X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=utils%2Fstatd%2Fsm-notify.c;h=e5ca904e32665b04c0420c87e98e858b1174ffd6;hp=aa2c7d199b59c67b48839050c17f2eafd90aefc8;hb=7862a784c2990b1f5330959d30069a637a041715;hpb=235f44178d3412193b2b76c3be510918b67c6d95 diff --git a/utils/statd/sm-notify.c b/utils/statd/sm-notify.c index aa2c7d1..e5ca904 100644 --- a/utils/statd/sm-notify.c +++ b/utils/statd/sm-notify.c @@ -4,6 +4,10 @@ * Copyright (C) 2004-2006 Olaf Kirch */ +#ifdef HAVE_CONFIG_H +#include +#endif + #include #include #include @@ -22,9 +26,14 @@ #include #include #include +#include #ifndef BASEDIR -#define BASEDIR "/var/lib/nfs" +# ifdef NFS_STATEDIR +# define BASEDIR NFS_STATEDIR +# else +# define BASEDIR "/var/lib/nfs" +# endif #endif #define DEFAULT_SM_STATE_PATH BASEDIR "/state" @@ -51,6 +60,7 @@ struct nsm_host { char * name; char * path; nsm_address addr; + struct addrinfo *ai; time_t last_used; time_t send_next; unsigned int timeout; @@ -70,7 +80,7 @@ static int log_syslog = 0; static unsigned int nsm_get_state(int); static void notify(void); -static void notify_host(int, struct nsm_host *); +static int notify_host(int, struct nsm_host *); static void recv_reply(int); static void backup_hosts(const char *, const char *); static void get_hosts(const char *); @@ -78,8 +88,11 @@ static void insert_host(struct nsm_host *); struct nsm_host * find_host(uint32_t); static int addr_get_port(nsm_address *); static void addr_set_port(nsm_address *, int); -static int host_lookup(int, const char *, nsm_address *); +static struct addrinfo *host_lookup(int, const char *); void nsm_log(int fac, const char *fmt, ...); +static int record_pid(void); +static void drop_privs(void); +static void set_kernel_nsm_state(int state); static struct nsm_host * hosts = NULL; @@ -87,9 +100,13 @@ int main(int argc, char **argv) { int c; + int force = 0; - while ((c = getopt(argc, argv, "dm:np:v:qP:")) != -1) { + while ((c = getopt(argc, argv, "dm:np:v:qP:f")) != -1) { switch (c) { + case 'f': + force = 1; + break; case 'd': opt_debug++; break; @@ -117,7 +134,7 @@ main(int argc, char **argv) _SM_STATE_PATH == NULL || _SM_DIR_PATH == NULL || _SM_BAK_PATH == NULL) { - nsm_log(LOG_WARNING, "unable to allocate memory"); + nsm_log(LOG_ERR, "unable to allocate memory"); exit(1); } strcat(strcpy(_SM_STATE_PATH, _SM_BASE_PATH), "/state"); @@ -131,21 +148,34 @@ main(int argc, char **argv) } if (optind < argc) { -usage: fprintf(stderr, "sm-notify [-d]\n"); - return 1; +usage: fprintf(stderr, + "Usage: sm-notify [-dfq] [-m max-retry-minutes] [-p srcport]\n" + " [-P /path/to/state/directory] [-v my_host_name]\n"); + exit(1); + } + + if (strcmp(_SM_BASE_PATH, BASEDIR) == 0) { + if (record_pid() == 0 && force == 0 && opt_update_state == 1) + /* already run, don't try again */ + exit(0); } if (opt_srcaddr) { strncpy(nsm_hostname, opt_srcaddr, sizeof(nsm_hostname)-1); } else if (gethostname(nsm_hostname, sizeof(nsm_hostname)) < 0) { - perror("gethostname"); - return 1; + nsm_log(LOG_ERR, "Failed to obtain name of local host: %s", + strerror(errno)); + exit(1); } backup_hosts(_SM_DIR_PATH, _SM_BAK_PATH); get_hosts(_SM_BAK_PATH); + /* Get and update the NSM state. This will call sync() */ + nsm_state = nsm_get_state(opt_update_state); + set_kernel_nsm_state(nsm_state); + if (!opt_debug) { if (!opt_quiet) printf("Backgrounding to notify hosts...