4e81263ee4c30082486d21e96b6cfbed9eb0d8ba
[kai/samba.git] / source3 / smbd / server.c
1 /*
2    Unix SMB/CIFS implementation.
3    Main SMB server routines
4    Copyright (C) Andrew Tridgell                1992-1998
5    Copyright (C) Martin Pool                    2002
6    Copyright (C) Jelmer Vernooij                2002-2003
7    Copyright (C) Volker Lendecke                1993-2007
8    Copyright (C) Jeremy Allison                 1993-2007
9
10    This program is free software; you can redistribute it and/or modify
11    it under the terms of the GNU General Public License as published by
12    the Free Software Foundation; either version 3 of the License, or
13    (at your option) any later version.
14
15    This program is distributed in the hope that it will be useful,
16    but WITHOUT ANY WARRANTY; without even the implied warranty of
17    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18    GNU General Public License for more details.
19
20    You should have received a copy of the GNU General Public License
21    along with this program.  If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25
26 static_decl_rpc;
27
28 static int am_parent = 1;
29
30 extern struct auth_context *negprot_global_auth_context;
31 extern SIG_ATOMIC_T got_sig_term;
32 extern SIG_ATOMIC_T reload_after_sighup;
33 static SIG_ATOMIC_T got_sig_cld;
34
35 #ifdef WITH_DFS
36 extern int dcelogin_atmost_once;
37 #endif /* WITH_DFS */
38
39 /* really we should have a top level context structure that has the
40    client file descriptor as an element. That would require a major rewrite :(
41
42    the following 2 functions are an alternative - they make the file
43    descriptor private to smbd
44  */
45 static int server_fd = -1;
46
47 int smbd_server_fd(void)
48 {
49         return server_fd;
50 }
51
52 static void smbd_set_server_fd(int fd)
53 {
54         server_fd = fd;
55 }
56
57 int get_client_fd(void)
58 {
59         return server_fd;
60 }
61
62 int client_get_tcp_info(struct sockaddr_in *server, struct sockaddr_in *client)
63 {
64         socklen_t length;
65         if (server_fd == -1) {
66                 return -1;
67         }
68         length = sizeof(*server);
69         if (getsockname(server_fd, (struct sockaddr *)server, &length) != 0) {
70                 return -1;
71         }
72         length = sizeof(*client);
73         if (getpeername(server_fd, (struct sockaddr *)client, &length) != 0) {
74                 return -1;
75         }
76         return 0;
77 }
78
79 struct event_context *smbd_event_context(void)
80 {
81         static struct event_context *ctx;
82
83         if (!ctx && !(ctx = event_context_init(NULL))) {
84                 smb_panic("Could not init smbd event context");
85         }
86         return ctx;
87 }
88
89 struct messaging_context *smbd_messaging_context(void)
90 {
91         static struct messaging_context *ctx;
92
93         if (ctx == NULL) {
94                 ctx = messaging_init(NULL, server_id_self(),
95                                      smbd_event_context());
96         }
97         if (ctx == NULL) {
98                 DEBUG(0, ("Could not init smbd messaging context.\n"));
99         }
100         return ctx;
101 }
102
103 struct memcache *smbd_memcache(void)
104 {
105         static struct memcache *cache;
106
107         if (!cache
108             && !(cache = memcache_init(NULL,
109                                        lp_max_stat_cache_size()*1024))) {
110
111                 smb_panic("Could not init smbd memcache");
112         }
113         return cache;
114 }
115
116 /*******************************************************************
117  What to do when smb.conf is updated.
118  ********************************************************************/
119
120 static void smb_conf_updated(struct messaging_context *msg,
121                              void *private_data,
122                              uint32_t msg_type,
123                              struct server_id server_id,
124                              DATA_BLOB *data)
125 {
126         DEBUG(10,("smb_conf_updated: Got message saying smb.conf was "
127                   "updated. Reloading.\n"));
128         reload_services(False);
129 }
130
131
132 /*******************************************************************
133  Delete a statcache entry.
134  ********************************************************************/
135
136 static void smb_stat_cache_delete(struct messaging_context *msg,
137                                   void *private_data,
138                                   uint32_t msg_tnype,
139                                   struct server_id server_id,
140                                   DATA_BLOB *data)
141 {
142         const char *name = (const char *)data->data;
143         DEBUG(10,("smb_stat_cache_delete: delete name %s\n", name));
144         stat_cache_delete(name);
145 }
146
147 /****************************************************************************
148  Terminate signal.
149 ****************************************************************************/
150
151 static void sig_term(void)
152 {
153         got_sig_term = 1;
154         sys_select_signal(SIGTERM);
155 }
156
157 /****************************************************************************
158  Catch a sighup.
159 ****************************************************************************/
160
161 static void sig_hup(int sig)
162 {
163         reload_after_sighup = 1;
164         sys_select_signal(SIGHUP);
165 }
166
167 /****************************************************************************
168  Catch a sigcld
169 ****************************************************************************/
170 static void sig_cld(int sig)
171 {
172         got_sig_cld = 1;
173         sys_select_signal(SIGCLD);
174 }
175
176 /****************************************************************************
177   Send a SIGTERM to our process group.
178 *****************************************************************************/
179
180 static void  killkids(void)
181 {
182         if(am_parent) kill(0,SIGTERM);
183 }
184
185 /****************************************************************************
186  Process a sam sync message - not sure whether to do this here or
187  somewhere else.
