Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : Main SMB server routines
5 :
6 : Copyright (C) Andrew Tridgell 1992-2005
7 : Copyright (C) Martin Pool 2002
8 : Copyright (C) Jelmer Vernooij 2002
9 : Copyright (C) James J Myers 2003 <myersjj@samba.org>
10 :
11 : This program is free software; you can redistribute it and/or modify
12 : it under the terms of the GNU General Public License as published by
13 : the Free Software Foundation; either version 3 of the License, or
14 : (at your option) any later version.
15 :
16 : This program is distributed in the hope that it will be useful,
17 : but WITHOUT ANY WARRANTY; without even the implied warranty of
18 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 : GNU General Public License for more details.
20 :
21 : You should have received a copy of the GNU General Public License
22 : along with this program. If not, see <http://www.gnu.org/licenses/>.
23 : */
24 :
25 : #include "includes.h"
26 : #include "lib/events/events.h"
27 : #include "version.h"
28 : #include "lib/cmdline/cmdline.h"
29 : #include "system/dir.h"
30 : #include "system/filesys.h"
31 : #include "auth/gensec/gensec.h"
32 : #include "libcli/auth/schannel.h"
33 : #include "samba/process_model.h"
34 : #include "param/secrets.h"
35 : #include "lib/util/pidfile.h"
36 : #include "param/param.h"
37 : #include "dsdb/samdb/samdb.h"
38 : #include "auth/session.h"
39 : #include "lib/messaging/irpc.h"
40 : #include "librpc/gen_ndr/ndr_irpc.h"
41 : #include "cluster/cluster.h"
42 : #include "dynconfig/dynconfig.h"
43 : #include "nsswitch/winbind_client.h"
44 : #include "libds/common/roles.h"
45 : #include "lib/util/tfork.h"
46 : #include "dsdb/samdb/ldb_modules/util.h"
47 : #include "lib/util/server_id.h"
48 : #include "server_util.h"
49 :
50 : #ifdef HAVE_PTHREAD
51 : #include <pthread.h>
52 : #endif
53 :
54 : struct server_state {
55 : struct tevent_context *event_ctx;
56 : const char *binary_name;
57 : };
58 :
59 : /*
60 : recursively delete a directory tree
61 : */
62 55 : static void recursive_delete(const char *path)
63 : {
64 : DIR *dir;
65 : struct dirent *de;
66 :
67 55 : dir = opendir(path);
68 55 : if (!dir) {
69 0 : return;
70 : }
71 :
72 166 : for (de=readdir(dir);de;de=readdir(dir)) {
73 : char *fname;
74 : struct stat st;
75 :
76 111 : if (ISDOT(de->d_name) || ISDOTDOT(de->d_name)) {
77 110 : continue;
78 : }
79 :
80 1 : fname = talloc_asprintf(path, "%s/%s", path, de->d_name);
81 1 : if (stat(fname, &st) != 0) {
82 0 : continue;
83 : }
84 1 : if (S_ISDIR(st.st_mode)) {
85 0 : recursive_delete(fname);
86 0 : talloc_free(fname);
87 0 : continue;
88 : }
89 1 : if (unlink(fname) != 0) {
90 0 : DBG_ERR("Unabled to delete '%s' - %s\n",
91 : fname, strerror(errno));
92 0 : smb_panic("unable to cleanup tmp files");
93 : }
94 1 : talloc_free(fname);
95 : }
96 55 : closedir(dir);
97 : }
98 :
99 : /*
100 : cleanup temporary files. This is the new alternative to
101 : TDB_CLEAR_IF_FIRST. Unfortunately TDB_CLEAR_IF_FIRST is not
102 : efficient on unix systems due to the lack of scaling of the byte
103 : range locking system. So instead of putting the burden on tdb to
104 : cleanup tmp files, this function deletes them.
105 : */
106 55 : static void cleanup_tmp_files(struct loadparm_context *lp_ctx)
107 : {
108 : char *path;
109 55 : TALLOC_CTX *mem_ctx = talloc_new(NULL);
110 55 : if (mem_ctx == NULL) {
111 0 : exit_daemon("Failed to create memory context",
112 : ENOMEM);
113 : }
114 :
115 55 : path = smbd_tmp_path(mem_ctx, lp_ctx, NULL);
116 55 : if (path == NULL) {
117 0 : exit_daemon("Failed to cleanup temporary files",
118 : EINVAL);
119 : }
120 :
121 55 : recursive_delete(path);
122 55 : talloc_free(mem_ctx);
123 55 : }
124 :
125 0 : static void sig_hup(int sig)
126 : {
127 0 : debug_schedule_reopen_logs();
128 0 : }
129 :
130 0 : static void sig_term(int sig)
131 : {
132 : #ifdef HAVE_GETPGRP
133 0 : if (getpgrp() == getpid()) {
134 : /*
135 : * We're the process group leader, send
136 : * SIGTERM to our process group.
