2 Unix SMB/CIFS implementation.
3 Main SMB server routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Martin Pool 2002
6 Copyright (C) Jelmer Vernooij 2002-2003
7 Copyright (C) Volker Lendecke 1993-2007
8 Copyright (C) Jeremy Allison 1993-2007
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "system/filesys.h"
26 #include "popt_common.h"
27 #include "smbd/smbd.h"
28 #include "smbd/globals.h"
29 #include "registry/reg_init_full.h"
30 #include "libcli/auth/schannel.h"
32 #include "../lib/util/memcache.h"
33 #include "ctdbd_conn.h"
34 #include "util_cluster.h"
35 #include "printing/queue_process.h"
36 #include "rpc_server/rpc_service_setup.h"
37 #include "rpc_server/rpc_config.h"
42 #include "smbprofile.h"
43 #include "lib/id_cache.h"
44 #include "lib/param/param.h"
45 #include "lib/background.h"
46 #include "lib/conn_tdb.h"
47 #include "../lib/util/pidfile.h"
48 #include "lib/smbd_shim.h"
49 #include "scavenger.h"
50 #include "locking/leases_db.h"
51 #include "smbd/notifyd/notifyd.h"
52 #include "smbd/smbd_cleanupd.h"
53 #include "lib/util/sys_rw.h"
55 #ifdef CLUSTER_SUPPORT
56 #include "ctdb_protocol.h"
59 struct smbd_open_socket;
60 struct smbd_child_pid;
62 struct smbd_parent_context {
65 struct tevent_context *ev_ctx;
66 struct messaging_context *msg_ctx;
68 /* the list of listening sockets */
69 struct smbd_open_socket *sockets;
71 /* the list of current child processes */
72 struct smbd_child_pid *children;
75 struct server_id cleanupd;
76 struct server_id notifyd;
78 struct tevent_timer *cleanup_te;
81 struct smbd_open_socket {
82 struct smbd_open_socket *prev, *next;
83 struct smbd_parent_context *parent;
85 struct tevent_fd *fde;
88 struct smbd_child_pid {
89 struct smbd_child_pid *prev, *next;
93 extern void start_epmd(struct tevent_context *ev_ctx,
94 struct messaging_context *msg_ctx);
96 extern void start_lsasd(struct tevent_context *ev_ctx,
97 struct messaging_context *msg_ctx);
99 extern void start_fssd(struct tevent_context *ev_ctx,
100 struct messaging_context *msg_ctx);
102 extern void start_mdssd(struct tevent_context *ev_ctx,
103 struct messaging_context *msg_ctx);
105 /*******************************************************************
106 What to do when smb.conf is updated.
107 ********************************************************************/
109 static void smbd_parent_conf_updated(struct messaging_context *msg,
112 struct server_id server_id,
115 struct tevent_context *ev_ctx =
116 talloc_get_type_abort(private_data, struct tevent_context);
118 DEBUG(10,("smbd_parent_conf_updated: Got message saying smb.conf was "
119 "updated. Reloading.\n"));
120 change_to_root_user();
121 reload_services(NULL, NULL, false);
122 printing_subsystem_update(ev_ctx, msg, false);
125 /*******************************************************************
126 Delete a statcache entry.
127 ********************************************************************/
129 static void smb_stat_cache_delete(struct messaging_context *msg,
132 struct server_id server_id,
135 const char *name = (const char *)data->data;
136 DEBUG(10,("smb_stat_cache_delete: delete name %s\n", name));
137 stat_cache_delete(name);
140 /****************************************************************************
141 Send a SIGTERM to our process group.
142 *****************************************************************************/
144 static void killkids(void)
146 if(am_parent) kill(0,SIGTERM);
149 static void msg_exit_server(struct messaging_context *msg,
152 struct server_id server_id,
155 DEBUG(3, ("got a SHUTDOWN message\n"));
156 exit_server_cleanly(NULL);
160 static void msg_inject_fault(struct messaging_context *msg,
163 struct server_id src,
167 struct server_id_buf tmp;
169 if (data->length != sizeof(sig)) {
170 DEBUG(0, ("Process %s sent bogus signal injection request\n",
171 server_id_str_buf(src, &tmp)));
175 sig = *(int *)data->data;
177 exit_server("internal error injected");
182 DEBUG(0, ("Process %s requested injection of signal %d (%s)\n",
183 server_id_str_buf(src, &tmp), sig, strsignal(sig)));
185 DEBUG(0, ("Process %s requested injection of signal %d\n",
186 server_id_str_buf(src, &tmp), sig));
191 #endif /* DEVELOPER */
193 static NTSTATUS messaging_send_to_children(struct messaging_context *msg_ctx,
194 uint32_t msg_type, DATA_BLOB* data)
197 struct smbd_parent_context *parent = am_parent;
198 struct smbd_child_pid *child;
200 if (parent == NULL) {
201 return NT_STATUS_INTERNAL_ERROR;
204 for (child = parent->children; child != NULL; child = child->next) {
205 status = messaging_send(parent->msg_ctx,
206 pid_to_procid(child->pid),
208 if (!NT_STATUS_IS_OK(status)) {
209 DBG_DEBUG("messaging_send(%d) failed: %s\n",
210 (int)child->pid, nt_errstr(status));
216 static void smb_parent_send_to_children(struct messaging_context *ctx,
219 struct server_id srv_id,
222 messaging_send_to_children(ctx, msg_type, msg_data);
226 * Parent smbd process sets its own debug level first and then
227 * sends a message to all the smbd children to adjust their debug
228 * level to that of the parent.
