2 Unix SMB/CIFS implementation.
3 Main SMB server routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Martin Pool 2002
6 Copyright (C) Jelmer Vernooij 2002-2003
7 Copyright (C) Volker Lendecke 1993-2007
8 Copyright (C) Jeremy Allison 1993-2007
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include "system/filesys.h"
26 #include "popt_common.h"
27 #include "smbd/smbd.h"
28 #include "smbd/globals.h"
29 #include "registry/reg_init_full.h"
30 #include "libcli/auth/schannel.h"
32 #include "../lib/util/memcache.h"
33 #include "ctdbd_conn.h"
34 #include "util_cluster.h"
35 #include "printing/queue_process.h"
36 #include "rpc_server/rpc_service_setup.h"
37 #include "rpc_server/rpc_config.h"
42 #include "smbprofile.h"
43 #include "lib/id_cache.h"
44 #include "lib/param/param.h"
45 #include "lib/background.h"
46 #include "lib/conn_tdb.h"
47 #include "../lib/util/pidfile.h"
48 #include "lib/smbd_shim.h"
49 #include "scavenger.h"
51 struct smbd_open_socket;
52 struct smbd_child_pid;
54 struct smbd_parent_context {
57 struct tevent_context *ev_ctx;
58 struct messaging_context *msg_ctx;
60 /* the list of listening sockets */
61 struct smbd_open_socket *sockets;
63 /* the list of current child processes */
64 struct smbd_child_pid *children;
67 struct tevent_timer *cleanup_te;
70 struct smbd_open_socket {
71 struct smbd_open_socket *prev, *next;
72 struct smbd_parent_context *parent;
74 struct tevent_fd *fde;
77 struct smbd_child_pid {
78 struct smbd_child_pid *prev, *next;
82 extern void start_epmd(struct tevent_context *ev_ctx,
83 struct messaging_context *msg_ctx);
85 extern void start_lsasd(struct tevent_context *ev_ctx,
86 struct messaging_context *msg_ctx);
89 extern int dcelogin_atmost_once;
92 /*******************************************************************
93 What to do when smb.conf is updated.
94 ********************************************************************/
96 static void smbd_parent_conf_updated(struct messaging_context *msg,
99 struct server_id server_id,
102 struct tevent_context *ev_ctx =
103 talloc_get_type_abort(private_data, struct tevent_context);
105 DEBUG(10,("smbd_parent_conf_updated: Got message saying smb.conf was "
106 "updated. Reloading.\n"));
107 change_to_root_user();
108 reload_services(NULL, NULL, false);
109 printing_subsystem_update(ev_ctx, msg, false);
112 /*******************************************************************
113 Delete a statcache entry.
114 ********************************************************************/
116 static void smb_stat_cache_delete(struct messaging_context *msg,
119 struct server_id server_id,
122 const char *name = (const char *)data->data;
123 DEBUG(10,("smb_stat_cache_delete: delete name %s\n", name));
124 stat_cache_delete(name);
127 /****************************************************************************
128 Send a SIGTERM to our process group.
129 *****************************************************************************/
131 static void killkids(void)
133 if(am_parent) kill(0,SIGTERM);
136 static void msg_exit_server(struct messaging_context *msg,
139 struct server_id server_id,
142 DEBUG(3, ("got a SHUTDOWN message\n"));
143 exit_server_cleanly(NULL);
147 static void msg_inject_fault(struct messaging_context *msg,
150 struct server_id src,
155 if (data->length != sizeof(sig)) {
156 DEBUG(0, ("Process %s sent bogus signal injection request\n",
157 procid_str_static(&src)));
161 sig = *(int *)data->data;
163 exit_server("internal error injected");
168 DEBUG(0, ("Process %s requested injection of signal %d (%s)\n",
169 procid_str_static(&src), sig, strsignal(sig)));
171 DEBUG(0, ("Process %s requested injection of signal %d\n",
172 procid_str_static(&src), sig));
177 #endif /* DEVELOPER */
179 static NTSTATUS messaging_send_to_children(struct messaging_context *msg_ctx,
180 uint32_t msg_type, DATA_BLOB* data)
183 struct smbd_parent_context *parent = am_parent;
184 struct smbd_child_pid *child;
186 if (parent == NULL) {
187 return NT_STATUS_INTERNAL_ERROR;
190 for (child = parent->children; child != NULL; child = child->next) {
191 status = messaging_send(parent->msg_ctx,
192 pid_to_procid(child->pid),
194 if (!NT_STATUS_IS_OK(status)) {
201 static void smb_parent_send_to_children(struct messaging_context *ctx,
204 struct server_id srv_id,
207 messaging_send_to_children(ctx, msg_type, msg_data);
211 * Parent smbd process sets its own debug level first and then
212 * sends a message to all the smbd children to adjust their debug
213 * level to that of the parent.
