2 Unix SMB/CIFS implementation.
4 Copyright (C) Andrew Tridgell 1994-1998
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 12 aug 96: Erik.Devriendt@te6.siemens.be
22 added support for shared memory implementation of share mode locking
24 21-Jul-1998: rsharpe@ns.aus.com (Richard Sharpe)
25 Added -L (locks only) -S (shares only) flags and code
30 * This program reports current SMB connections
34 #include "lib/util/server_id.h"
35 #include "smbd/globals.h"
36 #include "system/filesys.h"
37 #include "lib/cmdline/cmdline.h"
38 #include "dbwrap/dbwrap.h"
39 #include "dbwrap/dbwrap_open.h"
40 #include "../libcli/security/security.h"
42 #include "locking/share_mode_lock.h"
43 #include "locking/proto.h"
45 #include "librpc/gen_ndr/open_files.h"
46 #include "smbd/smbd.h"
47 #include "librpc/gen_ndr/notify.h"
50 #include "status_profile.h"
52 #include "status_json.h"
53 #include "smbd/notifyd/notifyd_db.h"
54 #include "cmdline_contexts.h"
55 #include "locking/leases_db.h"
56 #include "lib/util/string_wrappers.h"
57 #include "lib/param/param.h"
61 #include "audit_logging.h" /* various JSON helpers */
62 #include "auth/common_auth.h"
63 #endif /* HAVE_JANSSON */
65 #define SMB_MAXPIDS 2048
66 static uid_t Ucrit_uid = 0; /* added by OH */
67 static struct server_id Ucrit_pid[SMB_MAXPIDS]; /* Ugly !!! */ /* added by OH */
68 static int Ucrit_MaxPid=0; /* added by OH */
69 static unsigned int Ucrit_IsActive = 0; /* added by OH */
71 static bool verbose, brief;
72 static bool shares_only; /* Added by RJS */
73 static bool locks_only; /* Added by RJS */
74 static bool processes_only;
76 static bool numeric_only;
77 static bool do_checks = true;
79 const char *username = NULL;
82 static void Ucrit_addUid(uid_t uid)
88 static unsigned int Ucrit_checkUid(uid_t uid)
90 if ( !Ucrit_IsActive )
93 if ( uid == Ucrit_uid )
99 static unsigned int Ucrit_checkPid(struct server_id pid)
103 if ( !Ucrit_IsActive )
106 for (i=0;i<Ucrit_MaxPid;i++) {
107 if (server_id_equal(&pid, &Ucrit_pid[i])) {
115 static bool Ucrit_addPid( struct server_id pid )
117 if ( !Ucrit_IsActive )
120 if ( Ucrit_MaxPid >= SMB_MAXPIDS ) {
121 fprintf(stderr, "ERROR: More than %d pids for user %s!\n",
122 SMB_MAXPIDS, uidtoname(Ucrit_uid));
127 Ucrit_pid[Ucrit_MaxPid++] = pid;
132 static int print_share_mode_stdout(struct traverse_state *state,
134 const char *user_name,
135 const char *denymode,
139 const char *servicepath,
140 const char *filename,
144 d_printf("\nLocked files:\n");
145 d_printf("Pid User(ID) DenyMode Access R/W Oplock SharePath Name Time\n");
146 d_printf("--------------------------------------------------------------------------------------------------\n");
148 state->first = false;
151 d_printf("%-11s %-9s %-10s 0x%-8x %-10s %-14s %s %s %s",
152 pid, user_name, denymode, access_mask, rw, oplock,
153 servicepath, filename, timestr);
157 static int prepare_share_mode(struct traverse_state *state)
159 if (!state->json_output) {
160 /* only print header line if there are open files */
163 add_section_to_json(state, "open_files");
168 static uint32_t map_share_mode_to_deny_mode(
169 uint32_t share_access, uint32_t private_options)
171 switch (share_access & ~FILE_SHARE_DELETE) {
172 case FILE_SHARE_NONE:
174 case FILE_SHARE_READ:
176 case FILE_SHARE_WRITE:
178 case FILE_SHARE_READ|FILE_SHARE_WRITE:
181 if (private_options & NTCREATEX_FLAG_DENY_DOS) {
183 } else if (private_options & NTCREATEX_FLAG_DENY_FCB) {
