2 * Copyright (C) Joerg Lenneis 2003
3 * Copyright (C) Frank Lahm 2009, 2010
5 * All Rights Reserved. See COPYING.
9 cnid_dbd metadaemon to start up cnid_dbd upon request from afpd.
13 1. afpd -------> cnid_metad
15 via UNIX domain socket
16 2. cnid_metad -------> cnid_dbd
19 3. cnid_metad -------> cnid_dbd
23 4. afpd -------> cnid_dbd
25 cnid_metad and cnid_dbd have been converted to non-blocking IO in 2010.
31 #endif /* HAVE_CONFIG_H */
37 #include <sys/param.h>
41 #include <sys/types.h>
43 #include <sys/resource.h>
48 #include <sys/socket.h>
53 #define WEXITSTATUS(stat_val) ((unsigned)(stat_val) >> 8)
54 #endif /* ! WEXITSTATUS */
56 #define WIFEXITED(stat_val) (((stat_val) & 255) == 0)
57 #endif /* ! WIFEXITED */
59 #define WIFSTOPPED(status) (((status) & 0xff) == 0x7f)
63 #define WIFSIGNALED(status) (!WIFSTOPPED(status) && !WIFEXITED(status))
66 #define WTERMSIG(status) ((status) & 0x7f)
69 /* functions for username and group */
76 #define USE_SETRESUID 1
77 #define SWITCH_TO_GID(gid) ((setresgid(gid,gid,gid) < 0 || setgid(gid) < 0) ? -1 : 0)
78 #define SWITCH_TO_UID(uid) ((setresuid(uid,uid,uid) < 0 || setuid(uid) < 0) ? -1 : 0)
79 #endif /* USE_SETRESUID */
83 #define SWITCH_TO_GID(gid) ((setegid(gid) < 0 || setgid(gid) < 0) ? -1 : 0)
84 #define SWITCH_TO_UID(uid) ((setuid(uid) < 0 || seteuid(uid) < 0 || setuid(uid) < 0) ? -1 : 0)
85 #endif /* USE_SETEUID */
88 #include <atalk/util.h>
89 #include <atalk/logger.h>
90 #include <atalk/cnid_dbd_private.h>
91 #include <atalk/paths.h>
92 #include <atalk/compat.h>
93 #include <atalk/errchk.h>
94 #include <atalk/bstrlib.h>
95 #include <atalk/netatalk_conf.h>
96 #include <atalk/volume.h>
100 #define DBHOME ".AppleDB"
105 static volatile sig_atomic_t sigchild = 0;
108 #define MAXSPAWN 3 /* Max times respawned in.. */
109 #define TESTTIME 42 /* this much seconds apfd client tries to *
110 * to reconnect every 5 secondes, catch it */
112 #define DEFAULTHOST "localhost"
113 #define DEFAULTPORT "4700"
118 time_t tm; /* When respawned last */
119 int count; /* Times respawned in the last TESTTIME secondes */
120 int control_fd; /* file descriptor to child cnid_dbd process */
123 static struct server srv[MAXVOLS];
125 static void daemon_exit(int i)
127 server_unlock(_PATH_CNID_METAD_LOCK);
131 /* ------------------ */
132 static void sigterm_handler(int sig)
136 LOG(log_info, logtype_afpd, "shutting down on signal %d", sig );
139 LOG(log_error, logtype_afpd, "unexpected signal: %d", sig);
144 static struct server *test_usockfn(const struct vol *vol)
148 if (!(vol->v_flags & AFPVOL_OPEN))
151 for (i = 0; i < maxvol; i++) {
152 if (vol->v_vid == srv[i].vol->v_vid)
159 /* -------------------- */
160 static int maybe_start_dbd(const AFPObj *obj, char *dbdpn, struct vol *vol)
169 char *volpath = vol->v_path;
171 LOG(log_debug, logtype_cnid, "maybe_start_dbd: Volume: \"%s\"", volpath);
173 up = test_usockfn(vol);
175 /* we already have a process, send our fd */
176 if (send_fd(up->control_fd, rqstfd) < 0) {
