2007-10-31 02:22:24 +03:00
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
1996-05-04 11:50:46 +04:00
Main SMB server routines
2002-01-15 05:15:58 +03:00
Copyright ( C ) Andrew Tridgell 1992 - 1998
Copyright ( C ) Martin Pool 2002
2003-04-14 07:30:20 +04:00
Copyright ( C ) Jelmer Vernooij 2002 - 2003
2007-10-31 02:22:24 +03:00
Copyright ( C ) Volker Lendecke 1993 - 2007
Copyright ( C ) Jeremy Allison 1993 - 2007
1996-05-04 11:50:46 +04:00
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
1996-05-04 11:50:46 +04:00
( at your option ) any later version .
2007-10-31 02:22:24 +03:00
1996-05-04 11:50:46 +04:00
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
2007-10-31 02:22:24 +03:00
1996-05-04 11:50:46 +04:00
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
1996-05-04 11:50:46 +04:00
*/
# include "includes.h"
2010-08-05 12:49:53 +04:00
# include "popt_common.h"
2009-01-08 14:03:45 +03:00
# include "smbd/globals.h"
2010-05-05 03:39:16 +04:00
# include "librpc/gen_ndr/messaging.h"
2009-10-02 02:17:06 +04:00
# include "registry.h"
2010-06-23 04:36:32 +04:00
# include "libcli/auth/schannel.h"
2010-08-05 04:25:37 +04:00
# include "secrets.h"
1996-05-04 11:50:46 +04:00
2006-04-26 19:41:25 +04:00
static_decl_rpc ;
1998-07-29 07:08:05 +04:00
# ifdef WITH_DFS
1998-03-04 04:50:47 +03:00
extern int dcelogin_atmost_once ;
1998-07-29 07:08:05 +04:00
# endif /* WITH_DFS */
1998-03-04 04:50:47 +03:00
2000-04-11 17:55:53 +04:00
int smbd_server_fd ( void )
{
return server_fd ;
}
2002-07-15 14:35:28 +04:00
static void smbd_set_server_fd ( int fd )
2000-04-11 17:55:53 +04:00
{
server_fd = fd ;
}
2007-11-04 09:20:10 +03:00
int get_client_fd ( void )
{
return server_fd ;
}
2007-10-31 02:22:24 +03:00
2007-01-17 15:59:14 +03:00
struct event_context * smbd_event_context ( void )
{
2010-06-10 19:54:00 +04:00
return server_event_context ( ) ;
2007-01-17 15:59:14 +03:00
}
2006-02-04 01:19:41 +03:00
/*******************************************************************
What to do when smb . conf is updated .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-05-16 18:24:06 +04:00
static void smb_conf_updated ( struct messaging_context * msg ,
void * private_data ,
uint32_t msg_type ,
struct server_id server_id ,
DATA_BLOB * data )
2006-02-04 01:19:41 +03:00
{
2007-05-16 18:24:06 +04:00
DEBUG ( 10 , ( " smb_conf_updated: Got message saying smb.conf was "
" updated. Reloading. \n " ) ) ;
2009-07-18 04:36:26 +04:00
change_to_root_user ( ) ;
2006-02-04 01:19:41 +03:00
reload_services ( False ) ;
}
2007-01-20 00:46:12 +03:00
/*******************************************************************
Delete a statcache entry .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-05-16 18:24:06 +04:00
static void smb_stat_cache_delete ( struct messaging_context * msg ,
void * private_data ,
uint32_t msg_tnype ,
struct server_id server_id ,
DATA_BLOB * data )
2007-01-20 00:46:12 +03:00
{
2007-05-16 18:24:06 +04:00
const char * name = ( const char * ) data - > data ;
2007-01-20 00:46:12 +03:00
DEBUG ( 10 , ( " smb_stat_cache_delete: delete name %s \n " , name ) ) ;
stat_cache_delete ( name ) ;
}
1996-12-10 21:00:22 +03:00
/****************************************************************************
Send a SIGTERM to our process group .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2002-03-14 05:15:08 +03:00
1998-09-05 09:07:05 +04:00
static void killkids ( void )
1996-12-10 21:00:22 +03:00
{
1998-08-17 18:11:44 +04:00
if ( am_parent ) kill ( 0 , SIGTERM ) ;
1996-12-10 21:00:22 +03:00
}
1996-05-04 11:50:46 +04:00
2001-08-28 10:34:53 +04:00
/****************************************************************************
2002-03-14 05:15:08 +03:00
Process a sam sync message - not sure whether to do this here or
somewhere else .
2001-08-28 10:34:53 +04:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2002-03-14 05:15:08 +03:00
2007-05-16 18:24:06 +04:00
static void msg_sam_sync ( struct messaging_context * msg ,
void * private_data ,
uint32_t msg_type ,
struct server_id server_id ,
DATA_BLOB * data )
2001-08-28 10:34:53 +04:00
{
DEBUG ( 10 , ( " ** sam sync message received, ignoring \n " ) ) ;
}
2007-05-16 18:24:06 +04:00
static void msg_exit_server ( struct messaging_context * msg ,
void * private_data ,
uint32_t msg_type ,
struct server_id server_id ,
DATA_BLOB * data )
2002-03-29 17:28:38 +03:00
{
2006-04-04 04:27:50 +04:00
DEBUG ( 3 , ( " got a SHUTDOWN message \n " ) ) ;
2006-04-11 02:47:09 +04:00
exit_server_cleanly ( NULL ) ;
2006-04-04 04:27:50 +04:00
}
# ifdef DEVELOPER
2007-05-16 18:24:06 +04:00
static void msg_inject_fault ( struct messaging_context * msg ,
void * private_data ,
uint32_t msg_type ,
struct server_id src ,
DATA_BLOB * data )
2006-04-04 04:27:50 +04:00
{
int sig ;
2007-05-16 18:24:06 +04:00
if ( data - > length ! = sizeof ( sig ) ) {
DEBUG ( 0 , ( " Process %s sent bogus signal injection request \n " ,
procid_str_static ( & src ) ) ) ;
2006-04-04 04:27:50 +04:00
return ;
}
2007-05-16 18:24:06 +04:00
sig = * ( int * ) data - > data ;
2006-04-04 04:27:50 +04:00
if ( sig = = - 1 ) {
exit_server ( " internal error injected " ) ;
return ;
}
# if HAVE_STRSIGNAL
2007-05-16 18:24:06 +04:00
DEBUG ( 0 , ( " Process %s requested injection of signal %d (%s) \n " ,
procid_str_static ( & src ) , sig , strsignal ( sig ) ) ) ;
2006-04-04 04:27:50 +04:00
# else
2007-05-16 18:24:06 +04:00
DEBUG ( 0 , ( " Process %s requested injection of signal %d \n " ,
procid_str_static ( & src ) , sig ) ) ;
2006-04-04 04:27:50 +04:00
# endif
kill ( sys_getpid ( ) , sig ) ;
2002-03-29 17:28:38 +03:00
}
2006-04-04 04:27:50 +04:00
# endif /* DEVELOPER */
2002-03-29 17:28:38 +03:00
2009-06-17 02:11:32 +04:00
/*
* Parent smbd process sets its own debug level first and then
* sends a message to all the smbd children to adjust their debug
* level to that of the parent .
