2 * utils/mountd/mountd.c
4 * Authenticate mount requests and retrieve file handle.
6 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
13 #include <netinet/in.h>
14 #include <arpa/inet.h>
25 static void usage(const char *, int exitcode);
26 static exports get_exportlist(void);
27 static struct nfs_fh_len *get_rootfh(struct svc_req *, dirpath *, int *, int v3);
29 static struct option longopts[] =
31 { "foreground", 0, 0, 'F' },
32 { "debug", 1, 0, 'd' },
33 { "help", 0, 0, 'h' },
34 { "exports-file", 1, 0, 'f' },
35 { "nfs-version", 1, 0, 'V' },
36 { "no-nfs-version", 1, 0, 'N' },
37 { "version", 0, 0, 'v' },
38 { "port", 1, 0, 'p' },
42 static int nfs_version = -1;
50 if (nfs_version & 0x1)
51 pmap_unset (MOUNTPROG, MOUNTVERS);
52 if (nfs_version & (0x1 << 1))
53 pmap_unset (MOUNTPROG, MOUNTVERS_POSIX);
54 if (nfs_version & (0x1 << 2))
55 pmap_unset (MOUNTPROG, MOUNTVERS_NFSV3);
56 xlog (L_FATAL, "Caught signal %d, un-registering and exiting.", sig);
60 mount_null_1_svc(struct svc_req *rqstp, void *argp, void *resp)
66 mount_mnt_1_svc(struct svc_req *rqstp, dirpath *path, fhstatus *res)
68 struct nfs_fh_len *fh;
70 xlog(D_CALL, "MNT1(%s) called", *path);
71 if ((fh = get_rootfh(rqstp, path, &res->fhs_status, 0)) != NULL)
72 memcpy(&res->fhstatus_u.fhs_fhandle, fh->fh_handle, 32);
77 mount_dump_1_svc(struct svc_req *rqstp, void *argp, mountlist *res)
79 struct sockaddr_in *addr =
80 (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
81 xlog(L_NOTICE, "dump request from %s",
82 inet_ntoa(addr->sin_addr));
84 *res = mountlist_list();
89 mount_umnt_1_svc(struct svc_req *rqstp, dirpath *argp, void *resp)
91 struct sockaddr_in *sin
92 = (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
95 char rpath[MAXPATHLEN+1];
100 if (realpath(p, rpath) != NULL) {
101 rpath[sizeof (rpath) - 1] = '\0';
105 if (!(exp = auth_authenticate("unmount", sin, p))) {
108 mountlist_del(exp, p);
114 mount_umntall_1_svc(struct svc_req *rqstp, void *argp, void *resp)
116 /* Reload /etc/xtab if necessary */
119 mountlist_del_all((struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt));
124 mount_export_1_svc(struct svc_req *rqstp, void *argp, exports *resp)
126 struct sockaddr_in *addr =
127 (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
128 xlog(L_NOTICE, "export request from %s",
129 inet_ntoa(addr->sin_addr));
130 *resp = get_exportlist();
135 mount_exportall_1_svc(struct svc_req *rqstp, void *argp, exports *resp)
137 struct sockaddr_in *addr =
138 (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
139 xlog(L_NOTICE, "exportall request from %s",
140 inet_ntoa(addr->sin_addr));
141 *resp = get_exportlist();
146 * MNTv2 pathconf procedure
148 * The protocol doesn't include a status field, so Sun apparently considers
149 * it good practice to let anyone snoop on your system, even if it's
150 * pretty harmless data such as pathconf. We don't.
152 * Besides, many of the pathconf values don't make much sense on NFS volumes.
153 * FIFOs and tty device files represent devices on the *client*, so there's
154 * no point in getting the server's buffer sizes etc.
