/*
* Copyright 2000, International Business Machines Corporation and others.
* All Rights Reserved.
- *
+ *
* This software has been released under the terms of the IBM Public
* License. For details, see the LICENSE file in the top-level source
* directory or online at http://www.openafs.org/dl/license10.html
#include <afsconfig.h>
#include <afs/param.h>
+#include <afs/stds.h>
-RCSID
- ("$Header$");
+#include <afs/procmgmt.h>
+#include <roken.h>
+#include <ctype.h>
+
+#ifdef IGNORE_SOME_GCC_WARNINGS
+# ifdef __clang__
+# pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+# else
+# pragma GCC diagnostic warning "-Wdeprecated-declarations"
+# endif
+#endif
+
+#ifdef HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#endif
-#include <afs/stds.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
#ifdef AFS_NT40_ENV
-#include <winsock2.h>
+#define PATH_DELIM '\\'
#include <direct.h>
-#include <io.h>
#include <WINNT/afsevent.h>
-#else
-#include <unistd.h>
-#include <netinet/in.h>
-#include <syslog.h>
#endif /* AFS_NT40_ENV */
-#include <afs/cellconfig.h>
+
+#define PATH_DELIM '/'
#include <rx/rx.h>
#include <rx/xdr.h>
#include <rx/rx_globals.h>
-#include "bosint.h"
-#include "bnode.h"
-#include <afs/auth.h>
+#include <rx/rxkad.h>
+#include <rx/rxstat.h>
#include <afs/keys.h>
#include <afs/ktime.h>
#include <afs/afsutil.h>
#include <afs/fileutil.h>
-#include <afs/procmgmt.h> /* signal(), kill(), wait(), etc. */
+#include <afs/audit.h>
+#include <afs/cellconfig.h>
+
#if defined(AFS_SGI_ENV)
#include <afs/afs_args.h>
#endif
+#include "bosint.h"
+#include "bnode.h"
+#include "bnode_internal.h"
+#include "bosprototypes.h"
#define BOZO_LWP_STACKSIZE 16000
-extern int BOZO_ExecuteRequest();
-extern int RXSTATS_ExecuteRequest();
-extern int afsconf_GetKey();
-extern struct bnode_ops fsbnode_ops, ezbnode_ops, cronbnode_ops;
-
-void bozo_Log();
+extern struct bnode_ops fsbnode_ops, dafsbnode_ops, ezbnode_ops, cronbnode_ops;
struct afsconf_dir *bozo_confdir = 0; /* bozo configuration dir */
-static char *bozo_pid;
-struct rx_securityClass *bozo_rxsc[3];
+static PROCESS bozo_pid;
const char *bozo_fileName;
FILE *bozo_logFile;
-extern int rx_stackSize; /* for rx_SetStackSize macro */
+#ifndef AFS_NT40_ENV
+static int bozo_argc = 0;
+static char** bozo_argv = NULL;
+#endif
+const char *DoCore;
int DoLogging = 0;
int DoSyslog = 0;
+const char *DoPidFiles = NULL;
#ifndef AFS_NT40_ENV
int DoSyslogFacility = LOG_DAEMON;
#endif
struct ktime bozo_nextRestartKT, bozo_nextDayKT;
int bozo_newKTs;
-#ifdef BOS_RESTRICTED_MODE
+int rxBind = 0;
+int rxkadDisableDotCheck = 0;
+
+#define ADDRSPERSITE 16 /* Same global is in rx/rx_user.c */
+afs_uint32 SHostAddrs[ADDRSPERSITE];
+
int bozo_isrestricted = 0;
int bozo_restdisable = 0;
bozo_isrestricted = 0;
bozo_restdisable = 1;
}
-#endif
struct bztemp {
FILE *file;
return afsconf_SuperUser(bozo_confdir, call, NULL);
}
-/* restart bozo process */
+/**
+ * Return true if this name is a member of the local realm.
+ */
int
-bozo_ReBozo()
+bozo_IsLocalRealmMatch(void *rock, char *name, char *inst, char *cell)
{
-#ifdef AFS_NT40_ENV
- /* exit with restart code; SCM integrator process will restart bosserver */
- int status = BOSEXIT_RESTART;
+ struct afsconf_dir *dir = (struct afsconf_dir *)rock;
+ afs_int32 islocal = 0; /* default to no */
+ int code;
- /* if noauth flag is set, pass "-noauth" to new bosserver */
- if (afsconf_GetNoAuthFlag(bozo_confdir)) {
- status |= BOSEXIT_NOAUTH_FLAG;
- }
- /* if logging is on, pass "-log" to new bosserver */
- if (DoLogging) {
- status |= BOSEXIT_LOGGING_FLAG;
+ code = afsconf_IsLocalRealmMatch(dir, &islocal, name, inst, cell);
+ if (code) {
+ bozo_Log("Failed local realm check; code=%d, name=%s, inst=%s, cell=%s\n",
+ code, name, inst, cell);
}
- exit(status);
+ return islocal;
+}
+
+/* restart bozo process */
+int
+bozo_ReBozo(void)
+{
+#ifdef AFS_NT40_ENV
+ /* exit with restart code; SCM integrator process will restart bosserver with
+ the same arguments */
+ exit(BOSEXIT_RESTART);
#else
/* exec new bosserver process */
- char *argv[4];
int i = 0;
- argv[i] = (char *)AFSDIR_SERVER_BOSVR_FILEPATH;
- i++;
+ /* close random fd's */
+ for (i = 3; i < 64; i++) {
+ close(i);
+ }
+
+ unlink(AFSDIR_SERVER_BOZRXBIND_FILEPATH);
- /* if noauth flag is set, pass "-noauth" to new bosserver */
- if (afsconf_GetNoAuthFlag(bozo_confdir)) {
- argv[i] = "-noauth";
- i++;
+ execv(bozo_argv[0], bozo_argv); /* should not return */
+ _exit(1);
+#endif /* AFS_NT40_ENV */
+}
+
+/*!