*/
static void smbd_msg_debug ( struct messaging_context * msg_ctx ,
void * private_data ,
uint32_t msg_type ,
struct server_id server_id ,
DATA_BLOB * data )
2006-08-16 14:36:19 +04:00
{
struct child_pid * child ;
2009-06-17 02:11:32 +04:00
debug_message ( msg_ctx , private_data , MSG_DEBUG , server_id , data ) ;
for ( child = children ; child ! = NULL ; child = child - > next ) {
messaging_send_buf ( msg_ctx , pid_to_procid ( child - > pid ) ,
MSG_DEBUG ,
data - > data ,
strlen ( ( char * ) data - > data ) + 1 ) ;
2006-08-16 14:36:19 +04:00
}
2009-06-17 02:11:32 +04:00
}
static void add_child_pid ( pid_t pid )
{
struct child_pid * child ;
2006-08-16 14:36:19 +04:00
child = SMB_MALLOC_P ( struct child_pid ) ;
if ( child = = NULL ) {
DEBUG ( 0 , ( " Could not add child struct -- malloc failed \n " ) ) ;
return ;
}
child - > pid = pid ;
DLIST_ADD ( children , child ) ;
num_children + = 1 ;
}
2010-02-06 08:08:56 +03:00
/*
at most every smbd : cleanuptime seconds ( default 20 ) , we scan the BRL
and locking database for entries to cleanup . As a side effect this
also cleans up dead entries in the connections database ( due to the
traversal in message_send_all ( )
Using a timer for this prevents a flood of traversals when a large
number of clients disconnect at the same time ( perhaps due to a
network outage ) .
*/
static void cleanup_timeout_fn ( struct event_context * event_ctx ,
struct timed_event * te ,
struct timeval now ,
void * private_data )
{
struct timed_event * * cleanup_te = ( struct timed_event * * ) private_data ;
DEBUG ( 1 , ( " Cleaning up brl and lock database after unclean shutdown \n " ) ) ;
message_send_all ( smbd_messaging_context ( ) , MSG_SMB_UNLOCK , NULL , 0 , NULL ) ;
2010-02-06 09:51:11 +03:00
messaging_send_buf ( smbd_messaging_context ( ) , procid_self ( ) ,
2010-02-06 08:08:56 +03:00
MSG_SMB_BRL_VALIDATE , NULL , 0 ) ;
/* mark the cleanup as having been done */
( * cleanup_te ) = NULL ;
}
2008-01-16 12:09:48 +03:00
static void remove_child_pid ( pid_t pid , bool unclean_shutdown )
2006-08-16 14:36:19 +04:00
{
struct child_pid * child ;
2010-02-06 08:08:56 +03:00
static struct timed_event * cleanup_te ;
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
struct server_id child_id ;
2006-08-16 14:36:19 +04:00
2008-01-16 12:09:48 +03:00
if ( unclean_shutdown ) {
2010-02-06 08:08:56 +03:00
/* a child terminated uncleanly so tickle all
processes to see if they can grab any of the
pending locks
*/
2010-02-06 09:51:11 +03:00
DEBUG ( 3 , ( __location__ " Unclean shutdown of pid %u \n " ,
2010-02-06 08:08:56 +03:00
( unsigned int ) pid ) ) ;
if ( ! cleanup_te ) {
/* call the cleanup timer, but not too often */
int cleanup_time = lp_parm_int ( - 1 , " smbd " , " cleanuptime " , 20 ) ;
cleanup_te = event_add_timed ( smbd_event_context ( ) , NULL ,
timeval_current_ofs ( cleanup_time , 0 ) ,
2010-02-06 09:51:11 +03:00
cleanup_timeout_fn ,
2010-02-06 08:08:56 +03:00
& cleanup_te ) ;
DEBUG ( 1 , ( " Scheduled cleanup of brl and lock database after unclean shutdown \n " ) ) ;
}
2008-01-16 12:09:48 +03:00
}
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
child_id = procid_self ( ) ; /* Just initialize pid and potentially vnn */
child_id . pid = pid ;
2010-07-04 18:08:03 +04:00
if ( ! serverid_deregister ( child_id ) ) {
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
DEBUG ( 1 , ( " Could not remove pid %d from serverid.tdb \n " ,
( int ) pid ) ) ;
}
2006-08-16 14:36:19 +04:00
for ( child = children ; child ! = NULL ; child = child - > next ) {
if ( child - > pid = = pid ) {
struct child_pid * tmp = child ;
DLIST_REMOVE ( children , child ) ;
SAFE_FREE ( tmp ) ;
num_children - = 1 ;
return ;
}
}
DEBUG ( 0 , ( " Could not find child %d -- ignoring \n " , ( int ) pid ) ) ;
}
1997-09-25 04:25:44 +04:00
2003-02-06 00:16:55 +03:00
/****************************************************************************
Have we reached the process limit ?
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-10-19 04:40:25 +04:00
static bool allowable_number_of_smbd_processes ( void )
2003-02-06 00:16:55 +03:00
{
int max_processes = lp_max_smbd_processes ( ) ;
if ( ! max_processes )
return True ;
2006-08-16 14:36:19 +04:00
return num_children < max_processes ;
2003-02-06 00:16:55 +03:00
}
2009-01-22 01:24:18 +03:00
static void smbd_sig_chld_handler ( struct tevent_context * ev ,
struct tevent_signal * se ,
int signum ,
int count ,
void * siginfo ,
void * private_data )
{
pid_t pid ;
int status ;
while ( ( pid = sys_waitpid ( - 1 , & status , WNOHANG ) ) > 0 ) {
bool unclean_shutdown = False ;
/* If the child terminated normally, assume
it was an unclean shutdown unless the
status is 0
*/
if ( WIFEXITED ( status ) ) {
unclean_shutdown = WEXITSTATUS ( status ) ;
}
/* If the child terminated due to a signal
we always assume it was unclean .
