#include <opr/lock.h>
#include <opr/proc.h>
#include <opr/softsig.h>
-#include <afs/procmgmt_softsig.h> /* must come after softsig.h */
#include <afs/cmd.h>
#include <afs/ptclient.h>
#include <afs/afsint.h>
#include <afs/vnode.h>
#include <afs/volume.h>
#include <afs/auth.h>
+#include <afs/authcon.h>
#include <afs/cellconfig.h>
#include <afs/acl.h>
#include <afs/prs_fs.h>
afs_int32 implicitAdminRights = PRSFS_LOOKUP; /* The ADMINISTER right is
* already implied */
afs_int32 readonlyServer = 0;
+afs_int32 adminwriteServer = 0;
int stackSize = 24000;
int fiveminutes = 300; /* 5 minutes. Change this for debugging only */
return islocal;
}
-#if !defined(AFS_NT40_ENV) && !defined(AFS_DARWIN160_ENV)
+#if defined(AFS_NT40_ENV)
+/* no viced_syscall */
+#elif defined(AFS_DARWIN160_ENV)
+/* no viced_syscall */
+#elif !defined(AFS_SYSCALL)
+int
+viced_syscall(afs_uint32 a3, afs_uint32 a4, void *a5)
+{
+ errno = ENOSYS;
+ return -1;
+}
+#else
int
viced_syscall(afs_uint32 a3, afs_uint32 a4, void *a5)
{
/* set our 'thread-id' so that the host hold table works */
threadId = rx_SetThreadNum();
- afs_pthread_setname_self(s);
+ opr_threadname_set(s);
ViceLog(0, ("Set thread id 0x%x for '%s'\n", threadId, s));
#endif
}
opr_cv_broadcast(&fs_state.worker_done_cv);
FS_UNLOCK;
FS_STATE_UNLOCK;
-#endif
return NULL;
+#else
+ AFS_UNREACHED(return(NULL));
+#endif
} /*FiveMinuteCheckLWP */
opr_cv_broadcast(&fs_state.worker_done_cv);
FS_UNLOCK;
FS_STATE_UNLOCK;
-#endif
return NULL;
+#else
+ AFS_UNREACHED(return(NULL));
+#endif
} /*HostCheckLWP */
/* This LWP does fsync checks every 5 minutes: it should not be used for
opr_cv_broadcast(&fs_state.worker_done_cv);
FS_UNLOCK;
FS_STATE_UNLOCK;
-#endif /* AFS_DEMAND_ATTACH_FS */
return NULL;
+#else
+ AFS_UNREACHED(return(NULL));
+#endif /* !AFS_DEMAND_ATTACH_FS */
}
/*------------------------------------------------------------------------
static void *
ShutdownWatchdogLWP(void *unused)
{
- afs_pthread_setname_self("ShutdownWatchdog");
+ opr_threadname_set("ShutdownWatchdog");
sleep(panic_timeout);
ViceLogThenPanic(0, ("ShutdownWatchdogLWP: Failed to shutdown and panic "
"within %d seconds; forcing panic\n",
if (!dopanic)
PrintCounters();
+ /* allow audit interfaces to shutdown */
+ osi_audit_close();
/* shut down volume package */
VShutdown();
* AIX: sysconf() limit is real
* HP-UX: sysconf() limit is real
* IRIX: sysconf() limit is apparently NOT real -- too small
- * DUX: sysconf() limit is apparently NOT real -- too big
* Linux: sysconf() limit is apparently NOT real -- too big
* Solaris: no sysconf() limit
*/
OPT_implicit,
OPT_lock,
OPT_readonly,
+ OPT_adminwrite,
OPT_saneacls,
OPT_buffers,
OPT_callbacks,
struct cmd_syndesc *opts;
int lwps_max;
- char *auditFileName = NULL;
+ char *auditIface = NULL;
+ struct cmd_item *auditLogList = NULL;
char *sync_behavior = NULL;
#if defined(AFS_AIX32_ENV)
#endif
cmd_AddParmAtOffset(opts, OPT_readonly, "-readonly", CMD_FLAG,
CMD_OPTIONAL, "be a readonly fileserver");
+ cmd_AddParmAtOffset(opts, OPT_adminwrite, "-admin-write", CMD_FLAG,
+ CMD_OPTIONAL, "if read-only, allow writes for users "