216 static void smbd_msg_debug(struct messaging_context *msg_ctx,
219 struct server_id server_id,
222 debug_message(msg_ctx, private_data, MSG_DEBUG, server_id, data);
224 messaging_send_to_children(msg_ctx, MSG_DEBUG, data);
227 static void smbd_parent_id_cache_kill(struct messaging_context *msg_ctx,
230 struct server_id server_id,
233 const char *msg = (data && data->data)
234 ? (const char *)data->data : "<NULL>";
235 struct id_cache_ref id;
237 if (!id_cache_ref_parse(msg, &id)) {
238 DEBUG(0, ("Invalid ?ID: %s\n", msg));
242 id_cache_delete_from_cache(&id);
244 messaging_send_to_children(msg_ctx, msg_type, data);
247 static void smbd_parent_id_cache_delete(struct messaging_context *ctx,
250 struct server_id srv_id,
253 id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
255 messaging_send_to_children(ctx, msg_type, msg_data);
258 struct smbd_parent_notify_state {
259 struct tevent_context *ev;
260 struct messaging_context *msg;
262 struct notify_context *notify;
265 static int smbd_parent_notify_cleanup(void *private_data);
266 static void smbd_parent_notify_cleanup_done(struct tevent_req *req);
267 static void smbd_parent_notify_proxy_done(struct tevent_req *req);
269 static bool smbd_parent_notify_init(TALLOC_CTX *mem_ctx,
270 struct messaging_context *msg,
271 struct tevent_context *ev)
273 struct smbd_parent_notify_state *state;
274 struct tevent_req *req;
276 state = talloc(mem_ctx, struct smbd_parent_notify_state);
282 state->msgtype = MSG_SMB_NOTIFY_CLEANUP;
284 state->notify = notify_init(state, msg, ev);
285 if (state->notify == NULL) {
288 req = background_job_send(
289 state, state->ev, state->msg, &state->msgtype, 1,
290 lp_parm_int(-1, "smbd", "notify cleanup interval", 60),
291 smbd_parent_notify_cleanup, state->notify);
295 tevent_req_set_callback(req, smbd_parent_notify_cleanup_done, state);
297 if (!lp_clustering()) {
301 req = notify_cluster_proxy_send(state, ev, state->notify);
305 tevent_req_set_callback(req, smbd_parent_notify_proxy_done, state);
313 static int smbd_parent_notify_cleanup(void *private_data)
315 struct notify_context *notify = talloc_get_type_abort(
316 private_data, struct notify_context);
317 notify_cleanup(notify);
318 return lp_parm_int(-1, "smbd", "notify cleanup interval", 60);
321 static void smbd_parent_notify_cleanup_done(struct tevent_req *req)
323 struct smbd_parent_notify_state *state = tevent_req_callback_data(
324 req, struct smbd_parent_notify_state);
327 status = background_job_recv(req);
329 DEBUG(1, ("notify cleanup job ended with %s\n", nt_errstr(status)));
332 * Provide self-healing: Whatever the error condition was, it
333 * will have printed it into log.smbd. Just retrying and
334 * spamming log.smbd once a minute should be fine.
336 req = background_job_send(
337 state, state->ev, state->msg, &state->msgtype, 1, 60,
338 smbd_parent_notify_cleanup, state->notify);
340 DEBUG(1, ("background_job_send failed\n"));
343 tevent_req_set_callback(req, smbd_parent_notify_cleanup_done, state);
346 static void smbd_parent_notify_proxy_done(struct tevent_req *req)
350 ret = notify_cluster_proxy_recv(req);
352 DEBUG(1, ("notify proxy job ended with %s\n", strerror(ret)));
355 static void add_child_pid(struct smbd_parent_context *parent,
358 struct smbd_child_pid *child;
360 child = talloc_zero(parent, struct smbd_child_pid);
362 DEBUG(0, ("Could not add child struct -- malloc failed\n"));
366 DLIST_ADD(parent->children, child);
367 parent->num_children += 1;
370 static void smb_tell_num_children(struct messaging_context *ctx, void *data,
371 uint32_t msg_type, struct server_id srv_id,
374 uint8_t buf[sizeof(uint32_t)];
377 SIVAL(buf, 0, am_parent->num_children);
378 messaging_send_buf(ctx, srv_id, MSG_SMB_NUM_CHILDREN,
385 at most every smbd:cleanuptime seconds (default 20), we scan the BRL
386 and locking database for entries to cleanup. As a side effect this
387 also cleans up dead entries in the connections database (due to the
388 traversal in message_send_all()
390 Using a timer for this prevents a flood of traversals when a large
391 number of clients disconnect at the same time (perhaps due to a
395 static void cleanup_timeout_fn(struct tevent_context *event_ctx,
396 struct tevent_timer *te,
400 struct smbd_parent_context *parent =
401 talloc_get_type_abort(private_data,
402 struct smbd_parent_context);
404 parent->cleanup_te = NULL;
406 DEBUG(1,("Cleaning up brl and lock database after unclean shutdown\n"));
407 message_send_all(parent->msg_ctx, MSG_SMB_UNLOCK, NULL, 0, NULL);
408 messaging_send_buf(parent->msg_ctx,
409 messaging_server_id(parent->msg_ctx),
410 MSG_SMB_BRL_VALIDATE, NULL, 0);
413 static void remove_child_pid(struct smbd_parent_context *parent,
415 bool unclean_shutdown)
417 struct smbd_child_pid *child;
418 struct server_id child_id;
421 child_id = pid_to_procid(pid);
423 ret = messaging_cleanup(parent->msg_ctx, pid);
425 if ((ret != 0) && (ret != ENOENT)) {
426 DEBUG(10, ("%s: messaging_cleanup returned %s\n",
427 __func__, ret ? strerror(ret) : "ok"));
430 for (child = parent->children; child != NULL; child = child->next) {
431 if (child->pid == pid) {
432 struct smbd_child_pid *tmp = child;
433 DLIST_REMOVE(parent->children, child);
435 parent->num_children -= 1;
441 /* not all forked child processes are added to the children list */
442 DEBUG(2, ("Could not find child %d -- ignoring\n", (int)pid));
446 if (unclean_shutdown) {
447 /* a child terminated uncleanly so tickle all
448 processes to see if they can grab any of the
451 DEBUG(3,(__location__ " Unclean shutdown of pid %u\n",
453 if (parent->cleanup_te == NULL) {
454 /* call the cleanup timer, but not too often */
455 int cleanup_time = lp_parm_int(-1, "smbd", "cleanuptime", 20);
456 parent->cleanup_te = tevent_add_timer(parent->ev_ctx,
458 timeval_current_ofs(cleanup_time, 0),
461 DEBUG(1,("Scheduled cleanup of brl and lock database after unclean shutdown\n"));
465 if (!serverid_deregister(child_id)) {
466 DEBUG(1, ("Could not remove pid %d from serverid.tdb\n",
471 /****************************************************************************
