1 /* Inner loops of cache daemon.
2 Copyright (C) 1998-2003, 2004, 2005, 2006, 2007, 2008
3 Free Software Foundation, Inc.
4 This file is part of the GNU C Library.
5 Contributed by Ulrich Drepper <drepper@cygnus.com>, 1998.
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published
9 by the Free Software Foundation; version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software Foundation,
19 Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */
35 #include <arpa/inet.h>
37 # include <sys/epoll.h>
40 #include <sys/param.h>
43 # include <sys/sendfile.h>
45 #include <sys/socket.h>
53 # include <kernel-features.h>
57 /* Wrapper functions with error checking for standard functions. */
58 extern void *xmalloc (size_t n
);
59 extern void *xcalloc (size_t n
, size_t s
);
60 extern void *xrealloc (void *o
, size_t n
);
62 /* Support to run nscd as an unprivileged user */
63 const char *server_user
;
64 static uid_t server_uid
;
65 static gid_t server_gid
;
66 const char *stat_user
;
68 static gid_t
*server_groups
;
72 static int server_ngroups
;
74 static pthread_attr_t attr
;
76 static void begin_drop_privileges (void);
77 static void finish_drop_privileges (void);
79 /* Map request type to a string. */
80 const char *const serv2str
[LASTREQ
] =
82 [GETPWBYNAME
] = "GETPWBYNAME",
83 [GETPWBYUID
] = "GETPWBYUID",
84 [GETGRBYNAME
] = "GETGRBYNAME",
85 [GETGRBYGID
] = "GETGRBYGID",
86 [GETHOSTBYNAME
] = "GETHOSTBYNAME",
87 [GETHOSTBYNAMEv6
] = "GETHOSTBYNAMEv6",
88 [GETHOSTBYADDR
] = "GETHOSTBYADDR",
89 [GETHOSTBYADDRv6
] = "GETHOSTBYADDRv6",
90 [SHUTDOWN
] = "SHUTDOWN",
91 [GETSTAT
] = "GETSTAT",
92 [INVALIDATE
] = "INVALIDATE",
93 [GETFDPW
] = "GETFDPW",
94 [GETFDGR
] = "GETFDGR",
95 [GETFDHST
] = "GETFDHST",
97 [INITGROUPS
] = "INITGROUPS",
98 [GETSERVBYNAME
] = "GETSERVBYNAME",
99 [GETSERVBYPORT
] = "GETSERVBYPORT",
100 [GETFDSERV
] = "GETFDSERV"
103 /* The control data structures for the services. */
104 struct database_dyn dbs
[lastdb
] =
107 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
108 .prune_lock
= PTHREAD_MUTEX_INITIALIZER
,
114 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
116 .filename
= "/etc/passwd",
117 .db_filename
= _PATH_NSCD_PASSWD_DB
,
118 .disabled_iov
= &pwd_iov_disabled
,
126 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
127 .prune_lock
= PTHREAD_MUTEX_INITIALIZER
,
133 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
135 .filename
= "/etc/group",
136 .db_filename
= _PATH_NSCD_GROUP_DB
,
137 .disabled_iov
= &grp_iov_disabled
,
145 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
146 .prune_lock
= PTHREAD_MUTEX_INITIALIZER
,
150 .propagate
= 0, /* Not used. */
152 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
154 .filename
= "/etc/hosts",
155 .db_filename
= _PATH_NSCD_HOSTS_DB
,
156 .disabled_iov
= &hst_iov_disabled
,
164 .lock
= PTHREAD_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP
,
165 .prune_lock
= PTHREAD_MUTEX_INITIALIZER
,
169 .propagate
= 0, /* Not used. */
171 .max_db_size
= DEFAULT_MAX_DB_SIZE
,
173 .filename
= "/etc/services",
174 .db_filename
= _PATH_NSCD_SERVICES_DB
,
175 .disabled_iov
= &serv_iov_disabled
,
185 /* Mapping of request type to database. */
189 struct database_dyn
*db
;
190 } const reqinfo
[LASTREQ
] =
192 [GETPWBYNAME
] = { true, &dbs
[pwddb
] },
193 [GETPWBYUID
] = { true, &dbs
[pwddb
] },
194 [GETGRBYNAME
] = { true, &dbs
[grpdb
] },
195 [GETGRBYGID
] = { true, &dbs
[grpdb
] },
196 [GETHOSTBYNAME
] = { true, &dbs
[hstdb
] },
197 [GETHOSTBYNAMEv6
] = { true, &dbs
[hstdb
] },
198 [GETHOSTBYADDR
] = { true, &dbs
[hstdb
] },
199 [GETHOSTBYADDRv6
] = { true, &dbs
[hstdb
] },
200 [SHUTDOWN
] = { false, NULL
},
201 [GETSTAT
] = { false, NULL
},
202 [SHUTDOWN
] = { false, NULL
},
203 [GETFDPW
] = { false, &dbs
[pwddb
] },
204 [GETFDGR
] = { false, &dbs
[grpdb
] },
205 [GETFDHST
] = { false, &dbs
[hstdb
] },
206 [GETAI
] = { true, &dbs
[hstdb
] },
207 [INITGROUPS
] = { true, &dbs
[grpdb
] },
208 [GETSERVBYNAME
] = { true, &dbs
[servdb
] },
209 [GETSERVBYPORT
] = { true, &dbs
[servdb
] },
210 [GETFDSERV
] = { false, &dbs
[servdb
] }
214 /* Initial number of threads to use. */
216 /* Maximum number of threads to use. */
217 int max_nthreads
= 32;
219 /* Socket for incoming connections. */
222 /* Number of times clients had to wait. */
223 unsigned long int client_queued
;
227 writeall (int fd
, const void *buf
, size_t len
)
233 ret
= TEMP_FAILURE_RETRY (send (fd
, buf
, n
, MSG_NOSIGNAL
));
236 buf
= (const char *) buf
+ ret
;
240 return ret
< 0 ? ret
: len
- n
;
246 sendfileall (int tofd
, int fromfd
, off_t off
, size_t len
)
253 ret
= TEMP_FAILURE_RETRY (sendfile (tofd
, fromfd
, &off
, n
));
259 return ret
< 0 ? ret
: len
- n
;
267 /* The following three are not really used, they are symbolic constants. */
273 use_he_begin
= use_he
| use_begin
,
274 use_he_end
= use_he
| use_end
,
277 use_key_begin
= use_key
| use_begin
,
278 use_key_end
= use_key
| use_end
,
279 use_key_first
= use_key_begin
| use_first
,
282 use_data_begin
= use_data
| use_begin
,
283 use_data_end
= use_data
| use_end
,
284 use_data_first
= use_data_begin
| use_first
289 check_use (const char *data
, nscd_ssize_t first_free
, uint8_t *usemap
,
290 enum usekey use
, ref_t start
, size_t len
)
294 if (start
> first_free
|| start
+ len
> first_free
295 || (start
& BLOCK_ALIGN_M1
))
298 if (usemap
[start
] == use_not
)
300 /* Add the start marker. */
301 usemap
[start
] = use
| use_begin
;
305 if (usemap
[++start
] != use_not
)
310 /* Add the end marker. */
311 usemap
[start
] = use
| use_end
;
313 else if ((usemap
[start
] & ~use_first
) == ((use
| use_begin
) & ~use_first
))
315 /* Hash entries can't be shared. */
319 usemap
[start
] |= (use
& use_first
);
323 if (usemap
[++start
] != use
)
326 if (usemap
[++start
] != (use
| use_end
))
330 /* Points to a wrong object or somewhere in the middle. */
337 /* Verify data in persistent database. */
339 verify_persistent_db (void *mem
, struct database_pers_head
*readhead
, int dbnr
)
341 assert (dbnr
== pwddb
|| dbnr
== grpdb
|| dbnr
== hstdb
|| dbnr
== servdb
);
343 time_t now
= time (NULL
);
345 struct database_pers_head
*head
= mem
;
346 struct database_pers_head head_copy
= *head
;
348 /* Check that the header that was read matches the head in the database. */
349 if (readhead
!= NULL
&& memcmp (head
, readhead
, sizeof (*head
)) != 0)
352 /* First some easy tests: make sure the database header is sane. */
353 if (head
->version
!= DB_VERSION
354 || head
->header_size
!= sizeof (*head
)
355 /* We allow a timestamp to be one hour ahead of the current time.