+ * Make directory with parents.
+ *
+ * \param[in] adir directory path to create
+ * \param[in] areqPerm permissions to set on the last component of adir
+ * \return 0 on success
+ */
+static int
+MakeDirParents(const char *adir, int areqPerm)
+{
+ struct stat stats;
+ int error = 0;
+ char *tdir;
+ char *p;
+ int parent_perm = 0777; /* use umask for parent perms */
+ size_t len;
+
+ tdir = strdup(adir);
+ if (!tdir) {
+ return ENOMEM;
}
- /* if logging is on, pass "-log" to new bosserver */
- if (DoLogging) {
- argv[i] = "-log";
- i++;
+
+ /* strip trailing slashes */
+ len = strlen(tdir);
+ if (!len) {
+ return 0;
}
-#ifndef AFS_NT40_ENV
- /* if syslog logging is on, pass "-syslog" to new bosserver */
- if (DoSyslog) {
- char *arg = (char *)malloc(40); /* enough for -syslog=# */
- if (DoSyslogFacility != LOG_DAEMON) {
- snprintf(arg, 40, "-syslog=%d", DoSyslogFacility);
- } else {
- strcpy(arg, "-syslog");
- }
- argv[i] = arg;
- i++;
+ p = tdir + len - 1;
+ while (p != tdir && *p == PATH_DELIM) {
+ *p-- = '\0';
+ }
+
+ p = tdir;
+#ifdef AFS_NT40_ENV
+ /* skip drive letter */
+ if (isalpha(p[0]) && p[1] == ':') {
+ p += 2;
}
#endif
+ /* skip leading slashes */
+ while (*p == PATH_DELIM) {
+ p++;
+ }
- /* null-terminate argument list */
- argv[i] = NULL;
+ /* create parent directories with default perms */
+ p = strchr(p, PATH_DELIM);
+ while (p) {
+ *p = '\0';
+ if (stat(tdir, &stats) != 0 || !S_ISDIR(stats.st_mode)) {
+ if (mkdir(tdir, parent_perm) != 0) {
+ error = errno;
+ goto done;
+ }
+ }
+ *p++ = PATH_DELIM;
- /* close random fd's */
- for (i = 3; i < 64; i++) {
- close(i);
+ /* skip back to back slashes */
+ while (*p == PATH_DELIM) {
+ p++;
+ }
+ p = strchr(p, PATH_DELIM);
}
- execv(argv[0], argv); /* should not return */
- _exit(1);
-#endif /* AFS_NT40_ENV */
+ /* set required perms on the last path component */
+ if (stat(tdir, &stats) != 0 || !S_ISDIR(stats.st_mode)) {
+ if (mkdir(tdir, areqPerm) != 0) {
+ error = errno;
+ }
+ }
+
+ done:
+ free(tdir);
+ return error;
}
/* make sure a dir exists */
static int
-MakeDir(register char *adir)
+MakeDir(const char *adir)
{
struct stat tstat;
- register afs_int32 code;
+ afs_int32 code;
if (stat(adir, &tstat) < 0 || (tstat.st_mode & S_IFMT) != S_IFDIR) {
int reqPerm;
unlink(adir);
reqPerm = GetRequiredDirPerm(adir);
if (reqPerm == -1)
reqPerm = 0777;
-#ifdef AFS_NT40_ENV
- /* underlying filesystem may not support directory protection */
- code = mkdir(adir);
-#else
- code = mkdir(adir, reqPerm);
-#endif
+ code = MakeDirParents(adir, reqPerm);
return code;
}
return 0;
/* create all the bozo dirs */
static int
-CreateDirs()
+CreateDirs(const char *coredir)
{
if ((!strncmp
(AFSDIR_USR_DIRPATH, AFSDIR_CLIENT_ETC_DIRPATH,
(!strncmp
(AFSDIR_USR_DIRPATH, AFSDIR_SERVER_BIN_DIRPATH,
strlen(AFSDIR_USR_DIRPATH)))) {
- MakeDir(AFSDIR_USR_DIRPATH);
+ if (MakeDir(AFSDIR_USR_DIRPATH))
+ return errno;
}
if (!strncmp
(AFSDIR_SERVER_AFS_DIRPATH, AFSDIR_SERVER_BIN_DIRPATH,
strlen(AFSDIR_SERVER_AFS_DIRPATH))) {
- MakeDir(AFSDIR_SERVER_AFS_DIRPATH);
+ if (MakeDir(AFSDIR_SERVER_AFS_DIRPATH))
+ return errno;
}
- MakeDir(AFSDIR_SERVER_BIN_DIRPATH);
- MakeDir(AFSDIR_SERVER_ETC_DIRPATH);
- MakeDir(AFSDIR_SERVER_LOCAL_DIRPATH);
- MakeDir(AFSDIR_SERVER_DB_DIRPATH);
- MakeDir(AFSDIR_SERVER_LOGS_DIRPATH);
+ if (MakeDir(AFSDIR_SERVER_BIN_DIRPATH))
+ return errno;
+ if (MakeDir(AFSDIR_SERVER_ETC_DIRPATH))
+ return errno;
+ if (MakeDir(AFSDIR_SERVER_LOCAL_DIRPATH))
+ return errno;
+ if (MakeDir(AFSDIR_SERVER_DB_DIRPATH))
+ return errno;
+ if (MakeDir(AFSDIR_SERVER_LOGS_DIRPATH))
+ return errno;
#ifndef AFS_NT40_ENV
if (!strncmp
(AFSDIR_CLIENT_VICE_DIRPATH, AFSDIR_CLIENT_ETC_DIRPATH,
strlen(AFSDIR_CLIENT_VICE_DIRPATH))) {
