2 Unix SMB/CIFS implementation.
3 Main SMB server routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Martin Pool 2002
6 Copyright (C) Jelmer Vernooij 2002-2003
7 Copyright (C) Volker Lendecke 1993-2007
8 Copyright (C) Jeremy Allison 1993-2007
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "system/filesys.h"
26 #include "lib/util/server_id.h"
27 #include "lib/util/close_low_fd.h"
28 #include "lib/cmdline/cmdline.h"
29 #include "locking/share_mode_lock.h"
30 #include "smbd/smbd.h"
31 #include "smbd/globals.h"
32 #include "source3/smbd/smbXsrv_session.h"
33 #include "smbd/smbXsrv_open.h"
34 #include "registry/reg_init_full.h"
35 #include "libcli/auth/schannel.h"
37 #include "../lib/util/memcache.h"
38 #include "ctdbd_conn.h"
39 #include "lib/util/util_process.h"
40 #include "util_cluster.h"
41 #include "printing/queue_process.h"
42 #include "rpc_server/rpc_config.h"
46 #include "messages_ctdb.h"
47 #include "smbprofile.h"
48 #include "lib/id_cache.h"
49 #include "lib/param/param.h"
50 #include "lib/background.h"
51 #include "../lib/util/pidfile.h"
52 #include "lib/smbd_shim.h"
53 #include "scavenger.h"
54 #include "locking/leases_db.h"
55 #include "smbd/notifyd/notifyd.h"
56 #include "smbd/smbd_cleanupd.h"
57 #include "lib/util/sys_rw.h"
58 #include "cleanupdb.h"
60 #include "lib/global_contexts.h"
61 #include "source3/lib/substitute.h"
62 #include "lib/addrchange.h"
64 #ifdef CLUSTER_SUPPORT
65 #include "ctdb_protocol.h"
68 struct smbd_open_socket;
69 struct smbd_child_pid;
71 struct smbd_parent_context {
74 struct tevent_context *ev_ctx;
75 struct messaging_context *msg_ctx;
77 /* the list of listening sockets */
78 struct smbd_open_socket *sockets;
80 /* the list of current child processes */
81 struct smbd_child_pid *children;
84 struct server_id cleanupd;
85 struct server_id notifyd;
87 struct tevent_timer *cleanup_te;
90 struct smbd_open_socket {
91 struct smbd_open_socket *prev, *next;
92 struct smbd_parent_context *parent;
94 struct tevent_fd *fde;
97 struct smbd_child_pid {
98 struct smbd_child_pid *prev, *next;
102 /*******************************************************************
103 What to do when smb.conf is updated.
104 ********************************************************************/
106 static NTSTATUS messaging_send_to_children(struct messaging_context *msg_ctx,
107 uint32_t msg_type, DATA_BLOB* data);
109 static void smbd_parent_conf_updated(struct messaging_context *msg,
112 struct server_id server_id,
117 DEBUG(10,("smbd_parent_conf_updated: Got message saying smb.conf was "
118 "updated. Reloading.\n"));
119 change_to_root_user();
120 reload_services(NULL, NULL, false);
122 ok = reinit_guest_session_info(NULL);
124 DBG_ERR("Failed to reinit guest info\n");
126 messaging_send_to_children(msg, MSG_SMB_CONF_UPDATED, NULL);
129 /****************************************************************************
130 Send a SIGTERM to our process group.
131 *****************************************************************************/
133 static void killkids(void)
135 if(am_parent) kill(0,SIGTERM);
138 static void msg_exit_server(struct messaging_context *msg,
141 struct server_id server_id,
144 DEBUG(3, ("got a SHUTDOWN message\n"));
145 exit_server_cleanly(NULL);
149 static void msg_inject_fault(struct messaging_context *msg,
152 struct server_id src,
156 struct server_id_buf tmp;
158 if (data->length != sizeof(sig)) {
159 DEBUG(0, ("Process %s sent bogus signal injection request\n",
160 server_id_str_buf(src, &tmp)));
164 sig = *(int *)data->data;
166 exit_server("internal error injected");
170 #ifdef HAVE_STRSIGNAL
171 DEBUG(0, ("Process %s requested injection of signal %d (%s)\n",
172 server_id_str_buf(src, &tmp), sig, strsignal(sig)));
174 DEBUG(0, ("Process %s requested injection of signal %d\n",
175 server_id_str_buf(src, &tmp), sig));
180 #endif /* DEVELOPER */
182 #if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
184 * Sleep for the specified number of seconds.
186 static void msg_sleep(struct messaging_context *msg,
189 struct server_id src,
192 unsigned int seconds;
193 struct server_id_buf tmp;
195 if (data->length != sizeof(seconds)) {
196 DBG_ERR("Process %s sent bogus sleep request\n",
197 server_id_str_buf(src, &tmp));
201 seconds = *(unsigned int *)data->data;
202 DBG_ERR("Process %s request a sleep of %u seconds\n",
203 server_id_str_buf(src, &tmp),
206 DBG_ERR("Restarting after %u second sleep requested by process %s\n",
208 server_id_str_buf(src, &tmp));
210 #endif /* DEVELOPER */
212 static NTSTATUS messaging_send_to_children(struct messaging_context *msg_ctx,
213 uint32_t msg_type, DATA_BLOB* data)
216 struct smbd_parent_context *parent = am_parent;
217 struct smbd_child_pid *child;
219 if (parent == NULL) {
220 return NT_STATUS_INTERNAL_ERROR;
223 for (child = parent->children; child != NULL; child = child->next) {
224 status = messaging_send(parent->msg_ctx,
225 pid_to_procid(child->pid),
227 if (!NT_STATUS_IS_OK(status)) {
228 DBG_DEBUG("messaging_send(%d) failed: %s\n",
229 (int)child->pid, nt_errstr(status));
235 static void smb_parent_send_to_children(struct messaging_context *ctx,
238 struct server_id srv_id,
241 messaging_send_to_children(ctx, msg_type, msg_data);
245 * Parent smbd process sets its own debug level first and then
246 * sends a message to all the smbd children to adjust their debug
247 * level to that of the parent.
