2 Unix SMB/CIFS implementation.
4 Main SMB server routines
6 Copyright (C) Andrew Tridgell 1992-2005
7 Copyright (C) Martin Pool 2002
8 Copyright (C) Jelmer Vernooij 2002
9 Copyright (C) James J Myers 2003 <myersjj@samba.org>
11 This program is free software; you can redistribute it and/or modify
12 it under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 3 of the License, or
14 (at your option) any later version.
16 This program is distributed in the hope that it will be useful,
17 but WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 GNU General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with this program. If not, see <http://www.gnu.org/licenses/>.
26 #include "lib/events/events.h"
28 #include "lib/cmdline/popt_common.h"
29 #include "system/dir.h"
30 #include "system/filesys.h"
31 #include "auth/gensec/gensec.h"
32 #include "libcli/auth/schannel.h"
33 #include "smbd/process_model.h"
34 #include "param/secrets.h"
35 #include "lib/util/pidfile.h"
36 #include "param/param.h"
37 #include "dsdb/samdb/samdb.h"
38 #include "auth/session.h"
39 #include "lib/messaging/irpc.h"
40 #include "librpc/gen_ndr/ndr_irpc.h"
41 #include "cluster/cluster.h"
42 #include "dynconfig/dynconfig.h"
43 #include "lib/util/samba_modules.h"
44 #include "nsswitch/winbind_client.h"
45 #include "libds/common/roles.h"
48 recursively delete a directory tree
50 static void recursive_delete(const char *path)
60 for (de=readdir(dir);de;de=readdir(dir)) {
64 if (ISDOT(de->d_name) || ISDOTDOT(de->d_name)) {
68 fname = talloc_asprintf(path, "%s/%s", path, de->d_name);
69 if (stat(fname, &st) != 0) {
72 if (S_ISDIR(st.st_mode)) {
73 recursive_delete(fname);
77 if (unlink(fname) != 0) {
78 DEBUG(0,("Unabled to delete '%s' - %s\n",
79 fname, strerror(errno)));
80 smb_panic("unable to cleanup tmp files");
88 cleanup temporary files. This is the new alternative to
89 TDB_CLEAR_IF_FIRST. Unfortunately TDB_CLEAR_IF_FIRST is not
90 efficient on unix systems due to the lack of scaling of the byte
91 range locking system. So instead of putting the burden on tdb to
92 cleanup tmp files, this function deletes them.
94 static void cleanup_tmp_files(struct loadparm_context *lp_ctx)
97 TALLOC_CTX *mem_ctx = talloc_new(NULL);
99 path = smbd_tmp_path(mem_ctx, lp_ctx, NULL);
101 recursive_delete(path);
102 talloc_free(mem_ctx);
105 static void sig_hup(int sig)
107 debug_schedule_reopen_logs();
110 static void sig_term(int sig)
113 static int done_sigterm;
114 if (done_sigterm == 0 && getpgrp() == getpid()) {
115 DEBUG(0,("SIGTERM: killing children\n"));
117 kill(-getpgrp(), SIGTERM);
120 DEBUG(0,("Exiting pid %d on SIGTERM\n", (int)getpid()));
127 static void setup_signals(void)
129 /* we are never interested in SIGPIPE */
130 BlockSignals(true,SIGPIPE);
133 /* we are never interested in SIGFPE */
134 BlockSignals(true,SIGFPE);
137 /* We are no longer interested in USR1 */
138 BlockSignals(true, SIGUSR1);
141 /* We are no longer interested in USR2 */
142 BlockSignals(true,SIGUSR2);
145 /* POSIX demands that signals are inherited. If the invoking process has
146 * these signals masked, we will have problems,
147 * as we won't receive them. */
148 BlockSignals(false, SIGHUP);
149 BlockSignals(false, SIGTERM);
151 CatchSignal(SIGHUP, sig_hup);
152 CatchSignal(SIGTERM, sig_term);
158 static void server_stdin_handler(struct tevent_context *event_ctx,
159 struct tevent_fd *fde,
163 const char *binary_name = (const char *)private_data;
165 if (read(0, &c, 1) == 0) {
166 DEBUG(0,("%s: EOF on stdin - PID %d terminating\n",
167 binary_name, (int)getpid()));
169 if (getpgrp() == getpid()) {
170 DEBUG(0,("Sending SIGTERM from pid %d\n",
172 kill(-getpgrp(), SIGTERM);
180 die if the user selected maximum runtime is exceeded
182 _NORETURN_ static void max_runtime_handler(struct tevent_context *ev,
183 struct tevent_timer *te,
184 struct timeval t, void *private_data)
186 const char *binary_name = (const char *)private_data;
187 DEBUG(0,("%s: maximum runtime exceeded - "
188 "terminating PID %d at %llu, current ts: %llu\n",
191 (unsigned long long)t.tv_sec,
192 (unsigned long long)time(NULL)));