190 static int print_share_mode(struct file_id fid,
191 const struct share_mode_data *d,
192 const struct share_mode_entry *e,
195 const char *denymode = NULL;
197 const char *oplock = NULL;
198 const char *pid = NULL;
199 const char *rw = NULL;
200 const char *filename = NULL;
201 const char *timestr = NULL;
202 const char *user_str = NULL;
204 struct traverse_state *state = (struct traverse_state *)private_data;
206 TALLOC_CTX *tmp_ctx = talloc_stackframe();
207 if (tmp_ctx == NULL) {
211 if (do_checks && !is_valid_share_mode_entry(e)) {
212 TALLOC_FREE(tmp_ctx);
216 if (do_checks && !serverid_exists(&e->pid)) {
217 /* the process for this entry does not exist any more */
218 TALLOC_FREE(tmp_ctx);
222 if (Ucrit_checkPid(e->pid)) {
223 struct server_id_buf tmp;
224 pid = server_id_str_buf(e->pid, &tmp);
225 if (state->resolve_uids) {
226 user_str = talloc_asprintf(tmp_ctx, "%s", uidtoname(e->uid));
228 user_str = talloc_asprintf(tmp_ctx, "%u", (unsigned int)e->uid);
230 if (user_str == NULL) {
231 TALLOC_FREE(tmp_ctx);
235 denymode_int = map_share_mode_to_deny_mode(e->share_access,
237 switch (denymode_int) {
239 denymode = "DENY_NONE";
242 denymode = "DENY_ALL";
245 denymode = "DENY_DOS";
248 denymode = "DENY_READ";
251 denymode = "DENY_WRITE";
254 denymode = "DENY_FCB";
257 denymode = talloc_asprintf(tmp_ctx,
260 if (denymode == NULL) {
261 TALLOC_FREE(tmp_ctx);
265 "unknown-please report ! "
266 "e->share_access = 0x%x, "
267 "e->private_options = 0x%x\n",
268 (unsigned int)e->share_access,
269 (unsigned int)e->private_options);
273 filename = talloc_asprintf(tmp_ctx,
276 (d->stream_name != NULL) ? d->stream_name : "");
277 if (filename == NULL) {
278 TALLOC_FREE(tmp_ctx);
281 if ((e->access_mask & (FILE_READ_DATA|FILE_WRITE_DATA))==
282 (FILE_READ_DATA|FILE_WRITE_DATA)) {
284 } else if (e->access_mask & FILE_WRITE_DATA) {
290 if (e->op_type & BATCH_OPLOCK) {
292 } else if (e->op_type & EXCLUSIVE_OPLOCK) {
293 oplock = "EXCLUSIVE";
294 } else if (e->op_type & LEVEL_II_OPLOCK) {
296 } else if (e->op_type == LEASE_OPLOCK) {
299 status = leases_db_get(
303 &lstate, /* current_state */
305 NULL, /* breaking_to_requested */
306 NULL, /* breaking_to_required */
307 NULL, /* lease_version */
310 if (NT_STATUS_IS_OK(status)) {
311 oplock = talloc_asprintf(tmp_ctx, "LEASE(%s%s%s)%s%s%s",
312 (lstate & SMB2_LEASE_READ)?"R":"",
313 (lstate & SMB2_LEASE_WRITE)?"W":"",
314 (lstate & SMB2_LEASE_HANDLE)?"H":"",
315 (lstate & SMB2_LEASE_READ)?"":" ",
316 (lstate & SMB2_LEASE_WRITE)?"":" ",
317 (lstate & SMB2_LEASE_HANDLE)?"":" ");
319 oplock = "LEASE STATE UNKNOWN";
325 timestr = time_to_asc((time_t)e->time.tv_sec);
327 if (!state->json_output) {
328 print_share_mode_stdout(state,
332 (unsigned int)e->access_mask,
339 print_share_mode_json(state,
349 TALLOC_FREE(tmp_ctx);
353 static void print_brl_stdout(struct traverse_state *state,
359 const char *sharepath,
363 d_printf("Byte range locks:\n");
364 d_printf("Pid dev:inode R/W start size SharePath Name\n");
365 d_printf("--------------------------------------------------------------------------------\n");
367 state->first = false;
369 d_printf("%-10s %-15s %-4s %-9jd %-9jd %-24s %-24s\n",
370 pid, id, desc, start, size, sharepath, fname);
373 static int prepare_brl(struct traverse_state *state)
375 if (!state->json_output) {
376 /* only print header line if there are locked files */
379 add_section_to_json(state, "byte_range_locks");
