search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:utils: Fix 'Usage:' for 'net ads enctypes'
[samba4-gss.git] / source3 / smbd / server.c
blobe6f8f5849647b64b91a96cec6da6c101c58b6080
1 /*
2 Unix SMB/CIFS implementation.
3 Main SMB server routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Martin Pool 2002
6 Copyright (C) Jelmer Vernooij 2002-2003
7 Copyright (C) Volker Lendecke 1993-2007
8 Copyright (C) Jeremy Allison 1993-2007
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "system/filesys.h"
26 #include "lib/util/server_id.h"
27 #include "lib/util/close_low_fd.h"
28 #include "lib/cmdline/cmdline.h"
29 #include "locking/share_mode_lock.h"
30 #include "smbd/smbd.h"
31 #include "smbd/globals.h"
32 #include "source3/smbd/smbXsrv_session.h"
33 #include "smbd/smbXsrv_open.h"
34 #include "registry/reg_init_full.h"
35 #include "libcli/auth/schannel.h"
36 #include "secrets.h"
37 #include "../lib/util/memcache.h"
38 #include "ctdbd_conn.h"
39 #include "lib/util/util_process.h"
40 #include "util_cluster.h"
41 #include "printing/queue_process.h"
42 #include "rpc_server/rpc_config.h"
43 #include "passdb.h"
44 #include "auth.h"
45 #include "messages.h"
46 #include "messages_ctdb.h"
47 #include "smbprofile.h"
48 #include "lib/id_cache.h"
49 #include "lib/param/param.h"
50 #include "lib/background.h"
51 #include "../lib/util/pidfile.h"
52 #include "lib/smbd_shim.h"
53 #include "scavenger.h"
54 #include "locking/leases_db.h"
55 #include "smbd/notifyd/notifyd.h"
56 #include "smbd/smbd_cleanupd.h"
57 #include "lib/util/sys_rw.h"
58 #include "cleanupdb.h"
59 #include "g_lock.h"
60 #include "lib/global_contexts.h"
61 #include "source3/lib/substitute.h"
62 #include "lib/addrchange.h"
63
64 #ifdef CLUSTER_SUPPORT
65 #include "ctdb_protocol.h"
66 #endif
67
68 struct smbd_open_socket;
69 struct smbd_child_pid;
70
71 struct smbd_parent_context {
72 bool interactive;
73
74 struct tevent_context *ev_ctx;
75 struct messaging_context *msg_ctx;
76
77 /* the list of listening sockets */
78 struct smbd_open_socket *sockets;
79
80 /* the list of current child processes */
81 struct smbd_child_pid *children;
82 size_t num_children;
83
84 struct server_id cleanupd;
85 struct server_id notifyd;
86
87 struct tevent_timer *cleanup_te;
88 };
89
90 struct smbd_open_socket {
91 struct smbd_open_socket *prev, *next;
92 struct smbd_parent_context *parent;
93 int fd;
94 struct tevent_fd *fde;
95 };
96
97 struct smbd_child_pid {
98 struct smbd_child_pid *prev, *next;
99 pid_t pid;
100 };
101
102 /*******************************************************************
103 What to do when smb.conf is updated.
104 ********************************************************************/
105
106 static NTSTATUS messaging_send_to_children(struct messaging_context *msg_ctx,
107 uint32_t msg_type, DATA_BLOB* data);
108
109 static void smbd_parent_conf_updated(struct messaging_context *msg,
110 void *private_data,
111 uint32_t msg_type,
112 struct server_id server_id,
113 DATA_BLOB *data)
114 {
115 bool ok;
116
117 DEBUG(10,("smbd_parent_conf_updated: Got message saying smb.conf was "
118 "updated. Reloading.\n"));
119 change_to_root_user();
120 reload_services(NULL, NULL, false);
121
122 ok = reinit_guest_session_info(NULL);
123 if (!ok) {
124 DBG_ERR("Failed to reinit guest info\n");
125 }
126 messaging_send_to_children(msg, MSG_SMB_CONF_UPDATED, NULL);
127 }
128
129 /****************************************************************************
130 Send a SIGTERM to our process group.
131 *****************************************************************************/
132
133 static void killkids(void)
134 {
135 if(am_parent) kill(0,SIGTERM);
136 }
137
138 static void msg_exit_server(struct messaging_context *msg,
139 void *private_data,
140 uint32_t msg_type,
141 struct server_id server_id,
142 DATA_BLOB *data)
143 {
144 DEBUG(3, ("got a SHUTDOWN message\n"));
145 exit_server_cleanly(NULL);
146 }
147
148 #ifdef DEVELOPER
149 static void msg_inject_fault(struct messaging_context *msg,
150 void *private_data,
151 uint32_t msg_type,
152 struct server_id src,
153 DATA_BLOB *data)
154 {
155 int sig;
156 struct server_id_buf tmp;
157
158 if (data->length != sizeof(sig)) {
159 DEBUG(0, ("Process %s sent bogus signal injection request\n",
160 server_id_str_buf(src, &tmp)));
161 return;
162 }
163
164 sig = *(int *)data->data;
165 if (sig == -1) {
166 exit_server("internal error injected");
167 return;
168 }
169
170 #ifdef HAVE_STRSIGNAL
171 DEBUG(0, ("Process %s requested injection of signal %d (%s)\n",
172 server_id_str_buf(src, &tmp), sig, strsignal(sig)));
173 #else
174 DEBUG(0, ("Process %s requested injection of signal %d\n",
175 server_id_str_buf(src, &tmp), sig));
176 #endif
177
178 kill(getpid(), sig);
179 }
180 #endif /* DEVELOPER */
181
182 #if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
183 /*
184 * Sleep for the specified number of seconds.
185 */
186 static void msg_sleep(struct messaging_context *msg,
187 void *private_data,
188 uint32_t msg_type,
189 struct server_id src,
190 DATA_BLOB *data)
191 {
192 unsigned int seconds;
193 struct server_id_buf tmp;
194
195 if (data->length != sizeof(seconds)) {
196 DBG_ERR("Process %s sent bogus sleep request\n",
197 server_id_str_buf(src, &tmp));
198 return;
199 }
200
201 seconds = *(unsigned int *)data->data;
202 DBG_ERR("Process %s request a sleep of %u seconds\n",
203 server_id_str_buf(src, &tmp),
204 seconds);
205 sleep(seconds);
206 DBG_ERR("Restarting after %u second sleep requested by process %s\n",
207 seconds,
208 server_id_str_buf(src, &tmp));
209 }
210 #endif /* DEVELOPER */
211
212 static NTSTATUS messaging_send_to_children(struct messaging_context *msg_ctx,
213 uint32_t msg_type, DATA_BLOB* data)
214 {
215 NTSTATUS status;
216 struct smbd_parent_context *parent = am_parent;
217 struct smbd_child_pid *child;
218
219 if (parent == NULL) {
220 return NT_STATUS_INTERNAL_ERROR;
221 }
222
223 for (child = parent->children; child != NULL; child = child->next) {
224 status = messaging_send(parent->msg_ctx,
225 pid_to_procid(child->pid),
226 msg_type, data);
227 if (!NT_STATUS_IS_OK(status)) {
228 DBG_DEBUG("messaging_send(%d) failed: %s\n",
229 (int)child->pid, nt_errstr(status));
230 }
231 }
232 return NT_STATUS_OK;
233 }
234
235 static void smb_parent_send_to_children(struct messaging_context *ctx,
236 void* data,
237 uint32_t msg_type,
238 struct server_id srv_id,
239 DATA_BLOB* msg_data)
240 {
241 messaging_send_to_children(ctx, msg_type, msg_data);
242 }
243
244 /*
245 * Parent smbd process sets its own debug level first and then
246 * sends a message to all the smbd children to adjust their debug
247 * level to that of the parent.