- MakeDir(AFSDIR_CLIENT_VICE_DIRPATH);
+ if (MakeDir(AFSDIR_CLIENT_VICE_DIRPATH))
+ return errno;
}
- MakeDir(AFSDIR_CLIENT_ETC_DIRPATH);
+ if (MakeDir(AFSDIR_CLIENT_ETC_DIRPATH))
+ return errno;
- symlink(AFSDIR_SERVER_THISCELL_FILEPATH, AFSDIR_CLIENT_THISCELL_FILEPATH);
- symlink(AFSDIR_SERVER_CELLSERVDB_FILEPATH,
- AFSDIR_CLIENT_CELLSERVDB_FILEPATH);
+ if (symlink(AFSDIR_SERVER_THISCELL_FILEPATH,
+ AFSDIR_CLIENT_THISCELL_FILEPATH)) {
+ if (errno != EEXIST) {
+ return errno;
+ }
+ }
+ if (symlink(AFSDIR_SERVER_CELLSERVDB_FILEPATH,
+ AFSDIR_CLIENT_CELLSERVDB_FILEPATH)) {
+ if (errno != EEXIST) {
+ return errno;
+ }
+ }
#endif /* AFS_NT40_ENV */
+ if (coredir) {
+ if (MakeDir(coredir))
+ return errno;
+ }
return 0;
}
/* strip the \\n from the end of the line, if it is present */
static int
-StripLine(register char *abuffer)
+StripLine(char *abuffer)
{
- register char *tp;
+ char *tp;
tp = abuffer + strlen(abuffer); /* starts off pointing at the null */
if (tp == abuffer)
}
/* write one bnode's worth of entry into the file */
-static
-bzwrite(register struct bnode *abnode, register struct bztemp *at)
+static int
+bzwrite(struct bnode *abnode, void *arock)
{
- register int i;
+ struct bztemp *at = (struct bztemp *)arock;
+ int i;
char tbuffer[BOZO_BSSIZE];
- register afs_int32 code;
+ afs_int32 code;
if (abnode->notifier)
fprintf(at->file, "bnode %s %s %d %s\n", abnode->type->name,
int
ReadBozoFile(char *aname)
{
- register FILE *tfile;
+ FILE *tfile;
char tbuffer[BOZO_BSSIZE];
- register char *tp;
+ char *tp;
char *instp, *typep, *notifier, *notp;
- register afs_int32 code;
+ afs_int32 code;
afs_int32 ktmask, ktday, kthour, ktmin, ktsec;
afs_int32 i, goal;
struct bnode *tb;
char *parms[MAXPARMS];
-#ifdef BOS_RESTRICTED_MODE
+ char *thisparms[MAXPARMS];
int rmode;
-#endif
/* rename BozoInit to BosServer for the user */
if (!aname) {
/* if BozoInit exists and BosConfig doesn't, try a rename */
if (access(AFSDIR_SERVER_BOZINIT_FILEPATH, 0) == 0
&& access(AFSDIR_SERVER_BOZCONF_FILEPATH, 0) != 0) {
- code =
- renamefile(AFSDIR_SERVER_BOZINIT_FILEPATH,
- AFSDIR_SERVER_BOZCONF_FILEPATH);
+ code = rk_rename(AFSDIR_SERVER_BOZINIT_FILEPATH,
+ AFSDIR_SERVER_BOZCONF_FILEPATH);
if (code < 0)
perror("bosconfig rename");
}
-#ifdef BOS_NEW_CONFIG
if (access(AFSDIR_SERVER_BOZCONFNEW_FILEPATH, 0) == 0) {
- code =
- renamefile(AFSDIR_SERVER_BOZCONFNEW_FILEPATH,
- AFSDIR_SERVER_BOZCONF_FILEPATH);
+ code = rk_rename(AFSDIR_SERVER_BOZCONFNEW_FILEPATH,
+ AFSDIR_SERVER_BOZCONF_FILEPATH);
if (code < 0)
perror("bosconfig rename");
}
-#endif
}
- /* setup default times we want to do restarts */
- bozo_nextRestartKT.mask = KTIME_HOUR | KTIME_MIN | KTIME_DAY;
- bozo_nextRestartKT.hour = 4; /* 4 am */
+ /* don't do server restarts by default */
+ bozo_nextRestartKT.mask = KTIME_NEVER;
+ bozo_nextRestartKT.hour = 0;
bozo_nextRestartKT.min = 0;
- bozo_nextRestartKT.day = 0; /* Sunday */
+ bozo_nextRestartKT.day = 0;
+
+ /* restart processes at 5am if their binaries have changed */
bozo_nextDayKT.mask = KTIME_HOUR | KTIME_MIN;
bozo_nextDayKT.hour = 5;
bozo_nextDayKT.min = 0;
for (code = 0; code < MAXPARMS; code++)
parms[code] = NULL;
- instp = typep = notifier = NULL;
- tfile = (FILE *) 0;
if (!aname)
aname = (char *)bozo_fileName;
tfile = fopen(aname, "r");
if (!tfile)
return 0; /* -1 */
- instp = (char *)malloc(BOZO_BSSIZE);
- typep = (char *)malloc(BOZO_BSSIZE);
- notifier = notp = (char *)malloc(BOZO_BSSIZE);
+ instp = malloc(BOZO_BSSIZE);
+ typep = malloc(BOZO_BSSIZE);
+ notp = malloc(BOZO_BSSIZE);
while (1) {
/* ok, read lines giving parms and such from the file */
tp = fgets(tbuffer, sizeof(tbuffer), tfile);
bozo_nextDayKT.sec = ktsec;
continue;
}
-#ifdef BOS_RESTRICTED_MODE
+