188 ****************************************************************************/
189
190 static void msg_sam_sync(struct messaging_context *msg,
191                          void *private_data,
192                          uint32_t msg_type,
193                          struct server_id server_id,
194                          DATA_BLOB *data)
195 {
196         DEBUG(10, ("** sam sync message received, ignoring\n"));
197 }
198
199
200 /****************************************************************************
201  Open the socket communication - inetd.
202 ****************************************************************************/
203
204 static bool open_sockets_inetd(void)
205 {
206         /* Started from inetd. fd 0 is the socket. */
207         /* We will abort gracefully when the client or remote system 
208            goes away */
209         smbd_set_server_fd(dup(0));
210         
211         /* close our standard file descriptors */
212         close_low_fds(False); /* Don't close stderr */
213         
214         set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
215         set_socket_options(smbd_server_fd(), lp_socket_options());
216
217         return True;
218 }
219
220 static void msg_exit_server(struct messaging_context *msg,
221                             void *private_data,
222                             uint32_t msg_type,
223                             struct server_id server_id,
224                             DATA_BLOB *data)
225 {
226         DEBUG(3, ("got a SHUTDOWN message\n"));
227         exit_server_cleanly(NULL);
228 }
229
230 #ifdef DEVELOPER
231 static void msg_inject_fault(struct messaging_context *msg,
232                              void *private_data,
233                              uint32_t msg_type,
234                              struct server_id src,
235                              DATA_BLOB *data)
236 {
237         int sig;
238
239         if (data->length != sizeof(sig)) {
240                 
241                 DEBUG(0, ("Process %s sent bogus signal injection request\n",
242                           procid_str_static(&src)));
243                 return;
244         }
245
246         sig = *(int *)data->data;
247         if (sig == -1) {
248                 exit_server("internal error injected");
249                 return;
250         }
251
252 #if HAVE_STRSIGNAL
253         DEBUG(0, ("Process %s requested injection of signal %d (%s)\n",
254                   procid_str_static(&src), sig, strsignal(sig)));
255 #else
256         DEBUG(0, ("Process %s requested injection of signal %d\n",
257                   procid_str_static(&src), sig));
258 #endif
259
260         kill(sys_getpid(), sig);
261 }
262 #endif /* DEVELOPER */
263
264 struct child_pid {
265         struct child_pid *prev, *next;
266         pid_t pid;
267 };
268
269 static struct child_pid *children;
270 static int num_children;
271
272 static void add_child_pid(pid_t pid)
273 {
274         struct child_pid *child;
275
276         if (lp_max_smbd_processes() == 0) {
277                 /* Don't bother with the child list if we don't care anyway */
278                 return;
279         }
280
281         child = SMB_MALLOC_P(struct child_pid);
282         if (child == NULL) {
283                 DEBUG(0, ("Could not add child struct -- malloc failed\n"));
284                 return;
285         }
286         child->pid = pid;
287         DLIST_ADD(children, child);
288         num_children += 1;
289 }
290
291 static void remove_child_pid(pid_t pid, bool unclean_shutdown)
292 {
293         struct child_pid *child;
294
295         if (unclean_shutdown) {
296                 /* a child terminated uncleanly so tickle all processes to see 
297                    if they can grab any of the pending locks
298                 */
299                 DEBUG(3,(__location__ " Unclean shutdown of pid %u\n", pid));
300                 messaging_send_buf(smbd_messaging_context(), procid_self(), 
301                                    MSG_SMB_BRL_VALIDATE, NULL, 0);
302                 message_send_all(smbd_messaging_context(), 
303                                  MSG_SMB_UNLOCK, NULL, 0, NULL);
304         }
305
306         if (lp_max_smbd_processes() == 0) {
307                 /* Don't bother with the child list if we don't care anyway */
308                 return;
309         }
310
311         for (child = children; child != NULL; child = child->next) {
312                 if (child->pid == pid) {
313                         struct child_pid *tmp = child;
314                         DLIST_REMOVE(children, child);
315                         SAFE_FREE(tmp);
316                         num_children -= 1;
317                         return;
318                 }
319         }
320
321         DEBUG(0, ("Could not find child %d -- ignoring\n", (int)pid));
322 }
323
324 /****************************************************************************
325  Have we reached the process limit ?
326 ****************************************************************************/
327
328 static bool allowable_number_of_smbd_processes(void)
329 {
330         int max_processes = lp_max_smbd_processes();
331
332         if (!max_processes)
333                 return True;
334
335         return num_children < max_processes;
336 }
337
338 /****************************************************************************
339  Open the socket communication.
340 ****************************************************************************/
341
342 static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ports)
343 {
344         int num_interfaces = iface_count();
345         int num_sockets = 0;
346         int fd_listenset[FD_SETSIZE];
347         fd_set listen_set;
348         int s;
349         int maxfd = 0;
350         int i;
351         char *ports;
352         struct dns_reg_state * dns_reg = NULL;
353         unsigned dns_port = 0;
354
355         if (!is_daemon) {
356                 return open_sockets_inetd();
357         }
358
359 #ifdef HAVE_ATEXIT
360         {
361                 static int atexit_set;
362                 if(atexit_set == 0) {
363                         atexit_set=1;
364                         atexit(killkids);
365                 }
366         }
367 #endif
368
369         /* Stop zombies */
370         CatchSignal(SIGCLD, sig_cld);
371
372         FD_ZERO(&listen_set);
373
374         /* use a reasonable default set of ports - listing on 445 and 139 */
375         if (!smb_ports) {
376                 ports = lp_smb_ports();
377                 if (!ports || !*ports) {
378                         ports = smb_xstrdup(SMB_PORTS);
379                 } else {
380                         ports = smb_xstrdup(ports);
381                 }
382         } else {
383                 ports = smb_xstrdup(smb_ports);
384         }
385
386         if (lp_interfaces() && lp_bind_interfaces_only()) {
387                 /* We have been given an interfaces line, and been
388                    told to only bind to those interfaces. Create a
389                    socket per interface and bind to only these.
390                 */
391
392                 /* Now open a listen socket for each of the
393                    interfaces. */
394                 for(i = 0; i < num_interfaces; i++) {
395                         TALLOC_CTX *frame = NULL;
396                         const struct sockaddr_storage *ifss =
397                                         iface_n_sockaddr_storage(i);
398                         char *tok;
399                         const char *ptr;
400
401                         if (ifss == NULL) {
402                                 DEBUG(0,("open_sockets_smbd: "
403                                         "interface %d has NULL IP address !\n",
404                                         i));
405                                 continue;
406                         }
407
408                         frame = talloc_stackframe();
409                         for (ptr=ports;
410                                         next_token_talloc(frame,&ptr, &tok, " \t,");) {
411                                 unsigned port = atoi(tok);
412                                 if (port == 0 || port > 0xffff) {
413                                         continue;
414                                 }
415
416                                 /* Keep the first port for mDNS service
417                                  * registration.