*/
if ( WIFSIGNALED ( status ) ) {
unclean_shutdown = True ;
}
remove_child_pid ( pid , unclean_shutdown ) ;
}
}
static void smbd_setup_sig_chld_handler ( void )
{
struct tevent_signal * se ;
se = tevent_add_signal ( smbd_event_context ( ) ,
smbd_event_context ( ) ,
SIGCHLD , 0 ,
smbd_sig_chld_handler ,
NULL ) ;
if ( ! se ) {
exit_server ( " failed to setup SIGCHLD handler " ) ;
}
}
2009-01-27 12:02:43 +03:00
struct smbd_open_socket ;
struct smbd_parent_context {
bool interactive ;
/* the list of listening sockets */
struct smbd_open_socket * sockets ;
} ;
struct smbd_open_socket {
struct smbd_open_socket * prev , * next ;
struct smbd_parent_context * parent ;
int fd ;
struct tevent_fd * fde ;
} ;
static void smbd_open_socket_close_fn ( struct tevent_context * ev ,
struct tevent_fd * fde ,
int fd ,
void * private_data )
{
/* this might be the socket_wrapper swrap_close() */
close ( fd ) ;
}
static void smbd_accept_connection ( struct tevent_context * ev ,
struct tevent_fd * fde ,
uint16_t flags ,
void * private_data )
{
struct smbd_open_socket * s = talloc_get_type_abort ( private_data ,
struct smbd_open_socket ) ;
struct sockaddr_storage addr ;
socklen_t in_addrlen = sizeof ( addr ) ;
pid_t pid = 0 ;
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
uint64_t unique_id ;
2009-01-27 12:02:43 +03:00
2010-07-04 18:09:09 +04:00
smbd_set_server_fd ( accept ( s - > fd , ( struct sockaddr * ) ( void * ) & addr , & in_addrlen ) ) ;
2009-01-27 12:02:43 +03:00
if ( smbd_server_fd ( ) = = - 1 & & errno = = EINTR )
return ;
if ( smbd_server_fd ( ) = = - 1 ) {
DEBUG ( 0 , ( " open_sockets_smbd: accept: %s \n " ,
strerror ( errno ) ) ) ;
return ;
}
if ( s - > parent - > interactive ) {
smbd_process ( ) ;
exit_server_cleanly ( " end of interactive mode " ) ;
return ;
}
if ( ! allowable_number_of_smbd_processes ( ) ) {
close ( smbd_server_fd ( ) ) ;
smbd_set_server_fd ( - 1 ) ;
return ;
}
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
/*
* Generate a unique id in the parent process so that we use
* the global random state in the parent .
*/
generate_random_buffer ( ( uint8_t * ) & unique_id , sizeof ( unique_id ) ) ;
2009-01-27 12:02:43 +03:00
pid = sys_fork ( ) ;
if ( pid = = 0 ) {
2009-05-06 01:18:50 +04:00
NTSTATUS status = NT_STATUS_OK ;
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
2009-01-27 12:02:43 +03:00
/* Child code ... */
am_parent = 0 ;
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
set_my_unique_id ( unique_id ) ;
2009-01-27 12:02:43 +03:00
/* Stop zombies, the parent explicitly handles
* them , counting worker smbds . */
CatchChild ( ) ;
/* close our standard file
descriptors */
close_low_fds ( False ) ;
2009-02-14 10:07:29 +03:00
/*
* Can ' t use TALLOC_FREE here . Nulling out the argument to it
* would overwrite memory we ' ve just freed .
*/
talloc_free ( s - > parent ) ;
2009-01-27 12:02:43 +03:00
s = NULL ;
2009-05-06 01:18:50 +04:00
status = reinit_after_fork ( smbd_messaging_context ( ) ,
2010-07-04 18:28:13 +04:00
smbd_event_context ( ) , procid_self ( ) ,
true ) ;
2009-05-06 01:18:50 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
if ( NT_STATUS_EQUAL ( status ,
NT_STATUS_TOO_MANY_OPENED_FILES ) ) {
DEBUG ( 0 , ( " child process cannot initialize "
" because too many files are open \n " ) ) ;
goto exit ;
}
2009-01-27 12:02:43 +03:00
DEBUG ( 0 , ( " reinit_after_fork() failed \n " ) ) ;
smb_panic ( " reinit_after_fork() failed " ) ;
}
smbd_setup_sig_term_handler ( ) ;
smbd_setup_sig_hup_handler ( ) ;
2010-07-04 18:08:03 +04:00
if ( ! serverid_register ( procid_self ( ) ,
FLAG_MSG_GENERAL | FLAG_MSG_SMBD
| FLAG_MSG_DBWRAP
| FLAG_MSG_PRINT_GENERAL ) ) {
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
exit_server_cleanly ( " Could not register myself in "
" serverid.tdb " ) ;
}
2009-01-27 12:02:43 +03:00
smbd_process ( ) ;
2009-05-06 01:18:50 +04:00
exit :
2009-01-27 12:02:43 +03:00
exit_server_cleanly ( " end of child " ) ;
return ;
2010-08-07 12:29:43 +04:00
}
if ( pid < 0 ) {
2009-01-27 12:02:43 +03:00
DEBUG ( 0 , ( " smbd_accept_connection: sys_fork() failed: %s \n " ,
strerror ( errno ) ) ) ;
}
/* The parent doesn't need this socket */
close ( smbd_server_fd ( ) ) ;
/* Sun May 6 18:56:14 2001 ackley@cs.unm.edu:
Clear the closed fd info out of server_fd - -
and more importantly , out of client_fd in
util_sock . c , to avoid a possible
getpeername failure if we reopen the logs
and use % I in the filename .
*/
smbd_set_server_fd ( - 1 ) ;
if ( pid ! = 0 ) {
add_child_pid ( pid ) ;
}
/* Force parent to check log size after
* spawning child . Fix from
* klausr @ ITAP . Physik . Uni - Stuttgart . De . The
* parent smbd will log to logserver . smb . It
* writes only two messages for each child
* started / finished . But each child writes ,
* say , 50 messages also in logserver . smb ,
* begining with the debug_count of the
* parent , before the child opens its own log
* file logserver . client . In a worst case
* scenario the size of logserver . smb would be
* checked after about 50 * 50 = 2500 messages
* ( ca . 100 kb ) .
