocate any listen sockets on host %s port %u",
937 listen_addr
, listen_port
);
940 (initgroups(pass
->pw_name
, gid
) || setgid (gid
) ||
941 setuid(pass
->pw_uid
)))
942 die("cannot drop privileges");
944 return service_loop(socknum
, socklist
);
947 int main(int argc
, char **argv
)
950 char *listen_addr
= NULL
;
952 const char *pid_file
= NULL
, *user_name
= NULL
, *group_name
= NULL
;
954 struct passwd
*pass
= NULL
;
959 for (i
= 1; i
< argc
; i
++) {
962 if (!prefixcmp(arg
, "--listen=")) {
964 char *ph
= listen_addr
= xmalloc(strlen(arg
+ 9) + 1);
966 *ph
++ = tolower(*p
++);
970 if (!prefixcmp(arg
, "--port=")) {
973 n
= strtoul(arg
+7, &end
, 0);
974 if (arg
[7] && !*end
) {
979 if (!strcmp(arg
, "--inetd")) {
984 if (!strcmp(arg
, "--verbose")) {
988 if (!strcmp(arg
, "--syslog")) {
992 if (!strcmp(arg
, "--export-all")) {
993 export_all_trees
= 1;
996 if (!prefixcmp(arg
, "--timeout=")) {
997 timeout
= atoi(arg
+10);
1000 if (!prefixcmp(arg
, "--init-timeout=")) {
1001 init_timeout
= atoi(arg
+15);
1004 if (!prefixcmp(arg
, "--max-connections=")) {
1005 max_connections
= atoi(arg
+18);
1006 if (max_connections
< 0)
1007 max_connections
= 0; /* unlimited */
1010 if (!strcmp(arg
, "--strict-paths")) {
1014 if (!prefixcmp(arg
, "--base-path=")) {
1018 if (!strcmp(arg
, "--base-path-relaxed")) {
1019 base_path_relaxed
= 1;
1022 if (!prefixcmp(arg
, "--interpolated-path=")) {
1023 interpolated_path
= arg
+20;
1026 if (!strcmp(arg
, "--reuseaddr")) {
1030 if (!strcmp(arg
, "--user-path")) {
1034 if (!prefixcmp(arg
, "--user-path=")) {
1035 user_path
= arg
+ 12;
1038 if (!prefixcmp(arg
, "--pid-file=")) {
1039 pid_file
= arg
+ 11;
1042 if (!strcmp(arg
, "--detach")) {
1047 if (!prefixcmp(arg
, "--user=")) {
1048 user_name
= arg
+ 7;
1051 if (!prefixcmp(arg
, "--group=")) {
1052 group_name
= arg
+ 8;
1055 if (!prefixcmp(arg
, "--enable=")) {
1056 enable_service(arg
+ 9, 1);
1059 if (!prefixcmp(arg
, "--disable=")) {
1060 enable_service(arg
+ 10, 0);
1063 if (!prefixcmp(arg
, "--allow-override=")) {
1064 make_service_overridable(arg
+ 17, 1);
1067 if (!prefixcmp(arg
, "--forbid-override=")) {
1068 make_service_overridable(arg
+ 18, 0);
1071 if (!strcmp(arg
, "--")) {
1072 ok_paths
= &argv
[i
+1];
1074 } else if (arg
[0] != '-') {
1075 ok_paths
= &argv
[i
];
1079 usage(daemon_usage
);
1083 openlog("git-daemon", LOG_PID
, LOG_DAEMON
);
1084 set_die_routine(daemon_die
);
1086 setlinebuf(stderr
); /* avoid splitting a message in the middle */
1088 if (inetd_mode
&& (group_name
|| user_name
))
1089 die("--user and --group are incompatible with --inetd");
1091 if (inetd_mode
&& (listen_port
|| listen_addr
))
1092 die("--listen= and --port= are incompatible with --inetd");
1093 else if (listen_port
== 0)
1094 listen_port
= DEFAULT_GIT_PORT
;
1096 if (group_name
&& !user_name
)
1097 die("--group supplied without --user");
1100 pass
= getpwnam(user_name
);
1102 die("user not found - %s", user_name
);
1107 group
= getgrnam(group_name
);
1109 die("group not found - %s", group_name
);
1111 gid
= group
->gr_gid
;
1115 if (strict_paths
&& (!ok_paths
|| !*ok_paths
))
1116 die("option --strict-paths requires a whitelist");
1121 if (stat(base_path
, &st
) || !S_ISDIR(st
.st_mode
))
1122 die("base-path '%s' does not exist or "
1123 "is not a directory", base_path
);
1127 struct sockaddr_storage ss
;
1128 struct sockaddr
*peer
= (struct sockaddr
*)&ss
;
1129 socklen_t slen
= sizeof(ss
);
1131 freopen("/dev/null", "w", stderr
);
1133 if (getpeername(0, peer
, &slen
))
1136 return execute(peer
);
1141 loginfo("Ready to rumble");
1147 store_pid(pid_file
);
1149 return serve(listen_addr
, listen_port
, pass
, gid
);