472 Have we reached the process limit ?
473 ****************************************************************************/
475 static bool allowable_number_of_smbd_processes(struct smbd_parent_context *parent)
477 int max_processes = lp_max_smbd_processes();
482 return parent->num_children < max_processes;
485 static void smbd_sig_chld_handler(struct tevent_context *ev,
486 struct tevent_signal *se,
494 struct smbd_parent_context *parent =
495 talloc_get_type_abort(private_data,
496 struct smbd_parent_context);
498 while ((pid = sys_waitpid(-1, &status, WNOHANG)) > 0) {
499 bool unclean_shutdown = False;
501 /* If the child terminated normally, assume
502 it was an unclean shutdown unless the
505 if (WIFEXITED(status)) {
506 unclean_shutdown = WEXITSTATUS(status);
508 /* If the child terminated due to a signal
509 we always assume it was unclean.
511 if (WIFSIGNALED(status)) {
512 unclean_shutdown = True;
514 remove_child_pid(parent, pid, unclean_shutdown);
518 static void smbd_setup_sig_chld_handler(struct smbd_parent_context *parent)
520 struct tevent_signal *se;
522 se = tevent_add_signal(parent->ev_ctx,
523 parent, /* mem_ctx */
525 smbd_sig_chld_handler,
528 exit_server("failed to setup SIGCHLD handler");
532 static void smbd_open_socket_close_fn(struct tevent_context *ev,
533 struct tevent_fd *fde,
537 /* this might be the socket_wrapper swrap_close() */
541 static void smbd_accept_connection(struct tevent_context *ev,
542 struct tevent_fd *fde,
546 struct smbd_open_socket *s = talloc_get_type_abort(private_data,
547 struct smbd_open_socket);
548 struct messaging_context *msg_ctx = s->parent->msg_ctx;
549 struct sockaddr_storage addr;
550 socklen_t in_addrlen = sizeof(addr);
555 fd = accept(s->fd, (struct sockaddr *)(void *)&addr,&in_addrlen);
556 if (fd == -1 && errno == EINTR)
560 DEBUG(0,("accept: %s\n",
565 if (s->parent->interactive) {
566 reinit_after_fork(msg_ctx, ev, true);
567 smbd_process(ev, msg_ctx, fd, true);
568 exit_server_cleanly("end of interactive mode");
572 if (!allowable_number_of_smbd_processes(s->parent)) {
578 * Generate a unique id in the parent process so that we use
579 * the global random state in the parent.
581 unique_id = serverid_get_random_unique_id();
585 NTSTATUS status = NT_STATUS_OK;
591 * Can't use TALLOC_FREE here. Nulling out the argument to it
592 * would overwrite memory we've just freed.
594 talloc_free(s->parent);
597 set_my_unique_id(unique_id);
599 /* Stop zombies, the parent explicitly handles
600 * them, counting worker smbds. */
603 status = reinit_after_fork(msg_ctx,
606 if (!NT_STATUS_IS_OK(status)) {
607 if (NT_STATUS_EQUAL(status,
608 NT_STATUS_TOO_MANY_OPENED_FILES)) {
609 DEBUG(0,("child process cannot initialize "
610 "because too many files are open\n"));
613 if (lp_clustering() &&
614 NT_STATUS_EQUAL(status,
615 NT_STATUS_INTERNAL_DB_ERROR)) {
616 DEBUG(1,("child process cannot initialize "
617 "because connection to CTDB "
622 DEBUG(0,("reinit_after_fork() failed\n"));
623 smb_panic("reinit_after_fork() failed");
626 smbd_process(ev, msg_ctx, fd, false);
628 exit_server_cleanly("end of child");
633 DEBUG(0,("smbd_accept_connection: fork() failed: %s\n",
637 /* The parent doesn't need this socket */
640 /* Sun May 6 18:56:14 2001 ackley@cs.unm.edu:
641 Clear the closed fd info out of server_fd --
642 and more importantly, out of client_fd in
643 util_sock.c, to avoid a possible
644 getpeername failure if we reopen the logs
645 and use %I in the filename.
