1 /* Inner loops of cache daemon.
2 Copyright (C) 1998-2003, 2004, 2005, 2006, 2007 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
4 Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published
8 by the Free Software Foundation; version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software Foundation,
18 Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
34 #include <arpa/inet.h>
36 # include <sys/epoll.h>
39 #include <sys/param.h>
42 # include <sys/sendfile.h>
44 #include <sys/socket.h>
52 # include <kernel-features.h>
56 /* Wrapper functions with error checking for standard functions. */
57 extern void *xmalloc (size_t n
);
58 extern void *xcalloc (size_t n
, size_t s
);
59 extern void *xrealloc (void *o
, size_t n
);
61 /* Support to run nscd as an unprivileged user */
62 const char *server_user
;
63 static uid_t server_uid
;
64 static gid_t server_gid
;
65 const char *stat_user
;
67 static gid_t
*server_groups
;
71 static int server_ngroups
;
73 static pthread_attr_t attr
;
75 static void begin_drop_privileges (void);
76 static void finish_drop_privileges (void);
78 /* Map request type to a string. */
79 const char *const serv2str
[LASTREQ
] =
81 [GETPWBYNAME
] = "GETPWBYNAME",
82 [GETPWBYUID
] = "GETPWBYUID",
83 [GETGRBYNAME
] = "GETGRBYNAME",
84 [GETGRBYGID
] = "GETGRBYGID",
85 [GETHOSTBYNAME
] = "GETHOSTBYNAME",
86 [GETHOSTBYNAMEv6
] = "GETHOSTBYNAMEv6",
87 [GETHOSTBYADDR
] = "GETHOSTBYADDR",
88 [GETHOSTBYADDRv6
] = "GETHOSTBYADDRv6",
89 [SHUTDOWN
] = "SHUTDOWN",
90 [GETSTAT
] = "GETSTAT",
91 [INVALIDATE
] = "INVALIDATE",
92 [GETFDPW
] = "GETFDPW",
93 [GETFDGR
] = "GETFDGR",
94 [GETFDHST
] = "GETFDHST",
96 [INITGROUPS
] = "INITGROUPS",
97 [GETSERVBYNAME
] = "GETSERVBYNAME",
98 [GETSERVBYPORT
] = "GETSERVBYPORT",
99 [GETFDSERV
] = "GETFDSERV"
102 /* The control data structures for the services. */
103 struct database_dyn dbs
[lastdb
] =
106 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
107 .prunelock
= PTHREAD_MUTEX_INITIALIZER
,
113 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
115 .filename
= "/etc/passwd",
116 .db_filename
= _PATH_NSCD_PASSWD_DB
,
117 .disabled_iov
= &pwd_iov_disabled
,
125 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
126 .prunelock
= PTHREAD_MUTEX_INITIALIZER
,
132 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
134 .filename
= "/etc/group",
135 .db_filename
= _PATH_NSCD_GROUP_DB
,
136 .disabled_iov
= &grp_iov_disabled
,
144 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
145 .prunelock
= PTHREAD_MUTEX_INITIALIZER
,
149 .propagate
= 0, /* Not used. */
151 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
153 .filename
= "/etc/hosts",
154 .db_filename
= _PATH_NSCD_HOSTS_DB
,
155 .disabled_iov
= &hst_iov_disabled
,
163 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
164 .prunelock
= PTHREAD_MUTEX_INITIALIZER
,
168 .propagate
= 0, /* Not used. */
170 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
172 .filename
= "/etc/services",
173 .db_filename
= _PATH_NSCD_SERVICES_DB
,
174 .disabled_iov
= &serv_iov_disabled
,
184 /* Mapping of request type to database. */
188 struct database_dyn
*db
;
189 } const reqinfo
[LASTREQ
] =
191 [GETPWBYNAME
] = { true, &dbs
[pwddb
] },
192 [GETPWBYUID
] = { true, &dbs
[pwddb
] },
193 [GETGRBYNAME
] = { true, &dbs
[grpdb
] },
194 [GETGRBYGID
] = { true, &dbs
[grpdb
] },
195 [GETHOSTBYNAME
] = { true, &dbs
[hstdb
] },
196 [GETHOSTBYNAMEv6
] = { true, &dbs
[hstdb
] },
197 [GETHOSTBYADDR
] = { true, &dbs
[hstdb
] },
198 [GETHOSTBYADDRv6
] = { true, &dbs
[hstdb
] },
199 [SHUTDOWN
] = { false, NULL
},
200 [GETSTAT
] = { false, NULL
},
201 [SHUTDOWN
] = { false, NULL
},
202 [GETFDPW
] = { false, &dbs
[pwddb
] },
203 [GETFDGR
] = { false, &dbs
[grpdb
] },
204 [GETFDHST
] = { false, &dbs
[hstdb
] },
205 [GETAI
] = { true, &dbs
[hstdb
] },
206 [INITGROUPS
] = { true, &dbs
[grpdb
] },
207 [GETSERVBYNAME
] = { true, &dbs
[servdb
] },
208 [GETSERVBYPORT
] = { true, &dbs
[servdb
] },
209 [GETFDSERV
] = { false, &dbs
[servdb
] }
213 /* Number of seconds between two cache pruning runs. */
214 #define CACHE_PRUNE_INTERVAL 15
217 /* Initial number of threads to use. */
219 /* Maximum number of threads to use. */
220 int max_nthreads
= 32;
222 /* Socket for incoming connections. */
225 /* Number of times clients had to wait. */
226 unsigned long int client_queued
;
230 writeall (int fd
, const void *buf
, size_t len
)
236 ret
= TEMP_FAILURE_RETRY (send (fd
, buf
, n
, MSG_NOSIGNAL
));
239 buf
= (const char *) buf
+ ret
;
243 return ret
< 0 ? ret
: len
- n
;
249 sendfileall (int tofd
, int fromfd
, off_t off
, size_t len
)
256 ret
= TEMP_FAILURE_RETRY (sendfile (tofd
, fromfd
, &off
, n
));
262 return ret
< 0 ? ret
: len
- n
;
270 /* The following three are not really used, they are symbolic constants. */
276 use_he_begin
= use_he
| use_begin
,
277 use_he_end
= use_he
| use_end
,
280 use_key_begin
= use_key
| use_begin
,
281 use_key_end
= use_key
| use_end
,
282 use_key_first
= use_key_begin
| use_first
,
285 use_data_begin
= use_data
| use_begin
,
286 use_data_end
= use_data
| use_end
,
287 use_data_first
= use_data_begin
| use_first
292 check_use (const char *data
, nscd_ssize_t first_free
, uint8_t *usemap
,
293 enum usekey use
, ref_t start
, size_t len
)
297 if (start
> first_free
|| start
+ len
> first_free
298 || (start
& BLOCK_ALIGN_M1
))
301 if (usemap
[start
] == use_not
)
303 /* Add the start marker. */
304 usemap
[start
] = use
| use_begin
;
308 if (usemap
[++start
] != use_not
)
313 /* Add the end marker. */
314 usemap
[start
] = use
| use_end
;
316 else if ((usemap
[start
] & ~use_first
) == ((use
| use_begin
) & ~use_first
))
318 /* Hash entries can't be shared. */
322 usemap
[start
] |= (use
& use_first
);
326 if (usemap
[++start
] != use
)
329 if (usemap
[++start
] != (use
| use_end
))
333 /* Points to a wrong object or somewhere in the middle. */
340 /* Verify data in persistent database. */
342 verify_persistent_db (void *mem
, struct database_pers_head
*readhead
, int dbnr
)
344 assert (dbnr
== pwddb
|| dbnr
== grpdb
|| dbnr
== hstdb
|| dbnr
== servdb
);
346 time_t now
= time (NULL
);
348 struct database_pers_head
*head
= mem
;
349 struct database_pers_head head_copy
= *head
;
351 /* Check that the header that was read matches the head in the database. */
352 if (readhead
!= NULL
&& memcmp (head
, readhead
, sizeof (*head
)) != 0)
355 /* First some easy tests: make sure the database header is sane. */
356 if (head
->version
!= DB_VERSION
357 || head
->header_size
!= sizeof (*head
)
358 /* We allow a timestamp to be one hour ahead of the current time.