\n"); @@ -154,9 +184,9 @@ usage: fprintf(stderr, "sm-notify [-d]\n"); log_syslog = 1; if (daemon(0, 0) < 0) { - nsm_log(LOG_WARNING, "unable to background: %s", + nsm_log(LOG_ERR, "unable to background: %s", strerror(errno)); - return 1; + exit(1); } close(0); @@ -164,9 +194,6 @@ usage: fprintf(stderr, "sm-notify [-d]\n"); close(2); } - /* Get and update the NSM state. This will call sync() */ - nsm_state = nsm_get_state(opt_update_state); - notify(); if (hosts) { @@ -178,10 +205,10 @@ usage: fprintf(stderr, "sm-notify [-d]\n"); "Unable to notify %s, giving up", hp->name); } - return 1; + exit(1); } - return 0; + exit(0); } /* @@ -193,10 +220,13 @@ notify(void) nsm_address local_addr; time_t failtime = 0; int sock = -1; + int retry_cnt = 0; + retry: sock = socket(AF_INET, SOCK_DGRAM, 0); if (sock < 0) { - perror("socket"); + nsm_log(LOG_ERR, "Failed to create RPC socket: %s", + strerror(errno)); exit(1); } fcntl(sock, F_SETFL, O_NONBLOCK); @@ -206,13 +236,18 @@ notify(void) /* Bind source IP if provided on command line */ if (opt_srcaddr) { - if (!host_lookup(AF_INET, opt_srcaddr, &local_addr)) { - nsm_log(LOG_WARNING, - "Not a valid hostname or address: \"%s\"\n", + struct addrinfo *ai = host_lookup(AF_INET, opt_srcaddr); + if (!ai) { + nsm_log(LOG_ERR, + "Not a valid hostname or address: \"%s\"", opt_srcaddr); exit(1); } + /* We know it's IPv4 at this point */ + memcpy(&local_addr, ai->ai_addr, ai->ai_addrlen); + + freeaddrinfo(ai); } /* Use source port if provided on the command line, @@ -220,16 +255,28 @@ notify(void) if (opt_srcport) { addr_set_port(&local_addr, opt_srcport); if (bind(sock, (struct sockaddr *) &local_addr, sizeof(local_addr)) < 0) { - perror("bind"); + nsm_log(LOG_ERR, "Failed to bind RPC socket: %s", + strerror(errno)); exit(1); } } else { - (void) bindresvport(sock, (struct sockaddr_in *) &local_addr); + struct servent *se; + struct sockaddr_in *sin = (struct sockaddr_in *)&local_addr; + (void) bindresvport(sock, sin); + /* try to avoid known ports */ + se = getservbyport(sin->sin_port, "udp"); + if (se && retry_cnt < 100) { + retry_cnt++; + close(sock); + goto retry; + } } if (opt_max_retry) failtime = time(NULL) + opt_max_retry; + drop_privs(); + while (hosts) { struct pollfd pfd; time_t now = time(NULL); @@ -240,7 +287,7 @@ notify(void) if (failtime && now >= failtime) break; - while ((wait = hosts->send_next - now) <= 0) { + while (hosts && ((wait = hosts->send_next - now) <= 0)) { /* Never send more than 10 packets at once */ if (sent++ >= 10) break; @@ -249,7 +296,13 @@ notify(void) hp = hosts; hosts = hp->next; - notify_host(sock, hp); + if (notify_host(sock, hp)){ + unlink(hp->path); + free(hp->name); + free(hp->path); + free(hp); + continue; + } /* Set the timeout for this