if (strncmp(tbuffer, "restrictmode", 12) == 0) {
code = sscanf(tbuffer, "restrictmode %d", &rmode);
if (code != 1) {
bozo_isrestricted = rmode;
continue;
}
-#endif
if (strncmp("bnode", tbuffer, 5) != 0) {
code = -1;
} else if (code == 3)
notifier = NULL;
+ memset(thisparms, 0, sizeof(thisparms));
+
for (i = 0; i < MAXPARMS; i++) {
/* now read the parms, until we see an "end" line */
tp = fgets(tbuffer, sizeof(tbuffer), tfile);
goto fail; /* no "parm " either */
}
if (!parms[i]) /* make sure there's space */
- parms[i] = (char *)malloc(BOZO_BSSIZE);
+ parms[i] = malloc(BOZO_BSSIZE);
strcpy(parms[i], tbuffer + 5); /* remember the parameter for later */
+ thisparms[i] = parms[i];
}
/* ok, we have the type and parms, now create the object */
code =
- bnode_Create(typep, instp, &tb, parms[0], parms[1], parms[2],
- parms[3], parms[4], notifier,
- goal ? BSTAT_NORMAL : BSTAT_SHUTDOWN);
+ bnode_Create(typep, instp, &tb, thisparms[0], thisparms[1],
+ thisparms[2], thisparms[3], thisparms[4], notifier,
+ goal ? BSTAT_NORMAL : BSTAT_SHUTDOWN, 0);
if (code)
goto fail;
int
WriteBozoFile(char *aname)
{
- register FILE *tfile;
+ FILE *tfile;
char tbuffer[AFSDIR_PATH_MAX];
- register afs_int32 code;
+ afs_int32 code;
struct bztemp btemp;
if (!aname)
if (!tfile)
return -1;
btemp.file = tfile;
-#ifdef BOS_RESTRICTED_MODE
+
fprintf(tfile, "restrictmode %d\n", bozo_isrestricted);
-#endif
fprintf(tfile, "restarttime %d %d %d %d %d\n", bozo_nextRestartKT.mask,
bozo_nextRestartKT.day, bozo_nextRestartKT.hour,
bozo_nextRestartKT.min, bozo_nextRestartKT.sec);
unlink(tbuffer);
return -1;
}
- code = renamefile(tbuffer, aname);
+ code = rk_rename(tbuffer, aname);
if (code) {
unlink(tbuffer);
return -1;
}
static int
-bdrestart(register struct bnode *abnode, char *arock)
+bdrestart(struct bnode *abnode, void *arock)
{
- register afs_int32 code;
+ afs_int32 code;
if (abnode->fileGoal != BSTAT_NORMAL || abnode->goal != BSTAT_NORMAL)
return 0; /* don't restart stopped bnodes */
#define BOZO_MINSKIP 3600 /* minimum to advance clock */
/* lwp to handle system restarts */
-static int
-BozoDaemon()
+static void *
+BozoDaemon(void *unused)
{
- register afs_int32 now;
+ afs_int32 now;
/* now initialize the values */
bozo_newKTs = 1;
IOMGR_Sleep(60);
now = FT_ApproxTime();
-#ifdef BOS_RESTRICTED_MODE
if (bozo_restdisable) {
bozo_Log("Restricted mode disabled by signal\n");
bozo_restdisable = 0;
}
-#endif
+
if (bozo_newKTs) { /* need to recompute restart times */
bozo_newKTs = 0; /* done for a while */
nextRestart = ktime_next(&bozo_nextRestartKT, BOZO_MINSKIP);
bnode_ApplyInstance(bdrestart, 0);
}
}
+ return NULL;
}
#ifdef AFS_AIX32_ENV
static int
-tweak_config()
+tweak_config(void)
{
FILE *f;
char c[80];
}
#endif
-/*
- * This routine causes the calling process to go into the background and
- * to lose its controlling tty.
- *
- * It does not close or otherwise alter the standard file descriptors.
- *
- * It writes warning messages to the standard error output if certain
- * fundamental errors occur.
- *
- * This routine requires
- *
- * #include <sys/types.h>
- * #include <sys/stat.h>
- * #include <fcntl.h>
- * #include <unistd.h>
- * #include <stdlib.h>
+static char *
+make_pid_filename(char *ainst, char *aname)
+{
+ char *buffer = NULL;
+ int r;
+
+ if (aname && *aname) {
+ r = asprintf(&buffer, "%s/%s.%s.pid", DoPidFiles, ainst, aname);
+ if (r < 0 || buffer == NULL)
+ bozo_Log("Failed to alloc pid filename buffer for %s.%s.\n",
+ ainst, aname);
+ } else {
+ r = asprintf(&buffer, "%s/%s.pid", DoPidFiles, ainst);
+ if (r < 0 || buffer == NULL)
+ bozo_Log("Failed to alloc pid filename buffer for %s.\n", ainst);
+ }
+
+ return buffer;
+}
+
+/**
+ * Write a file containing the pid of the named process.