418                                  */
419                                 if (dns_port == 0) {
420                                         dns_port = port;
421                                 }
422
423                                 s = fd_listenset[num_sockets] =
424                                         open_socket_in(SOCK_STREAM,
425                                                         port,
426                                                         num_sockets == 0 ? 0 : 2,
427                                                         ifss,
428                                                         true);
429                                 if(s == -1) {
430                                         continue;
431                                 }
432
433                                 /* ready to listen */
434                                 set_socket_options(s,"SO_KEEPALIVE");
435                                 set_socket_options(s,lp_socket_options());
436
437                                 /* Set server socket to
438                                  * non-blocking for the accept. */
439                                 set_blocking(s,False);
440
441                                 if (listen(s, SMBD_LISTEN_BACKLOG) == -1) {
442                                         DEBUG(0,("open_sockets_smbd: listen: "
443                                                 "%s\n", strerror(errno)));
444                                         close(s);
445                                         TALLOC_FREE(frame);
446                                         return False;
447                                 }
448                                 FD_SET(s,&listen_set);
449                                 maxfd = MAX( maxfd, s);
450
451                                 num_sockets++;
452                                 if (num_sockets >= FD_SETSIZE) {
453                                         DEBUG(0,("open_sockets_smbd: Too "
454                                                 "many sockets to bind to\n"));
455                                         TALLOC_FREE(frame);
456                                         return False;
457                                 }
458                         }
459                         TALLOC_FREE(frame);
460                 }
461         } else {
462                 /* Just bind to 0.0.0.0 - accept connections
463                    from anywhere. */
464
465                 TALLOC_CTX *frame = talloc_stackframe();
466                 char *tok;
467                 const char *ptr;
468                 const char *sock_addr = lp_socket_address();
469                 char *sock_tok;
470                 const char *sock_ptr;
471
472                 if (sock_addr[0] == '\0' ||
473                                 strequal(sock_addr, "0.0.0.0") ||
474                                 strequal(sock_addr, "::")) {
475 #if HAVE_IPV6
476                         sock_addr = "::,0.0.0.0";
477 #else
478                         sock_addr = "0.0.0.0";
479 #endif
480                 }
481
482                 for (sock_ptr=sock_addr;
483                                 next_token_talloc(frame, &sock_ptr, &sock_tok, " \t,"); ) {
484                         for (ptr=ports; next_token_talloc(frame, &ptr, &tok, " \t,"); ) {
485                                 struct sockaddr_storage ss;
486
487                                 unsigned port = atoi(tok);
488                                 if (port == 0 || port > 0xffff) {
489                                         continue;
490                                 }
491
492                                 /* Keep the first port for mDNS service
493                                  * registration.
494                                  */
495                                 if (dns_port == 0) {
496                                         dns_port = port;
497                                 }
498
499                                 /* open an incoming socket */
500                                 if (!interpret_string_addr(&ss, sock_tok,
501                                                 AI_NUMERICHOST|AI_PASSIVE)) {
502                                         continue;
503                                 }
504
505                                 s = open_socket_in(SOCK_STREAM,
506                                                 port,
507                                                 num_sockets == 0 ? 0 : 2,
508                                                 &ss,
509                                                 true);
510                                 if (s == -1) {
511                                         continue;
512                                 }
513
514                                 /* ready to listen */
515                                 set_socket_options(s,"SO_KEEPALIVE");
516                                 set_socket_options(s,lp_socket_options());
517
518                                 /* Set server socket to non-blocking
519                                  * for the accept. */
520                                 set_blocking(s,False);
521
522                                 if (listen(s, SMBD_LISTEN_BACKLOG) == -1) {
523                                         DEBUG(0,("open_sockets_smbd: "
524                                                 "listen: %s\n",
525                                                  strerror(errno)));
526                                         close(s);
527                                         TALLOC_FREE(frame);
528                                         return False;
529                                 }
530
531                                 fd_listenset[num_sockets] = s;
532                                 FD_SET(s,&listen_set);
533                                 maxfd = MAX( maxfd, s);
534
535                                 num_sockets++;
536
537                                 if (num_sockets >= FD_SETSIZE) {
538                                         DEBUG(0,("open_sockets_smbd: Too "
539                                                 "many sockets to bind to\n"));
540                                         TALLOC_FREE(frame);
541                                         return False;
542                                 }
543                         }
544                 }
545                 TALLOC_FREE(frame);
546         }
547
548         SAFE_FREE(ports);
549
550         if (num_sockets == 0) {
551                 DEBUG(0,("open_sockets_smbd: No "
552                         "sockets available to bind to.\n"));
553                 return false;
554         }
555
556         /* Setup the main smbd so that we can get messages. Note that
557            do this after starting listening. This is needed as when in
558            clustered mode, ctdb won't allow us to start doing database
559            operations until it has gone thru a full startup, which
560            includes checking to see that smbd is listening. */
561         claim_connection(NULL,"",
562                          FLAG_MSG_GENERAL|FLAG_MSG_SMBD|FLAG_MSG_DBWRAP);
563
564         /* Listen to messages */
565
566         messaging_register(smbd_messaging_context(), NULL,
567                            MSG_SMB_SAM_SYNC, msg_sam_sync);
568         messaging_register(smbd_messaging_context(), NULL,
569                            MSG_SHUTDOWN, msg_exit_server);
570         messaging_register(smbd_messaging_context(), NULL,
571                            MSG_SMB_FILE_RENAME, msg_file_was_renamed);
572         messaging_register(smbd_messaging_context(), NULL,
573                            MSG_SMB_CONF_UPDATED, smb_conf_updated);
574         messaging_register(smbd_messaging_context(), NULL,
575                            MSG_SMB_STAT_CACHE_DELETE, smb_stat_cache_delete);
576         brl_register_msgs(smbd_messaging_context());
577
578 #ifdef CLUSTER_SUPPORT
579         if (lp_clustering()) {
580                 ctdbd_register_reconfigure(messaging_ctdbd_connection());
581         }
582 #endif
583
584 #ifdef DEVELOPER
585         messaging_register(smbd_messaging_context(), NULL,
586                            MSG_SMB_INJECT_FAULT, msg_inject_fault);
587 #endif
588
589         /* now accept incoming connections - forking a new process
590            for each incoming connection */
591         DEBUG(2,("waiting for a connection\n"));
592         while (1) {
593                 struct timeval now, idle_timeout;
594                 fd_set r_fds, w_fds;
595                 int num;
596
597                 /* Ensure we respond to PING and DEBUG messages from the main smbd. */
598                 message_dispatch(smbd_messaging_context());
599
600                 if (got_sig_cld) {
601                         pid_t pid;
602                         int status;
603
604                         got_sig_cld = False;
605
606                         while ((pid = sys_waitpid(-1, &status, WNOHANG)) > 0) {
607                                 bool unclean_shutdown = False;
608                                 
609                                 /* If the child terminated normally, assume
610                                    it was an unclean shutdown unless the
611                                    status is 0 
612                                 */
613                                 if (WIFEXITED(status)) {
614                                         unclean_shutdown = WEXITSTATUS(status);
615                                 }
616                                 /* If the child terminated due to a signal
617                                    we always assume it was unclean.