356 This should cover daylight saving time changes. */
357 || head
->timestamp
> now
+ 60 * 60 + 60
358 || (head
->gc_cycle
& 1)
359 || (size_t) head
->module
> INT32_MAX
/ sizeof (ref_t
)
360 || (size_t) head
->data_size
> INT32_MAX
- head
->module
* sizeof (ref_t
)
361 || head
->first_free
< 0
362 || head
->first_free
> head
->data_size
363 || (head
->first_free
& BLOCK_ALIGN_M1
) != 0
364 || head
->maxnentries
< 0
365 || head
->maxnsearched
< 0)
368 uint8_t *usemap
= calloc (head
->first_free
, 1);
372 const char *data
= (char *) &head
->array
[roundup (head
->module
,
373 ALIGN
/ sizeof (ref_t
))];
375 nscd_ssize_t he_cnt
= 0;
376 for (nscd_ssize_t cnt
= 0; cnt
< head
->module
; ++cnt
)
378 ref_t trail
= head
->array
[cnt
];
382 while (work
!= ENDREF
)
384 if (! check_use (data
, head
->first_free
, usemap
, use_he
, work
,
385 sizeof (struct hashentry
)))
388 /* Now we know we can dereference the record. */
389 struct hashentry
*here
= (struct hashentry
*) (data
+ work
);
393 /* Make sure the record is for this type of service. */
394 if (here
->type
>= LASTREQ
395 || reqinfo
[here
->type
].db
!= &dbs
[dbnr
])
398 /* Validate boolean field value. */
399 if (here
->first
!= false && here
->first
!= true)
407 || here
->packet
> head
->first_free
408 || here
->packet
+ sizeof (struct datahead
) > head
->first_free
)
411 struct datahead
*dh
= (struct datahead
*) (data
+ here
->packet
);
413 if (! check_use (data
, head
->first_free
, usemap
,
414 use_data
| (here
->first
? use_first
: 0),
415 here
->packet
, dh
->allocsize
))
418 if (dh
->allocsize
< sizeof (struct datahead
)
419 || dh
->recsize
> dh
->allocsize
420 || (dh
->notfound
!= false && dh
->notfound
!= true)
421 || (dh
->usable
!= false && dh
->usable
!= true))
424 if (here
->key
< here
->packet
+ sizeof (struct datahead
)
425 || here
->key
> here
->packet
+ dh
->allocsize
426 || here
->key
+ here
->len
> here
->packet
+ dh
->allocsize
)
429 /* If keys can appear outside of data, this should be done
430 instead. But gc doesn't mark the data in that case. */
431 if (! check_use (data
, head
->first_free
, usemap
,
432 use_key
| (here
->first
? use_first
: 0),
433 here
->key
, here
->len
))
441 /* A circular list, this must not happen. */
444 trail
= ((struct hashentry
*) (data
+ trail
))->next
;
449 if (he_cnt
!= head
->nentries
)
452 /* See if all data and keys had at least one reference from
453 he->first == true hashentry. */
454 for (ref_t idx
= 0; idx
< head
->first_free
; ++idx
)
457 if (usemap
[idx
] == use_key_begin
)
460 if (usemap
[idx
] == use_data_begin
)
464 /* Finally, make sure the database hasn't changed since the first test. */
465 if (memcmp (mem
, &head_copy
, sizeof (*head
)) != 0)
478 # define EXTRA_O_FLAGS O_CLOEXEC
480 # define EXTRA_O_FLAGS 0
484 /* Initialize database information structures. */
488 /* Look up unprivileged uid/gid/groups before we start listening on the
490 if (server_user
!= NULL
)
491 begin_drop_privileges ();
494 /* No configuration for this value, assume a default. */
497 for (size_t cnt
= 0; cnt
< lastdb
; ++cnt
)
498 if (dbs
[cnt
].enabled
)
500 pthread_rwlock_init (&dbs
[cnt
].lock
, NULL
);
501 pthread_mutex_init (&dbs
[cnt
].memlock
, NULL
);
503 if (dbs
[cnt
].persistent
)
505 /* Try to open the appropriate file on disk. */
506 int fd
= open (dbs
[cnt
].db_filename
, O_RDWR
| EXTRA_O_FLAGS
);
512 struct database_pers_head head
;
513 ssize_t n
= TEMP_FAILURE_RETRY (read (fd
, &head
,
515 if (n
!= sizeof (head
) || fstat64 (fd
, &st
) != 0)
518 dbg_log (_("invalid persistent database file \"%s\": %s"),
519 dbs
[cnt
].db_filename
, strerror (errno
));
520 unlink (dbs
[cnt
].db_filename
);
522 else if (head
.module
== 0 && head
.data_size
== 0)
524 /* The file has been created, but the head has not been
525 initialized yet. Remove the old file. */
526 unlink (dbs
[cnt
].db_filename
);
528 else if (head
.header_size
!= (int) sizeof (head
))
530 dbg_log (_("invalid persistent database file \"%s\": %s"),
531 dbs
[cnt
].db_filename
,
532 _("header size does not match"));
533 unlink (dbs
[cnt
].db_filename
);
535 else if ((total
= (sizeof (head
)
536 + roundup (head
.module
* sizeof (ref_t
),
540 || total
< sizeof (head
))
542 dbg_log (_("invalid persistent database file \"%s\": %s"),
543 dbs
[cnt
].db_filename
,
544 _("file size does not match"));
545 unlink (dbs
[cnt
].db_filename
);
547 /* Note we map with the maximum size allowed for the
548 database. This is likely much larger than the
549 actual file size. This is OK on most OSes since
550 extensions of the underlying file will
551 automatically translate more pages available for
553 else if ((mem
= mmap (NULL
, dbs
[cnt
].max_db_size
,
554 PROT_READ
| PROT_WRITE
,
558 else if (!verify_persistent_db (mem
, &head
, cnt
))
561 dbg_log (_("invalid persistent database file \"%s\": %s"),
562 dbs
[cnt
].db_filename
,
563 _("verification failed"));
564 unlink (dbs
[cnt
].db_filename
);
568 /* Success. We have the database. */
570 dbs
[cnt
].memsize
= total
;
571 dbs
[cnt
].data
= (char *)
572 &dbs
[cnt
].head
->array
[roundup (dbs
[cnt
].head
->module
,
573 ALIGN
/ sizeof (ref_t
))];
574 dbs
[cnt
].mmap_used
= true;
576 if (dbs
[cnt
].suggested_module
> head
.module
)
577 dbg_log (_("suggested size of table for database %s larger than the persistent database's table"),
582 /* We also need a read-only descriptor. */
585 dbs
[cnt
].ro_fd
= open (dbs
[cnt
].db_filename
,
586 O_RDONLY
| EXTRA_O_FLAGS
);
587 if (dbs
[cnt
].ro_fd
== -1)
589 cannot create read-only descriptor for \"%s\"; no mmap"),
590 dbs
[cnt
].db_filename
);
593 // XXX Shall we test whether the descriptors actually
594 // XXX point to the same file?