137 : */
138 0 : kill(-getpgrp(), SIGTERM);
139 : }
140 : #endif
141 0 : _exit(127);
142 : }
143 :
144 0 : static void sigterm_signal_handler(struct tevent_context *ev,
145 : struct tevent_signal *se,
146 : int signum, int count, void *siginfo,
147 : void *private_data)
148 : {
149 0 : struct server_state *state = talloc_get_type_abort(
150 : private_data, struct server_state);
151 :
152 0 : DBG_DEBUG("Process %s got SIGTERM\n", state->binary_name);
153 0 : TALLOC_FREE(state);
154 0 : sig_term(SIGTERM);
155 0 : }
156 :
157 0 : static void sighup_signal_handler(struct tevent_context *ev,
158 : struct tevent_signal *se,
159 : int signum, int count, void *siginfo,
160 : void *private_data)
161 : {
162 0 : struct server_state *state = talloc_get_type_abort(
163 : private_data, struct server_state);
164 :
165 0 : DBG_DEBUG("Process %s got SIGHUP\n", state->binary_name);
166 :
167 0 : reopen_logs_internal();
168 0 : }
169 :
170 : /*
171 : setup signal masks
172 : */
173 55 : static void setup_signals(void)
174 : {
175 : /* we are never interested in SIGPIPE */
176 55 : BlockSignals(true,SIGPIPE);
177 :
178 : #if defined(SIGFPE)
179 : /* we are never interested in SIGFPE */
180 55 : BlockSignals(true,SIGFPE);
181 : #endif
182 :
183 : /* We are no longer interested in USR1 */
184 55 : BlockSignals(true, SIGUSR1);
185 :
186 : #if defined(SIGUSR2)
187 : /* We are no longer interested in USR2 */
188 55 : BlockSignals(true,SIGUSR2);
189 : #endif
190 :
191 : /* POSIX demands that signals are inherited. If the invoking process has
192 : * these signals masked, we will have problems,
193 : * as we won't receive them. */
194 55 : BlockSignals(false, SIGHUP);
195 55 : BlockSignals(false, SIGTERM);
196 :
197 55 : CatchSignal(SIGHUP, sig_hup);
198 55 : CatchSignal(SIGTERM, sig_term);
199 55 : }
200 :
201 : /*
202 : handle io on stdin
203 : */
204 55 : static void server_stdin_handler(struct tevent_context *event_ctx,
205 : struct tevent_fd *fde,
206 : uint16_t flags,
207 : void *private_data)
208 : {
209 55 : struct server_state *state = talloc_get_type_abort(
210 : private_data, struct server_state);
211 : uint8_t c;
212 55 : if (read(0, &c, 1) == 0) {
213 55 : DBG_ERR("%s: EOF on stdin - PID %d terminating\n",
214 : state->binary_name, (int)getpid());
215 : #ifdef HAVE_GETPGRP
216 55 : if (getpgrp() == getpid()) {
217 0 : DBG_ERR("Sending SIGTERM from pid %d\n",
218 : (int)getpid());
219 0 : kill(-getpgrp(), SIGTERM);
220 : }
221 : #endif
222 55 : TALLOC_FREE(state);
223 55 : exit(0);
224 : }
225 0 : }
226 :
227 : /*
228 : die if the user selected maximum runtime is exceeded
229 : */
230 0 : _NORETURN_ static void max_runtime_handler(struct tevent_context *ev,
231 : struct tevent_timer *te,
232 : struct timeval t, void *private_data)
233 : {
234 0 : struct server_state *state = talloc_get_type_abort(
235 : private_data, struct server_state);
236 0 : DBG_ERR("%s: maximum runtime exceeded - "
237 : "terminating PID %d at %llu, current ts: %llu\n",
238 : state->binary_name,
239 : (int)getpid(),
240 : (unsigned long long)t.tv_sec,
241 : (unsigned long long)time(NULL));
242 0 : TALLOC_FREE(state);
243 0 : exit(0);
244 : }
245 :
246 : /*
247 : * When doing an in-place upgrade of Samba, the database format may have
248 : * changed between versions. E.g. between 4.7 and 4.8 the DB changed from
249 : * DN-based indexes to GUID-based indexes, so we have to re-index the DB after
250 : * upgrading.
251 : * This function handles migrating an older samba DB to a new Samba release.