618                                 */
619                                 if (WIFSIGNALED(status)) {
620                                         unclean_shutdown = True;
621                                 }
622                                 remove_child_pid(pid, unclean_shutdown);
623                         }
624                 }
625
626                 idle_timeout = timeval_zero();
627
628                 memcpy((char *)&r_fds, (char *)&listen_set,
629                        sizeof(listen_set));
630                 FD_ZERO(&w_fds);
631                 GetTimeOfDay(&now);
632
633                 /* Kick off our mDNS registration. */
634                 if (dns_port != 0) {
635                         dns_register_smbd(&dns_reg, dns_port, &maxfd,
636                                         &r_fds, &idle_timeout);
637                 }
638
639                 event_add_to_select_args(smbd_event_context(), &now,
640                                          &r_fds, &w_fds, &idle_timeout,
641                                          &maxfd);
642
643                 num = sys_select(maxfd+1,&r_fds,&w_fds,NULL,
644                                  timeval_is_zero(&idle_timeout) ?
645                                  NULL : &idle_timeout);
646
647                 if (num == -1 && errno == EINTR) {
648                         if (got_sig_term) {
649                                 exit_server_cleanly(NULL);
650                         }
651
652                         /* check for sighup processing */
653                         if (reload_after_sighup) {
654                                 change_to_root_user();
655                                 DEBUG(1,("Reloading services after SIGHUP\n"));
656                                 reload_services(False);
657                                 reload_after_sighup = 0;
658                         }
659
660                         continue;
661                 }
662                 
663
664                 /* If the idle timeout fired and we don't have any connected
665                  * users, exit gracefully. We should be running under a process
666                  * controller that will restart us if necessry.
667                  */
668                 if (num == 0 && count_all_current_connections() == 0) {
669                         exit_server_cleanly("idle timeout");
670                 }
671
672                 /* process pending nDNS responses */
673                 if (dns_register_smbd_reply(dns_reg, &r_fds, &idle_timeout)) {
674                         --num;
675                 }
676
677                 if (run_events(smbd_event_context(), num, &r_fds, &w_fds)) {
678                         continue;
679                 }
680
681                 /* check if we need to reload services */
682                 check_reload(time(NULL));
683
684                 /* Find the sockets that are read-ready -
685                    accept on these. */
686                 for( ; num > 0; num--) {
687                         struct sockaddr addr;
688                         socklen_t in_addrlen = sizeof(addr);
689                         pid_t child = 0;
690
691                         s = -1;
692                         for(i = 0; i < num_sockets; i++) {
693                                 if(FD_ISSET(fd_listenset[i],&r_fds)) {
694                                         s = fd_listenset[i];
695                                         /* Clear this so we don't look
696                                            at it again. */
697                                         FD_CLR(fd_listenset[i],&r_fds);
698                                         break;
699                                 }
700                         }
701
702                         smbd_set_server_fd(accept(s,&addr,&in_addrlen));
703
704                         if (smbd_server_fd() == -1 && errno == EINTR)
705                                 continue;
706
707                         if (smbd_server_fd() == -1) {
708                                 DEBUG(2,("open_sockets_smbd: accept: %s\n",
709                                          strerror(errno)));
710                                 continue;
711                         }
712
713                         /* Ensure child is set to blocking mode */
714                         set_blocking(smbd_server_fd(),True);
715
716                         if (smbd_server_fd() != -1 && interactive)
717                                 return True;
718
719                         if (allowable_number_of_smbd_processes() &&
720                             smbd_server_fd() != -1 &&
721                             ((child = sys_fork())==0)) {
722                                 char remaddr[INET6_ADDRSTRLEN];
723
724                                 /* Child code ... */
725
726                                 /* Stop zombies, the parent explicitly handles
727                                  * them, counting worker smbds. */
728                                 CatchChild();
729
730                                 /* close the listening socket(s) */
731                                 for(i = 0; i < num_sockets; i++)
732                                         close(fd_listenset[i]);
733
734                                 /* close our mDNS daemon handle */
735                                 dns_register_close(&dns_reg);
736
737                                 /* close our standard file
738                                    descriptors */
739                                 close_low_fds(False);
740                                 am_parent = 0;
741
742                                 set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
743                                 set_socket_options(smbd_server_fd(),
744                                                    lp_socket_options());
745
746                                 /* this is needed so that we get decent entries
747                                    in smbstatus for port 445 connects */
748                                 set_remote_machine_name(get_peer_addr(smbd_server_fd(),
749                                                                 remaddr,
750                                                                 sizeof(remaddr)),
751                                                                 false);
752
753                                 if (!reinit_after_fork(
754                                             smbd_messaging_context(), true)) {
755                                         DEBUG(0,("reinit_after_fork() failed\n"));
756                                         smb_panic("reinit_after_fork() failed");
757                                 }
758
759                                 return True;
760                         }
761                         /* The parent doesn't need this socket */
762                         close(smbd_server_fd());
763
764                         /* Sun May 6 18:56:14 2001 ackley@cs.unm.edu:
765                                 Clear the closed fd info out of server_fd --
766                                 and more importantly, out of client_fd in
767                                 util_sock.c, to avoid a possible
768                                 getpeername failure if we reopen the logs
769                                 and use %I in the filename.