+ "from system:administrators");
cmd_AddParmAtOffset(opts, OPT_saneacls, "-saneacls", CMD_FLAG,
CMD_OPTIONAL, "set the saneacls capability bit");
cmd_AddParmAtOffset(opts, OPT_vlrudisable, "-vlrudisable",
CMD_FLAG, CMD_OPTIONAL, "disable VLRU functionality");
cmd_AddParmAtOffset(opts, OPT_vlruthresh, "-vlruthresh",
- CMD_FLAG, CMD_OPTIONAL,
+ CMD_SINGLE, CMD_OPTIONAL,
"mins before unused vols become eligible for detach");
cmd_AddParmAtOffset(opts, OPT_vlruinterval, "-vlruinterval",
- CMD_FLAG, CMD_OPTIONAL, "secs between VLRU scans");
- cmd_AddParmAtOffset(opts, OPT_vlrumax, "-vlrumax", CMD_FLAG, CMD_OPTIONAL,
+ CMD_SINGLE, CMD_OPTIONAL, "secs between VLRU scans");
+ cmd_AddParmAtOffset(opts, OPT_vlrumax, "-vlrumax", CMD_SINGLE, CMD_OPTIONAL,
"max volumes to detach in one scan");
cmd_AddParmAtOffset(opts, OPT_unsafe_nosalvage, "-unsafe-nosalvage",
CMD_FLAG, CMD_OPTIONAL,
- "bybass safety checks on volume attach");
+ "bypass safety checks on volume attach");
#endif
/* unrecommend options - should perhaps be CMD_HIDE */
cmd_AddParmAtOffset(opts, OPT_cbwait, "-w", CMD_SINGLE, CMD_OPTIONAL,
"callback wait interval");
- cmd_AddParmAtOffset(opts, OPT_novbc, "-novbc", CMD_SINGLE, CMD_FLAG,
+ cmd_AddParmAtOffset(opts, OPT_novbc, "-novbc", CMD_FLAG, CMD_OPTIONAL,
"disable callback breaks on reattach");
/* general options */
- cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_SINGLE,
- CMD_OPTIONAL, "location of audit log");
+ cmd_AddParmAtOffset(opts, OPT_auditlog, "-auditlog", CMD_LIST,
+ CMD_OPTIONAL, "[interface:]path[:options]");
cmd_AddParmAtOffset(opts, OPT_auditiface, "-audit-interface", CMD_SINGLE,
- CMD_OPTIONAL, "interface to use for audit logging");
+ CMD_OPTIONAL, "default interface");
cmd_AddParmAtOffset(opts, OPT_debug, "-d", CMD_SINGLE, CMD_OPTIONAL,
"debug level");
cmd_AddParmAtOffset(opts, OPT_mrafslogs, "-mrafslogs", CMD_FLAG,
/* rx options */
cmd_AddParmAtOffset(opts, OPT_peer, "-enable_peer_stats", CMD_FLAG,
- CMD_OPTIONAL, "enable RX transport statistics");
+ CMD_OPTIONAL, "enable RX RPC statistics by peer");
cmd_AddParmAtOffset(opts, OPT_process, "-enable_process_stats", CMD_FLAG,
CMD_OPTIONAL, "enable RX RPC statistics");
cmd_AddParmAtOffset(opts, OPT_nojumbo, "-nojumbo", CMD_FLAG,
cmd_OptionAsFlag(opts, OPT_lock, &SawLock);
#endif
cmd_OptionAsFlag(opts, OPT_readonly, &readonlyServer);
+ cmd_OptionAsFlag(opts, OPT_adminwrite, &adminwriteServer);
cmd_OptionAsFlag(opts, OPT_saneacls, &saneacls);
cmd_OptionAsInt(opts, OPT_buffers, &buffs);
#if defined(AFS_AIX32_ENV)
if (cmd_OptionAsInt(opts, OPT_minspare, &aixlow_water) == 0) {
if ((aixlow_water < 0) || (aixlow_water > 30)) {
- printf("space reserved %d%% invalid; must be between 0-30%\n",
+ printf("space reserved %d%% invalid; must be between 0-30%%\n",
aixlow_water);
return -1;
}
cmd_OptionAsFlag(opts, OPT_novbc, &novbc);
/* general server options */
- cmd_OptionAsString(opts, OPT_auditlog, &auditFileName);
-
- if (cmd_OptionAsString(opts, OPT_auditiface, &optstring) == 0) {
- if (osi_audit_interface(optstring)) {