597 /* Close the file descriptors in case something went
598 wrong in which case the variable have not been
605 if (dbs
[cnt
].head
== NULL
)
607 /* No database loaded. Allocate the data structure,
609 struct database_pers_head head
;
610 size_t total
= (sizeof (head
)
611 + roundup (dbs
[cnt
].suggested_module
612 * sizeof (ref_t
), ALIGN
)
613 + (dbs
[cnt
].suggested_module
614 * DEFAULT_DATASIZE_PER_BUCKET
));
616 /* Try to create the database. If we do not need a
617 persistent database create a temporary file. */
620 if (dbs
[cnt
].persistent
)
622 fd
= open (dbs
[cnt
].db_filename
,
623 O_RDWR
| O_CREAT
| O_EXCL
| O_TRUNC
| EXTRA_O_FLAGS
,
625 if (fd
!= -1 && dbs
[cnt
].shared
)
626 ro_fd
= open (dbs
[cnt
].db_filename
,
627 O_RDONLY
| EXTRA_O_FLAGS
);
631 char fname
[] = _PATH_NSCD_XYZ_DB_TMP
;
632 fd
= mkostemp (fname
, EXTRA_O_FLAGS
);
634 /* We do not need the file name anymore after we
635 opened another file descriptor in read-only mode. */
639 ro_fd
= open (fname
, O_RDONLY
| EXTRA_O_FLAGS
);
649 dbg_log (_("database for %s corrupted or simultaneously used; remove %s manually if necessary and restart"),
650 dbnames
[cnt
], dbs
[cnt
].db_filename
);
651 // XXX Correct way to terminate?
655 if (dbs
[cnt
].persistent
)
656 dbg_log (_("cannot create %s; no persistent database used"),
657 dbs
[cnt
].db_filename
);
659 dbg_log (_("cannot create %s; no sharing possible"),
660 dbs
[cnt
].db_filename
);
662 dbs
[cnt
].persistent
= 0;
663 // XXX remember: no mmap
667 /* Tell the user if we could not create the read-only
669 if (ro_fd
== -1 && dbs
[cnt
].shared
)
671 cannot create read-only descriptor for \"%s\"; no mmap"),
672 dbs
[cnt
].db_filename
);
674 /* Before we create the header, initialiye the hash
675 table. So that if we get interrupted if writing
676 the header we can recognize a partially initialized
678 size_t ps
= sysconf (_SC_PAGESIZE
);
680 assert (~ENDREF
== 0);
681 memset (tmpbuf
, '\xff', ps
);
683 size_t remaining
= dbs
[cnt
].suggested_module
* sizeof (ref_t
);
684 off_t offset
= sizeof (head
);
687 if (offset
% ps
!= 0)
689 towrite
= MIN (remaining
, ps
- (offset
% ps
));
690 if (pwrite (fd
, tmpbuf
, towrite
, offset
) != towrite
)
693 remaining
-= towrite
;
696 while (remaining
> ps
)
698 if (pwrite (fd
, tmpbuf
, ps
, offset
) == -1)
705 && pwrite (fd
, tmpbuf
, remaining
, offset
) != remaining
)
708 /* Create the header of the file. */
709 struct database_pers_head head
=
711 .version
= DB_VERSION
,
712 .header_size
= sizeof (head
),
713 .module
= dbs
[cnt
].suggested_module
,
714 .data_size
= (dbs
[cnt
].suggested_module
715 * DEFAULT_DATASIZE_PER_BUCKET
),
720 if ((TEMP_FAILURE_RETRY (write (fd
, &head
, sizeof (head
)))
722 || (TEMP_FAILURE_RETRY_VAL (posix_fallocate (fd
, 0, total
))
724 || (mem
= mmap (NULL
, dbs
[cnt
].max_db_size
,
725 PROT_READ
| PROT_WRITE
,
726 MAP_SHARED
, fd
, 0)) == MAP_FAILED
)
729 unlink (dbs
[cnt
].db_filename
);
730 dbg_log (_("cannot write to database file %s: %s"),
731 dbs
[cnt
].db_filename
, strerror (errno
));
732 dbs
[cnt
].persistent
= 0;
738 dbs
[cnt
].data
= (char *)
739 &dbs
[cnt
].head
->array
[roundup (dbs
[cnt
].head
->module
,
740 ALIGN
/ sizeof (ref_t
))];
741 dbs
[cnt
].memsize
= total
;
742 dbs
[cnt
].mmap_used
= true;
744 /* Remember the descriptors. */
746 dbs
[cnt
].ro_fd
= ro_fd
;
758 #if !defined O_CLOEXEC || !defined __ASSUME_O_CLOEXEC
759 /* We do not check here whether the O_CLOEXEC provided to the
760 open call was successful or not. The two fcntl calls are
761 only performed once each per process start-up and therefore
762 is not noticeable at all. */
764 && ((dbs
[cnt
].wr_fd
!= -1
765 && fcntl (dbs
[cnt
].wr_fd
, F_SETFD
, FD_CLOEXEC
) == -1)
766 || (dbs
[cnt
].ro_fd
!= -1
767 && fcntl (dbs
[cnt
].ro_fd
, F_SETFD
, FD_CLOEXEC
) == -1)))
770 cannot set socket to close on exec: %s; disabling paranoia mode"),
776 if (dbs
[cnt
].head
== NULL
)
778 /* We do not use the persistent database. Just
779 create an in-memory data structure. */
780 assert (! dbs
[cnt
].persistent
);
782 dbs
[cnt
].head
= xmalloc (sizeof (struct database_pers_head
)
783 + (dbs
[cnt
].suggested_module
785 memset (dbs
[cnt
].head
, '\0', sizeof (struct database_pers_head
));
786 assert (~ENDREF
== 0);
787 memset (dbs
[cnt
].head
->array
, '\xff',
788 dbs
[cnt
].suggested_module
* sizeof (ref_t
));
789 dbs
[cnt
].head
->module
= dbs
[cnt
].suggested_module
;
790 dbs
[cnt
].head
->data_size
= (DEFAULT_DATASIZE_PER_BUCKET
791 * dbs
[cnt
].head
->module
);
792 dbs
[cnt
].data
= xmalloc (dbs
[cnt
].head
->data_size
);
793 dbs
[cnt
].head
->first_free
= 0;
796 assert (dbs
[cnt
].ro_fd
== -1);
799 if (dbs
[cnt
].check_file
)
801 /* We need the modification date of the file. */
804 if (stat64 (dbs
[cnt
].filename
, &st
) < 0)
806 /* We cannot stat() the file, disable file checking. */
807 dbg_log (_("cannot stat() file `%s': %s"),
808 dbs
[cnt
].filename
, strerror (errno
));
809 dbs
[cnt
].check_file
= 0;
812 dbs
[cnt
].file_mtime
= st
.st_mtime
;
816 /* Create the socket. */
817 sock
= socket (AF_UNIX
, SOCK_STREAM
, 0);
820 dbg_log (_("cannot open socket: %s"), strerror (errno
));
821 exit (errno
== EACCES
? 4 : 1);
