search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
dmake: do not set MAKEFLAGS=k
[unleashed/tickless.git] / usr / src / cmd / backup / dump / dumpmain.c
blobb1d816f4b62fb998f2269cf04935d3eb4f391fbf
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 /* Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
28 /* All Rights Reserved */
29
30 /*
31 * Copyright (c) 1980 Regents of the University of California.
32 * All rights reserved. The Berkeley software License Agreement
33 * specifies the terms and conditions for redistribution.
34 */
35
36 #include "dump.h"
37 #include <sys/mtio.h>
38 #include <limits.h>
39 #include <priv_utils.h>
40 #include "roll_log.h"
41 #include <unistd.h>
42
43 int notify = 0; /* notify operator flag */
44 int blockswritten = 0; /* number of blocks written on current tape */
45 uint_t tapeno = 0; /* current tape number */
46 daddr32_t filenum = 0; /* current file number on tape */
47 int density = 0; /* density in bytes/0.1" */
48 int tenthsperirg; /* inter-record-gap in 0.1"'s */
49 uint_t ntrec = 0; /* # tape blocks in each tape record */
50 uint_t saved_ntrec = 0; /* saved value of ntrec */
51 uint_t forceflag = 0; /* forced to change tp_bsize */
52 int cartridge = 0; /* assume non-cartridge tape */
53 uint_t tracks; /* # tracks on a cartridge tape */
54 int diskette = 0; /* assume not dumping to a diskette */
55 int printsize = 0; /* just print estimated size and exit */
56 int mapfd = -1; /* if >= 0, file descriptor for mmap */
57 int32_t tp_bsize = TP_BSIZE_MIN; /* tape block record size (frag size) */
58 #ifdef DEBUG
59 int xflag; /* debugging switch */
60 #endif
61
62 char *myname;
63
64 /*
65 * This should be struct fs, but there are trailing bits on disk
66 * that we also need to read in as part of it. It's an array of
67 * longs instead of char to force proper alignment.
68 */
69 static long sblock_buf[SBSIZE/sizeof (long)];
70
71 #ifdef __STDC__
72 static char *mb(uoff_t);
73 static void nextstate(int);
74 #else
75 static char *mb();
76 static void nextstate();
77 #endif
78
79 extern jmp_buf checkpoint_buf; /* context for return from checkpoint */
80 #define FUDGE_FACTOR 0x2000000
81
82 int
83 main(int argc, char *argv[])
84 {
85 char *arg;
86 int bflag = 0, i, error = 0, saverr;
87 double fetapes = 0.0;
88 struct mnttab *dt;
89 char msgbuf[3000], *msgp;
90 char kbsbuf[BUFSIZ];
91 uoff_t esize_shift = 0;
92 int32_t new_mult = 0;
93 time32_t snapdate;
94
95 if (myname = strrchr(argv[0], '/'))
96 myname++;
97 else
98 myname = argv[0];
99
100 if (strcmp("hsmdump", myname) == 0) {
101 msg(gettext("hsmdump emulation is no longer supported.\n"));
102 Exit(X_ABORT);
103 }
104
105 tape = DEFTAPE;
106 autoload_period = 12;
107 autoload_tries = 12; /* traditional default of ~2.5 minutes */
108
109 (void) setlocale(LC_ALL, "");
110 #if !defined(TEXT_DOMAIN)
111 #define TEXT_DOMAIN "SYS_TEST"
112 #endif /* TEXT_DOMAIN */
113 (void) textdomain(TEXT_DOMAIN);
114
115 /*
116 * If someone strips the set-uid bit, dump will still work for local
117 * tapes. Fail when we try to access a remote tape.
118 */
119 (void) __init_suid_priv(0, PRIV_NET_PRIVADDR, NULL);
120
121 if (sysinfo(SI_HOSTNAME, spcl.c_host, sizeof (spcl.c_host)) < 0) {
122 saverr = errno;
123 msg(gettext("Could not get host name: %s\n"),
124 strerror(saverr));
125 bzero(spcl.c_host, sizeof (spcl.c_host));
126 }
127
128 dumppid = getpid();
129 tsize = 0; /* no default size, detect EOT dynamically */
130
131 archive_opened = 0;
132 disk = NULL;
133 dname = NULL;
134 disk_dynamic = 0;
135 increm = NINCREM;
136 incno = '9';
137 uflag = 0;
138 arg = "u";
139 tlabel = "none";
140 if (argc > 1) {
141 argv++;
142 argc--;
143 arg = *argv;
144 if (*arg == '-')
145 arg++;
146 }
147 while (*arg)
148 switch (*arg++) { /* BE CAUTIOUS OF FALLTHROUGHS */
149 case 'M':
150 /*
151 * This undocumented option causes each process to
152 * mkdir debug_chdir/getpid(), and chdir to it. This is
153 * to ease the collection of profiling information and
154 * core dumps.
155 */
156 if (argc > 1) {
157 argv++;
158 argc--;
159 debug_chdir = *argv;
160 msg(gettext(
161 "Each process shall try to chdir to %s/<pid>\n"),
162 debug_chdir);
163 child_chdir();
164 } else {
165 msg(gettext("Missing move-to-dir (M) name\n"));
166 dumpabort();
167 /*NOTREACHED*/
168 }
169 break;
170
171 case 'w':
172 lastdump('w'); /* tell us only what has to be done */
173 exit(0);
174 break;
175
176 case 'W': /* what to do */
177 lastdump('W'); /* tell state of what has been done */
178 exit(0); /* do nothing else */
179 break;
180
181 case 'T':
182 if (argc > 1) {
183 int count;
184 int multiplier;
185 char units;
186
187 argv++;
188 argc--;
189 count = atoi(*argv);
190 if (count < 1) {
191 msg(gettext(
192 "Unreasonable autoload timeout period\n"));
193 dumpabort();
194 /*NOTREACHED*/
195 }
196 units = *(*argv + strlen(*argv) - 1);
197 switch (units) {
198 case 's':
199 multiplier = 1;
200 break;
201 case 'h':
202 multiplier = 3600;
203 break;
204 case '0': case '1': case '2': case '3': case '4':
205 case '5': case '6': case '7': case '8': case '9':
206 case 'm':
207 multiplier = 60;
208 break;
209 default:
210 msg(gettext(
211 "Unknown timeout units indicator `%c'\n"),
212 units);
213 dumpabort();
214 /*NOTREACHED*/
215 }
216 autoload_tries = 1 +
217 ((count * multiplier) / autoload_period);
218 } else {
219 msg(gettext("Missing autoload timeout period\n"));
220 dumpabort();
221 /*NOTREACHED*/
222 }
223 break;
224
225 case 'f': /* output file */
226 if (argc > 1) {
227 argv++;
228 argc--;
229 tape = *argv;
230 if (*tape == '\0') {
231 msg(gettext("Bad output device name\n"));
232 dumpabort();
233 /*NOTREACHED*/
234 }
235 } else {
236 msg(gettext("Missing output device name\n"));
237 dumpabort();
238 /*NOTREACHED*/
239 }
240 if (strcmp(tape, "-") == 0 && verify) {
241 msg(gettext(
242 "Cannot verify when dumping to standard out.\n"));
243 dumpabort();
244 /*NOTREACHED*/
245 }
246 break;
247
248 case 'd': /* density, in bits per inch */
249 if (argc > 1) {
250 argv++;
251 argc--;
252 density = atoi(*argv) / 10;
253 if (density <= 0) {
254 msg(gettext(
255 "Density must be a positive integer\n"));
256 dumpabort();
257 /*NOTREACHED*/
258 }
259 } else {
260 msg(gettext("Missing density\n"));
261 dumpabort();
262 /*NOTREACHED*/
263 }
264 break;
265
266 case 's': /* tape size, feet */
267 if (argc > 1) {
268 argv++;
269 argc--;
270 tsize = atol(*argv);
271 if ((*argv[0] == '-') || (tsize == 0)) {
272 msg(gettext(
273 "Tape size must be a positive integer\n"));
274 dumpabort();
275 /*NOTREACHED*/
276 }
277 } else {
278 msg(gettext("Missing tape size\n"));
279 dumpabort();
280 /*NOTREACHED*/
281 }
282 break;
283
284 case 't': /* tracks */
285 if (argc > 1) {
286 argv++;
287 argc--;
288 tracks = atoi(*argv);
289 } else {
290 msg(gettext("Missing track count\n"));
291 dumpabort();
292 /*NOTREACHED*/
293 }
294 break;
295
296 case 'b': /* blocks per tape write */
297 if (argc > 1) {
298 argv++;
299 argc--;
300 bflag++;
301 /*
302 * We save the ntrec in case we need to change
303 * tp_bsize later, we will have to recalculate
304 * it.