649 add_child_pid(s->parent, pid);
652 /* Force parent to check log size after
653 * spawning child. Fix from
654 * klausr@ITAP.Physik.Uni-Stuttgart.De. The
655 * parent smbd will log to logserver.smb. It
656 * writes only two messages for each child
657 * started/finished. But each child writes,
658 * say, 50 messages also in logserver.smb,
659 * begining with the debug_count of the
660 * parent, before the child opens its own log
661 * file logserver.client. In a worst case
662 * scenario the size of logserver.smb would be
663 * checked after about 50*50=2500 messages
666 force_check_log_size();
669 static bool smbd_open_one_socket(struct smbd_parent_context *parent,
670 struct tevent_context *ev_ctx,
671 const struct sockaddr_storage *ifss,
674 struct smbd_open_socket *s;
676 s = talloc(parent, struct smbd_open_socket);
682 s->fd = open_socket_in(SOCK_STREAM,
684 parent->sockets == NULL ? 0 : 2,
688 DEBUG(0,("smbd_open_once_socket: open_socket_in: "
689 "%s\n", strerror(errno)));
692 * We ignore an error here, as we've done before
697 /* ready to listen */
698 set_socket_options(s->fd, "SO_KEEPALIVE");
699 set_socket_options(s->fd, lp_socket_options());
701 /* Set server socket to
702 * non-blocking for the accept. */
703 set_blocking(s->fd, False);
705 if (listen(s->fd, SMBD_LISTEN_BACKLOG) == -1) {
706 DEBUG(0,("open_sockets_smbd: listen: "
707 "%s\n", strerror(errno)));
713 s->fde = tevent_add_fd(ev_ctx,
715 s->fd, TEVENT_FD_READ,
716 smbd_accept_connection,
719 DEBUG(0,("open_sockets_smbd: "
720 "tevent_add_fd: %s\n",
726 tevent_fd_set_close_fn(s->fde, smbd_open_socket_close_fn);
728 DLIST_ADD_END(parent->sockets, s, struct smbd_open_socket *);
733 /****************************************************************************
734 Open the socket communication.
735 ****************************************************************************/
737 static bool open_sockets_smbd(struct smbd_parent_context *parent,
738 struct tevent_context *ev_ctx,
739 struct messaging_context *msg_ctx,
740 const char *smb_ports)
742 int num_interfaces = iface_count();
745 unsigned dns_port = 0;
752 smbd_setup_sig_chld_handler(parent);
754 ports = lp_smb_ports();
756 /* use a reasonable default set of ports - listing on 445 and 139 */
758 ports = (const char **)str_list_make_v3(talloc_tos(), smb_ports, NULL);
761 for (j = 0; ports && ports[j]; j++) {
762 unsigned port = atoi(ports[j]);
764 if (port == 0 || port > 0xffff) {
765 exit_server_cleanly("Invalid port in the config or on "
766 "the commandline specified!");
770 if (lp_interfaces() && lp_bind_interfaces_only()) {
771 /* We have been given an interfaces line, and been
772 told to only bind to those interfaces. Create a
773 socket per interface and bind to only these.
776 /* Now open a listen socket for each of the
778 for(i = 0; i < num_interfaces; i++) {
779 const struct sockaddr_storage *ifss =
780 iface_n_sockaddr_storage(i);
782 DEBUG(0,("open_sockets_smbd: "
783 "interface %d has NULL IP address !\n",
788 for (j = 0; ports && ports[j]; j++) {
789 unsigned port = atoi(ports[j]);
791 /* Keep the first port for mDNS service
798 if (!smbd_open_one_socket(parent,
807 /* Just bind to 0.0.0.0 - accept connections
810 const char *sock_addr;
812 const char *sock_ptr;
815 sock_addr = "::,0.0.0.0";
817 sock_addr = "0.0.0.0";
820 for (sock_ptr=sock_addr;
821 next_token_talloc(talloc_tos(), &sock_ptr, &sock_tok, " \t,"); ) {
822 for (j = 0; ports && ports[j]; j++) {
823 struct sockaddr_storage ss;
824 unsigned port = atoi(ports[j]);
826 /* Keep the first port for mDNS service
833 /* open an incoming socket */
834 if (!interpret_string_addr(&ss, sock_tok,
835 AI_NUMERICHOST|AI_PASSIVE)) {
840 * If we fail to open any sockets
841 * in this loop the parent-sockets == NULL
842 * case below will prevent us from starting.