252 : * Note that we have to maintain DB compatibility between *all* older versions
253 : * of Samba, not just the ones still under maintenance support.
254 : */
255 55 : static int handle_inplace_db_upgrade(struct ldb_context *ldb_ctx)
256 : {
257 : int ret;
258 :
259 : /*
260 : * The DSDB stack will handle reindexing the DB (if needed) upon the first
261 : * DB write. Open and close a transaction on the DB now to trigger a
262 : * reindex if required, rather than waiting for the first write.
263 : * We do this here to guarantee that the DB will have been re-indexed by
264 : * the time the main samba code runs.
265 : * Refer to dsdb_schema_set_indices_and_attributes() for the actual reindexing
266 : * code, called from
267 : * source4/dsdb/samdb/ldb_modules/schema_load.c:schema_load_start_transaction()
268 : */
269 55 : ret = ldb_transaction_start(ldb_ctx);
270 55 : if (ret != LDB_SUCCESS) {
271 0 : return ret;
272 : }
273 :
274 55 : ret = ldb_transaction_commit(ldb_ctx);
275 55 : if (ret != LDB_SUCCESS) {
276 0 : return ret;
277 : }
278 55 : return LDB_SUCCESS;
279 : }
280 :
281 : /*
282 : pre-open the key databases. This saves a lot of time in child
283 : processes
284 : */
285 55 : static int prime_ldb_databases(struct tevent_context *event_ctx, bool *am_backup)
286 : {
287 55 : struct ldb_result *res = NULL;
288 55 : struct ldb_dn *samba_dsdb_dn = NULL;
289 55 : struct ldb_context *ldb_ctx = NULL;
290 55 : struct ldb_context *pdb = NULL;
291 : static const char *attrs[] = { "backupDate", NULL };
292 55 : struct loadparm_context *lp_ctx = samba_cmdline_get_lp_ctx();
293 55 : const char *msg = NULL;
294 : int ret;
295 55 : TALLOC_CTX *db_context = talloc_new(event_ctx);
296 55 : if (db_context == NULL) {
297 0 : return LDB_ERR_OPERATIONS_ERROR;
298 : }
299 :
300 55 : *am_backup = false;
301 :
302 : /* note we deliberately leave these open, which allows them to be
303 : * re-used in ldb_wrap_connect() */
304 55 : ldb_ctx = samdb_connect(db_context,
305 : event_ctx,
306 : lp_ctx,
307 : system_session(lp_ctx),
308 : NULL,
309 : 0);
310 55 : if (ldb_ctx == NULL) {
311 0 : talloc_free(db_context);
312 0 : return LDB_ERR_OPERATIONS_ERROR;
313 : }
314 :
315 55 : ret = handle_inplace_db_upgrade(ldb_ctx);
316 55 : if (ret != LDB_SUCCESS) {
317 0 : talloc_free(db_context);
318 0 : return ret;
319 : }
320 :
321 55 : pdb = privilege_connect(db_context, lp_ctx);
322 55 : if (pdb == NULL) {
323 0 : talloc_free(db_context);
324 0 : return LDB_ERR_OPERATIONS_ERROR;
325 : }
326 :
327 : /* check the root DB object to see if it's marked as a backup */
328 55 : samba_dsdb_dn = ldb_dn_new(db_context, ldb_ctx, "@SAMBA_DSDB");
329 55 : if (!samba_dsdb_dn) {
330 0 : talloc_free(db_context);
331 0 : return LDB_ERR_OPERATIONS_ERROR;
332 : }
333 :
334 55 : ret = dsdb_search_dn(ldb_ctx, db_context, &res, samba_dsdb_dn, attrs,
335 : DSDB_FLAG_AS_SYSTEM);
336 55 : if (ret != LDB_SUCCESS) {
337 0 : talloc_free(db_context);
338 0 : return ret;
339 : }
340 :
341 55 : if (res->count > 0) {
342 55 : msg = ldb_msg_find_attr_as_string(res->msgs[0], "backupDate",
343 : NULL);
344 55 : if (msg != NULL) {
345 0 : *am_backup = true;
346 : }
347 : }
348 55 : return LDB_SUCCESS;
349 : }
350 :
351 : /*
352 : called from 'smbcontrol samba shutdown'
353 : */
354 0 : static void samba_parent_shutdown(struct imessaging_context *msg,
355 : void *private_data,
356 : uint32_t msg_type,
357 : struct server_id src,
358 : size_t num_fds,
359 : int *fds,
360 : DATA_BLOB *data)
361 : {
362 : struct server_state *state =
363 0 : talloc_get_type_abort(private_data,
364 : struct server_state);
365 : struct server_id_buf src_buf;