250 static void smbd_msg_debug(struct messaging_context *msg_ctx,
253 struct server_id server_id,
256 debug_message(msg_ctx, private_data, MSG_DEBUG, server_id, data);
258 messaging_send_to_children(msg_ctx, MSG_DEBUG, data);
261 static void smbd_parent_id_cache_kill(struct messaging_context *msg_ctx,
264 struct server_id server_id,
267 const char *msg = (data && data->data)
268 ? (const char *)data->data : "<NULL>";
269 struct id_cache_ref id;
271 if (!id_cache_ref_parse(msg, &id)) {
272 DEBUG(0, ("Invalid ?ID: %s\n", msg));
276 id_cache_delete_from_cache(&id);
278 messaging_send_to_children(msg_ctx, msg_type, data);
281 static void smbd_parent_id_cache_delete(struct messaging_context *ctx,
284 struct server_id srv_id,
287 id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
289 messaging_send_to_children(ctx, msg_type, msg_data);
292 static void add_child_pid(struct smbd_parent_context *parent,
295 struct smbd_child_pid *child;
297 child = talloc_zero(parent, struct smbd_child_pid);
299 DEBUG(0, ("Could not add child struct -- malloc failed\n"));
303 DLIST_ADD(parent->children, child);
304 parent->num_children += 1;
307 static void smb_tell_num_children(struct messaging_context *ctx, void *data,
308 uint32_t msg_type, struct server_id srv_id,
311 uint8_t buf[sizeof(uint32_t)];
314 SIVAL(buf, 0, am_parent->num_children);
315 messaging_send_buf(ctx, srv_id, MSG_SMB_NUM_CHILDREN,
320 static void notifyd_stopped(struct tevent_req *req);
322 static struct tevent_req *notifyd_req(struct messaging_context *msg_ctx,
323 struct tevent_context *ev)
325 struct tevent_req *req;
326 sys_notify_watch_fn sys_notify_watch = NULL;
327 struct sys_notify_context *sys_notify_ctx = NULL;
328 struct ctdbd_connection *ctdbd_conn = NULL;
330 if (lp_kernel_change_notify()) {
333 if (lp_parm_bool(-1, "notify", "inotify", true)) {
334 sys_notify_watch = inotify_watch;
339 if (lp_parm_bool(-1, "notify", "fam",
340 (sys_notify_watch == NULL))) {
341 sys_notify_watch = fam_watch;
346 if (sys_notify_watch != NULL) {
347 sys_notify_ctx = sys_notify_context_create(msg_ctx, ev);
348 if (sys_notify_ctx == NULL) {
353 if (lp_clustering()) {
354 ctdbd_conn = messaging_ctdb_connection();
357 req = notifyd_send(msg_ctx, ev, msg_ctx, ctdbd_conn,
358 sys_notify_watch, sys_notify_ctx);
360 TALLOC_FREE(sys_notify_ctx);
363 tevent_req_set_callback(req, notifyd_stopped, msg_ctx);
368 static void notifyd_stopped(struct tevent_req *req)
372 ret = notifyd_recv(req);
374 DEBUG(1, ("notifyd stopped: %s\n", strerror(ret)));
377 static void notifyd_sig_hup_handler(struct tevent_context *ev,
378 struct tevent_signal *se,
384 DBG_NOTICE("notifyd: Reloading services after SIGHUP\n");
385 reload_services(NULL, NULL, false);
389 static bool smbd_notifyd_init(struct messaging_context *msg, bool interactive,
390 struct server_id *ppid)
392 struct tevent_context *ev = messaging_tevent_context(msg);
393 struct tevent_req *req;
394 struct tevent_signal *se = NULL;
400 req = notifyd_req(msg, ev);
401 return (req != NULL);
406 DEBUG(1, ("%s: fork failed: %s\n", __func__,
412 if (am_parent != NULL) {
413 add_child_pid(am_parent, pid);
415 *ppid = pid_to_procid(pid);
419 status = smbd_reinit_after_fork(msg, ev, true);
420 if (!NT_STATUS_IS_OK(status)) {
421 DEBUG(1, ("%s: reinit_after_fork failed: %s\n",
422 __func__, nt_errstr(status)));
426 process_set_title("smbd-notifyd", "notifyd");
430 /* Set up sighup handler for notifyd */
431 se = tevent_add_signal(ev,
434 notifyd_sig_hup_handler,
437 DEBUG(0, ("failed to setup notifyd SIGHUP handler\n"));
441 req = notifyd_req(msg, ev);
445 tevent_req_set_callback(req, notifyd_stopped, msg);
447 /* Block those signals that we are not handling */
448 BlockSignals(True, SIGUSR1);
450 messaging_send(msg, pid_to_procid(getppid()), MSG_SMB_NOTIFY_STARTED,
453 ok = tevent_req_poll(req, ev);
455 DBG_WARNING("tevent_req_poll returned %s\n", strerror(errno));
461 static void notifyd_init_trigger(struct tevent_req *req);
463 struct notifyd_init_state {
465 struct tevent_context *ev;
466 struct messaging_context *msg;
467 struct server_id *ppid;
470 static struct tevent_req *notifyd_init_send(struct tevent_context *ev,
472 struct messaging_context *msg,
473 struct server_id *ppid)
475 struct tevent_req *req = NULL;
476 struct tevent_req *subreq = NULL;
477 struct notifyd_init_state *state = NULL;
479 req = tevent_req_create(mem_ctx, &state, struct notifyd_init_state);
484 *state = (struct notifyd_init_state) {
490 subreq = tevent_wakeup_send(state, ev, tevent_timeval_current_ofs(1, 0));
491 if (tevent_req_nomem(subreq, req)) {
492 return tevent_req_post(req, ev);
495 tevent_req_set_callback(subreq, notifyd_init_trigger, req);
499 static void notifyd_init_trigger(struct tevent_req *subreq)
501 struct tevent_req *req = tevent_req_callback_data(
502 subreq, struct tevent_req);
503 struct notifyd_init_state *state = tevent_req_data(
504 req, struct notifyd_init_state);
507 DBG_NOTICE("Triggering notifyd startup\n");
509 ok = tevent_wakeup_recv(subreq);
512 tevent_req_error(req, ENOMEM);
516 state->ok = smbd_notifyd_init(state->msg, false, state->ppid);
518 DBG_WARNING("notifyd restarted\n");
519 tevent_req_done(req);
523 DBG_NOTICE("notifyd startup failed, rescheduling\n");
525 subreq = tevent_wakeup_send(state, state->ev,
526 tevent_timeval_current_ofs(1, 0));
527 if (tevent_req_nomem(subreq, req)) {
528 DBG_ERR("scheduling notifyd restart failed, giving up\n");
532 tevent_req_set_callback(subreq, notifyd_init_trigger, req);
536 static bool notifyd_init_recv(struct tevent_req *req)
538 struct notifyd_init_state *state = tevent_req_data(
539 req, struct notifyd_init_state);
544 static void notifyd_started(struct tevent_req *req)
548 ok = notifyd_init_recv(req);
551 DBG_ERR("Failed to restart notifyd, giving up\n");
556 static void cleanupd_sig_hup_handler(struct tevent_context *ev,
557 struct tevent_signal *se,
563 DBG_NOTICE("cleanupd: Reloading services after SIGHUP\n");
567 static void cleanupd_stopped(struct tevent_req *req);
569 static bool cleanupd_init(struct messaging_context *msg, bool interactive,
570 struct server_id *ppid)
572 struct tevent_context *ev = messaging_tevent_context(msg);
573 struct server_id parent_id = messaging_server_id(msg);