* */
force_check_log_size ( ) ;
}
2009-01-29 17:42:10 +03:00
static bool smbd_open_one_socket ( struct smbd_parent_context * parent ,
const struct sockaddr_storage * ifss ,
uint16_t port )
2009-01-27 12:02:43 +03:00
{
struct smbd_open_socket * s ;
s = talloc ( parent , struct smbd_open_socket ) ;
if ( ! s ) {
return false ;
}
s - > parent = parent ;
s - > fd = open_socket_in ( SOCK_STREAM ,
port ,
parent - > sockets = = NULL ? 0 : 2 ,
ifss ,
true ) ;
if ( s - > fd = = - 1 ) {
DEBUG ( 0 , ( " smbd_open_once_socket: open_socket_in: "
" %s \n " , strerror ( errno ) ) ) ;
TALLOC_FREE ( s ) ;
2009-01-29 17:30:38 +03:00
/*
* We ignore an error here , as we ' ve done before
*/
return true ;
2009-01-27 12:02:43 +03:00
}
/* ready to listen */
set_socket_options ( s - > fd , " SO_KEEPALIVE " ) ;
set_socket_options ( s - > fd , lp_socket_options ( ) ) ;
/* Set server socket to
* non - blocking for the accept . */
set_blocking ( s - > fd , False ) ;
if ( listen ( s - > fd , SMBD_LISTEN_BACKLOG ) = = - 1 ) {
DEBUG ( 0 , ( " open_sockets_smbd: listen: "
" %s \n " , strerror ( errno ) ) ) ;
close ( s - > fd ) ;
TALLOC_FREE ( s ) ;
return false ;
}
s - > fde = tevent_add_fd ( smbd_event_context ( ) ,
s ,
s - > fd , TEVENT_FD_READ ,
smbd_accept_connection ,
s ) ;
if ( ! s - > fde ) {
DEBUG ( 0 , ( " open_sockets_smbd: "
" tevent_add_fd: %s \n " ,
strerror ( errno ) ) ) ;
close ( s - > fd ) ;
TALLOC_FREE ( s ) ;
return false ;
}
tevent_fd_set_close_fn ( s - > fde , smbd_open_socket_close_fn ) ;
DLIST_ADD_END ( parent - > sockets , s , struct smbd_open_socket * ) ;
return true ;
}
2007-04-21 01:09:44 +04:00
/****************************************************************************
Open the socket communication .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2009-01-27 12:02:43 +03:00
static bool open_sockets_smbd ( struct smbd_parent_context * parent ,
const char * smb_ports )
2007-04-21 01:09:44 +04:00
{
2007-10-11 00:34:30 +04:00
int num_interfaces = iface_count ( ) ;
2007-04-21 01:09:44 +04:00
int i ;
2007-10-11 00:34:30 +04:00
char * ports ;
2007-12-14 07:56:29 +03:00
unsigned dns_port = 0 ;
2007-04-21 01:09:44 +04:00
# ifdef HAVE_ATEXIT
2009-01-08 13:52:52 +03:00
atexit ( killkids ) ;
2007-04-21 01:09:44 +04:00
# endif
/* Stop zombies */
2009-01-22 01:24:18 +03:00
smbd_setup_sig_chld_handler ( ) ;
2007-10-25 01:16:54 +04:00
2007-10-11 00:34:30 +04:00
/* use a reasonable default set of ports - listing on 445 and 139 */
if ( ! smb_ports ) {
ports = lp_smb_ports ( ) ;
if ( ! ports | | ! * ports ) {
2009-01-27 12:02:43 +03:00
ports = talloc_strdup ( talloc_tos ( ) , SMB_PORTS ) ;
2007-10-11 00:34:30 +04:00
} else {
2009-01-27 12:02:43 +03:00
ports = talloc_strdup ( talloc_tos ( ) , ports ) ;
2007-10-11 00:34:30 +04:00
}
} else {
2009-01-27 12:02:43 +03:00
ports = talloc_strdup ( talloc_tos ( ) , smb_ports ) ;
2007-04-21 01:09:44 +04:00
}
2007-10-11 00:34:30 +04:00
if ( lp_interfaces ( ) & & lp_bind_interfaces_only ( ) ) {
2007-10-25 01:16:54 +04:00
/* We have been given an interfaces line, and been
2007-10-11 00:34:30 +04:00
told to only bind to those interfaces . Create a
socket per interface and bind to only these .
*/
2007-10-25 01:16:54 +04:00
2007-10-11 00:34:30 +04:00
/* Now open a listen socket for each of the
interfaces . */
for ( i = 0 ; i < num_interfaces ; i + + ) {
2007-10-11 05:25:16 +04:00
const struct sockaddr_storage * ifss =
iface_n_sockaddr_storage ( i ) ;
2007-12-08 04:32:32 +03:00
char * tok ;
2007-10-11 00:34:30 +04:00
const char * ptr ;
2007-10-11 05:25:16 +04:00
if ( ifss = = NULL ) {
2007-10-25 01:16:54 +04:00
DEBUG ( 0 , ( " open_sockets_smbd: "
" interface %d has NULL IP address ! \n " ,
i ) ) ;
2007-10-11 00:34:30 +04:00
continue ;
}
2007-12-08 04:32:32 +03:00
for ( ptr = ports ;
2009-01-27 12:02:43 +03:00
next_token_talloc ( talloc_tos ( ) , & ptr , & tok , " \t , " ) ; ) {
2007-10-11 00:34:30 +04:00
unsigned port = atoi ( tok ) ;
if ( port = = 0 | | port > 0xffff ) {
continue ;
}
2007-12-14 07:56:29 +03:00
2009-01-27 12:02:43 +03:00
if ( ! smbd_open_one_socket ( parent , ifss , port ) ) {
return false ;
2007-10-11 00:34:30 +04:00
}
}
}
} else {
/* Just bind to 0.0.0.0 - accept connections
from anywhere . */
2007-12-08 04:32:32 +03:00
char * tok ;
2007-10-11 00:34:30 +04:00
const char * ptr ;
2007-10-25 01:16:54 +04:00
const char * sock_addr = lp_socket_address ( ) ;
2007-12-08 04:32:32 +03:00
char * sock_tok ;
2007-10-25 01:16:54 +04:00
const char * sock_ptr ;
2008-12-06 00:37:51 +03:00
if ( strequal ( sock_addr , " 0.0.0.0 " ) | |
strequal ( sock_addr , " :: " ) ) {
2007-10-25 01:16:54 +04:00
# if HAVE_IPV6
sock_addr = " ::,0.0.0.0 " ;
# else
sock_addr = " 0.0.0.0 " ;
# endif
}
2007-10-11 00:34:30 +04:00
2007-12-08 04:32:32 +03:00
for ( sock_ptr = sock_addr ;
2009-01-27 12:02:43 +03:00
next_token_talloc ( talloc_tos ( ) , & sock_ptr , & sock_tok , " \t , " ) ; ) {
for ( ptr = ports ; next_token_talloc ( talloc_tos ( ) , & ptr , & tok , " \t , " ) ; ) {
2007-10-25 01:16:54 +04:00
struct sockaddr_storage ss ;
unsigned port = atoi ( tok ) ;
if ( port = = 0 | | port > 0xffff ) {
continue ;
}
2007-12-14 07:56:29 +03:00
/* Keep the first port for mDNS service
* registration .
*/
if ( dns_port = = 0 ) {
dns_port = port ;
}
2007-10-25 01:16:54 +04:00
/* open an incoming socket */
if ( ! interpret_string_addr ( & ss , sock_tok ,
AI_NUMERICHOST | AI_PASSIVE ) ) {
2007-10-25 03:11:01 +04:00
continue ;
2007-10-25 01:16:54 +04:00
}
2007-10-11 00:34:30 +04:00
2009-01-27 12:02:43 +03:00
if ( ! smbd_open_one_socket ( parent , & ss , port ) ) {
return false ;
2007-10-25 01:16:54 +04:00
}
2007-10-11 00:34:30 +04:00
}
}
2007-10-25 01:16:54 +04:00
}
2007-10-11 00:34:30 +04:00
2009-01-27 12:02:43 +03:00
if ( parent - > sockets = = NULL ) {
2007-10-26 01:11:35 +04:00
DEBUG ( 0 , ( " open_sockets_smbd: No "
" sockets available to bind to. \n " ) ) ;
return false ;
}
2007-07-24 14:35:10 +04:00
/* Setup the main smbd so that we can get messages. Note that
do this after starting listening . This is needed as when in
clustered mode , ctdb won ' t allow us to start doing database
operations until it has gone thru a full startup , which
includes checking to see that smbd is listening . */
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
2010-07-04 18:08:03 +04:00
if ( ! serverid_register ( procid_self ( ) ,
FLAG_MSG_GENERAL | FLAG_MSG_SMBD
| FLAG_MSG_DBWRAP ) ) {
s3: Fix a long-standing problem with recycled PIDs
When a samba server process dies hard, it has no chance to clean up its entries
in locking.tdb, brlock.tdb, connections.tdb and sessionid.tdb.