359 This should cover daylight saving time changes. */
360 || head
->timestamp
> now
+ 60 * 60 + 60
361 || (head
->gc_cycle
& 1)
362 || (size_t) head
->module
> INT32_MAX
/ sizeof (ref_t
)
363 || (size_t) head
->data_size
> INT32_MAX
- head
->module
* sizeof (ref_t
)
364 || head
->first_free
< 0
365 || head
->first_free
> head
->data_size
366 || (head
->first_free
& BLOCK_ALIGN_M1
) != 0
367 || head
->maxnentries
< 0
368 || head
->maxnsearched
< 0)
371 uint8_t *usemap
= calloc (head
->first_free
, 1);
375 const char *data
= (char *) &head
->array
[roundup (head
->module
,
376 ALIGN
/ sizeof (ref_t
))];
378 nscd_ssize_t he_cnt
= 0;
379 for (nscd_ssize_t cnt
= 0; cnt
< head
->module
; ++cnt
)
381 ref_t trail
= head
->array
[cnt
];
385 while (work
!= ENDREF
)
387 if (! check_use (data
, head
->first_free
, usemap
, use_he
, work
,
388 sizeof (struct hashentry
)))
391 /* Now we know we can dereference the record. */
392 struct hashentry
*here
= (struct hashentry
*) (data
+ work
);
396 /* Make sure the record is for this type of service. */
397 if (here
->type
>= LASTREQ
398 || reqinfo
[here
->type
].db
!= &dbs
[dbnr
])
401 /* Validate boolean field value. */
402 if (here
->first
!= false && here
->first
!= true)
410 || here
->packet
> head
->first_free
411 || here
->packet
+ sizeof (struct datahead
) > head
->first_free
)
414 struct datahead
*dh
= (struct datahead
*) (data
+ here
->packet
);
416 if (! check_use (data
, head
->first_free
, usemap
,
417 use_data
| (here
->first
? use_first
: 0),
418 here
->packet
, dh
->allocsize
))
421 if (dh
->allocsize
< sizeof (struct datahead
)
422 || dh
->recsize
> dh
->allocsize
423 || (dh
->notfound
!= false && dh
->notfound
!= true)
424 || (dh
->usable
!= false && dh
->usable
!= true))
427 if (here
->key
< here
->packet
+ sizeof (struct datahead
)
428 || here
->key
> here
->packet
+ dh
->allocsize
429 || here
->key
+ here
->len
> here
->packet
+ dh
->allocsize
)
432 /* If keys can appear outside of data, this should be done
433 instead. But gc doesn't mark the data in that case. */
434 if (! check_use (data
, head
->first_free
, usemap
,
435 use_key
| (here
->first
? use_first
: 0),
436 here
->key
, here
->len
))
444 /* A circular list, this must not happen. */
447 trail
= ((struct hashentry
*) (data
+ trail
))->next
;
452 if (he_cnt
!= head
->nentries
)
455 /* See if all data and keys had at least one reference from
456 he->first == true hashentry. */
457 for (ref_t idx
= 0; idx
< head
->first_free
; ++idx
)
460 if (usemap
[idx
] == use_key_begin
)
463 if (usemap
[idx
] == use_data_begin
)
467 /* Finally, make sure the database hasn't changed since the first test. */
468 if (memcmp (mem
, &head_copy
, sizeof (*head
)) != 0)
481 # define EXTRA_O_FLAGS O_CLOEXEC
483 # define EXTRA_O_FLAGS 0
487 /* Initialize database information structures. */
491 /* Look up unprivileged uid/gid/groups before we start listening on the
493 if (server_user
!= NULL
)
494 begin_drop_privileges ();
497 /* No configuration for this value, assume a default. */
498 nthreads
= 2 * lastdb
;
500 for (size_t cnt
= 0; cnt
< lastdb
; ++cnt
)
501 if (dbs
[cnt
].enabled
)
503 pthread_rwlock_init (&dbs
[cnt
].lock
, NULL
);
504 pthread_mutex_init (&dbs
[cnt
].memlock
, NULL
);
506 if (dbs
[cnt
].persistent
)
508 /* Try to open the appropriate file on disk. */
509 int fd
= open (dbs
[cnt
].db_filename
, O_RDWR
| EXTRA_O_FLAGS
);
515 struct database_pers_head head
;
516 ssize_t n
= TEMP_FAILURE_RETRY (read (fd
, &head
,
518 if (n
!= sizeof (head
) || fstat64 (fd
, &st
) != 0)
521 dbg_log (_("invalid persistent database file \"%s\": %s"),
522 dbs
[cnt
].db_filename
, strerror (errno
));
523 unlink (dbs
[cnt
].db_filename
);
525 else if (head
.module
== 0 && head
.data_size
== 0)
527 /* The file has been created, but the head has not been
528 initialized yet. Remove the old file. */
529 unlink (dbs
[cnt
].db_filename
);
531 else if (head
.header_size
!= (int) sizeof (head
))
533 dbg_log (_("invalid persistent database file \"%s\": %s"),
534 dbs
[cnt
].db_filename
,
535 _("header size does not match"));
536 unlink (dbs
[cnt
].db_filename
);
538 else if ((total
= (sizeof (head
)
539 + roundup (head
.module
* sizeof (ref_t
),
543 || total
< sizeof (head
))
545 dbg_log (_("invalid persistent database file \"%s\": %s"),
546 dbs
[cnt
].db_filename
,
547 _("file size does not match"));
548 unlink (dbs
[cnt
].db_filename
);
550 /* Note we map with the maximum size allowed for the
551 database. This is likely much larger than the
552 actual file size. This is OK on most OSes since
553 extensions of the underlying file will
554 automatically translate more pages available for
556 else if ((mem
= mmap (NULL
, dbs
[cnt
].max_db_size
,
557 PROT_READ
| PROT_WRITE
,
561 else if (!verify_persistent_db (mem
, &head
, cnt
))
564 dbg_log (_("invalid persistent database file \"%s\": %s"),
565 dbs
[cnt
].db_filename
,
566 _("verification failed"));
567 unlink (dbs
[cnt
].db_filename
);
571 /* Success. We have the database. */
573 dbs
[cnt
].memsize
= total
;
574 dbs
[cnt
].data
= (char *)
575 &dbs
[cnt
].head
->array
[roundup (dbs
[cnt
].head
->module
,
576 ALIGN
/ sizeof (ref_t
))];
577 dbs
[cnt
].mmap_used
= true;
579 if (dbs
[cnt
].suggested_module
> head
.module
)
580 dbg_log (_("suggested size of table for database %s larger than the persistent database's table"),
585 /* We also need a read-only descriptor. */
588 dbs
[cnt
].ro_fd
= open (dbs
[cnt
].db_filename
,
589 O_RDONLY
| EXTRA_O_FLAGS
);
590 if (dbs
[cnt
].ro_fd
== -1)
592 cannot create read-only descriptor for \"%s\"; no mmap"),
593 dbs
[cnt
].db_filename
);
596 // XXX Shall we test whether the descriptors actually
597 // XXX point to the same file?