248 */
249
250 static void smbd_msg_debug(struct messaging_context *msg_ctx,
251 void *private_data,
252 uint32_t msg_type,
253 struct server_id server_id,
254 DATA_BLOB *data)
255 {
256 debug_message(msg_ctx, private_data, MSG_DEBUG, server_id, data);
257
258 messaging_send_to_children(msg_ctx, MSG_DEBUG, data);
259 }
260
261 static void smbd_parent_id_cache_kill(struct messaging_context *msg_ctx,
262 void *private_data,
263 uint32_t msg_type,
264 struct server_id server_id,
265 DATA_BLOB* data)
266 {
267 const char *msg = (data && data->data)
268 ? (const char *)data->data : "<NULL>";
269 struct id_cache_ref id;
270
271 if (!id_cache_ref_parse(msg, &id)) {
272 DEBUG(0, ("Invalid ?ID: %s\n", msg));
273 return;
274 }
275
276 id_cache_delete_from_cache(&id);
277
278 messaging_send_to_children(msg_ctx, msg_type, data);
279 }
280
281 static void smbd_parent_id_cache_delete(struct messaging_context *ctx,
282 void* data,
283 uint32_t msg_type,
284 struct server_id srv_id,
285 DATA_BLOB* msg_data)
286 {
287 id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
288
289 messaging_send_to_children(ctx, msg_type, msg_data);
290 }
291
292 static void add_child_pid(struct smbd_parent_context *parent,
293 pid_t pid)
294 {
295 struct smbd_child_pid *child;
296
297 child = talloc_zero(parent, struct smbd_child_pid);
298 if (child == NULL) {
299 DEBUG(0, ("Could not add child struct -- malloc failed\n"));
300 return;
301 }
302 child->pid = pid;
303 DLIST_ADD(parent->children, child);
304 parent->num_children += 1;
305 }
306
307 static void smb_tell_num_children(struct messaging_context *ctx, void *data,
308 uint32_t msg_type, struct server_id srv_id,
309 DATA_BLOB *msg_data)
310 {
311 uint8_t buf[sizeof(uint32_t)];
312
313 if (am_parent) {
314 SIVAL(buf, 0, am_parent->num_children);
315 messaging_send_buf(ctx, srv_id, MSG_SMB_NUM_CHILDREN,
316 buf, sizeof(buf));
317 }
318 }
319
320 static void notifyd_stopped(struct tevent_req *req);
321
322 static struct tevent_req *notifyd_req(struct messaging_context *msg_ctx,
323 struct tevent_context *ev)
324 {
325 struct tevent_req *req;
326 sys_notify_watch_fn sys_notify_watch = NULL;
327 struct sys_notify_context *sys_notify_ctx = NULL;
328 struct ctdbd_connection *ctdbd_conn = NULL;
329
330 if (lp_kernel_change_notify()) {
331
332 #ifdef HAVE_INOTIFY
333 if (lp_parm_bool(-1, "notify", "inotify", true)) {
334 sys_notify_watch = inotify_watch;
335 }
336 #endif
337
338 #ifdef HAVE_FAM
339 if (lp_parm_bool(-1, "notify", "fam",
340 (sys_notify_watch == NULL))) {
341 sys_notify_watch = fam_watch;
342 }
343 #endif
344 }
345
346 if (sys_notify_watch != NULL) {
347 sys_notify_ctx = sys_notify_context_create(msg_ctx, ev);
348 if (sys_notify_ctx == NULL) {
349 return NULL;
350 }
351 }
352
353 if (lp_clustering()) {
354 ctdbd_conn = messaging_ctdb_connection();
355 }
356
357 req = notifyd_send(msg_ctx, ev, msg_ctx, ctdbd_conn,
358 sys_notify_watch, sys_notify_ctx);
359 if (req == NULL) {
360 TALLOC_FREE(sys_notify_ctx);
361 return NULL;
362 }
363 tevent_req_set_callback(req, notifyd_stopped, msg_ctx);
364
365 return req;
366 }
367
368 static void notifyd_stopped(struct tevent_req *req)
369 {
370 int ret;
371
372 ret = notifyd_recv(req);
373 TALLOC_FREE(req);
374 DEBUG(1, ("notifyd stopped: %s\n", strerror(ret)));
375 }
376
377 static void notifyd_sig_hup_handler(struct tevent_context *ev,
378 struct tevent_signal *se,
379 int signum,
380 int count,
381 void *siginfo,
382 void *pvt)
383 {
384 DBG_NOTICE("notifyd: Reloading services after SIGHUP\n");
385 reload_services(NULL, NULL, false);
386 reopen_logs();
387 }
388
389 static bool smbd_notifyd_init(struct messaging_context *msg, bool interactive,
390 struct server_id *ppid)
391 {
392 struct tevent_context *ev = messaging_tevent_context(msg);
393 struct tevent_req *req;
394 struct tevent_signal *se = NULL;
395 pid_t pid;
396 NTSTATUS status;
397 bool ok;
398
399 if (interactive) {
400 req = notifyd_req(msg, ev);
401 return (req != NULL);
402 }
403
404 pid = fork();
405 if (pid == -1) {
406 DEBUG(1, ("%s: fork failed: %s\n", __func__,
407 strerror(errno)));
408 return false;
409 }
410
411 if (pid != 0) {
412 if (am_parent != NULL) {
413 add_child_pid(am_parent, pid);
414 }
415 *ppid = pid_to_procid(pid);
416 return true;
417 }
418
419 status = smbd_reinit_after_fork(msg, ev, true);
420 if (!NT_STATUS_IS_OK(status)) {
421 DEBUG(1, ("%s: reinit_after_fork failed: %s\n",
422 __func__, nt_errstr(status)));
423 exit(1);
424 }
425
426 process_set_title("smbd-notifyd", "notifyd");
427
428 reopen_logs();
429
430 /* Set up sighup handler for notifyd */
431 se = tevent_add_signal(ev,
432 ev,
433 SIGHUP, 0,
434 notifyd_sig_hup_handler,
435 NULL);
436 if (!se) {
437 DEBUG(0, ("failed to setup notifyd SIGHUP handler\n"));
438 exit(1);
439 }
440
441 req = notifyd_req(msg, ev);
442 if (req == NULL) {
443 exit(1);
444 }
445 tevent_req_set_callback(req, notifyd_stopped, msg);
446
447 /* Block those signals that we are not handling */
448 BlockSignals(True, SIGUSR1);
449
450 messaging_send(msg, pid_to_procid(getppid()), MSG_SMB_NOTIFY_STARTED,
451 NULL);
452
453 ok = tevent_req_poll(req, ev);
454 if (!ok) {
455 DBG_WARNING("tevent_req_poll returned %s\n", strerror(errno));
456 exit(1);
457 }
458 exit(0);
459 }
460
461 static void notifyd_init_trigger(struct tevent_req *req);
462
463 struct notifyd_init_state {
464 bool ok;
465 struct tevent_context *ev;
466 struct messaging_context *msg;
467 struct server_id *ppid;
468 };
469
470 static struct tevent_req *notifyd_init_send(struct tevent_context *ev,
471 TALLOC_CTX *mem_ctx,
472 struct messaging_context *msg,
473 struct server_id *ppid)
474 {
475 struct tevent_req *req = NULL;
476 struct tevent_req *subreq = NULL;
477 struct notifyd_init_state *state = NULL;
478
479 req = tevent_req_create(mem_ctx, &state, struct notifyd_init_state);
480 if (req == NULL) {
481 return NULL;
482 }
483
484 *state = (struct notifyd_init_state) {
485 .msg = msg,
486 .ev = ev,
487 .ppid = ppid
488 };
489
490 subreq = tevent_wakeup_send(state, ev, tevent_timeval_current_ofs(1, 0));
491 if (tevent_req_nomem(subreq, req)) {
492 return tevent_req_post(req, ev);
493 }
494
495 tevent_req_set_callback(subreq, notifyd_init_trigger, req);
496 return req;
497 }
498
499 static void notifyd_init_trigger(struct tevent_req *subreq)
500 {
501 struct tevent_req *req = tevent_req_callback_data(
502 subreq, struct tevent_req);
503 struct notifyd_init_state *state = tevent_req_data(
504 req, struct notifyd_init_state);
505 bool ok;
506
507 DBG_NOTICE("Triggering notifyd startup\n");
508
509 ok = tevent_wakeup_recv(subreq);
510 TALLOC_FREE(subreq);
511 if (!ok) {
512 tevent_req_error(req, ENOMEM);
513 return;
514 }
515
516 state->ok = smbd_notifyd_init(state->msg, false, state->ppid);
517 if (state->ok) {
518 DBG_WARNING("notifyd restarted\n");
519 tevent_req_done(req);
520 return;
521 }
522
523 DBG_NOTICE("notifyd startup failed, rescheduling\n");
524
525 subreq = tevent_wakeup_send(state, state->ev,
526 tevent_timeval_current_ofs(1, 0));
527 if (tevent_req_nomem(subreq, req)) {
528 DBG_ERR("scheduling notifyd restart failed, giving up\n");
529 return;
530 }
531
532 tevent_req_set_callback(subreq, notifyd_init_trigger, req);
533 return;
534 }
535
536 static bool notifyd_init_recv(struct tevent_req *req)
537 {
538 struct notifyd_init_state *state = tevent_req_data(
539 req, struct notifyd_init_state);
540
541 return state->ok;
542 }
543
544 static void notifyd_started(struct tevent_req *req)
545 {
546 bool ok;
547
548 ok = notifyd_init_recv(req);
549 TALLOC_FREE(req);
550 if (!ok) {
551 DBG_ERR("Failed to restart notifyd, giving up\n");
552 return;
553 }
554 }
555
556 static void cleanupd_sig_hup_handler(struct tevent_context *ev,
557 struct tevent_signal *se,
558 int signum,
559 int count,
560 void *siginfo,
561 void *pvt)
562 {
563 DBG_NOTICE("cleanupd: Reloading services after SIGHUP\n");
564 reopen_logs();
565 }
566
567 static void cleanupd_stopped(struct tevent_req *req);
568
569 static bool cleanupd_init(struct messaging_context *msg, bool interactive,
570 struct server_id *ppid)
571 {
572 struct tevent_context *ev = messaging_tevent_context(msg);
573 struct server_id parent_id = messaging_server_id(msg);
574 struct tevent_signal *se = NULL;
575 struct tevent_req *req;
576 pid_t pid;
577 NTSTATUS status;
578 ssize_t rwret;
579 int ret;
580 bool ok;
581 char c;
582 int up_pipe[2];
583
584 if (interactive) {