231 static void smbd_msg_debug(struct messaging_context *msg_ctx,
234 struct server_id server_id,
237 debug_message(msg_ctx, private_data, MSG_DEBUG, server_id, data);
239 messaging_send_to_children(msg_ctx, MSG_DEBUG, data);
242 static void smbd_parent_id_cache_kill(struct messaging_context *msg_ctx,
245 struct server_id server_id,
248 const char *msg = (data && data->data)
249 ? (const char *)data->data : "<NULL>";
250 struct id_cache_ref id;
252 if (!id_cache_ref_parse(msg, &id)) {
253 DEBUG(0, ("Invalid ?ID: %s\n", msg));
257 id_cache_delete_from_cache(&id);
259 messaging_send_to_children(msg_ctx, msg_type, data);
262 static void smbd_parent_id_cache_delete(struct messaging_context *ctx,
265 struct server_id srv_id,
268 id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
270 messaging_send_to_children(ctx, msg_type, msg_data);
273 #ifdef CLUSTER_SUPPORT
274 static int smbd_parent_ctdb_reconfigured(
275 uint32_t src_vnn, uint32_t dst_vnn, uint64_t dst_srvid,
276 const uint8_t *msg, size_t msglen, void *private_data)
278 struct messaging_context *msg_ctx = talloc_get_type_abort(
279 private_data, struct messaging_context);
281 DEBUG(10, ("Got %s message\n", (dst_srvid == CTDB_SRVID_RECONFIGURE)
282 ? "cluster reconfigure" : "SAMBA_NOTIFY"));
285 * Someone from the family died, validate our locks
289 messaging_send_buf(msg_ctx, am_parent->cleanupd,
290 MSG_SMB_BRL_VALIDATE, NULL, 0);
297 static void add_child_pid(struct smbd_parent_context *parent,
300 struct smbd_child_pid *child;
302 child = talloc_zero(parent, struct smbd_child_pid);
304 DEBUG(0, ("Could not add child struct -- malloc failed\n"));
308 DLIST_ADD(parent->children, child);
309 parent->num_children += 1;
312 static void smb_tell_num_children(struct messaging_context *ctx, void *data,
313 uint32_t msg_type, struct server_id srv_id,
316 uint8_t buf[sizeof(uint32_t)];
319 SIVAL(buf, 0, am_parent->num_children);
320 messaging_send_buf(ctx, srv_id, MSG_SMB_NUM_CHILDREN,
325 static void notifyd_stopped(struct tevent_req *req);
327 static struct tevent_req *notifyd_req(struct messaging_context *msg_ctx,
328 struct tevent_context *ev)
330 struct tevent_req *req;
331 sys_notify_watch_fn sys_notify_watch = NULL;
332 struct sys_notify_context *sys_notify_ctx = NULL;
334 if (lp_kernel_change_notify()) {
337 if (lp_parm_bool(-1, "notify", "inotify", true)) {
338 sys_notify_watch = inotify_watch;
343 if (lp_parm_bool(-1, "notify", "fam",
344 (sys_notify_watch == NULL))) {
345 sys_notify_watch = fam_watch;
350 if (sys_notify_watch != NULL) {
351 sys_notify_ctx = sys_notify_context_create(msg_ctx, ev);
352 if (sys_notify_ctx == NULL) {
357 req = notifyd_send(msg_ctx, ev, msg_ctx,
358 messaging_ctdbd_connection(),
359 sys_notify_watch, sys_notify_ctx);
361 TALLOC_FREE(sys_notify_ctx);
364 tevent_req_set_callback(req, notifyd_stopped, msg_ctx);
369 static void notifyd_stopped(struct tevent_req *req)
373 ret = notifyd_recv(req);
375 DEBUG(1, ("notifyd stopped: %s\n", strerror(ret)));
378 static bool smbd_notifyd_init(struct messaging_context *msg, bool interactive,
379 struct server_id *ppid)
381 struct tevent_context *ev = messaging_tevent_context(msg);
382 struct tevent_req *req;
387 req = notifyd_req(msg, ev);
388 return (req != NULL);
393 DEBUG(1, ("%s: fork failed: %s\n", __func__,
399 if (am_parent != 0) {
400 add_child_pid(am_parent, pid);
402 *ppid = pid_to_procid(pid);
406 status = smbd_reinit_after_fork(msg, ev, true, "smbd-notifyd");
407 if (!NT_STATUS_IS_OK(status)) {
408 DEBUG(1, ("%s: reinit_after_fork failed: %s\n",
409 __func__, nt_errstr(status)));
413 req = notifyd_req(msg, ev);
417 tevent_req_set_callback(req, notifyd_stopped, msg);
419 messaging_send(msg, pid_to_procid(getppid()), MSG_SMB_NOTIFY_STARTED,
422 return tevent_req_poll(req, ev);
425 static void cleanupd_stopped(struct tevent_req *req);
427 static bool cleanupd_init(struct messaging_context *msg, bool interactive,
428 struct server_id *ppid)
430 struct tevent_context *ev = messaging_tevent_context(msg);
431 struct server_id parent_id = messaging_server_id(msg);
432 struct tevent_req *req;
442 req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
443 *ppid = messaging_server_id(msg);
444 return (req != NULL);
449 DBG_WARNING("pipe failed: %s\n", strerror(errno));
455 DBG_WARNING("fork failed: %s\n", strerror(errno));
464 rwret = sys_read(up_pipe[0], &c, 1);
468 DBG_WARNING("sys_read failed: %s\n", strerror(errno));
472 DBG_WARNING("cleanupd could not start\n");
