2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afsconfig.h>
11 #include <afs/param.h>
15 #ifdef AFS_PTHREAD_ENV
16 # include <opr/softsig.h>
20 #include <WINNT/afsevent.h>
23 #ifdef HAVE_SYS_FILE_H
29 #include <rx/rx_globals.h>
30 #include <rx/rxstat.h>
32 #include <afs/cellconfig.h>
35 #include <afs/audit.h>
36 #include <afs/com_err.h>
39 #include <afs/afsutil.h>
42 #include "vlserver_internal.h"
45 struct afsconf_dir *vldb_confdir = 0; /* vldb configuration dir */
48 struct vldstats dynamic_statistics;
49 struct ubik_dbase *VL_dbase;
50 afs_uint32 rd_HostAddress[MAXSERVERID + 1];
51 afs_uint32 wr_HostAddress[MAXSERVERID + 1];
53 static void *CheckSignal(void*);
55 int restrictedQueryLevel = RESTRICTED_QUERY_ANYUSER;
56 int rxJumbograms = 0; /* default is to not send and receive jumbo grams */
59 int rxkadDisableDotCheck = 0;
61 #define ADDRSPERSITE 16 /* Same global is in rx/rx_user.c */
62 afs_uint32 SHostAddrs[ADDRSPERSITE];
65 CheckSignal_Signal(int unused)
67 #if defined(AFS_PTHREAD_ENV)
70 IOMGR_SoftSig(CheckSignal, 0);
75 CheckSignal(void *unused)
81 Init_VLdbase(&ctx, LOCKREAD, VLGETSTATS - VL_LOWEST_OPCODE)))
82 return (void *)(intptr_t)errorcode;
83 VLog(0, ("Dump name hash table out\n"));
84 for (i = 0; i < HASHSIZE; i++) {
87 VLog(0, ("Dump id hash table out\n"));
88 for (i = 0; i < HASHSIZE; i++) {
91 return ((void *)(intptr_t)ubik_EndTrans(ctx.trans));
95 /* Initialize the stats for the opcodes */
97 initialize_dstats(void)
101 dynamic_statistics.start_time = (afs_uint32) time(0);
102 for (i = 0; i < MAX_NUMBER_OPCODES; i++) {
103 dynamic_statistics.requests[i] = 0;
104 dynamic_statistics.aborts[i] = 0;
108 /* check whether caller is authorized to manage RX statistics */
110 vldb_rxstat_userok(struct rx_call *call)
112 return afsconf_SuperUser(vldb_confdir, call, NULL);
116 * Return true if this name is a member of the local realm.
119 vldb_IsLocalRealmMatch(void *rock, char *name, char *inst, char *cell)
121 struct afsconf_dir *dir = (struct afsconf_dir *)rock;
122 afs_int32 islocal = 0; /* default to no */
125 code = afsconf_IsLocalRealmMatch(dir, &islocal, name, inst, cell);
128 ("Failed local realm check; code=%d, name=%s, inst=%s, cell=%s\n",
129 code, name, inst, cell));
134 /* Main server module */
136 #include "AFS_component_version_number.c"
159 OPT_restricted_query,
165 main(int argc, char **argv)
169 struct rx_service *tservice;
170 struct rx_securityClass **securityClasses;
171 afs_int32 numClasses;
172 struct afsconf_dir *tdir;
173 struct ktc_encryptionKey tkey;
174 struct afsconf_cell info;
176 char hostname[VL_MAXNAMELEN];
178 char clones[MAXHOSTSPERCELL];
180 afs_uint32 host = ntohl(INADDR_ANY);
181 struct cmd_syndesc *opts;
182 struct logOptions logopts;
188 char *auditFileName = NULL;
189 char *interface = NULL;
190 char *optstring = NULL;
191 char *s2s_crypt_behavior = NULL;
193 char *restricted_query_parameter = NULL;
197 * The following signal action for AIX is necessary so that in case of a
198 * crash (i.e. core is generated) we can include the user's data section
199 * in the core dump. Unfortunately, by default, only a partial core is
200 * generated which, in many cases, isn't too useful.