574 struct tevent_signal *se = NULL;
575 struct tevent_req *req;
585 req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
586 *ppid = messaging_server_id(msg);
587 return (req != NULL);
592 DBG_WARNING("pipe failed: %s\n", strerror(errno));
598 DBG_WARNING("fork failed: %s\n", strerror(errno));
607 rwret = sys_read(up_pipe[0], &c, 1);
611 DBG_WARNING("sys_read failed: %s\n", strerror(errno));
615 DBG_WARNING("cleanupd could not start\n");
619 DBG_WARNING("cleanupd returned %d\n", (int)c);
623 DBG_DEBUG("Started cleanupd pid=%d\n", (int)pid);
625 if (am_parent != NULL) {
626 add_child_pid(am_parent, pid);
629 *ppid = pid_to_procid(pid);
635 status = smbd_reinit_after_fork(msg, ev, true);
636 if (!NT_STATUS_IS_OK(status)) {
637 DBG_WARNING("reinit_after_fork failed: %s\n",
640 sys_write(up_pipe[1], &c, 1);
645 process_set_title("smbd-cleanupd", "cleanupd");
647 se = tevent_add_signal(ev,
651 cleanupd_sig_hup_handler,
654 DBG_ERR("Could not add SIGHUP handler\n");
658 req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
660 DBG_WARNING("smbd_cleanupd_send failed\n");
662 sys_write(up_pipe[1], &c, 1);
667 tevent_req_set_callback(req, cleanupd_stopped, msg);
670 rwret = sys_write(up_pipe[1], &c, 1);
674 DBG_WARNING("sys_write failed: %s\n", strerror(errno));
678 DBG_WARNING("sys_write could not write result\n");
682 ok = tevent_req_poll(req, ev);
684 DBG_WARNING("tevent_req_poll returned %s\n", strerror(errno));
689 static void cleanupd_stopped(struct tevent_req *req)
693 status = smbd_cleanupd_recv(req);
694 DBG_WARNING("cleanupd stopped: %s\n", nt_errstr(status));
697 static void cleanupd_init_trigger(struct tevent_req *req);
699 struct cleanup_init_state {
701 struct tevent_context *ev;
702 struct messaging_context *msg;
703 struct server_id *ppid;
706 static struct tevent_req *cleanupd_init_send(struct tevent_context *ev,
708 struct messaging_context *msg,
709 struct server_id *ppid)
711 struct tevent_req *req = NULL;
712 struct tevent_req *subreq = NULL;
713 struct cleanup_init_state *state = NULL;
715 req = tevent_req_create(mem_ctx, &state, struct cleanup_init_state);
720 *state = (struct cleanup_init_state) {
726 subreq = tevent_wakeup_send(state, ev, tevent_timeval_current_ofs(0, 0));
727 if (tevent_req_nomem(subreq, req)) {
728 return tevent_req_post(req, ev);
731 tevent_req_set_callback(subreq, cleanupd_init_trigger, req);
735 static void cleanupd_init_trigger(struct tevent_req *subreq)
737 struct tevent_req *req = tevent_req_callback_data(
738 subreq, struct tevent_req);
739 struct cleanup_init_state *state = tevent_req_data(
740 req, struct cleanup_init_state);
743 DBG_NOTICE("Triggering cleanupd startup\n");
745 ok = tevent_wakeup_recv(subreq);
748 tevent_req_error(req, ENOMEM);
752 state->ok = cleanupd_init(state->msg, false, state->ppid);
754 DBG_WARNING("cleanupd restarted\n");
755 tevent_req_done(req);
759 DBG_NOTICE("cleanupd startup failed, rescheduling\n");
761 subreq = tevent_wakeup_send(state, state->ev,
762 tevent_timeval_current_ofs(1, 0));
763 if (tevent_req_nomem(subreq, req)) {
764 DBG_ERR("scheduling cleanupd restart failed, giving up\n");
768 tevent_req_set_callback(subreq, cleanupd_init_trigger, req);
772 static bool cleanupd_init_recv(struct tevent_req *req)
774 struct cleanup_init_state *state = tevent_req_data(
775 req, struct cleanup_init_state);
780 static void cleanupd_started(struct tevent_req *req)
784 struct smbd_parent_context *parent = tevent_req_callback_data(
785 req, struct smbd_parent_context);
787 ok = cleanupd_init_recv(req);
790 DBG_ERR("Failed to restart cleanupd, giving up\n");
794 status = messaging_send(parent->msg_ctx,
796 MSG_SMB_NOTIFY_CLEANUP,
798 if (!NT_STATUS_IS_OK(status)) {
799 DBG_ERR("messaging_send returned %s\n",
804 static void remove_child_pid(struct smbd_parent_context *parent,
806 bool unclean_shutdown)
808 struct smbd_child_pid *child;
812 for (child = parent->children; child != NULL; child = child->next) {
813 if (child->pid == pid) {
814 struct smbd_child_pid *tmp = child;
815 DLIST_REMOVE(parent->children, child);
817 parent->num_children -= 1;
823 /* not all forked child processes are added to the children list */
824 DEBUG(2, ("Could not find child %d -- ignoring\n", (int)pid));
828 if (pid == procid_to_pid(&parent->cleanupd)) {
829 struct tevent_req *req;
831 server_id_set_disconnected(&parent->cleanupd);
833 DBG_WARNING("Restarting cleanupd\n");
834 req = cleanupd_init_send(messaging_tevent_context(parent->msg_ctx),
839 DBG_ERR("Failed to restart cleanupd\n");
842 tevent_req_set_callback(req, cleanupd_started, parent);
846 if (pid == procid_to_pid(&parent->notifyd)) {
847 struct tevent_req *req;
848 struct tevent_context *ev = messaging_tevent_context(
851 server_id_set_disconnected(&parent->notifyd);
853 DBG_WARNING("Restarting notifyd\n");
854 req = notifyd_init_send(ev,
859 DBG_ERR("Failed to restart notifyd\n");
862 tevent_req_set_callback(req, notifyd_started, parent);
866 ok = cleanupdb_store_child(pid, unclean_shutdown);
868 DBG_ERR("cleanupdb_store_child failed\n");
872 if (!server_id_is_disconnected(&parent->cleanupd)) {
873 status = messaging_send(parent->msg_ctx,
875 MSG_SMB_NOTIFY_CLEANUP,
877 if (!NT_STATUS_IS_OK(status)) {
878 DBG_ERR("messaging_send returned %s\n",
884 /****************************************************************************
885 Have we reached the process limit ?
886 ****************************************************************************/
888 static bool allowable_number_of_smbd_processes(struct smbd_parent_context *parent)
890 int max_processes = lp_max_smbd_processes();
895 return parent->num_children < max_processes;
898 static void smbd_sig_chld_handler(struct tevent_context *ev,
899 struct tevent_signal *se,
907 struct smbd_parent_context *parent =
908 talloc_get_type_abort(private_data,
909 struct smbd_parent_context);
911 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
912 bool unclean_shutdown = False;
914 /* If the child terminated normally, assume
915 it was an unclean shutdown unless the
918 if (WIFEXITED(status)) {
919 unclean_shutdown = WEXITSTATUS(status);
921 /* If the child terminated due to a signal
922 we always assume it was unclean.