823 /* Bind a name to the socket. */
824 struct sockaddr_un sock_addr
;
825 sock_addr
.sun_family
= AF_UNIX
;
826 strcpy (sock_addr
.sun_path
, _PATH_NSCDSOCKET
);
827 if (bind (sock
, (struct sockaddr
*) &sock_addr
, sizeof (sock_addr
)) < 0)
829 dbg_log ("%s: %s", _PATH_NSCDSOCKET
, strerror (errno
));
830 exit (errno
== EACCES
? 4 : 1);
833 /* We don't want to get stuck on accept. */
834 int fl
= fcntl (sock
, F_GETFL
);
835 if (fl
== -1 || fcntl (sock
, F_SETFL
, fl
| O_NONBLOCK
) == -1)
837 dbg_log (_("cannot change socket to nonblocking mode: %s"),
842 /* The descriptor needs to be closed on exec. */
843 if (paranoia
&& fcntl (sock
, F_SETFD
, FD_CLOEXEC
) == -1)
845 dbg_log (_("cannot set socket to close on exec: %s"),
850 /* Set permissions for the socket. */
851 chmod (_PATH_NSCDSOCKET
, DEFFILEMODE
);
853 /* Set the socket up to accept connections. */
854 if (listen (sock
, SOMAXCONN
) < 0)
856 dbg_log (_("cannot enable socket to accept connections: %s"),
861 /* Change to unprivileged uid/gid/groups if specifed in config file */
862 if (server_user
!= NULL
)
863 finish_drop_privileges ();
867 /* Close the connections. */
876 invalidate_cache (char *key
, int fd
)
881 for (number
= pwddb
; number
< lastdb
; ++number
)
882 if (strcmp (key
, dbnames
[number
]) == 0)
884 if (dbs
[number
].reset_res
)
890 if (number
== lastdb
)
893 writeall (fd
, &resp
, sizeof (resp
));
897 if (dbs
[number
].enabled
)
899 pthread_mutex_lock (&dbs
[number
].prune_lock
);
900 prune_cache (&dbs
[number
], LONG_MAX
, fd
);
901 pthread_mutex_unlock (&dbs
[number
].prune_lock
);
906 writeall (fd
, &resp
, sizeof (resp
));
913 send_ro_fd (struct database_dyn
*db
, char *key
, int fd
)
915 /* If we do not have an read-only file descriptor do nothing. */
919 /* We need to send some data along with the descriptor. */
920 uint64_t mapsize
= (db
->head
->data_size
921 + roundup (db
->head
->module
* sizeof (ref_t
), ALIGN
)
922 + sizeof (struct database_pers_head
));
924 iov
[0].iov_base
= key
;
925 iov
[0].iov_len
= strlen (key
) + 1;
926 iov
[1].iov_base
= &mapsize
;
927 iov
[1].iov_len
= sizeof (mapsize
);
929 /* Prepare the control message to transfer the descriptor. */
933 char bytes
[CMSG_SPACE (sizeof (int))];
935 struct msghdr msg
= { .msg_iov
= iov
, .msg_iovlen
= 2,
936 .msg_control
= buf
.bytes
,
937 .msg_controllen
= sizeof (buf
) };
938 struct cmsghdr
*cmsg
= CMSG_FIRSTHDR (&msg
);
940 cmsg
->cmsg_level
= SOL_SOCKET
;
941 cmsg
->cmsg_type
= SCM_RIGHTS
;
942 cmsg
->cmsg_len
= CMSG_LEN (sizeof (int));
944 *(int *) CMSG_DATA (cmsg
) = db
->ro_fd
;
946 msg
.msg_controllen
= cmsg
->cmsg_len
;
948 /* Send the control message. We repeat when we are interrupted but
949 everything else is ignored. */
951 # define MSG_NOSIGNAL 0
953 (void) TEMP_FAILURE_RETRY (sendmsg (fd
, &msg
, MSG_NOSIGNAL
));
955 if (__builtin_expect (debug_level
> 0, 0))
956 dbg_log (_("provide access to FD %d, for %s"), db
->ro_fd
, key
);
958 #endif /* SCM_RIGHTS */
961 /* Handle new request. */
963 handle_request (int fd
, request_header
*req
, void *key
, uid_t uid
)
965 if (__builtin_expect (req
->version
, NSCD_VERSION
) != NSCD_VERSION
)
969 cannot handle old request version %d; current version is %d"),
970 req
->version
, NSCD_VERSION
);
974 /* Perform the SELinux check before we go on to the standard checks. */
975 if (selinux_enabled
&& nscd_request_avc_has_perm (fd
, req
->type
) != 0)
978 dbg_log (_("request not handled due to missing permission"));
982 struct database_dyn
*db
= reqinfo
[req
->type
].db
;
984 /* See whether we can service the request from the cache. */
985 if (__builtin_expect (reqinfo
[req
->type
].data_request
, true))
987 if (__builtin_expect (debug_level
, 0) > 0)
989 if (req
->type
== GETHOSTBYADDR
|| req
->type
== GETHOSTBYADDRv6
)
991 char buf
[INET6_ADDRSTRLEN
];
993 dbg_log ("\t%s (%s)", serv2str
[req
->type
],
994 inet_ntop (req
->type
== GETHOSTBYADDR
995 ? AF_INET
: AF_INET6
,
996 key
, buf
, sizeof (buf
)));
999 dbg_log ("\t%s (%s)", serv2str
[req
->type
], (char *) key
);
1002 /* Is this service enabled? */
1003 if (__builtin_expect (!db
->enabled
, 0))
1005 /* No, sent the prepared record. */
1006 if (TEMP_FAILURE_RETRY (send (fd
, db
->disabled_iov
->iov_base
,
1007 db
->disabled_iov
->iov_len
,
1009 != (ssize_t
) db
->disabled_iov
->iov_len
1010 && __builtin_expect (debug_level
, 0) > 0)
1012 /* We have problems sending the result. */
1014 dbg_log (_("cannot write result: %s"),
1015 strerror_r (errno
, buf
, sizeof (buf
)));
1021 /* Be sure we can read the data. */
1022 if (__builtin_expect (pthread_rwlock_tryrdlock (&db
->lock
) != 0, 0))
1024 ++db
->head
->rdlockdelayed
;
1025 pthread_rwlock_rdlock (&db
->lock
);
1028 /* See whether we can handle it from the cache. */
1029 struct datahead
*cached
;
1030 cached
= (struct datahead
*) cache_search (req
->type
, key
, req
->key_len
,
1034 /* Hurray it's in the cache. */
1037 #ifdef HAVE_SENDFILE
1038 if (__builtin_expect (db
->mmap_used
, 1))
1040 assert (db
->wr_fd
!= -1);
1041 assert ((char *) cached
->data
> (char *) db
->data
);
1042 assert ((char *) cached
->data
- (char *) db
->head
1044 <= (sizeof (struct database_pers_head
)
1045 + db
->head
->module