770                         */
771
772                         smbd_set_server_fd(-1);
773
774                         if (child != 0) {
775                                 add_child_pid(child);
776                         }
777
778                         /* Force parent to check log size after
779                          * spawning child.  Fix from
780                          * klausr@ITAP.Physik.Uni-Stuttgart.De.  The
781                          * parent smbd will log to logserver.smb.  It
782                          * writes only two messages for each child
783                          * started/finished. But each child writes,
784                          * say, 50 messages also in logserver.smb,
785                          * begining with the debug_count of the
786                          * parent, before the child opens its own log
787                          * file logserver.client. In a worst case
788                          * scenario the size of logserver.smb would be
789                          * checked after about 50*50=2500 messages
790                          * (ca. 100kb).
791                          * */
792                         force_check_log_size();
793
794                 } /* end for num */
795         } /* end while 1 */
796
797 /* NOTREACHED   return True; */
798 }
799
800 /****************************************************************************
801  Reload printers
802 **************************************************************************/
803 void reload_printers(void)
804 {
805         int snum;
806         int n_services = lp_numservices();
807         int pnum = lp_servicenumber(PRINTERS_NAME);
808         const char *pname;
809
810         pcap_cache_reload();
811
812         /* remove stale printers */
813         for (snum = 0; snum < n_services; snum++) {
814                 /* avoid removing PRINTERS_NAME or non-autoloaded printers */
815                 if (snum == pnum || !(lp_snum_ok(snum) && lp_print_ok(snum) &&
816                                       lp_autoloaded(snum)))
817                         continue;
818
819                 pname = lp_printername(snum);
820                 if (!pcap_printername_ok(pname)) {
821                         DEBUG(3, ("removing stale printer %s\n", pname));
822
823                         if (is_printer_published(NULL, snum, NULL))
824                                 nt_printer_publish(NULL, snum, SPOOL_DS_UNPUBLISH);
825                         del_a_printer(pname);
826                         lp_killservice(snum);
827                 }
828         }
829
830         load_printers();
831 }
832
833 /****************************************************************************
834  Reload the services file.
835 **************************************************************************/
836
837 bool reload_services(bool test)
838 {
839         bool ret;
840
841         if (lp_loaded()) {
842                 char *fname = lp_configfile();
843                 if (file_exist(fname) &&
844                     !strcsequal(fname, get_dyn_CONFIGFILE())) {
845                         set_dyn_CONFIGFILE(fname);
846                         test = False;
847                 }
848         }
849
850         reopen_logs();
851
852         if (test && !lp_file_list_changed())
853                 return(True);
854
855         lp_killunused(conn_snum_used);
856
857         ret = lp_load(get_dyn_CONFIGFILE(), False, False, True, True);
858
859         reload_printers();
860
861         /* perhaps the config filename is now set */
862         if (!test)
863                 reload_services(True);
864
865         reopen_logs();
866
867         load_interfaces();
868
869         if (smbd_server_fd() != -1) {
870                 set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
871                 set_socket_options(smbd_server_fd(), lp_socket_options());
872         }
873
874         mangle_reset_cache();
875         reset_stat_cache();
876
877         /* this forces service parameters to be flushed */
878         set_current_service(NULL,0,True);
879
880         return(ret);
881 }
882
883 /****************************************************************************
884  Exit the server.
885 ****************************************************************************/
886
887 /* Reasons for shutting down a server process. */
888 enum server_exit_reason { SERVER_EXIT_NORMAL, SERVER_EXIT_ABNORMAL };
889
890 static void exit_server_common(enum server_exit_reason how,
891         const char *const reason) _NORETURN_;
892
893 static void exit_server_common(enum server_exit_reason how,
894         const char *const reason)
895 {
896         static int firsttime=1;
897         bool had_open_conn;
898
899         if (!firsttime)
900                 exit(0);
901         firsttime = 0;
902
903         change_to_root_user();
904
905         if (negprot_global_auth_context) {
906                 (negprot_global_auth_context->free)(&negprot_global_auth_context);
907         }
908
909         had_open_conn = conn_close_all();
910
911         invalidate_all_vuids();
912
913         /* 3 second timeout. */
914         print_notify_send_messages(smbd_messaging_context(), 3);
915
916         /* delete our entry in the connections database. */
917         yield_connection(NULL,"");
918
919         respond_to_all_remaining_local_messages();
920
921 #ifdef WITH_DFS
922         if (dcelogin_atmost_once) {
923                 dfs_unlogin();
924         }
925 #endif
926
927 #ifdef USE_DMAPI
928         /* Destroy Samba DMAPI session only if we are master smbd process */
929         if (am_parent) {
930                 if (!dmapi_destroy_session()) {
931                         DEBUG(0,("Unable to close Samba DMAPI session\n"));
932                 }
933         }
934 #endif
935
936         locking_end();
937         printing_end();
938
939         if (how != SERVER_EXIT_NORMAL) {
940                 int oldlevel = DEBUGLEVEL;
941
942                 DEBUGLEVEL = 10;
943
944                 DEBUGSEP(0);
945                 DEBUG(0,("Abnormal server exit: %s\n",
946                         reason ? reason : "no explanation provided"));
947                 DEBUGSEP(0);
948
949                 log_stack_trace();
950
951                 DEBUGLEVEL = oldlevel;
952                 dump_core();
953
954         } else {    
955                 DEBUG(3,("Server exit (%s)\n",