476 DBG_WARNING("cleanupd returned %d\n", (int)c);
480 DBG_DEBUG("Started cleanupd pid=%d\n", (int)pid);
482 if (am_parent != NULL) {
483 add_child_pid(am_parent, pid);
486 *ppid = pid_to_procid(pid);
492 status = smbd_reinit_after_fork(msg, ev, true, "cleanupd");
493 if (!NT_STATUS_IS_OK(status)) {
494 DBG_WARNING("reinit_after_fork failed: %s\n",
497 sys_write(up_pipe[1], &c, 1);
502 req = smbd_cleanupd_send(msg, ev, msg, parent_id.pid);
504 DBG_WARNING("smbd_cleanupd_send failed\n");
506 sys_write(up_pipe[1], &c, 1);
511 tevent_req_set_callback(req, cleanupd_stopped, msg);
514 rwret = sys_write(up_pipe[1], &c, 1);
518 DBG_WARNING("sys_write failed: %s\n", strerror(errno));
522 DBG_WARNING("sys_write could not write result\n");
526 ok = tevent_req_poll(req, ev);
528 DBG_WARNING("tevent_req_poll returned %s\n", strerror(errno));
533 static void cleanupd_stopped(struct tevent_req *req)
537 status = smbd_cleanupd_recv(req);
538 DBG_WARNING("cleanupd stopped: %s\n", nt_errstr(status));
542 at most every smbd:cleanuptime seconds (default 20), we scan the BRL
543 and locking database for entries to cleanup. As a side effect this
544 also cleans up dead entries in the connections database (due to the
545 traversal in message_send_all()
547 Using a timer for this prevents a flood of traversals when a large
548 number of clients disconnect at the same time (perhaps due to a
552 static void cleanup_timeout_fn(struct tevent_context *event_ctx,
553 struct tevent_timer *te,
557 struct smbd_parent_context *parent =
558 talloc_get_type_abort(private_data,
559 struct smbd_parent_context);
561 parent->cleanup_te = NULL;
563 messaging_send_buf(parent->msg_ctx, parent->cleanupd,
564 MSG_SMB_UNLOCK, NULL, 0);
567 static void remove_child_pid(struct smbd_parent_context *parent,
569 bool unclean_shutdown)
571 struct smbd_child_pid *child;
575 for (child = parent->children; child != NULL; child = child->next) {
576 if (child->pid == pid) {
577 struct smbd_child_pid *tmp = child;
578 DLIST_REMOVE(parent->children, child);
580 parent->num_children -= 1;
586 /* not all forked child processes are added to the children list */
587 DEBUG(2, ("Could not find child %d -- ignoring\n", (int)pid));
591 if (pid == procid_to_pid(&parent->cleanupd)) {
594 DBG_WARNING("Restarting cleanupd\n");
595 ok = cleanupd_init(parent->msg_ctx, false, &parent->cleanupd);
597 DBG_ERR("Failed to restart cleanupd\n");
602 if (pid == procid_to_pid(&parent->notifyd)) {
605 DBG_WARNING("Restarting notifyd\n");
606 ok = smbd_notifyd_init(parent->msg_ctx, false,
609 DBG_ERR("Failed to restart notifyd\n");
614 iov[0] = (struct iovec) { .iov_base = (uint8_t *)&pid,
615 .iov_len = sizeof(pid) };
616 iov[1] = (struct iovec) { .iov_base = (uint8_t *)&unclean_shutdown,
617 .iov_len = sizeof(bool) };
619 status = messaging_send_iov(parent->msg_ctx, parent->cleanupd,
620 MSG_SMB_NOTIFY_CLEANUP,
621 iov, ARRAY_SIZE(iov), NULL, 0);
622 DEBUG(10, ("messaging_send_iov returned %s\n", nt_errstr(status)));
624 if (unclean_shutdown) {
625 /* a child terminated uncleanly so tickle all
626 processes to see if they can grab any of the
629 DEBUG(3,(__location__ " Unclean shutdown of pid %u\n",
631 if (parent->cleanup_te == NULL) {
632 /* call the cleanup timer, but not too often */
633 int cleanup_time = lp_parm_int(-1, "smbd", "cleanuptime", 20);
634 parent->cleanup_te = tevent_add_timer(parent->ev_ctx,
636 timeval_current_ofs(cleanup_time, 0),
639 DEBUG(1,("Scheduled cleanup of brl and lock database after unclean shutdown\n"));
644 /****************************************************************************
645 Have we reached the process limit ?
646 ****************************************************************************/
648 static bool allowable_number_of_smbd_processes(struct smbd_parent_context *parent)
650 int max_processes = lp_max_smbd_processes();
655 return parent->num_children < max_processes;
658 static void smbd_sig_chld_handler(struct tevent_context *ev,
659 struct tevent_signal *se,
667 struct smbd_parent_context *parent =
668 talloc_get_type_abort(private_data,
669 struct smbd_parent_context);
671 while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
672 bool unclean_shutdown = False;
674 /* If the child terminated normally, assume
675 it was an unclean shutdown unless the
678 if (WIFEXITED(status)) {
679 unclean_shutdown = WEXITSTATUS(status);
681 /* If the child terminated due to a signal
682 we always assume it was unclean.