384 static void print_brl(struct file_id id,
385 struct server_id pid,
386 enum brl_type lock_type,
387 enum brl_flavour lock_flav,
393 static const struct {
394 enum brl_type lock_type;
401 const char *desc="X";
402 const char *sharepath = "";
404 struct share_mode_lock *share_mode;
405 struct server_id_buf tmp;
406 struct file_id_buf ftmp;
407 struct traverse_state *state = (struct traverse_state *)private_data;
409 share_mode = fetch_share_mode_unlocked(NULL, id);
411 fname = share_mode_filename(NULL, share_mode);
412 sharepath = share_mode_servicepath(share_mode);
414 fname = talloc_strdup(NULL, "");
420 for (i=0;i<ARRAY_SIZE(lock_types);i++) {
421 if (lock_type == lock_types[i].lock_type) {
422 desc = lock_types[i].desc;
426 if (!state->json_output) {
427 print_brl_stdout(state,
428 server_id_str_buf(pid, &tmp),
429 file_id_str_buf(id, &ftmp),
436 print_brl_json(state,
449 TALLOC_FREE(share_mode);
452 static const char *session_dialect_str(uint16_t dialect)
454 static fstring unknown_dialect;
457 case SMB2_DIALECT_REVISION_000:
459 case SMB2_DIALECT_REVISION_202:
461 case SMB2_DIALECT_REVISION_210:
463 case SMB2_DIALECT_REVISION_222:
465 case SMB2_DIALECT_REVISION_224:
467 case SMB3_DIALECT_REVISION_300:
469 case SMB3_DIALECT_REVISION_302:
471 case SMB3_DIALECT_REVISION_310:
473 case SMB3_DIALECT_REVISION_311:
477 fstr_sprintf(unknown_dialect, "Unknown (0x%04x)", dialect);
478 return unknown_dialect;
481 static int traverse_connections_stdout(struct traverse_state *state,
482 const char *servicename,
486 const char *encryption_cipher,
487 enum crypto_degree encryption_degree,
488 const char *signing_cipher,
489 enum crypto_degree signing_degree)
494 if (encryption_degree == CRYPTO_DEGREE_FULL) {
495 fstr_sprintf(encryption, "%s", encryption_cipher);
496 } else if (encryption_degree == CRYPTO_DEGREE_ANONYMOUS) {
497 fstr_sprintf(encryption, "anonymous(%s)", encryption_cipher);
498 } else if (encryption_degree == CRYPTO_DEGREE_PARTIAL) {
499 fstr_sprintf(encryption, "partial(%s)", encryption_cipher);
501 fstr_sprintf(encryption, "-");
503 if (signing_degree == CRYPTO_DEGREE_FULL) {
504 fstr_sprintf(signing, "%s", signing_cipher);
505 } else if (signing_degree == CRYPTO_DEGREE_ANONYMOUS) {
506 fstr_sprintf(signing, "anonymous(%s)", signing_cipher);
507 } else if (signing_degree == CRYPTO_DEGREE_PARTIAL) {
508 fstr_sprintf(signing, "partial(%s)", signing_cipher);
510 fstr_sprintf(signing, "-");
513 d_printf("%-12s %-7s %-13s %-32s %-12s %-12s\n",
514 servicename, server_id, machine, timestr, encryption, signing);
519 static int prepare_connections(struct traverse_state *state)
521 if (!state->json_output) {
522 /* always print header line */
523 d_printf("\n%-12s %-7s %-13s %-32s %-12s %-12s\n", "Service", "pid", "Machine", "Connected at", "Encryption", "Signing");
524 d_printf("---------------------------------------------------------------------------------------------\n");
526 add_section_to_json(state, "tcons");
531 static int traverse_connections(const struct connections_data *crec,
534 struct server_id_buf tmp;
535 char *timestr = NULL;
537 const char *encryption = "-";
538 enum crypto_degree encryption_degree = CRYPTO_DEGREE_NONE;
539 const char *signing = "-";
540 enum crypto_degree signing_degree = CRYPTO_DEGREE_NONE;
541 struct traverse_state *state = (struct traverse_state *)private_data;
543 TALLOC_CTX *tmp_ctx = talloc_stackframe();
544 if (tmp_ctx == NULL) {