956                         (reason ? reason : "normal exit")));
957         }
958
959         /* if we had any open SMB connections when we exited then we
960            need to tell the parent smbd so that it can trigger a retry
961            of any locks we may have been holding or open files we were
962            blocking */
963         if (had_open_conn) {
964                 exit(1);
965         } else {
966                 exit(0);
967         }
968 }
969
970 void exit_server(const char *const explanation)
971 {
972         exit_server_common(SERVER_EXIT_ABNORMAL, explanation);
973 }
974
975 void exit_server_cleanly(const char *const explanation)
976 {
977         exit_server_common(SERVER_EXIT_NORMAL, explanation);
978 }
979
980 void exit_server_fault(void)
981 {
982         exit_server("critical server fault");
983 }
984
985
986 /****************************************************************************
987 received when we should release a specific IP
988 ****************************************************************************/
989 static void release_ip(const char *ip, void *priv)
990 {
991         char addr[INET6_ADDRSTRLEN];
992
993         if (strcmp(client_socket_addr(get_client_fd(),addr,sizeof(addr)), ip) == 0) {
994                 /* we can't afford to do a clean exit - that involves
995                    database writes, which would potentially mean we
996                    are still running after the failover has finished -
997                    we have to get rid of this process ID straight
998                    away */
999                 DEBUG(0,("Got release IP message for our IP %s - exiting immediately\n",
1000                         ip));
1001                 /* note we must exit with non-zero status so the unclean handler gets
1002                    called in the parent, so that the brl database is tickled */
1003                 _exit(1);
1004         }
1005 }
1006
1007 static void msg_release_ip(struct messaging_context *msg_ctx, void *private_data,
1008                            uint32_t msg_type, struct server_id server_id, DATA_BLOB *data)
1009 {
1010         release_ip((char *)data->data, NULL);
1011 }
1012
1013 /****************************************************************************
1014  Initialise connect, service and file structs.
1015 ****************************************************************************/
1016
1017 static bool init_structs(void )
1018 {
1019         /*
1020          * Set the machine NETBIOS name if not already
1021          * set from the config file.
1022          */
1023
1024         if (!init_names())
1025                 return False;
1026
1027         conn_init();
1028
1029         file_init();
1030
1031         /* for RPC pipes */
1032         init_rpc_pipe_hnd();
1033
1034         init_dptrs();
1035
1036         if (!secrets_init())
1037                 return False;
1038
1039         return True;
1040 }
1041
1042 /*
1043  * Send keepalive packets to our client
1044  */
1045 static bool keepalive_fn(const struct timeval *now, void *private_data)
1046 {
1047         if (!send_keepalive(smbd_server_fd())) {
1048                 DEBUG( 2, ( "Keepalive failed - exiting.\n" ) );
1049                 return False;
1050         }
1051         return True;
1052 }
1053
1054 /*
1055  * Do the recurring check if we're idle
1056  */
1057 static bool deadtime_fn(const struct timeval *now, void *private_data)
1058 {
1059         if ((conn_num_open() == 0)
1060             || (conn_idle_all(now->tv_sec))) {
1061                 DEBUG( 2, ( "Closing idle connection\n" ) );
1062                 messaging_send(smbd_messaging_context(), procid_self(),
1063                                MSG_SHUTDOWN, &data_blob_null);
1064                 return False;
1065         }
1066
1067         return True;
1068 }
1069
1070 /*
1071  * Do the recurring log file and smb.conf reload checks.
1072  */
1073
1074 static bool housekeeping_fn(const struct timeval *now, void *private_data)
1075 {
1076         change_to_root_user();
1077
1078         /* update printer queue caches if necessary */
1079         update_monitored_printq_cache();
1080
1081         /* check if we need to reload services */
1082         check_reload(time(NULL));
1083
1084         /* Change machine password if neccessary. */
1085         attempt_machine_password_change();
1086
1087         /*
1088          * Force a log file check.
1089          */
1090         force_check_log_size();
1091         check_log_size();
1092         return true;
1093 }
1094
1095 /****************************************************************************
1096  main program.
1097 ****************************************************************************/
1098
1099 /* Declare prototype for build_options() to avoid having to run it through
1100    mkproto.h.  Mixing $(builddir) and $(srcdir) source files in the current
1101    prototype generation system is too complicated. */
1102
1103 extern void build_options(bool screen);
1104
1105  int main(int argc,const char *argv[])
1106 {
1107         /* shall I run as a daemon */
1108         static bool is_daemon = False;
1109         static bool interactive = False;
1110         static bool Fork = True;
1111         static bool no_process_group = False;
1112         static bool log_stdout = False;
1113         static char *ports = NULL;
1114         static char *profile_level = NULL;
1115         int opt;
1116         poptContext pc;
1117         bool print_build_options = False;
1118         enum {
1119                 OPT_DAEMON = 1000,
1120                 OPT_INTERACTIVE,
1121                 OPT_FORK,
1122                 OPT_NO_PROCESS_GROUP,
1123                 OPT_LOG_STDOUT
1124         };
1125         struct poptOption long_options[] = {
1126         POPT_AUTOHELP
1127         {"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" },
1128         {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"},
1129         {"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" },
1130         {"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
1131         {"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
1132         {"build-options", 'b', POPT_ARG_NONE, NULL, 'b', "Print build options" },
1133         {"port", 'p', POPT_ARG_STRING, &ports, 0, "Listen on the specified ports"},
1134         {"profiling-level", 'P', POPT_ARG_STRING, &profile_level, 0, "Set profiling level","PROFILE_LEVEL"},