183 LOG(log_maxdebug, logtype_cnid, "maybe_start_dbd: no cnid_dbd for that volume yet");
187 /* find an empty slot (i < maxvol) or the first free slot (i == maxvol)*/
188 for (i = 0; i <= maxvol; i++) {
189 if (srv[i].vol == NULL && i < MAXVOLS) {
192 vol->v_flags |= AFPVOL_OPEN;
201 LOG(log_error, logtype_cnid, "no free slot for cnid_dbd child. Configured maximum: %d. Do you have so many volumes?", MAXVOLS);
205 /* we have a slot but no process, check for respawn too fast */
206 if ( (t < (up->tm + TESTTIME)) /* We're in the respawn time window */
208 (up->count > MAXSPAWN) ) { /* ...and already tried to fork too often */
209 LOG(log_maxdebug, logtype_cnid, "maybe_start_dbd: respawn too fast just exiting");
210 return -1; /* just exit, dont sleep, because we might have work to do for another client */
212 if ( t >= (up->tm + TESTTIME) ) { /* out of respawn too fast windows reset the count */
213 LOG(log_maxdebug, logtype_cnid, "maybe_start_dbd: respawn window ended");
218 LOG(log_maxdebug, logtype_cnid, "maybe_start_dbd: respawn count now is: %u", up->count);
219 if (up->count > MAXSPAWN) {
220 /* We spawned too fast. From now until the first time we tried + TESTTIME seconds
221 we will just return -1 above */
222 LOG(log_maxdebug, logtype_cnid, "maybe_start_dbd: reached MAXSPAWN threshhold");
227 Create socketpair for comm between parent and child.
228 We use it to pass fds from connecting afpd processes to our
229 cnid_dbd child via fd passing.
231 if (socketpair(PF_UNIX, SOCK_STREAM, 0, sv) < 0) {
232 LOG(log_error, logtype_cnid, "error in socketpair: %s", strerror(errno));
236 if ((pid = fork()) < 0) {
237 LOG(log_error, logtype_cnid, "error in fork: %s", strerror(errno));
243 * Child. Close descriptors and start the daemon. If it fails
244 * just log it. The client process will fail connecting
251 for (i = 0; i < MAXVOLS; i++) {
252 if (srv[i].pid && up != &srv[i]) {
253 close(srv[i].control_fd);
257 sprintf(buf1, "%i", sv[1]);
258 sprintf(buf2, "%i", rqstfd);
260 if (up->count == MAXSPAWN) {
261 /* there's a pb with the db inform child, it will delete the db */
262 LOG(log_warning, logtype_cnid,
263 "Multiple attempts to start CNID db daemon for \"%s\" failed, wiping the slate clean...",
265 ret = execlp(dbdpn, dbdpn, "-F", obj->options.configfile, "-p", volpath, "-t", buf1, "-l", buf2, "-d", NULL);
267 ret = execlp(dbdpn, dbdpn, "-F", obj->options.configfile, "-p", volpath, "-t", buf1, "-l", buf2, NULL);
269 /* Yikes! We're still here, so exec failed... */
270 LOG(log_error, logtype_cnid, "Fatal error in exec: %s", strerror(errno));
278 up->control_fd = sv[0];
282 /* ------------------ */
283 static int set_dbdir(char *dbdir)
290 if (stat(dbdir, &st) < 0 && mkdir(dbdir, 0755) < 0) {
291 LOG(log_error, logtype_cnid, "set_dbdir: mkdir failed for %s", dbdir);
295 if (dbdir[len - 1] != '/') {
299 strcpy(dbdir + len, DBHOME);
300 if (stat(dbdir, &st) < 0 && mkdir(dbdir, 0755 ) < 0) {
301 LOG(log_error, logtype_cnid, "set_dbdir: mkdir failed for %s", dbdir);
307 /* ------------------ */