600 /* Close the file descriptors in case something went
601 wrong in which case the variable have not been
608 if (dbs
[cnt
].head
== NULL
)
610 /* No database loaded. Allocate the data structure,
612 struct database_pers_head head
;
613 size_t total
= (sizeof (head
)
614 + roundup (dbs
[cnt
].suggested_module
615 * sizeof (ref_t
), ALIGN
)
616 + (dbs
[cnt
].suggested_module
617 * DEFAULT_DATASIZE_PER_BUCKET
));
619 /* Try to create the database. If we do not need a
620 persistent database create a temporary file. */
623 if (dbs
[cnt
].persistent
)
625 fd
= open (dbs
[cnt
].db_filename
,
626 O_RDWR
| O_CREAT
| O_EXCL
| O_TRUNC
| EXTRA_O_FLAGS
,
628 if (fd
!= -1 && dbs
[cnt
].shared
)
629 ro_fd
= open (dbs
[cnt
].db_filename
,
630 O_RDONLY
| EXTRA_O_FLAGS
);
634 char fname
[] = _PATH_NSCD_XYZ_DB_TMP
;
635 fd
= mkostemp (fname
, EXTRA_O_FLAGS
);
637 /* We do not need the file name anymore after we
638 opened another file descriptor in read-only mode. */
642 ro_fd
= open (fname
, O_RDONLY
| EXTRA_O_FLAGS
);
652 dbg_log (_("database for %s corrupted or simultaneously used; remove %s manually if necessary and restart"),
653 dbnames
[cnt
], dbs
[cnt
].db_filename
);
654 // XXX Correct way to terminate?
658 if (dbs
[cnt
].persistent
)
659 dbg_log (_("cannot create %s; no persistent database used"),
660 dbs
[cnt
].db_filename
);
662 dbg_log (_("cannot create %s; no sharing possible"),
663 dbs
[cnt
].db_filename
);
665 dbs
[cnt
].persistent
= 0;
666 // XXX remember: no mmap
670 /* Tell the user if we could not create the read-only
672 if (ro_fd
== -1 && dbs
[cnt
].shared
)
674 cannot create read-only descriptor for \"%s\"; no mmap"),
675 dbs
[cnt
].db_filename
);
677 /* Before we create the header, initialiye the hash
678 table. So that if we get interrupted if writing
679 the header we can recognize a partially initialized
681 size_t ps
= sysconf (_SC_PAGESIZE
);
683 assert (~ENDREF
== 0);
684 memset (tmpbuf
, '\xff', ps
);
686 size_t remaining
= dbs
[cnt
].suggested_module
* sizeof (ref_t
);
687 off_t offset
= sizeof (head
);
690 if (offset
% ps
!= 0)
692 towrite
= MIN (remaining
, ps
- (offset
% ps
));
693 if (pwrite (fd
, tmpbuf
, towrite
, offset
) != towrite
)
696 remaining
-= towrite
;
699 while (remaining
> ps
)
701 if (pwrite (fd
, tmpbuf
, ps
, offset
) == -1)
708 && pwrite (fd
, tmpbuf
, remaining
, offset
) != remaining
)
711 /* Create the header of the file. */
712 struct database_pers_head head
=
714 .version
= DB_VERSION
,
715 .header_size
= sizeof (head
),
716 .module
= dbs
[cnt
].suggested_module
,
717 .data_size
= (dbs
[cnt
].suggested_module
718 * DEFAULT_DATASIZE_PER_BUCKET
),
723 if ((TEMP_FAILURE_RETRY (write (fd
, &head
, sizeof (head
)))
725 || (TEMP_FAILURE_RETRY_VAL (posix_fallocate (fd
, 0, total
))
727 || (mem
= mmap (NULL
, dbs
[cnt
].max_db_size
,
728 PROT_READ
| PROT_WRITE
,
729 MAP_SHARED
, fd
, 0)) == MAP_FAILED
)
732 unlink (dbs
[cnt
].db_filename
);
733 dbg_log (_("cannot write to database file %s: %s"),
734 dbs
[cnt
].db_filename
, strerror (errno
));
735 dbs
[cnt
].persistent
= 0;
741 dbs
[cnt
].data
= (char *)
742 &dbs
[cnt
].head
->array
[roundup (dbs
[cnt
].head
->module
,
743 ALIGN
/ sizeof (ref_t
))];
744 dbs
[cnt
].memsize
= total
;
745 dbs
[cnt
].mmap_used
= true;
747 /* Remember the descriptors. */
749 dbs
[cnt
].ro_fd
= ro_fd
;
761 #if !defined O_CLOEXEC || !defined __ASSUME_O_CLOEXEC
762 /* We do not check here whether the O_CLOEXEC provided to the
763 open call was successful or not. The two fcntl calls are
764 only performed once each per process start-up and therefore
765 is not noticeable at all. */
767 && ((dbs
[cnt
].wr_fd
!= -1
768 && fcntl (dbs
[cnt
].wr_fd
, F_SETFD
, FD_CLOEXEC
) == -1)
769 || (dbs
[cnt
].ro_fd
!= -1
770 && fcntl (dbs
[cnt
].ro_fd
, F_SETFD
, FD_CLOEXEC
) == -1)))
773 cannot set socket to close on exec: %s; disabling paranoia mode"),
779 if (dbs
[cnt
].head
== NULL
)
781 /* We do not use the persistent database. Just
782 create an in-memory data structure. */
783 assert (! dbs
[cnt
].persistent
);
785 dbs
[cnt
].head
= xmalloc (sizeof (struct database_pers_head
)
786 + (dbs
[cnt
].suggested_module
788 memset (dbs
[cnt
].head
, '\0', sizeof (struct database_pers_head
));
789 assert (~ENDREF
== 0);
790 memset (dbs
[cnt
].head
->array
, '\xff',
791 dbs
[cnt
].suggested_module
* sizeof (ref_t
));
792 dbs
[cnt
].head
->module
= dbs
[cnt
].suggested_module
;
793 dbs
[cnt
].head
->data_size
= (DEFAULT_DATASIZE_PER_BUCKET
794 * dbs
[cnt
].head
->module
);
795 dbs
[cnt
].data
= xmalloc (dbs
[cnt
].head
->data_size
);
796 dbs
[cnt
].head
->first_free
= 0;
799 assert (dbs
[cnt
].ro_fd
== -1);
802 if (dbs
[cnt
].check_file
)
804 /* We need the modification date of the file. */
807 if (stat64 (dbs
[cnt
].filename
, &st
) < 0)
809 /* We cannot stat() the file, disable file checking. */
810 dbg_log (_("cannot stat() file `%s': %s"),
811 dbs
[cnt
].filename
, strerror (errno
));
812 dbs
[cnt
].check_file