202 struct sigaction nsa;
204 rx_extraPackets = 100; /* should be a switch, I guess... */
205 sigemptyset(&nsa.sa_mask);
206 nsa.sa_handler = SIG_DFL;
207 nsa.sa_flags = SA_FULLDUMP;
208 sigaction(SIGABRT, &nsa, NULL);
209 sigaction(SIGSEGV, &nsa, NULL);
213 memset(&logopts, 0, sizeof(logopts));
215 /* Initialize dirpaths */
216 if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
218 ReportErrorEventAlt(AFSEVT_SVR_NO_INSTALL_DIR, 0, argv[0], 0);
220 fprintf(stderr, "%s: Unable to obtain AFS server directory.\n",
225 vl_dbaseName = strdup(AFSDIR_SERVER_VLDB_FILEPATH);
226 configDir = strdup(AFSDIR_SERVER_ETC_DIRPATH);
228 cmd_DisableAbbreviations();
229 cmd_DisablePositionalCommands();
230 opts = cmd_CreateSyntax(NULL, NULL, NULL, 0, NULL);
232 /* vlserver specific options */
233 cmd_AddParmAtOffset(opts, OPT_noauth, "-noauth", CMD_FLAG,
234 CMD_OPTIONAL, "disable authentication");
235 cmd_AddParmAtOffset(opts, OPT_smallmem, "-smallmem", CMD_FLAG,
236 CMD_OPTIONAL, "optimise for small memory systems");
238 /* general server options */
239 cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
240 CMD_OPTIONAL, "location of audit log");
241 cmd_AddParmAtOffset(opts, OPT_auditiface, "-audit-interface", CMD_SINGLE,
242 CMD_OPTIONAL, "interface to use for audit logging");
243 cmd_AddParmAtOffset(opts, OPT_config, "-config", CMD_SINGLE,
244 CMD_OPTIONAL, "configuration location");
245 cmd_AddParmAtOffset(opts, OPT_debug, "-d", CMD_SINGLE,
246 CMD_OPTIONAL, "debug level");
247 cmd_AddParmAtOffset(opts, OPT_database, "-database", CMD_SINGLE,
248 CMD_OPTIONAL, "database file");
249 cmd_AddParmAlias(opts, OPT_database, "-db");
250 cmd_AddParmAtOffset(opts, OPT_logfile, "-logfile", CMD_SINGLE,
251 CMD_OPTIONAL, "location of logfile");
252 cmd_AddParmAtOffset(opts, OPT_threads, "-p", CMD_SINGLE, CMD_OPTIONAL,
253 "number of threads");
255 cmd_AddParmAtOffset(opts, OPT_syslog, "-syslog", CMD_SINGLE_OR_FLAG,
256 CMD_OPTIONAL, "log to syslog");
258 cmd_AddParmAtOffset(opts, OPT_transarc_logs, "-transarc-logs", CMD_FLAG,
259 CMD_OPTIONAL, "enable Transarc style logging");
262 cmd_AddParmAtOffset(opts, OPT_peer, "-enable_peer_stats", CMD_FLAG,
263 CMD_OPTIONAL, "enable RX transport statistics");
264 cmd_AddParmAtOffset(opts, OPT_process, "-enable_process_stats", CMD_FLAG,
265 CMD_OPTIONAL, "enable RX RPC statistics");
266 cmd_AddParmAtOffset(opts, OPT_nojumbo, "-nojumbo", CMD_FLAG,
267 CMD_OPTIONAL, "disable jumbograms");
268 cmd_AddParmAtOffset(opts, OPT_jumbo, "-jumbo", CMD_FLAG,
269 CMD_OPTIONAL, "enable jumbograms");
270 cmd_AddParmAtOffset(opts, OPT_rxbind, "-rxbind", CMD_FLAG,
271 CMD_OPTIONAL, "bind only to the primary interface");
272 cmd_AddParmAtOffset(opts, OPT_rxmaxmtu, "-rxmaxmtu", CMD_SINGLE,
273 CMD_OPTIONAL, "maximum MTU for RX");
274 cmd_AddParmAtOffset(opts, OPT_trace, "-trace", CMD_SINGLE,
275 CMD_OPTIONAL, "rx trace file");
276 cmd_AddParmAtOffset(opts, OPT_restricted_query, "-restricted_query",
277 CMD_SINGLE, CMD_OPTIONAL, "anyuser | admin");
281 cmd_AddParmAtOffset(opts, OPT_dotted, "-allow-dotted-principals",
282 CMD_FLAG, CMD_OPTIONAL,
283 "permit Kerberos 5 principals with dots");
286 cmd_AddParmAtOffset(opts, OPT_s2s_crypt, "-s2scrypt", CMD_SINGLE,
288 "rxgk-crypt | never");
290 code = cmd_Parse(argc, argv, &opts);
291 if (code == CMD_HELP) {
297 cmd_OptionAsString(opts, OPT_config, &configDir);