*
- * and has been tested on:
+ * @param ainst instance name
+ * @param aname sub-process name of the instance, may be null
+ * @param apid process id of the newly started process
*
- * AIX 4.2
- * Digital Unix 4.0D
- * HP-UX 11.0
- * IRIX 6.5
- * Linux 2.1.125
- * Solaris 2.5
- * Solaris 2.6
+ * @returns status
*/
-
-#ifndef AFS_NT40_ENV
-static void
-background(void)
+int
+bozo_CreatePidFile(char *ainst, char *aname, pid_t apid)
{
- /*
- * A process is a process group leader if its process ID
- * (getpid()) and its process group ID (getpgrp()) are the same.
- */
+ int code = 0;
+ char *pidfile = NULL;
+ FILE *fp;
- /*
- * To create a new session (and thereby lose our controlling
- * terminal) we cannot be a process group leader.
- *
- * To guarantee we are not a process group leader, we fork and
- * let the parent process exit.
- */
-
- if (getpid() == getpgrp()) {
- pid_t pid;
- pid = fork();
- switch (pid) {
- case -1:
- abort(); /* leave footprints */
- break;
- case 0: /* child */
- break;
- default: /* parent */
- exit(0);
- break;
- }
+ pidfile = make_pid_filename(ainst, aname);
+ if (!pidfile) {
+ return ENOMEM;
}
-
- /*
- * By here, we are not a process group leader, so we can make a
- * new session and become the session leader.
- */
-
- {
- pid_t sid = setsid();
-
- if (sid == -1) {
- static char err[] = "bosserver: WARNING: setsid() failed\n";
- write(STDERR_FILENO, err, sizeof err - 1);
- }
+ if ((fp = fopen(pidfile, "w")) == NULL) {
+ bozo_Log("Failed to open pidfile %s; errno=%d\n", pidfile, errno);
+ free(pidfile);
+ return errno;
}
-
- /*
- * Once we create a new session, the current process is a
- * session leader without a controlling tty.
- *
- * On some systems, the first tty device the session leader
- * opens automatically becomes the controlling tty for the
- * session.
- *
- * So, to guarantee we do not acquire a controlling tty, we fork
- * and let the parent process exit. The child process is not a
- * session leader, and so it will not acquire a controlling tty
- * even if it should happen to open a tty device.
- */
-
- if (getpid() == getpgrp()) {
- pid_t pid;
- pid = fork();
- switch (pid) {
- case -1:
- abort(); /* leave footprints */
- break;
- case 0: /* child */
- break;
- default: /* parent */
- exit(0);
- break;
- }
+ if (fprintf(fp, "%ld\n", afs_printable_int32_ld(apid)) < 0) {
+ code = errno;
}
+ if (fclose(fp) != 0) {
+ code = errno;
+ }
+ free(pidfile);
+ return code;
+}
- /*
- * check that we no longer have a controlling tty
- */
-
- {
- int fd;
-
- fd = open("/dev/tty", O_RDONLY);
+/**
+ * Clean a pid file for a process which just exited.
+ *
+ * @param ainst instance name
+ * @param aname sub-process name of the instance, may be null
+ *
+ * @returns status
+ */
+int
+bozo_DeletePidFile(char *ainst, char *aname)
+{
+ char *pidfile = NULL;
+ pidfile = make_pid_filename(ainst, aname);
+ if (pidfile) {
+ unlink(pidfile);
+ free(pidfile);
+ }
+ return 0;
+}
- if (fd >= 0) {
- static char err[] =
- "bosserver: WARNING: /dev/tty still attached\n";
- close(fd);
- write(STDERR_FILENO, err, sizeof err - 1);
+/**
+ * Create the rxbind file of this bosserver.
+ *
+ * @param host bind address of this server
+ *
+ * @returns status
+ */
+void
+bozo_CreateRxBindFile(afs_uint32 host)
+{
+ char buffer[16];
+ FILE *fp;
+
+ afs_inet_ntoa_r(host, buffer);
+ bozo_Log("Listening on %s:%d\n", buffer, AFSCONF_NANNYPORT);
+ if ((fp = fopen(AFSDIR_SERVER_BOZRXBIND_FILEPATH, "w")) == NULL) {
+ bozo_Log("Unable to open rxbind address file: %s, code=%d\n",
+ AFSDIR_SERVER_BOZRXBIND_FILEPATH, errno);
+ } else {
+ /* If listening on any interface, write the loopback interface
+ to the rxbind file to give local scripts a usable addresss. */
+ if (host == htonl(INADDR_ANY)) {
+ afs_inet_ntoa_r(htonl(0x7f000001), buffer);
}
+ fprintf(fp, "%s\n", buffer);
+ fclose(fp);
}
}
-#endif /* ! AFS_NT40_ENV */
/* start a process and monitor it */
main(int argc, char **argv, char **envp)
{
struct rx_service *tservice;
- register afs_int32 code;
+ afs_int32 code;
struct afsconf_dir *tdir;
int noAuth = 0;
- struct ktc_encryptionKey tkey;
int i;
char namebuf[AFSDIR_PATH_MAX];
+ int rxMaxMTU = -1;
+ afs_uint32 host = htonl(INADDR_ANY);
+ char *auditFileName = NULL;
+ struct rx_securityClass **securityClasses;
+ afs_int32 numClasses;
+ int DoPeerRPCStats = 0;
+ int DoProcessRPCStats = 0;
#ifndef AFS_NT40_ENV
int nofork = 0;
+ struct stat sb;
#endif
#ifdef AFS_AIX32_ENV
struct sigaction nsa;
/* for some reason, this permits user-mode RX to run a lot faster.