197 pre-open the key databases. This saves a lot of time in child
200 static void prime_ldb_databases(struct tevent_context *event_ctx)
202 TALLOC_CTX *db_context;
203 db_context = talloc_new(event_ctx);
205 samdb_connect(db_context,
208 system_session(cmdline_lp_ctx),
210 privilege_connect(db_context, cmdline_lp_ctx);
212 /* we deliberately leave these open, which allows them to be
213 * re-used in ldb_wrap_connect() */
218 called when a fatal condition occurs in a child task
220 static NTSTATUS samba_terminate(struct irpc_message *msg,
221 struct samba_terminate *r)
223 DEBUG(0,("samba_terminate of %d: %s\n",
224 (int)getpid(), r->in.reason));
229 setup messaging for the top level samba (parent) task
231 static NTSTATUS setup_parent_messaging(struct tevent_context *event_ctx,
232 struct loadparm_context *lp_ctx)
234 struct imessaging_context *msg;
237 msg = imessaging_init(talloc_autofree_context(),
239 cluster_id(0, SAMBA_PARENT_TASKID), event_ctx);
240 NT_STATUS_HAVE_NO_MEMORY(msg);
242 status = irpc_add_name(msg, "samba");
243 if (!NT_STATUS_IS_OK(status)) {
247 status = IRPC_REGISTER(msg, irpc, SAMBA_TERMINATE,
248 samba_terminate, NULL);
257 static void show_build(void)
259 #define CONFIG_OPTION(n) { #n, dyn_ ## n }
263 } config_options[] = {
264 CONFIG_OPTION(BINDIR),
265 CONFIG_OPTION(SBINDIR),
266 CONFIG_OPTION(CONFIGFILE),
267 CONFIG_OPTION(NCALRPCDIR),
268 CONFIG_OPTION(LOGFILEBASE),
269 CONFIG_OPTION(LMHOSTSFILE),
270 CONFIG_OPTION(DATADIR),
271 CONFIG_OPTION(MODULESDIR),
272 CONFIG_OPTION(LOCKDIR),
273 CONFIG_OPTION(STATEDIR),
274 CONFIG_OPTION(CACHEDIR),
275 CONFIG_OPTION(PIDDIR),
276 CONFIG_OPTION(PRIVATE_DIR),
277 CONFIG_OPTION(CODEPAGEDIR),
278 CONFIG_OPTION(SETUPDIR),
279 CONFIG_OPTION(WINBINDD_SOCKET_DIR),
280 CONFIG_OPTION(NTP_SIGND_SOCKET_DIR),
285 printf("Samba version: %s\n", SAMBA_VERSION_STRING);
286 printf("Build environment:\n");
288 printf(" Build host: %s\n", BUILD_SYSTEM);
292 for (i=0; config_options[i].name; i++) {
294 config_options[i].name,
295 config_options[i].value);
301 static int event_ctx_destructor(struct tevent_context *event_ctx)
303 imessaging_dgm_unref_all();
310 static int binary_smbd_main(const char *binary_name,
314 bool opt_daemon = false;
315 bool opt_interactive = false;
318 #define _MODULE_PROTO(init) extern NTSTATUS init(void);
319 STATIC_service_MODULES_PROTO;
320 init_module_fn static_init[] = { STATIC_service_MODULES };
321 init_module_fn *shared_init;
322 struct tevent_context *event_ctx;
323 uint16_t stdin_event_flags;
325 const char *model = "standard";
334 struct poptOption long_options[] = {
336 {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
337 "Become a daemon (default)", NULL },
338 {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
339 "Run interactive (not a daemon)", NULL},
340 {"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
341 "Select process model", "MODEL"},
342 {"maximum-runtime",0, POPT_ARG_INT, &max_runtime, 0,
343 "set maximum runtime of the server process, "
344 "till autotermination", "seconds"},
345 {"show-build", 'b', POPT_ARG_NONE, NULL, OPT_SHOW_BUILD,
346 "show build info", NULL },
352 pc = poptGetContext(binary_name, argc, argv, long_options, 0);
353 while((opt = poptGetNextOpt(pc)) != -1) {
358 case OPT_INTERACTIVE:
359 opt_interactive = true;
361 case OPT_PROCESS_MODEL:
362 model = poptGetOptArg(pc);
368 fprintf(stderr, "\nInvalid option %s: %s\n\n",
369 poptBadOption(pc, 0), poptStrerror(opt));
370 poptPrintUsage(pc, stderr, 0);
375 if (opt_daemon && opt_interactive) {
376 fprintf(stderr,"\nERROR: "
377 "Option -i|--interactive is "
378 "not allowed together with -D|--daemon\n\n");
379 poptPrintUsage(pc, stderr, 0);
381 } else if (!opt_interactive) {
382 /* default is --daemon */
388 talloc_enable_null_tracking();
390 setup_logging(binary_name, opt_interactive?DEBUG_STDOUT:DEBUG_FILE);
393 /* we want total control over the permissions on created files,
394 so set our umask to 0 */
397 DEBUG(0,("%s version %s started.\n",
399 SAMBA_VERSION_STRING));
400 DEBUGADD(0,("Copyright Andrew Tridgell and the Samba Team"
403 if (sizeof(uint16_t) < 2 ||