585 req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
586 *ppid = messaging_server_id(msg);
587 return (req != NULL);
588 }
589
590 ret = pipe(up_pipe);
591 if (ret == -1) {
592 DBG_WARNING("pipe failed: %s\n", strerror(errno));
593 return false;
594 }
595
596 pid = fork();
597 if (pid == -1) {
598 DBG_WARNING("fork failed: %s\n", strerror(errno));
599 close(up_pipe[0]);
600 close(up_pipe[1]);
601 return false;
602 }
603
604 if (pid != 0) {
605
606 close(up_pipe[1]);
607 rwret = sys_read(up_pipe[0], &c, 1);
608 close(up_pipe[0]);
609
610 if (rwret == -1) {
611 DBG_WARNING("sys_read failed: %s\n", strerror(errno));
612 return false;
613 }
614 if (rwret == 0) {
615 DBG_WARNING("cleanupd could not start\n");
616 return false;
617 }
618 if (c != 0) {
619 DBG_WARNING("cleanupd returned %d\n", (int)c);
620 return false;
621 }
622
623 DBG_DEBUG("Started cleanupd pid=%d\n", (int)pid);
624
625 if (am_parent != NULL) {
626 add_child_pid(am_parent, pid);
627 }
628
629 *ppid = pid_to_procid(pid);
630 return true;
631 }
632
633 close(up_pipe[0]);
634
635 status = smbd_reinit_after_fork(msg, ev, true);
636 if (!NT_STATUS_IS_OK(status)) {
637 DBG_WARNING("reinit_after_fork failed: %s\n",
638 nt_errstr(status));
639 c = 1;
640 sys_write(up_pipe[1], &c, 1);
641
642 exit(1);
643 }
644
645 process_set_title("smbd-cleanupd", "cleanupd");
646
647 se = tevent_add_signal(ev,
648 ev,
649 SIGHUP,
650 0,
651 cleanupd_sig_hup_handler,
652 NULL);
653 if (se == NULL) {
654 DBG_ERR("Could not add SIGHUP handler\n");
655 exit(1);
656 }
657
658 req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
659 if (req == NULL) {
660 DBG_WARNING("smbd_cleanupd_send failed\n");
661 c = 2;
662 sys_write(up_pipe[1], &c, 1);
663
664 exit(1);
665 }
666
667 tevent_req_set_callback(req, cleanupd_stopped, msg);
668
669 c = 0;
670 rwret = sys_write(up_pipe[1], &c, 1);
671 close(up_pipe[1]);
672
673 if (rwret == -1) {
674 DBG_WARNING("sys_write failed: %s\n", strerror(errno));
675 exit(1);
676 }
677 if (rwret != 1) {
678 DBG_WARNING("sys_write could not write result\n");
679 exit(1);
680 }
681
682 ok = tevent_req_poll(req, ev);
683 if (!ok) {
684 DBG_WARNING("tevent_req_poll returned %s\n", strerror(errno));
685 }
686 exit(0);
687 }
688
689 static void cleanupd_stopped(struct tevent_req *req)
690 {
691 NTSTATUS status;
692
693 status = smbd_cleanupd_recv(req);
694 DBG_WARNING("cleanupd stopped: %s\n", nt_errstr(status));
695 }
696
697 static void cleanupd_init_trigger(struct tevent_req *req);
698
699 struct cleanup_init_state {
700 bool ok;
701 struct tevent_context *ev;
702 struct messaging_context *msg;
703 struct server_id *ppid;
704 };
705
706 static struct tevent_req *cleanupd_init_send(struct tevent_context *ev,
707 TALLOC_CTX *mem_ctx,
708 struct messaging_context *msg,
709 struct server_id *ppid)
710 {
711 struct tevent_req *req = NULL;
712 struct tevent_req *subreq = NULL;
713 struct cleanup_init_state *state = NULL;
714
715 req = tevent_req_create(mem_ctx, &state, struct cleanup_init_state);
716 if (req == NULL) {
717 return NULL;
718 }
719
720 *state = (struct cleanup_init_state) {
721 .msg = msg,
722 .ev = ev,
723 .ppid = ppid
724 };
725
726 subreq = tevent_wakeup_send(state, ev, tevent_timeval_current_ofs(0, 0));
727 if (tevent_req_nomem(subreq, req)) {
728 return tevent_req_post(req, ev);
729 }
730
731 tevent_req_set_callback(subreq, cleanupd_init_trigger, req);
732 return req;
733 }
734
735 static void cleanupd_init_trigger(struct tevent_req *subreq)
736 {
737 struct tevent_req *req = tevent_req_callback_data(
738 subreq, struct tevent_req);
739 struct cleanup_init_state *state = tevent_req_data(
740 req, struct cleanup_init_state);
741 bool ok;
742
743 DBG_NOTICE("Triggering cleanupd startup\n");
744
745 ok = tevent_wakeup_recv(subreq);
746 TALLOC_FREE(subreq);
747 if (!ok) {
748 tevent_req_error(req, ENOMEM);
749 return;
750 }
751
752 state->ok = cleanupd_init(state->msg, false, state->ppid);
753 if (state->ok) {
754 DBG_WARNING("cleanupd restarted\n");
755 tevent_req_done(req);
756 return;
757 }
758
759 DBG_NOTICE("cleanupd startup failed, rescheduling\n");
760
761 subreq = tevent_wakeup_send(state, state->ev,
762 tevent_timeval_current_ofs(1, 0));
763 if (tevent_req_nomem(subreq, req)) {
764 DBG_ERR("scheduling cleanupd restart failed, giving up\n");
765 return;
766 }
767
768 tevent_req_set_callback(subreq, cleanupd_init_trigger, req);
769 return;
770 }
771
772 static bool cleanupd_init_recv(struct tevent_req *req)
773 {
774 struct cleanup_init_state *state = tevent_req_data(
775 req, struct cleanup_init_state);
776
777 return state->ok;
778 }
779
780 static void cleanupd_started(struct tevent_req *req)
781 {
782 bool ok;
783 NTSTATUS status;
784 struct smbd_parent_context *parent = tevent_req_callback_data(
785 req, struct smbd_parent_context);
786
787 ok = cleanupd_init_recv(req);
788 TALLOC_FREE(req);
789 if (!ok) {
790 DBG_ERR("Failed to restart cleanupd, giving up\n");
791 return;
792 }
793
794 status = messaging_send(parent->msg_ctx,
795 parent->cleanupd,
796 MSG_SMB_NOTIFY_CLEANUP,
797 &data_blob_null);
798 if (!NT_STATUS_IS_OK(status)) {
799 DBG_ERR("messaging_send returned %s\n",
800 nt_errstr(status));
801 }
802 }
803
804 static void remove_child_pid(struct smbd_parent_context *parent,
805 pid_t pid,
806 bool unclean_shutdown)
807 {
808 struct smbd_child_pid *child;
809 NTSTATUS status;
810 bool ok;
811
812 for (child = parent->children; child != NULL; child = child->next) {
813 if (child->pid == pid) {
814 struct smbd_child_pid *tmp = child;
815 DLIST_REMOVE(parent->children, child);
816 TALLOC_FREE(tmp);
817 parent->num_children -= 1;
818 break;
819 }
820 }
821
822 if (child == NULL) {
823 /* not all forked child processes are added to the children list */
824 DEBUG(2, ("Could not find child %d -- ignoring\n", (int)pid));
825 return;
826 }
827
828 if (pid == procid_to_pid(&parent->cleanupd)) {
829 struct tevent_req *req;
830
831 server_id_set_disconnected(&parent->cleanupd);
832
833 DBG_WARNING("Restarting cleanupd\n");
834 req = cleanupd_init_send(messaging_tevent_context(parent->msg_ctx),
835 parent,
836 parent->msg_ctx,
837 &parent->cleanupd);
838 if (req == NULL) {
839 DBG_ERR("Failed to restart cleanupd\n");
840 return;
841 }
842 tevent_req_set_callback(req, cleanupd_started, parent);
843 return;
844 }
845
846 if (pid == procid_to_pid(&parent->notifyd)) {
847 struct tevent_req *req;
848 struct tevent_context *ev = messaging_tevent_context(
849 parent->msg_ctx);
850
851 server_id_set_disconnected(&parent->notifyd);
852
853 DBG_WARNING("Restarting notifyd\n");
854 req = notifyd_init_send(ev,
855 parent,
856 parent->msg_ctx,
857 &parent->notifyd);
858 if (req == NULL) {
859 DBG_ERR("Failed to restart notifyd\n");
860 return;
861 }
862 tevent_req_set_callback(req, notifyd_started, parent);
863 return;
864 }
865
866 ok = cleanupdb_store_child(pid, unclean_shutdown);
867 if (!ok) {
868 DBG_ERR("cleanupdb_store_child failed\n");
869 return;
870 }
871
872 if (!server_id_is_disconnected(&parent->cleanupd)) {
873 status = messaging_send(parent->msg_ctx,
874 parent->cleanupd,
875 MSG_SMB_NOTIFY_CLEANUP,
876 &data_blob_null);
877 if (!NT_STATUS_IS_OK(status)) {
878 DBG_ERR("messaging_send returned %s\n",
879 nt_errstr(status));
880 }
881 }
882 }
883
884 /****************************************************************************
885 Have we reached the process limit ?
886 ****************************************************************************/
887
888 static bool allowable_number_of_smbd_processes(struct smbd_parent_context *parent)
889 {
890 int max_processes = lp_max_smbd_processes();
891
892 if (!max_processes)
893 return True;
894
895 return parent->num_children < max_processes;
896 }
897
898 static void smbd_sig_chld_handler(struct tevent_context *ev,
899 struct tevent_signal *se,
900 int signum,
901 int count,
902 void *siginfo,
903 void *private_data)
904 {
905 pid_t pid;
906 int status;
907 struct smbd_parent_context *parent =
908 talloc_get_type_abort(private_data,
909 struct smbd_parent_context);
910
911 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
912 bool unclean_shutdown = False;
913
914 /* If the child terminated normally, assume
915 it was an unclean shutdown unless the
916 status is 0
917 */
918 if (WIFEXITED(status)) {
919 unclean_shutdown = WEXITSTATUS(status);
920 }
921 /* If the child terminated due to a signal
922 we always assume it was unclean.