366 0 : struct server_id dst = imessaging_get_server_id(msg);
367 : struct server_id_buf dst_buf;
368 :
369 0 : if (num_fds != 0) {
370 0 : DBG_WARNING("Received %zu fds, ignoring message\n", num_fds);
371 0 : return;
372 : }
373 :
374 0 : DBG_ERR("samba_shutdown of %s %s: from %s\n",
375 : state->binary_name,
376 : server_id_str_buf(dst, &dst_buf),
377 : server_id_str_buf(src, &src_buf));
378 :
379 0 : TALLOC_FREE(state);
380 0 : exit(0);
381 : }
382 :
383 : /*
384 : called when a fatal condition occurs in a child task
385 : */
386 0 : static NTSTATUS samba_terminate(struct irpc_message *msg,
387 : struct samba_terminate *r)
388 : {
389 0 : struct server_state *state = talloc_get_type(msg->private_data,
390 : struct server_state);
391 0 : DBG_ERR("samba_terminate of %s %d: %s\n",
392 : state->binary_name, (int)getpid(), r->in.reason);
393 0 : TALLOC_FREE(state);
394 0 : exit(1);
395 : }
396 :
397 : /*
398 : setup messaging for the top level samba (parent) task
399 : */
400 55 : static NTSTATUS setup_parent_messaging(struct server_state *state,
401 : struct loadparm_context *lp_ctx)
402 : {
403 : struct imessaging_context *msg;
404 : NTSTATUS status;
405 55 : if (state == NULL) {
406 0 : return NT_STATUS_UNSUCCESSFUL;
407 : }
408 55 : msg = imessaging_init(state->event_ctx,
409 : lp_ctx,
410 55 : cluster_id(getpid(), SAMBA_PARENT_TASKID),
411 : state->event_ctx);
412 55 : NT_STATUS_HAVE_NO_MEMORY(msg);
413 :
414 55 : status = irpc_add_name(msg, "samba");
415 55 : if (!NT_STATUS_IS_OK(status)) {
416 0 : return status;
417 : }
418 :
419 55 : status = imessaging_register(msg, state, MSG_SHUTDOWN,
420 : samba_parent_shutdown);
421 55 : if (!NT_STATUS_IS_OK(status)) {
422 0 : return status;
423 : }
424 :
425 55 : status = IRPC_REGISTER(msg, irpc, SAMBA_TERMINATE,
426 : samba_terminate, state);
427 55 : if (!NT_STATUS_IS_OK(status)) {
428 0 : return status;
429 : }
430 :
431 55 : return NT_STATUS_OK;
432 : }
433 :
434 :
435 : /*
436 : show build info
437 : */
438 0 : static void show_build(void)
439 : {
440 : #define CONFIG_OPTION(n) { #n, dyn_ ## n }
441 : struct {
442 : const char *name;
443 : const char *value;
444 0 : } config_options[] = {
445 : CONFIG_OPTION(BINDIR),
446 : CONFIG_OPTION(SBINDIR),
447 : CONFIG_OPTION(CONFIGFILE),
448 : CONFIG_OPTION(NCALRPCDIR),
449 : CONFIG_OPTION(LOGFILEBASE),
450 : CONFIG_OPTION(LMHOSTSFILE),
451 : CONFIG_OPTION(DATADIR),
452 : CONFIG_OPTION(MODULESDIR),
453 : CONFIG_OPTION(LOCKDIR),
454 : CONFIG_OPTION(STATEDIR),
455 : CONFIG_OPTION(CACHEDIR),
456 : CONFIG_OPTION(PIDDIR),
457 : CONFIG_OPTION(PRIVATE_DIR),
458 : CONFIG_OPTION(CODEPAGEDIR),
459 : CONFIG_OPTION(SETUPDIR),
460 : CONFIG_OPTION(WINBINDD_SOCKET_DIR),
461 : CONFIG_OPTION(NTP_SIGND_SOCKET_DIR),
462 : { NULL, NULL}
463 : };
464 : int i;
465 :
466 0 : printf("Samba version: %s\n", SAMBA_VERSION_STRING);
467 0 : printf("Build environment:\n");
468 :
469 0 : printf("Paths:\n");
470 0 : for (i=0; config_options[i].name; i++) {
471 0 : printf(" %s: %s\n",
472 : config_options[i].name,
473 : config_options[i].value);
474 : }
475 :
476 0 : exit(0);
477 : }
478 :
479 55 : static int event_ctx_destructor(struct tevent_context *event_ctx)
480 : {
481 55 : imessaging_dgm_unref_ev(event_ctx);
482 55 : return 0;
483 : }
484 :
485 : #ifdef HAVE_PTHREAD
486 : static int to_children_fd = -1;
487 35411 : static void atfork_prepare(void) {
488 35411 : }
489 35411 : static void atfork_parent(void) {
490 35411 : }
491 0 : static void atfork_child(void) {
492 0 : if (to_children_fd != -1) {
493 0 : close(to_children_fd);
494 0 : to_children_fd = -1;
495 : }
496 0 : }
497 : #endif
498 :
499 : /*
500 : main server.