call, using an exponential timeout strategy */ @@ -261,6 +314,8 @@ notify(void) insert_host(hp); } + if (hosts == NULL) + return; nsm_log(LOG_DEBUG, "Host %s due in %ld seconds", hosts->name, wait); @@ -281,7 +336,7 @@ notify(void) /* * Send notification to a single host */ -void +int notify_host(int sock, struct nsm_host *host) { static unsigned int xid = 0; @@ -294,6 +349,16 @@ notify_host(int sock, struct nsm_host *host) if (!host->xid) host->xid = xid++; + if (host->ai == NULL) { + host->ai = host_lookup(AF_UNSPEC, host->name); + if (host->ai == NULL) { + nsm_log(LOG_WARNING, + "%s doesn't seem to be a valid address," + " skipped", host->name); + return 1; + } + } + memset(msgbuf, 0, sizeof(msgbuf)); p = msgbuf; *p++ = htonl(host->xid); @@ -301,9 +366,24 @@ notify_host(int sock, struct nsm_host *host) *p++ = htonl(2); /* If we retransmitted 4 times, reset the port to force - * a new portmap lookup (in case statd was restarted) + * a new portmap lookup (in case statd was restarted). + * We also rotate through multiple IP addresses at this + * point. */ if (host->retries >= 4) { + struct addrinfo *first = host->ai; + struct addrinfo **next = &host->ai; + + /* remove the first entry from the list */ + host->ai = first->ai_next; + first->ai_next = NULL; + /* find the end of the list */ + next = &first->ai_next; + while ( *next ) + next = & (*next)->ai_next; + /* put first entry at end */ + *next = first; + memcpy(&host->addr, first->ai_addr, first->ai_addrlen); addr_set_port(&host->addr, 0); host->retries = 0; } @@ -347,7 +427,11 @@ notify_host(int sock, struct nsm_host *host) } len = (p - msgbuf) << 2; - sendto(sock, msgbuf, len, 0, (struct sockaddr *) &dest, sizeof(dest)); + if (sendto(sock, msgbuf, len, 0, (struct sockaddr *) &dest, sizeof(dest)) < 0) + nsm_log(LOG_WARNING, "Sending Reboot Notification to " + "'%s' failed: errno %d (%s)", host->name, errno, strerror(errno)); + + return 0; } /* @@ -411,11 +495,13 @@ recv_reply(int sock) * packet) */ if (p <= end) { - nsm_log(LOG_DEBUG, "Host %s notified successfully", hp->name); + nsm_log(LOG_DEBUG, "Host %s notified successfully", + hp->name); unlink(hp->path); free(hp->name); free(hp->path); free(hp); + freeaddrinfo(hp->ai); return; } } @@ -434,7 +520,8 @@ backup_hosts(const char *dirname, const char *bakname) DIR *dir; if (!(dir = opendir(dirname))) { - perror(dirname); + nsm_log(LOG_WARNING, + "Failed to open %s: %s", dirname, strerror(errno)); return; } @@ -456,7 +543,7 @@ backup_hosts(const char *dirname, const char *bakname) } /* - * Get all entries from sm.bak and convert them to host names + * Get all entries from sm.bak and convert them to host entries */ static void get_hosts(const char *dirname) @@ -466,7 +553,8 @@ get_hosts(const char *dirname) DIR *dir; if (!