548 if (crec->cnum == TID_FIELD_INVALID) {
549 TALLOC_FREE(tmp_ctx);
554 (!process_exists(crec->pid) || !Ucrit_checkUid(crec->uid))) {
555 TALLOC_FREE(tmp_ctx);
559 timestr = timestring(tmp_ctx, nt_time_to_unix(crec->start));
560 if (timestr == NULL) {
561 TALLOC_FREE(tmp_ctx);
565 if (smbXsrv_is_encrypted(crec->encryption_flags) ||
566 smbXsrv_is_partially_encrypted(crec->encryption_flags))
568 switch (crec->cipher) {
569 case SMB_ENCRYPTION_GSSAPI:
570 encryption = "GSSAPI";
572 case SMB2_ENCRYPTION_AES128_CCM:
573 encryption = "AES-128-CCM";
575 case SMB2_ENCRYPTION_AES128_GCM:
576 encryption = "AES-128-GCM";
578 case SMB2_ENCRYPTION_AES256_CCM:
579 encryption = "AES-256-CCM";
581 case SMB2_ENCRYPTION_AES256_GCM:
582 encryption = "AES-256-GCM";
588 if (smbXsrv_is_encrypted(crec->encryption_flags)) {
589 encryption_degree = CRYPTO_DEGREE_FULL;
590 } else if (smbXsrv_is_partially_encrypted(crec->encryption_flags)) {
591 encryption_degree = CRYPTO_DEGREE_PARTIAL;
593 if (encryption_degree != CRYPTO_DEGREE_NONE &&
594 !crec->authenticated)
596 encryption_degree = CRYPTO_DEGREE_ANONYMOUS;
600 if (smbXsrv_is_signed(crec->signing_flags) ||
601 smbXsrv_is_partially_signed(crec->signing_flags))
603 switch (crec->signing) {
604 case SMB2_SIGNING_MD5_SMB1:
605 signing = "HMAC-MD5";
607 case SMB2_SIGNING_HMAC_SHA256:
608 signing = "HMAC-SHA256";
610 case SMB2_SIGNING_AES128_CMAC:
611 signing = "AES-128-CMAC";
613 case SMB2_SIGNING_AES128_GMAC:
614 signing = "AES-128-GMAC";
620 if (smbXsrv_is_signed(crec->signing_flags)) {
621 signing_degree = CRYPTO_DEGREE_FULL;
622 } else if (smbXsrv_is_partially_signed(crec->signing_flags)) {
623 signing_degree = CRYPTO_DEGREE_PARTIAL;
625 if (signing_degree != CRYPTO_DEGREE_NONE &&
626 !crec->authenticated)
628 signing_degree = CRYPTO_DEGREE_ANONYMOUS;
632 if (!state->json_output) {
633 result = traverse_connections_stdout(state,
635 server_id_str_buf(crec->pid, &tmp),
643 result = traverse_connections_json(state,
651 TALLOC_FREE(timestr);
652 TALLOC_FREE(tmp_ctx);
657 static int traverse_sessionid_stdout(struct traverse_state *state,
660 char *machine_hostname,
662 const char *encryption_cipher,
663 enum crypto_degree encryption_degree,
664 const char *signing_cipher,
665 enum crypto_degree signing_degree)
670 if (encryption_degree == CRYPTO_DEGREE_FULL) {
671 fstr_sprintf(encryption, "%s", encryption_cipher);
672 } else if (encryption_degree == CRYPTO_DEGREE_ANONYMOUS) {
673 fstr_sprintf(encryption, "anonymous(%s)", encryption_cipher);
674 } else if (encryption_degree == CRYPTO_DEGREE_PARTIAL) {
675 fstr_sprintf(encryption, "partial(%s)", encryption_cipher);
677 fstr_sprintf(encryption, "-");
679 if (signing_degree == CRYPTO_DEGREE_FULL) {
680 fstr_sprintf(signing, "%s", signing_cipher);
681 } else if (signing_degree == CRYPTO_DEGREE_ANONYMOUS) {
682 fstr_sprintf(signing, "anonymous(%s)", signing_cipher);
683 } else if (signing_degree == CRYPTO_DEGREE_PARTIAL) {
684 fstr_sprintf(signing, "partial(%s)", signing_cipher);
686 fstr_sprintf(signing, "-");
689 d_printf("%-7s %-25s %-41s %-17s %-20s %-21s\n",
690 server_id, uid_gid_str, machine_hostname, dialect, encryption,
696 static int prepare_sessionid(struct traverse_state *state)
698 if (!state->json_output) {
699 /* always print header line */
700 d_printf("\nSamba version %s\n",samba_version_string());
701 d_printf("%-7s %-12s %-12s %-41s %-17s %-20s %-21s\n", "PID", "Username", "Group", "Machine", "Protocol Version", "Encryption", "Signing");