923 */
924 if (WIFSIGNALED(status)) {
925 unclean_shutdown = True;
926 }
927 remove_child_pid(parent, pid, unclean_shutdown);
928 }
929 }
930
931 static void smbd_setup_sig_chld_handler(struct smbd_parent_context *parent)
932 {
933 struct tevent_signal *se;
934
935 se = tevent_add_signal(parent->ev_ctx,
936 parent, /* mem_ctx */
937 SIGCHLD, 0,
938 smbd_sig_chld_handler,
939 parent);
940 if (!se) {
941 exit_server("failed to setup SIGCHLD handler");
942 }
943 }
944
945 static void smbd_open_socket_close_fn(struct tevent_context *ev,
946 struct tevent_fd *fde,
947 int fd,
948 void *private_data)
949 {
950 /* this might be the socket_wrapper swrap_close() */
951 close(fd);
952 }
953
954 static void smbd_accept_connection(struct tevent_context *ev,
955 struct tevent_fd *fde,
956 uint16_t flags,
957 void *private_data)
958 {
959 struct smbd_open_socket *s = talloc_get_type_abort(private_data,
960 struct smbd_open_socket);
961 struct messaging_context *msg_ctx = s->parent->msg_ctx;
962 struct sockaddr_storage addr;
963 socklen_t in_addrlen = sizeof(addr);
964 int fd;
965 pid_t pid = 0;
966
967 fd = accept(s->fd, (struct sockaddr *)(void *)&addr,&in_addrlen);
968 if (fd == -1 && errno == EINTR)
969 return;
970
971 if (fd == -1) {
972 DEBUG(0,("accept: %s\n",
973 strerror(errno)));
974 return;
975 }
976 smb_set_close_on_exec(fd);
977
978 if (s->parent->interactive) {
979 NTSTATUS status;
980
981 status = reinit_after_fork(msg_ctx, ev, true);
982 if (!NT_STATUS_IS_OK(status)) {
983 exit_server("reinit_after_fork() failed");
984 return;
985 }
986 smbd_process(ev, msg_ctx, fd, true);
987 exit_server_cleanly("end of interactive mode");
988 return;
989 }
990
991 if (!allowable_number_of_smbd_processes(s->parent)) {
992 close(fd);
993 return;
994 }
995
996 pid = fork();
997 if (pid == 0) {
998 char addrstr[INET6_ADDRSTRLEN];
999 NTSTATUS status = NT_STATUS_OK;
1000
1001 /*
1002 * Can't use TALLOC_FREE here. Nulling out the argument to it
1003 * would overwrite memory we've just freed.
1004 */
1005 talloc_free(s->parent);
1006 s = NULL;
1007
1008 /* Stop zombies, the parent explicitly handles
1009 * them, counting worker smbds. */
1010 CatchChild();
1011
1012 status = smbd_reinit_after_fork(msg_ctx, ev, true);
1013 if (!NT_STATUS_IS_OK(status)) {
1014 if (NT_STATUS_EQUAL(status,
1015 NT_STATUS_TOO_MANY_OPENED_FILES)) {
1016 DEBUG(0,("child process cannot initialize "
1017 "because too many files are open\n"));
1018 goto exit;
1019 }
1020 if (lp_clustering() &&
1021 (NT_STATUS_EQUAL(
1022 status, NT_STATUS_INTERNAL_DB_ERROR) ||
1023 NT_STATUS_EQUAL(
1024 status, NT_STATUS_CONNECTION_REFUSED))) {
1025 DEBUG(1, ("child process cannot initialize "
1026 "because connection to CTDB "
1027 "has failed: %s\n",
1028 nt_errstr(status)));
1029 goto exit;
1030 }
1031
1032 DEBUG(0,("reinit_after_fork() failed\n"));
1033 smb_panic("reinit_after_fork() failed");
1034 }
1035
1036 print_sockaddr(addrstr, sizeof(addrstr), &addr);
1037 process_set_title("smbd[%s]", "client [%s]", addrstr);
1038
1039 smbd_process(ev, msg_ctx, fd, false);
1040 exit:
1041 exit_server_cleanly("end of child");
1042 return;
1043 }
1044
1045 if (pid < 0) {
1046 DEBUG(0,("smbd_accept_connection: fork() failed: %s\n",
1047 strerror(errno)));
1048 }
1049
1050 /* The parent doesn't need this socket */
1051 close(fd);
1052
1053 /* Sun May 6 18:56:14 2001 ackley@cs.unm.edu:
1054 Clear the closed fd info out of server_fd --
1055 and more importantly, out of client_fd in
1056 util_sock.c, to avoid a possible
1057 getpeername failure if we reopen the logs
1058 and use %I in the filename.
1059 */
1060
1061 if (pid != 0) {
1062 add_child_pid(s->parent, pid);
1063 }
1064
1065 /* Force parent to check log size after
1066 * spawning child. Fix from
1067 * klausr@ITAP.Physik.Uni-Stuttgart.De. The
1068 * parent smbd will log to logserver.smb. It
1069 * writes only two messages for each child
1070 * started/finished. But each child writes,
1071 * say, 50 messages also in logserver.smb,
1072 * beginning with the debug_count of the
1073 * parent, before the child opens its own log
1074 * file logserver.client. In a worst case
1075 * scenario the size of logserver.smb would be
1076 * checked after about 50*50=2500 messages
1077 * (ca. 100kb).
1078 * */
1079 force_check_log_size();
1080 }
1081
1082 static bool smbd_open_one_socket(struct smbd_parent_context *parent,
1083 struct tevent_context *ev_ctx,
1084 const struct sockaddr_storage *ifss,
1085 uint16_t port)
1086 {
1087 struct smbd_open_socket *s;
1088
1089 s = talloc(parent, struct smbd_open_socket);
1090 if (!s) {
1091 return false;
1092 }
1093
1094 s->parent = parent;
1095
1096 s->fd = open_socket_in(SOCK_STREAM, ifss, port, true);
1097 if (s->fd < 0) {
1098 int err = -(s->fd);
1099 DBG_ERR("open_socket_in failed: %s\n", strerror(err));
1100 TALLOC_FREE(s);
1101 /*
1102 * We ignore an error here, as we've done before
1103 */
1104 return true;
1105 }
1106
1107 /* ready to listen */
1108 set_socket_options(s->fd, "SO_KEEPALIVE");
1109 set_socket_options(s->fd, lp_socket_options());
1110
1111 /* Set server socket to
1112 * non-blocking for the accept. */
1113 set_blocking(s->fd, False);
1114
1115 if (listen(s->fd, SMBD_LISTEN_BACKLOG) == -1) {
1116 DEBUG(0,("smbd_open_one_socket: listen: "
1117 "%s\n", strerror(errno)));
1118 close(s->fd);
1119 TALLOC_FREE(s);
1120 return false;
1121 }
1122
1123 s->fde = tevent_add_fd(ev_ctx,
1124 s,
1125 s->fd, TEVENT_FD_READ,
1126 smbd_accept_connection,
1127 s);
1128 if (!s->fde) {
1129 DEBUG(0,("smbd_open_one_socket: "
1130 "tevent_add_fd: %s\n",
1131 strerror(errno)));
1132 close(s->fd);
1133 TALLOC_FREE(s);
1134 return false;
1135 }
1136 tevent_fd_set_close_fn(s->fde, smbd_open_socket_close_fn);
1137
1138 DLIST_ADD_END(parent->sockets, s);
1139
1140 return true;
1141 }
1142
1143 /****************************************************************************
1144 Open the socket communication.
1145 ****************************************************************************/
1146
1147 static bool open_sockets_smbd(struct smbd_parent_context *parent,
1148 struct tevent_context *ev_ctx,
1149 struct messaging_context *msg_ctx,
1150 const char *smb_ports)
1151 {
1152 int num_interfaces = iface_count();
1153 int i,j;
1154 const char **ports;
1155 unsigned dns_port = 0;
1156
1157 #ifdef HAVE_ATEXIT
1158 atexit(killkids);
1159 #endif
1160
1161 /* Stop zombies */
1162 smbd_setup_sig_chld_handler(parent);
1163
1164 ports = lp_smb_ports();
1165
1166 /* use a reasonable default set of ports - listing on 445 and 139 */
1167 if (smb_ports) {
1168 char **l;
1169 l = str_list_make_v3(talloc_tos(), smb_ports, NULL);
1170 ports = discard_const_p(const char *, l);
1171 }
1172
1173 for (j = 0; ports && ports[j]; j++) {
1174 unsigned port = atoi(ports[j]);
1175
1176 if (port == 0 || port > 0xffff) {
1177 exit_server_cleanly("Invalid port in the config or on "
1178 "the commandline specified!");
1179 }
1180 }
1181
1182 if (lp_interfaces() && lp_bind_interfaces_only()) {
1183 /* We have been given an interfaces line, and been
1184 told to only bind to those interfaces. Create a
1185 socket per interface and bind to only these.
1186 */
1187
1188 /* Now open a listen socket for each of the
1189 interfaces. */
1190 for(i = 0; i < num_interfaces; i++) {
1191 const struct sockaddr_storage *ifss =
1192 iface_n_sockaddr_storage(i);
1193 if (ifss == NULL) {
1194 DEBUG(0,("open_sockets_smbd: "
1195 "interface %d has NULL IP address !\n",
1196 i));
1197 continue;
1198 }
1199
1200 for (j = 0; ports && ports[j]; j++) {
1201 unsigned port = atoi(ports[j]);
1202
1203 /* Keep the first port for mDNS service
1204 * registration.
1205 */
1206 if (dns_port == 0) {
1207 dns_port = port;
1208 }
1209
1210 if (!smbd_open_one_socket(parent,
1211 ev_ctx,
1212 ifss,
1213 port)) {
1214 return false;
1215 }
1216 }
1217 }
1218 } else {
1219 /* Just bind to 0.0.0.0 - accept connections
1220 from anywhere. */
1221
1222 const char *sock_addr;
1223 char *sock_tok;
1224 const char *sock_ptr;
1225
1226 #ifdef HAVE_IPV6
1227 sock_addr = "::,0.0.0.0";
1228 #else
1229 sock_addr = "0.0.0.0";
1230 #endif
1231
1232 for (sock_ptr=sock_addr;
1233 next_token_talloc(talloc_tos(), &sock_ptr, &sock_tok, " \t,"); ) {
1234 for (j = 0; ports && ports[j]; j++) {
1235 struct sockaddr_storage ss;
1236 unsigned port = atoi(ports[j]);
1237
1238 /* Keep the first port for mDNS service
1239 * registration.