845 (void)smbd_open_one_socket(parent,
853 if (parent->sockets == NULL) {
854 DEBUG(0,("open_sockets_smbd: No "
855 "sockets available to bind to.\n"));
859 /* Setup the main smbd so that we can get messages. Note that
860 do this after starting listening. This is needed as when in
861 clustered mode, ctdb won't allow us to start doing database
862 operations until it has gone thru a full startup, which
863 includes checking to see that smbd is listening. */
865 if (!serverid_register(messaging_server_id(msg_ctx),
866 FLAG_MSG_GENERAL|FLAG_MSG_SMBD
867 |FLAG_MSG_PRINT_GENERAL
869 DEBUG(0, ("open_sockets_smbd: Failed to register "
870 "myself in serverid.tdb\n"));
874 /* Listen to messages */
876 messaging_register(msg_ctx, NULL, MSG_SHUTDOWN, msg_exit_server);
877 messaging_register(msg_ctx, ev_ctx, MSG_SMB_CONF_UPDATED,
878 smbd_parent_conf_updated);
879 messaging_register(msg_ctx, NULL, MSG_SMB_STAT_CACHE_DELETE,
880 smb_stat_cache_delete);
881 messaging_register(msg_ctx, NULL, MSG_DEBUG, smbd_msg_debug);
882 messaging_register(msg_ctx, NULL, MSG_SMB_BRL_VALIDATE,
884 messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS,
885 smb_parent_send_to_children);
886 messaging_register(msg_ctx, NULL, MSG_SMB_KILL_CLIENT_IP,
887 smb_parent_send_to_children);
888 messaging_register(msg_ctx, NULL, MSG_SMB_TELL_NUM_CHILDREN,
889 smb_tell_num_children);
891 messaging_register(msg_ctx, NULL,
892 ID_CACHE_DELETE, smbd_parent_id_cache_delete);
893 messaging_register(msg_ctx, NULL,
894 ID_CACHE_KILL, smbd_parent_id_cache_kill);
896 if (lp_clustering()) {
897 ctdbd_register_reconfigure(messaging_ctdbd_connection());
901 messaging_register(msg_ctx, NULL, MSG_SMB_INJECT_FAULT,
905 if (lp_multicast_dns_register() && (dns_port != 0)) {
906 #ifdef WITH_DNSSD_SUPPORT
907 smbd_setup_mdns_registration(ev_ctx,
910 #ifdef WITH_AVAHI_SUPPORT
913 avahi_conn = avahi_start_register(ev_ctx,
916 if (avahi_conn == NULL) {
917 DEBUG(10, ("avahi_start_register failed\n"));
927 handle stdin becoming readable when we are in --foreground mode
929 static void smbd_stdin_handler(struct tevent_context *ev,
930 struct tevent_fd *fde,
935 if (read(0, &c, 1) != 1) {
936 /* we have reached EOF on stdin, which means the
937 parent has exited. Shutdown the server */
938 exit_server_cleanly("EOF on stdin");
942 struct smbd_parent_tevent_trace_state {
946 static void smbd_parent_tevent_trace_callback(enum tevent_trace_point point,
949 struct smbd_parent_tevent_trace_state *state =
950 (struct smbd_parent_tevent_trace_state *)private_data;
953 case TEVENT_TRACE_BEFORE_WAIT:
955 case TEVENT_TRACE_AFTER_WAIT:
957 case TEVENT_TRACE_BEFORE_LOOP_ONCE:
958 TALLOC_FREE(state->frame);
959 state->frame = talloc_stackframe();
961 case TEVENT_TRACE_AFTER_LOOP_ONCE:
962 TALLOC_FREE(state->frame);
969 static void smbd_parent_loop(struct tevent_context *ev_ctx,
970 struct smbd_parent_context *parent)
972 struct smbd_parent_tevent_trace_state trace_state = {
977 tevent_set_trace_callback(ev_ctx, smbd_parent_tevent_trace_callback,
980 /* now accept incoming connections - forking a new process
981 for each incoming connection */
982 DEBUG(2,("waiting for connections\n"));
984 ret = tevent_loop_wait(ev_ctx);
986 DEBUG(0, ("tevent_loop_wait failed: %d, %s, exiting\n",
987 ret, strerror(errno)));
990 TALLOC_FREE(trace_state.frame);
992 /* NOTREACHED return True; */
996 /****************************************************************************
997 Initialise connect, service and file structs.
998 ****************************************************************************/
1000 static bool init_structs(void )
1003 * Set the machine NETBIOS name if not already
1004 * set from the config file.