* sizeof (ref_t
)
1046 + db
->head
->data_size
));
1047 nwritten
= sendfileall (fd
, db
->wr_fd
,
1048 (char *) cached
->data
1049 - (char *) db
->head
, cached
->recsize
);
1050 # ifndef __ASSUME_SENDFILE
1051 if (nwritten
== -1 && errno
== ENOSYS
)
1056 # ifndef __ASSUME_SENDFILE
1060 nwritten
= writeall (fd
, cached
->data
, cached
->recsize
);
1062 if (nwritten
!= cached
->recsize
1063 && __builtin_expect (debug_level
, 0) > 0)
1065 /* We have problems sending the result. */
1067 dbg_log (_("cannot write result: %s"),
1068 strerror_r (errno
, buf
, sizeof (buf
)));
1071 pthread_rwlock_unlock (&db
->lock
);
1076 pthread_rwlock_unlock (&db
->lock
);
1078 else if (__builtin_expect (debug_level
, 0) > 0)
1080 if (req
->type
== INVALIDATE
)
1081 dbg_log ("\t%s (%s)", serv2str
[req
->type
], (char *) key
);
1083 dbg_log ("\t%s", serv2str
[req
->type
]);
1086 /* Handle the request. */
1090 addpwbyname (db
, fd
, req
, key
, uid
);
1094 addpwbyuid (db
, fd
, req
, key
, uid
);
1098 addgrbyname (db
, fd
, req
, key
, uid
);
1102 addgrbygid (db
, fd
, req
, key
, uid
);
1106 addhstbyname (db
, fd
, req
, key
, uid
);
1109 case GETHOSTBYNAMEv6
:
1110 addhstbynamev6 (db
, fd
, req
, key
, uid
);
1114 addhstbyaddr (db
, fd
, req
, key
, uid
);
1117 case GETHOSTBYADDRv6
:
1118 addhstbyaddrv6 (db
, fd
, req
, key
, uid
);
1122 addhstai (db
, fd
, req
, key
, uid
);
1126 addinitgroups (db
, fd
, req
, key
, uid
);
1130 addservbyname (db
, fd
, req
, key
, uid
);
1134 addservbyport (db
, fd
, req
, key
, uid
);
1141 /* Get the callers credentials. */
1143 struct ucred caller
;
1144 socklen_t optlen
= sizeof (caller
);
1146 if (getsockopt (fd
, SOL_SOCKET
, SO_PEERCRED
, &caller
, &optlen
) < 0)
1150 dbg_log (_("error getting caller's id: %s"),
1151 strerror_r (errno
, buf
, sizeof (buf
)));
1157 /* Some systems have no SO_PEERCRED implementation. They don't
1158 care about security so we don't as well. */
1163 /* Accept shutdown, getstat and invalidate only from root. For
1164 the stat call also allow the user specified in the config file. */
1165 if (req
->type
== GETSTAT
)
1167 if (uid
== 0 || uid
== stat_uid
)
1168 send_stats (fd
, dbs
);
1172 if (req
->type
== INVALIDATE
)
1173 invalidate_cache (key
, fd
);
1175 termination_handler (0);
1184 send_ro_fd (reqinfo
[req
->type
].db
, key
, fd
);
1189 /* Ignore the command, it's nothing we know. */
1195 /* Restart the process. */
1199 /* First determine the parameters. We do not use the parameters
1200 passed to main() since in case nscd is started by running the
1201 dynamic linker this will not work. Yes, this is not the usual
1202 case but nscd is part of glibc and we occasionally do this. */
1203 size_t buflen
= 1024;
1204 char *buf
= alloca (buflen
);
1206 int fd
= open ("/proc/self/cmdline", O_RDONLY
);
1210 cannot open /proc/self/cmdline: %s; disabling paranoia mode"),
1219 ssize_t n
= TEMP_FAILURE_RETRY (read (fd
, buf
+ readlen
,
1224 cannot read /proc/self/cmdline: %s; disabling paranoia mode"),
1234 if (readlen
< buflen
)
1237 /* We might have to extend the buffer. */
1238 size_t old_buflen
= buflen
;
1239 char *newp
= extend_alloca (buf
, buflen
, 2 * buflen
);
1240 buf
= memmove (newp
, buf
, old_buflen
);
1245 /* Parse the command line. Worst case scenario: every two
1246 characters form one parameter (one character plus NUL). */
1247 char **argv
= alloca ((readlen
/ 2 + 1) * sizeof (argv
[0]));
1251 while (cp
< buf
+ readlen
)
1254 cp
= (char *) rawmemchr (cp
, '\0') + 1;
1258 /* Second, change back to the old user if we changed it. */
1259 if (server_user
!= NULL
)
1261 if (setresuid (old_uid
, old_uid
, old_uid
) != 0)
1264 cannot change to old UID: %s; disabling paranoia mode"),
1271 if (setresgid (old_gid
, old_gid
, old_gid
) != 0)
1274 cannot change to old GID: %s; disabling paranoia mode"),
1277 setuid (server_uid
);
1283 /* Next change back to the old working directory. */
1284 if (chdir (oldcwd
) == -1)
1287 cannot change to old working directory: %s; disabling paranoia mode"),
1290 if (server_user
!= NULL
)
1292 setuid (server_uid
);
1293 setgid (server_gid
);
1299 /* Synchronize memory. */
1300 for (int cnt
= 0; cnt
< lastdb
; ++cnt
)
1301 if (dbs
[cnt
].enabled
)
1303 /* Make sure nobody keeps using the database. */
1304 dbs
[cnt
].head
->timestamp
= 0;
1306 if (dbs
[cnt
].persistent
)
1308 msync (dbs
[cnt
].head
, dbs
[cnt
].memsize
, MS_ASYNC
);
1311 /* The preparations are done. */
1312 execv ("/proc/self/exe", argv
);
1314 /* If we come here, we will never be able to re-exec. */
1315 dbg_log (_("re-exec failed: %s; disabling paranoia mode"),
1318 if (server_user
!= NULL
)
1320 setuid (server_uid
);
1321 setgid (server_gid
);
1323 if (chdir ("/") != 0)
1324 dbg_log (_("cannot change current working directory to \"/\": %s"),
1330 /* List of file descriptors. */
1334 struct fdlist
*next
;
1336 /* Memory allocated for the list. */
1337 static struct fdlist
*fdlist
;
1338 /* List of currently ready-to-read file descriptors. */
1339 static struct fdlist
*readylist
;
1341 /* Conditional variable and mutex to signal availability of entries in
1342 READYLIST. The condvar is initialized dynamically since we might