702 d_printf("----------------------------------------------------------------------------------------------------------------------------------------\n");
704 add_section_to_json(state, "sessions");
710 static int traverse_sessionid(const char *key, struct sessionid *session,
716 struct server_id_buf tmp;
717 char *machine_hostname = NULL;
719 const char *encryption = "-";
720 enum crypto_degree encryption_degree = CRYPTO_DEGREE_NONE;
721 const char *signing = "-";
722 enum crypto_degree signing_degree = CRYPTO_DEGREE_NONE;
723 struct traverse_state *state = (struct traverse_state *)private_data;
725 TALLOC_CTX *tmp_ctx = talloc_stackframe();
726 if (tmp_ctx == NULL) {
731 (!process_exists(session->pid) ||
732 !Ucrit_checkUid(session->uid))) {
733 TALLOC_FREE(tmp_ctx);
737 Ucrit_addPid(session->pid);
740 fstr_sprintf(gid_str, "%u", (unsigned int)session->gid);
741 fstr_sprintf(uid_str, "%u", (unsigned int)session->uid);
742 fstr_sprintf(uid_gid_str, "%-12u %-12u",
743 (unsigned int)session->uid,
744 (unsigned int)session->gid);
746 if (session->uid == -1 && session->gid == -1) {
748 * The session is not fully authenticated yet.
750 fstrcpy(uid_gid_str, "(auth in progress)");
751 fstrcpy(gid_str, "(auth in progress)");
752 fstrcpy(uid_str, "(auth in progress)");
755 * In theory it should not happen that one of
756 * session->uid and session->gid is valid (ie != -1)
757 * while the other is not (ie = -1), so we a check for
758 * that case that bails out would be reasonable.
760 const char *uid_name = "-1";
761 const char *gid_name = "-1";
763 if (session->uid != -1) {
764 uid_name = uidtoname(session->uid);
765 if (uid_name == NULL) {
766 TALLOC_FREE(tmp_ctx);
770 if (session->gid != -1) {
771 gid_name = gidtoname(session->gid);
772 if (gid_name == NULL) {
773 TALLOC_FREE(tmp_ctx);
777 fstr_sprintf(gid_str, "%s", gid_name);
778 fstr_sprintf(uid_str, "%s", uid_name);
779 fstr_sprintf(uid_gid_str, "%-12s %-12s",
784 machine_hostname = talloc_asprintf(tmp_ctx, "%s (%s)",
785 session->remote_machine,
787 if (machine_hostname == NULL) {
788 TALLOC_FREE(tmp_ctx);
792 if (smbXsrv_is_encrypted(session->encryption_flags) ||
793 smbXsrv_is_partially_encrypted(session->encryption_flags)) {
794 switch (session->cipher) {
795 case SMB2_ENCRYPTION_AES128_CCM:
796 encryption = "AES-128-CCM";
798 case SMB2_ENCRYPTION_AES128_GCM:
799 encryption = "AES-128-GCM";
801 case SMB2_ENCRYPTION_AES256_CCM:
802 encryption = "AES-256-CCM";
804 case SMB2_ENCRYPTION_AES256_GCM:
805 encryption = "AES-256-GCM";
812 if (smbXsrv_is_encrypted(session->encryption_flags)) {
813 encryption_degree = CRYPTO_DEGREE_FULL;
814 } else if (smbXsrv_is_partially_encrypted(session->encryption_flags)) {
815 encryption_degree = CRYPTO_DEGREE_PARTIAL;
817 if (encryption_degree != CRYPTO_DEGREE_NONE &&
818 !session->authenticated)
820 encryption_degree = CRYPTO_DEGREE_ANONYMOUS;
824 if (smbXsrv_is_signed(session->signing_flags) ||
825 smbXsrv_is_partially_signed(session->signing_flags)) {
826 switch (session->signing) {
827 case SMB2_SIGNING_MD5_SMB1:
828 signing = "HMAC-MD5";
830 case SMB2_SIGNING_HMAC_SHA256:
831 signing = "HMAC-SHA256";
833 case SMB2_SIGNING_AES128_CMAC:
834 signing = "AES-128-CMAC";
836 case SMB2_SIGNING_AES128_GMAC:
837 signing = "AES-128-GMAC";
844 if (smbXsrv_is_signed(session->signing_flags)) {
845 signing_degree = CRYPTO_DEGREE_FULL;
846 } else if (smbXsrv_is_partially_signed(session->signing_flags)) {