1010 if (!secrets_init())
1016 static void smbd_parent_sig_term_handler(struct tevent_context *ev,
1017 struct tevent_signal *se,
1023 exit_server_cleanly("termination signal");
1026 static void smbd_parent_sig_hup_handler(struct tevent_context *ev,
1027 struct tevent_signal *se,
1033 struct smbd_parent_context *parent =
1034 talloc_get_type_abort(private_data,
1035 struct smbd_parent_context);
1037 change_to_root_user();
1038 DEBUG(1,("parent: Reloading services after SIGHUP\n"));
1039 reload_services(NULL, NULL, false);
1041 printing_subsystem_update(parent->ev_ctx, parent->msg_ctx, true);
1044 /****************************************************************************
1046 ****************************************************************************/
1048 /* Declare prototype for build_options() to avoid having to run it through
1049 mkproto.h. Mixing $(builddir) and $(srcdir) source files in the current
1050 prototype generation system is too complicated. */
1052 extern void build_options(bool screen);
1054 int main(int argc,const char *argv[])
1056 /* shall I run as a daemon */
1057 bool is_daemon = false;
1058 bool interactive = false;
1060 bool no_process_group = false;
1061 bool log_stdout = false;
1063 char *profile_level = NULL;
1066 bool print_build_options = False;
1071 OPT_NO_PROCESS_GROUP,
1074 struct poptOption long_options[] = {
1076 {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" },
1077 {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"},
1078 {"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" },
1079 {"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
1080 {"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
1081 {"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" },
1082 {"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"},
1083 {"profiling-level", 'P', POPT_ARG_STRING, &profile_level, 0, "Set profiling level","PROFILE_LEVEL"},
1087 struct smbd_parent_context *parent = NULL;
1090 struct tevent_context *ev_ctx;
1091 struct messaging_context *msg_ctx;
1092 struct server_id server_id;
1093 struct tevent_signal *se;
1094 char *np_dir = NULL;
1095 static const struct smbd_shim smbd_shim_fns =
1097 .cancel_pending_lock_requests_by_fid = smbd_cancel_pending_lock_requests_by_fid,
1098 .send_stat_cache_delete_message = smbd_send_stat_cache_delete_message,
1099 .change_to_root_user = smbd_change_to_root_user,
1100 .become_authenticated_pipe_user = smbd_become_authenticated_pipe_user,
1101 .unbecome_authenticated_pipe_user = smbd_unbecome_authenticated_pipe_user,
1103 .contend_level2_oplocks_begin = smbd_contend_level2_oplocks_begin,
1104 .contend_level2_oplocks_end = smbd_contend_level2_oplocks_end,
1106 .become_root = smbd_become_root,
1107 .unbecome_root = smbd_unbecome_root,
1109 .exit_server = smbd_exit_server,
1110 .exit_server_cleanly = smbd_exit_server_cleanly,
1114 * Do this before any other talloc operation
1116 talloc_enable_null_tracking();
1117 frame = talloc_stackframe();
1119 setup_logging(argv[0], DEBUG_DEFAULT_STDOUT);
1123 set_smbd_shim(&smbd_shim_fns);
1125 smbd_init_globals();
1129 #ifdef HAVE_SET_AUTH_PARAMETERS
1130 set_auth_parameters(argc,argv);
1133 pc = poptGetContext("smbd", argc, argv, long_options, 0);
1134 while((opt = poptGetNextOpt(pc)) != -1) {
1139 case OPT_INTERACTIVE:
1145 case OPT_NO_PROCESS_GROUP:
1146 no_process_group = true;
1148 case OPT_LOG_STDOUT:
1152 print_build_options = True;
1155 d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
1156 poptBadOption(pc, 0), poptStrerror(opt));
1157 poptPrintUsage(pc, stderr, 0);
1161 poptFreeContext(pc);
1169 setup_logging(argv[0], DEBUG_STDOUT);
1171 setup_logging(argv[0], DEBUG_FILE);
1174 if (print_build_options) {
1175 build_options(True); /* Display output to screen as well as debug */
1180 /* needed for SecureWare on SCO */
1184 set_remote_machine_name("smbd", False);
1186 if (interactive && (DEBUGLEVEL >= 9)) {
1187 talloc_enable_leak_report();
1190 if (log_stdout && Fork) {
1191 DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
1195 /* we want to re-seed early to prevent time delays causing
1196 client problems at a later date. (tridge) */
1197 generate_random_buffer(NULL, 0);
1199 /* get initial effective uid and gid */
1202 /* make absolutely sure we run as root - to handle cases where people
1203 are crazy enough to have it setuid */
1204 gain_root_privilege();
1205 gain_root_group_privilege();
1208 dump_core_setup("smbd", lp_logfile(talloc_tos()));
1210 /* we are never interested in SIGPIPE */
1211 BlockSignals(True,SIGPIPE);
1214 /* we are never interested in SIGFPE */
1215 BlockSignals(True,SIGFPE);
1218 #if defined(SIGUSR2)
1219 /* We are no longer interested in USR2 */
1220 BlockSignals(True,SIGUSR2);
1223 /* POSIX demands that signals are inherited. If the invoking process has
1224 * these signals masked, we will have problems, as we won't recieve them. */
1225 BlockSignals(False, SIGHUP);
1226 BlockSignals(False, SIGUSR1);
1227 BlockSignals(False, SIGTERM);
1229 /* Ensure we leave no zombies until we
1230 * correctly set up child handling below. */
1234 /* we want total control over the permissions on created files,
1235 so set our umask to 0 */
1240 DEBUG(0,("smbd version %s started.\n", samba_version_string()));
1241 DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
1243 DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
1244 (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
1246 /* Output the build options to the debug log */
1247 build_options(False);
1249 if (sizeof(uint16) < 2 || sizeof(uint32) < 4) {
1250 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
1254 if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
1255 DEBUG(0, ("error opening config file '%s'\n", get_dyn_CONFIGFILE()));
1259 if (!cluster_probe_ok()) {
1263 /* Init the security context and global current_user */
1267 * Initialize the event context. The event context needs to be
1268 * initialized before the messaging context, cause the messaging
1269 * context holds an event context.