1240 */
1241 if (dns_port == 0) {
1242 dns_port = port;
1243 }
1244
1245 /* open an incoming socket */
1246 if (!interpret_string_addr(&ss, sock_tok,
1247 AI_NUMERICHOST|AI_PASSIVE)) {
1248 continue;
1249 }
1250
1251 /*
1252 * If we fail to open any sockets
1253 * in this loop the parent-sockets == NULL
1254 * case below will prevent us from starting.
1255 */
1256
1257 (void)smbd_open_one_socket(parent,
1258 ev_ctx,
1259 &ss,
1260 port);
1261 }
1262 }
1263 }
1264
1265 if (parent->sockets == NULL) {
1266 DEBUG(0,("open_sockets_smbd: No "
1267 "sockets available to bind to.\n"));
1268 return false;
1269 }
1270
1271 /* Listen to messages */
1272
1273 messaging_register(msg_ctx, NULL, MSG_SHUTDOWN, msg_exit_server);
1274 messaging_register(msg_ctx, ev_ctx, MSG_SMB_CONF_UPDATED,
1275 smbd_parent_conf_updated);
1276 messaging_register(msg_ctx, NULL, MSG_DEBUG, smbd_msg_debug);
1277 messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS,
1278 smb_parent_send_to_children);
1279 messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS_DENIED,
1280 smb_parent_send_to_children);
1281 messaging_register(msg_ctx, NULL, MSG_SMB_KILL_CLIENT_IP,
1282 smb_parent_send_to_children);
1283 messaging_register(msg_ctx, NULL, MSG_SMB_TELL_NUM_CHILDREN,
1284 smb_tell_num_children);
1285
1286 messaging_register(msg_ctx, NULL,
1287 ID_CACHE_DELETE, smbd_parent_id_cache_delete);
1288 messaging_register(msg_ctx, NULL,
1289 ID_CACHE_KILL, smbd_parent_id_cache_kill);
1290 messaging_register(msg_ctx, NULL, MSG_SMB_NOTIFY_STARTED,
1291 smb_parent_send_to_children);
1292
1293 if (lp_interfaces() && lp_bind_interfaces_only()) {
1294 messaging_register(msg_ctx,
1295 NULL,
1296 MSG_SMB_IP_DROPPED,
1297 smb_parent_send_to_children);
1298 }
1299
1300 #ifdef DEVELOPER
1301 messaging_register(msg_ctx, NULL, MSG_SMB_INJECT_FAULT,
1302 msg_inject_fault);
1303 #endif
1304
1305 #if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
1306 messaging_register(msg_ctx, NULL, MSG_SMB_SLEEP, msg_sleep);
1307 #endif
1308
1309 if (lp_multicast_dns_register() && (dns_port != 0)) {
1310 #ifdef WITH_DNSSD_SUPPORT
1311 smbd_setup_mdns_registration(ev_ctx,
1312 parent, dns_port);
1313 #endif
1314 #ifdef WITH_AVAHI_SUPPORT
1315 void *avahi_conn;
1316
1317 avahi_conn = avahi_start_register(ev_ctx,
1318 ev_ctx,
1319 dns_port);
1320 if (avahi_conn == NULL) {
1321 DEBUG(10, ("avahi_start_register failed\n"));
1322 }
1323 #endif
1324 }
1325
1326 return true;
1327 }
1328
1329
1330 /*
1331 handle stdin becoming readable when we are in --foreground mode
1332 */
1333 static void smbd_stdin_handler(struct tevent_context *ev,
1334 struct tevent_fd *fde,
1335 uint16_t flags,
1336 void *private_data)
1337 {
1338 char c;
1339 if (read(0, &c, 1) != 1) {
1340 /* we have reached EOF on stdin, which means the
1341 parent has exited. Shutdown the server */
1342 exit_server_cleanly("EOF on stdin");
1343 }
1344 }
1345
1346 struct smbd_parent_tevent_trace_state {
1347 TALLOC_CTX *frame;
1348 };
1349
1350 static void smbd_parent_tevent_trace_callback(enum tevent_trace_point point,
1351 void *private_data)
1352 {
1353 struct smbd_parent_tevent_trace_state *state =
1354 (struct smbd_parent_tevent_trace_state *)private_data;
1355
1356 switch (point) {
1357 case TEVENT_TRACE_BEFORE_WAIT:
1358 break;
1359 case TEVENT_TRACE_AFTER_WAIT:
1360 break;
1361 case TEVENT_TRACE_BEFORE_LOOP_ONCE:
1362 TALLOC_FREE(state->frame);
1363 state->frame = talloc_stackframe();
1364 break;
1365 case TEVENT_TRACE_AFTER_LOOP_ONCE:
1366 TALLOC_FREE(state->frame);
1367 break;
1368 }
1369
1370 errno = 0;
1371 }
1372
1373 static void smbd_parent_loop(struct tevent_context *ev_ctx,
1374 struct smbd_parent_context *parent)
1375 {
1376 struct smbd_parent_tevent_trace_state trace_state = {
1377 .frame = NULL,
1378 };
1379 int ret = 0;
1380
1381 tevent_set_trace_callback(ev_ctx, smbd_parent_tevent_trace_callback,
1382 &trace_state);
1383
1384 /* now accept incoming connections - forking a new process
1385 for each incoming connection */
1386 DEBUG(2,("waiting for connections\n"));
1387
1388 ret = tevent_loop_wait(ev_ctx);
1389 if (ret != 0) {
1390 DEBUG(0, ("tevent_loop_wait failed: %d, %s, exiting\n",
1391 ret, strerror(errno)));
1392 }
1393
1394 TALLOC_FREE(trace_state.frame);
1395
1396 /* NOTREACHED return True; */
1397 }
1398
1399
1400 /****************************************************************************
1401 Initialise connect, service and file structs.
1402 ****************************************************************************/
1403
1404 static bool init_structs(void )
1405 {
1406 /*
1407 * Set the machine NETBIOS name if not already
1408 * set from the config file.
1409 */
1410
1411 if (!secrets_init())
1412 return False;
1413
1414 return True;
1415 }
1416
1417 static void smbd_parent_sig_term_handler(struct tevent_context *ev,
1418 struct tevent_signal *se,
1419 int signum,
1420 int count,
1421 void *siginfo,
1422 void *private_data)
1423 {
1424 exit_server_cleanly("termination signal");
1425 }
1426
1427 static void smbd_parent_sig_hup_handler(struct tevent_context *ev,
1428 struct tevent_signal *se,
1429 int signum,
1430 int count,
1431 void *siginfo,
1432 void *private_data)
1433 {
1434 change_to_root_user();
1435 DBG_NOTICE("parent: Reloading services after SIGHUP\n");
1436 reload_services(NULL, NULL, false);
1437 }
1438
1439 struct smbd_claim_version_state {
1440 TALLOC_CTX *mem_ctx;
1441 char *version;
1442 };
1443
1444 static void smbd_claim_version_parser(struct server_id exclusive,
1445 size_t num_shared,
1446 const struct server_id *shared,
1447 const uint8_t *data,
1448 size_t datalen,
1449 void *private_data)
1450 {
1451 struct smbd_claim_version_state *state = private_data;
1452
1453 if (datalen == 0) {
1454 state->version = NULL;
1455 return;
1456 }
1457 if (data[datalen-1] != '\0') {
1458 DBG_WARNING("Invalid samba version\n");
1459 dump_data(DBGLVL_WARNING, data, datalen);
1460 state->version = NULL;
1461 return;
1462 }
1463 state->version = talloc_strdup(state->mem_ctx, (const char *)data);
1464 }
1465
1466 static NTSTATUS smbd_claim_version(struct messaging_context *msg,
1467 const char *version)
1468 {
1469 const char *name = "samba_version_string";
1470 const TDB_DATA key = string_term_tdb_data(name);
1471 struct smbd_claim_version_state state;
1472 struct g_lock_ctx *ctx;
1473 NTSTATUS status;
1474
1475 ctx = g_lock_ctx_init(msg, msg);
1476 if (ctx == NULL) {
1477 DBG_WARNING("g_lock_ctx_init failed\n");
1478 return NT_STATUS_UNSUCCESSFUL;
1479 }
1480
1481 status = g_lock_lock(ctx,
1482 key,
1483 G_LOCK_READ,
1484 (struct timeval) { .tv_sec = 60 },
1485 NULL,
1486 NULL);
1487 if (!NT_STATUS_IS_OK(status)) {
1488 DBG_WARNING("g_lock_lock(G_LOCK_READ) failed: %s\n",
1489 nt_errstr(status));
1490 TALLOC_FREE(ctx);
1491 return status;
1492 }
1493
1494 state = (struct smbd_claim_version_state) { .mem_ctx = ctx };
1495
1496 status = g_lock_dump(ctx, key, smbd_claim_version_parser, &state);
1497 if (!NT_STATUS_IS_OK(status) &&
1498 !NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
1499 DBG_ERR("Could not read samba_version_string\n");
1500 g_lock_unlock(ctx, key);
1501 TALLOC_FREE(ctx);
1502 return status;
1503 }
1504
1505 if ((state.version != NULL) && (strcmp(version, state.version) == 0)) {
1506 /*
1507 * Leave the read lock for us around. Someone else already
1508 * set the version correctly
1509 */
1510 TALLOC_FREE(ctx);
1511 return NT_STATUS_OK;
1512 }
1513
1514 status = g_lock_lock(ctx,
1515 key,
1516 G_LOCK_UPGRADE,
1517 (struct timeval) { .tv_sec = 60 },
1518 NULL,
1519 NULL);
1520 if (!NT_STATUS_IS_OK(status)) {
1521 DBG_WARNING("g_lock_lock(G_LOCK_UPGRADE) failed: %s\n",
1522 nt_errstr(status));
1523 DBG_ERR("smbd %s already running, refusing to start "
1524 "version %s\n", state.version, version);
1525 TALLOC_FREE(ctx);
1526 return NT_STATUS_SXS_VERSION_CONFLICT;
1527 }
1528
1529 status = g_lock_write_data(
1530 ctx, key, (const uint8_t *)version, strlen(version)+1);
1531 if (!NT_STATUS_IS_OK(status)) {
1532 DBG_WARNING("g_lock_write_data failed: %s\n",
1533 nt_errstr(status));
1534 TALLOC_FREE(ctx);
1535 return status;
1536 }
1537
1538 status = g_lock_lock(ctx,
1539 key,
1540 G_LOCK_DOWNGRADE,
1541 (struct timeval) { .tv_sec = 60 },
1542 NULL,
1543 NULL);
1544 if (!NT_STATUS_IS_OK(status)) {
1545 DBG_WARNING("g_lock_lock(G_LOCK_DOWNGRADE) failed: %s\n",
1546 nt_errstr(status));
1547 TALLOC_FREE(ctx);
1548 return status;
1549 }
1550
1551 /*
1552 * Leave "ctx" dangling so that g_lock.tdb keeps opened.