1343 use a different clock depending on availability. */
1344 static pthread_cond_t readylist_cond
= PTHREAD_COND_INITIALIZER
;
1345 static pthread_mutex_t readylist_lock
= PTHREAD_MUTEX_INITIALIZER
;
1347 /* The clock to use with the condvar. */
1348 static clockid_t timeout_clock
= CLOCK_REALTIME
;
1350 /* Number of threads ready to handle the READYLIST. */
1351 static unsigned long int nready
;
1354 /* Function for the clean-up threads. */
1356 __attribute__ ((__noreturn__
))
1357 nscd_run_prune (void *p
)
1359 const long int my_number
= (long int) p
;
1360 assert (dbs
[my_number
].enabled
);
1362 int dont_need_update
= setup_thread (&dbs
[my_number
]);
1364 /* We are running. */
1365 dbs
[my_number
].head
->timestamp
= time (NULL
);
1367 struct timespec prune_ts
;
1368 if (clock_gettime (timeout_clock
, &prune_ts
) == -1)
1369 /* Should never happen. */
1372 /* Compute the initial timeout time. Prevent all the timers to go
1373 off at the same time by adding a db-based value. */
1374 prune_ts
.tv_sec
+= CACHE_PRUNE_INTERVAL
+ my_number
;
1376 pthread_mutex_lock (&dbs
[my_number
].prune_lock
);
1379 /* Wait, but not forever. */
1380 int e
= pthread_cond_timedwait (&dbs
[my_number
].prune_cond
,
1381 &dbs
[my_number
].prune_lock
,
1383 assert (e
== 0 || e
== ETIMEDOUT
);
1386 time_t now
= time (NULL
);
1387 if (e
== ETIMEDOUT
|| now
>= dbs
[my_number
].wakeup_time
)
1389 next_wait
= prune_cache (&dbs
[my_number
], now
, -1);
1390 next_wait
= MAX (next_wait
, CACHE_PRUNE_INTERVAL
);
1391 /* If clients cannot determine for sure whether nscd is running
1392 we need to wake up occasionally to update the timestamp.
1393 Wait 90% of the update period. */
1394 #define UPDATE_MAPPING_TIMEOUT (MAPPING_TIMEOUT * 9 / 10)
1395 if (__builtin_expect (! dont_need_update
, 0))
1396 next_wait
= MIN (UPDATE_MAPPING_TIMEOUT
, next_wait
);
1398 /* Make it known when we will wake up again. */
1399 dbs
[my_number
].wakeup_time
= now
+ next_wait
;
1402 /* The cache was just pruned. Do not do it again now. Just
1403 use the new timeout value. */
1404 next_wait
= dbs
[my_number
].wakeup_time
- now
;
1406 if (clock_gettime (timeout_clock
, &prune_ts
) == -1)
1407 /* Should never happen. */
1410 /* Compute next timeout time. */
1411 prune_ts
.tv_sec
+= next_wait
;
1416 /* This is the main loop. It is replicated in different threads but
1417 the the use of the ready list makes sure only one thread handles an
1418 incoming connection. */
1420 __attribute__ ((__noreturn__
))
1421 nscd_run_worker (void *p
)
1425 /* Initial locking. */
1426 pthread_mutex_lock (&readylist_lock
);
1428 /* One more thread available. */
1433 while (readylist
== NULL
)
1434 pthread_cond_wait (&readylist_cond
, &readylist_lock
);
1436 struct fdlist
*it
= readylist
->next
;
1437 if (readylist
->next
== readylist
)
1438 /* Just one entry on the list. */
1441 readylist
->next
= it
->next
;
1443 /* Extract the information and mark the record ready to be used
1448 /* One more thread available. */
1451 /* We are done with the list. */
1452 pthread_mutex_unlock (&readylist_lock
);
1454 /* We do not want to block on a short read or so. */
1455 int fl
= fcntl (fd
, F_GETFL
);
1456 if (fl
== -1 || fcntl (fd
, F_SETFL
, fl
| O_NONBLOCK
) == -1)
1459 /* Now read the request. */
1461 if (__builtin_expect (TEMP_FAILURE_RETRY (read (fd
, &req
, sizeof (req
)))
1462 != sizeof (req
), 0))
1464 /* We failed to read data. Note that this also might mean we
1465 failed because we would have blocked. */
1466 if (debug_level
> 0)
1467 dbg_log (_("short read while reading request: %s"),
1468 strerror_r (errno
, buf
, sizeof (buf
)));
1472 /* Check whether this is a valid request type. */
1473 if (req
.type
< GETPWBYNAME
|| req
.type
>= LASTREQ
)
1476 /* Some systems have no SO_PEERCRED implementation. They don't
1477 care about security so we don't as well. */
1482 if (__builtin_expect (debug_level
> 0, 0))
1484 struct ucred caller
;
1485 socklen_t optlen
= sizeof (caller
);
1487 if (getsockopt (fd
, SOL_SOCKET
, SO_PEERCRED
, &caller
, &optlen
) == 0)
1492 /* It should not be possible to crash the nscd with a silly
1493 request (i.e., a terribly large key). We limit the size to 1kb. */
1494 if (__builtin_expect (req
.key_len
, 1) < 0
1495 || __builtin_expect (req
.key_len
, 1) > MAXKEYLEN
)
1497 if (debug_level
> 0)
1498 dbg_log (_("key length in request too long: %d"), req
.key_len
);
1503 char keybuf
[MAXKEYLEN
];
1505 if (__builtin_expect (TEMP_FAILURE_RETRY (read (fd
, keybuf
,
1509 /* Again, this can also mean we would have blocked. */
1510 if (debug_level
> 0)
1511 dbg_log (_("short read while reading request key: %s"),
1512 strerror_r (errno
, buf
, sizeof (buf
)));
1516 if (__builtin_expect (debug_level
, 0) > 0)
1521 handle_request: request received (Version = %d) from PID %ld"),
1522 req
.version
, (long int) pid
);
1526 handle_request: request received (Version = %d)"), req
.version
);
1529 /* Phew, we got all the data, now process it. */
1530 handle_request (fd
, &req
, keybuf
, uid
);
1538 pthread_mutex_lock (&readylist_lock
);
1540 /* One more thread available. */
1546 static unsigned int nconns
;
1551 pthread_mutex_lock (&readylist_lock
);