- * we do it here in the bosserver, so we don't have to do it
+ * we do it here in the bosserver, so we don't have to do it
* individually in each server.
*/
tweak_config();
/*
- * The following signal action for AIX is necessary so that in case of a
- * crash (i.e. core is generated) we can include the user's data section
+ * The following signal action for AIX is necessary so that in case of a
+ * crash (i.e. core is generated) we can include the user's data section
* in the core dump. Unfortunately, by default, only a partial core is
* generated which, in many cases, isn't too useful.
*/
sigaction(SIGSEGV, &nsa, NULL);
sigaction(SIGABRT, &nsa, NULL);
#endif
-#ifdef BOS_RESTRICTED_MODE
+ osi_audit_init();
signal(SIGFPE, bozo_insecureme);
-#endif
#ifdef AFS_NT40_ENV
/* Initialize winsock */
/* some path inits */
bozo_fileName = AFSDIR_SERVER_BOZCONF_FILEPATH;
+ DoCore = AFSDIR_SERVER_LOGS_DIRPATH;
/* initialize the list of dirpaths that the bosserver has
* an interest in monitoring */
}
#endif
+#ifndef AFS_NT40_ENV
+ /* save args for restart */
+ bozo_argc = argc;
+ bozo_argv = malloc((argc+1) * sizeof(char*));
+ if (!bozo_argv) {
+ fprintf(stderr, "%s: Failed to allocate argument list.\n", argv[0]);
+ exit(1);
+ }
+ bozo_argv[0] = (char*)AFSDIR_SERVER_BOSVR_FILEPATH; /* expected path */
+ bozo_argv[bozo_argc] = NULL; /* null terminate list */
+#endif /* AFS_NT40_ENV */
+
/* parse cmd line */
for (code = 1; code < argc; code++) {
+#ifndef AFS_NT40_ENV
+ bozo_argv[code] = argv[code];
+#endif /* AFS_NT40_ENV */
if (strcmp(argv[code], "-noauth") == 0) {
/* set noauth flag */
noAuth = 1;
} else if (strncmp(argv[code], "-syslog=", 8) == 0) {
DoSyslog = 1;
DoSyslogFacility = atoi(argv[code] + 8);
+ } else if (strncmp(argv[code], "-cores=", 7) == 0) {
+ if (strcmp((argv[code]+7), "none") == 0)
+ DoCore = 0;
+ else
+ DoCore = (argv[code]+7);
} else if (strcmp(argv[code], "-nofork") == 0) {
nofork = 1;
}
#endif
else if (strcmp(argv[code], "-enable_peer_stats") == 0) {
- rx_enablePeerRPCStats();
+ DoPeerRPCStats = 1;
} else if (strcmp(argv[code], "-enable_process_stats") == 0) {
- rx_enableProcessRPCStats();
+ DoProcessRPCStats = 1;
}
-#ifdef BOS_RESTRICTED_MODE
else if (strcmp(argv[code], "-restricted") == 0) {
bozo_isrestricted = 1;
}
-#endif
+ else if (strcmp(argv[code], "-rxbind") == 0) {
+ rxBind = 1;
+ }
+ else if (strcmp(argv[code], "-allow-dotted-principals") == 0) {
+ rxkadDisableDotCheck = 1;
+ }
+ else if (!strcmp(argv[code], "-rxmaxmtu")) {
+ if ((code + 1) >= argc) {
+ fprintf(stderr, "missing argument for -rxmaxmtu\n");
+ exit(1);
+ }
+ rxMaxMTU = atoi(argv[++code]);
+ }
+ else if (strcmp(argv[code], "-auditlog") == 0) {
+ auditFileName = argv[++code];
+
+ } else if (strcmp(argv[code], "-audit-interface") == 0) {
+ char *interface = argv[++code];
+
+ if (osi_audit_interface(interface)) {
+ printf("Invalid audit interface '%s'\n", interface);
+ exit(1);
+ }
+ } else if (strncmp(argv[code], "-pidfiles=", 10) == 0) {
+ DoPidFiles = (argv[code]+10);
+ } else if (strncmp(argv[code], "-pidfiles", 9) == 0) {
+ DoPidFiles = AFSDIR_BOSCONFIG_DIR;
+ }
else {
/* hack to support help flag */
#ifndef AFS_NT40_ENV
printf("Usage: bosserver [-noauth] [-log] "
+ "[-auditlog <log path>] "
+ "[-audit-interface <file|sysvmq> (default is file)] "
+ "[-rxmaxmtu <bytes>] [-rxbind] [-allow-dotted-principals] "
"[-syslog[=FACILITY]] "
+ "[-restricted] "
"[-enable_peer_stats] [-enable_process_stats] "
+ "[-cores=<none|path>] \n"
+ "[-pidfiles[=path]] "
"[-nofork] " "[-help]\n");
#else
printf("Usage: bosserver [-noauth] [-log] "
+ "[-auditlog <log path>] "
+ "[-audit-interface <file|sysvmq> (default is file)] "
+ "[-rxmaxmtu <bytes>] [-rxbind] [-allow-dotted-principals] "
+ "[-restricted] "
"[-enable_peer_stats] [-enable_process_stats] "
+ "[-cores=<none|path>] \n"
+ "[-pidfiles[=path]] "
"[-help]\n");
#endif
fflush(stdout);
exit(0);
}
}