1553 */
1554 return NT_STATUS_OK;
1555 }
1556
1557 /****************************************************************************
1558 Open socket communication on given ip address
1559 ****************************************************************************/
1560
1561 static bool smbd_open_socket_for_ip(struct smbd_parent_context *parent,
1562 struct tevent_context *ev_ctx,
1563 struct messaging_context *msg_ctx,
1564 const char *smb_ports,
1565 const struct sockaddr_storage *ifss)
1566 {
1567 int j;
1568 const char **ports;
1569 unsigned dns_port = 0;
1570 TALLOC_CTX *ctx;
1571 bool status = true;
1572
1573 ports = lp_smb_ports();
1574 ctx = talloc_stackframe();
1575
1576 /* use a reasonable default set of ports - listing on 445 and 139 */
1577 if (smb_ports) {
1578 char **l;
1579 l = str_list_make_v3(ctx, smb_ports, NULL);
1580 ports = discard_const_p(const char *, l);
1581 }
1582
1583 for (j = 0; ports && ports[j]; j++) {
1584 unsigned port = atoi(ports[j]);
1585
1586 /* Keep the first port for mDNS service
1587 * registration.
1588 */
1589 if (dns_port == 0) {
1590 dns_port = port;
1591 }
1592
1593 if (!smbd_open_one_socket(parent,
1594 ev_ctx,
1595 ifss,
1596 port)) {
1597 status = false;
1598 goto out_free;
1599 }
1600 }
1601
1602 out_free:
1603 TALLOC_FREE(ctx);
1604 return status;
1605 }
1606
1607 struct smbd_addrchanged_state {
1608 struct addrchange_context *ctx;
1609 struct tevent_context *ev;
1610 struct messaging_context *msg_ctx;
1611 struct smbd_parent_context *parent;
1612 char *ports;
1613 };
1614
1615 static void smbd_addr_changed(struct tevent_req *req);
1616
1617 static void smbd_init_addrchange(TALLOC_CTX *mem_ctx,
1618 struct tevent_context *ev,
1619 struct messaging_context *msg_ctx,
1620 struct smbd_parent_context *parent,
1621 char *ports)
1622 {
1623 struct smbd_addrchanged_state *state;
1624 struct tevent_req *req;
1625 NTSTATUS status;
1626
1627 state = talloc(mem_ctx, struct smbd_addrchanged_state);
1628 if (state == NULL) {
1629 DBG_DEBUG("talloc failed\n");
1630 return;
1631 }
1632 *state = (struct smbd_addrchanged_state) {
1633 .ev = ev,
1634 .msg_ctx = msg_ctx,
1635 .parent = parent,
1636 .ports = ports
1637 };
1638
1639 status = addrchange_context_create(state, &state->ctx);
1640 if (!NT_STATUS_IS_OK(status)) {
1641 DBG_DEBUG("addrchange_context_create failed: %s\n",
1642 nt_errstr(status));
1643 TALLOC_FREE(state);
1644 return;
1645 }
1646 req = addrchange_send(state, ev, state->ctx);
1647 if (req == NULL) {
1648 DBG_ERR("addrchange_send failed\n");
1649 TALLOC_FREE(state);
1650 return;
1651 }
1652 tevent_req_set_callback(req, smbd_addr_changed, state);
1653 }
1654
1655 static void smbd_close_socket_for_ip(struct smbd_parent_context *parent,
1656 struct messaging_context *msg_ctx,
1657 struct sockaddr_storage *addr)
1658 {
1659 struct smbd_open_socket *s = NULL;
1660
1661 for (s = parent->sockets; s != NULL; s = s->next) {
1662 struct sockaddr_storage a;
1663 socklen_t addr_len = sizeof(a);
1664
1665 if (getsockname(s->fd, (struct sockaddr *)&a, &addr_len) < 0) {
1666 DBG_NOTICE("smbd: Unable to get address - skip\n");
1667 continue;
1668 }
1669 if (sockaddr_equal((struct sockaddr *)&a,
1670 (struct sockaddr *)addr)) {
1671 char addrstr[INET6_ADDRSTRLEN];
1672 DATA_BLOB blob;
1673 NTSTATUS status;
1674
1675 DLIST_REMOVE(parent->sockets, s);
1676 TALLOC_FREE(s);
1677 print_sockaddr(addrstr, sizeof(addrstr), addr);
1678 DBG_NOTICE("smbd: Closed listening socket for %s\n",
1679 addrstr);
1680
1681 blob = data_blob_const(addrstr, strlen(addrstr)+1);
1682 status = messaging_send(msg_ctx,
1683 messaging_server_id(msg_ctx),
1684 MSG_SMB_IP_DROPPED,
1685 &blob);
1686 if (!NT_STATUS_IS_OK(status)) {
1687 DBG_NOTICE(
1688 "messaging_send failed: %s - ignoring\n",
1689 nt_errstr(status));
1690 }
1691 return;
1692 }
1693 }
1694 }
1695
1696 static void smbd_addr_changed(struct tevent_req *req)
1697 {
1698 struct smbd_addrchanged_state *state = tevent_req_callback_data(
1699 req, struct smbd_addrchanged_state);
1700 enum addrchange_type type;
1701 struct sockaddr_storage addr;
1702 NTSTATUS status;
1703 uint32_t if_index;
1704 bool match;
1705
1706 status = addrchange_recv(req, &type, &addr, &if_index);
1707 TALLOC_FREE(req);
1708 if (!NT_STATUS_IS_OK(status)) {
1709 DBG_DEBUG("addrchange_recv failed: %s, stop listening\n",
1710 nt_errstr(status));
1711 TALLOC_FREE(state);
1712 return;
1713 }
1714
1715 match = interface_ifindex_exists_with_options(if_index,
1716 IFACE_DYNAMIC_OPTION);
1717 if (!match) {
1718 DBG_NOTICE(
1719 "smbd: No interface present for if_index %u "
1720 "with dynamic option\n",
1721 if_index);
1722 goto rearm;
1723 }
1724
1725 if (type == ADDRCHANGE_DEL) {
1726 char addrstr[INET6_ADDRSTRLEN];
1727
1728 print_sockaddr(addrstr, sizeof(addrstr), &addr);
1729
1730 DBG_NOTICE("smbd: kernel (AF_NETLINK) dropped ip %s "
1731 "on if_index %u\n",
1732 addrstr, if_index);
1733
1734 smbd_close_socket_for_ip(state->parent, state->msg_ctx, &addr);
1735
1736 goto rearm;
1737 }
1738
1739 if (type == ADDRCHANGE_ADD) {
1740 char addrstr[INET6_ADDRSTRLEN];
1741
1742 print_sockaddr(addrstr, sizeof(addrstr), &addr);
1743
1744 DBG_NOTICE("smbd: kernel (AF_NETLINK) added ip %s "
1745 "on if_index %u\n",
1746 addrstr, if_index);
1747
1748 if (!smbd_open_socket_for_ip(state->parent,
1749 state->ev,
1750 state->msg_ctx,
1751 state->ports,
1752 &addr)) {
1753 DBG_NOTICE("smbd: Unable to open socket on %s\n",
1754 addrstr);
1755 }
1756 }
1757 rearm:
1758 req = addrchange_send(state, state->ev, state->ctx);
1759 if (req == NULL) {
1760 DBG_ERR("addrchange_send failed\n");
1761 TALLOC_FREE(state);
1762 return;
1763 }
1764 tevent_req_set_callback(req, smbd_addr_changed, state);
1765 }
1766
1767 /****************************************************************************
1768 main program.