1553 /* Find an empty entry in FDLIST. */
1555 for (inner
= 0; inner
< nconns
; ++inner
)
1556 if (fdlist
[inner
].next
== NULL
)
1558 assert (inner
< nconns
);
1560 fdlist
[inner
].fd
= fd
;
1562 if (readylist
== NULL
)
1563 readylist
= fdlist
[inner
].next
= &fdlist
[inner
];
1566 fdlist
[inner
].next
= readylist
->next
;
1567 readylist
= readylist
->next
= &fdlist
[inner
];
1570 bool do_signal
= true;
1571 if (__builtin_expect (nready
== 0, 0))
1576 /* Try to start another thread to help out. */
1578 if (nthreads
< max_nthreads
1579 && pthread_create (&th
, &attr
, nscd_run_worker
,
1580 (void *) (long int) nthreads
) == 0)
1582 /* We got another thread. */
1584 /* The new thread might need a kick. */
1590 pthread_mutex_unlock (&readylist_lock
);
1592 /* Tell one of the worker threads there is work to do. */
1594 pthread_cond_signal (&readylist_cond
);
1598 /* Check whether restarting should happen. */
1600 restart_p (time_t now
)
1602 return (paranoia
&& readylist
== NULL
&& nready
== nthreads
1603 && now
>= restart_time
);
1607 /* Array for times a connection was accepted. */
1608 static time_t *starttime
;
1612 __attribute__ ((__noreturn__
))
1613 main_loop_poll (void)
1615 struct pollfd
*conns
= (struct pollfd
*) xmalloc (nconns
1616 * sizeof (conns
[0]));
1619 conns
[0].events
= POLLRDNORM
;
1621 size_t firstfree
= 1;
1625 /* Wait for any event. We wait at most a couple of seconds so
1626 that we can check whether we should close any of the accepted
1627 connections since we have not received a request. */
1628 #define MAX_ACCEPT_TIMEOUT 30
1629 #define MIN_ACCEPT_TIMEOUT 5
1630 #define MAIN_THREAD_TIMEOUT \
1631 (MAX_ACCEPT_TIMEOUT * 1000 \
1632 - ((MAX_ACCEPT_TIMEOUT - MIN_ACCEPT_TIMEOUT) * 1000 * nused) / (2 * nconns))
1634 int n
= poll (conns
, nused
, MAIN_THREAD_TIMEOUT
);
1636 time_t now
= time (NULL
);
1638 /* If there is a descriptor ready for reading or there is a new
1639 connection, process this now. */
1642 if (conns
[0].revents
!= 0)
1644 /* We have a new incoming connection. Accept the connection. */
1645 int fd
= TEMP_FAILURE_RETRY (accept (sock
, NULL
, NULL
));
1647 /* Use the descriptor if we have not reached the limit. */
1650 if (firstfree
< nconns
)
1652 conns
[firstfree
].fd
= fd
;
1653 conns
[firstfree
].events
= POLLRDNORM
;
1654 starttime
[firstfree
] = now
;
1655 if (firstfree
>= nused
)
1656 nused
= firstfree
+ 1;
1660 while (firstfree
< nused
&& conns
[firstfree
].fd
!= -1);
1663 /* We cannot use the connection so close it. */
1670 for (size_t cnt
= 1; cnt
< nused
&& n
> 0; ++cnt
)
1671 if (conns
[cnt
].revents
!= 0)
1673 fd_ready (conns
[cnt
].fd
);
1675 /* Clean up the CONNS array. */
1677 if (cnt
< firstfree
)
1679 if (cnt
== nused
- 1)
1682 while (conns
[nused
- 1].fd
== -1);
1688 /* Now find entries which have timed out. */
1691 /* We make the timeout length depend on the number of file
1692 descriptors currently used. */
1693 #define ACCEPT_TIMEOUT \
1694 (MAX_ACCEPT_TIMEOUT \
1695 - ((MAX_ACCEPT_TIMEOUT - MIN_ACCEPT_TIMEOUT) * nused) / nconns)
1696 time_t laststart
= now
- ACCEPT_TIMEOUT
;
1698 for (size_t cnt
= nused
- 1; cnt
> 0; --cnt
)
1700 if (conns
[cnt
].fd
!= -1 && starttime
[cnt
] < laststart
)
1702 /* Remove the entry, it timed out. */
1703 (void) close (conns
[cnt
].fd
);
1706 if (cnt
< firstfree
)
1708 if (cnt
== nused
- 1)
1711 while (conns
[nused
- 1].fd
== -1);
1715 if (restart_p (now
))
1723 main_loop_epoll (int efd
)
1725 struct epoll_event ev
= { 0, };
1729 /* Add the socket. */
1730 ev
.events
= EPOLLRDNORM
;
1732 if (epoll_ctl (efd
, EPOLL_CTL_ADD
, sock
, &ev
) == -1)
1733 /* We cannot use epoll. */
1738 struct epoll_event revs
[100];
1739 # define nrevs (sizeof (revs) / sizeof (revs[0]))
1741 int n
= epoll_wait (efd
, revs
, nrevs
, MAIN_THREAD_TIMEOUT
);
1743 time_t now
= time (NULL
);
1745 for (int cnt
= 0; cnt
< n
; ++cnt
)
1746 if (revs
[cnt
].data
.fd
== sock
)
1748 /* A new connection. */
1749 int fd
= TEMP_FAILURE_RETRY (accept (sock
, NULL
, NULL
));
1753 /* Try to add the new descriptor. */
1756 || epoll_ctl (efd
, EPOLL_CTL_ADD
, fd
, &ev
) == -1)
1757 /* The descriptor is too large or something went
1758 wrong. Close the descriptor. */
1762 /* Remember when we accepted the connection. */
1763 starttime
[fd
] = now
;
1774 /* Remove the descriptor from the epoll descriptor. */
1775 (void) epoll_ctl (efd
, EPOLL_CTL_DEL
, revs
[cnt
].data
.fd
, NULL
);
1777 /* Get a worker to handle the request. */
1778 fd_ready (revs
[cnt
].data
.fd
);
1780 /* Reset the time. */
1781 starttime
[revs
[cnt
].data
.fd
] = 0;
1782 if (revs
[cnt
].data
.fd
== highest
)
1785 while (highest
> 0 && starttime
[highest
] == 0);
1790 /* Now look for descriptors for accepted connections which have
1791 no reply in too long of a time. */
1792 time_t laststart
= now
- ACCEPT_TIMEOUT
;
1793 for (int cnt
= highest
; cnt
> STDERR_FILENO
; --cnt
)
1794 if (cnt
!= sock
&& starttime
[cnt
] != 0 && starttime
[cnt
] < laststart
)
1796 /* We are waiting for this one for too long. Close it. */
1797 (void) epoll_ctl (efd
, EPOLL_CTL_DEL
, cnt
, NULL
);
1805 else if (cnt
!= sock
&& starttime
[cnt
] == 0 && cnt
== highest
)
1808 if (restart_p (now
))