+ if (auditFileName) {
+ osi_audit_file(auditFileName);
+ }
#ifndef AFS_NT40_ENV
if (geteuid() != 0) {
}
#endif
- code = bnode_Init();
- if (code) {
- printf("bosserver: could not init bnode package, code %d\n", code);
- exit(1);
- }
-
- bnode_Register("fs", &fsbnode_ops, 3);
- bnode_Register("simple", &ezbnode_ops, 1);
- bnode_Register("cron", &cronbnode_ops, 2);
-
- /* create useful dirs */
- CreateDirs();
-
- /* chdir to AFS log directory */
- chdir(AFSDIR_SERVER_LOGS_DIRPATH);
-
-#if 0
- fputs(AFS_GOVERNMENT_MESSAGE, stdout);
- fflush(stdout);
-#endif
-
- /* go into the background and remove our controlling tty */
-
+ if ((!DoSyslog)
#ifndef AFS_NT40_ENV
- if (!nofork)
- background();
-#endif /* ! AFS_NT40_ENV */
-
- if (!DoSyslog) {
+ && ((lstat(AFSDIR_BOZLOG_FILE, &sb) == 0) &&
+ !(S_ISFIFO(sb.st_mode)))
+#endif
+ ) {
strcpy(namebuf, AFSDIR_BOZLOG_FILE);
strcat(namebuf, ".old");
- renamefile(AFSDIR_BOZLOG_FILE, namebuf); /* try rename first */
+ rk_rename(AFSDIR_BOZLOG_FILE, namebuf); /* try rename first */
bozo_logFile = fopen(AFSDIR_BOZLOG_FILE, "a");
if (!bozo_logFile) {
printf("bosserver: can't initialize log file (%s).\n",
#endif
}
- /* Write current state of directory permissions to log file */
- DirAccessOK();
+ /*
+ * go into the background and remove our controlling tty, close open
+ * file desriptors
+ */
- for (i = 0; i < 10; i++) {
- code = rx_Init(htons(AFSCONF_NANNYPORT));
- if (code) {
- bozo_Log("can't initialize rx: code=%d\n", code);
- sleep(3);
- } else
- break;
+#ifndef AFS_NT40_ENV
+ if (!nofork) {
+ if (daemon(1, 0))
+ printf("bosserver: warning - daemon() returned code %d\n", errno);
}
- if (i >= 10) {
- bozo_Log("Bos giving up, can't initialize rx\n");
- exit(code);
+#endif /* ! AFS_NT40_ENV */
+
+ /* create useful dirs */
+ i = CreateDirs(DoCore);
+ if (i) {
+ printf("bosserver: could not set up directories, code %d\n", i);
+ exit(1);
}
- code = LWP_CreateProcess(BozoDaemon, BOZO_LWP_STACKSIZE, /* priority */ 1,
- (void *) /*parm */ 0, "bozo-the-clown",
- &bozo_pid);
+ /* Write current state of directory permissions to log file */
+ DirAccessOK();
+
+ /* chdir to AFS log directory */
+ if (DoCore)
+ i = chdir(DoCore);
+ else
+ i = chdir(AFSDIR_SERVER_LOGS_DIRPATH);
+ if (i) {
+ printf("bosserver: could not change to %s, code %d\n",
+ DoCore ? DoCore : AFSDIR_SERVER_LOGS_DIRPATH, errno);
+ exit(1);
+ }
/* try to read the key from the config file */
tdir = afsconf_Open(AFSDIR_SERVER_ETC_DIRPATH);
}
memset(tcell.hostAddr, 0, sizeof(tcell.hostAddr)); /* not computed */
code =
- afsconf_SetCellInfo(bozo_confdir, AFSDIR_SERVER_ETC_DIRPATH,
+ afsconf_SetCellInfo(NULL, AFSDIR_SERVER_ETC_DIRPATH,
&tcell);
if (code) {
bozo_Log
exit(1);
}
}
+ /* opened the cell databse */
+ bozo_confdir = tdir;
+
+ code = bnode_Init();
+ if (code) {
+ printf("bosserver: could not init bnode package, code %d\n", code);
+ exit(1);
+ }
+
+ bnode_Register("fs", &fsbnode_ops, 3);
+ bnode_Register("dafs", &dafsbnode_ops, 4);
+ bnode_Register("simple", &ezbnode_ops, 1);
+ bnode_Register("cron", &cronbnode_ops, 2);
- /* read init file, starting up programs */
- if (code = ReadBozoFile(0)) {
+#if defined(RLIMIT_CORE) && defined(HAVE_GETRLIMIT)
+ {
+ struct rlimit rlp;
+ getrlimit(RLIMIT_CORE, &rlp);
+ if (!DoCore)
+ rlp.rlim_cur = 0;
+ else
+ rlp.rlim_max = rlp.rlim_cur = RLIM_INFINITY;
+ setrlimit(RLIMIT_CORE, &rlp);
+ getrlimit(RLIMIT_CORE, &rlp);
+ bozo_Log("Core limits now %d %d\n",(int)rlp.rlim_cur,(int)rlp.rlim_max);
+ }
+#endif
+
+ /* Read init file, starting up programs. Also starts watcher threads. */
+ if ((code = ReadBozoFile(0))) {
bozo_Log
("bosserver: Something is wrong (%d) with the bos configuration file %s; aborting\n",
code, AFSDIR_SERVER_BOZCONF_FILEPATH);
exit(code);
}
- /* opened the cell databse */
- bozo_confdir = tdir;
- code = afsconf_GetKey(tdir, 999, &tkey);
+ if (rxBind) {
+ afs_int32 ccode;