For locking.tdb and brlock.tdb Samba is robust by checking every time we read
an entry from the database if the corresponding process still exists. If it
does not exist anymore, the entry is deleted. This is not 100% failsafe though:
On systems with a limited PID space there is a non-zero chance that between the
smbd's death and the fresh access, the PID is recycled by another long-running
process. This renders all files that had been locked by the killed smbd
potentially unusable until the new process also dies.
This patch is supposed to fix the problem the following way: Every process ID
in every database is augmented by a random 64-bit number that is stored in a
serverid.tdb. Whenever we need to check if a process still exists we know its
PID and the 64-bit number. We look up the PID in serverid.tdb and compare the
64-bit number. If it's the same, the process still is a valid smbd holding the
lock. If it is different, a new smbd has taken over.
I believe this is safe against an smbd that has died hard and the PID has been
taken over by a non-samba process. This process would not have registered
itself with a fresh 64-bit number in serverid.tdb, so the old one still exists
in serverid.tdb. We protect against this case by the parent smbd taking care of
deregistering PIDs from serverid.tdb and the fact that serverid.tdb is
CLEAR_IF_FIRST.
CLEAR_IF_FIRST does not work in a cluster, so the automatic cleanup does not
work when all smbds are restarted. For this, "net serverid wipe" has to be run
before smbd starts up. As a convenience, "net serverid wipedbs" also cleans up
sessionid.tdb and connections.tdb.
While there, this also cleans up overloading connections.tdb with all the
process entries just for messaging_send_all().
Volker
2010-03-02 19:02:01 +03:00
DEBUG ( 0 , ( " open_sockets_smbd: Failed to register "
" myself in serverid.tdb \n " ) ) ;
return false ;
}
2007-07-24 14:35:10 +04:00
2001-08-28 10:34:53 +04:00
/* Listen to messages */
2007-05-16 18:24:06 +04:00
messaging_register ( smbd_messaging_context ( ) , NULL ,
MSG_SMB_SAM_SYNC , msg_sam_sync ) ;
messaging_register ( smbd_messaging_context ( ) , NULL ,
MSG_SHUTDOWN , msg_exit_server ) ;
messaging_register ( smbd_messaging_context ( ) , NULL ,
MSG_SMB_FILE_RENAME , msg_file_was_renamed ) ;
messaging_register ( smbd_messaging_context ( ) , NULL ,
2007-10-25 01:16:54 +04:00
MSG_SMB_CONF_UPDATED , smb_conf_updated ) ;
2007-05-16 18:24:06 +04:00
messaging_register ( smbd_messaging_context ( ) , NULL ,
MSG_SMB_STAT_CACHE_DELETE , smb_stat_cache_delete ) ;
2009-06-17 02:11:32 +04:00
messaging_register ( smbd_messaging_context ( ) , NULL ,
MSG_DEBUG , smbd_msg_debug ) ;
2007-05-29 18:49:19 +04:00
brl_register_msgs ( smbd_messaging_context ( ) ) ;
2001-08-28 10:34:53 +04:00
2008-08-08 14:31:03 +04:00
# ifdef CLUSTER_SUPPORT
2008-08-11 18:30:36 +04:00
if ( lp_clustering ( ) ) {
2010-07-04 18:54:04 +04:00
ctdbd_register_reconfigure (
messaging_ctdbd_connection ( procid_self ( ) ) ) ;
2008-08-11 18:30:36 +04:00
}
2008-08-08 14:31:03 +04:00
# endif
2006-04-04 04:27:50 +04:00
# ifdef DEVELOPER
2007-05-16 18:24:06 +04:00
messaging_register ( smbd_messaging_context ( ) , NULL ,
MSG_SMB_INJECT_FAULT , msg_inject_fault ) ;
2006-04-04 04:27:50 +04:00
# endif
2009-01-26 16:55:54 +03:00
if ( dns_port ! = 0 ) {
2009-03-22 17:59:33 +03:00
# ifdef WITH_DNSSD_SUPPORT
2009-01-26 16:55:54 +03:00
smbd_setup_mdns_registration ( smbd_event_context ( ) ,
2009-01-27 12:02:43 +03:00
parent , dns_port ) ;
2009-03-22 17:59:33 +03:00
# endif
# ifdef WITH_AVAHI_SUPPORT
void * avahi_conn ;
avahi_conn = avahi_start_register (
smbd_event_context ( ) , smbd_event_context ( ) , dns_port ) ;
if ( avahi_conn = = NULL ) {
DEBUG ( 10 , ( " avahi_start_register failed \n " ) ) ;
}
# endif
2009-01-26 16:55:54 +03:00
}
2009-01-27 12:02:43 +03:00
return true ;
}
static void smbd_parent_loop ( struct smbd_parent_context * parent )
{
1998-08-17 18:11:44 +04:00
/* now accept incoming connections - forking a new process
for each incoming connection */
2009-03-16 17:55:39 +03:00
DEBUG ( 2 , ( " waiting for connections \n " ) ) ;
1998-08-17 18:11:44 +04:00
while ( 1 ) {
2009-03-16 17:55:39 +03:00
int ret ;
2009-01-27 12:02:43 +03:00
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2007-10-25 01:16:54 +04:00
2009-03-16 17:55:39 +03:00
ret = tevent_loop_once ( smbd_event_context ( ) ) ;
if ( ret ! = 0 ) {
exit_server_cleanly ( " tevent_loop_once() error " ) ;
2009-01-20 06:14:20 +03:00
}
2009-01-27 12:02:43 +03:00
TALLOC_FREE ( frame ) ;
1998-08-17 18:11:44 +04:00
} /* end while 1 */
1998-08-28 00:38:53 +04:00
/* NOTREACHED return True; */
1997-11-19 02:30:49 +03:00
}
1996-05-04 11:50:46 +04:00
/****************************************************************************
2002-03-14 05:15:08 +03:00
Initialise connect , service and file structs .
1996-05-04 11:50:46 +04:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2002-03-14 05:15:08 +03:00
2007-10-19 04:40:25 +04:00
static bool init_structs ( void )
1996-05-04 11:50:46 +04:00
{
1999-12-13 16:27:58 +03:00
/*
* Set the machine NETBIOS name if not already
* set from the config file .