404 sizeof(uint32_t) < 4 ||
405 sizeof(uint64_t) < 8) {
406 DEBUG(0,("ERROR: Samba is not configured correctly "
407 "for the word size on your machine\n"));
408 DEBUGADD(0,("sizeof(uint16_t) = %u, sizeof(uint32_t) %u, "
409 "sizeof(uint64_t) = %u\n",
410 (unsigned int)sizeof(uint16_t),
411 (unsigned int)sizeof(uint32_t),
412 (unsigned int)sizeof(uint64_t)));
417 DEBUG(3,("Becoming a daemon.\n"));
418 become_daemon(true, false, false);
421 cleanup_tmp_files(cmdline_lp_ctx);
423 if (!directory_exist(lpcfg_lock_directory(cmdline_lp_ctx))) {
424 mkdir(lpcfg_lock_directory(cmdline_lp_ctx), 0755);
427 pidfile_create(lpcfg_pid_directory(cmdline_lp_ctx), binary_name);
429 if (lpcfg_server_role(cmdline_lp_ctx) == ROLE_ACTIVE_DIRECTORY_DC) {
430 if (!open_schannel_session_store(talloc_autofree_context(),
432 exit_daemon("Samba cannot open schannel store "
433 "for secured NETLOGON operations.", EACCES);
437 /* make sure we won't go through nss_winbind */
438 if (!winbind_off()) {
439 exit_daemon("Samba failed to disable recusive "
440 "winbindd calls.", EACCES);
443 gensec_init(); /* FIXME: */
445 process_model_init(cmdline_lp_ctx);
447 shared_init = load_samba_modules(NULL, "service");
449 run_init_functions(static_init);
450 run_init_functions(shared_init);
452 talloc_free(shared_init);
454 /* the event context is the top level structure in smbd. Everything else
455 should hang off that */
456 event_ctx = s4_event_context_init(talloc_autofree_context());
458 if (event_ctx == NULL) {
459 exit_daemon("Initializing event context failed", EACCES);
462 talloc_set_destructor(event_ctx, event_ctx_destructor);
464 if (opt_interactive) {
465 /* terminate when stdin goes away */
466 stdin_event_flags = TEVENT_FD_READ;
468 /* stay alive forever */
469 stdin_event_flags = 0;
472 /* catch EOF on stdin */
474 signal(SIGTTIN, SIG_IGN);
477 if (fstat(0, &st) != 0) {
478 exit_daemon("Samba failed to set standard input handler",
482 if (S_ISFIFO(st.st_mode) || S_ISSOCK(st.st_mode)) {
483 tevent_add_fd(event_ctx,
487 server_stdin_handler,
488 discard_const(binary_name));
492 DEBUG(0,("%s PID %d was called with maxruntime %d - "
494 binary_name, (int)getpid(),
495 max_runtime, (unsigned long long) time(NULL)));
496 tevent_add_timer(event_ctx, event_ctx,
497 timeval_current_ofs(max_runtime, 0),
499 discard_const(binary_name));
502 if (lpcfg_server_role(cmdline_lp_ctx) != ROLE_ACTIVE_DIRECTORY_DC
503 && !lpcfg_parm_bool(cmdline_lp_ctx, NULL,
504 "server role check", "inhibit", false)
505 && !str_list_check_ci(lpcfg_server_services(cmdline_lp_ctx), "smb")
506 && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx),
508 && !str_list_check_ci(lpcfg_dcerpc_endpoint_servers(cmdline_lp_ctx),
510 DEBUG(0, ("At this time the 'samba' binary should only be used "
512 DEBUGADD(0, ("'server role = active directory domain "
513 "controller' or to access the ntvfs file server "
514 "with 'server services = +smb' or the rpc proxy "
515 "with 'dcerpc endpoint servers = remote'\n"));
516 DEBUGADD(0, ("You should start smbd/nmbd/winbindd instead for "
517 "domain member and standalone file server tasks\n"));
518 exit_daemon("Samba detected misconfigured 'server role' "
519 "and exited. Check logs for details", EINVAL);
522 prime_ldb_databases(event_ctx);
524 status = setup_parent_messaging(event_ctx, cmdline_lp_ctx);
525 if (!NT_STATUS_IS_OK(status)) {
526 exit_daemon("Samba failed to setup parent messaging",
527 NT_STATUS_V(status));
530 DEBUG(0,("%s: using '%s' process model\n", binary_name, model));
532 status = server_service_startup(event_ctx, cmdline_lp_ctx, model,
533 lpcfg_server_services(cmdline_lp_ctx));
534 if (!NT_STATUS_IS_OK(status)) {
535 exit_daemon("Samba failed to start services",
536 NT_STATUS_V(status));
540 daemon_ready("samba");
543 /* wait for events - this is where smbd sits for most of its
545 tevent_loop_wait(event_ctx);
547 /* as everything hangs off this event context, freeing it
548 should initiate a clean shutdown of all services */
549 talloc_free(event_ctx);
554 int main(int argc, const char *argv[])
556 return binary_smbd_main("samba", argc, argv);