#include <afsconfig.h>
#include <afs/param.h>
-RCSID
- ("$Header$");
+#ifdef IGNORE_SOME_GCC_WARNINGS
+# pragma GCC diagnostic warning "-Wdeprecated-declarations"
+#endif
#include <afs/stds.h>
#include <sys/types.h>
#include "bnode.h"
#include "bosprototypes.h"
#include <rx/rxkad.h>
+#include <rx/rxstat.h>
#include <afs/keys.h>
#include <afs/ktime.h>
#include <afs/afsutil.h>
#include <afs/fileutil.h>
#include <afs/procmgmt.h> /* signal(), kill(), wait(), etc. */
+#include <afs/audit.h>
+#include <afs/cellconfig.h>
#if defined(AFS_SGI_ENV)
#include <afs/afs_args.h>
#endif
#define BOZO_LWP_STACKSIZE 16000
-extern int BOZO_ExecuteRequest();
-extern int RXSTATS_ExecuteRequest();
extern struct bnode_ops fsbnode_ops, dafsbnode_ops, ezbnode_ops, cronbnode_ops;
struct afsconf_dir *bozo_confdir = 0; /* bozo configuration dir */
#define ADDRSPERSITE 16 /* Same global is in rx/rx_user.c */
afs_uint32 SHostAddrs[ADDRSPERSITE];
-#ifdef BOS_RESTRICTED_MODE
int bozo_isrestricted = 0;
int bozo_restdisable = 0;
bozo_isrestricted = 0;
bozo_restdisable = 1;
}
-#endif
struct bztemp {
FILE *file;
/* restart bozo process */
int
-bozo_ReBozo()
+bozo_ReBozo(void)
{
#ifdef AFS_NT40_ENV
/* exit with restart code; SCM integrator process will restart bosserver */
/* create all the bozo dirs */
static int
-CreateDirs()
+CreateDirs(void)
{
if ((!strncmp
(AFSDIR_USR_DIRPATH, AFSDIR_CLIENT_ETC_DIRPATH,
}
/* write one bnode's worth of entry into the file */
-static
-bzwrite(register struct bnode *abnode, register struct bztemp *at)
+static int
+bzwrite(register struct bnode *abnode, void *arock)
{
+ register struct bztemp *at = (struct bztemp *)arock;
register int i;
char tbuffer[BOZO_BSSIZE];
register afs_int32 code;
afs_int32 i, goal;
struct bnode *tb;
char *parms[MAXPARMS];
-#ifdef BOS_RESTRICTED_MODE
int rmode;
-#endif
/* rename BozoInit to BosServer for the user */
if (!aname) {
if (code < 0)
perror("bosconfig rename");
}
-#ifdef BOS_NEW_CONFIG
if (access(AFSDIR_SERVER_BOZCONFNEW_FILEPATH, 0) == 0) {
code =
renamefile(AFSDIR_SERVER_BOZCONFNEW_FILEPATH,
if (code < 0)
perror("bosconfig rename");
}
-#endif
}
- /* setup default times we want to do restarts */
- bozo_nextRestartKT.mask = KTIME_HOUR | KTIME_MIN | KTIME_DAY;
- bozo_nextRestartKT.hour = 4; /* 4 am */
+ /* don't do server restarts by default */
+ bozo_nextRestartKT.mask = KTIME_NEVER;
+ bozo_nextRestartKT.hour = 0;
bozo_nextRestartKT.min = 0;
- bozo_nextRestartKT.day = 0; /* Sunday */
+ bozo_nextRestartKT.day = 0;
+
+ /* restart processes at 5am if their binaries have changed */
bozo_nextDayKT.mask = KTIME_HOUR | KTIME_MIN;
bozo_nextDayKT.hour = 5;
bozo_nextDayKT.min = 0;
bozo_nextDayKT.sec = ktsec;
continue;
}
-#ifdef BOS_RESTRICTED_MODE
+
if (strncmp(tbuffer, "restrictmode", 12) == 0) {
code = sscanf(tbuffer, "restrictmode %d", &rmode);
if (code != 1) {
bozo_isrestricted = rmode;
continue;
}
-#endif
if (strncmp("bnode", tbuffer, 5) != 0) {
code = -1;
if (!tfile)
return -1;
btemp.file = tfile;
-#ifdef BOS_RESTRICTED_MODE
+
fprintf(tfile, "restrictmode %d\n", bozo_isrestricted);
-#endif
fprintf(tfile, "restarttime %d %d %d %d %d\n", bozo_nextRestartKT.mask,
bozo_nextRestartKT.day, bozo_nextRestartKT.hour,
bozo_nextRestartKT.min, bozo_nextRestartKT.sec);
}
static int
-bdrestart(register struct bnode *abnode, char *arock)
+bdrestart(register struct bnode *abnode, void *arock)
{
register afs_int32 code;
IOMGR_Sleep(60);
now = FT_ApproxTime();
-#ifdef BOS_RESTRICTED_MODE
if (bozo_restdisable) {
bozo_Log("Restricted mode disabled by signal\n");
bozo_restdisable = 0;
}
-#endif
+
if (bozo_newKTs) { /* need to recompute restart times */
bozo_newKTs = 0; /* done for a while */
nextRestart = ktime_next(&bozo_nextRestartKT, BOZO_MINSKIP);
#ifdef AFS_AIX32_ENV
static int
-tweak_config()
+tweak_config(void)
{
FILE *f;
char c[80];
char namebuf[AFSDIR_PATH_MAX];
int rxMaxMTU = -1;
afs_uint32 host = htonl(INADDR_ANY);