*/
2002-11-13 02:20:50 +03:00
if ( ! init_names ( ) )
return False ;
1999-12-13 16:27:58 +03:00
1998-08-17 18:11:44 +04:00
file_init ( ) ;
1999-12-13 16:27:58 +03:00
2008-02-18 02:21:50 +03:00
if ( ! secrets_init ( ) )
return False ;
2002-01-26 09:24:53 +03:00
2002-11-13 02:20:50 +03:00
return True ;
1996-05-04 11:50:46 +04:00
}
/****************************************************************************
2002-03-14 05:15:08 +03:00
main program .
1996-05-04 11:50:46 +04:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2002-03-14 05:15:08 +03:00
2003-05-27 06:35:53 +04:00
/* Declare prototype for build_options() to avoid having to run it through
mkproto . h . Mixing $ ( builddir ) and $ ( srcdir ) source files in the current
prototype generation system is too complicated . */
2007-10-19 04:40:25 +04:00
extern void build_options ( bool screen ) ;
2003-05-27 06:35:53 +04:00
2002-11-09 20:08:58 +03:00
int main ( int argc , const char * argv [ ] )
1996-05-04 11:50:46 +04:00
{
1998-08-17 18:11:44 +04:00
/* shall I run as a daemon */
2009-01-08 14:00:15 +03:00
bool is_daemon = false ;
bool interactive = false ;
bool Fork = true ;
bool no_process_group = false ;
bool log_stdout = false ;
char * ports = NULL ;
char * profile_level = NULL ;
1998-08-17 18:11:44 +04:00
int opt ;
2002-11-09 20:08:58 +03:00
poptContext pc ;
2007-10-19 04:40:25 +04:00
bool print_build_options = False ;
2007-10-19 22:38:36 +04:00
enum {
OPT_DAEMON = 1000 ,
OPT_INTERACTIVE ,
OPT_FORK ,
OPT_NO_PROCESS_GROUP ,
OPT_LOG_STDOUT
} ;
2002-11-09 20:08:58 +03:00
struct poptOption long_options [ ] = {
2006-05-24 08:02:14 +04:00
POPT_AUTOHELP
2007-10-19 22:38:36 +04:00
{ " daemon " , ' D ' , POPT_ARG_NONE , NULL , OPT_DAEMON , " Become a daemon (default) " } ,
{ " interactive " , ' i ' , POPT_ARG_NONE , NULL , OPT_INTERACTIVE , " Run interactive (not a daemon) " } ,
{ " foreground " , ' F ' , POPT_ARG_NONE , NULL , OPT_FORK , " Run daemon in foreground (for daemontools, etc.) " } ,
{ " no-process-group " , ' \0 ' , POPT_ARG_NONE , NULL , OPT_NO_PROCESS_GROUP , " Don't create a new process group " } ,
{ " log-stdout " , ' S ' , POPT_ARG_NONE , NULL , OPT_LOG_STDOUT , " Log to stdout " } ,
2002-11-09 20:08:58 +03:00
{ " build-options " , ' b ' , POPT_ARG_NONE , NULL , ' b ' , " Print build options " } ,
{ " port " , ' p ' , POPT_ARG_STRING , & ports , 0 , " Listen on the specified ports " } ,
2007-04-20 05:52:44 +04:00
{ " profiling-level " , ' P ' , POPT_ARG_STRING , & profile_level , 0 , " Set profiling level " , " PROFILE_LEVEL " } ,
2003-04-14 07:30:20 +04:00
POPT_COMMON_SAMBA
2006-05-24 08:02:14 +04:00
POPT_COMMON_DYNCONFIG
POPT_TABLEEND
2002-11-09 20:08:58 +03:00
} ;
2009-01-27 12:02:43 +03:00
struct smbd_parent_context * parent = NULL ;
2007-11-16 01:19:52 +03:00
TALLOC_CTX * frame = talloc_stackframe ( ) ; /* Setup tos. */
2010-07-04 18:28:13 +04:00
NTSTATUS status ;
2010-07-04 18:51:06 +04:00
uint64_t unique_id ;
2001-11-19 05:49:53 +03:00
2009-01-08 14:03:45 +03:00
smbd_init_globals ( ) ;
2007-02-07 23:20:56 +03:00
TimeInit ( ) ;
1998-07-29 07:08:05 +04:00
# ifdef HAVE_SET_AUTH_PARAMETERS
1998-08-17 18:11:44 +04:00
set_auth_parameters ( argc , argv ) ;
1996-05-04 11:50:46 +04:00
# endif
2002-11-09 20:08:58 +03:00
pc = poptGetContext ( " smbd " , argc , argv , long_options , 0 ) ;
while ( ( opt = poptGetNextOpt ( pc ) ) ! = - 1 ) {
1998-08-17 18:11:44 +04:00
switch ( opt ) {
2007-10-19 22:38:36 +04:00
case OPT_DAEMON :
is_daemon = true ;
break ;
case OPT_INTERACTIVE :
interactive = true ;
break ;
case OPT_FORK :
Fork = false ;
break ;
case OPT_NO_PROCESS_GROUP :
no_process_group = true ;
break ;
case OPT_LOG_STDOUT :
log_stdout = true ;
break ;
2001-09-19 13:44:12 +04:00
case ' b ' :
2007-08-22 16:06:27 +04:00
print_build_options = True ;
break ;
2007-08-21 18:22:16 +04:00
default :
2007-08-22 16:06:27 +04:00
d_fprintf ( stderr , " \n Invalid option %s: %s \n \n " ,
2007-08-21 18:22:16 +04:00
poptBadOption ( pc , 0 ) , poptStrerror ( opt ) ) ;
2007-08-22 16:06:27 +04:00
poptPrintUsage ( pc , stderr , 0 ) ;
2007-08-21 18:22:16 +04:00
exit ( 1 ) ;
1998-08-17 18:11:44 +04:00
}
2002-11-09 20:08:58 +03:00
}
poptFreeContext ( pc ) ;
1996-05-04 11:50:46 +04:00
2007-12-14 07:56:29 +03:00
if ( interactive ) {
Fork = False ;
log_stdout = True ;
}
setup_logging ( argv [ 0 ] , log_stdout ) ;
2007-08-22 16:06:27 +04:00
if ( print_build_options ) {
build_options ( True ) ; /* Display output to screen as well as debug */
exit ( 0 ) ;
}
2007-12-14 07:56:29 +03:00
load_case_tables ( ) ;
1999-12-13 16:27:58 +03:00
# ifdef HAVE_SETLUID
/* needed for SecureWare on SCO */
setluid ( 0 ) ;
# endif
2001-06-25 04:46:34 +04:00
sec_init ( ) ;