(dir = opendir(dirname))) { - perror(dirname); + nsm_log(LOG_WARNING, + "Failed to open %s: %s", dirname, strerror(errno)); return; } @@ -479,22 +567,20 @@ get_hosts(const char *dirname) continue; if (host == NULL) host = calloc(1, sizeof(*host)); - - snprintf(path, sizeof(path), "%s/%s", dirname, de->d_name); - if (!host_lookup(AF_UNSPEC, de->d_name, &host->addr)) { - nsm_log(LOG_WARNING, - "%s doesn't seem to be a valid address, skipped", - de->d_name); - unlink(path); - continue; + if (host == NULL) { + nsm_log(LOG_WARNING, "Unable to allocate memory"); + return; } + snprintf(path, sizeof(path), "%s/%s", dirname, de->d_name); if (stat(path, &stb) < 0) continue; + host->last_used = stb.st_mtime; host->timeout = NSM_TIMEOUT; host->path = strdup(path); host->name = strdup(de->d_name); + host->retries = 100; /* force address retry */ insert_host(host); host = NULL; @@ -589,17 +675,17 @@ nsm_get_state(int update) snprintf(newfile, sizeof(newfile), "%s.new", _SM_STATE_PATH); if ((fd = open(newfile, O_CREAT|O_WRONLY, 0644)) < 0) { - nsm_log(LOG_WARNING, "Cannot create %s: %m", newfile); + nsm_log(LOG_ERR, "Cannot create %s: %m", newfile); exit(1); } if (write(fd, &state, sizeof(state)) != sizeof(state)) { - nsm_log(LOG_WARNING, + nsm_log(LOG_ERR, "Failed to write state to %s", newfile); exit(1); } close(fd); if (rename(newfile, _SM_STATE_PATH) < 0) { - nsm_log(LOG_WARNING, + nsm_log(LOG_ERR, "Cannot create %s: %m", _SM_STATE_PATH); exit(1); } @@ -637,25 +723,19 @@ addr_set_port(nsm_address *addr, int port) } } -static int -host_lookup(int af, const char *name, nsm_address *addr) +static struct addrinfo * +host_lookup(int af, const char *name) { struct addrinfo hints, *ai; - int okay = 0; memset(&hints, 0, sizeof(hints)); hints.ai_family = af; + hints.ai_protocol = IPPROTO_UDP; if (getaddrinfo(name, NULL, &hints, &ai) != 0) - return 0; - - if (ai->ai_addrlen < sizeof(*addr)) { - memcpy(addr, ai->ai_addr, ai->ai_addrlen); - okay = 1; - } + return NULL; - freeaddrinfo(ai); - return okay; + return ai; } /* @@ -678,3 +758,64 @@ nsm_log(int fac, const char *fmt, ...) } va_end(ap); } + +/* + * Record pid in /var/run/sm-notify.pid + * This file should remain until a reboot, even if the + * program exits. + * If file already exists, fail. + */ +static int record_pid(void) +{ + char pid[20]; + int fd; + + snprintf(pid, 20, "%d\n", getpid()); + fd = open("/var/run/sm-notify.pid", O_CREAT|O_EXCL|O_WRONLY, 0600); + if (fd < 0) + return 0; + write(fd, pid, strlen(pid)); + close(fd); + return 1; +} + +/* Drop privileges to match owner of state-directory + * (in case a reply triggers some unknown bug). + */ +static void drop_privs(void) +{ + struct stat st; + + if (stat(_SM_DIR_PATH, &st) == -1 && + stat(_SM_BASE_PATH, &st) == -1) { + st.st_uid = 0; + st.st_gid = 0; + } + + if (st.st_uid == 0) { + nsm_log(LOG_WARNING, + "sm-notify running as root. chown %s to choose different user", + _SM_DIR_PATH); + return; + } + + setgroups(0, NULL); + if (setgid(st.st_gid) == -1 + || setuid(st.st_uid) == -1) { + nsm_log(LOG_ERR, "Fail to drop privileges"); + exit(1); + } +} + +static void set_kernel_nsm_state(int state) +{ + int fd; + + fd = open("/proc/sys/fs/nfs/nsm_local_state",O_WRONLY); + if (fd >= 0) { + char buf[20]; + snprintf(buf, sizeof(buf), "%d", state); + write(fd, buf, strlen(buf)); + close(fd); + } +}