924 if (WIFSIGNALED(status)) {
925 unclean_shutdown = True;
927 remove_child_pid(parent, pid, unclean_shutdown);
931 static void smbd_setup_sig_chld_handler(struct smbd_parent_context *parent)
933 struct tevent_signal *se;
935 se = tevent_add_signal(parent->ev_ctx,
936 parent, /* mem_ctx */
938 smbd_sig_chld_handler,
941 exit_server("failed to setup SIGCHLD handler");
945 static void smbd_open_socket_close_fn(struct tevent_context *ev,
946 struct tevent_fd *fde,
950 /* this might be the socket_wrapper swrap_close() */
954 static void smbd_accept_connection(struct tevent_context *ev,
955 struct tevent_fd *fde,
959 struct smbd_open_socket *s = talloc_get_type_abort(private_data,
960 struct smbd_open_socket);
961 struct messaging_context *msg_ctx = s->parent->msg_ctx;
962 struct sockaddr_storage addr;
963 socklen_t in_addrlen = sizeof(addr);
967 fd = accept(s->fd, (struct sockaddr *)(void *)&addr,&in_addrlen);
968 if (fd == -1 && errno == EINTR)
972 DEBUG(0,("accept: %s\n",
976 smb_set_close_on_exec(fd);
978 if (s->parent->interactive) {
979 reinit_after_fork(msg_ctx, ev, true);
980 smbd_process(ev, msg_ctx, fd, true);
981 exit_server_cleanly("end of interactive mode");
985 if (!allowable_number_of_smbd_processes(s->parent)) {
992 char addrstr[INET6_ADDRSTRLEN];
993 NTSTATUS status = NT_STATUS_OK;
996 * Can't use TALLOC_FREE here. Nulling out the argument to it
997 * would overwrite memory we've just freed.
999 talloc_free(s->parent);
1002 /* Stop zombies, the parent explicitly handles
1003 * them, counting worker smbds. */
1006 status = smbd_reinit_after_fork(msg_ctx, ev, true);
1007 if (!NT_STATUS_IS_OK(status)) {
1008 if (NT_STATUS_EQUAL(status,
1009 NT_STATUS_TOO_MANY_OPENED_FILES)) {
1010 DEBUG(0,("child process cannot initialize "
1011 "because too many files are open\n"));
1014 if (lp_clustering() &&
1016 status, NT_STATUS_INTERNAL_DB_ERROR) ||
1018 status, NT_STATUS_CONNECTION_REFUSED))) {
1019 DEBUG(1, ("child process cannot initialize "
1020 "because connection to CTDB "
1022 nt_errstr(status)));
1026 DEBUG(0,("reinit_after_fork() failed\n"));
1027 smb_panic("reinit_after_fork() failed");
1030 print_sockaddr(addrstr, sizeof(addrstr), &addr);
1031 process_set_title("smbd[%s]", "client [%s]", addrstr);
1033 smbd_process(ev, msg_ctx, fd, false);
1035 exit_server_cleanly("end of child");
1040 DEBUG(0,("smbd_accept_connection: fork() failed: %s\n",
1044 /* The parent doesn't need this socket */
1047 /* Sun May 6 18:56:14 2001 ackley@cs.unm.edu:
1048 Clear the closed fd info out of server_fd --
1049 and more importantly, out of client_fd in
1050 util_sock.c, to avoid a possible
1051 getpeername failure if we reopen the logs
1052 and use %I in the filename.
1056 add_child_pid(s->parent, pid);
1059 /* Force parent to check log size after
1060 * spawning child. Fix from
1061 * klausr@ITAP.Physik.Uni-Stuttgart.De. The
1062 * parent smbd will log to logserver.smb. It
1063 * writes only two messages for each child
1064 * started/finished. But each child writes,
1065 * say, 50 messages also in logserver.smb,
1066 * beginning with the debug_count of the
1067 * parent, before the child opens its own log
1068 * file logserver.client. In a worst case
1069 * scenario the size of logserver.smb would be
1070 * checked after about 50*50=2500 messages
1073 force_check_log_size();
1076 static bool smbd_open_one_socket(struct smbd_parent_context *parent,
1077 struct tevent_context *ev_ctx,
1078 const struct sockaddr_storage *ifss,
1081 struct smbd_open_socket *s;
1083 s = talloc(parent, struct smbd_open_socket);
1090 s->fd = open_socket_in(SOCK_STREAM, ifss, port, true);
1093 DBG_ERR("open_socket_in failed: %s\n", strerror(err));
1096 * We ignore an error here, as we've done before
1101 /* ready to listen */
1102 set_socket_options(s->fd, "SO_KEEPALIVE");
1103 set_socket_options(s->fd, lp_socket_options());
1105 /* Set server socket to
1106 * non-blocking for the accept. */
1107 set_blocking(s->fd, False);
1109 if (listen(s->fd, SMBD_LISTEN_BACKLOG) == -1) {
1110 DEBUG(0,("smbd_open_one_socket: listen: "
1111 "%s\n", strerror(errno)));
1117 s->fde = tevent_add_fd(ev_ctx,
1119 s->fd, TEVENT_FD_READ,
1120 smbd_accept_connection,
1123 DEBUG(0,("smbd_open_one_socket: "
1124 "tevent_add_fd: %s\n",
1130 tevent_fd_set_close_fn(s->fde, smbd_open_socket_close_fn);
1132 DLIST_ADD_END(parent->sockets, s);
1137 /****************************************************************************
1138 Open the socket communication.
1139 ****************************************************************************/
1141 static bool open_sockets_smbd(struct smbd_parent_context *parent,
1142 struct tevent_context *ev_ctx,
1143 struct messaging_context *msg_ctx,
1144 const char *smb_ports)
1146 int num_interfaces = iface_count();
1149 unsigned dns_port = 0;
1156 smbd_setup_sig_chld_handler(parent);
1158 ports = lp_smb_ports();
1160 /* use a reasonable default set of ports - listing on 445 and 139 */
1163 l = str_list_make_v3(talloc_tos(), smb_ports, NULL);
1164 ports = discard_const_p(const char *, l);
1167 for (j = 0; ports && ports[j]; j++) {
1168 unsigned port = atoi(ports[j]);
1170 if (port == 0 || port > 0xffff) {
1171 exit_server_cleanly("Invalid port in the config or on "
1172 "the commandline specified!");
1176 if (lp_interfaces() && lp_bind_interfaces_only()) {
1177 /* We have been given an interfaces line, and been
1178 told to only bind to those interfaces. Create a
1179 socket per interface and bind to only these.
1182 /* Now open a listen socket for each of the
1184 for(i = 0; i < num_interfaces; i++) {
1185 const struct sockaddr_storage *ifss =
1186 iface_n_sockaddr_storage(i);
1188 DEBUG(0,("open_sockets_smbd: "
1189 "interface %d has NULL IP address !\n",
1194 for (j = 0; ports && ports[j]; j++) {
1195 unsigned port = atoi(ports[j]);
1197 /* Keep the first port for mDNS service
1200 if (dns_port == 0) {
1204 if (!smbd_open_one_socket(parent,
1213 /* Just bind to 0.0.0.0 - accept connections
1216 const char *sock_addr;
1218 const char *sock_ptr;
1221 sock_addr = "::,0.0.0.0";
1223 sock_addr = "0.0.0.0";
1226 for (sock_ptr=sock_addr;
1227 next_token_talloc(talloc_tos(), &sock_ptr, &sock_tok, " \t,"); ) {
1228 for (j = 0; ports && ports[j]; j++) {
1229 struct sockaddr_storage ss;
1230 unsigned port = atoi(ports[j]);
1232 /* Keep the first port for mDNS service
1235 if (dns_port == 0) {
1239 /* open an incoming socket */
1240 if (!interpret_string_addr(&ss, sock_tok,
1241 AI_NUMERICHOST|AI_PASSIVE)) {
1246 * If we fail to open any sockets
1247 * in this loop the parent-sockets == NULL
1248 * case below will prevent us from starting.