1270 * FIXME: This should be s3_tevent_context_init()
1272 ev_ctx = server_event_context();
1273 if (ev_ctx == NULL) {
1278 * Init the messaging context
1279 * FIXME: This should only call messaging_init()
1281 msg_ctx = server_messaging_context();
1282 if (msg_ctx == NULL) {
1287 * Reloading of the printers will not work here as we don't have a
1288 * server info and rpc services set up. It will be called later.
1290 if (!reload_services(NULL, NULL, false)) {
1294 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC
1295 && !lp_parm_bool(-1, "server role check", "inhibit", false)) {
1296 DEBUG(0, ("server role = 'active directory domain controller' not compatible with running smbd standalone. \n"));
1297 DEBUGADD(0, ("You should start 'samba' instead, and it will control starting smbd if required\n"));
1301 /* ...NOTE... Log files are working from this point! */
1303 DEBUG(3,("loaded services\n"));
1307 if (!profile_setup(msg_ctx, False)) {
1308 DEBUG(0,("ERROR: failed to setup profiling\n"));
1311 if (profile_level != NULL) {
1312 int pl = atoi(profile_level);
1313 struct server_id src;
1315 DEBUG(1, ("setting profiling level: %s\n",profile_level));
1317 set_profile_level(pl, src);
1320 if (!is_daemon && !is_a_socket(0)) {
1322 DEBUG(3, ("Standard input is not a socket, "
1323 "assuming -D option\n"));
1327 * Setting is_daemon here prevents us from eventually calling
1328 * the open_sockets_inetd()
1334 if (is_daemon && !interactive) {
1335 DEBUG(3, ("Becoming a daemon.\n"));
1336 become_daemon(Fork, no_process_group, log_stdout);
1339 set_my_unique_id(serverid_get_random_unique_id());
1343 * If we're interactive we want to set our own process group for
1344 * signal management.
1346 if (interactive && !no_process_group)
1347 setpgid( (pid_t)0, (pid_t)0);
1350 if (!directory_exist(lp_lock_directory()))
1351 mkdir(lp_lock_directory(), 0755);
1353 if (!directory_exist(lp_pid_directory()))
1354 mkdir(lp_pid_directory(), 0755);
1357 pidfile_create(lp_pid_directory(), "smbd");
1359 status = reinit_after_fork(msg_ctx,
1362 if (!NT_STATUS_IS_OK(status)) {
1363 exit_daemon("reinit_after_fork() failed", map_errno_from_nt_status(status));
1368 * Do not initialize the parent-child-pipe before becoming a
1369 * daemon: this is used to detect a died parent in the child
1372 status = init_before_fork();
1373 if (!NT_STATUS_IS_OK(status)) {
1374 exit_daemon(nt_errstr(status), map_errno_from_nt_status(status));
1378 parent = talloc_zero(ev_ctx, struct smbd_parent_context);
1380 exit_server("talloc(struct smbd_parent_context) failed");
1382 parent->interactive = interactive;
1383 parent->ev_ctx = ev_ctx;
1384 parent->msg_ctx = msg_ctx;
1387 se = tevent_add_signal(parent->ev_ctx,
1390 smbd_parent_sig_term_handler,
1393 exit_server("failed to setup SIGTERM handler");
1395 se = tevent_add_signal(parent->ev_ctx,
1398 smbd_parent_sig_hup_handler,
1401 exit_server("failed to setup SIGHUP handler");
1404 /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
1406 if (smbd_memcache() == NULL) {
1407 exit_daemon("no memcache available", EACCES);
1410 memcache_set_global(smbd_memcache());
1412 /* Initialise the password backed before the global_sam_sid
1413 to ensure that we fetch from ldap before we make a domain sid up */
1415 if(!initialize_password_db(false, ev_ctx))
1418 if (!secrets_init()) {
1419 exit_daemon("smbd can not open secrets.tdb", EACCES);
1422 if (lp_server_role() == ROLE_DOMAIN_BDC || lp_server_role() == ROLE_DOMAIN_PDC) {
1423 struct loadparm_context *lp_ctx = loadparm_init_s3(NULL, loadparm_s3_helpers());
1424 if (!open_schannel_session_store(NULL, lp_ctx)) {
1425 exit_daemon("ERROR: Samba cannot open schannel store for secured NETLOGON operations.", EACCES);
1427 TALLOC_FREE(lp_ctx);
1430 if(!get_global_sam_sid()) {
1431 exit_daemon("Samba cannot create a SAM SID", EACCES);
1434 server_id = messaging_server_id(msg_ctx);
1435 status = smbXsrv_version_global_init(&server_id);
1436 if (!NT_STATUS_IS_OK(status)) {
1437 exit_daemon("Samba cannot init server context", EACCES);
1440 status = smbXsrv_session_global_init();
1441 if (!NT_STATUS_IS_OK(status)) {
1442 exit_daemon("Samba cannot init session context", EACCES);
1445 status = smbXsrv_tcon_global_init();
1446 if (!NT_STATUS_IS_OK(status)) {
1447 exit_daemon("Samba cannot init tcon context", EACCES);