= 0;
815 dbs
[cnt
].file_mtime
= st
.st_mtime
;
819 /* Create the socket. */
820 sock
= socket (AF_UNIX
, SOCK_STREAM
, 0);
823 dbg_log (_("cannot open socket: %s"), strerror (errno
));
824 exit (errno
== EACCES
? 4 : 1);
826 /* Bind a name to the socket. */
827 struct sockaddr_un sock_addr
;
828 sock_addr
.sun_family
= AF_UNIX
;
829 strcpy (sock_addr
.sun_path
, _PATH_NSCDSOCKET
);
830 if (bind (sock
, (struct sockaddr
*) &sock_addr
, sizeof (sock_addr
)) < 0)
832 dbg_log ("%s: %s", _PATH_NSCDSOCKET
, strerror (errno
));
833 exit (errno
== EACCES
? 4 : 1);
836 /* We don't want to get stuck on accept. */
837 int fl
= fcntl (sock
, F_GETFL
);
838 if (fl
== -1 || fcntl (sock
, F_SETFL
, fl
| O_NONBLOCK
) == -1)
840 dbg_log (_("cannot change socket to nonblocking mode: %s"),
845 /* The descriptor needs to be closed on exec. */
846 if (paranoia
&& fcntl (sock
, F_SETFD
, FD_CLOEXEC
) == -1)
848 dbg_log (_("cannot set socket to close on exec: %s"),
853 /* Set permissions for the socket. */
854 chmod (_PATH_NSCDSOCKET
, DEFFILEMODE
);
856 /* Set the socket up to accept connections. */
857 if (listen (sock
, SOMAXCONN
) < 0)
859 dbg_log (_("cannot enable socket to accept connections: %s"),
864 /* Change to unprivileged uid/gid/groups if specifed in config file */
865 if (server_user
!= NULL
)
866 finish_drop_privileges ();
870 /* Close the connections. */
879 invalidate_cache (char *key
, int fd
)
884 for (number
= pwddb
; number
< lastdb
; ++number
)
885 if (strcmp (key
, dbnames
[number
]) == 0)
887 if (dbs
[number
].reset_res
)
893 if (number
== lastdb
)
896 writeall (fd
, &resp
, sizeof (resp
));
900 if (dbs
[number
].enabled
)
901 prune_cache (&dbs
[number
], LONG_MAX
, fd
);
905 writeall (fd
, &resp
, sizeof (resp
));
912 send_ro_fd (struct database_dyn
*db
, char *key
, int fd
)
914 /* If we do not have an read-only file descriptor do nothing. */
918 /* We need to send some data along with the descriptor. */
919 uint64_t mapsize
= (db
->head
->data_size
920 + roundup (db
->head
->module
* sizeof (ref_t
), ALIGN
)
921 + sizeof (struct database_pers_head
));
923 iov
[0].iov_base
= key
;
924 iov
[0].iov_len
= strlen (key
) + 1;
925 iov
[1].iov_base
= &mapsize
;
926 iov
[1].iov_len
= sizeof (mapsize
);
928 /* Prepare the control message to transfer the descriptor. */
932 char bytes
[CMSG_SPACE (sizeof (int))];
934 struct msghdr msg
= { .msg_iov
= iov
, .msg_iovlen
= 2,
935 .msg_control
= buf
.bytes
,
936 .msg_controllen
= sizeof (buf
) };
937 struct cmsghdr
*cmsg
= CMSG_FIRSTHDR (&msg
);
939 cmsg
->cmsg_level
= SOL_SOCKET
;
940 cmsg
->cmsg_type
= SCM_RIGHTS
;
941 cmsg
->cmsg_len
= CMSG_LEN (sizeof (int));
943 *(int *) CMSG_DATA (cmsg
) = db
->ro_fd
;
945 msg
.msg_controllen
= cmsg
->cmsg_len
;
947 /* Send the control message. We repeat when we are interrupted but
948 everything else is ignored. */
950 # define MSG_NOSIGNAL 0
952 (void) TEMP_FAILURE_RETRY (sendmsg (fd
, &msg
, MSG_NOSIGNAL
));
954 if (__builtin_expect (debug_level
> 0, 0))
955 dbg_log (_("provide access to FD %d, for %s"), db
->ro_fd
, key
);
957 #endif /* SCM_RIGHTS */
960 /* Handle new request. */
962 handle_request (int fd
, request_header
*req
, void *key
, uid_t uid
)
964 if (__builtin_expect (req
->version
, NSCD_VERSION
) != NSCD_VERSION
)
968 cannot handle old request version %d; current version is %d"),
969 req
->version
, NSCD_VERSION
);
973 /* Make the SELinux check before we go on to the standard checks. */
974 if (selinux_enabled
&& nscd_request_avc_has_perm (fd
, req
->type
) != 0)
977 struct database_dyn
*db
= reqinfo
[req
->type
].db
;
979 /* See whether we can service the request from the cache. */
980 if (__builtin_expect (reqinfo
[req
->type
].data_request
, true))
982 if (__builtin_expect (debug_level
, 0) > 0)
984 if (req
->type
== GETHOSTBYADDR
|| req
->type
== GETHOSTBYADDRv6
)
986 char buf
[INET6_ADDRSTRLEN
];
988 dbg_log ("\t%s (%s)", serv2str
[req
->type
],
989 inet_ntop (req
->type
== GETHOSTBYADDR
990 ? AF_INET
: AF_INET6
,
991 key
, buf
, sizeof (buf
)));
994 dbg_log ("\t%s (%s)", serv2str
[req
->type
], (char *) key
);
997 /* Is this service enabled? */
998 if (__builtin_expect (!db
->enabled
, 0))
1000 /* No, sent the prepared record. */
1001 if (TEMP_FAILURE_RETRY (send (fd
, db
->disabled_iov
->iov_base
,
1002 db
->disabled_iov
->iov_len
,
1004 != (ssize_t
) db
->disabled_iov
->iov_len
1005 && __builtin_expect (debug_level
, 0) > 0)
1007 /* We have problems sending the result. */
1009 dbg_log (_("cannot write result: %s"),
1010 strerror_r (errno
, buf
, sizeof (buf
)));
1016 /* Be sure we can read the data. */
1017 if (__builtin_expect (pthread_rwlock_tryrdlock (&db
->lock
) != 0, 0))
1019 ++db
->head
->rdlockdelayed
;
1020 pthread_rwlock_rdlock (&db
->lock
);
1023 /* See whether we can handle it from the cache. */
1024 struct datahead
*cached
;
1025 cached
= (struct datahead
*) cache_search (req
->type
, key
, req
->key_len
,
1029 /* Hurray it's in the cache. */