684 if (WIFSIGNALED(status)) {
685 unclean_shutdown = True;
687 remove_child_pid(parent, pid, unclean_shutdown);
691 static void smbd_setup_sig_chld_handler(struct smbd_parent_context *parent)
693 struct tevent_signal *se;
695 se = tevent_add_signal(parent->ev_ctx,
696 parent, /* mem_ctx */
698 smbd_sig_chld_handler,
701 exit_server("failed to setup SIGCHLD handler");
705 static void smbd_open_socket_close_fn(struct tevent_context *ev,
706 struct tevent_fd *fde,
710 /* this might be the socket_wrapper swrap_close() */
714 static void smbd_accept_connection(struct tevent_context *ev,
715 struct tevent_fd *fde,
719 struct smbd_open_socket *s = talloc_get_type_abort(private_data,
720 struct smbd_open_socket);
721 struct messaging_context *msg_ctx = s->parent->msg_ctx;
722 struct sockaddr_storage addr;
723 socklen_t in_addrlen = sizeof(addr);
727 fd = accept(s->fd, (struct sockaddr *)(void *)&addr,&in_addrlen);
728 if (fd == -1 && errno == EINTR)
732 DEBUG(0,("accept: %s\n",
737 if (s->parent->interactive) {
738 reinit_after_fork(msg_ctx, ev, true, NULL);
739 smbd_process(ev, msg_ctx, fd, true);
740 exit_server_cleanly("end of interactive mode");
744 if (!allowable_number_of_smbd_processes(s->parent)) {
751 NTSTATUS status = NT_STATUS_OK;
754 * Can't use TALLOC_FREE here. Nulling out the argument to it
755 * would overwrite memory we've just freed.
757 talloc_free(s->parent);
760 /* Stop zombies, the parent explicitly handles
761 * them, counting worker smbds. */
764 status = smbd_reinit_after_fork(msg_ctx, ev, true, NULL);
765 if (!NT_STATUS_IS_OK(status)) {
766 if (NT_STATUS_EQUAL(status,
767 NT_STATUS_TOO_MANY_OPENED_FILES)) {
768 DEBUG(0,("child process cannot initialize "
769 "because too many files are open\n"));
772 if (lp_clustering() &&
774 status, NT_STATUS_INTERNAL_DB_ERROR) ||
776 status, NT_STATUS_CONNECTION_REFUSED))) {
777 DEBUG(1, ("child process cannot initialize "
778 "because connection to CTDB "
784 DEBUG(0,("reinit_after_fork() failed\n"));
785 smb_panic("reinit_after_fork() failed");
788 smbd_process(ev, msg_ctx, fd, false);
790 exit_server_cleanly("end of child");
795 DEBUG(0,("smbd_accept_connection: fork() failed: %s\n",
799 /* The parent doesn't need this socket */
802 /* Sun May 6 18:56:14 2001 ackley@cs.unm.edu:
803 Clear the closed fd info out of server_fd --
804 and more importantly, out of client_fd in
805 util_sock.c, to avoid a possible
806 getpeername failure if we reopen the logs
807 and use %I in the filename.
811 add_child_pid(s->parent, pid);
814 /* Force parent to check log size after
815 * spawning child. Fix from
816 * klausr@ITAP.Physik.Uni-Stuttgart.De. The
817 * parent smbd will log to logserver.smb. It
818 * writes only two messages for each child
819 * started/finished. But each child writes,
820 * say, 50 messages also in logserver.smb,
821 * begining with the debug_count of the
822 * parent, before the child opens its own log
823 * file logserver.client. In a worst case
824 * scenario the size of logserver.smb would be
825 * checked after about 50*50=2500 messages
828 force_check_log_size();
831 static bool smbd_open_one_socket(struct smbd_parent_context *parent,
832 struct tevent_context *ev_ctx,
833 const struct sockaddr_storage *ifss,
836 struct smbd_open_socket *s;
838 s = talloc(parent, struct smbd_open_socket);
844 s->fd = open_socket_in(SOCK_STREAM,
846 parent->sockets == NULL ? 0 : 2,
850 DEBUG(0,("smbd_open_one_socket: open_socket_in: "
851 "%s\n", strerror(errno)));
854 * We ignore an error here, as we've done before
859 /* ready to listen */
860 set_socket_options(s->fd, "SO_KEEPALIVE");
861 set_socket_options(s->fd, lp_socket_options());
863 /* Set server socket to
864 * non-blocking for the accept. */
865 set_blocking(s->fd, False);
867 if (listen(s->fd, SMBD_LISTEN_BACKLOG) == -1) {
868 DEBUG(0,("smbd_open_one_socket: listen: "
869 "%s\n", strerror(errno)));
875 s->fde = tevent_add_fd(ev_ctx,
877 s->fd, TEVENT_FD_READ,
878 smbd_accept_connection,
881 DEBUG(0,("smbd_open_one_socket: "
882 "tevent_add_fd: %s\n",
888 tevent_fd_set_close_fn(s->fde, smbd_open_socket_close_fn);
890 DLIST_ADD_END(parent->sockets, s);
895 /****************************************************************************
896 Open the socket communication.
897 ****************************************************************************/
899 static bool open_sockets_smbd(struct smbd_parent_context *parent,
900 struct tevent_context *ev_ctx,
901 struct messaging_context *msg_ctx,
902 const char *smb_ports)
904 int num_interfaces = iface_count();
907 unsigned dns_port = 0;
914 smbd_setup_sig_chld_handler(parent);
916 ports = lp_smb_ports();
918 /* use a reasonable default set of ports - listing on 445 and 139 */
921 l = str_list_make_v3(talloc_tos(), smb_ports, NULL);
922 ports = discard_const_p(const char *, l);
925 for (j = 0; ports && ports[j]; j++) {
926 unsigned port = atoi(ports[j]);
928 if (port == 0 || port > 0xffff) {
929 exit_server_cleanly("Invalid port in the config or on "
930 "the commandline specified!");
934 if (lp_interfaces() && lp_bind_interfaces_only()) {
935 /* We have been given an interfaces line, and been
936 told to only bind to those interfaces. Create a
937 socket per interface and bind to only these.