1999-12-13 16:27:58 +03:00
2003-03-18 12:52:55 +03:00
set_remote_machine_name ( " smbd " , False ) ;
1999-12-13 16:27:58 +03:00
2007-10-11 00:34:30 +04:00
if ( interactive & & ( DEBUGLEVEL > = 9 ) ) {
talloc_enable_leak_report ( ) ;
}
if ( log_stdout & & Fork ) {
2003-01-03 20:39:30 +03:00
DEBUG ( 0 , ( " ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i) \n " ) ) ;
exit ( 1 ) ;
}
1999-12-13 16:27:58 +03:00
/* we want to re-seed early to prevent time delays causing
client problems at a later date . ( tridge ) */
2004-07-14 08:36:01 +04:00
generate_random_buffer ( NULL , 0 ) ;
1999-12-13 16:27:58 +03:00
/* make absolutely sure we run as root - to handle cases where people
are crazy enough to have it setuid */
gain_root_privilege ( ) ;
gain_root_group_privilege ( ) ;
2006-04-04 04:27:50 +04:00
fault_setup ( ( void ( * ) ( void * ) ) exit_server_fault ) ;
dump_core_setup ( " smbd " ) ;
1999-12-13 16:27:58 +03:00
/* we are never interested in SIGPIPE */
BlockSignals ( True , SIGPIPE ) ;
# if defined(SIGFPE)
/* we are never interested in SIGFPE */
BlockSignals ( True , SIGFPE ) ;
# endif
2000-10-13 01:19:49 +04:00
# if defined(SIGUSR2)
/* We are no longer interested in USR2 */
BlockSignals ( True , SIGUSR2 ) ;
# endif
2001-01-25 19:36:42 +03:00
/* POSIX demands that signals are inherited. If the invoking process has
* these signals masked , we will have problems , as we won ' t recieve them . */
BlockSignals ( False , SIGHUP ) ;
BlockSignals ( False , SIGUSR1 ) ;
2002-03-14 05:15:08 +03:00
BlockSignals ( False , SIGTERM ) ;
2001-01-25 19:36:42 +03:00
2009-06-18 00:56:21 +04:00
/* Ensure we leave no zombies until we
* correctly set up child handling below . */
CatchChild ( ) ;
1999-12-13 16:27:58 +03:00
/* we want total control over the permissions on created files,
so set our umask to 0 */
umask ( 0 ) ;
2000-06-23 09:54:49 +04:00
init_sec_ctx ( ) ;
1999-12-13 16:27:58 +03:00
1998-08-17 18:11:44 +04:00
reopen_logs ( ) ;
1996-05-04 11:50:46 +04:00
2009-01-16 00:27:52 +03:00
DEBUG ( 0 , ( " smbd version %s started. \n " , samba_version_string ( ) ) ) ;
2007-10-30 17:44:27 +03:00
DEBUGADD ( 0 , ( " %s \n " , COPYRIGHT_STARTUP_MESSAGE ) ) ;
1996-05-04 11:50:46 +04:00
1998-08-17 18:11:44 +04:00
DEBUG ( 2 , ( " uid=%d gid=%d euid=%d egid=%d \n " ,
( int ) getuid ( ) , ( int ) getgid ( ) , ( int ) geteuid ( ) , ( int ) getegid ( ) ) ) ;
1996-05-04 11:50:46 +04:00
2001-09-19 13:44:12 +04:00
/* Output the build options to the debug log */
build_options ( False ) ;
1998-08-17 18:11:44 +04:00
if ( sizeof ( uint16 ) < 2 | | sizeof ( uint32 ) < 4 ) {
DEBUG ( 0 , ( " ERROR: Samba is not configured correctly for the word size on your machine \n " ) ) ;
exit ( 1 ) ;
}
1996-05-04 11:50:46 +04:00
2008-04-15 12:57:45 +04:00
if ( ! lp_load_initial_only ( get_dyn_CONFIGFILE ( ) ) ) {
DEBUG ( 0 , ( " error opening config file \n " ) ) ;
exit ( 1 ) ;
}
if ( smbd_messaging_context ( ) = = NULL )
exit ( 1 ) ;
1998-08-17 18:11:44 +04:00
if ( ! reload_services ( False ) )
return ( - 1 ) ;
1996-05-04 11:50:46 +04:00
1999-02-08 04:46:46 +03:00
init_structs ( ) ;
2001-07-10 06:28:17 +04:00
1999-04-01 09:22:58 +04:00
# ifdef WITH_PROFILE
2007-05-15 16:18:17 +04:00
if ( ! profile_setup ( smbd_messaging_context ( ) , False ) ) {
1999-04-01 09:22:58 +04:00
DEBUG ( 0 , ( " ERROR: failed to setup profiling \n " ) ) ;
return - 1 ;
}
2007-04-20 05:52:44 +04:00
if ( profile_level ! = NULL ) {
int pl = atoi ( profile_level ) ;
2007-05-07 13:35:35 +04:00
struct server_id src ;
2007-04-20 05:52:44 +04:00
DEBUG ( 1 , ( " setting profiling level: %s \n " , profile_level ) ) ;
src . pid = getpid ( ) ;
set_profile_level ( pl , src ) ;
}
1999-04-01 09:22:58 +04:00
# endif
1998-08-17 18:11:44 +04:00
DEBUG ( 3 , ( " loaded services \n " ) ) ;
1996-05-04 11:50:46 +04:00
2007-10-11 00:34:30 +04:00
if ( ! is_daemon & & ! is_a_socket ( 0 ) ) {
if ( ! interactive )
DEBUG ( 0 , ( " standard input is not a socket, assuming -D option \n " ) ) ;
/*
* Setting is_daemon here prevents us from eventually calling
* the open_sockets_inetd ( )
*/
is_daemon = True ;
1998-08-17 18:11:44 +04:00
}
1997-11-11 03:48:42 +03:00
2007-10-11 00:34:30 +04:00
if ( is_daemon & & ! interactive ) {
1998-08-17 18:11:44 +04:00
DEBUG ( 3 , ( " Becoming a daemon. \n " ) ) ;
2010-03-26 13:17:37 +03:00
become_daemon ( Fork , no_process_group , log_stdout ) ;
1998-08-17 18:11:44 +04:00
}
2000-02-07 19:22:16 +03:00
2010-07-04 18:51:06 +04:00
generate_random_buffer ( ( uint8_t * ) & unique_id , sizeof ( unique_id ) ) ;
set_my_unique_id ( unique_id ) ;
2001-12-30 04:46:38 +03:00
# if HAVE_SETPGID
/*
* If we ' re interactive we want to set our own process group for
* signal management .