1032 #ifdef HAVE_SENDFILE
1033 if (__builtin_expect (db
->mmap_used
, 1))
1035 assert (db
->wr_fd
!= -1);
1036 assert ((char *) cached
->data
> (char *) db
->data
);
1037 assert ((char *) cached
->data
- (char *) db
->head
1039 <= (sizeof (struct database_pers_head
)
1040 + db
->head
->module
* sizeof (ref_t
)
1041 + db
->head
->data_size
));
1042 nwritten
= sendfileall (fd
, db
->wr_fd
,
1043 (char *) cached
->data
1044 - (char *) db
->head
, cached
->recsize
);
1045 # ifndef __ASSUME_SENDFILE
1046 if (nwritten
== -1 && errno
== ENOSYS
)
1051 # ifndef __ASSUME_SENDFILE
1055 nwritten
= writeall (fd
, cached
->data
, cached
->recsize
);
1057 if (nwritten
!= cached
->recsize
1058 && __builtin_expect (debug_level
, 0) > 0)
1060 /* We have problems sending the result. */
1062 dbg_log (_("cannot write result: %s"),
1063 strerror_r (errno
, buf
, sizeof (buf
)));
1066 pthread_rwlock_unlock (&db
->lock
);
1071 pthread_rwlock_unlock (&db
->lock
);
1073 else if (__builtin_expect (debug_level
, 0) > 0)
1075 if (req
->type
== INVALIDATE
)
1076 dbg_log ("\t%s (%s)", serv2str
[req
->type
], (char *) key
);
1078 dbg_log ("\t%s", serv2str
[req
->type
]);
1081 /* Handle the request. */
1085 addpwbyname (db
, fd
, req
, key
, uid
);
1089 addpwbyuid (db
, fd
, req
, key
, uid
);
1093 addgrbyname (db
, fd
, req
, key
, uid
);
1097 addgrbygid (db
, fd
, req
, key
, uid
);
1101 addhstbyname (db
, fd
, req
, key
, uid
);
1104 case GETHOSTBYNAMEv6
:
1105 addhstbynamev6 (db
, fd
, req
, key
, uid
);
1109 addhstbyaddr (db
, fd
, req
, key
, uid
);
1112 case GETHOSTBYADDRv6
:
1113 addhstbyaddrv6 (db
, fd
, req
, key
, uid
);
1117 addhstai (db
, fd
, req
, key
, uid
);
1121 addinitgroups (db
, fd
, req
, key
, uid
);
1125 addservbyname (db
, fd
, req
, key
, uid
);
1129 addservbyport (db
, fd
, req
, key
, uid
);
1136 /* Get the callers credentials. */
1138 struct ucred caller
;
1139 socklen_t optlen
= sizeof (caller
);
1141 if (getsockopt (fd
, SOL_SOCKET
, SO_PEERCRED
, &caller
, &optlen
) < 0)
1145 dbg_log (_("error getting caller's id: %s"),
1146 strerror_r (errno
, buf
, sizeof (buf
)));
1152 /* Some systems have no SO_PEERCRED implementation. They don't
1153 care about security so we don't as well. */
1158 /* Accept shutdown, getstat and invalidate only from root. For
1159 the stat call also allow the user specified in the config file. */
1160 if (req
->type
== GETSTAT
)
1162 if (uid
== 0 || uid
== stat_uid
)
1163 send_stats (fd
, dbs
);
1167 if (req
->type
== INVALIDATE
)
1168 invalidate_cache (key
, fd
);
1170 termination_handler (0);
1179 send_ro_fd (reqinfo
[req
->type
].db
, key
, fd
);
1184 /* Ignore the command, it's nothing we know. */
1190 /* Restart the process. */
1194 /* First determine the parameters. We do not use the parameters
1195 passed to main() since in case nscd is started by running the
1196 dynamic linker this will not work. Yes, this is not the usual
1197 case but nscd is part of glibc and we occasionally do this. */
1198 size_t buflen
= 1024;
1199 char *buf
= alloca (buflen
);
1201 int fd
= open ("/proc/self/cmdline", O_RDONLY
);
1205 cannot open /proc/self/cmdline: %s; disabling paranoia mode"),
1214 ssize_t n
= TEMP_FAILURE_RETRY (read (fd
, buf
+ readlen
,
1219 cannot read /proc/self/cmdline: %s; disabling paranoia mode"),
1229 if (readlen
< buflen
)
1232 /* We might have to extend the buffer. */
1233 size_t old_buflen
= buflen
;
1234 char *newp
= extend_alloca (buf
, buflen
, 2 * buflen
);
1235 buf
= memmove (newp
, buf
, old_buflen
);
1240 /* Parse the command line. Worst case scenario: every two
1241 characters form one parameter (one character plus NUL). */
1242 char **argv
= alloca ((readlen
/ 2 + 1) * sizeof (argv
[0]));
1246 while (cp
< buf
+ readlen
)
1249 cp
= (char *) rawmemchr (cp
, '\0') + 1;
1253 /* Second, change back to the old user if we changed it. */
1254 if (server_user
!= NULL
)
1256 if (setresuid (old_uid
, old_uid
, old_uid
) != 0)
1259 cannot change to old UID: %s; disabling paranoia mode"),
1266 if (setresgid (old_gid
, old_gid
, old_gid
) != 0)
1269 cannot change to old GID: %s; disabling paranoia mode"),
1272 setuid (server_uid
);
1278 /* Next change back to the old working directory. */
1279 if (chdir (oldcwd
) == -1)
1282 cannot change to old working directory: %s; disabling paranoia mode"),
1285 if (server_user
!= NULL
)
1287 setuid (server_uid
);
1288 setgid (server_gid
);
1294 /* Synchronize memory. */
1295 for (int cnt
= 0; cnt
< lastdb
; ++cnt
)
1296 if (!dbs
[cnt
].enabled
)
1298 /* Make sure nobody keeps using the database. */
1299 dbs
[cnt
].head
->timestamp
= 0;
1301 if (dbs
[cnt
].persistent
)
1303 msync (dbs
[cnt
].head
, dbs
[cnt
].memsize
, MS_ASYNC
);
1306 /* The preparations are done. */
1307 execv ("/proc/self/exe", argv
);
1309 /* If we come here, we will never be able to re-exec. */
1310 dbg_log (_("re-exec failed: %s; disabling paranoia mode"),
1313 if (server_user
!= NULL
)