847 signing_degree = CRYPTO_DEGREE_PARTIAL;
849 if (signing_degree != CRYPTO_DEGREE_NONE &&
850 !session->authenticated)
852 signing_degree = CRYPTO_DEGREE_ANONYMOUS;
857 if (!state->json_output) {
858 traverse_sessionid_stdout(state,
859 server_id_str_buf(session->pid, &tmp),
862 session_dialect_str(session->connection_dialect),
868 result = traverse_sessionid_json(state,
876 session_dialect_str(session->connection_dialect));
879 TALLOC_FREE(machine_hostname);
880 TALLOC_FREE(tmp_ctx);
886 static bool print_notify_rec_stdout(struct traverse_state *state,
890 unsigned subdir_filter)
892 d_printf("%s\\%s\\%x\\%x\n", path, server_id_str,
893 filter, subdir_filter);
898 static int prepare_notify(struct traverse_state *state)
900 if (!state->json_output) {
901 /* don't print header line */
903 add_section_to_json(state, "notifies");
908 static bool print_notify_rec(const char *path, struct server_id server,
909 const struct notify_instance *instance,
912 struct server_id_buf idbuf;
913 struct traverse_state *state = (struct traverse_state *)private_data;
916 if (!state->json_output) {
917 result = print_notify_rec_stdout(state,
919 server_id_str_buf(server, &idbuf),
920 (unsigned)instance->filter,
921 (unsigned)instance->subdir_filter);
924 result = print_notify_rec_json(state,
934 OPT_RESOLVE_UIDS = 1000,
937 int main(int argc, const char *argv[])
940 int profile_only = 0;
941 bool show_processes, show_locks, show_shares;
942 bool show_notify = false;
943 poptContext pc = NULL;
944 struct traverse_state state = {0};
945 struct poptOption long_options[] = {
948 .longName = "processes",
950 .argInfo = POPT_ARG_NONE,
953 .descrip = "Show processes only",
956 .longName = "verbose",
958 .argInfo = POPT_ARG_NONE,
961 .descrip = "Be verbose",
966 .argInfo = POPT_ARG_NONE,
969 .descrip = "Show locks only",
972 .longName = "shares",
974 .argInfo = POPT_ARG_NONE,
977 .descrip = "Show shares only",
980 .longName = "notify",
982 .argInfo = POPT_ARG_NONE,
985 .descrip = "Show notifies",
990 .argInfo = POPT_ARG_STRING,
993 .descrip = "Switch to user",
998 .argInfo = POPT_ARG_NONE,
1001 .descrip = "Be brief",
1004 .longName = "profile",
1006 .argInfo = POPT_ARG_NONE,
1009 .descrip = "Do profiling",
1012 .longName = "profile-rates",
1014 .argInfo = POPT_ARG_NONE,
1017 .descrip = "Show call rates",
1020 .longName = "byterange",
1022 .argInfo = POPT_ARG_NONE,
1025 .descrip = "Include byte range locks"
1028 .longName = "numeric",
1030 .argInfo = POPT_ARG_NONE,
1033 .descrip = "Numeric uid/gid"
1038 .argInfo = POPT_ARG_NONE,
1041 .descrip = "JSON output"
1046 .argInfo = POPT_ARG_NONE,
1049 .descrip = "Skip checks if processes still exist"
1052 .longName = "resolve-uids",
1054 .argInfo = POPT_ARG_NONE,
1056 .val = OPT_RESOLVE_UIDS,
1057 .descrip = "Try to resolve UIDs to usernames"
1063 TALLOC_CTX *frame = talloc_stackframe();
1065 struct messaging_context *msg_ctx = NULL;
1068 struct loadparm_context *lp_ctx = NULL;
1071 state.json_output = false;
1072 state.resolve_uids = false;
1076 ok = samba_cmdline_init(frame,
1077 SAMBA_CMDLINE_CONFIG_CLIENT,
1078 false /* require_smbconf */);
1080 DBG_ERR("Failed to init cmdline parser!\n");
1084 lp_ctx = samba_cmdline_get_lp_ctx();
1085 lpcfg_set_cmdline(lp_ctx, "log level", "0");
1087 pc = samba_popt_get_context(getprogname(),
1091 POPT_CONTEXT_KEEP_FIRST);
1093 DBG_ERR("Failed to setup popt context!\n");