501 : */
502 55 : static int binary_smbd_main(TALLOC_CTX *mem_ctx,
503 : const char *binary_name,
504 : int argc,
505 : const char *argv[])
506 : {
507 55 : struct samba_cmdline_daemon_cfg *cmdline_daemon_cfg = NULL;
508 55 : bool db_is_backup = false;
509 : int opt;
510 : int ret;
511 : poptContext pc;
512 : uint16_t stdin_event_flags;
513 : NTSTATUS status;
514 55 : const char *model = "prefork";
515 55 : int max_runtime = 0;
516 : struct stat st;
517 : enum {
518 : OPT_PROCESS_MODEL = 1000,
519 : OPT_SHOW_BUILD,
520 : };
521 220 : struct poptOption long_options[] = {
522 : POPT_AUTOHELP
523 : {
524 : .longName = "model",
525 : .shortName = 'M',
526 : .argInfo = POPT_ARG_STRING,
527 : .val = OPT_PROCESS_MODEL,
528 : .descrip = "Select process model",
529 : .argDescrip = "MODEL",
530 : },
531 : {
532 : .longName = "maximum-runtime",
533 : .argInfo = POPT_ARG_INT,
534 : .arg = &max_runtime,
535 : .descrip = "set maximum runtime of the server process, "
536 : "till autotermination",
537 : .argDescrip = "seconds"
538 : },
539 : {
540 : .longName = "show-build",
541 : .shortName = 'b',
542 : .argInfo = POPT_ARG_NONE,
543 : .val = OPT_SHOW_BUILD,
544 : .descrip = "show build info",
545 : },
546 55 : POPT_COMMON_SAMBA
547 55 : POPT_COMMON_DAEMON
548 55 : POPT_COMMON_VERSION
549 : POPT_TABLEEND
550 : };
551 55 : struct server_state *state = NULL;
552 55 : struct tevent_signal *se = NULL;
553 55 : struct samba_tevent_trace_state *samba_tevent_trace_state = NULL;
554 55 : struct loadparm_context *lp_ctx = NULL;
555 : bool ok;
556 :
557 55 : setproctitle("root process");
558 :
559 55 : ok = samba_cmdline_init(mem_ctx,
560 : SAMBA_CMDLINE_CONFIG_SERVER,
561 : true /* require_smbconf */);
562 55 : if (!ok) {
563 0 : DBG_ERR("Failed to init cmdline parser!\n");
564 0 : TALLOC_FREE(mem_ctx);
565 0 : exit(1);
566 : }
567 :
568 55 : cmdline_daemon_cfg = samba_cmdline_get_daemon_cfg();
569 :
570 55 : pc = samba_popt_get_context(binary_name,
571 : argc,
572 : argv,
573 : long_options,
574 : 0);
575 55 : if (pc == NULL) {
576 0 : DBG_ERR("Failed to setup popt context!\n");
577 0 : TALLOC_FREE(mem_ctx);
578 0 : exit(1);
579 : }
580 :
581 104 : while((opt = poptGetNextOpt(pc)) != -1) {
582 49 : switch(opt) {
583 49 : case OPT_PROCESS_MODEL:
584 49 : model = poptGetOptArg(pc);
585 49 : break;
586 0 : case OPT_SHOW_BUILD:
587 0 : show_build();
588 0 : break;
589 0 : default:
590 0 : fprintf(stderr, "\nInvalid option %s: %s\n\n",
591 : poptBadOption(pc, 0), poptStrerror(opt));
592 0 : poptPrintUsage(pc, stderr, 0);
593 0 : return 1;
594 : }
595 : }
596 :
597 55 : if (cmdline_daemon_cfg->daemon && cmdline_daemon_cfg->interactive) {
598 0 : fprintf(stderr,"\nERROR: "
599 : "Option -i|--interactive is "
600 : "not allowed together with -D|--daemon\n\n");
601 0 : poptPrintUsage(pc, stderr, 0);
602 0 : return 1;
603 55 : } else if (!cmdline_daemon_cfg->interactive &&
604 0 : cmdline_daemon_cfg->fork) {
605 : /* default is --daemon */
606 0 : cmdline_daemon_cfg->daemon = true;
607 : }
608 :
609 55 : poptFreeContext(pc);
610 :
611 55 : lp_ctx = samba_cmdline_get_lp_ctx();
612 :
613 55 : talloc_enable_null_tracking();
614 :
615 55 : setup_signals();
616 :
617 : /* we want total control over the permissions on created files,
618 : so set our umask to 0 */
619 55 : umask(0);
620 :
621 55 : DEBUG(0,("%s version %s started.\n",
622 : binary_name,
623 : SAMBA_VERSION_STRING));
624 55 : DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team"
625 : " 1992-2023\n"));
626 :
627 : if (sizeof(uint16_t) < 2 ||
628 : sizeof(uint32_t) < 4 ||
629 : sizeof(uint64_t) < 8) {
630 : DEBUG(0,("ERROR: Samba is not configured correctly "