305 */
306 saved_ntrec = ntrec = atoi(*argv);
307 if (ntrec == 0 || (ntrec&1) || ntrec > (MAXNTREC*2)) {
308 msg(gettext(
309 "Block size must be a positive, even integer <= %d\n"),
310 MAXNTREC*2);
311 dumpabort();
312 /*NOTREACHED*/
313 }
314 ntrec /= (tp_bsize/DEV_BSIZE);
315 } else {
316 msg(gettext("Missing blocking factor\n"));
317 dumpabort();
318 /*NOTREACHED*/
319 }
320 break;
321
322 case 'c': /* Tape is cart. not 9-track */
323 case 'C': /* 'C' to be consistent with 'D' */
324 cartridge++;
325 break;
326
327 case '0': /* dump level */
328 case '1':
329 case '2':
330 case '3':
331 case '4':
332 case '5':
333 case '6':
334 case '7':
335 case '8':
336 case '9':
337 incno = arg[-1];
338 break;
339
340 case 'u': /* update /etc/dumpdates */
341 uflag++;
342 break;
343
344 case 'n': /* notify operators */
345 notify++;
346 break;
347
348 case 'a': /* create archive file */
349 archive = 1;
350 if (argc > 1) {
351 argv++;
352 argc--;
353 if (**argv == '\0') {
354 msg(gettext("Bad archive file name\n"));
355 dumpabort();
356 /*NOTREACHED*/
357 }
358 archivefile = strdup(*argv);
359 if (archivefile == NULL) {
360 saverr = errno;
361 msg(gettext("Cannot allocate memory: %s\n"),
362 strerror(saverr));
363 dumpabort();
364 /*NOTREACHED*/
365 }
366 } else {
367 msg(gettext("Missing archive file name\n"));
368 dumpabort();
369 /*NOTREACHED*/
370 }
371 break;
372
373 case 'v':
374 verify++;
375 doingverify++;
376 if (strcmp(tape, "-") == 0) {
377 msg(gettext(
378 "Cannot verify when dumping to standard out.\n"));
379 dumpabort();
380 /*NOTREACHED*/
381 }
382 break;
383
384 case 'D':
385 diskette++;
386 break;
387
388 case 'N':
389 if (argc > 1) {
390 argv++;
391 argc--;
392 if (**argv == '\0') {
393 msg(gettext("Missing name for dumpdates "
394 "entry.\n"));
395 dumpabort();
396 /*NOTREACHED*/
397 }
398 dname = *argv;
399 if (strlen(dname) > MAXNAMLEN + 2) {
400 msg(gettext("Dumpdates entry name too "
401 "long.\n"));
402 dumpabort();
403 /*NOTREACHED*/
404 }
405 for (i = 0; i < strlen(dname); i++) {
406 if (isspace(*(dname+i))) {
407 msg(gettext("Dumpdates entry name may "
408 "not contain white space.\n"));
409 dumpabort();
410 /*NOTREACHED*/
411 }
412 }
413 } else {
414 msg(gettext("Missing name for dumpdates entry.\n"));
415 dumpabort();
416 /*NOTREACHED*/
417 }
418 break;
419 case 'L':
420 if (argc > 1) {
421 argv++;
422 argc--;
423 if (**argv == '\0') {
424 msg(gettext("Missing tape label name\n"));
425 dumpabort();
426 /*NOTREACHED*/
427 }
428 tlabel = *argv;
429 if (strlen(tlabel) > (sizeof (spcl.c_label) - 1)) {
430 tlabel[sizeof (spcl.c_label) - 1] = '\0';
431 msg(gettext(
432 "Truncating label to maximum supported length: `%s'\n"),
433 tlabel);
434 }
435 } else {
436 msg(gettext("Missing tape label name\n"));
437 dumpabort();
438 /*NOTREACHED*/
439 }
440 break;
441
442 case 'l':
443 autoload++;
444 break;
445
446 case 'o':
447 offline++;
448 break;
449
450 case 'S':
451 printsize++;
452 break;
453
454 #ifdef DEBUG
455 case 'z':
456 xflag++;
457 break;
458 #endif
459
460 default:
461 msg(gettext("Bad option `%c'\n"), arg[-1]);
462 dumpabort();
463 /*NOTREACHED*/
464 }
465 if (argc > 1) {
466 argv++;
467 argc--;
468 if (**argv == '\0') {
469 msg(gettext("Bad disk name\n"));
470 dumpabort();
471 /*NOTREACHED*/
472 }
473 disk = *argv;
474 disk_dynamic = 0;
475 }
476 if (disk == NULL) {
477 (void) fprintf(stderr, gettext(
478 "Usage: %s [0123456789fustdWwnNDCcbavloS [argument]] filesystem\n"),
479 myname);
480 Exit(X_ABORT);
481 }
482 if (!filenum)
483 filenum = 1;
484
485 if (signal(SIGINT, interrupt) == SIG_IGN)
486 (void) signal(SIGINT, SIG_IGN);
487
488 if (strcmp(tape, "-") == 0) {
489 pipeout++;
490 tape = gettext("standard output");
491 dumpdev = sdumpdev = strdup(tape);
492 if (dumpdev == NULL) {
493 saverr = errno;
494 msg(gettext("Cannot allocate memory: %s\n"),
495 strerror(saverr));
496 dumpabort();
497 /*NOTREACHED*/
498 }
499 /*CONSTANTCONDITION*/
500 assert(sizeof (spcl.c_label) > 5);
501 (void) strcpy(spcl.c_label, "none");
502 } else if (*tape == '+') {
503 nextdevice();
504 (void) strcpy(spcl.c_label, tlabel);
505 } else {
506 /* if not already set, set diskette to default */
507 if (diskette && strcmp(tape, DEFTAPE) == 0)
508 tape = DISKETTE;
509 nextdevice();
510 (void) strcpy(spcl.c_label, tlabel);
511 }
512 if (cartridge && diskette) {
513 error = 1;
514 msg(gettext("Cannot select both cartridge and diskette\n"));
515 }
516 if (density && diskette) {
517 error = 1;
518 msg(gettext("Cannot select density of diskette\n"));
519 }
520 if (tracks && diskette) {
521 error = 1;
522 msg(gettext("Cannot select number of tracks of diskette\n"));
523 }
524 if (error) {
525 dumpabort();
526 /*NOTREACHED*/
527 }
528
529 /*
530 * Determine how to default tape size and density
531 *
532 * density tape size
533 * 9-track 1600 bpi (160 bytes/.1") 2300 ft.