1769 ****************************************************************************/
1770
1771 /* Declare prototype for build_options() to avoid having to run it through
1772 mkproto.h. Mixing $(builddir) and $(srcdir) source files in the current
1773 prototype generation system is too complicated. */
1774
1775 extern void build_options(bool screen);
1776
1777 int main(int argc,const char *argv[])
1778 {
1779 /* shall I run as a daemon */
1780 struct samba_cmdline_daemon_cfg *cmdline_daemon_cfg = NULL;
1781 bool log_stdout = false;
1782 char *ports = NULL;
1783 char *profile_level = NULL;
1784 int opt;
1785 poptContext pc;
1786 struct server_id main_server_id = {0};
1787 struct poptOption long_options[] = {
1788 POPT_AUTOHELP
1789 {
1790 .longName = "build-options",
1791 .shortName = 'b',
1792 .argInfo = POPT_ARG_NONE,
1793 .arg = NULL,
1794 .val = 'b',
1795 .descrip = "Print build options" ,
1796 },
1797 {
1798 .longName = "port",
1799 .shortName = 'p',
1800 .argInfo = POPT_ARG_STRING,
1801 .arg = &ports,
1802 .val = 0,
1803 .descrip = "Listen on the specified ports",
1804 },
1805 {
1806 .longName = "profiling-level",
1807 .shortName = 'P',
1808 .argInfo = POPT_ARG_STRING,
1809 .arg = &profile_level,
1810 .val = 0,
1811 .descrip = "Set profiling level","PROFILE_LEVEL",
1812 },
1813 POPT_COMMON_SAMBA
1814 POPT_COMMON_DAEMON
1815 POPT_COMMON_VERSION
1816 POPT_TABLEEND
1817 };
1818 struct smbd_parent_context *parent = NULL;
1819 TALLOC_CTX *frame;
1820 NTSTATUS status;
1821 struct tevent_context *ev_ctx;
1822 struct messaging_context *msg_ctx;
1823 struct server_id server_id;
1824 struct tevent_signal *se;
1825 int profiling_level;
1826 char *np_dir = NULL;
1827 const struct loadparm_substitution *lp_sub =
1828 loadparm_s3_global_substitution();
1829 static const struct smbd_shim smbd_shim_fns =
1830 {
1831 .change_to_root_user = smbd_change_to_root_user,
1832 .become_authenticated_pipe_user = smbd_become_authenticated_pipe_user,
1833 .unbecome_authenticated_pipe_user = smbd_unbecome_authenticated_pipe_user,
1834
1835 .contend_level2_oplocks_begin = smbd_contend_level2_oplocks_begin,
1836 .contend_level2_oplocks_end = smbd_contend_level2_oplocks_end,
1837
1838 .become_root = smbd_become_root,
1839 .unbecome_root = smbd_unbecome_root,
1840
1841 .exit_server = smbd_exit_server,
1842 .exit_server_cleanly = smbd_exit_server_cleanly,
1843 };
1844 bool ok;
1845
1846 setproctitle_init(argc, discard_const(argv), environ);
1847
1848 /*
1849 * Do this before any other talloc operation
1850 */
1851 talloc_enable_null_tracking();
1852 frame = talloc_stackframe();
1853
1854 smb_init_locale();
1855
1856 set_smbd_shim(&smbd_shim_fns);
1857
1858 smbd_init_globals();
1859
1860 TimeInit();
1861
1862 #ifdef HAVE_SET_AUTH_PARAMETERS
1863 set_auth_parameters(argc,argv);
1864 #endif
1865
1866 ok = samba_cmdline_init(frame,
1867 SAMBA_CMDLINE_CONFIG_SERVER,
1868 true /* require_smbconf */);
1869 if (!ok) {
1870 DBG_ERR("Failed to setup cmdline parser!\n");
1871 exit(ENOMEM);
1872 }
1873
1874 cmdline_daemon_cfg = samba_cmdline_get_daemon_cfg();
1875
1876 pc = samba_popt_get_context(getprogname(),
1877 argc,
1878 argv,
1879 long_options,
1880 0);
1881 if (pc == NULL) {
1882 DBG_ERR("Failed to get popt context!\n");
1883 exit(ENOMEM);
1884 }
1885
1886 while((opt = poptGetNextOpt(pc)) != -1) {
1887 switch (opt) {
1888 case 'b':
1889 build_options(true); /* Display output to screen as well as debug */
1890 exit(0);
1891 break;
1892 default:
1893 d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
1894 poptBadOption(pc, 0), poptStrerror(opt));
1895 poptPrintUsage(pc, stderr, 0);
1896 exit(1);
1897 }
1898 }
1899 poptFreeContext(pc);
1900
1901 log_stdout = (debug_get_log_type() == DEBUG_STDOUT);
1902
1903 if (cmdline_daemon_cfg->interactive) {
1904 log_stdout = True;
1905 }
1906
1907 #ifdef HAVE_SETLUID
1908 /* needed for SecureWare on SCO */
1909 setluid(0);
1910 #endif
1911
1912 set_remote_machine_name("smbd", False);
1913
1914 if (cmdline_daemon_cfg->interactive && (DEBUGLEVEL >= 9)) {
1915 talloc_enable_leak_report();
1916 }
1917
1918 if (log_stdout && cmdline_daemon_cfg->fork) {
1919 DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
1920 exit(1);
1921 }
1922
1923 /*
1924 * We want to die early if we can't open /dev/urandom
1925 */
1926 generate_random_buffer(NULL, 0);
1927
1928 /* get initial effective uid and gid */
1929 sec_init();
1930
1931 /* make absolutely sure we run as root - to handle cases where people
1932 are crazy enough to have it setuid */
1933 gain_root_privilege();
1934 gain_root_group_privilege();
1935
1936 dump_core_setup("smbd", lp_logfile(talloc_tos(), lp_sub));
1937
1938 /* we are never interested in SIGPIPE */
1939 BlockSignals(True,SIGPIPE);
1940
1941 #if defined(SIGFPE)
1942 /* we are never interested in SIGFPE */
1943 BlockSignals(True,SIGFPE);
1944 #endif
1945
1946 #if defined(SIGUSR2)
1947 /* We are no longer interested in USR2 */
1948 BlockSignals(True,SIGUSR2);
1949 #endif
1950
1951 /*
1952 * POSIX demands that signals are inherited. If the invoking
1953 * process has these signals masked, we will have problems, as
1954 * we won't receive them.
1955 */
1956 BlockSignals(False, SIGHUP);
1957 BlockSignals(False, SIGUSR1);
1958 BlockSignals(False, SIGTERM);
1959
1960 /* Ensure we leave no zombies until we
1961 * correctly set up child handling below. */
1962
1963 CatchChild();
1964
1965 /* we want total control over the permissions on created files,
1966 so set our umask to 0 */
1967 umask(0);
1968
1969 reopen_logs();
1970
1971 DBG_STARTUP_NOTICE("smbd version %s started.\n%s\n",
1972 samba_version_string(),
1973 samba_copyright_string());
1974
1975 DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
1976 (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
1977
1978 /* Output the build options to the debug log */
1979 build_options(False);
1980
1981 if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4) {
1982 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
1983 exit(1);
1984 }
1985
1986 /*
1987 * This calls unshare(CLONE_FS); on linux
1988 * in order to check if the running kernel/container
1989 * environment supports it.
1990 */
1991 per_thread_cwd_check();
1992
1993 if (!cluster_probe_ok()) {
1994 exit(1);
1995 }
1996
1997 /* Init the security context and global current_user */
1998 init_sec_ctx();
1999
2000 /*
2001 * Initialize the event context. The event context needs to be
2002 * initialized before the messaging context, cause the messaging
2003 * context holds an event context.
2004 */
2005 ev_ctx = global_event_context();
2006 if (ev_ctx == NULL) {
2007 exit(1);
2008 }
2009
2010 /*
2011 * Init the messaging context
2012 * FIXME: This should only call messaging_init()
2013 */
2014 msg_ctx = global_messaging_context();
2015 if (msg_ctx == NULL) {
2016 exit(1);
2017 }
2018
2019 /*
2020 * Reloading of the printers will not work here as we don't have a
2021 * server info and rpc services set up. It will be called later.
2022 */
2023 if (!reload_services(NULL, NULL, false)) {
2024 exit(1);
2025 }
2026
2027 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2028 if (!lp_parm_bool(-1, "server role check", "inhibit", false)) {
2029 DBG_ERR("server role = 'active directory domain controller' not compatible with running smbd standalone. \n");
2030 DEBUGADD(0, ("You should start 'samba' instead, and it will control starting smbd if required\n"));
2031 exit(1);
2032 }
2033 /* Main 'samba' daemon will notify */
2034 daemon_sd_notifications(false);
2035 }
2036
2037 /* ...NOTE... Log files are working from this point! */
2038
2039 DEBUG(3,("loaded services\n"));
2040
2041 init_structs();
2042
2043 if (!profile_setup(msg_ctx, False)) {
2044 DEBUG(0,("ERROR: failed to setup profiling\n"));
2045 return -1;
2046 }
2047
2048 if (profile_level != NULL) {
2049 profiling_level = atoi(profile_level);
2050 } else {
2051 profiling_level = lp_smbd_profiling_level();
2052 }
2053 main_server_id = messaging_server_id(msg_ctx);
2054 set_profile_level(profiling_level, &main_server_id);
2055
2056 if (!cmdline_daemon_cfg->daemon && !is_a_socket(0)) {
2057 if (!cmdline_daemon_cfg->interactive) {
2058 DEBUG(3, ("Standard input is not a socket, "
2059 "assuming -D option\n"));
2060 }
2061
2062 /*
2063 * Setting "daemon" here prevents us from eventually calling
2064 * the open_sockets_inetd()
2065 */
2066
2067 cmdline_daemon_cfg->daemon = true;
2068 }
2069
2070 if (cmdline_daemon_cfg->daemon && !cmdline_daemon_cfg->interactive) {
2071 DEBUG(3, ("Becoming a daemon.\n"));
2072 become_daemon(cmdline_daemon_cfg->fork,
2073 cmdline_daemon_cfg->no_process_group,
2074 log_stdout);
2075 } else {
2076 daemon_status("smbd", "Starting process ...");
2077 }
2078
2079 #ifdef HAVE_SETPGID
2080 /*
2081 * If we're interactive we want to set our own process group for
2082 * signal management.