299 cmd_OpenConfigFile(AFSDIR_SERVER_CONFIG_FILE_FILEPATH);
300 cmd_SetCommandName("vlserver");
302 /* vlserver options */
303 cmd_OptionAsFlag(opts, OPT_noauth, &noAuth);
304 cmd_OptionAsFlag(opts, OPT_smallmem, &smallMem);
305 if (cmd_OptionAsString(opts, OPT_trace, &optstring) == 0) {
306 extern char rxi_tracename[80];
307 strcpy(rxi_tracename, optstring);
312 /* general server options */
314 cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);
316 if (cmd_OptionAsString(opts, OPT_auditiface, &interface) == 0) {
317 if (osi_audit_interface(interface)) {
318 printf("Invalid audit interface '%s'\n", interface);
324 cmd_OptionAsString(opts, OPT_database, &vl_dbaseName);
326 if (cmd_OptionAsInt(opts, OPT_threads, &lwps) == 0) {
328 printf("Warning: '-p %d' is too big; using %d instead\n",
334 cmd_OptionAsInt(opts, OPT_debug, &logopts.lopt_logLevel);
336 if (cmd_OptionPresent(opts, OPT_syslog)) {
337 if (cmd_OptionPresent(opts, OPT_logfile)) {
338 fprintf(stderr, "Invalid options: -syslog and -logfile are exclusive.\n");
341 if (cmd_OptionPresent(opts, OPT_transarc_logs)) {
342 fprintf(stderr, "Invalid options: -syslog and -transarc-logs are exclusive.\n");
346 logopts.lopt_dest = logDest_syslog;
347 logopts.lopt_facility = LOG_DAEMON; /* default value */
348 logopts.lopt_tag = "vlserver";
349 cmd_OptionAsInt(opts, OPT_syslog, &logopts.lopt_facility);
353 logopts.lopt_dest = logDest_file;
354 if (cmd_OptionPresent(opts, OPT_transarc_logs)) {
355 logopts.lopt_rotateOnOpen = 1;
356 logopts.lopt_rotateStyle = logRotate_old;
358 if (cmd_OptionPresent(opts, OPT_logfile))
359 cmd_OptionAsString(opts, OPT_logfile, (char**)&logopts.lopt_filename);
361 logopts.lopt_filename = AFSDIR_SERVER_VLOG_FILEPATH;
366 if (cmd_OptionPresent(opts, OPT_peer))
367 rx_enablePeerRPCStats();
368 if (cmd_OptionPresent(opts, OPT_process))
369 rx_enableProcessRPCStats();
370 if (cmd_OptionPresent(opts, OPT_nojumbo))
372 if (cmd_OptionPresent(opts, OPT_jumbo))
375 cmd_OptionAsFlag(opts, OPT_rxbind, &rxBind);
377 cmd_OptionAsInt(opts, OPT_rxmaxmtu, &rxMaxMTU);
380 cmd_OptionAsFlag(opts, OPT_dotted, &rxkadDisableDotCheck);
382 /* restricted query */
383 if (cmd_OptionAsString(opts, OPT_restricted_query,
384 &restricted_query_parameter) == 0) {
385 if (strcmp(restricted_query_parameter, "anyuser") == 0)
386 restrictedQueryLevel = RESTRICTED_QUERY_ANYUSER;
387 else if (strcmp(restricted_query_parameter, "admin") == 0)
388 restrictedQueryLevel = RESTRICTED_QUERY_ADMIN;
390 printf("invalid argument for -restricted_query: %s\n",
391 restricted_query_parameter);
394 free(restricted_query_parameter);
398 if (cmd_OptionAsString(opts, OPT_s2s_crypt, &s2s_crypt_behavior) == 0) {
399 if (strcmp(s2s_crypt_behavior, "never") == 0) {
400 /* noop; this is the default */
401 } else if (strcmp(s2s_crypt_behavior, "rxgk-crypt") == 0) {
404 printf("Invalid argument for -s2scrypt: %s\n", s2s_crypt_behavior);
407 free(s2s_crypt_behavior);
408 s2s_crypt_behavior = NULL;
412 osi_audit_file(auditFileName);
416 #ifdef AFS_PTHREAD_ENV
418 SetupLogSoftSignals();
423 tdir = afsconf_Open(configDir);
426 ("vlserver: can't open configuration files in dir %s, giving up.\n",
431 /* initialize audit user check */
432 osi_audit_set_user_check(tdir, vldb_IsLocalRealmMatch);
435 /* initialize winsock */
436 if (afs_winsockInit() < 0) {