1315 setuid (server_uid
);
1316 setgid (server_gid
);
1318 if (chdir ("/") != 0)
1319 dbg_log (_("cannot change current working directory to \"/\": %s"),
1325 /* List of file descriptors. */
1329 struct fdlist
*next
;
1331 /* Memory allocated for the list. */
1332 static struct fdlist
*fdlist
;
1333 /* List of currently ready-to-read file descriptors. */
1334 static struct fdlist
*readylist
;
1336 /* Conditional variable and mutex to signal availability of entries in
1337 READYLIST. The condvar is initialized dynamically since we might
1338 use a different clock depending on availability. */
1339 static pthread_cond_t readylist_cond
;
1340 static pthread_mutex_t readylist_lock
= PTHREAD_MUTEX_INITIALIZER
;
1342 /* The clock to use with the condvar. */
1343 static clockid_t timeout_clock
= CLOCK_REALTIME
;
1345 /* Number of threads ready to handle the READYLIST. */
1346 static unsigned long int nready
;
1349 /* This is the main loop. It is replicated in different threads but the
1350 `poll' call makes sure only one thread handles an incoming connection. */
1352 __attribute__ ((__noreturn__
))
1355 const long int my_number
= (long int) p
;
1356 const int run_prune
= my_number
< lastdb
&& dbs
[my_number
].enabled
;
1357 struct timespec prune_ts
;
1363 setup_thread (&dbs
[my_number
]);
1365 /* We are running. */
1366 dbs
[my_number
].head
->timestamp
= time (NULL
);
1368 if (clock_gettime (timeout_clock
, &prune_ts
) == -1)
1369 /* Should never happen. */
1372 /* Compute timeout time. */
1373 prune_ts
.tv_sec
+= CACHE_PRUNE_INTERVAL
;
1376 /* Initial locking. */
1377 pthread_mutex_lock (&readylist_lock
);
1379 /* One more thread available. */
1384 while (readylist
== NULL
)
1388 /* Wait, but not forever. */
1389 to
= pthread_cond_timedwait (&readylist_cond
, &readylist_lock
,
1392 /* If we were woken and there is no work to be done,
1393 just start pruning. */
1394 if (readylist
== NULL
&& to
== ETIMEDOUT
)
1397 pthread_mutex_unlock (&readylist_lock
);
1402 /* No need to timeout. */
1403 pthread_cond_wait (&readylist_cond
, &readylist_lock
);
1406 struct fdlist
*it
= readylist
->next
;
1407 if (readylist
->next
== readylist
)
1408 /* Just one entry on the list. */
1411 readylist
->next
= it
->next
;
1413 /* Extract the information and mark the record ready to be used
1418 /* One more thread available. */
1421 /* We are done with the list. */
1422 pthread_mutex_unlock (&readylist_lock
);
1424 /* We do not want to block on a short read or so. */
1425 int fl
= fcntl (fd
, F_GETFL
);
1426 if (fl
== -1 || fcntl (fd
, F_SETFL
, fl
| O_NONBLOCK
) == -1)
1429 /* Now read the request. */
1431 if (__builtin_expect (TEMP_FAILURE_RETRY (read (fd
, &req
, sizeof (req
)))
1432 != sizeof (req
), 0))
1434 /* We failed to read data. Note that this also might mean we
1435 failed because we would have blocked. */
1436 if (debug_level
> 0)
1437 dbg_log (_("short read while reading request: %s"),
1438 strerror_r (errno
, buf
, sizeof (buf
)));
1442 /* Check whether this is a valid request type. */
1443 if (req
.type
< GETPWBYNAME
|| req
.type
>= LASTREQ
)
1446 /* Some systems have no SO_PEERCRED implementation. They don't
1447 care about security so we don't as well. */
1452 if (__builtin_expect (debug_level
> 0, 0))
1454 struct ucred caller
;
1455 socklen_t optlen
= sizeof (caller
);
1457 if (getsockopt (fd
, SOL_SOCKET
, SO_PEERCRED
, &caller
, &optlen
) == 0)
1462 /* It should not be possible to crash the nscd with a silly
1463 request (i.e., a terribly large key). We limit the size to 1kb. */
1464 if (__builtin_expect (req
.key_len
, 1) < 0
1465 || __builtin_expect (req
.key_len
, 1) > MAXKEYLEN
)
1467 if (debug_level
> 0)
1468 dbg_log (_("key length in request too long: %d"), req
.key_len
);
1473 char keybuf
[MAXKEYLEN
];
1475 if (__builtin_expect (TEMP_FAILURE_RETRY (read (fd
, keybuf
,
1479 /* Again, this can also mean we would have blocked. */
1480 if (debug_level
> 0)
1481 dbg_log (_("short read while reading request key: %s"),
1482 strerror_r (errno
, buf
, sizeof (buf
)));
1486 if (__builtin_expect (debug_level
, 0) > 0)
1491 handle_request: request received (Version = %d) from PID %ld"),
1492 req
.version
, (long int) pid
);
1496 handle_request: request received (Version = %d)"), req
.version
);
1499 /* Phew, we got all the data, now process it. */
1500 handle_request (fd
, &req
, keybuf
, uid
);
1507 /* Check whether we should be pruning the cache. */
1508 assert (run_prune
|| to
== 0);
1509 if (to
== ETIMEDOUT
)
1512 /* The pthread_cond_timedwait() call timed out. It is time
1513 to clean up the cache. */
1514 assert (my_number
< lastdb
);
1515 prune_cache (&dbs
[my_number
], time (NULL
), -1);
1517 if (clock_gettime (timeout_clock
, &prune_ts
) == -1)
1518 /* Should never happen. */
1521 /* Compute next timeout time. */
1522 prune_ts
.tv_sec
+= CACHE_PRUNE_INTERVAL
;
1524 /* In case the list is emtpy we do not want to run the prune
1525 code right away again. */