1135         POPT_COMMON_SAMBA
1136         POPT_COMMON_DYNCONFIG
1137         POPT_TABLEEND
1138         };
1139         TALLOC_CTX *frame = talloc_stackframe(); /* Setup tos. */
1140
1141         TimeInit();
1142
1143 #ifdef HAVE_SET_AUTH_PARAMETERS
1144         set_auth_parameters(argc,argv);
1145 #endif
1146
1147         pc = poptGetContext("smbd", argc, argv, long_options, 0);
1148         while((opt = poptGetNextOpt(pc)) != -1) {
1149                 switch (opt)  {
1150                 case OPT_DAEMON:
1151                         is_daemon = true;
1152                         break;
1153                 case OPT_INTERACTIVE:
1154                         interactive = true;
1155                         break;
1156                 case OPT_FORK:
1157                         Fork = false;
1158                         break;
1159                 case OPT_NO_PROCESS_GROUP:
1160                         no_process_group = true;
1161                         break;
1162                 case OPT_LOG_STDOUT:
1163                         log_stdout = true;
1164                         break;
1165                 case 'b':
1166                         print_build_options = True;
1167                         break;
1168                 default:
1169                         d_fprintf(stderr, "\nInvalid option %s: %s\n\n",
1170                                   poptBadOption(pc, 0), poptStrerror(opt));
1171                         poptPrintUsage(pc, stderr, 0);
1172                         exit(1);
1173                 }
1174         }
1175         poptFreeContext(pc);
1176
1177         if (interactive) {
1178                 Fork = False;
1179                 log_stdout = True;
1180         }
1181
1182         setup_logging(argv[0],log_stdout);
1183
1184         if (print_build_options) {
1185                 build_options(True); /* Display output to screen as well as debug */
1186                 exit(0);
1187         }
1188
1189         load_case_tables();
1190
1191 #ifdef HAVE_SETLUID
1192         /* needed for SecureWare on SCO */
1193         setluid(0);
1194 #endif
1195
1196         sec_init();
1197
1198         set_remote_machine_name("smbd", False);
1199
1200         if (interactive && (DEBUGLEVEL >= 9)) {
1201                 talloc_enable_leak_report();
1202         }
1203
1204         if (log_stdout && Fork) {
1205                 DEBUG(0,("ERROR: Can't log to stdout (-S) unless daemon is in foreground (-F) or interactive (-i)\n"));
1206                 exit(1);
1207         }
1208
1209         /* we want to re-seed early to prevent time delays causing
1210            client problems at a later date. (tridge) */
1211         generate_random_buffer(NULL, 0);
1212
1213         /* make absolutely sure we run as root - to handle cases where people
1214            are crazy enough to have it setuid */
1215
1216         gain_root_privilege();
1217         gain_root_group_privilege();
1218
1219         fault_setup((void (*)(void *))exit_server_fault);
1220         dump_core_setup("smbd");
1221
1222         CatchSignal(SIGTERM , SIGNAL_CAST sig_term);
1223         CatchSignal(SIGHUP,SIGNAL_CAST sig_hup);
1224         
1225         /* we are never interested in SIGPIPE */
1226         BlockSignals(True,SIGPIPE);
1227
1228 #if defined(SIGFPE)
1229         /* we are never interested in SIGFPE */
1230         BlockSignals(True,SIGFPE);
1231 #endif
1232
1233 #if defined(SIGUSR2)
1234         /* We are no longer interested in USR2 */
1235         BlockSignals(True,SIGUSR2);
1236 #endif
1237
1238         /* POSIX demands that signals are inherited. If the invoking process has
1239          * these signals masked, we will have problems, as we won't recieve them. */
1240         BlockSignals(False, SIGHUP);
1241         BlockSignals(False, SIGUSR1);
1242         BlockSignals(False, SIGTERM);
1243
1244         /* we want total control over the permissions on created files,
1245            so set our umask to 0 */
1246         umask(0);
1247
1248         init_sec_ctx();
1249
1250         reopen_logs();
1251
1252         DEBUG(0,("smbd version %s started.\n", SAMBA_VERSION_STRING));
1253         DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
1254
1255         DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
1256                  (int)getuid(),(int)getgid(),(int)geteuid(),(int)getegid()));
1257
1258         /* Output the build options to the debug log */ 
1259         build_options(False);
1260
1261         if (sizeof(uint16) < 2 || sizeof(uint32) < 4) {
1262                 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
1263                 exit(1);
1264         }
1265
1266         if (!lp_load_initial_only(get_dyn_CONFIGFILE())) {
1267                 DEBUG(0, ("error opening config file\n"));
1268                 exit(1);
1269         }
1270
1271         if (smbd_messaging_context() == NULL)
1272                 exit(1);
1273
1274         if (!reload_services(False))
1275                 return(-1);     
1276
1277         init_structs();
1278
1279 #ifdef WITH_PROFILE
1280         if (!profile_setup(smbd_messaging_context(), False)) {
1281                 DEBUG(0,("ERROR: failed to setup profiling\n"));
1282                 return -1;
1283         }
1284         if (profile_level != NULL) {
1285                 int pl = atoi(profile_level);
1286                 struct server_id src;
1287
1288                 DEBUG(1, ("setting profiling level: %s\n",profile_level));
1289                 src.pid = getpid();
1290                 set_profile_level(pl, src);
1291         }
1292 #endif
1293
1294         DEBUG(3,( "loaded services\n"));
1295
1296         if (!is_daemon && !is_a_socket(0)) {
1297                 if (!interactive)
1298                         DEBUG(0,("standard input is not a socket, assuming -D option\n"));
1299
1300                 /*
1301                  * Setting is_daemon here prevents us from eventually calling
1302                  * the open_sockets_inetd()
1303                  */
1304
1305                 is_daemon = True;
1306         }
1307
1308         if (is_daemon && !interactive) {
1309                 DEBUG( 3, ( "Becoming a daemon.\n" ) );
1310                 become_daemon(Fork, no_process_group);
1311         }
1312
1313 #if HAVE_SETPGID
1314         /*
1315          * If we're interactive we want to set our own process group for
1316          * signal management.