534 * 9-track 6250 bpi (625 bytes/.1") 2300 ft.
535 *
536 * Most Sun-2's came with 4 track (20MB) cartridge tape drives,
537 * while most other machines (Sun-3's and non-Sun's) come with
538 * 9 track (45MB) cartridge tape drives. Some Sun-2's came with
539 * 9 track drives, but there is no way for the software to detect
540 * which drive type is installed. Sigh... We make the gross
541 * assumption that #ifdef mc68010 will test for a Sun-2.
542 *
543 * cartridge 8000 bpi (100 bytes/.1") 425 * tracks ft.
544 */
545 if (density == 0)
546 density = cartridge ? 100 : 625;
547 if (tracks == 0)
548 tracks = 9;
549 if (!bflag) {
550 if (cartridge)
551 ntrec = CARTRIDGETREC;
552 else if (diskette)
553 ntrec = NTREC;
554 else if (density >= 625)
555 ntrec = HIGHDENSITYTREC;
556 else
557 ntrec = NTREC;
558 /*
559 * save ntrec in case we have to change tp_bsize later.
560 */
561 saved_ntrec = (ntrec * (tp_bsize/DEV_BSIZE));
562 }
563 if (!diskette) {
564 tsize *= 12L*10L;
565 if (cartridge)
566 tsize *= tracks;
567 }
568 if (signal(SIGHUP, sigAbort) == SIG_IGN)
569 (void) signal(SIGHUP, SIG_IGN);
570 if (signal(SIGTRAP, sigAbort) == SIG_IGN)
571 (void) signal(SIGTRAP, SIG_IGN);
572 if (signal(SIGFPE, sigAbort) == SIG_IGN)
573 (void) signal(SIGFPE, SIG_IGN);
574 if (signal(SIGBUS, sigAbort) == SIG_IGN)
575 (void) signal(SIGBUS, SIG_IGN);
576 if (signal(SIGSEGV, sigAbort) == SIG_IGN)
577 (void) signal(SIGSEGV, SIG_IGN);
578 if (signal(SIGTERM, sigAbort) == SIG_IGN)
579 (void) signal(SIGTERM, SIG_IGN);
580 if (signal(SIGUSR1, sigAbort) == SIG_IGN)
581 (void) signal(SIGUSR1, SIG_IGN);
582 if (signal(SIGPIPE, sigAbort) == SIG_IGN)
583 (void) signal(SIGPIPE, SIG_IGN);
584
585 mnttabread(); /* /etc/fstab, /etc/mtab snarfed */
586
587 /*
588 * disk can be either the full special file name,
589 * the suffix of the special file name,
590 * the special name missing the leading '/',
591 * the file system name with or without the leading '/'.
592 * NB: we attempt to avoid dumping the block device
593 * (using rawname) because specfs and the vm system
594 * are not necessarily in sync.
595 */
596
597 /*
598 * Attempt to roll the log if its root user before doing the dump.
599 * There's nothing the user can do if we are unable to roll the log,
600 * so we'll silently ignore failures.
601 */
602 if (getuid() == 0 && rl_roll_log(disk) != RL_SUCCESS &&
603 disk[0] != '/') {
604 /* Try it again with leading '/'. */
605 char *slashed;
606
607 slashed = (char *)malloc(strlen(disk) + 2);
608 if (slashed != NULL) {
609 (void) sprintf(slashed, "%c%s", '/', disk);
610 (void) rl_roll_log(slashed);
611 free(slashed);
612 }
613 }
614 dt = mnttabsearch(disk, 0);
615 if (dt != 0) {
616 filesystem = dt->mnt_mountp;
617 if (disk_dynamic) {
618 /* LINTED: disk is not NULL */
619 free(disk);
620 }
621 disk = rawname(dt->mnt_special);
622 disk_dynamic = (disk != dt->mnt_special);
623
624 (void) strncpy(spcl.c_dev, dt->mnt_special,
625 sizeof (spcl.c_dev));
626 spcl.c_dev[sizeof (spcl.c_dev) - 1] = '\0';
627 (void) strncpy(spcl.c_filesys, dt->mnt_mountp,
628 sizeof (spcl.c_filesys));
629 spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';
630 } else {
631 (void) strncpy(spcl.c_dev, disk, sizeof (spcl.c_dev));
632 spcl.c_dev[sizeof (spcl.c_dev) - 1] = '\0';
633 #ifdef PARTIAL
634 /* check for partial filesystem dump */
635 partial_check();
636 dt = mnttabsearch(disk, 1);
637 if (dt != 0) {
638 filesystem = dt->mnt_mountp;
639 if (disk_dynamic)
640 free(disk);
641 disk = rawname(dt->mnt_special);
642 disk_dynamic = (disk != dt->mnt_special);
643
644 (void) strncpy(spcl.c_filesys,
645 "a partial file system", sizeof (spcl.c_filesys));
646 spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';
647 }
648 else
649 #endif /* PARTIAL */
650 {
651 char *old_disk = disk;
652
653 (void) strncpy(spcl.c_filesys,
654 "an unlisted file system",
655 sizeof (spcl.c_filesys));
656 spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';
657
658 disk = rawname(old_disk);
659 if (disk != old_disk) {
660 if (disk_dynamic)
661 free(old_disk);
662 disk_dynamic = 1;
663 }
664 /*
665 * If disk == old_disk, then disk_dynamic's state
666 * does not change.