308 static uid_t user_to_uid (char *username)
310 struct passwd *this_passwd;
312 /* check for anything */
313 if ( !username || strlen ( username ) < 1 ) return 0;
315 /* grab the /etc/passwd record relating to username */
316 this_passwd = getpwnam ( username );
318 /* return false if there is no structure returned */
319 if (this_passwd == NULL) return 0;
321 /* return proper uid */
322 return this_passwd->pw_uid;
326 /* ------------------ */
327 static gid_t group_to_gid ( char *group)
329 struct group *this_group;
331 /* check for anything */
332 if ( !group || strlen ( group ) < 1 ) return 0;
334 /* grab the /etc/groups record relating to group */
335 this_group = getgrnam ( group );
337 /* return false if there is no structure returned */
338 if (this_group == NULL) return 0;
340 /* return proper gid */
341 return this_group->gr_gid;
345 /* ------------------ */
346 static void catch_child(int sig _U_)
351 /* ----------------------- */
352 static void set_signal(void)
357 memset(&sv, 0, sizeof(sv));
360 sv.sa_handler = catch_child;
361 sv.sa_flags = SA_NOCLDSTOP;
362 sigemptyset(&sv.sa_mask);
363 if (sigaction(SIGCHLD, &sv, NULL) < 0) {
364 LOG(log_error, logtype_cnid, "cnid_metad: sigaction: %s", strerror(errno));
365 daemon_exit(EXITERR_SYS);
369 sv.sa_handler = sigterm_handler;
370 sigfillset(&sv.sa_mask );
371 if (sigaction(SIGTERM, &sv, NULL ) < 0 ) {
372 LOG(log_error, logtype_afpd, "sigaction: %s", strerror(errno) );
373 daemon_exit(EXITERR_SYS);
376 /* Ignore the rest */
377 sv.sa_handler = SIG_IGN;
378 sigemptyset(&sv.sa_mask );
379 if (sigaction(SIGALRM, &sv, NULL ) < 0 ) {
380 LOG(log_error, logtype_afpd, "sigaction: %s", strerror(errno) );
381 daemon_exit(EXITERR_SYS);
383 sv.sa_handler = SIG_IGN;
384 sigemptyset(&sv.sa_mask );
385 if (sigaction(SIGHUP, &sv, NULL ) < 0 ) {
386 LOG(log_error, logtype_afpd, "sigaction: %s", strerror(errno) );
387 daemon_exit(EXITERR_SYS);
389 sv.sa_handler = SIG_IGN;
390 sigemptyset(&sv.sa_mask );
391 if (sigaction(SIGUSR1, &sv, NULL ) < 0 ) {
392 LOG(log_error, logtype_afpd, "sigaction: %s", strerror(errno) );
393 daemon_exit(EXITERR_SYS);
395 sv.sa_handler = SIG_IGN;
396 sigemptyset(&sv.sa_mask );
397 if (sigaction(SIGUSR2, &sv, NULL ) < 0 ) {
398 LOG(log_error, logtype_afpd, "sigaction: %s", strerror(errno) );
399 daemon_exit(EXITERR_SYS);
401 sv.sa_handler = SIG_IGN;
402 sigemptyset(&sv.sa_mask );
403 if (sigaction(SIGPIPE, &sv, NULL ) < 0 ) {
404 LOG(log_error, logtype_afpd, "sigaction: %s", strerror(errno) );
405 daemon_exit(EXITERR_SYS);
408 /* block everywhere but in pselect */
410 sigaddset(&set, SIGCHLD);
411 sigprocmask(SIG_BLOCK, &set, NULL);
414 static int setlimits(void)
418 if (getrlimit(RLIMIT_NOFILE, &rlim) != 0) {
419 LOG(log_error, logtype_afpd, "setlimits: %s", strerror(errno));
422 if (rlim.rlim_cur != RLIM_INFINITY && rlim.rlim_cur < 65535) {
423 rlim.rlim_cur = 65535;
424 if (rlim.rlim_max != RLIM_INFINITY && rlim.rlim_max < 65535)
425 rlim.rlim_max = 65535;
426 if (setrlimit(RLIMIT_NOFILE, &rlim) != 0) {