157 mount_pathconf_2_svc(struct svc_req *rqstp, dirpath *path, ppathcnf *res)
159 struct sockaddr_in *sin
160 = (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
163 char rpath[MAXPATHLEN+1];
166 memset(res, 0, sizeof(*res));
171 /* Reload /etc/xtab if necessary */
174 /* Resolve symlinks */
175 if (realpath(p, rpath) != NULL) {
176 rpath[sizeof (rpath) - 1] = '\0';
180 /* Now authenticate the intruder... */
181 if (!(exp = auth_authenticate("mount", sin, p))) {
183 } else if (stat(p, &stb) < 0) {
184 xlog(L_WARNING, "can't stat exported dir %s: %s",
190 res->pc_link_max = pathconf(p, _PC_LINK_MAX);
191 res->pc_max_canon = pathconf(p, _PC_MAX_CANON);
192 res->pc_max_input = pathconf(p, _PC_MAX_INPUT);
193 res->pc_name_max = pathconf(p, _PC_NAME_MAX);
194 res->pc_path_max = pathconf(p, _PC_PATH_MAX);
195 res->pc_pipe_buf = pathconf(p, _PC_PIPE_BUF);
196 res->pc_vdisable = pathconf(p, _PC_VDISABLE);
198 /* Can't figure out what to do with pc_mask */
208 * NFSv3 MOUNT procedure
211 mount_mnt_3_svc(struct svc_req *rqstp, dirpath *path, mountres3 *res)
213 static int flavors[] = { AUTH_NULL, AUTH_UNIX };
214 struct nfs_fh_len *fh;
216 xlog(D_CALL, "MNT3(%s) called", *path);
217 if ((fh = get_rootfh(rqstp, path, (int *) &res->fhs_status, 1)) != NULL) {
218 struct mountres3_ok *ok = &res->mountres3_u.mountinfo;
220 ok->fhandle.fhandle3_len = fh->fh_size;
221 ok->fhandle.fhandle3_val = fh->fh_handle;
222 ok->auth_flavors.auth_flavors_len = 2;
223 ok->auth_flavors.auth_flavors_val = flavors;
228 static struct nfs_fh_len *
229 get_rootfh(struct svc_req *rqstp, dirpath *path, int *error, int v3)
231 struct sockaddr_in *sin =
232 (struct sockaddr_in *) svc_getcaller(rqstp->rq_xprt);
235 char rpath[MAXPATHLEN+1];
241 /* Reload /var/lib/nfs/etab if necessary */
244 /* Resolve symlinks */
245 if (realpath(p, rpath) != NULL) {
246 rpath[sizeof (rpath) - 1] = '\0';
250 /* Now authenticate the intruder... */
251 if (!(exp = auth_authenticate("mount", sin, p))) {
252 *error = NFSERR_ACCES;
253 } else if (stat(p, &stb) < 0) {
254 xlog(L_WARNING, "can't stat exported dir %s: %s",
257 *error = NFSERR_NOENT;
259 *error = NFSERR_ACCES;
260 } else if (!S_ISDIR(stb.st_mode) && !S_ISREG(stb.st_mode)) {
261 xlog(L_WARNING, "%s is not a directory or regular file", p);
262 *error = NFSERR_NOTDIR;
264 struct nfs_fh_len *fh;
266 if (!exp->m_exported)
272 fh = getfh_size ((struct sockaddr *) sin, p, 64);
273 if (!v3 || (fh == NULL && errno == EINVAL)) {
274 /* We first try the new nfs syscall. */
275 fh = getfh ((struct sockaddr *) sin, p);
276 if (fh == NULL && errno == EINVAL)
277 /* Let's try the old one. */
278 fh = getfh_old ((struct sockaddr *) sin,
279 stb.st_dev, stb.st_ino);
282 mountlist_add(exp, p);
287 xlog(L_WARNING, "getfh failed: %s", strerror(errno));
288 *error = NFSERR_ACCES;
297 static exports elist = NULL;
298 struct exportnode *e, *ne;
299 struct groupnode *g, *ng, *c, **cp;
303 if (!auth_reload() && elist)