667 */
668 }
669 }
670
671 fi = open64(disk, O_RDONLY);
672
673 if (fi < 0) {
674 saverr = errno;
675 msg(gettext("Cannot open dump device `%s': %s\n"),
676 disk, strerror(saverr));
677 Exit(X_ABORT);
678 }
679
680 if (sscanf(&incno, "%1d", &spcl.c_level) != 1) {
681 msg(gettext("Bad dump level `%c' specified\n"), incno);
682 dumpabort();
683 /*NOTREACHED*/
684 }
685 getitime(); /* /etc/dumpdates snarfed */
686
687 sblock = (struct fs *)&sblock_buf;
688 sync();
689
690 bread((diskaddr_t)SBLOCK, (uchar_t *)sblock, (long)SBSIZE);
691 if ((sblock->fs_magic != FS_MAGIC) &&
692 (sblock->fs_magic != MTB_UFS_MAGIC)) {
693 msg(gettext(
694 "Warning - super-block on device `%s' is corrupt - run fsck\n"),
695 disk);
696 dumpabort();
697 /*NOTREACHED*/
698 }
699
700 if (sblock->fs_magic == FS_MAGIC &&
701 (sblock->fs_version != UFS_EFISTYLE4NONEFI_VERSION_2 &&
702 sblock->fs_version != UFS_VERSION_MIN)) {
703 msg(gettext("Unrecognized UFS version: %d\n"),
704 sblock->fs_version);
705 dumpabort();
706 /*NOTREACHED*/
707 }
708
709 if (sblock->fs_magic == MTB_UFS_MAGIC &&
710 (sblock->fs_version < MTB_UFS_VERSION_MIN ||
711 sblock->fs_version > MTB_UFS_VERSION_1)) {
712 msg(gettext("Unrecognized UFS version: %d\n"),
713 sblock->fs_version);
714 dumpabort();
715 /*NOTREACHED*/
716 }
717
718 /*
719 * Try to set up for using mmap(2). It only works on the block
720 * device, but if we can use it, things go somewhat faster. If
721 * we can't open it, we'll silently fall back to the old method
722 * (read/memcpy). We also only try this if it's been cleanly
723 * unmounted. Dumping a live filesystem this way runs into
724 * buffer consistency problems. Of course, we don't support
725 * running dump on a mounted filesystem, but some people do it
726 * anyway.
727 */
728 if (sblock->fs_clean == FSCLEAN) {
729 char *block = unrawname(disk);
730
731 if (block != NULL) {
732 mapfd = open(block, O_RDONLY, 0);
733 free(block);
734 }
735 }
736
737 restart:
738 bread((diskaddr_t)SBLOCK, (uchar_t *)sblock, (long)SBSIZE);
739 if ((sblock->fs_magic != FS_MAGIC) &&
740 (sblock->fs_magic != MTB_UFS_MAGIC)) { /* paranoia */
741 msg(gettext("bad super-block magic number, run fsck\n"));
742 dumpabort();
743 /*NOTREACHED*/
744 }
745
746 if (sblock->fs_magic == FS_MAGIC &&
747 (sblock->fs_version != UFS_EFISTYLE4NONEFI_VERSION_2 &&
748 sblock->fs_version != UFS_VERSION_MIN)) {
749 msg(gettext("Unrecognized UFS version: %d\n"),
750 sblock->fs_version);
751 dumpabort();
752 /*NOTREACHED*/
753 }
754
755 if (sblock->fs_magic == MTB_UFS_MAGIC &&
756 (sblock->fs_version < MTB_UFS_VERSION_MIN ||
757 sblock->fs_version > MTB_UFS_VERSION_1)) {
758 msg(gettext("Unrecognized UFS version: %d\n"),
759 sblock->fs_version);
760 dumpabort();
761 /*NOTREACHED*/
762 }
763
764 if (!doingactive)
765 allocino();
766
767 /* XXX should sanity-check the super block before trusting/using it */
768
769 /* LINTED XXX time truncated - tolerate until tape format changes */
770 spcl.c_date = (time32_t)time(NULL);
771 bcopy(&(spcl.c_shadow), c_shadow_save, sizeof (c_shadow_save));
772
773 snapdate = is_fssnap_dump(disk);
774 if (snapdate)
775 spcl.c_date = snapdate;
776
777 if (!printsize) {
778 msg(gettext("Date of this level %c dump: %s\n"),
779 incno, prdate(spcl.c_date));
780 msg(gettext("Date of last level %c dump: %s\n"),
781 (uchar_t)lastincno, prdate(spcl.c_ddate));
782 msg(gettext("Dumping %s "), disk);
783 if (filesystem != 0)
784 msgtail("(%.*s:%s) ",
785 /* LINTED unsigned -> signed cast ok */
786 (int)sizeof (spcl.c_host), spcl.c_host, filesystem);
787 msgtail(gettext("to %s.\n"), sdumpdev);
788 }
789
790 esize = f_esize = o_esize = 0;
791 msiz = roundup(d_howmany(sblock->fs_ipg * sblock->fs_ncg, NBBY),
792 TP_BSIZE_MAX);
793 if (!doingactive) {
794 clrmap = (uchar_t *)xcalloc(msiz, sizeof (*clrmap));
795 filmap = (uchar_t *)xcalloc(msiz, sizeof (*filmap));
796 dirmap = (uchar_t *)xcalloc(msiz, sizeof (*dirmap));
797 nodmap = (uchar_t *)xcalloc(msiz, sizeof (*nodmap));
798 shamap = (uchar_t *)xcalloc(msiz, sizeof (*shamap));
799 activemap = (uchar_t *)xcalloc(msiz, sizeof (*activemap));
800 } else {
801 if (clrmap == NULL || filmap == NULL || dirmap == NULL ||
802 nodmap == NULL || shamap == NULL || activemap == NULL) {
803 msg(gettext(
804 "Internal error: NULL map pointer while re-dumping active files"));
805 dumpabort();
806 /*NOTREACHED*/
807 }
808 bzero(clrmap, msiz);
809 bzero(filmap, msiz);
810 bzero(dirmap, msiz);
811 bzero(nodmap, msiz);
812 bzero(shamap, msiz);
813 /* retain active map */
814 }
815
816 dumpstate = DS_INIT;
817 dumptoarchive = 1;
818
819 /*
820 * Read cylinder group inode-used bitmaps to avoid reading clear inodes.