1098 while ((c = poptGetNextOpt(pc)) != -1) {
1101 processes_only = true;
1119 Ucrit_addUid(nametouid(poptGetOptArg(pc)));
1129 numeric_only = true;
1132 state.json_output = true;
1137 case OPT_RESOLVE_UIDS:
1138 state.resolve_uids = true;
1140 case POPT_ERROR_BADOPT:
1141 fprintf(stderr, "\nInvalid option %s: %s\n\n",
1142 poptBadOption(pc, 0), poptStrerror(c));
1143 poptPrintUsage(pc, stderr, 0);
1151 state.root_json = json_new_object();
1152 if (!json_is_invalid(&state.root_json)) {
1153 add_general_information_to_json(&state);
1155 #else /* HAVE_JANSSON */
1156 if (state.json_output) {
1157 fprintf(stderr, "JSON support not available, please install lib Jansson\n");
1160 #endif /* HAVE_JANSSON */
1162 if (getuid() != geteuid()) {
1163 fprintf(stderr, "smbstatus should not be run setuid\n");
1168 if (getuid() != 0) {
1169 fprintf(stderr, "smbstatus only works as root!\n");
1174 /* setup the flags based on the possible combincations */
1176 show_processes = !(shares_only || locks_only || profile_only) || processes_only;
1177 show_locks = !(shares_only || processes_only || profile_only) || locks_only;
1178 show_shares = !(processes_only || locks_only || profile_only) || shares_only;
1181 Ucrit_addUid( nametouid(username) );
1183 if (verbose && !state.json_output) {
1184 d_printf("using configfile = %s\n", get_dyn_CONFIGFILE());
1187 msg_ctx = cmdline_messaging_context(get_dyn_CONFIGFILE());
1188 if (msg_ctx == NULL) {
1189 fprintf(stderr, "Could not initialize messaging, not root?\n");
1194 switch (profile_only) {
1196 /* Dump profile data */
1197 ok = status_profile_dump(verbose, &state);
1201 /* Continuously display rate-converted data */
1202 if (!state.json_output) {
1203 ok = status_profile_rates(verbose);
1206 fprintf(stderr, "Call rates not available in a json output.\n");
1214 if ( show_processes ) {
1215 prepare_sessionid(&state);
1216 sessionid_traverse_read(traverse_sessionid, &state);
1218 if (processes_only) {
1223 if ( show_shares ) {
1227 prepare_connections(&state);
1228 connections_forall_read(traverse_connections, &state);
1230 if (!state.json_output) {
1234 if ( shares_only ) {
1241 struct db_context *db;
1243 db_path = lock_path(talloc_tos(), "locking.tdb");
1244 if (db_path == NULL) {
1245 fprintf(stderr, "Out of memory - exiting\n");
1250 db = db_open(NULL, db_path, 0,
1251 TDB_CLEAR_IF_FIRST|TDB_INCOMPATIBLE_HASH, O_RDONLY, 0,
1252 DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);
1255 fprintf(stderr, "%s not initialised\n", db_path);
1256 fprintf(stderr, "This is normal if an SMB client has never "
1257 "connected to your server.\n");
1258 TALLOC_FREE(db_path);
1263 TALLOC_FREE(db_path);
1266 if (!locking_init_readonly()) {
1267 fprintf(stderr, "Can't initialise locking module - exiting\n");
1272 prepare_share_mode(&state);
1273 result = share_entry_forall(print_share_mode, &state);
1275 if (result == 0 && !state.json_output) {
1276 fprintf(stderr, "No locked files\n");
1277 } else if (result < 0 && !state.json_output) {
1278 fprintf(stderr, "locked file list truncated\n");
1281 if (!state.json_output) {
1286 prepare_brl(&state);
1287 brl_forall(print_brl, &state);
1294 prepare_notify(&state);
1295 notify_walk(msg_ctx, print_notify_rec, &state);
1299 cmdline_messaging_context_free();
1300 poptFreeContext(pc);
1302 if (state.json_output) {
1303 d_printf("%s\n", json_to_string(frame, &state.root_json));
1305 json_free(&state.root_json);
1306 #endif /* HAVE_JANSSON */