2083 */
2084 if (cmdline_daemon_cfg->interactive &&
2085 !cmdline_daemon_cfg->no_process_group)
2086 {
2087 setpgid( (pid_t)0, (pid_t)0);
2088 }
2089 #endif
2090
2091 if (!directory_exist(lp_lock_directory()))
2092 mkdir(lp_lock_directory(), 0755);
2093
2094 if (!directory_exist(lp_pid_directory()))
2095 mkdir(lp_pid_directory(), 0755);
2096
2097 if (cmdline_daemon_cfg->daemon)
2098 pidfile_create(lp_pid_directory(), "smbd");
2099
2100 status = reinit_after_fork(msg_ctx, ev_ctx, false);
2101 if (!NT_STATUS_IS_OK(status)) {
2102 exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status));
2103 }
2104
2105 if (!cmdline_daemon_cfg->interactive) {
2106 /*
2107 * Do not initialize the parent-child-pipe before becoming a
2108 * daemon: this is used to detect a died parent in the child
2109 * process.
2110 */
2111 status = init_before_fork();
2112 if (!NT_STATUS_IS_OK(status)) {
2113 exit_daemon(nt_errstr(status), map_errno_from_nt_status(status));
2114 }
2115 }
2116
2117 parent = talloc_zero(ev_ctx, struct smbd_parent_context);
2118 if (!parent) {
2119 exit_server("talloc(struct smbd_parent_context) failed");
2120 }
2121 parent->interactive = cmdline_daemon_cfg->interactive;
2122 parent->ev_ctx = ev_ctx;
2123 parent->msg_ctx = msg_ctx;
2124 am_parent = parent;
2125
2126 se = tevent_add_signal(parent->ev_ctx,
2127 parent,
2128 SIGTERM, 0,
2129 smbd_parent_sig_term_handler,
2130 parent);
2131 if (!se) {
2132 exit_server("failed to setup SIGTERM handler");
2133 }
2134 se = tevent_add_signal(parent->ev_ctx,
2135 parent,
2136 SIGHUP, 0,
2137 smbd_parent_sig_hup_handler,
2138 parent);
2139 if (!se) {
2140 exit_server("failed to setup SIGHUP handler");
2141 }
2142
2143 /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
2144
2145 if (smbd_memcache() == NULL) {
2146 exit_daemon("no memcache available", EACCES);
2147 }
2148
2149 memcache_set_global(smbd_memcache());
2150
2151 /* Initialise the password backed before the global_sam_sid
2152 to ensure that we fetch from ldap before we make a domain sid up */
2153
2154 if(!initialize_password_db(false, ev_ctx))
2155 exit(1);
2156
2157 if (!secrets_init()) {
2158 exit_daemon("smbd can not open secrets.tdb", EACCES);
2159 }
2160
2161 if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC || lp_server_role() == ROLE_IPA_DC) {
2162 struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_helpers());
2163 if (!open_schannel_session_store(NULL, lp_ctx)) {
2164 exit_daemon("ERROR: Samba cannot open schannel store for secured NETLOGON operations.", EACCES);
2165 }
2166 TALLOC_FREE(lp_ctx);
2167 }
2168
2169 if(!get_global_sam_sid()) {
2170 exit_daemon("Samba cannot create a SAM SID", EACCES);
2171 }
2172
2173 server_id = messaging_server_id(msg_ctx);
2174 status = smbXsrv_version_global_init(&server_id);
2175 if (!NT_STATUS_IS_OK(status)) {
2176 exit_daemon("Samba cannot init server context", EACCES);
2177 }
2178
2179 status = smbXsrv_client_global_init();
2180 if (!NT_STATUS_IS_OK(status)) {
2181 exit_daemon("Samba cannot init clients context", EACCES);
2182 }
2183
2184 status = smbXsrv_session_global_init(msg_ctx);
2185 if (!NT_STATUS_IS_OK(status)) {
2186 exit_daemon("Samba cannot init session context", EACCES);
2187 }
2188
2189 status = smbXsrv_tcon_global_init();
2190 if (!NT_STATUS_IS_OK(status)) {
2191 exit_daemon("Samba cannot init tcon context", EACCES);
2192 }
2193
2194 if (!locking_init())
2195 exit_daemon("Samba cannot init locking", EACCES);
2196
2197 if (!leases_db_init(false)) {
2198 exit_daemon("Samba cannot init leases", EACCES);
2199 }
2200
2201 if (!smbd_notifyd_init(
2202 msg_ctx,
2203 cmdline_daemon_cfg->interactive,
2204 &parent->notifyd)) {
2205 exit_daemon("Samba cannot init notification", EACCES);
2206 }
2207
2208 if (!cleanupd_init(
2209 msg_ctx,
2210 cmdline_daemon_cfg->interactive,
2211 &parent->cleanupd)) {
2212 exit_daemon("Samba cannot init the cleanupd", EACCES);
2213 }
2214
2215 if (!messaging_parent_dgm_cleanup_init(msg_ctx)) {
2216 exit(1);
2217 }
2218
2219 if (!smbd_scavenger_init(NULL, msg_ctx, ev_ctx)) {
2220 exit_daemon("Samba cannot init scavenging", EACCES);
2221 }
2222
2223 if (!W_ERROR_IS_OK(registry_init_full()))
2224 exit_daemon("Samba cannot init registry", EACCES);
2225
2226 /* Open the share_info.tdb here, so we don't have to open
2227 after the fork on every single connection. This is a small
2228 performance improvement and reduces the total number of system
2229 fds used. */
2230 status = share_info_db_init();
2231 if (!NT_STATUS_IS_OK(status)) {
2232 exit_daemon("ERROR: failed to load share info db.", EACCES);
2233 }
2234
2235 status = init_system_session_info(NULL);
2236 if (!NT_STATUS_IS_OK(status)) {
2237 DEBUG(1, ("ERROR: failed to setup system user info: %s.\n",
2238 nt_errstr(status)));
2239 return -1;
2240 }
2241
2242 if (!init_guest_session_info(NULL)) {
2243 DEBUG(0,("ERROR: failed to setup guest info.\n"));
2244 return -1;
2245 }
2246
2247 if (!file_init_global()) {
2248 DEBUG(0, ("ERROR: file_init_global() failed\n"));
2249 return -1;
2250 }
2251 status = smbXsrv_open_global_init();
2252 if (!NT_STATUS_IS_OK(status)) {
2253 exit_daemon("Samba cannot init global open", map_errno_from_nt_status(status));
2254 }
2255
2256 if (lp_clustering() && !lp_allow_unsafe_cluster_upgrade()) {
2257 status = smbd_claim_version(msg_ctx, samba_version_string());
2258 if (!NT_STATUS_IS_OK(status)) {
2259 DBG_ERR("Could not claim version: %s\n",
2260 nt_errstr(status));
2261 return -1;
2262 }
2263 }
2264
2265 /* This MUST be done before start_epmd() because otherwise
2266 * start_epmd() forks and races against dcesrv_ep_setup() to
2267 * call directory_create_or_exist() */
2268 if (!directory_create_or_exist(lp_ncalrpc_dir(), 0755)) {
2269 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
2270 lp_ncalrpc_dir(), strerror(errno)));
2271 return -1;
2272 }
2273
2274 np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
2275 if (!np_dir) {
2276 DEBUG(0, ("%s: Out of memory\n", __location__));
2277 return -1;
2278 }
2279
2280 if (!directory_create_or_exist_strict(np_dir, geteuid(), 0700)) {
2281 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
2282 np_dir, strerror(errno)));
2283 return -1;
2284 }
2285
2286 if (!cmdline_daemon_cfg->interactive) {
2287 daemon_ready("smbd");
2288 }
2289
2290 if (!cmdline_daemon_cfg->daemon) {
2291 int ret, sock;
2292
2293 /* inetd mode */
2294 TALLOC_FREE(frame);
2295
2296 /* Started from inetd. fd 0 is the socket. */
2297 /* We will abort gracefully when the client or remote system
2298 goes away */
2299 sock = dup(0);
2300
2301 /* close stdin, stdout (if not logging to it), but not stderr */
2302 ret = close_low_fd(0);
2303 if (ret != 0) {
2304 DBG_ERR("close_low_fd(0) failed: %s\n", strerror(ret));
2305 return 1;
2306 }
2307 if (!debug_get_output_is_stdout()) {
2308 ret = close_low_fd(1);
2309 if (ret != 0) {
2310 DBG_ERR("close_low_fd(1) failed: %s\n",
2311 strerror(ret));
2312 return 1;
2313 }
2314 }
2315
2316 #ifdef HAVE_ATEXIT
2317 atexit(killkids);
2318 #endif
2319
2320 /* Stop zombies */
2321 smbd_setup_sig_chld_handler(parent);
2322
2323 smbd_process(ev_ctx, msg_ctx, sock, true);
2324
2325 exit_server_cleanly(NULL);
2326 return(0);
2327 }
2328
2329 if (lp_interfaces() && lp_bind_interfaces_only()) {
2330 smbd_init_addrchange(NULL, ev_ctx, msg_ctx, parent, ports);
2331 }
2332
2333 if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports))
2334 exit_server("open_sockets_smbd() failed");
2335
2336 TALLOC_FREE(frame);
2337 /* make sure we always have a valid stackframe */
2338 frame = talloc_stackframe();
2339
2340 if (!cmdline_daemon_cfg->fork) {
2341 /* if we are running in the foreground then look for
2342 EOF on stdin, and exit if it happens. This allows
2343 us to die if the parent process dies
2344 Only do this on a pipe or socket, no other device.
2345 */
2346 struct stat st;
2347 if (fstat(0, &st) != 0) {
2348 return 1;
2349 }
2350 if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
2351 tevent_add_fd(ev_ctx,
2352 parent,
2353 0,
2354 TEVENT_FD_READ,
2355 smbd_stdin_handler,
2356 NULL);
2357 }
2358 }
2359
2360 smbd_parent_loop(ev_ctx, parent);
2361
2362 exit_server_cleanly(NULL);
2363 TALLOC_FREE(frame);
2364 return(0);
2365 }
GSS-enabled samba4