X-Git-Url: https://git.decadent.org.uk/gitweb/?p=nfs-utils.git;a=blobdiff_plain;f=utils%2Fstatd%2Fstatd.c;h=01fdb41301889bf6f36d6d68d5cc4d6b51673b33;hp=6148952bee523701a2be9b295c1cb3d0b0911fd8;hb=9a5293a10551c03b4fb976503dd24da569fcadb3;hpb=9ccfe0fa5a43dfc4453b09e328565a6c8f999fe4 diff --git a/utils/statd/statd.c b/utils/statd/statd.c index 6148952..01fdb41 100644 --- a/utils/statd/statd.c +++ b/utils/statd/statd.c @@ -25,25 +25,15 @@ #include #include #include + #include "statd.h" #include "nfslib.h" +#include "nsm.h" /* Socket operations */ #include #include -/* Added to enable specification of state directory path at run-time - * j_carlos_gomez@yahoo.com - */ - -char * DIR_BASE = DEFAULT_DIR_BASE; - -char * SM_DIR = DEFAULT_SM_DIR; -char * SM_BAK_DIR = DEFAULT_SM_BAK_DIR; -char * SM_STAT_PATH = DEFAULT_SM_STAT_PATH; - -/* ----- end of state directory path stuff ------- */ - int run_mode = 0; /* foreground logging mode */ /* LH - I had these local to main, but it seemed silly to have @@ -73,7 +63,6 @@ static struct option longopts[] = }; extern void sm_prog_1 (struct svc_req *, register SVCXPRT *); -static void load_state_number(void); #ifdef SIMULATIONS extern void simulator (int, char **); @@ -86,11 +75,8 @@ extern void simulator (int, char **); static void sm_prog_1_wrapper (struct svc_req *rqstp, register SVCXPRT *transp) { - struct sockaddr_in *sin = nfs_getrpccaller_in(transp); - /* remote host authorization check */ - if (sin->sin_family == AF_INET && - !check_default("statd", sin, rqstp->rq_proc, SM_PROG)) { + if (!check_default("statd", nfs_getrpccaller(transp), SM_PROG)) { svcerr_auth (transp, AUTH_FAILED); return; } @@ -101,13 +87,18 @@ sm_prog_1_wrapper (struct svc_req *rqstp, register SVCXPRT *transp) #define sm_prog_1 sm_prog_1_wrapper #endif +static void +statd_unregister(void) { + nfs_svc_unregister(SM_PROG, SM_VERS); +} + /* * Signal handler. */ static void killer (int sig) { - pmap_unset (SM_PROG, SM_VERS); + statd_unregister (); xlog_err ("Caught signal %d, un-registering and exiting", sig); } @@ -136,6 +127,9 @@ static void log_modes(void) strcat(buf,"No-Daemon "); if (run_mode & MODE_LOG_STDERR) strcat(buf,"Log-STDERR "); +#ifdef HAVE_LIBTIRPC + strcat(buf, "TI-RPC "); +#endif xlog_warn(buf); } @@ -190,38 +184,6 @@ static void truncate_pidfile(void) } } -static void drop_privs(void) -{ - struct stat st; - - if (stat(SM_DIR, &st) == -1 && - stat(DIR_BASE, &st) == -1) { - st.st_uid = 0; - st.st_gid = 0; - } - - if (st.st_uid == 0) { - xlog_warn("Running as 'root'. " - "chown %s to choose different user\n", SM_DIR); - return; - } - /* better chown the pid file before dropping, as if it - * if over nfs we might loose access - */ - if (pidfd >= 0) { - if (fchown(pidfd, st.st_uid, st.st_gid) < 0) { - xlog(L_ERROR, "Unable to change owner of %s: %d (%s)", - SM_DIR, strerror (errno)); - } - } - setgroups(0, NULL); - if (setgid(st.st_gid) == -1 - || setuid(st.st_uid) == -1) { - xlog(L_ERROR, "Fail to drop privileges"); - exit(1); - } -} - static void run_sm_notify(int outport) { char op[20]; @@ -316,34 +278,8 @@ int main (int argc, char **argv) MY_NAME = xstrdup(optarg); break; case 'P': - - if ((DIR_BASE = xstrdup(optarg)) == NULL) { - fprintf(stderr, "%s: xstrdup(%s) failed!