306 for (e = elist; e != NULL; e = ne) {
308 for (g = e->ex_groups; g != NULL; g = ng) {
318 for (i = 0; i < MCL_MAXTYPES; i++) {
319 for (exp = exportlist[i]; exp; exp = exp->m_next) {
320 for (e = elist; e != NULL; e = e->ex_next) {
321 if (!strcmp(exp->m_export.m_path, e->ex_dir))
325 e = (struct exportnode *) xmalloc(sizeof(*e));
328 e->ex_dir = xstrdup(exp->m_export.m_path);
332 /* We need to check if we should remove
334 if (i == MCL_ANONYMOUS && e->ex_groups) {
335 for (g = e->ex_groups; g; g = ng) {
344 if (i != MCL_FQDN && e->ex_groups) {
348 while ((c = *cp) != NULL) {
349 if (client_gettype (c->gr_name) == MCL_FQDN
350 && (hp = gethostbyname(c->gr_name))) {
351 hp = hostent_dup (hp);
352 if (client_check(exp->m_client, hp)) {
357 if ((c = *cp) == NULL)
367 if (exp->m_export.e_hostname [0] != '\0') {
368 for (g = e->ex_groups; g; g = g->gr_next)
369 if (strcmp (exp->m_export.e_hostname,
374 g = (struct groupnode *) xmalloc(sizeof(*g));
375 g->gr_name = xstrdup(exp->m_export.e_hostname);
376 g->gr_next = e->ex_groups;
386 main(int argc, char **argv)
388 char *export_file = _PATH_EXPORTS;
394 /* Parse the command line options and arguments. */
396 while ((c = getopt_long(argc, argv, "Fd:f:p:P:hN:V:v", longopts, NULL)) != EOF)
402 xlog_sconfig(optarg, 1);
405 export_file = optarg;
410 case 'P': /* XXX for nfs-server compatibility */
413 if (port <= 0 || port > 65535) {
414 fprintf(stderr, "%s: bad port number: %s\n",
420 nfs_version &= ~(1 << (atoi (optarg) - 1));
423 nfs_version |= 1 << (atoi (optarg) - 1);
426 printf("kmountd %s\n", VERSION);
435 /* No more arguments allowed. */
436 if (optind != argc || !(nfs_version & 0x7))
439 /* Initialize logging. */
440 /* xlog_open("mountd"); */
442 sa.sa_handler = SIG_IGN;
444 sigemptyset(&sa.sa_mask);
445 sigaction(SIGHUP, &sa, NULL);
446 sigaction(SIGINT, &sa, NULL);
447 sigaction(SIGTERM, &sa, NULL);
449 if (nfs_version & 0x1)
450 rpc_init("mountd", MOUNTPROG, MOUNTVERS,
451 mount_dispatch, port, 0);
452 if (nfs_version & (0x1 << 1))
453 rpc_init("mountd", MOUNTPROG, MOUNTVERS_POSIX,
454 mount_dispatch, port, 0);
455 if (nfs_version & (0x1 << 2))
456 rpc_init("mountd", MOUNTPROG, MOUNTVERS_NFSV3,
457 mount_dispatch, port, 0);
459 sa.sa_handler = killer;
460 sigaction(SIGHUP, &sa, NULL);
461 sigaction(SIGINT, &sa, NULL);
462 sigaction(SIGTERM, &sa, NULL);
464 auth_init(export_file);
467 /* We first fork off a child. */
468 if ((c = fork()) > 0)
471 xlog(L_FATAL, "mountd: cannot fork: %s\n",
474 /* Now we remove ourselves from the foreground.
475 Redirect stdin/stdout/stderr first. */
477 int fd = open("/dev/null", O_RDWR);
481 if (fd > 2) (void) close(fd);
489 xlog(L_ERROR, "Ack! Gack! svc_run returned!\n");
494 usage(const char *prog, int n)
497 "Usage: %s [-Fhnv] [-d kind] [-f exports-file] [-V version]\n"
498 " [-N version] [--debug kind] [-p|--port port] [--help] [--version]\n"
499 " [--exports-file=file] [--nfs-version version]\n"
500 " [--no-nfs-version version]\n", prog);