631 : "for the word size on your machine\n"));
632 : DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, "
633 : "sizeof(uint64_t) = %u\n",
634 : (unsigned int)sizeof(uint16_t),
635 : (unsigned int)sizeof(uint32_t),
636 : (unsigned int)sizeof(uint64_t)));
637 : return 1;
638 : }
639 :
640 55 : if (cmdline_daemon_cfg->daemon) {
641 0 : DBG_NOTICE("Becoming a daemon.\n");
642 0 : become_daemon(cmdline_daemon_cfg->fork,
643 0 : cmdline_daemon_cfg->no_process_group,
644 : false);
645 55 : } else if (!cmdline_daemon_cfg->interactive) {
646 0 : daemon_status("samba", "Starting process...");
647 : }
648 :
649 : /* Create the memory context to hang everything off. */
650 55 : state = talloc_zero(mem_ctx, struct server_state);
651 55 : if (state == NULL) {
652 0 : exit_daemon("Samba cannot create server state", ENOMEM);
653 : /*
654 : * return is never reached but is here to satisfy static
655 : * checkers
656 : */
657 0 : return 1;
658 : };
659 55 : state->binary_name = binary_name;
660 :
661 55 : cleanup_tmp_files(lp_ctx);
662 :
663 55 : if (!directory_exist(lpcfg_lock_directory(lp_ctx))) {
664 0 : mkdir(lpcfg_lock_directory(lp_ctx), 0755);
665 : }
666 :
667 55 : if (!directory_exist(lpcfg_pid_directory(lp_ctx))) {
668 0 : mkdir(lpcfg_pid_directory(lp_ctx), 0755);
669 : }
670 :
671 55 : pidfile_create(lpcfg_pid_directory(lp_ctx), binary_name);
672 :
673 55 : if (lpcfg_server_role(lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) {
674 49 : if (!open_schannel_session_store(state,
675 : lp_ctx)) {
676 0 : TALLOC_FREE(state);
677 0 : exit_daemon("Samba cannot open schannel store "
678 : "for secured NETLOGON operations.", EACCES);
679 : /*
680 : * return is never reached but is here to satisfy static
681 : * checkers
682 : */
683 0 : return 1;
684 : }
685 : }
686 :
687 : /* make sure we won't go through nss_winbind */
688 55 : if (!winbind_off()) {
689 0 : TALLOC_FREE(state);
690 0 : exit_daemon("Samba failed to disable recusive "
691 : "winbindd calls.", EACCES);
692 : /*
693 : * return is never reached but is here to satisfy static
694 : * checkers
695 : */
696 0 : return 1;
697 : }
698 :
699 55 : gensec_init(); /* FIXME: */
700 :
701 55 : process_model_init(lp_ctx);
702 :
703 55 : samba_service_init();
704 :
705 : /* the event context is the top level structure in smbd. Everything else
706 : should hang off that */
707 55 : state->event_ctx = s4_event_context_init(state);
708 :
709 55 : if (state->event_ctx == NULL) {
710 0 : TALLOC_FREE(state);
711 0 : exit_daemon("Initializing event context failed", EACCES);
712 : /*
713 : * return is never reached but is here to satisfy static
714 : * checkers
715 : */
716 0 : return 1;
717 : }
718 :
719 55 : talloc_set_destructor(state->event_ctx, event_ctx_destructor);
720 :
721 55 : samba_tevent_trace_state = create_samba_tevent_trace_state(state);
722 55 : if (samba_tevent_trace_state == NULL) {
723 0 : exit_daemon("Samba failed to setup tevent tracing state",
724 : ENOTTY);
725 : /*
726 : * return is never reached but is here to satisfy static
727 : * checkers
728 : */
729 0 : return 1;
730 : }
731 :
732 55 : tevent_set_trace_callback(state->event_ctx,
733 : samba_tevent_trace_callback,
734 : samba_tevent_trace_state);
735 :
736 55 : if (cmdline_daemon_cfg->interactive) {
737 : /* terminate when stdin goes away */
738 55 : stdin_event_flags = TEVENT_FD_READ;
739 : } else {
740 : /* stay alive forever */
741 0 : stdin_event_flags = 0;
742 : }
743 :
744 : #ifdef HAVE_SETPGID
745 : /*
746 : * If we're interactive we want to set our own process group for
747 : * signal management, unless --no-process-group specified.