1450 if (!locking_init())
1451 exit_daemon("Samba cannot init locking", EACCES);
1453 if (!smbd_parent_notify_init(NULL, msg_ctx, ev_ctx)) {
1454 exit_daemon("Samba cannot init notification", EACCES);
1457 if (!messaging_parent_dgm_cleanup_init(msg_ctx)) {
1461 if (!smbd_scavenger_init(NULL, msg_ctx, ev_ctx)) {
1462 exit_daemon("Samba cannot init scavenging", EACCES);
1465 if (!serverid_parent_init(ev_ctx)) {
1466 exit_daemon("Samba cannot init server id", EACCES);
1469 if (!W_ERROR_IS_OK(registry_init_full()))
1470 exit_daemon("Samba cannot init registry", EACCES);
1472 /* Open the share_info.tdb here, so we don't have to open
1473 after the fork on every single connection. This is a small
1474 performance improvment and reduces the total number of system
1476 if (!share_info_db_init()) {
1477 exit_daemon("ERROR: failed to load share info db.", EACCES);
1480 status = init_system_session_info();
1481 if (!NT_STATUS_IS_OK(status)) {
1482 DEBUG(1, ("ERROR: failed to setup system user info: %s.\n",
1483 nt_errstr(status)));
1487 if (!init_guest_info()) {
1488 DEBUG(0,("ERROR: failed to setup guest info.\n"));
1492 if (!file_init_global()) {
1493 DEBUG(0, ("ERROR: file_init_global() failed\n"));
1496 status = smbXsrv_open_global_init();
1497 if (!NT_STATUS_IS_OK(status)) {
1498 exit_daemon("Samba cannot init global open", map_errno_from_nt_status(status));
1501 /* This MUST be done before start_epmd() because otherwise
1502 * start_epmd() forks and races against dcesrv_ep_setup() to
1503 * call directory_create_or_exist() */
1504 if (!directory_create_or_exist(lp_ncalrpc_dir(), 0755)) {
1505 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
1506 lp_ncalrpc_dir(), strerror(errno)));
1510 np_dir = talloc_asprintf(talloc_tos(), "%s/np", lp_ncalrpc_dir());
1512 DEBUG(0, ("%s: Out of memory\n", __location__));
1516 if (!directory_create_or_exist_strict(np_dir, geteuid(), 0700)) {
1517 DEBUG(0, ("Failed to create pipe directory %s - %s\n",
1518 np_dir, strerror(errno)));
1522 if (is_daemon && !interactive) {
1523 if (rpc_epmapper_daemon() == RPC_DAEMON_FORK) {
1524 start_epmd(ev_ctx, msg_ctx);
1528 if (!dcesrv_ep_setup(ev_ctx, msg_ctx)) {
1529 exit_daemon("Samba cannot setup ep pipe", EACCES);
1532 if (is_daemon && !interactive) {
1533 daemon_ready("smbd");
1536 /* only start other daemons if we are running as a daemon
1537 * -- bad things will happen if smbd is launched via inetd
1538 * and we fork a copy of ourselves here */
1539 if (is_daemon && !interactive) {
1541 if (rpc_lsasd_daemon() == RPC_DAEMON_FORK) {
1542 start_lsasd(ev_ctx, msg_ctx);
1545 if (!lp__disable_spoolss() &&
1546 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
1547 bool bgq = lp_parm_bool(-1, "smbd", "backgroundqueue", true);
1549 if (!printing_subsystem_init(ev_ctx, msg_ctx, true, bgq)) {
1550 exit_daemon("Samba failed to init printing subsystem", EACCES);
1553 } else if (!lp__disable_spoolss() &&
1554 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
1555 if (!printing_subsystem_init(ev_ctx, msg_ctx, false, false)) {
1566 /* Started from inetd. fd 0 is the socket. */
1567 /* We will abort gracefully when the client or remote system
1571 /* close stdin, stdout (if not logging to it), but not stderr */
1572 close_low_fds(true, !debug_get_output_is_stdout(), false);
1579 smbd_setup_sig_chld_handler(parent);
1581 smbd_process(ev_ctx, msg_ctx, sock, true);
1583 exit_server_cleanly(NULL);
1587 if (!open_sockets_smbd(parent, ev_ctx, msg_ctx, ports))
1588 exit_server("open_sockets_smbd() failed");
1590 /* do a printer update now that all messaging has been set up,
1591 * before we allow clients to start connecting */
1592 if (!lp__disable_spoolss() &&
1593 (rpc_spoolss_daemon() != RPC_DAEMON_DISABLED)) {
1594 printing_subsystem_update(ev_ctx, msg_ctx, false);
1598 /* make sure we always have a valid stackframe */
1599 frame = talloc_stackframe();
1602 /* if we are running in the foreground then look for
1603 EOF on stdin, and exit if it happens. This allows
1604 us to die if the parent process dies
1605 Only do this on a pipe or socket, no other device.
1608 if (fstat(0, &st) != 0) {
1611 if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
1612 tevent_add_fd(ev_ctx,
1621 smbd_parent_loop(ev_ctx, parent);
1623 exit_server_cleanly(NULL);