#include <stdarg.h>
#include <netdb.h>
#include <errno.h>
+#include <grp.h>
#ifndef BASEDIR
-#define BASEDIR "/var/lib/nfs"
+# ifdef NFS_STATEDIR
+# define BASEDIR NFS_STATEDIR
+# else
+# define BASEDIR "/var/lib/nfs"
+# endif
#endif
#define DEFAULT_SM_STATE_PATH BASEDIR "/state"
static void get_hosts(const char *);
static void insert_host(struct nsm_host *);
struct nsm_host * find_host(uint32_t);
-static int addr_parse(int, const char *, nsm_address *);
static int addr_get_port(nsm_address *);
static void addr_set_port(nsm_address *, int);
static int host_lookup(int, const char *, nsm_address *);
void nsm_log(int fac, const char *fmt, ...);
+static int record_pid();
+static void drop_privs(void);
static struct nsm_host * hosts = NULL;
main(int argc, char **argv)
{
int c;
+ int force = 0;
- while ((c = getopt(argc, argv, "dm:np:v:qP:")) != -1) {
+ while ((c = getopt(argc, argv, "dm:np:v:qP:f")) != -1) {
switch (c) {
+ case 'f':
+ force = 1;
+ break;
case 'd':
opt_debug++;
break;
}
if (optind < argc) {
-usage: fprintf(stderr, "sm-notify [-d]\n");
+usage: fprintf(stderr,
+ "Usage: sm-notify [-dfq] [-m max-retry-minutes] [-p srcport]\n"
+ " [-P /path/to/state/directory] [-N my_host_name\n");
return 1;
}
+ if (strcmp(_SM_BASE_PATH, BASEDIR) == 0) {
+ if (record_pid() == 0 && force == 0 && opt_update_state == 0)
+ /* already run, don't try again */
+ exit(0);
+ }
+
if (opt_srcaddr) {
strncpy(nsm_hostname, opt_srcaddr, sizeof(nsm_hostname)-1);
} else
/* Bind source IP if provided on command line */
if (opt_srcaddr) {
- if (!addr_parse(AF_INET, opt_srcaddr, &local_addr)
- && !host_lookup(AF_INET, opt_srcaddr, &local_addr)) {
+ if (!host_lookup(AF_INET, opt_srcaddr, &local_addr)) {
nsm_log(LOG_WARNING,
"Not a valid hostname or address: \"%s\"\n",
opt_srcaddr);
if (opt_max_retry)
failtime = time(NULL) + opt_max_retry;
+ drop_privs();
+
while (hosts) {
struct pollfd pfd;
time_t now = time(NULL);
host = calloc(1, sizeof(*host));
snprintf(path, sizeof(path), "%s/%s", dirname, de->d_name);
- if (!addr_parse(AF_INET, de->d_name, &host->addr)
- && !addr_parse(AF_INET6, de->d_name, &host->addr)
- && !host_lookup(AF_INET, de->d_name, &host->addr)) {
+ if (!host_lookup(AF_UNSPEC, de->d_name, &host->addr)) {
nsm_log(LOG_WARNING,
"%s doesn't seem to be a valid address, skipped",
de->d_name);
/*
* Address handling utilities
*/
-static int
-addr_parse(int af, const char *name, nsm_address *addr)
-{
- void *ptr;
-
- if (af == AF_INET)
- ptr = &((struct sockaddr_in *) addr)->sin_addr;
- else if (af == AF_INET6)
- ptr = &((struct sockaddr_in6 *) addr)->sin6_addr;
- else
- return 0;
- if (inet_pton(af, name, ptr) <= 0)
- return 0;
- ((struct sockaddr *) addr)->sa_family = af;
- return 1;
-}
int
addr_get_port(nsm_address *addr)
}
va_end(ap);
}
+
+/*
+ * Record pid in /var/run/sm-notify.pid
+ * This file should remain until a reboot, even if the
+ * program exits.
+ * If file already exists, fail.
+ */
+static int record_pid()
+{
+ char pid[20];
+ int fd;
+
+ snprintf(pid, 20, "%d\n", getpid());
+ fd = open("/var/run/sm-notify.pid", O_CREAT|O_EXCL|O_WRONLY, 0600);
+ if (!fd)
+ return 0;
+ write(fd, pid, strlen(pid));
+ close(fd);
+ return 1;
+}
+
+/* Drop privileges to match owner of state-directory
+ * (in case a reply triggers some unknown bug).
+ */
+static void drop_privs(void)
+{
+ struct stat st;
+
+ if (stat(_SM_DIR_PATH, &st) == -1 &&
+ stat(_SM_BASE_PATH, &st) == -1) {
+ st.st_uid = 0;
+ st.st_gid = 0;
+ }
+
+ if (st.st_uid == 0) {
+ nsm_log(LOG_WARNING,
+ "sm-notify running as root. chown %s to choose different user\n",
+ _SM_DIR_PATH);
+ return;
+ }
+
+ setgroups(0, NULL);
+ if (setgid(st.st_gid) == -1
+ || setuid(st.st_uid) == -1) {
+ nsm_log(LOG_ERR, "Fail to drop privileges");
+ exit(1);
+ }
+}