821 */
822 {
823 uchar_t *clrp = clrmap;
824 struct cg *cgp =
825 (struct cg *)xcalloc((uint_t)sblock->fs_cgsize, 1);
826
827 for (i = 0; i < sblock->fs_ncg; i++) {
828 bread(fsbtodb(sblock, cgtod(sblock, i)),
829 (uchar_t *)cgp, sblock->fs_cgsize);
830 bcopy(cg_inosused(cgp), clrp,
831 (int)sblock->fs_ipg / NBBY);
832 clrp += sblock->fs_ipg / NBBY;
833 }
834 free((char *)cgp);
835 /* XXX right-shift clrmap one bit. why? */
836 for (i = 0; clrp > clrmap; i <<= NBBY) {
837 i |= *--clrp & ((1<<NBBY) - 1);
838 *clrp = i >> 1;
839 }
840 }
841
842 if (!printsize) {
843 msgp = gettext("Mapping (Pass I) [regular files]\n");
844 msg(msgp);
845 }
846
847 ino = 0;
848 #ifdef PARTIAL
849 if (partial_mark(argc, argv)) {
850 #endif /* PARTIAL */
851 if (!doingactive)
852 pass(mark, clrmap); /* mark updates 'x'_esize */
853 else
854 pass(active_mark, clrmap); /* updates 'x'_esize */
855 #ifdef PARTIAL
856 }
857 #endif /* PARTIAL */
858 do {
859 if (!printsize) {
860 msgp = gettext("Mapping (Pass II) [directories]\n");
861 msg(msgp);
862 }
863 nadded = 0;
864 ino = 0;
865 pass(add, dirmap);
866 } while (nadded);
867
868 ino = 0; /* adjust estimated size for shadow inodes */
869 pass(markshad, nodmap);
870 ino = 0;
871 pass(estshad, shamap);
872 freeshad();
873
874 bmapest(clrmap);
875 bmapest(nodmap);
876 esize = o_esize + f_esize;
877 if (diskette) {
878 /* estimate number of floppies */
879 if (tsize != 0)
880 fetapes = (double)(esize + ntrec) / (double)tsize;
881 } else if (cartridge) {
882 /*
883 * Estimate number of tapes, assuming streaming stops at
884 * the end of each block written, and not in mid-block.
885 * Assume no erroneous blocks; this can be compensated for
886 * with an artificially low tape size.
887 */
888 tenthsperirg = 16; /* actually 15.48, says Archive */
889 if (tsize != 0)
890 fetapes = ((double)esize /* blocks */
891 * (tp_bsize /* bytes/block */
892 * (1.0/density)) /* 0.1" / byte */
893 +
894 (double)esize /* blocks */
895 * (1.0/ntrec) /* streaming-stops per block */
896 * tenthsperirg) /* 0.1" / streaming-stop */
897 * (1.0 / tsize); /* tape / 0.1" */
898 } else {
899 /* Estimate number of tapes, for old fashioned 9-track tape */
900 #ifdef sun
901 /* sun has long irg's */
902 tenthsperirg = (density == 625) ? 6 : 12;
903 #else
904 tenthsperirg = (density == 625) ? 5 : 8;
905 #endif
906 if (tsize != 0)
907 fetapes = ((double)esize /* blocks */
908 * (tp_bsize /* bytes / block */
909 * (1.0/density)) /* 0.1" / byte */
910 +
911 (double)esize /* blocks */
912 * (1.0/ntrec) /* IRG's / block */
913 * tenthsperirg) /* 0.1" / IRG */
914 * (1.0 / tsize); /* tape / 0.1" */
915 }
916
917 etapes = fetapes; /* truncating assignment */
918 etapes++;
919 /* count the nodemap on each additional tape */
920 for (i = 1; i < etapes; i++)
921 bmapest(nodmap);
922 /*
923 * If the above bmapest is called, it changes o_esize and f_esize.
924 * So we will recalculate esize here anyway to make sure.
925 * Also, add tape headers and trailer records.
926 */
927 esize = o_esize + f_esize + etapes + ntrec;
928
929 /*
930 * If the estimated number of tp_bsize tape blocks is greater than
931 * INT_MAX we have to adjust tp_bsize and ntrec to handle
932 * the larger dump. esize is an estimate, so we 'fudge'
933 * INT_MAX a little. If tp_bsize is adjusted, it will be adjusted
934 * to the size needed for this dump (2048, 4096, 8192, ...)
935 */
936 if (esize > (INT_MAX - FUDGE_FACTOR)) { /* esize is too big */
937 forceflag++;
938 esize_shift =
939 ((esize + (INT_MAX - FUDGE_FACTOR) - 1)/
940 ((uoff_t)(INT_MAX - FUDGE_FACTOR))) - 1;
941 if ((esize_shift > ESIZE_SHIFT_MAX) || (ntrec == 0)) {
942 msgp = gettext(
943 "Block factor %d ('b' flag) is too small for this size dump.");
944 msg(msgp, saved_ntrec);
945 dumpabort();
946 /*NOTREACHED*/
947 }
948 /*
949 * recalculate esize from:
950 * o_esize - header tape records
951 * (f_esize + (num_mult -1)) >> esize_shift - new non-header
952 * tape records for files/maps
953 * etapes - TS_TAPE records
954 * ntrec - TS_END records
955 *
956 * ntrec is adjusted so a tape record is still 'b' flag
957 * number of DEV_BSIZE (512) in size
958 */
959 new_mult = (tp_bsize << esize_shift)/tp_bsize;
960 tp_bsize = (tp_bsize << esize_shift);
961 esize = o_esize + ((f_esize +
962 (new_mult - 1)) >> esize_shift) + etapes + ntrec;
963 ntrec = (saved_ntrec/(tp_bsize/DEV_BSIZE));
964 }
965 if (forceflag != 0) {
966 msgp = gettext(
967 "Forcing larger tape block size (%d).\n");
968 msg(msgp, tp_bsize);
969 }
970 alloctape(); /* allocate tape buffers */
971
972 assert((tp_bsize / DEV_BSIZE != 0) && (tp_bsize % DEV_BSIZE == 0));
973 /*
974 * If all we wanted was the size estimate,
975 * just print it out and exit.
976 */
977 if (printsize) {
978 (void) printf("%llu\n", esize * tp_bsize);
979 Exit(0);
980 }
981
982 if (tsize != 0) {
983 if (diskette)
984 msgp = gettext(
985 "Estimated %lld blocks (%s) on %3.2f diskettes.\n");
986 else
987 msgp = gettext(
988 "Estimated %lld blocks (%s) on %3.2f tapes.\n");
989
990 msg(msgp,
991 (esize*(tp_bsize/DEV_BSIZE)), mb(esize), fetapes);
992 } else {
993 msgp = gettext("Estimated %lld blocks (%s).\n");
994 msg(msgp, (esize*(tp_bsize/DEV_BSIZE)), mb(esize));
995 }
996
997 dumpstate = DS_CLRI;
998
999 otape(1); /* bitmap is the first to tape write */
1000 *telapsed = 0;
1001 (void) time(tstart_writing);
1002
1003 /* filmap indicates all non-directory inodes */
1004 {
1005 uchar_t *np, *fp, *dp;
1006 np = nodmap;
1007 dp = dirmap;
1008 fp = filmap;
1009 for (i = 0; i < msiz; i++)
1010 *fp++ = *np++ ^ *dp++;
1011 }
1012
1013 while (dumpstate != DS_DONE) {
1014 /*
1015 * When we receive EOT notification from
1016 * the writer, the signal handler calls
1017 * rollforward and then jumps here.
1018 */
1019 (void) setjmp(checkpoint_buf);
1020 switch (dumpstate) {
1021 case DS_INIT:
1022 /*
1023 * We get here if a tape error occurred
1024 * after releasing the name lock but before
1025 * the volume containing the last of the
1026 * dir info was completed. We have to start
1027 * all over in this case.