+ if (AFSDIR_SERVER_NETRESTRICT_FILEPATH ||
+ AFSDIR_SERVER_NETINFO_FILEPATH) {
+ char reason[1024];
+ ccode = afsconf_ParseNetFiles(SHostAddrs, NULL, NULL,
+ ADDRSPERSITE, reason,
+ AFSDIR_SERVER_NETINFO_FILEPATH,
+ AFSDIR_SERVER_NETRESTRICT_FILEPATH);
+ } else {
+ ccode = rx_getAllAddr(SHostAddrs, ADDRSPERSITE);
+ }
+ if (ccode == 1)
+ host = SHostAddrs[0];
+ }
+ for (i = 0; i < 10; i++) {
+ if (rxBind) {
+ code = rx_InitHost(host, htons(AFSCONF_NANNYPORT));
+ } else {
+ code = rx_Init(htons(AFSCONF_NANNYPORT));
+ }
+ if (code) {
+ bozo_Log("can't initialize rx: code=%d\n", code);
+ sleep(3);
+ } else
+ break;
+ }
+ if (i >= 10) {
+ bozo_Log("Bos giving up, can't initialize rx\n");
+ exit(code);
+ }
+
+ /* Set some rx config */
+ if (DoPeerRPCStats)
+ rx_enablePeerRPCStats();
+ if (DoProcessRPCStats)
+ rx_enableProcessRPCStats();
+
+ /* Disable jumbograms */
+ rx_SetNoJumbo();
+
+ if (rxMaxMTU != -1) {
+ if (rx_SetMaxMTU(rxMaxMTU) != 0) {
+ bozo_Log("bosserver: rxMaxMTU %d is invalid\n", rxMaxMTU);
+ exit(1);
+ }
+ }
+
+ code = LWP_CreateProcess(BozoDaemon, BOZO_LWP_STACKSIZE, /* priority */ 1,
+ /* param */ NULL , "bozo-the-clown", &bozo_pid);
+ if (code) {
+ bozo_Log("Failed to create daemon thread\n");
+ exit(1);
+ }
+
+ /* initialize audit user check */
+ osi_audit_set_user_check(bozo_confdir, bozo_IsLocalRealmMatch);
+
+ bozo_CreateRxBindFile(host); /* for local scripts */
/* allow super users to manage RX statistics */
rx_SetRxStatUserOk(bozo_rxstat_userok);
- /* have bcrypt key now */
-
afsconf_SetNoAuthFlag(tdir, noAuth);
+ afsconf_BuildServerSecurityObjects(tdir, &securityClasses, &numClasses);
- bozo_rxsc[0] = rxnull_NewServerSecurityObject();
- bozo_rxsc[1] = (struct rx_securityClass *)0;
- bozo_rxsc[2] =
- rxkad_NewServerSecurityObject(0, tdir, afsconf_GetKey, NULL);
-
- /* Disable jumbograms */
- rx_SetNoJumbo();
+ if (DoPidFiles) {
+ bozo_CreatePidFile("bosserver", NULL, getpid());
+ }
- tservice = rx_NewService( /* port */ 0, /* service id */ 1,
- /*service name */ "bozo",
- /* security classes */
- bozo_rxsc,
- /* numb sec classes */ 3, BOZO_ExecuteRequest);
+ tservice = rx_NewServiceHost(host, 0, /* service id */ 1,
+ "bozo", securityClasses, numClasses,
+ BOZO_ExecuteRequest);
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, 4);
rx_SetStackSize(tservice, BOZO_LWP_STACKSIZE); /* so gethostbyname works (in cell stuff) */
+ if (rxkadDisableDotCheck) {
+ rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS,
+ (void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
+ }
tservice =
- rx_NewService(0, RX_STATS_SERVICE_ID, "rpcstats", bozo_rxsc, 3,
- RXSTATS_ExecuteRequest);
+ rx_NewServiceHost(host, 0, RX_STATS_SERVICE_ID, "rpcstats",
+ securityClasses, numClasses, RXSTATS_ExecuteRequest);
rx_SetMinProcs(tservice, 2);
rx_SetMaxProcs(tservice, 4);
rx_StartServer(1); /* donate this process */
+ return 0;
}
void
-bozo_Log(char *a, char *b, char *c, char *d, char *e, char *f)
+bozo_Log(const char *format, ...)
{
- char tdate[26];
+ char tdate[27];
time_t myTime;
+ va_list ap;
+
+ va_start(ap, format);
if (DoSyslog) {
#ifndef AFS_NT40_ENV
- syslog(LOG_INFO, a, b, c, d, e, f);
+ vsyslog(LOG_INFO, format, ap);
#endif
} else {
myTime = time(0);
bozo_logFile = fopen(AFSDIR_SERVER_BOZLOG_FILEPATH, "a");
if (bozo_logFile == NULL) {
- printf("bosserver: WARNING: problem with %s",
+ printf("bosserver: WARNING: problem with %s\n",
AFSDIR_SERVER_BOZLOG_FILEPATH);
+ printf("%s ", tdate);
+ vprintf(format, ap);
fflush(stdout);
- }
-
- if (bozo_logFile) {
- fprintf(bozo_logFile, "%s ", tdate);
- fprintf(bozo_logFile, a, b, c, d, e, f);
- fflush(bozo_logFile);
} else {
- printf("%s ", tdate);
- printf(a, b, c, d, e, f);
- }
+ fprintf(bozo_logFile, "%s ", tdate);
+ vfprintf(bozo_logFile, format, ap);
- /* close so rm BosLog works */
- fclose(bozo_logFile);
+ /* close so rm BosLog works */
+ fclose(bozo_logFile);
+ }
}
}