1251 (void)smbd_open_one_socket(parent,
1259 if (parent->sockets == NULL) {
1260 DEBUG(0,("open_sockets_smbd: No "
1261 "sockets available to bind to.\n"));
1265 /* Listen to messages */
1267 messaging_register(msg_ctx, NULL, MSG_SHUTDOWN, msg_exit_server);
1268 messaging_register(msg_ctx, ev_ctx, MSG_SMB_CONF_UPDATED,
1269 smbd_parent_conf_updated);
1270 messaging_register(msg_ctx, NULL, MSG_DEBUG, smbd_msg_debug);
1271 messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS,
1272 smb_parent_send_to_children);
1273 messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS_DENIED,
1274 smb_parent_send_to_children);
1275 messaging_register(msg_ctx, NULL, MSG_SMB_KILL_CLIENT_IP,
1276 smb_parent_send_to_children);
1277 messaging_register(msg_ctx, NULL, MSG_SMB_TELL_NUM_CHILDREN,
1278 smb_tell_num_children);
1280 messaging_register(msg_ctx, NULL,
1281 ID_CACHE_DELETE, smbd_parent_id_cache_delete);
1282 messaging_register(msg_ctx, NULL,
1283 ID_CACHE_KILL, smbd_parent_id_cache_kill);
1284 messaging_register(msg_ctx, NULL, MSG_SMB_NOTIFY_STARTED,
1285 smb_parent_send_to_children);
1287 if (lp_interfaces() && lp_bind_interfaces_only()) {
1288 messaging_register(msg_ctx,
1291 smb_parent_send_to_children);
1295 messaging_register(msg_ctx, NULL, MSG_SMB_INJECT_FAULT,
1299 #if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
1300 messaging_register(msg_ctx, NULL, MSG_SMB_SLEEP, msg_sleep);
1303 if (lp_multicast_dns_register() && (dns_port != 0)) {
1304 #ifdef WITH_DNSSD_SUPPORT
1305 smbd_setup_mdns_registration(ev_ctx,
1308 #ifdef WITH_AVAHI_SUPPORT
1311 avahi_conn = avahi_start_register(ev_ctx,
1314 if (avahi_conn == NULL) {
1315 DEBUG(10, ("avahi_start_register failed\n"));
1325 handle stdin becoming readable when we are in --foreground mode
1327 static void smbd_stdin_handler(struct tevent_context *ev,
1328 struct tevent_fd *fde,
1333 if (read(0, &c, 1) != 1) {
1334 /* we have reached EOF on stdin, which means the
1335 parent has exited. Shutdown the server */
1336 exit_server_cleanly("EOF on stdin");
1340 struct smbd_parent_tevent_trace_state {
1344 static void smbd_parent_tevent_trace_callback(enum tevent_trace_point point,
1347 struct smbd_parent_tevent_trace_state *state =
1348 (struct smbd_parent_tevent_trace_state *)private_data;
1351 case TEVENT_TRACE_BEFORE_WAIT:
1353 case TEVENT_TRACE_AFTER_WAIT:
1355 case TEVENT_TRACE_BEFORE_LOOP_ONCE:
1356 TALLOC_FREE(state->frame);
1357 state->frame = talloc_stackframe();
1359 case TEVENT_TRACE_AFTER_LOOP_ONCE:
1360 TALLOC_FREE(state->frame);
1367 static void smbd_parent_loop(struct tevent_context *ev_ctx,
1368 struct smbd_parent_context *parent)
1370 struct smbd_parent_tevent_trace_state trace_state = {
1375 tevent_set_trace_callback(ev_ctx, smbd_parent_tevent_trace_callback,
1378 /* now accept incoming connections - forking a new process
1379 for each incoming connection */
1380 DEBUG(2,("waiting for connections\n"));
1382 ret = tevent_loop_wait(ev_ctx);
1384 DEBUG(0, ("tevent_loop_wait failed: %d, %s, exiting\n",
1385 ret, strerror(errno)));
1388 TALLOC_FREE(trace_state.frame);
1390 /* NOTREACHED return True; */
1394 /****************************************************************************
1395 Initialise connect, service and file structs.
1396 ****************************************************************************/
1398 static bool init_structs(void )
1401 * Set the machine NETBIOS name if not already
1402 * set from the config file.
1405 if (!secrets_init())
1411 static void smbd_parent_sig_term_handler(struct tevent_context *ev,
1412 struct tevent_signal *se,
1418 exit_server_cleanly("termination signal");
1421 static void smbd_parent_sig_hup_handler(struct tevent_context *ev,
1422 struct tevent_signal *se,
1428 change_to_root_user();
1429 DEBUG(1,("parent: Reloading services after SIGHUP\n"));
1430 reload_services(NULL, NULL, false);
1433 struct smbd_claim_version_state {
1434 TALLOC_CTX *mem_ctx;
1438 static void smbd_claim_version_parser(struct server_id exclusive,
1440 const struct server_id *shared,
1441 const uint8_t *data,
1445 struct smbd_claim_version_state *state = private_data;
1448 state->version = NULL;
1451 if (data[datalen-1] != '\0') {
1452 DBG_WARNING("Invalid samba version\n");
1453 dump_data(DBGLVL_WARNING, data, datalen);
1454 state->version = NULL;
1457 state->version = talloc_strdup(state->mem_ctx, (const char *)data);
1460 static NTSTATUS smbd_claim_version(struct messaging_context *msg,
1461 const char *version)
1463 const char *name = "samba_version_string";
1464 const TDB_DATA key = string_term_tdb_data(name);
1465 struct smbd_claim_version_state state;
1466 struct g_lock_ctx *ctx;
1469 ctx = g_lock_ctx_init(msg, msg);
1471 DBG_WARNING("g_lock_ctx_init failed\n");
1472 return NT_STATUS_UNSUCCESSFUL;
1475 status = g_lock_lock(ctx,
1478 (struct timeval) { .tv_sec = 60 },
1481 if (!NT_STATUS_IS_OK(status)) {
1482 DBG_WARNING("g_lock_lock(G_LOCK_READ) failed: %s\n",
1488 state = (struct smbd_claim_version_state) { .mem_ctx = ctx };
1490 status = g_lock_dump(ctx, key, smbd_claim_version_parser, &state);
1491 if (!NT_STATUS_IS_OK(status) &&
1492 !NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
1493 DBG_ERR("Could not read samba_version_string\n");
1494 g_lock_unlock(ctx, key);
1499 if ((state.version != NULL) && (strcmp(version, state.version) == 0)) {
1501 * Leave the read lock for us around. Someone else already
1502 * set the version correctly
1505 return NT_STATUS_OK;
1508 status = g_lock_lock(ctx,
1511 (struct timeval) { .tv_sec = 60 },
1514 if (!NT_STATUS_IS_OK(status)) {
1515 DBG_WARNING("g_lock_lock(G_LOCK_WRITE) failed: %s\n",
1517 DBG_ERR("smbd %s already running, refusing to start "
1518 "version %s\n", state.version, version);
1520 return NT_STATUS_SXS_VERSION_CONFLICT;
1523 status = g_lock_write_data(
1524 ctx, key, (const uint8_t *)version, strlen(version)+1);
1525 if (!NT_STATUS_IS_OK(status)) {
1526 DBG_WARNING("g_lock_write_data failed: %s\n",
1532 status = g_lock_lock(ctx,
1535 (struct timeval) { .tv_sec = 60 },
1538 if (!NT_STATUS_IS_OK(status)) {
1539 DBG_WARNING("g_lock_lock(G_LOCK_READ) failed: %s\n",
1546 * Leave "ctx" dangling so that g_lock.tdb keeps opened.