940 /* Now open a listen socket for each of the
942 for(i = 0; i < num_interfaces; i++) {
943 const struct sockaddr_storage *ifss =
944 iface_n_sockaddr_storage(i);
946 DEBUG(0,("open_sockets_smbd: "
947 "interface %d has NULL IP address !\n",
952 for (j = 0; ports && ports[j]; j++) {
953 unsigned port = atoi(ports[j]);
955 /* Keep the first port for mDNS service
962 if (!smbd_open_one_socket(parent,
971 /* Just bind to 0.0.0.0 - accept connections
974 const char *sock_addr;
976 const char *sock_ptr;
979 sock_addr = "::,0.0.0.0";
981 sock_addr = "0.0.0.0";
984 for (sock_ptr=sock_addr;
985 next_token_talloc(talloc_tos(), &sock_ptr, &sock_tok, " \t,"); ) {
986 for (j = 0; ports && ports[j]; j++) {
987 struct sockaddr_storage ss;
988 unsigned port = atoi(ports[j]);
990 /* Keep the first port for mDNS service
997 /* open an incoming socket */
998 if (!interpret_string_addr(&ss, sock_tok,
999 AI_NUMERICHOST|AI_PASSIVE)) {
1004 * If we fail to open any sockets
1005 * in this loop the parent-sockets == NULL
1006 * case below will prevent us from starting.
1009 (void)smbd_open_one_socket(parent,
1017 if (parent->sockets == NULL) {
1018 DEBUG(0,("open_sockets_smbd: No "
1019 "sockets available to bind to.\n"));
1023 /* Setup the main smbd so that we can get messages. Note that
1024 do this after starting listening. This is needed as when in
1025 clustered mode, ctdb won't allow us to start doing database
1026 operations until it has gone thru a full startup, which
1027 includes checking to see that smbd is listening. */
1029 if (!serverid_register(messaging_server_id(msg_ctx),
1030 FLAG_MSG_GENERAL|FLAG_MSG_SMBD
1031 |FLAG_MSG_PRINT_GENERAL
1032 |FLAG_MSG_DBWRAP)) {
1033 DEBUG(0, ("open_sockets_smbd: Failed to register "
1034 "myself in serverid.tdb\n"));
1038 /* Listen to messages */
1040 messaging_register(msg_ctx, NULL, MSG_SHUTDOWN, msg_exit_server);
1041 messaging_register(msg_ctx, ev_ctx, MSG_SMB_CONF_UPDATED,
1042 smbd_parent_conf_updated);
1043 messaging_register(msg_ctx, NULL, MSG_SMB_STAT_CACHE_DELETE,
1044 smb_stat_cache_delete);
1045 messaging_register(msg_ctx, NULL, MSG_DEBUG, smbd_msg_debug);
1046 messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS,
1047 smb_parent_send_to_children);
1048 messaging_register(msg_ctx, NULL, MSG_SMB_KILL_CLIENT_IP,
1049 smb_parent_send_to_children);
1050 messaging_register(msg_ctx, NULL, MSG_SMB_TELL_NUM_CHILDREN,
1051 smb_tell_num_children);
1053 messaging_register(msg_ctx, NULL,
1054 ID_CACHE_DELETE, smbd_parent_id_cache_delete);
1055 messaging_register(msg_ctx, NULL,
1056 ID_CACHE_KILL, smbd_parent_id_cache_kill);
1057 messaging_register(msg_ctx, NULL, MSG_SMB_NOTIFY_STARTED,
1058 smb_parent_send_to_children);
1060 #ifdef CLUSTER_SUPPORT
1061 if (lp_clustering()) {
1062 struct ctdbd_connection *conn = messaging_ctdbd_connection();
1064 register_with_ctdbd(conn, CTDB_SRVID_RECONFIGURE,
1065 smbd_parent_ctdb_reconfigured, msg_ctx);
1066 register_with_ctdbd(conn, CTDB_SRVID_SAMBA_NOTIFY,
1067 smbd_parent_ctdb_reconfigured, msg_ctx);
1072 messaging_register(msg_ctx, NULL, MSG_SMB_INJECT_FAULT,
1076 if (lp_multicast_dns_register() && (dns_port != 0)) {
1077 #ifdef WITH_DNSSD_SUPPORT
1078 smbd_setup_mdns_registration(ev_ctx,
1081 #ifdef WITH_AVAHI_SUPPORT
1084 avahi_conn = avahi_start_register(ev_ctx,
1087 if (avahi_conn == NULL) {
1088 DEBUG(10, ("avahi_start_register failed\n"));
1098 handle stdin becoming readable when we are in --foreground mode
1100 static void smbd_stdin_handler(struct tevent_context *ev,
1101 struct tevent_fd *fde,
1106 if (read(0, &c, 1) != 1) {
1107 /* we have reached EOF on stdin, which means the
1108 parent has exited. Shutdown the server */
1109 exit_server_cleanly("EOF on stdin");
1113 struct smbd_parent_tevent_trace_state {
1117 static void smbd_parent_tevent_trace_callback(enum tevent_trace_point point,
1120 struct smbd_parent_tevent_trace_state *state =
1121 (struct smbd_parent_tevent_trace_state *)private_data;
1124 case TEVENT_TRACE_BEFORE_WAIT:
1126 case TEVENT_TRACE_AFTER_WAIT:
1128 case TEVENT_TRACE_BEFORE_LOOP_ONCE:
1129 TALLOC_FREE(state->frame);
1130 state->frame = talloc_stackframe();
1132 case TEVENT_TRACE_AFTER_LOOP_ONCE:
1133 TALLOC_FREE(state->frame);
1140 static void smbd_parent_loop(struct tevent_context *ev_ctx,
1141 struct smbd_parent_context *parent)
1143 struct smbd_parent_tevent_trace_state trace_state = {
1148 tevent_set_trace_callback(ev_ctx, smbd_parent_tevent_trace_callback,
1151 /* now accept incoming connections - forking a new process
1152 for each incoming connection */
1153 DEBUG(2,("waiting for connections\n"));
1155 ret = tevent_loop_wait(ev_ctx);
1157 DEBUG(0, ("tevent_loop_wait failed: %d, %s, exiting\n",
1158 ret, strerror(errno)));
1161 TALLOC_FREE(trace_state.frame);
1163 /* NOTREACHED return True; */
1167 /****************************************************************************
1168 Initialise connect, service and file structs.
1169 ****************************************************************************/
1171 static bool init_structs(void )
1174 * Set the machine NETBIOS name if not already
1175 * set from the config file.