1815 /* Start all the threads we want. The initial process is thread no. 1. */
1817 start_threads (void)
1819 /* Initialize the conditional variable we will use. The only
1820 non-standard attribute we might use is the clock selection. */
1821 pthread_condattr_t condattr
;
1822 pthread_condattr_init (&condattr
);
1824 #if defined _POSIX_CLOCK_SELECTION && _POSIX_CLOCK_SELECTION >= 0 \
1825 && defined _POSIX_MONOTONIC_CLOCK && _POSIX_MONOTONIC_CLOCK >= 0
1826 /* Determine whether the monotonous clock is available. */
1827 struct timespec dummy
;
1828 # if _POSIX_MONOTONIC_CLOCK == 0
1829 if (sysconf (_SC_MONOTONIC_CLOCK
) > 0)
1831 # if _POSIX_CLOCK_SELECTION == 0
1832 if (sysconf (_SC_CLOCK_SELECTION
) > 0)
1834 if (clock_getres (CLOCK_MONOTONIC
, &dummy
) == 0
1835 && pthread_condattr_setclock (&condattr
, CLOCK_MONOTONIC
) == 0)
1836 timeout_clock
= CLOCK_MONOTONIC
;
1839 /* Create the attribute for the threads. They are all created
1841 pthread_attr_init (&attr
);
1842 pthread_attr_setdetachstate (&attr
, PTHREAD_CREATE_DETACHED
);
1843 /* Use 1MB stacks, twice as much for 64-bit architectures. */
1844 pthread_attr_setstacksize (&attr
, NSCD_THREAD_STACKSIZE
);
1846 /* We allow less than LASTDB threads only for debugging. */
1847 if (debug_level
== 0)
1848 nthreads
= MAX (nthreads
, lastdb
);
1850 /* Create the threads which prune the databases. */
1851 // XXX Ideally this work would be done by some of the worker threads.
1852 // XXX But this is problematic since we would need to be able to wake
1853 // XXX them up explicitly as well as part of the group handling the
1854 // XXX ready-list. This requires an operation where we can wait on
1855 // XXX two conditional variables at the same time. This operation
1856 // XXX does not exist (yet).
1857 for (long int i
= 0; i
< lastdb
; ++i
)
1859 /* Initialize the conditional variable. */
1860 if (pthread_cond_init (&dbs
[i
].prune_cond
, &condattr
) != 0)
1862 dbg_log (_("could not initialize conditional variable"));
1868 && pthread_create (&th
, &attr
, nscd_run_prune
, (void *) i
) != 0)
1870 dbg_log (_("could not start clean-up thread; terminating"));
1875 pthread_condattr_destroy (&condattr
);
1877 for (long int i
= 0; i
< nthreads
; ++i
)
1880 if (pthread_create (&th
, &attr
, nscd_run_worker
, NULL
) != 0)
1884 dbg_log (_("could not start any worker thread; terminating"));
1892 /* Determine how much room for descriptors we should initially
1893 allocate. This might need to change later if we cap the number
1895 const long int nfds
= sysconf (_SC_OPEN_MAX
);
1897 #define MAXCONN 16384
1898 if (nfds
== -1 || nfds
> MAXCONN
)
1900 else if (nfds
< MINCONN
)
1905 /* We need memory to pass descriptors on to the worker threads. */
1906 fdlist
= (struct fdlist
*) xcalloc (nconns
, sizeof (fdlist
[0]));
1907 /* Array to keep track when connection was accepted. */
1908 starttime
= (time_t *) xcalloc (nconns
, sizeof (starttime
[0]));
1910 /* In the main thread we execute the loop which handles incoming
1913 int efd
= epoll_create (100);
1916 main_loop_epoll (efd
);
1925 /* Look up the uid, gid, and supplementary groups to run nscd as. When
1926 this function is called, we are not listening on the nscd socket yet so
1927 we can just use the ordinary lookup functions without causing a lockup */
1929 begin_drop_privileges (void)
1931 struct passwd
*pwd
= getpwnam (server_user
);
1935 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1936 error (EXIT_FAILURE
, 0, _("Failed to run nscd as user '%s'"),
1940 server_uid
= pwd
->pw_uid
;
1941 server_gid
= pwd
->pw_gid
;
1943 /* Save the old UID/GID if we have to change back. */
1946 old_uid
= getuid ();
1947 old_gid
= getgid ();
1950 if (getgrouplist (server_user
, server_gid
, NULL
, &server_ngroups
) == 0)
1952 /* This really must never happen. */
1953 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1954 error (EXIT_FAILURE
, errno
, _("initial getgrouplist failed"));
1957 server_groups
= (gid_t
*) xmalloc (server_ngroups
* sizeof (gid_t
));
1959 if (getgrouplist (server_user
, server_gid
, server_groups
, &server_ngroups
)
1962 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1963 error (EXIT_FAILURE
, errno
, _("getgrouplist failed"));
1968 /* Call setgroups(), setgid(), and setuid() to drop root privileges and
1969 run nscd as the user specified in the configuration file. */
1971 finish_drop_privileges (void)
1973 #if defined HAVE_LIBAUDIT && defined HAVE_LIBCAP
1974 /* We need to preserve the capabilities to connect to the audit daemon. */
1975 cap_t new_caps
= preserve_capabilities ();
1978 if (setgroups (server_ngroups
, server_groups
) == -1)
1980 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1981 error (EXIT_FAILURE
, errno
, _("setgroups failed"));
1986 res
= setresgid (server_gid
, server_gid
, old_gid
);
1988 res
= setgid (server_gid
);
1991 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
1997 res
= setresuid (server_uid
, server_uid
, old_uid
);
1999 res
= setuid (server_uid
);
2002 dbg_log (_("Failed to run nscd as user '%s'"), server_user
);
2007 #if defined HAVE_LIBAUDIT && defined HAVE_LIBCAP
2008 /* Remove the temporary capabilities. */
2009 install_real_capabilities (new_caps
);