748 : */
749 55 : if (cmdline_daemon_cfg->interactive &&
750 55 : !cmdline_daemon_cfg->no_process_group)
751 : {
752 0 : setpgid((pid_t)0, (pid_t)0);
753 : }
754 : #endif
755 :
756 : /* catch EOF on stdin */
757 : #ifdef SIGTTIN
758 55 : signal(SIGTTIN, SIG_IGN);
759 : #endif
760 :
761 55 : if (fstat(0, &st) != 0) {
762 0 : TALLOC_FREE(state);
763 0 : exit_daemon("Samba failed to set standard input handler",
764 : ENOTTY);
765 : /*
766 : * return is never reached but is here to satisfy static
767 : * checkers
768 : */
769 0 : return 1;
770 : }
771 :
772 55 : if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
773 55 : struct tevent_fd *fde = tevent_add_fd(state->event_ctx,
774 : state->event_ctx,
775 : 0,
776 : stdin_event_flags,
777 : server_stdin_handler,
778 : state);
779 55 : if (fde == NULL) {
780 0 : TALLOC_FREE(state);
781 0 : exit_daemon("Initializing stdin failed", ENOMEM);
782 : /*
783 : * return is never reached but is here to
784 : * satisfy static checkers
785 : */
786 0 : return 1;
787 : }
788 : }
789 :
790 55 : if (max_runtime) {
791 : struct tevent_timer *te;
792 55 : DBG_ERR("%s PID %d was called with maxruntime %d - "
793 : "current ts %llu\n",
794 : binary_name, (int)getpid(),
795 : max_runtime, (unsigned long long) time(NULL));
796 55 : te = tevent_add_timer(state->event_ctx, state->event_ctx,
797 : timeval_current_ofs(max_runtime, 0),
798 : max_runtime_handler,
799 : state);
800 55 : if (te == NULL) {
801 0 : TALLOC_FREE(state);
802 0 : exit_daemon("Maxruntime handler failed", ENOMEM);
803 : /*
804 : * return is never reached but is here to
805 : * satisfy static checkers
806 : */
807 0 : return 1;
808 : }
809 : }
810 :
811 55 : se = tevent_add_signal(state->event_ctx,
812 : state->event_ctx,
813 : SIGTERM,
814 : 0,
815 : sigterm_signal_handler,
816 : state);
817 55 : if (se == NULL) {
818 0 : TALLOC_FREE(state);
819 0 : exit_daemon("Initialize SIGTERM handler failed", ENOMEM);
820 : /*
821 : * return is never reached but is here to satisfy static
822 : * checkers
823 : */
824 0 : return 1;
825 : }
826 :
827 55 : se = tevent_add_signal(state->event_ctx,
828 : state->event_ctx,
829 : SIGHUP,
830 : 0,
831 : sighup_signal_handler,
832 : state);
833 55 : if (se == NULL) {
834 0 : TALLOC_FREE(state);
835 0 : exit_daemon("Initialize SIGHUP handler failed", ENOMEM);
836 : /*
837 : * return is never reached but is here to satisfy static
838 : * checkers
839 : */
840 0 : return 1;
841 : }
842 :
843 55 : if (lpcfg_server_role(lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC
844 6 : && !lpcfg_parm_bool(lp_ctx, NULL,
845 : "server role check", "inhibit", false)
846 6 : && !str_list_check_ci(lpcfg_server_services(lp_ctx), "smb")
847 0 : && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(lp_ctx),
848 : "remote")
849 0 : && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(lp_ctx),
850 : "mapiproxy")) {
851 0 : DEBUG(0, ("At this time the 'samba' binary should only be used "
852 : "for either:\n"));
853 0 : DEBUGADD(0, ("'server role = active directory domain "
854 : "controller' or the rpc proxy "
855 : "with 'dcerpc endpoint servers = remote'\n"));
856 0 : DEBUGADD(0, ("You should start smbd/nmbd/winbindd instead for "
857 : "domain member and standalone file server tasks\n"));
858 0 : exit_daemon("Samba detected misconfigured 'server role' "
859 : "and exited. Check logs for details", EINVAL);
860 : };
861 :