1530 pthread_mutex_lock (&readylist_lock
);
1532 /* One more thread available. */
1538 static unsigned int nconns
;
1543 pthread_mutex_lock (&readylist_lock
);
1545 /* Find an empty entry in FDLIST. */
1547 for (inner
= 0; inner
< nconns
; ++inner
)
1548 if (fdlist
[inner
].next
== NULL
)
1550 assert (inner
< nconns
);
1552 fdlist
[inner
].fd
= fd
;
1554 if (readylist
== NULL
)
1555 readylist
= fdlist
[inner
].next
= &fdlist
[inner
];
1558 fdlist
[inner
].next
= readylist
->next
;
1559 readylist
= readylist
->next
= &fdlist
[inner
];
1562 bool do_signal
= true;
1563 if (__builtin_expect (nready
== 0, 0))
1568 /* Try to start another thread to help out. */
1570 if (nthreads
< max_nthreads
1571 && pthread_create (&th
, &attr
, nscd_run
,
1572 (void *) (long int) nthreads
) == 0)
1574 /* We got another thread. */
1576 /* The new thread might need a kick. */
1582 pthread_mutex_unlock (&readylist_lock
);
1584 /* Tell one of the worker threads there is work to do. */
1586 pthread_cond_signal (&readylist_cond
);
1590 /* Check whether restarting should happen. */
1592 restart_p (time_t now
)
1594 return (paranoia
&& readylist
== NULL
&& nready
== nthreads
1595 && now
>= restart_time
);
1599 /* Array for times a connection was accepted. */
1600 static time_t *starttime
;
1604 __attribute__ ((__noreturn__
))
1605 main_loop_poll (void)
1607 struct pollfd
*conns
= (struct pollfd
*) xmalloc (nconns
1608 * sizeof (conns
[0]));
1611 conns
[0].events
= POLLRDNORM
;
1613 size_t firstfree
= 1;
1617 /* Wait for any event. We wait at most a couple of seconds so
1618 that we can check whether we should close any of the accepted
1619 connections since we have not received a request. */
1620 #define MAX_ACCEPT_TIMEOUT 30
1621 #define MIN_ACCEPT_TIMEOUT 5
1622 #define MAIN_THREAD_TIMEOUT \
1623 (MAX_ACCEPT_TIMEOUT * 1000 \
1624 - ((MAX_ACCEPT_TIMEOUT - MIN_ACCEPT_TIMEOUT) * 1000 * nused) / (2 * nconns))
1626 int n
= poll (conns
, nused
, MAIN_THREAD_TIMEOUT
);
1628 time_t now
= time (NULL
);
1630 /* If there is a descriptor ready for reading or there is a new
1631 connection, process this now. */
1634 if (conns
[0].revents
!= 0)
1636 /* We have a new incoming connection. Accept the connection. */
1637 int fd
= TEMP_FAILURE_RETRY (accept (sock
, NULL
, NULL
));
1639 /* Use the descriptor if we have not reached the limit. */
1642 if (firstfree
< nconns
)
1644 conns
[firstfree
].fd
= fd
;
1645 conns
[firstfree
].events
= POLLRDNORM
;
1646 starttime
[firstfree
] = now
;
1647 if (firstfree
>= nused
)
1648 nused
= firstfree
+ 1;
1652 while (firstfree
< nused
&& conns
[firstfree
].fd
!= -1);
1655 /* We cannot use the connection so close it. */
1662 for (size_t cnt
= 1; cnt
< nused
&& n
> 0; ++cnt
)
1663 if (conns
[cnt
].revents
!= 0)
1665 fd_ready (conns
[cnt
].fd
);
1667 /* Clean up the CONNS array. */
1669 if (cnt
< firstfree
)
1671 if (cnt
== nused
- 1)
1674 while (conns
[nused
- 1].fd
== -1);
1680 /* Now find entries which have timed out. */
1683 /* We make the timeout length depend on the number of file
1684 descriptors currently used. */
1685 #define ACCEPT_TIMEOUT \
1686 (MAX_ACCEPT_TIMEOUT \
1687 - ((MAX_ACCEPT_TIMEOUT - MIN_ACCEPT_TIMEOUT) * nused) / nconns)
1688 time_t laststart
= now
- ACCEPT_TIMEOUT
;
1690 for (size_t cnt
= nused
- 1; cnt
> 0; --cnt
)
1692 if (conns
[cnt
].fd
!= -1 && starttime
[cnt
] < laststart
)
1694 /* Remove the entry, it timed out. */
1695 (void) close (conns
[cnt
].fd
);
1698 if (cnt
< firstfree
)
1700 if (cnt
== nused
- 1)
1703 while (conns
[nused
- 1].fd
== -1);
1707 if (restart_p (now
))
1715 main_loop_epoll (int efd
)
1717 struct epoll_event ev
= { 0, };
1721 /* Add the socket. */
1722 ev
.events
= EPOLLRDNORM
;
1724 if (epoll_ctl (efd
, EPOLL_CTL_ADD
, sock
, &ev
) == -1)
1725 /* We cannot use epoll. */
1730 struct epoll_event revs
[100];
1731 # define nrevs (sizeof (revs) / sizeof (revs[0]))
1733 int n
= epoll_wait (efd
, revs
, nrevs
, MAIN_THREAD_TIMEOUT
);
1735 time_t now
= time (NULL
);
1737 for (int cnt
= 0; cnt
< n
; ++cnt
)
1738 if (revs
[cnt
].data
.fd
== sock
)
1740 /* A new connection. */
1741 int fd
= TEMP_FAILURE_RETRY (accept (sock
, NULL
, NULL
));
1745 /* Try to add the new descriptor. */
1748 || epoll_ctl (efd
, EPOLL_CTL_ADD
, fd
, &ev
) == -1)
1749 /* The descriptor is too large or something went
1750 wrong. Close the descriptor. */
1754 /* Remember when we accepted the connection. */
1755 starttime
[fd
] = now
;
1766 /* Remove the descriptor from the epoll descriptor. */
1767 (void) epoll_ctl (efd
, EPOLL_CTL_DEL
, revs
[cnt
].data
.fd
, NULL
);
1769 /* Get a worker to handle the request. */
1770 fd_ready (revs
[cnt
].data
.fd
);
1772 /* Reset the time. */
1773 starttime
[revs
[cnt
].data
.fd
] = 0;
1774 if (revs
[cnt
].data
.fd
== highest
)
1777 while (highest
> 0 && starttime
[highest
] == 0);
1782 /* Now look for descriptors for accepted connections which have
1783 no reply in too long of a time. */
1784 time_t laststart