\n", - argv[0], optarg); + if (!nsm_setup_pathnames(argv[0], optarg)) exit(1); - } - - SM_DIR = xmalloc(strlen(DIR_BASE) + 1 + sizeof("sm")); - SM_BAK_DIR = xmalloc(strlen(DIR_BASE) + 1 + sizeof("sm.bak")); - SM_STAT_PATH = xmalloc(strlen(DIR_BASE) + 1 + sizeof("state")); - - if ((SM_DIR == NULL) - || (SM_BAK_DIR == NULL) - || (SM_STAT_PATH == NULL)) { - - fprintf(stderr, "%s: xmalloc() failed!\n", - argv[0]); - exit(1); - } - if (DIR_BASE[strlen(DIR_BASE)-1] == '/') { - sprintf(SM_DIR, "%ssm", DIR_BASE ); - sprintf(SM_BAK_DIR, "%ssm.bak", DIR_BASE ); - sprintf(SM_STAT_PATH, "%sstate", DIR_BASE ); - } else { - sprintf(SM_DIR, "%s/sm", DIR_BASE ); - sprintf(SM_BAK_DIR, "%s/sm.bak", DIR_BASE ); - sprintf(SM_STAT_PATH, "%s/state", DIR_BASE ); - } break; case 'H': /* PRC: specify the ha-callout program */ if ((ha_callout_prog = xstrdup(optarg)) == NULL) { @@ -421,10 +357,6 @@ int main (int argc, char **argv) /* Child. */ close(pipefds[0]); setsid (); - if (chdir (DIR_BASE) == -1) { - perror("statd: Could not chdir"); - exit(1); - } while (pipefds[1] <= 2) { pipefds[1] = dup(pipefds[1]); @@ -490,11 +422,36 @@ int main (int argc, char **argv) * pass on any SM_NOTIFY that arrives */ load_state(); - load_state_number(); - pmap_unset (SM_PROG, SM_VERS); - /* this registers both UDP and TCP services */ - rpc_init("statd", SM_PROG, SM_VERS, sm_prog_1, port); + MY_STATE = nsm_get_state(0); + if (MY_STATE == 0) + exit(1); + xlog(D_GENERAL, "Local NSM state number: %d", MY_STATE); + nsm_update_kernel_state(MY_STATE); + + /* + * ORDER + * Clear old listeners while still root, to override any + * permission checking done by rpcbind. + */ + statd_unregister(); + + /* + * ORDER + */ + if (!nsm_drop_privileges(pidfd)) + exit(1); + + /* + * ORDER + * Create RPC listeners after dropping privileges. This permits + * statd to unregister its own listeners when it exits. + */ + if (nfs_svc_create("statd", SM_PROG, SM_VERS, sm_prog_1, port) == 0) { + xlog(L_ERROR, "failed to create RPC listeners, exiting"); + exit(1); + } + atexit(statd_unregister); /* If we got this far, we have successfully started, so notify parent */ if (pipefds[1] > 0) { @@ -507,8 +464,6 @@ int main (int argc, char **argv) pipefds[1] = -1; } - drop_privs(); - for (;;) { /* * Handle incoming requests: SM_NOTIFY socket requests, as @@ -536,29 +491,3 @@ int main (int argc, char **argv) } return 0; } - -static void -load_state_number(void) -{ - int fd; - const char *file = "/proc/sys/fs/nfs/nsm_local_state"; - - if ((fd = open(SM_STAT_PATH, O_RDONLY)) == -1) - return; - - if (read(fd, &MY_STATE, sizeof(MY_STATE)) != sizeof(MY_STATE)) { - xlog_warn("Unable to read state from '%s': errno %d (%s)", - SM_STAT_PATH, errno, strerror(errno)); - } - close(fd); - fd = open(file, O_WRONLY); - if (fd >= 0) { - char buf[20]; - snprintf(buf, sizeof(buf), "%d", MY_STATE); - if (write(fd, buf, strlen(buf)) != strlen(buf)) - xlog_warn("Writing to '%s' failed: errno %d (%s)", - file, errno, strerror(errno)); - close(fd); - } - -}