1028 */
1029 {
1030 char *rmsg = gettext(
1031 "Warning - output error occurred after releasing name lock\n\
1032 \tThe dump will restart\n");
1033 msg(rmsg);
1034 goto restart;
1035 }
1036 /* NOTREACHED */
1037 case DS_START:
1038 case DS_CLRI:
1039 ino = UFSROOTINO;
1040 dumptoarchive = 1;
1041 bitmap(clrmap, TS_CLRI);
1042 nextstate(DS_BITS);
1043 /* FALLTHROUGH */
1044 case DS_BITS:
1045 ino = UFSROOTINO;
1046 dumptoarchive = 1;
1047 if (BIT(UFSROOTINO, nodmap)) /* empty dump check */
1048 bitmap(nodmap, TS_BITS);
1049 nextstate(DS_DIRS);
1050 if (!doingverify) {
1051 msgp = gettext(
1052 "Dumping (Pass III) [directories]\n");
1053 msg(msgp);
1054 }
1055 /* FALLTHROUGH */
1056 case DS_DIRS:
1057 dumptoarchive = 1;
1058 pass(dirdump, dirmap);
1059 nextstate(DS_FILES);
1060 if (!doingverify) {
1061 msgp = gettext(
1062 "Dumping (Pass IV) [regular files]\n");
1063 msg(msgp);
1064 }
1065 /* FALLTHROUGH */
1066 case DS_FILES:
1067 dumptoarchive = 0;
1068
1069 pass(lf_dump, filmap);
1070
1071 flushcmds();
1072 dumpstate = DS_END; /* don't reset ino */
1073 /* FALLTHROUGH */
1074 case DS_END:
1075 dumptoarchive = 1;
1076 spcl.c_type = TS_END;
1077 for (i = 0; i < ntrec; i++) {
1078 spclrec();
1079 }
1080 flusht();
1081 break;
1082 case DS_DONE:
1083 break;
1084 default:
1085 msg(gettext("Internal state error\n"));
1086 dumpabort();
1087 /*NOTREACHED*/
1088 }
1089 }
1090
1091 if ((! doingactive) && (! active))
1092 trewind();
1093 if (verify && !doingverify) {
1094 msgp = gettext("Finished writing last dump volume\n");
1095 msg(msgp);
1096 Exit(X_VERIFY);
1097 }
1098 if (spcl.c_volume > 1)
1099 (void) snprintf(msgbuf, sizeof (msgbuf),
1100 gettext("%lld blocks (%s) on %ld volumes"),
1101 ((uint64_t)spcl.c_tapea*(tp_bsize/DEV_BSIZE)),
1102 mb((uoff_t)(unsigned)(spcl.c_tapea)),
1103 spcl.c_volume);
1104 else
1105 (void) snprintf(msgbuf, sizeof (msgbuf),
1106 gettext("%lld blocks (%s) on 1 volume"),
1107 ((uint64_t)spcl.c_tapea*(tp_bsize/DEV_BSIZE)),
1108 mb((uoff_t)(unsigned)(spcl.c_tapea)));
1109 if (timeclock((time_t)0) != (time_t)0) {
1110 (void) snprintf(kbsbuf, sizeof (kbsbuf),
1111 gettext(" at %ld KB/sec"),
1112 (long)(((float)spcl.c_tapea / (float)timeclock((time_t)0))
1113 * 1000.0));
1114 (void) strcat(msgbuf, kbsbuf);
1115 }
1116 (void) strcat(msgbuf, "\n");
1117 msg(msgbuf);
1118 (void) timeclock((time_t)-1);
1119
1120 if (archive)
1121 msg(gettext("Archiving dump to `%s'\n"), archivefile);
1122 if (active && !verify) {
1123 nextstate(DS_INIT);
1124 activepass();
1125 goto restart;
1126 }
1127 msgp = gettext("DUMP IS DONE\n");
1128 msg(msgp);
1129 broadcast(msgp);
1130 if (! doingactive)
1131 putitime();
1132 Exit(X_FINOK);
1133
1134 /*NOTREACHED*/
1135 return (0);
1136 }
1137
1138 void
1139 sigAbort(int sig)
1140 {
1141 char *sigtype;
1142
1143 switch (sig) {
1144 case SIGHUP:
1145 sigtype = "SIGHUP";
1146 break;
1147 case SIGTRAP:
1148 sigtype = "SIGTRAP";
1149 break;
1150 case SIGFPE:
1151 sigtype = "SIGFPE";
1152 break;
1153 case SIGBUS:
1154 msg(gettext("%s ABORTING!\n"), "SIGBUS()");
1155 (void) signal(SIGUSR2, SIG_DFL);
1156 abort();
1157 /*NOTREACHED*/
1158 case SIGSEGV:
1159 msg(gettext("%s ABORTING!\n"), "SIGSEGV()");
1160 (void) signal(SIGUSR2, SIG_DFL);
1161 abort();
1162 /*NOTREACHED*/
1163 case SIGALRM:
1164 sigtype = "SIGALRM";
1165 break;
1166 case SIGTERM:
1167 sigtype = "SIGTERM";
1168 break;
1169 case SIGPIPE:
1170 msg(gettext("Broken pipe\n"));
1171 dumpabort();
1172 /*NOTREACHED*/
1173 default:
1174 sigtype = "SIGNAL";
1175 break;
1176 }
1177 msg(gettext("%s() try rewriting\n"), sigtype);
1178 if (pipeout) {
1179 msg(gettext("Unknown signal, Cannot recover\n"));
1180 dumpabort();
1181 /*NOTREACHED*/
1182 }
1183 msg(gettext("Rewriting attempted as response to unknown signal.\n"));
1184 (void) fflush(stderr);
1185 (void) fflush(stdout);
1186 close_rewind();
1187 Exit(X_REWRITE);
1188 }
1189
1190 /* Note that returned value is malloc'd if != cp && != NULL */
1191 char *
1192 rawname(char *cp)
1193 {
1194 struct stat64 st;
1195 char *dp;
1196 extern char *getfullrawname();
1197
1198 if (stat64(cp, &st) < 0 || (st.st_mode & S_IFMT) != S_IFBLK)
1199 return (cp);
1200
1201 dp = getfullrawname(cp);
1202 if (dp == 0)
1203 return (0);
1204 if (*dp == '\0') {
1205 free(dp);
1206 return (0);
1207 }
1208
1209 if (stat64(dp, &st) < 0 || (st.st_mode & S_IFMT) != S_IFCHR) {
1210 free(dp);
1211 return (cp);
1212 }
1213
1214 return (dp);
1215 }
1216
1217 static char *
1218 mb(uoff_t blks)
1219 {
1220 static char buf[16];
1221
1222 if (blks < 1024)
1223 (void) snprintf(buf, sizeof (buf), "%lldKB", blks);
1224 else
1225 (void) snprintf(buf, sizeof (buf), "%.2fMB",
1226 ((double)(blks*tp_bsize)) / (double)(1024*1024));
1227 return (buf);
1228 }
1229
1230 #ifdef signal
1231 void (*nsignal(int sig, void (*act)(int)))(int)
1232 {
1233 struct sigaction sa, osa;
1234
1235 sa.sa_handler = act;
1236 (void) sigemptyset(&sa.sa_mask);
1237 sa.sa_flags = SA_RESTART;
1238 if (sigaction(sig, &sa, &osa) < 0)
1239 return ((void (*)(int))-1);
1240 return (osa.sa_handler);
1241 }
1242 #endif
1243
1244 static void
1245 nextstate(int state)
1246 {
1247 /* LINTED assigned value never used - kept for documentary purposes */
1248 dumpstate = state;
1249 /* LINTED assigned value never used - kept for documentary purposes */
1250 ino = 0;
1251 /* LINTED assigned value never used - kept for documentary purposes */
1252 pos = 0;
1253 leftover = 0;
1254 }
1255
1256 /*
1257 * timeclock() function, for keeping track of how much time we've spent
1258 * writing to the tape device. it always returns the amount of time
1259 * already spent, in milliseconds. if you pass it a positive, then that's
1260 * telling it that we're writing, so the time counts. if you pass it a
1261 * zero, then that's telling it we're not writing; perhaps we're waiting
1262 * for user input.