1548 return NT_STATUS_OK;
1551 /****************************************************************************
1552 Open socket communication on given ip address
1553 ****************************************************************************/
1555 static bool smbd_open_socket_for_ip(struct smbd_parent_context *parent,
1556 struct tevent_context *ev_ctx,
1557 struct messaging_context *msg_ctx,
1558 const char *smb_ports,
1559 const struct sockaddr_storage *ifss)
1563 unsigned dns_port = 0;
1567 ports = lp_smb_ports();
1568 ctx = talloc_stackframe();
1570 /* use a reasonable default set of ports - listing on 445 and 139 */
1573 l = str_list_make_v3(ctx, smb_ports, NULL);
1574 ports = discard_const_p(const char *, l);
1577 for (j = 0; ports && ports[j]; j++) {
1578 unsigned port = atoi(ports[j]);
1580 /* Keep the first port for mDNS service
1583 if (dns_port == 0) {
1587 if (!smbd_open_one_socket(parent,
1601 struct smbd_addrchanged_state {
1602 struct addrchange_context *ctx;
1603 struct tevent_context *ev;
1604 struct messaging_context *msg_ctx;
1605 struct smbd_parent_context *parent;
1609 static void smbd_addr_changed(struct tevent_req *req);
1611 static void smbd_init_addrchange(TALLOC_CTX *mem_ctx,
1612 struct tevent_context *ev,
1613 struct messaging_context *msg_ctx,
1614 struct smbd_parent_context *parent,
1617 struct smbd_addrchanged_state *state;
1618 struct tevent_req *req;
1621 state = talloc(mem_ctx, struct smbd_addrchanged_state);
1622 if (state == NULL) {
1623 DBG_DEBUG("talloc failed\n");
1626 *state = (struct smbd_addrchanged_state) {
1633 status = addrchange_context_create(state, &state->ctx);
1634 if (!NT_STATUS_IS_OK(status)) {
1635 DBG_DEBUG("addrchange_context_create failed: %s\n",
1640 req = addrchange_send(state, ev, state->ctx);
1642 DBG_ERR("addrchange_send failed\n");
1646 tevent_req_set_callback(req, smbd_addr_changed, state);
1649 static void smbd_close_socket_for_ip(struct smbd_parent_context *parent,
1650 struct messaging_context *msg_ctx,
1651 struct sockaddr_storage *addr)
1653 struct smbd_open_socket *s = NULL;
1655 for (s = parent->sockets; s != NULL; s = s->next) {
1656 struct sockaddr_storage a;
1657 socklen_t addr_len = sizeof(a);
1659 if (getsockname(s->fd, (struct sockaddr *)&a, &addr_len) < 0) {
1660 DBG_NOTICE("smbd: Unable to get address - skip\n");
1663 if (sockaddr_equal((struct sockaddr *)&a,
1664 (struct sockaddr *)addr)) {
1665 char addrstr[INET6_ADDRSTRLEN];
1669 DLIST_REMOVE(parent->sockets, s);
1671 print_sockaddr(addrstr, sizeof(addrstr), addr);
1672 DBG_NOTICE("smbd: Closed listening socket for %s\n",
1675 blob = data_blob_const(addrstr, strlen(addrstr)+1);
1676 status = messaging_send(msg_ctx,
1677 messaging_server_id(msg_ctx),
1680 if (!NT_STATUS_IS_OK(status)) {
1682 "messaging_send failed: %s - ignoring\n",
1690 static void smbd_addr_changed(struct tevent_req *req)
1692 struct smbd_addrchanged_state *state = tevent_req_callback_data(
1693 req, struct smbd_addrchanged_state);
1694 enum addrchange_type type;
1695 struct sockaddr_storage addr;
1700 status = addrchange_recv(req, &type, &addr, &if_index);
1702 if (!NT_STATUS_IS_OK(status)) {
1703 DBG_DEBUG("addrchange_recv failed: %s, stop listening\n",
1709 match = interface_ifindex_exists_with_options(if_index,
1710 IFACE_DYNAMIC_OPTION);
1713 "smbd: No interface present for if_index %u "
1714 "with dynamic option\n",
1719 if (type == ADDRCHANGE_DEL) {
1720 char addrstr[INET6_ADDRSTRLEN];
1722 print_sockaddr(addrstr, sizeof(addrstr), &addr);
1724 DBG_NOTICE("smbd: kernel (AF_NETLINK) dropped ip %s "
1728 smbd_close_socket_for_ip(state->parent, state->msg_ctx, &addr);
1733 if (type == ADDRCHANGE_ADD) {
1734 char addrstr[INET6_ADDRSTRLEN];
1736 print_sockaddr(addrstr, sizeof(addrstr), &addr);
1738 DBG_NOTICE("smbd: kernel (AF_NETLINK) added ip %s "
1742 if (!smbd_open_socket_for_ip(state->parent,
1747 DBG_NOTICE("smbd: Unable to open socket on %s\n",
1752 req = addrchange_send(state, state->ev, state->ctx);
1754 DBG_ERR("addrchange_send failed\n");
1758 tevent_req_set_callback(req, smbd_addr_changed, state);
1761 /****************************************************************************
1763 ****************************************************************************/
1765 /* Declare prototype for build_options() to avoid having to run it through
1766 mkproto.h. Mixing $(builddir) and $(srcdir) source files in the current
1767 prototype generation system is too complicated. */
1769 extern void build_options(bool screen);
1771 int main(int argc,const char *argv[])
1773 /* shall I run as a daemon */
1774 struct samba_cmdline_daemon_cfg *cmdline_daemon_cfg = NULL;
1775 bool log_stdout = false;
1777 char *profile_level = NULL;
1780 struct server_id main_server_id = {0};
1781 struct poptOption long_options[] = {
1784 .longName = "build-options",
1786 .argInfo = POPT_ARG_NONE,
1789 .descrip = "Print build options" ,
1794 .argInfo = POPT_ARG_STRING,
1797 .descrip = "Listen on the specified ports",
1800 .longName = "profiling-level",
1802 .argInfo = POPT_ARG_STRING,
1803 .arg = &profile_level,
1805 .descrip = "Set profiling level","PROFILE_LEVEL",
1812 struct smbd_parent_context *parent = NULL;
1815 struct tevent_context *ev_ctx;
1816 struct messaging_context *msg_ctx;
1817 struct server_id server_id;
1818 struct tevent_signal *se;
1819 int profiling_level;
1820 char *np_dir = NULL;
1821 const struct loadparm_substitution *lp_sub =
1822 loadparm_s3_global_substitution();
1823 static const struct smbd_shim smbd_shim_fns =
1825 .change_to_root_user = smbd_change_to_root_user,
1826 .become_authenticated_pipe_user = smbd_become_authenticated_pipe_user,