427 LOG(log_error, logtype_afpd, "setlimits: %s", strerror(errno));
434 /* ------------------ */
435 int main(int argc, char *argv[])
437 char volpath[MAXPATHLEN + 1];
441 char *dbdpn = _PATH_CNID_DBD;
455 while (( cc = getopt( argc, argv, "dF:vV")) != -1 ) {
461 obj.cmdlineconfigfile = strdup(optarg);
465 printf("cnid_metad (Netatalk %s)\n", VERSION);
468 printf("cnid_metad [-dvV] [-F alternate configfile ]\n");
473 /* Check for PID lockfile */
474 if (check_lockfile("cnid_metad", _PATH_CNID_METAD_LOCK))
477 if (!debug && daemonize(0, 0) != 0)
480 /* Create PID lockfile */
481 if (create_lockfile("cnid_metad", _PATH_CNID_METAD_LOCK))
484 if (afp_config_parse(&obj) != 0)
487 set_processname("cnid_metad");
488 setuplog(obj.options.logconfig, obj.options.logfile);
490 if (load_volumes(&obj, NULL) != 0)
495 host = iniparser_getstrdup(obj.iniconfig, INISEC_CNID, "cnid listen", "localhost:4700");
496 if (port = strrchr(host, ':'))
500 if ((srvfd = tsockfd_create(host, port, 10)) < 0)
503 LOG(log_note, logtype_afpd, "CNID Server listening on %s:%s", host, port);
507 LOG(log_debug, logtype_cnid, "Setting uid/gid to %i/%i", uid, gid);
509 if (SWITCH_TO_GID(gid) < 0) {
510 LOG(log_info, logtype_cnid, "unable to switch to group %d", gid);
515 if (SWITCH_TO_UID(uid) < 0) {
516 LOG(log_info, logtype_cnid, "unable to switch to user %d", uid);
525 sigprocmask(SIG_SETMASK, NULL, &set);
526 sigdelset(&set, SIGCHLD);
529 rqstfd = usockfd_check(srvfd, &set);
530 /* Collect zombie processes and log what happened to them */
531 if (sigchild) while ((pid = waitpid(-1, &status, WNOHANG)) > 0) {
532 for (i = 0; i < maxvol; i++) {
533 if (srv[i].pid == pid) {
535 close(srv[i].control_fd);
536 srv[i].vol->v_flags &= ~AFPVOL_OPEN;
540 if (WIFEXITED(status)) {
541 LOG(log_info, logtype_cnid, "cnid_dbd[%i] exited with exit code %i",
542 pid, WEXITSTATUS(status));
544 else if (WIFSIGNALED(status)) {
545 LOG(log_info, logtype_cnid, "cnid_dbd[%i] got signal %i",
546 pid, WTERMSIG(status));
553 ret = readt(rqstfd, &len, sizeof(int), 1, 4);
560 LOG(log_severe, logtype_cnid, "error read: %s", strerror(errno));
563 else if (ret != sizeof(int)) {
564 LOG(log_error, logtype_cnid, "short read: got %d", ret);
568 * checks for buffer overruns. The client libatalk side does it too
569 * before handing the dir path over but who trusts clients?
571 if (!len || len +DBHOMELEN +2 > MAXPATHLEN) {
572 LOG(log_error, logtype_cnid, "wrong len parameter: %d", len);
576 actual_len = readt(rqstfd, volpath, len, 1, 5);
577 if (actual_len < 0) {
578 LOG(log_severe, logtype_cnid, "Read(2) error : %s", strerror(errno));
581 if (actual_len != len) {
582 LOG(log_error, logtype_cnid, "error/short read (dir): %s", strerror(errno));
588 if (load_volumes(&obj, NULL) != 0) {
589 LOG(log_severe, logtype_cnid, "main: error reloading config");
593 if ((vol = getvolbypath(volpath)) == NULL) {
594 LOG(log_severe, logtype_cnid, "main: no volume for path \"%s\"", volpath);
598 if (set_dbdir(vol->v_dbpath) < 0) {
602 maybe_start_dbd(&obj, dbdpn, vol);