1181 if (!secrets_init())
1187 static void smbd_parent_sig_term_handler(struct tevent_context *ev,
1188 struct tevent_signal *se,
1194 exit_server_cleanly("termination signal");
1197 static void smbd_parent_sig_hup_handler(struct tevent_context *ev,
1198 struct tevent_signal *se,
1204 struct smbd_parent_context *parent =
1205 talloc_get_type_abort(private_data,
1206 struct smbd_parent_context);
1208 change_to_root_user();
1209 DEBUG(1,("parent: Reloading services after SIGHUP\n"));
1210 reload_services(NULL, NULL, false);
1212 printing_subsystem_update(parent->ev_ctx, parent->msg_ctx, true);
1215 /****************************************************************************
1217 ****************************************************************************/
1219 /* Declare prototype for build_options() to avoid having to run it through
1220 mkproto.h. Mixing $(builddir) and $(srcdir) source files in the current
1221 prototype generation system is too complicated. */
1223 extern void build_options(bool screen);
1225 int main(int argc,const char *argv[])
1227 /* shall I run as a daemon */
1228 bool is_daemon = false;
1229 bool interactive = false;
1231 bool no_process_group = false;
1232 bool log_stdout = false;
1234 char *profile_level = NULL;
1237 bool print_build_options = False;
1238 struct server_id main_server_id = {0};
1243 OPT_NO_PROCESS_GROUP,
1246 struct poptOption long_options[] = {
1248 {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" },
1249 {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"},
1250 {"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" },
1251 {"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
1252 {"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
1253 {"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" },
1254 {"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"},
1255 {"profiling-level", 'P', POPT_ARG_STRING, &profile_level, 0, "Set profiling level","PROFILE_LEVEL"},
1259 struct smbd_parent_context *parent = NULL;
1262 struct tevent_context *ev_ctx;
1263 struct messaging_context *msg_ctx;
1264 struct server_id server_id;
1265 struct tevent_signal *se;
1266 int profiling_level;
1267 char *np_dir = NULL;
1268 static const struct smbd_shim smbd_shim_fns =
1270 .cancel_pending_lock_requests_by_fid = smbd_cancel_pending_lock_requests_by_fid,
1271 .send_stat_cache_delete_message = smbd_send_stat_cache_delete_message,
1272 .change_to_root_user = smbd_change_to_root_user,
1273 .become_authenticated_pipe_user = smbd_become_authenticated_pipe_user,
1274 .unbecome_authenticated_pipe_user = smbd_unbecome_authenticated_pipe_user,
1276 .contend_level2_oplocks_begin = smbd_contend_level2_oplocks_begin,
1277 .contend_level2_oplocks_end = smbd_contend_level2_oplocks_end,
1279 .become_root = smbd_become_root,
1280 .unbecome_root = smbd_unbecome_root,
1282 .exit_server = smbd_exit_server,
1283 .exit_server_cleanly = smbd_exit_server_cleanly,
1287 * Do this before any other talloc operation
1289 talloc_enable_null_tracking();
1290 frame = talloc_stackframe();
1292 setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
1296 set_smbd_shim(&smbd_shim_fns);
1298 smbd_init_globals();
1302 #ifdef HAVE_SET_AUTH_PARAMETERS
1303 set_auth_parameters(argc,argv);
1306 pc = poptGetContext("smbd", argc, argv, long_options, 0);
1307 while((opt = poptGetNextOpt(pc)) != -1) {
1312 case OPT_INTERACTIVE:
1318 case OPT_NO_PROCESS_GROUP:
1319 no_process_group = true;
1321 case OPT_LOG_STDOUT:
1325 print_build_options = True;
1328 d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
1329 poptBadOption(pc, 0), poptStrerror(opt));
1330 poptPrintUsage(pc, stderr, 0);
1334 poptFreeContext(pc);
1342 setup_logging(argv[0], DEBUG_STDOUT);
1344 setup_logging(argv[0], DEBUG_FILE);
1347 if (print_build_options) {
1348 build_options(True); /* Display output to screen as well as debug */
1353 /* needed for SecureWare on SCO */
1357 set_remote_machine_name("smbd", False);
1359 if (interactive && (DEBUGLEVEL >= 9)) {
1360 talloc_enable_leak_report();
1363 if (log_stdout && Fork) {
1364 DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
1369 * We want to die early if we can't open /dev/urandom
1371 generate_random_buffer(NULL, 0);
1373 /* get initial effective uid and gid */
1376 /* make absolutely sure we run as root - to handle cases where people
1377 are crazy enough to have it setuid */
1378 gain_root_privilege();
1379 gain_root_group_privilege();
1382 dump_core_setup("smbd", lp_logfile(talloc_tos()));
1384 /* we are never interested in SIGPIPE */
1385 BlockSignals(True,SIGPIPE);
1388 /* we are never interested in SIGFPE */
1389 BlockSignals(True,SIGFPE);
1392 #if defined(SIGUSR2)
1393 /* We are no longer interested in USR2 */
1394 BlockSignals(True,SIGUSR2);
1397 /* POSIX demands that signals are inherited. If the invoking process has
1398 * these signals masked, we will have problems, as we won't recieve them. */
1399 BlockSignals(False, SIGHUP);
1400 BlockSignals(False, SIGUSR1);
1401 BlockSignals(False, SIGTERM);
1403 /* Ensure we leave no zombies until we
1404 * correctly set up child handling below. */
1408 /* we want total control over the permissions on created files,
1409 so set our umask to 0 */
1414 DEBUG(0,("smbd version %s started.\n", samba_version_string()));
1415 DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
1417 DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
1418 (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
1420 /* Output the build options to the debug log */
1421 build_options(False);
1423 if (sizeof(uint16_t) < 2 || sizeof(uint32_t) < 4) {
1424 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
1428 if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
1429 DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
1433 if (!cluster_probe_ok()) {
1437 /* Init the security context and global current_user */
1441 * Initialize the event context. The event context needs to be
1442 * initialized before the messaging context, cause the messaging
1443 * context holds an event context.