= now
- ACCEPT_TIMEOUT
;
1785 for (int cnt
= highest
; cnt
> STDERR_FILENO
; --cnt
)
1786 if (cnt
!= sock
&& starttime
[cnt
] != 0 && starttime
[cnt
] < laststart
)
1788 /* We are waiting for this one for too long. Close it. */
1789 (void) epoll_ctl (efd
, EPOLL_CTL_DEL
, cnt
, NULL
);
1797 else if (cnt
!= sock
&& starttime
[cnt
] == 0 && cnt
== highest
)
1800 if (restart_p (now
))
1807 /* Start all the threads we want. The initial process is thread no. 1. */
1809 start_threads (void)
1811 /* Initialize the conditional variable we will use. The only
1812 non-standard attribute we might use is the clock selection. */
1813 pthread_condattr_t condattr
;
1814 pthread_condattr_init (&condattr
);
1816 #if defined _POSIX_CLOCK_SELECTION && _POSIX_CLOCK_SELECTION >= 0 \
1817 && defined _POSIX_MONOTONIC_CLOCK && _POSIX_MONOTONIC_CLOCK >= 0
1818 /* Determine whether the monotonous clock is available. */
1819 struct timespec dummy
;
1820 # if _POSIX_MONOTONIC_CLOCK == 0
1821 if (sysconf (_SC_MONOTONIC_CLOCK
) > 0)
1823 # if _POSIX_CLOCK_SELECTION == 0
1824 if (sysconf (_SC_CLOCK_SELECTION
) > 0)
1826 if (clock_getres (CLOCK_MONOTONIC
, &dummy
) == 0
1827 && pthread_condattr_setclock (&condattr
, CLOCK_MONOTONIC
) == 0)
1828 timeout_clock
= CLOCK_MONOTONIC
;
1831 pthread_cond_init (&readylist_cond
, &condattr
);
1832 pthread_condattr_destroy (&condattr
);
1835 /* Create the attribute for the threads. They are all created
1837 pthread_attr_init (&attr
);
1838 pthread_attr_setdetachstate (&attr
, PTHREAD_CREATE_DETACHED
);
1839 /* Use 1MB stacks, twice as much for 64-bit architectures. */
1840 pthread_attr_setstacksize (&attr
, 1024 * 1024 * (sizeof (void *) / 4));
1842 /* We allow less than LASTDB threads only for debugging. */
1843 if (debug_level
== 0)
1844 nthreads
= MAX (nthreads
, lastdb
);
1847 for (long int i
= 0; i
< nthreads
; ++i
)
1850 if (pthread_create (&th
, &attr
, nscd_run
, (void *) (i
- nfailed
)) != 0)
1853 if (nthreads
- nfailed
< lastdb
)
1855 /* We could not start enough threads. */
1856 dbg_log (_("could only start %d threads; terminating"),
1857 nthreads
- nfailed
);
1861 /* Determine how much room for descriptors we should initially
1862 allocate. This might need to change later if we cap the number
1864 const long int nfds
= sysconf (_SC_OPEN_MAX
);
1866 #define MAXCONN 16384
1867 if (nfds
== -1 || nfds
> MAXCONN
)
1869 else if (nfds
< MINCONN
)
1874 /* We need memory to pass descriptors on to the worker threads. */
1875 fdlist
= (struct fdlist
*) xcalloc (nconns
, sizeof (fdlist
[0]));
1876 /* Array to keep track when connection was accepted. */
1877 starttime
= (time_t *) xcalloc (nconns
, sizeof (starttime
[0]));
1879 /* In the main thread we execute the loop which handles incoming
1882 int efd
= epoll_create (100);
1885 main_loop_epoll (efd
);
1894 /* Look up the uid, gid, and supplementary groups to run nscd as. When
1895 this function is called, we are not listening on the nscd socket yet so
1896 we can just use the ordinary lookup functions without causing a lockup */
1898 begin_drop_privileges (void)
1900 struct passwd
*pwd
= getpwnam (server_user
);
1904 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1905 error (EXIT_FAILURE
, 0, _("Failed to run nscd as user '%s'"),
1909 server_uid
= pwd
->pw_uid
;
1910 server_gid
= pwd
->pw_gid
;
1912 /* Save the old UID/GID if we have to change back. */
1915 old_uid
= getuid ();
1916 old_gid
= getgid ();
1919 if (getgrouplist (server_user
, server_gid
, NULL
, &server_ngroups
) == 0)
1921 /* This really must never happen. */
1922 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1923 error (EXIT_FAILURE
, errno
, _("initial getgrouplist failed"));
1926 server_groups
= (gid_t
*) xmalloc (server_ngroups
* sizeof (gid_t
));
1928 if (getgrouplist (server_user
, server_gid
, server_groups
, &server_ngroups
)
1931 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1932 error (EXIT_FAILURE
, errno
, _("getgrouplist failed"));
1937 /* Call setgroups(), setgid(), and setuid() to drop root privileges and
1938 run nscd as the user specified in the configuration file. */
1940 finish_drop_privileges (void)
1942 #if defined HAVE_LIBAUDIT && defined HAVE_LIBCAP
1943 /* We need to preserve the capabilities to connect to the audit daemon. */
1944 cap_t new_caps
= preserve_capabilities ();
1947 if (setgroups (server_ngroups
, server_groups
) == -1)
1949 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1950 error (EXIT_FAILURE
, errno
, _("setgroups failed"));
1955 res
= setresgid (server_gid
, server_gid
, old_gid
);
1957 res
= setgid (server_gid
);
1960 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1966 res
= setresuid (server_uid
, server_uid
, old_uid
);
1968 res
= setuid (server_uid
);
1971 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1976 #if defined HAVE_LIBAUDIT && defined HAVE_LIBCAP
1977 /* Remove the temporary capabilities. */
1978 install_real_capabilities (new_caps
);