1263 *
1264 * a state of -1 resets everything.
1265 */
1266 time32_t
1267 timeclock(time32_t state)
1268 {
1269 static int *currentState = NULL;
1270 static struct timeval *clockstart;
1271 static time32_t *emilli;
1272
1273 struct timeval current[1];
1274 int fd, saverr;
1275
1276 #ifdef DEBUG
1277 fprintf(stderr, "pid=%d timeclock ", getpid());
1278 if (state == (time32_t)-1)
1279 fprintf(stderr, "cleared\n");
1280 else if (state > 0)
1281 fprintf(stderr, "ticking\n");
1282 else
1283 fprintf(stderr, "paused\n");
1284 #endif /* DEBUG */
1285
1286 /* if we haven't setup the shared memory, init */
1287 if (currentState == NULL) {
1288 if ((fd = open("/dev/zero", O_RDWR)) < 0) {
1289 saverr = errno;
1290 msg(gettext("Cannot open `%s': %s\n"),
1291 "/dev/zero", strerror(saverr));
1292 dumpabort();
1293 /*NOTREACHED*/
1294 }
1295 /*LINTED [mmap always returns an aligned value]*/
1296 currentState = mmap(NULL, getpagesize(),
1297 PROT_READ|PROT_WRITE, MAP_SHARED, fd, (off_t)0);
1298 if (currentState == (int *)-1) {
1299 saverr = errno;
1300 msg(gettext(
1301 "Cannot memory map monitor variables: %s\n"),
1302 strerror(saverr));
1303 dumpabort();
1304 /*NOTREACHED*/
1305 }
1306 (void) close(fd);
1307
1308 /* LINTED currentState is sufficiently aligned */
1309 clockstart = (struct timeval *)(currentState + 1);
1310 emilli = (time32_t *)(clockstart + 1);
1311 /* Note everything is initialized to zero via /dev/zero */
1312 }
1313
1314 if (state == (time32_t)-1) {
1315 bzero(clockstart, sizeof (*clockstart));
1316 *currentState = 0;
1317 *emilli = (time32_t)0;
1318 return (0);
1319 }
1320
1321 (void) gettimeofday(current, NULL);
1322
1323 if (*currentState != 0) {
1324 current->tv_usec += 1000000;
1325 current->tv_sec--;
1326
1327 /* LINTED: result will fit in a time32_t */
1328 *emilli += (current->tv_sec - clockstart->tv_sec) * 1000;
1329 /* LINTED: result will fit in a time32_t */
1330 *emilli += (current->tv_usec - clockstart->tv_usec) / 1000;
1331 }
1332
1333 if (state != 0)
1334 bcopy(current, clockstart, sizeof (current));
1335
1336 *currentState = state;
1337
1338 return (*emilli);
1339 }
1340
1341 static int
1342 statcmp(const struct stat64 *left, const struct stat64 *right)
1343 {
1344 int result = 1;
1345
1346 if ((left->st_dev == right->st_dev) &&
1347 (left->st_ino == right->st_ino) &&
1348 (left->st_mode == right->st_mode) &&
1349 (left->st_nlink == right->st_nlink) &&
1350 (left->st_uid == right->st_uid) &&
1351 (left->st_gid == right->st_gid) &&
1352 (left->st_rdev == right->st_rdev) &&
1353 (left->st_ctim.tv_sec == right->st_ctim.tv_sec) &&
1354 (left->st_ctim.tv_nsec == right->st_ctim.tv_nsec) &&
1355 (left->st_mtim.tv_sec == right->st_mtim.tv_sec) &&
1356 (left->st_mtim.tv_nsec == right->st_mtim.tv_nsec)) {
1357 /*
1358 * Unlike in the ufsrestore version
1359 * st_blocks and st_blksiz are not
1360 * compared. The reason for this is
1361 * problems with zfs dump files. Zfs
1362 * changes it's statistics in those
1363 * fields.
1364 */
1365 result = 0;
1366 }
1367
1368 return (result);
1369 }
1370
1371 /*
1372 * Safely open a file or device.
1373 */
1374 static int
1375 safe_open_common(const char *filename, int mode, int perms, int device)
1376 {
1377 int fd;
1378 int working_mode;
1379 int saverr;
1380 char *errtext;
1381 struct stat64 pre_stat, pre_lstat;
1382 struct stat64 post_stat, post_lstat;
1383
1384 /*
1385 * Don't want to be spoofed into trashing something we
1386 * shouldn't, thus the following rigamarole. If it doesn't
1387 * exist, we create it and proceed. Otherwise, require that
1388 * what's there be a real file with no extraneous links and
1389 * owned by whoever ran us.
1390 *
1391 * The silliness with using both lstat() and fstat() is to avoid
1392 * race-condition games with someone replacing the file with a
1393 * symlink after we've opened it. If there was an flstat(),
1394 * we wouldn't need the fstat().
1395 *
1396 * The initial open with the hard-coded flags is ok even if we
1397 * are intending to open only for reading. If it succeeds,
1398 * then the file did not exist, and we'll synthesize an appropriate
1399 * complaint below. Otherwise, it does exist, so we won't be
1400 * truncating it with the open.