1444 * FIXME: This should be s3_tevent_context_init()
1446 ev_ctx = server_event_context();
1447 if (ev_ctx == NULL) {
1452 * Init the messaging context
1453 * FIXME: This should only call messaging_init()
1455 msg_ctx = server_messaging_context();
1456 if (msg_ctx == NULL) {
1461 * Reloading of the printers will not work here as we don't have a
1462 * server info and rpc services set up. It will be called later.
1464 if (!reload_services(NULL, NULL, false)) {
1468 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC
1469 && !lp_parm_bool(-1, "server role check", "inhibit", false)) {
1470 DEBUG(0, ("server role = 'active directory domain controller' not compatible with running smbd standalone. \n"));
1471 DEBUGADD(0, ("You should start 'samba' instead, and it will control starting smbd if required\n"));
1475 /* ...NOTE... Log files are working from this point! */
1477 DEBUG(3,("loaded services\n"));
1481 if (!profile_setup(msg_ctx, False)) {
1482 DEBUG(0,("ERROR: failed to setup profiling\n"));
1486 if (profile_level != NULL) {
1487 profiling_level = atoi(profile_level);
1489 profiling_level = lp_smbd_profiling_level();
1491 main_server_id = messaging_server_id(msg_ctx);
1492 set_profile_level(profiling_level, &main_server_id);
1494 if (!is_daemon && !is_a_socket(0)) {
1496 DEBUG(3, ("Standard input is not a socket, "
1497 "assuming -D option\n"));
1501 * Setting is_daemon here prevents us from eventually calling
1502 * the open_sockets_inetd()
1508 if (is_daemon && !interactive) {
1509 DEBUG(3, ("Becoming a daemon.\n"));
1510 become_daemon(Fork, no_process_group, log_stdout);
1515 * If we're interactive we want to set our own process group for
1516 * signal management.
1518 if (interactive && !no_process_group)
1519 setpgid( (pid_t)0, (pid_t)0);
1522 if (!directory_exist(lp_lock_directory()))
1523 mkdir(lp_lock_directory(), 0755);
1525 if (!directory_exist(lp_pid_directory()))
1526 mkdir(lp_pid_directory(), 0755);
1529 pidfile_create(lp_pid_directory(), "smbd");
1531 status = reinit_after_fork(msg_ctx, ev_ctx, false, NULL);
1532 if (!NT_STATUS_IS_OK(status)) {
1533 exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status));
1538 * Do not initialize the parent-child-pipe before becoming a
1539 * daemon: this is used to detect a died parent in the child
1542 status = init_before_fork();
1543 if (!NT_STATUS_IS_OK(status)) {
1544 exit_daemon(nt_errstr(status), map_errno_from_nt_status(status));
1548 parent = talloc_zero(ev_ctx, struct smbd_parent_context);
1550 exit_server("talloc(struct smbd_parent_context) failed");
1552 parent->interactive = interactive;
1553 parent->ev_ctx = ev_ctx;
1554 parent->msg_ctx = msg_ctx;
1557 se = tevent_add_signal(parent->ev_ctx,
1560 smbd_parent_sig_term_handler,
1563 exit_server("failed to setup SIGTERM handler");
1565 se = tevent_add_signal(parent->ev_ctx,
1568 smbd_parent_sig_hup_handler,
1571 exit_server("failed to setup SIGHUP handler");
1574 /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
1576 if (smbd_memcache() == NULL) {
1577 exit_daemon("no memcache available", EACCES);
1580 memcache_set_global(smbd_memcache());
1582 /* Initialise the password backed before the global_sam_sid
1583 to ensure that we fetch from ldap before we make a domain sid up */
1585 if(!initialize_password_db(false, ev_ctx))
1588 if (!secrets_init()) {
1589 exit_daemon("smbd can not open secrets.tdb", EACCES);
1592 if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) {
1593 struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_helpers());
1594 if (!open_schannel_session_store(NULL, lp_ctx)) {
1595 exit_daemon("ERROR: Samba cannot open schannel store for secured NETLOGON operations.", EACCES);
1597 TALLOC_FREE(lp_ctx);
1600 if(!get_global_sam_sid()) {
1601 exit_daemon("Samba cannot create a SAM SID", EACCES);
1604 server_id = messaging_server_id(msg_ctx);
1605 status = smbXsrv_version_global_init(&server_id);
1606 if (!NT_STATUS_IS_OK(status)) {
1607 exit_daemon("Samba cannot init server context", EACCES);
1610 status = smbXsrv_session_global_init(msg_ctx);
1611 if (!NT_STATUS_IS_OK(status)) {
1612 exit_daemon("Samba cannot init session context", EACCES);
1615 status = smbXsrv_tcon_global_init();
1616 if (!NT_STATUS_IS_OK(status)) {
1617 exit_daemon("Samba cannot init tcon context", EACCES);
1620 if (!locking_init())
1621 exit_daemon("Samba cannot init locking", EACCES);
1623 if (!leases_db_init(false)) {
1624 exit_daemon("Samba cannot init leases", EACCES);
1627 if (!smbd_notifyd_init(msg_ctx, interactive, &parent->notifyd)) {