437 ReportErrorEventAlt(AFSEVT_SVR_WINSOCK_INIT_FAILED, 0, argv[0], 0);
438 VLog(0, ("vlserver: couldn't initialize winsock. \n"));
443 gethostname(hostname, sizeof(hostname));
444 th = gethostbyname(hostname);
446 VLog(0, ("vlserver: couldn't get address of this host (%s).\n",
450 memcpy(&myHost, th->h_addr, sizeof(afs_uint32));
452 #if !defined(AFS_HPUX_ENV) && !defined(AFS_NT40_ENV)
453 signal(SIGXCPU, CheckSignal_Signal);
455 /* get list of servers */
457 afsconf_GetExtendedCellInfo(tdir, NULL, AFSCONF_VLDBSERVICE, &info,
460 printf("vlserver: Couldn't get cell server list for 'afsvldb'.\n");
464 vldb_confdir = tdir; /* Preserve our configuration dir */
465 /* rxvab no longer supported */
466 memset(&tkey, 0, sizeof(tkey));
469 afsconf_SetNoAuthFlag(tdir, 1);
474 if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
475 AFSDIR_SERVER_NETINFO_FILEPATH) {
477 ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL,
478 ADDRSPERSITE, reason,
479 AFSDIR_SERVER_NETINFO_FILEPATH,
480 AFSDIR_SERVER_NETRESTRICT_FILEPATH);
484 ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
487 host = SHostAddrs[0];
494 if (rxMaxMTU != -1) {
495 if (rx_SetMaxMTU(rxMaxMTU) != 0) {
496 VLog(0, ("rxMaxMTU %d invalid\n", rxMaxMTU));
501 VLog(0, ("vlserver binding rx to %s:%d\n",
502 afs_inet_ntoa_r(host, hoststr), AFSCONF_VLDBPORT));
503 code = rx_InitHost(host, htons(AFSCONF_VLDBPORT));
505 VLog(0, ("vlserver: Rx init failed: %d\n", code));
508 rx_SetRxDeadTime(50);
512 ubik_SetClientSecurityProcs(afsconf_ClientAuthRXGKCrypt,
513 afsconf_UpToDate, tdir);
515 ubik_SetClientSecurityProcs(afsconf_ClientAuth, afsconf_UpToDate, tdir);
517 ubik_SetServerSecurityProcs(afsconf_BuildServerSecurityObjects,
518 afsconf_CheckAuth, tdir);
520 ubik_SyncWriterCacheProc = vlsynccache;
522 ubik_ServerInitByInfo(myHost, htons(AFSCONF_VLDBPORT), &info, clones,
523 vl_dbaseName, &VL_dbase);
525 VLog(0, ("vlserver: Ubik init failed: %s\n", afs_error_message(code)));
529 memset(rd_HostAddress, 0, sizeof(rd_HostAddress));
530 memset(wr_HostAddress, 0, sizeof(wr_HostAddress));
533 afsconf_BuildServerSecurityObjects(tdir, &securityClasses, &numClasses);
536 rx_NewServiceHost(host, 0, USER_SERVICE_ID, "Vldb server",
537 securityClasses, numClasses,
539 if (tservice == (struct rx_service *)0) {
540 VLog(0, ("vlserver: Could not create VLDB_SERVICE rx service\n"));
543 rx_SetMinProcs(tservice, 2);
546 rx_SetMaxProcs(tservice, lwps);
548 if (rxkadDisableDotCheck) {
549 code = rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS,
550 (void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
552 VLog(0, ("vlserver: failed to allow dotted principals: %s\n",
553 afs_error_message(code)));
559 rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats",
560 securityClasses, numClasses,
561 RXSTATS_ExecuteRequest);
562 if (tservice == (struct rx_service *)0) {
563 VLog(0, ("vlserver: Could not create rpc stats rx service\n"));
566 rx_SetMinProcs(tservice, 2);
567 rx_SetMaxProcs(tservice, 4);
569 LogCommandLine(argc, argv, "vlserver", VldbVersion, "Starting AFS", FSLog);
570 if (afsconf_GetLatestKey(tdir, NULL, NULL) == 0) {
573 VLog(0, ("%s\n", cml_version_number));
575 /* allow super users to manage RX statistics */
576 rx_SetRxStatUserOk(vldb_rxstat_userok);
578 rx_StartServer(1); /* Why waste this idle process?? */
580 return 0; /* not reachable */