*/
2007-10-11 00:34:30 +04:00
if ( interactive & & ! no_process_group )
2001-12-30 04:46:38 +03:00
setpgid ( ( pid_t ) 0 , ( pid_t ) 0 ) ;
# endif
2008-10-17 14:48:19 +04:00
if ( ! directory_exist ( lp_lockdir ( ) ) )
1998-08-17 18:11:44 +04:00
mkdir ( lp_lockdir ( ) , 0755 ) ;
1996-05-04 11:50:46 +04:00
2007-10-11 00:34:30 +04:00
if ( is_daemon )
1998-08-17 18:11:44 +04:00
pidfile_create ( " smbd " ) ;
1996-08-15 19:11:34 +04:00
2010-07-04 18:28:13 +04:00
status = reinit_after_fork ( smbd_messaging_context ( ) ,
smbd_event_context ( ) ,
procid_self ( ) , false ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
2008-04-15 12:57:45 +04:00
DEBUG ( 0 , ( " reinit_after_fork() failed \n " ) ) ;
2000-10-12 23:42:18 +04:00
exit ( 1 ) ;
2008-04-15 12:57:45 +04:00
}
2010-07-04 19:50:04 +04:00
smbd_server_conn - > msg_ctx = smbd_messaging_context ( ) ;
2009-01-22 01:24:18 +03:00
smbd_setup_sig_term_handler ( ) ;
smbd_setup_sig_hup_handler ( ) ;
2008-04-15 12:57:45 +04:00
/* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
2002-12-20 23:21:31 +03:00
2007-12-20 12:55:45 +03:00
if ( smbd_memcache ( ) = = NULL ) {
exit ( 1 ) ;
}
memcache_set_global ( smbd_memcache ( ) ) ;
2006-04-18 13:02:58 +04:00
/* Initialise the password backed before the global_sam_sid
to ensure that we fetch from ldap before we make a domain sid up */
2007-03-11 19:49:16 +03:00
if ( ! initialize_password_db ( False , smbd_event_context ( ) ) )
2006-04-18 13:02:58 +04:00
exit ( 1 ) ;
if ( ! secrets_init ( ) ) {
DEBUG ( 0 , ( " ERROR: smbd can not open secrets.tdb \n " ) ) ;
exit ( 1 ) ;
}
2010-06-23 04:36:32 +04:00
if ( lp_server_role ( ) = = ROLE_DOMAIN_BDC | | lp_server_role ( ) = = ROLE_DOMAIN_PDC ) {
2010-06-26 00:29:00 +04:00
if ( ! open_schannel_session_store ( NULL , lp_private_dir ( ) ) ) {
2010-06-23 04:36:32 +04:00
DEBUG ( 0 , ( " ERROR: Samba cannot open schannel store for secured NETLOGON operations. \n " ) ) ;
exit ( 1 ) ;
}
}
2006-04-18 13:02:58 +04:00
if ( ! get_global_sam_sid ( ) ) {
DEBUG ( 0 , ( " ERROR: Samba cannot create a SAM SID. \n " ) ) ;
exit ( 1 ) ;
}
2010-03-01 18:18:23 +03:00
if ( ! sessionid_init ( ) ) {
2004-02-19 04:55:24 +03:00
exit ( 1 ) ;
2010-03-01 18:18:23 +03:00
}
2004-02-19 04:55:24 +03:00
2007-05-08 17:44:36 +04:00
if ( ! connections_init ( True ) )
2004-02-19 04:55:24 +03:00
exit ( 1 ) ;
2007-12-05 22:53:22 +03:00
if ( ! locking_init ( ) )
2004-02-19 04:55:24 +03:00
exit ( 1 ) ;
2010-03-25 17:59:41 +03:00
if ( ! messaging_tdb_parent_init ( ) ) {
exit ( 1 ) ;
}
2010-03-25 18:01:54 +03:00
if ( ! notify_internal_parent_init ( ) ) {
exit ( 1 ) ;
}
2010-03-25 18:02:54 +03:00
if ( ! serverid_parent_init ( ) ) {
exit ( 1 ) ;
}
2008-04-13 17:33:12 +04:00
if ( ! W_ERROR_IS_OK ( registry_init_full ( ) ) )
2004-02-19 04:55:24 +03:00
exit ( 1 ) ;
2005-06-16 04:46:43 +04:00
#if 0
2005-06-14 07:17:31 +04:00
if ( ! init_svcctl_db ( ) )
exit ( 1 ) ;
2005-06-16 04:46:43 +04:00
# endif
2005-06-14 07:17:31 +04:00
2010-04-14 17:15:32 +04:00
if ( ! init_system_info ( ) ) {
DEBUG ( 0 , ( " ERROR: failed to setup system user info. \n " ) ) ;
return - 1 ;
}
2007-05-17 00:56:39 +04:00
if ( ! print_backend_init ( smbd_messaging_context ( ) ) )
2002-11-01 02:41:00 +03:00
exit ( 1 ) ;
2006-02-04 01:19:41 +03:00
if ( ! init_guest_info ( ) ) {
DEBUG ( 0 , ( " ERROR: failed to setup guest info. \n " ) ) ;
return - 1 ;
}
2009-08-27 03:17:38 +04:00
/* Open the share_info.tdb here, so we don't have to open
after the fork on every single connection . This is a small
performance improvment and reduces the total number of system
fds used . */
if ( ! share_info_db_init ( ) ) {
DEBUG ( 0 , ( " ERROR: failed to load share info db. \n " ) ) ;
exit ( 1 ) ;
}
2004-05-27 19:38:54 +04:00
/* only start the background queue daemon if we are
running as a daemon - - bad things will happen if
smbd is launched via inetd and we fork a copy of
ourselves here */
2007-10-11 00:34:30 +04:00
2008-04-15 03:50:13 +04:00
if ( is_daemon & & ! interactive
& & lp_parm_bool ( - 1 , " smbd " , " backgroundqueue " , true ) ) {
start_background_queue ( ) ;
}
2001-10-17 03:16:00 +04:00
2009-01-23 15:08:22 +03:00
if ( ! is_daemon ) {
/* inetd mode */
TALLOC_FREE ( frame ) ;
/* Started from inetd. fd 0 is the socket. */
/* We will abort gracefully when the client or remote system
goes away */
smbd_set_server_fd ( dup ( 0 ) ) ;
/* close our standard file descriptors */
close_low_fds ( False ) ; /* Don't close stderr */
2009-06-18 00:56:21 +04:00
# ifdef HAVE_ATEXIT
atexit ( killkids ) ;
# endif
/* Stop zombies */
smbd_setup_sig_chld_handler ( ) ;
2009-01-23 15:08:22 +03:00
smbd_process ( ) ;
exit_server_cleanly ( NULL ) ;
return ( 0 ) ;
}
2009-01-27 12:02:43 +03:00
parent = talloc_zero ( smbd_event_context ( ) , struct smbd_parent_context ) ;
if ( ! parent ) {
exit_server ( " talloc(struct smbd_parent_context) failed " ) ;
}
parent - > interactive = interactive ;
if ( ! open_sockets_smbd ( parent , ports ) )
exit_server ( " open_sockets_smbd() failed " ) ;
1998-05-19 03:57:28 +04:00
2007-11-16 01:19:52 +03:00
TALLOC_FREE ( frame ) ;
2010-03-15 16:42:17 +03:00
/* make sure we always have a valid stackframe */
frame = talloc_stackframe ( ) ;
2007-11-16 01:19:52 +03:00
2009-01-27 12:02:43 +03:00
smbd_parent_loop ( parent ) ;
2006-04-04 04:27:50 +04:00
2006-04-11 02:47:09 +04:00
exit_server_cleanly ( NULL ) ;
2010-03-15 16:42:17 +03:00
TALLOC_FREE ( frame ) ;
1998-08-17 18:11:44 +04:00
return ( 0 ) ;
1996-05-04 11:50:46 +04:00
}