1628 exit_daemon("Samba cannot init notification", EACCES);
1631 if (!cleanupd_init(msg_ctx, interactive, &parent->cleanupd)) {
1632 exit_daemon("Samba cannot init the cleanupd", EACCES);
1635 if (!messaging_parent_dgm_cleanup_init(msg_ctx)) {
1639 if (!smbd_scavenger_init(NULL, msg_ctx, ev_ctx)) {
1640 exit_daemon("Samba cannot init scavenging", EACCES);
1643 if (!serverid_parent_init(ev_ctx)) {
1644 exit_daemon("Samba cannot init server id", EACCES);
1647 if (!W_ERROR_IS_OK(registry_init_full()))
1648 exit_daemon("Samba cannot init registry", EACCES);
1650 /* Open the share_info.tdb here, so we don't have to open
1651 after the fork on every single connection. This is a small
1652 performance improvment and reduces the total number of system
1654 if (!share_info_db_init()) {
1655 exit_daemon("ERROR: failed to load share info db.", EACCES);
1658 status = init_system_session_info();
1659 if (!NT_STATUS_IS_OK(status)) {
1660 DEBUG(1, ("ERROR: failed to setup system user info: %s.\n",
1661 nt_errstr(status)));
1665 if (!init_guest_info()) {
1666 DEBUG(0,("ERROR: failed to setup guest info.\n"));
1670 if (!file_init_global()) {
1671 DEBUG(0, ("ERROR: file_init_global() failed\n"));
1674 status = smbXsrv_open_global_init();
1675 if (!NT_STATUS_IS_OK(status)) {
1676 exit_daemon("Samba cannot init global open", map_errno_from_nt_status(status));
1679 /* This MUST be done before start_epmd() because otherwise
1680 * start_epmd() forks and races against dcesrv_ep_setup() to
1681 * call directory_create_or_exist() */
1682 if (!directory_create_or_exist(lp_ncalrpc_dir(), 0755)) {
1683 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
1684 lp_ncalrpc_dir(), strerror(errno)));
1688 np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
1690 DEBUG(0, ("%s: Out of memory\n", __location__));
1694 if (!directory_create_or_exist_strict(np_dir, geteuid(), 0700)) {
1695 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
1696 np_dir, strerror(errno)));
1700 if (is_daemon && !interactive) {
1701 if (rpc_epmapper_daemon() == RPC_DAEMON_FORK) {
1702 start_epmd(ev_ctx, msg_ctx);
1706 if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) {
1707 exit_daemon("Samba cannot setup ep pipe", EACCES);
1710 if (is_daemon && !interactive) {
1711 daemon_ready("smbd");
1714 /* only start other daemons if we are running as a daemon
1715 * -- bad things will happen if smbd is launched via inetd
1716 * and we fork a copy of ourselves here */
1717 if (is_daemon && !interactive) {
1719 if (rpc_lsasd_daemon() == RPC_DAEMON_FORK) {
1720 start_lsasd(ev_ctx, msg_ctx);
1723 if (rpc_fss_daemon() == RPC_DAEMON_FORK) {
1724 start_fssd(ev_ctx, msg_ctx);
1727 if (!lp__disable_spoolss() &&
1728 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
1729 bool bgq = lp_parm_bool(-1, "smbd", "backgroundqueue", true);
1731 if (!printing_subsystem_init(ev_ctx, msg_ctx, true, bgq)) {
1732 exit_daemon("Samba failed to init printing subsystem", EACCES);
1736 #ifdef WITH_SPOTLIGHT
1737 if ((rpc_mdssvc_mode() == RPC_SERVICE_MODE_EXTERNAL) &&
1738 (rpc_mdssd_daemon() == RPC_DAEMON_FORK)) {
1739 start_mdssd(ev_ctx, msg_ctx);
1742 } else if (!lp__disable_spoolss() &&
1743 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
1744 if (!printing_subsystem_init(ev_ctx, msg_ctx, false, false)) {
1755 /* Started from inetd. fd 0 is the socket. */
1756 /* We will abort gracefully when the client or remote system
1760 /* close stdin, stdout (if not logging to it), but not stderr */
1761 close_low_fds(true, !debug_get_output_is_stdout(), false);
1768 smbd_setup_sig_chld_handler(parent);
1770 smbd_process(ev_ctx, msg_ctx, sock, true);
1772 exit_server_cleanly(NULL);
1776 if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports))
1777 exit_server("open_sockets_smbd() failed");
1779 /* do a printer update now that all messaging has been set up,
1780 * before we allow clients to start connecting */
1781 if (!lp__disable_spoolss() &&
1782 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
1783 printing_subsystem_update(ev_ctx, msg_ctx, false);
1787 /* make sure we always have a valid stackframe */
1788 frame = talloc_stackframe();
1791 /* if we are running in the foreground then look for
1792 EOF on stdin, and exit if it happens. This allows
1793 us to die if the parent process dies
1794 Only do this on a pipe or socket, no other device.
1797 if (fstat(0, &st) != 0) {
1800 if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
1801 tevent_add_fd(ev_ctx,
1810 smbd_parent_loop(ev_ctx, parent);
1812 exit_server_cleanly(NULL);