- printf("Invalid audit interface '%s'\n", optstring);
- return -1;
- }
- free(optstring);
- optstring = NULL;
- }
+ cmd_OptionAsString(opts, OPT_auditiface, &auditIface);
+ cmd_OptionAsList(opts, OPT_auditlog, &auditLogList);
if (cmd_OptionAsInt(opts, OPT_threads, &lwps) == 0) {
lwps_max = max_fileserver_thread() - FILESERVER_HELPER_THREADS;
cmd_OptionAsString(opts, OPT_config, &FS_configPath);
-
- if (auditFileName)
- osi_audit_file(auditFileName);
+ code = osi_audit_cmd_Options(auditIface, auditLogList);
+ free(auditIface);
+ if (code)
+ return -1;
if (lwps > 64) {
host_thread_quota = 5;
int curLimit;
time_t t;
struct tm tm;
+ char hoststr[16];
afs_uint32 rx_bindhost;
VolumePackageOptions opts;
+ struct afsconf_bsso_info bsso;
#ifdef AFS_AIX32_ENV
struct sigaction nsa;
#endif
osi_audit_init();
+ memset(&bsso, 0, sizeof(bsso));
+
/* Initialize dirpaths */
if (!(initAFSDirPath() & AFSDIR_SERVER_PATHS_OK)) {
#ifdef AFS_NT40_ENV
OpenLog(&logopts);
LogCommandLine(argc, argv, "starting", "", "File server", FSLog);
- if (afsconf_GetLatestKey(confDir, NULL, NULL) == 0) {
- LogDesWarning();
- }
/* initialize the pthread soft signal handler thread */
opr_softsig_Init();
opr_softsig_Register(SIGTERM, CheckDescriptors_Signal);
#endif
+ /* finish audit interface initalization */
+ osi_audit_open();
+
#if defined(AFS_SGI_ENV)
/* give this guy a non-degrading priority so help busy servers */
schedctl(NDPRI, 0, NDPNORMMAX);
if (SawLock)
plock(PROCLOCK);
#elif !defined(AFS_NT40_ENV)
- if (nice(-5) < 0)
- ; /* don't care */
+ if (nice(-5) < 0) {
+ /* don't care */
+ }
#endif
DInit(buffs);
#ifdef AFS_DEMAND_ATTACH_FS
rx_SetUdpBufSize(udpBufSize); /* set the UDP buffer size for receive */
rx_bindhost = SetupVL();
+ ViceLog(0, ("File server binding rx to %s:%d\n",
+ afs_inet_ntoa_r(rx_bindhost, hoststr), 7000));
if (rx_InitHost(rx_bindhost, (int)htons(7000)) < 0) {
ViceLog(0, ("Cannot initialize RX\n"));
exit(1);
rx_GetIFInfo();
rx_SetRxDeadTime(30);
afsconf_SetSecurityFlags(confDir, AFSCONF_SECOPTS_ALWAYSENCRYPT);
- afsconf_BuildServerSecurityObjects(confDir, &securityClasses, &numClasses);
+
+ bsso.dir = confDir;
+ bsso.logger = FSLog;
+ afsconf_BuildServerSecurityObjects_int(&bsso, &securityClasses,
+ &numClasses);
tservice = rx_NewServiceHost(rx_bindhost, /* port */ 0, /* service id */
1, /*service name */
exit(-1);
}
if (rxkadDisableDotCheck) {
- rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS,
- (void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
+ code = rx_SetSecurityConfiguration(tservice, RXS_CONFIG_FLAGS,
+ (void *)RXS_CONFIG_FLAGS_DISABLE_DOTCHECK);
+ if (code) {
+ ViceLog(0, ("Failed to allow dotted principals: code %d\n", code));
+ exit(-1);
+ }
}
rx_SetMinProcs(tservice, 3);
rx_SetMaxProcs(tservice, lwps);
if (!he) {
ViceLog(0, ("Can't find address for FileServer '%s'\n", FS_HostName));
} else {
- char hoststr[16];
memcpy(&FS_HostAddr_NBO, he->h_addr, 4);
(void)afs_inet_ntoa_r(FS_HostAddr_NBO, hoststr);
FS_HostAddr_HBO = ntohl(FS_HostAddr_NBO);
while (1) {
sleep(1000); /* long time */
}
- return 0;
+ AFS_UNREACHED(return(0));
}