+ char *auditFileName = NULL;
#ifndef AFS_NT40_ENV
int nofork = 0;
struct stat sb;
sigaction(SIGABRT, &nsa, NULL);
#endif
osi_audit_init();
-#ifdef BOS_RESTRICTED_MODE
signal(SIGFPE, bozo_insecureme);
-#endif
#ifdef AFS_NT40_ENV
/* Initialize winsock */
} else if (strcmp(argv[code], "-enable_process_stats") == 0) {
rx_enableProcessRPCStats();
}
-#ifdef BOS_RESTRICTED_MODE
else if (strcmp(argv[code], "-restricted") == 0) {
bozo_isrestricted = 1;
}
-#endif
else if (strcmp(argv[code], "-rxbind") == 0) {
rxBind = 1;
}
else if (strcmp(argv[code], "-allow-dotted-principals") == 0) {
rxkadDisableDotCheck = 1;
}
- else if (!strcmp(argv[i], "-rxmaxmtu")) {
- if ((i + 1) >= argc) {
+ else if (!strcmp(argv[code], "-rxmaxmtu")) {
+ if ((code + 1) >= argc) {
fprintf(stderr, "missing argument for -rxmaxmtu\n");
exit(1);
}
- rxMaxMTU = atoi(argv[++i]);
+ rxMaxMTU = atoi(argv[++code]);
if ((rxMaxMTU < RX_MIN_PACKET_SIZE) ||
(rxMaxMTU > RX_MAX_PACKET_DATA_SIZE)) {
- printf("rxMaxMTU %d invalid; must be between %d-%d\n",
+ printf("rxMaxMTU %d invalid; must be between %d-%" AFS_SIZET_FMT "\n",
rxMaxMTU, RX_MIN_PACKET_SIZE,
RX_MAX_PACKET_DATA_SIZE);
exit(1);
}
}
else if (strcmp(argv[code], "-auditlog") == 0) {
- int tempfd, flags;
- FILE *auditout;
- char oldName[MAXPATHLEN];
- char *fileName = argv[++code];
+ auditFileName = argv[++code];
-#ifndef AFS_NT40_ENV
- struct stat statbuf;
-
- if ((lstat(fileName, &statbuf) == 0)
- && (S_ISFIFO(statbuf.st_mode))) {
- flags = O_WRONLY | O_NONBLOCK;
- } else
-#endif
- {
- strcpy(oldName, fileName);
- strcat(oldName, ".old");
- renamefile(fileName, oldName);
- flags = O_WRONLY | O_TRUNC | O_CREAT;
+ } else if (strcmp(argv[code], "-audit-interface") == 0) {
+ char *interface = argv[++code];
+
+ if (osi_audit_interface(interface)) {
+ printf("Invalid audit interface '%s'\n", interface);
+ exit(1);
}
- tempfd = open(fileName, flags, 0666);
- if (tempfd > -1) {
- auditout = fdopen(tempfd, "a");
- if (auditout) {
- osi_audit_file(auditout);
- } else
- printf("Warning: auditlog %s not writable, ignored.\n", fileName);
- } else
- printf("Warning: auditlog %s not writable, ignored.\n", fileName);
}
else {
#ifndef AFS_NT40_ENV
printf("Usage: bosserver [-noauth] [-log] "
"[-auditlog <log path>] "
+ "[-audit-interafce <file|sysvmq> (default is file)] "
"[-rxmaxmtu <bytes>] [-rxbind] [-allow-dotted-principals]"
"[-syslog[=FACILITY]] "
"[-enable_peer_stats] [-enable_process_stats] "
#else
printf("Usage: bosserver [-noauth] [-log] "
"[-auditlog <log path>] "
+ "[-audit-interafce <file|sysvmq> (default is file)] "
"[-rxmaxmtu <bytes>] [-rxbind] [-allow-dotted-principals]"
"[-enable_peer_stats] [-enable_process_stats] "
"[-help]\n");
exit(0);
}
}
+ if (auditFileName) {
+ osi_audit_file(auditFileName);
+ }
#ifndef AFS_NT40_ENV
if (geteuid() != 0) {
}
code = LWP_CreateProcess(BozoDaemon, BOZO_LWP_STACKSIZE, /* priority */ 1,
- (void *) /*parm */ 0, "bozo-the-clown",
+ /* param */ NULL , "bozo-the-clown",
&bozo_pid);
/* try to read the key from the config file */
}
/* read init file, starting up programs */
- if (code = ReadBozoFile(0)) {
+ if ((code = ReadBozoFile(0))) {
bozo_Log
("bosserver: Something is wrong (%d) with the bos configuration file %s; aborting\n",
code, AFSDIR_SERVER_BOZCONF_FILEPATH);
if (rxBind) {
afs_int32 ccode;
-#ifndef AFS_NT40_ENV
if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
AFSDIR_SERVER_NETINFO_FILEPATH) {
char reason[1024];
AFSDIR_SERVER_NETINFO_FILEPATH,
AFSDIR_SERVER_NETRESTRICT_FILEPATH);
} else
-#endif
{
ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
}
rx_SetStackSize(tservice, BOZO_LWP_STACKSIZE); /* so gethostbyname works (in cell stuff) */
if (rxkadDisableDotCheck) {
rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS,
- (void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK,
- NULL);
+ (void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
}
tservice =