1401 */
1402 if ((fd = open(filename, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL|O_LARGEFILE,
1403 perms)) < 0) {
1404 if (errno == EEXIST) {
1405 if (lstat64(filename, &pre_lstat) < 0) {
1406 return (-1);
1407 }
1408
1409 if (stat64(filename, &pre_stat) < 0) {
1410 return (-1);
1411 }
1412
1413 working_mode = mode & (O_WRONLY|O_RDWR|O_RDONLY);
1414 working_mode |= O_LARGEFILE;
1415 if ((fd = open(filename, working_mode)) < 0) {
1416 if (errno == ENOENT) {
1417 errtext = gettext(
1418 "Unexpected condition detected: %s used to exist, but doesn't any longer\n");
1419 msg(errtext, filename);
1420 syslog(LOG_WARNING, errtext, filename);
1421 errno = ENOENT;
1422 }
1423 return (-1);
1424 }
1425
1426 if (lstat64(filename, &post_lstat) < 0) {
1427 saverr = errno;
1428 (void) close(fd);
1429 errno = saverr;
1430 return (-1);
1431 }
1432
1433 if (fstat64(fd, &post_stat) < 0) {
1434 saverr = errno;
1435 (void) close(fd);
1436 errno = saverr;
1437 return (-1);
1438 }
1439
1440 /*
1441 * Can't just use memcmp(3C), because the access
1442 * time is updated by open(2).
1443 */
1444 if (statcmp(&pre_lstat, &post_lstat) != 0) {
1445 errtext = gettext("Unexpected change detected: "
1446 "%s's lstat(2) information changed\n");
1447 msg(errtext, filename);
1448 syslog(LOG_WARNING, errtext, filename);
1449 errno = EPERM;
1450 return (-1);
1451 }
1452
1453 if (statcmp(&pre_stat, &post_stat) != 0) {
1454 errtext = gettext("Unexpected change detected: "
1455 "%s's stat(2) information changed\n"),
1456 msg(errtext, filename);
1457 syslog(LOG_WARNING, errtext, filename);
1458 errno = EPERM;
1459 return (-1);
1460 }
1461
1462 /*
1463 * If inode, device, or type are wrong, bail out.
1464 * Note using post_stat instead of post_lstat for the
1465 * S_ISCHR() test. This is to allow the /dev ->
1466 * /devices bit to work, as long as the final target
1467 * is a character device (i.e., raw disk or tape).
1468 */
1469 if (device && !(S_ISCHR(post_stat.st_mode)) &&
1470 !(S_ISFIFO(post_stat.st_mode)) &&
1471 !(S_ISREG(post_lstat.st_mode))) {
1472 errtext = gettext("Unexpected condition "
1473 "detected: %s is not a supported device\n"),
1474 msg(errtext, filename);
1475 syslog(LOG_WARNING, errtext, filename);
1476 (void) close(fd);
1477 errno = EPERM;
1478 return (-1);
1479 } else if (!device &&
1480 (!S_ISREG(post_lstat.st_mode) ||
1481 (post_stat.st_ino != post_lstat.st_ino) ||
1482 (post_stat.st_dev != post_lstat.st_dev))) {
1483 errtext = gettext("Unexpected condition "
1484 "detected: %s is not a regular file\n"),
1485 msg(errtext, filename);
1486 syslog(LOG_WARNING, errtext, filename);
1487 (void) close(fd);
1488 errno = EPERM;
1489 return (-1);
1490 }
1491
1492 /*
1493 * Bad link count implies someone's linked our
1494 * target to something else, which we probably
1495 * shouldn't step on.
1496 */
1497 if (post_lstat.st_nlink != 1) {
1498 errtext = gettext("Unexpected condition "
1499 "detected: %s must have exactly one "
1500 "link\n"), msg(errtext, filename);
1501 syslog(LOG_WARNING, errtext, filename);
1502 (void) close(fd);
1503 errno = EPERM;
1504 return (-1);
1505 }
1506 /*
1507 * Root might make a file, but non-root might
1508 * need to open it. If the permissions let us
1509 * get this far, then let it through.
1510 */
1511 if (post_lstat.st_uid != getuid() &&
1512 post_lstat.st_uid != 0) {
1513 errtext = gettext("Unsupported "
1514 "condition detected: %s "
1515 "must be owned by uid %ld or 0\n"),
1516 msg(errtext, filename, (long)getuid());
1517 syslog(LOG_WARNING, errtext, filename,
1518 (long)getuid());
1519 (void) close(fd);
1520 errno = EPERM;
1521 return (-1);
1522 }
1523 if (mode & O_TRUNC) {
1524 if (ftruncate(fd, (off_t)0) < 0) {
1525 msg("ftruncate(%s): %s\n",
1526 filename, strerror(errno));
1527 (void) close(fd);
1528 return (-1);
1529 }
1530 }
1531 } else {
1532 /*
1533 * Didn't exist, but couldn't open it.
1534 */
1535 return (-1);
1536 }
1537 } else {
1538 /*
1539 * If truncating open succeeded for a read-only open,
1540 * bail out, as we really shouldn't have succeeded.
1541 */
1542 if (mode & O_RDONLY) {
1543 /* Undo the O_CREAT */
1544 (void) unlink(filename);
1545 msg("open(%s): %s\n",
1546 filename, strerror(ENOENT));
1547 (void) close(fd);
1548 errno = ENOENT;
1549 return (-1);
1550 }
1551 }
1552
1553 return (fd);
1554 }
1555
1556 /*
1557 * Safely open a file.
1558 */
1559 int
1560 safe_file_open(const char *filename, int mode, int perms)
1561 {
1562 return (safe_open_common(filename, mode, perms, 0));
1563 }
1564
1565 /*
1566 * Safely open a device.
1567 */
1568 int
1569 safe_device_open(const char *filename, int mode, int perms)
1570 {
1571 return (safe_open_common(filename, mode, perms, 1));
1572 }
1573
1574 /*
1575 * STDIO version of safe_open
1576 */
1577 FILE *
1578 safe_fopen(const char *filename, const char *smode, int perms)
1579 {
1580 int fd;
1581 int bmode;
1582
1583 /*
1584 * accepts only modes "r", "r+", and "w"
1585 */
1586 if (smode[0] == 'r') {
1587 if (smode[1] == '\0') {
1588 bmode = O_RDONLY;
1589 } else if ((smode[1] == '+') && (smode[2] == '\0')) {
1590 bmode = O_RDWR;
1591 }
1592 } else if ((smode[0] == 'w') && (smode[1] == '\0')) {
1593 bmode = O_WRONLY;
1594 } else {
1595 msg(gettext("internal error: safe_fopen: invalid mode `%s'\n"),
1596 smode);
1597 return (NULL);
1598 }
1599
1600 fd = safe_file_open(filename, bmode, perms);
1601
1602 /*
1603 * caller is expected to report error.
1604 */
1605 if (fd >= 0)
1606 return (fdopen(fd, smode));
1607
1608 return (NULL);
1609 }
1610
1611 void
1612 child_chdir(void)
1613 {
1614 char name[MAXPATHLEN];
1615
1616 if (debug_chdir != NULL) {
1617 snprintf(name, sizeof (name), "%s/%ld",
1618 debug_chdir, (long)getpid());
1619 if (mkdir(name, 0755) < 0)
1620 msg("mkdir(%s): %s", name, strerror(errno));
1621 if (chdir(name) < 0)
1622 msg("chdir(%s): %s", name, strerror(errno));
1623 }
1624 }
unleashed repo fork