1317          */
1318         if (interactive && !no_process_group)
1319                 setpgid( (pid_t)0, (pid_t)0);
1320 #endif
1321
1322         if (!directory_exist(lp_lockdir()))
1323                 mkdir(lp_lockdir(), 0755);
1324
1325         if (is_daemon)
1326                 pidfile_create("smbd");
1327
1328         if (!reinit_after_fork(smbd_messaging_context(), false)) {
1329                 DEBUG(0,("reinit_after_fork() failed\n"));
1330                 exit(1);
1331         }
1332
1333         /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */
1334
1335         if (smbd_memcache() == NULL) {
1336                 exit(1);
1337         }
1338
1339         memcache_set_global(smbd_memcache());
1340
1341         /* Initialise the password backed before the global_sam_sid
1342            to ensure that we fetch from ldap before we make a domain sid up */
1343
1344         if(!initialize_password_db(False, smbd_event_context()))
1345                 exit(1);
1346
1347         if (!secrets_init()) {
1348                 DEBUG(0, ("ERROR: smbd can not open secrets.tdb\n"));
1349                 exit(1);
1350         }
1351
1352         if(!get_global_sam_sid()) {
1353                 DEBUG(0,("ERROR: Samba cannot create a SAM SID.\n"));
1354                 exit(1);
1355         }
1356
1357         if (!session_init())
1358                 exit(1);
1359
1360         if (!connections_init(True))
1361                 exit(1);
1362
1363         if (!locking_init())
1364                 exit(1);
1365
1366         namecache_enable();
1367
1368         if (!W_ERROR_IS_OK(registry_init_full()))
1369                 exit(1);
1370
1371 #if 0
1372         if (!init_svcctl_db())
1373                 exit(1);
1374 #endif
1375
1376         if (!print_backend_init(smbd_messaging_context()))
1377                 exit(1);
1378
1379         if (!init_guest_info()) {
1380                 DEBUG(0,("ERROR: failed to setup guest info.\n"));
1381                 return -1;
1382         }
1383
1384         /* only start the background queue daemon if we are 
1385            running as a daemon -- bad things will happen if
1386            smbd is launched via inetd and we fork a copy of 
1387            ourselves here */
1388
1389         if (is_daemon && !interactive
1390             && lp_parm_bool(-1, "smbd", "backgroundqueue", true)) {
1391                 start_background_queue();
1392         }
1393
1394         if (!open_sockets_smbd(is_daemon, interactive, ports))
1395                 exit(1);
1396
1397         /*
1398          * everything after this point is run after the fork()
1399          */ 
1400
1401         static_init_rpc;
1402
1403         init_modules();
1404
1405         /* Possibly reload the services file. Only worth doing in
1406          * daemon mode. In inetd mode, we know we only just loaded this.
1407          */
1408         if (is_daemon) {
1409                 reload_services(True);
1410         }
1411
1412         if (!init_account_policy()) {
1413                 DEBUG(0,("Could not open account policy tdb.\n"));
1414                 exit(1);
1415         }
1416
1417         if (*lp_rootdir()) {
1418                 if (sys_chroot(lp_rootdir()) == 0)
1419                         DEBUG(2,("Changed root to %s\n", lp_rootdir()));
1420         }
1421
1422         /* Setup oplocks */
1423         if (!init_oplocks(smbd_messaging_context()))
1424                 exit(1);
1425
1426         /* Setup aio signal handler. */
1427         initialize_async_io_handler();
1428
1429         /* register our message handlers */
1430         messaging_register(smbd_messaging_context(), NULL,
1431                            MSG_SMB_FORCE_TDIS, msg_force_tdis);
1432         messaging_register(smbd_messaging_context(), NULL,
1433                            MSG_SMB_RELEASE_IP, msg_release_ip);
1434         messaging_register(smbd_messaging_context(), NULL,
1435                            MSG_SMB_CLOSE_FILE, msg_close_file);
1436
1437         if ((lp_keepalive() != 0)
1438             && !(event_add_idle(smbd_event_context(), NULL,
1439                                 timeval_set(lp_keepalive(), 0),
1440                                 "keepalive", keepalive_fn,
1441                                 NULL))) {
1442                 DEBUG(0, ("Could not add keepalive event\n"));
1443                 exit(1);
1444         }
1445
1446         if (!(event_add_idle(smbd_event_context(), NULL,
1447                              timeval_set(IDLE_CLOSED_TIMEOUT, 0),
1448                              "deadtime", deadtime_fn, NULL))) {
1449                 DEBUG(0, ("Could not add deadtime event\n"));
1450                 exit(1);
1451         }
1452
1453         if (!(event_add_idle(smbd_event_context(), NULL,
1454                              timeval_set(SMBD_SELECT_TIMEOUT, 0),
1455                              "housekeeping", housekeeping_fn, NULL))) {
1456                 DEBUG(0, ("Could not add housekeeping event\n"));
1457                 exit(1);
1458         }
1459
1460 #ifdef CLUSTER_SUPPORT
1461
1462         if (lp_clustering()) {
1463                 /*
1464                  * We need to tell ctdb about our client's TCP
1465                  * connection, so that for failover ctdbd can send
1466                  * tickle acks, triggering a reconnection by the
1467                  * client.
1468                  */
1469
1470                 struct sockaddr_in srv, clnt;
1471
1472                 if (client_get_tcp_info(&srv, &clnt) == 0) {
1473
1474                         NTSTATUS status;
1475
1476                         status = ctdbd_register_ips(
1477                                 messaging_ctdbd_connection(),
1478                                 &srv, &clnt, release_ip, NULL);
1479
1480                         if (!NT_STATUS_IS_OK(status)) {
1481                                 DEBUG(0, ("ctdbd_register_ips failed: %s\n",
1482                                           nt_errstr(status)));
1483                         }
1484                 } else
1485                 {
1486                         DEBUG(0,("Unable to get tcp info for "
1487                                  "CTDB_CONTROL_TCP_CLIENT: %s\n",
1488                                  strerror(errno)));
1489                 }
1490         }
1491
1492 #endif
1493
1494         TALLOC_FREE(frame);
1495
1496         smbd_process();
1497
1498         namecache_shutdown();
1499
1500         exit_server_cleanly(NULL);
1501         return(0);
1502 }