862 55 : ret = prime_ldb_databases(state->event_ctx, &db_is_backup);
863 55 : if (ret != LDB_SUCCESS) {
864 0 : TALLOC_FREE(state);
865 0 : exit_daemon("Samba failed to prime database", EINVAL);
866 : /*
867 : * return is never reached but is here to satisfy static
868 : * checkers
869 : */
870 0 : return 1;
871 : }
872 :
873 55 : if (db_is_backup) {
874 0 : TALLOC_FREE(state);
875 0 : exit_daemon("Database is a backup. Please run samba-tool domain"
876 : " backup restore", EINVAL);
877 : /*
878 : * return is never reached but is here to satisfy static
879 : * checkers
880 : */
881 0 : return 1;
882 : }
883 :
884 55 : status = setup_parent_messaging(state, lp_ctx);
885 55 : if (!NT_STATUS_IS_OK(status)) {
886 0 : TALLOC_FREE(state);
887 0 : exit_daemon("Samba failed to setup parent messaging",
888 0 : NT_STATUS_V(status));
889 : /*
890 : * return is never reached but is here to satisfy static
891 : * checkers
892 : */
893 0 : return 1;
894 : }
895 :
896 55 : DBG_ERR("%s: using '%s' process model\n", binary_name, model);
897 :
898 : {
899 : int child_pipe[2];
900 : int rc;
901 55 : bool start_services = false;
902 :
903 55 : rc = pipe(child_pipe);
904 55 : if (rc < 0) {
905 0 : TALLOC_FREE(state);
906 0 : exit_daemon("Samba failed to open process control pipe",
907 0 : errno);
908 : /*
909 : * return is never reached but is here to satisfy static
910 : * checkers
911 : */
912 0 : return 1;
913 : }
914 55 : smb_set_close_on_exec(child_pipe[0]);
915 55 : smb_set_close_on_exec(child_pipe[1]);
916 :
917 : #ifdef HAVE_PTHREAD
918 55 : to_children_fd = child_pipe[1];
919 55 : pthread_atfork(atfork_prepare, atfork_parent,
920 : atfork_child);
921 55 : start_services = true;
922 : #else
923 : pid_t pid;
924 : struct tfork *t = NULL;
925 : t = tfork_create();
926 : if (t == NULL) {
927 : exit_daemon(
928 : "Samba unable to fork master process",
929 : 0);
930 : }
931 : pid = tfork_child_pid(t);
932 : if (pid == 0) {
933 : start_services = false;
934 : } else {
935 : /* In the child process */
936 : start_services = true;
937 : close(child_pipe[1]);
938 : }
939 : #endif
940 55 : if (start_services) {
941 55 : status = server_service_startup(
942 : state->event_ctx, lp_ctx, model,
943 : lpcfg_server_services(lp_ctx),
944 : child_pipe[0]);
945 55 : if (!NT_STATUS_IS_OK(status)) {
946 0 : TALLOC_FREE(state);
947 0 : exit_daemon("Samba failed to start services",
948 0 : NT_STATUS_V(status));
949 : /*
950 : * return is never reached but is here to
951 : * satisfy static checkers
952 : */
953 0 : return 1;
954 : }
955 : }
956 : }
957 :
958 55 : if (!cmdline_daemon_cfg->interactive) {
959 0 : daemon_ready("samba");
960 : }
961 :
962 : /* wait for events - this is where smbd sits for most of its
963 : life */
964 55 : tevent_loop_wait(state->event_ctx);
965 :
966 : /* as everything hangs off this state->event context, freeing state
967 : will initiate a clean shutdown of all services */
968 0 : TALLOC_FREE(state);
969 :
970 0 : return 0;
971 : }
972 :
973 55 : int main(int argc, const char *argv[])
974 : {
975 55 : TALLOC_CTX *mem_ctx = NULL;
976 : int rc;
977 :
978 55 : mem_ctx = talloc_init("samba/server.c#main");
979 55 : if (mem_ctx == NULL) {
980 0 : exit(ENOMEM);
981 : }
982 :
983 55 : setproctitle_init(argc, discard_const(argv), environ);
984 :
985 55 : rc = binary_smbd_main(mem_ctx, "samba", argc, argv);
986 :
987 0 : TALLOC_FREE(mem_ctx);
988 0 : return rc;
989 : }
|