1827 .unbecome_authenticated_pipe_user = smbd_unbecome_authenticated_pipe_user,
1829 .contend_level2_oplocks_begin = smbd_contend_level2_oplocks_begin,
1830 .contend_level2_oplocks_end = smbd_contend_level2_oplocks_end,
1832 .become_root = smbd_become_root,
1833 .unbecome_root = smbd_unbecome_root,
1835 .exit_server = smbd_exit_server,
1836 .exit_server_cleanly = smbd_exit_server_cleanly,
1840 setproctitle_init(argc, discard_const(argv), environ);
1843 * Do this before any other talloc operation
1845 talloc_enable_null_tracking();
1846 frame = talloc_stackframe();
1850 set_smbd_shim(&smbd_shim_fns);
1852 smbd_init_globals();
1856 #ifdef HAVE_SET_AUTH_PARAMETERS
1857 set_auth_parameters(argc,argv);
1860 ok = samba_cmdline_init(frame,
1861 SAMBA_CMDLINE_CONFIG_SERVER,
1862 true /* require_smbconf */);
1864 DBG_ERR("Failed to setup cmdline parser!\n");
1868 cmdline_daemon_cfg = samba_cmdline_get_daemon_cfg();
1870 pc = samba_popt_get_context(getprogname(),
1876 DBG_ERR("Failed to get popt context!\n");
1880 while((opt = poptGetNextOpt(pc)) != -1) {
1883 build_options(true); /* Display output to screen as well as debug */
1887 d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
1888 poptBadOption(pc, 0), poptStrerror(opt));
1889 poptPrintUsage(pc, stderr, 0);
1893 poptFreeContext(pc);
1895 log_stdout = (debug_get_log_type() == DEBUG_STDOUT);
1897 if (cmdline_daemon_cfg->interactive) {
1902 /* needed for SecureWare on SCO */
1906 set_remote_machine_name("smbd", False);
1908 if (cmdline_daemon_cfg->interactive && (DEBUGLEVEL >= 9)) {
1909 talloc_enable_leak_report();
1912 if (log_stdout && cmdline_daemon_cfg->fork) {
1913 DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
1918 * We want to die early if we can't open /dev/urandom
1920 generate_random_buffer(NULL, 0);
1922 /* get initial effective uid and gid */
1925 /* make absolutely sure we run as root - to handle cases where people
1926 are crazy enough to have it setuid */
1927 gain_root_privilege();
1928 gain_root_group_privilege();
1930 dump_core_setup("smbd", lp_logfile(talloc_tos(), lp_sub));
1932 /* we are never interested in SIGPIPE */
1933 BlockSignals(True,SIGPIPE);
1936 /* we are never interested in SIGFPE */
1937 BlockSignals(True,SIGFPE);
1940 #if defined(SIGUSR2)
1941 /* We are no longer interested in USR2 */
1942 BlockSignals(True,SIGUSR2);
1946 * POSIX demands that signals are inherited. If the invoking
1947 * process has these signals masked, we will have problems, as
1948 * we won't receive them.
1950 BlockSignals(False, SIGHUP);
1951 BlockSignals(False, SIGUSR1);
1952 BlockSignals(False, SIGTERM);
1954 /* Ensure we leave no zombies until we
1955 * correctly set up child handling below. */
1959 /* we want total control over the permissions on created files,
1960 so set our umask to 0 */
1965 DBG_STARTUP_NOTICE("smbd version %s started.\n%s\n",
1966 samba_version_string(),
1967 samba_copyright_string());
1969 DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
1970 (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
1972 /* Output the build options to the debug log */
1973 build_options(False);
1975 if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4) {
1976 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
1981 * This calls unshare(CLONE_FS); on linux
1982 * in order to check if the running kernel/container
1983 * environment supports it.
1985 per_thread_cwd_check();
1987 if (!cluster_probe_ok()) {
1991 /* Init the security context and global current_user */
1995 * Initialize the event context. The event context needs to be
1996 * initialized before the messaging context, cause the messaging
1997 * context holds an event context.
1999 ev_ctx = global_event_context();
2000 if (ev_ctx == NULL) {
2005 * Init the messaging context
2006 * FIXME: This should only call messaging_init()
2008 msg_ctx = global_messaging_context();
2009 if (msg_ctx == NULL) {
2014 * Reloading of the printers will not work here as we don't have a
2015 * server info and rpc services set up. It will be called later.
2017 if (!reload_services(NULL, NULL, false)) {
2021 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2022 if (!lp_parm_bool(-1, "server role check", "inhibit", false)) {
2023 DBG_ERR("server role = 'active directory domain controller' not compatible with running smbd standalone. \n");
2024 DEBUGADD(0, ("You should start 'samba' instead, and it will control starting smbd if required\n"));
2027 /* Main 'samba' daemon will notify */
2028 daemon_sd_notifications(false);
2031 /* ...NOTE... Log files are working from this point! */
2033 DEBUG(3,("loaded services\n"));
2037 if (!profile_setup(msg_ctx, False)) {
2038 DEBUG(0,("ERROR: failed to setup profiling\n"));
2042 if (profile_level != NULL) {
2043 profiling_level = atoi(profile_level);
2045 profiling_level = lp_smbd_profiling_level();
2047 main_server_id = messaging_server_id(msg_ctx);
2048 set_profile_level(profiling_level, &main_server_id);
2050 if (!cmdline_daemon_cfg->daemon && !is_a_socket(0)) {
2051 if (!cmdline_daemon_cfg->interactive) {
2052 DEBUG(3, ("Standard input is not a socket, "
2053 "assuming -D option\n"));
2057 * Setting "daemon" here prevents us from eventually calling
2058 * the open_sockets_inetd()
2061 cmdline_daemon_cfg->daemon = true;
2064 if (cmdline_daemon_cfg->daemon && !cmdline_daemon_cfg->interactive) {
2065 DEBUG(3, ("Becoming a daemon.\n"));
2066 become_daemon(cmdline_daemon_cfg->fork,
2067 cmdline_daemon_cfg->no_process_group,
2070 daemon_status("smbd", "Starting process ...");
2075 * If we're interactive we want to set our own process group for
2076 * signal management.
2078 if (cmdline_daemon_cfg->interactive &&
2079 !cmdline_daemon_cfg->no_process_group)
2081 setpgid( (pid_t)0, (pid_t)0);
2085 if (!directory_exist(lp_lock_directory()))
2086 mkdir(lp_lock_directory(), 0755);
2088 if (!directory_exist(lp_pid_directory()))
2089 mkdir(lp_pid_directory(), 0755);
2091 if (cmdline_daemon_cfg->daemon)
2092 pidfile_create(lp_pid_directory(), "smbd");
2094 status = reinit_after_fork(msg_ctx, ev_ctx, false);
2095 if (!NT_STATUS_IS_OK(status)) {
2096 exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status));
2099 if (!cmdline_daemon_cfg->interactive) {
2101 * Do not initialize the parent-child-pipe before becoming a
2102 * daemon: this is used to detect a died parent in the child
2105 status = init_before_fork();
2106 if (!NT_STATUS_IS_OK(status)) {
2107 exit_daemon(nt_errstr(status), map_errno_from_nt_status(status));
2111 parent = talloc_zero(ev_ctx, struct smbd_parent_context);
2113 exit_server("talloc(struct smbd_parent_context) failed");
2115 parent->interactive = cmdline_daemon_cfg->interactive;
2116 parent->ev_ctx = ev_ctx;
2117 parent->msg_ctx = msg_ctx;
2120 se = tevent_add_signal(parent->ev_ctx,
2123 smbd_parent_sig_term_handler,
2126 exit_server("failed to setup SIGTERM handler");
2128 se = tevent_add_signal(parent->ev_ctx,
2131 smbd_parent_sig_hup_handler,
2134 exit_server("failed to setup SIGHUP handler");
2137 /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
2139 if (smbd_memcache() == NULL) {
2140 exit_daemon("no memcache available", EACCES);
2143 memcache_set_global(smbd_memcache());
2145 /* Initialise the password backed before the global_sam_sid
2146 to ensure that we fetch from ldap before we make a domain sid up */
2148 if(!initialize_password_db(false, ev_ctx))
2151 if (!secrets_init()) {
2152 exit_daemon("smbd can not open secrets.tdb", EACCES);
2155 if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC || lp_server_role() == ROLE_IPA_DC) {
2156 struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_helpers());
2157 if (!open_schannel_session_store(NULL, lp_ctx)) {
2158 exit_daemon("ERROR: Samba cannot open schannel store for secured NETLOGON operations.", EACCES);
2160 TALLOC_FREE(lp_ctx);
2163 if(!get_global_sam_sid()) {
2164 exit_daemon("Samba cannot create a SAM SID", EACCES);
2167 server_id = messaging_server_id(msg_ctx);
2168 status = smbXsrv_version_global_init(&server_id);
2169 if (!NT_STATUS_IS_OK(status)) {
2170 exit_daemon("Samba cannot init server context", EACCES);
2173 status = smbXsrv_client_global_init();
2174 if (!NT_STATUS_IS_OK(status)) {
2175 exit_daemon("Samba cannot init clients context", EACCES);
2178 status = smbXsrv_session_global_init(msg_ctx);
2179 if (!NT_STATUS_IS_OK(status)) {
2180 exit_daemon("Samba cannot init session context", EACCES);
2183 status = smbXsrv_tcon_global_init();
2184 if (!NT_STATUS_IS_OK(status)) {
2185 exit_daemon("Samba cannot init tcon context", EACCES);
2188 if (!locking_init())
2189 exit_daemon("Samba cannot init locking", EACCES);
2191 if (!leases_db_init(false)) {
2192 exit_daemon("Samba cannot init leases", EACCES);
2195 if (!smbd_notifyd_init(
2197 cmdline_daemon_cfg->interactive,
2198 &parent->notifyd)) {
2199 exit_daemon("Samba cannot init notification", EACCES);
2204 cmdline_daemon_cfg->interactive,
2205 &parent->cleanupd)) {
2206 exit_daemon("Samba cannot init the cleanupd", EACCES);
2209 if (!messaging_parent_dgm_cleanup_init(msg_ctx)) {
2213 if (!smbd_scavenger_init(NULL, msg_ctx, ev_ctx)) {
2214 exit_daemon("Samba cannot init scavenging", EACCES);
2217 if (!W_ERROR_IS_OK(registry_init_full()))
2218 exit_daemon("Samba cannot init registry", EACCES);
2220 /* Open the share_info.tdb here, so we don't have to open
2221 after the fork on every single connection. This is a small
2222 performance improvement and reduces the total number of system
2224 status = share_info_db_init();
2225 if (!NT_STATUS_IS_OK(status)) {
2226 exit_daemon("ERROR: failed to load share info db.", EACCES);
2229 status = init_system_session_info(NULL);
2230 if (!NT_STATUS_IS_OK(status)) {
2231 DEBUG(1, ("ERROR: failed to setup system user info: %s.\n",
2232 nt_errstr(status)));
2236 if (!init_guest_session_info(NULL)) {
2237 DEBUG(0,("ERROR: failed to setup guest info.\n"));
2241 if (!file_init_global()) {
2242 DEBUG(0, ("ERROR: file_init_global() failed\n"));
2245 status = smbXsrv_open_global_init();
2246 if (!NT_STATUS_IS_OK(status)) {
2247 exit_daemon("Samba cannot init global open", map_errno_from_nt_status(status));
2250 if (lp_clustering() && !lp_allow_unsafe_cluster_upgrade()) {
2251 status = smbd_claim_version(msg_ctx, samba_version_string());
2252 if (!NT_STATUS_IS_OK(status)) {
2253 DBG_ERR("Could not claim version: %s\n",
2259 /* This MUST be done before start_epmd() because otherwise
2260 * start_epmd() forks and races against dcesrv_ep_setup() to
2261 * call directory_create_or_exist() */
2262 if (!directory_create_or_exist(lp_ncalrpc_dir(), 0755)) {
2263 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
2264 lp_ncalrpc_dir(), strerror(errno)));
2268 np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
2270 DEBUG(0, ("%s: Out of memory\n", __location__));
2274 if (!directory_create_or_exist_strict(np_dir, geteuid(), 0700)) {
2275 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
2276 np_dir, strerror(errno)));
2280 if (!cmdline_daemon_cfg->interactive) {
2281 daemon_ready("smbd");
2284 if (!cmdline_daemon_cfg->daemon) {
2290 /* Started from inetd. fd 0 is the socket. */
2291 /* We will abort gracefully when the client or remote system
2295 /* close stdin, stdout (if not logging to it), but not stderr */
2296 ret = close_low_fd(0);
2298 DBG_ERR("close_low_fd(0) failed: %s\n", strerror(ret));
2301 if (!debug_get_output_is_stdout()) {
2302 ret = close_low_fd(1);
2304 DBG_ERR("close_low_fd(1) failed: %s\n",
2315 smbd_setup_sig_chld_handler(parent);
2317 smbd_process(ev_ctx, msg_ctx, sock, true);
2319 exit_server_cleanly(NULL);
2323 if (lp_interfaces() && lp_bind_interfaces_only()) {
2324 smbd_init_addrchange(NULL, ev_ctx, msg_ctx, parent, ports);
2327 if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports))
2328 exit_server("open_sockets_smbd() failed");
2331 /* make sure we always have a valid stackframe */
2332 frame = talloc_stackframe();
2334 if (!cmdline_daemon_cfg->fork) {
2335 /* if we are running in the foreground then look for
2336 EOF on stdin, and exit if it happens. This allows
2337 us to die if the parent process dies
2338 Only do this on a pipe or socket, no other device.
2341 if (fstat(0, &st) != 0) {
2344 if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
2345 tevent_add_fd(ev_ctx,
2354 smbd_parent_loop(ev_ctx, parent);
2356 exit_server_cleanly(NULL);