smbsrv/smbd/smbd_main.c

5331Samw/*
5331Samw * CDDL HEADER START
5331Samw *
5331Samw * The contents of this file are subject to the terms of the
5331Samw * Common Development and Distribution License (the "License").
5331Samw * You may not use this file except in compliance with the License.
5331Samw *
5331Samw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
5331Samw * or http://www.opensolaris.org/os/licensing.
5331Samw * See the License for the specific language governing permissions
5331Samw * and limitations under the License.
5331Samw *
5331Samw * When distributing Covered Code, include this CDDL HEADER in each
5331Samw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
5331Samw * If applicable, add the following below this CDDL HEADER, with the
5331Samw * fields enclosed by brackets "[]" replaced with your own identifying
5331Samw * information: Portions Copyright [yyyy] [name of copyright owner]
5331Samw *
5331Samw * CDDL HEADER END
5331Samw */
5331Samw/*
8474SJose.Borrego@Sun.COM * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
5331Samw * Use is subject to license terms.
5331Samw */
5331Samw
5331Samw#include <sys/types.h>
5331Samw#include <sys/stat.h>
5331Samw#include <sys/ioccom.h>
5331Samw#include <stdio.h>
5331Samw#include <string.h>
5331Samw#include <strings.h>
5331Samw#include <stdlib.h>
5331Samw#include <unistd.h>
5331Samw#include <stdarg.h>
5331Samw#include <fcntl.h>
5331Samw#include <wait.h>
5331Samw#include <signal.h>
8334SJose.Borrego@Sun.COM#include <atomic.h>
5331Samw#include <libscf.h>
5331Samw#include <limits.h>
5331Samw#include <priv_utils.h>
5331Samw#include <door.h>
5331Samw#include <errno.h>
5331Samw#include <pthread.h>
5331Samw#include <time.h>
5331Samw#include <libscf.h>
5331Samw#include <zone.h>
5331Samw#include <libgen.h>
5331Samw#include <pwd.h>
5331Samw#include <grp.h>
5331Samw
5331Samw#include <smbsrv/smb_door_svc.h>
5331Samw#include <smbsrv/smb_ioctl.h>
5331Samw#include <smbsrv/libsmb.h>
5331Samw#include <smbsrv/libsmbns.h>
5331Samw#include <smbsrv/libsmbrdr.h>
5331Samw#include <smbsrv/libmlsvc.h>
5331Samw#include "smbd.h"
5331Samw
5331Samw#define	DRV_DEVICE_PATH	"/devices/pseudo/smbsrv@0:smbsrv"
5331Samw#define	SMB_DBDIR "/var/smb"
5331Samw
6139Sjb150015extern void *smbd_nbt_listener(void *);
6139Sjb150015extern void *smbd_tcp_listener(void *);
6139Sjb150015
5331Samwstatic int smbd_daemonize_init(void);
5331Samwstatic void smbd_daemonize_fini(int, int);
5331Samw
6432Sas200622static int smbd_kernel_bind(void);
5331Samwstatic void smbd_kernel_unbind(void);
5331Samwstatic int smbd_already_running(void);
5331Samw
5331Samwstatic int smbd_service_init(void);
5331Samwstatic void smbd_service_fini(void);
5331Samw
5331Samwstatic int smbd_setup_options(int argc, char *argv[]);
5331Samwstatic void smbd_usage(FILE *fp);
5331Samwstatic void smbd_report(const char *fmt, ...);
5331Samw
5331Samwstatic void smbd_sig_handler(int sig);
5331Samw
7348SJose.Borrego@Sun.COMstatic int32_t smbd_gmtoff(void);
5331Samwstatic int smbd_localtime_init(void);
5331Samwstatic void *smbd_localtime_monitor(void *arg);
5331Samw
5331Samwstatic pthread_t localtime_thr;
5331Samw
5331Samwstatic int smbd_refresh_init(void);
5331Samwstatic void smbd_refresh_fini(void);
5331Samwstatic void *smbd_refresh_monitor(void *);
8670SJose.Borrego@Sun.COMstatic void smbd_refresh_dc(void);
8670SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COMstatic int smbd_start_listeners(void);
*9046SJose.Borrego@Sun.COMstatic void smbd_stop_listeners(void);
*9046SJose.Borrego@Sun.COM
5331Samwstatic pthread_t refresh_thr;
5331Samwstatic pthread_cond_t refresh_cond;
5331Samwstatic pthread_mutex_t refresh_mutex;
5331Samw
6139Sjb150015smbd_t smbd;
5331Samw
5331Samw/*
5331Samw * smbd user land daemon
5331Samw *
5331Samw * Use SMF error codes only on return or exit.
5331Samw */
5331Samwint
5331Samwmain(int argc, char *argv[])
5331Samw{
6432Sas200622	struct sigaction	act;
6432Sas200622	sigset_t		set;
6432Sas200622	uid_t			uid;
6432Sas200622	int			pfd = -1;
8334SJose.Borrego@Sun.COM	uint_t			sigval;
5331Samw
5331Samw	smbd.s_pname = basename(argv[0]);
5331Samw	openlog(smbd.s_pname, LOG_PID | LOG_NOWAIT, LOG_DAEMON);
5331Samw
5331Samw	if (smbd_setup_options(argc, argv) != 0)
5331Samw		return (SMF_EXIT_ERR_FATAL);
5331Samw
5331Samw	if ((uid = getuid()) != smbd.s_uid) {
5331Samw		smbd_report("user %d: %s", uid, strerror(EPERM));
5331Samw		return (SMF_EXIT_ERR_FATAL);
5331Samw	}
5331Samw
5331Samw	if (getzoneid() != GLOBAL_ZONEID) {
5331Samw		smbd_report("non-global zones are not supported");
5331Samw		return (SMF_EXIT_ERR_FATAL);
5331Samw	}
5331Samw
5331Samw	if (is_system_labeled()) {
5331Samw		smbd_report("Trusted Extensions not supported");
5331Samw		return (SMF_EXIT_ERR_FATAL);
5331Samw	}
5331Samw
5331Samw	if (smbd_already_running())
5331Samw		return (SMF_EXIT_OK);
5331Samw
5331Samw	(void) sigfillset(&set);
5331Samw	(void) sigdelset(&set, SIGABRT);
5331Samw
5331Samw	(void) sigfillset(&act.sa_mask);
5331Samw	act.sa_handler = smbd_sig_handler;
5331Samw	act.sa_flags = 0;
5331Samw
5331Samw	(void) sigaction(SIGTERM, &act, NULL);
5331Samw	(void) sigaction(SIGHUP, &act, NULL);
5331Samw	(void) sigaction(SIGINT, &act, NULL);
5331Samw	(void) sigaction(SIGPIPE, &act, NULL);
5331Samw
5331Samw	(void) sigdelset(&set, SIGTERM);
5331Samw	(void) sigdelset(&set, SIGHUP);
5331Samw	(void) sigdelset(&set, SIGINT);
5331Samw	(void) sigdelset(&set, SIGPIPE);
5331Samw
5331Samw	if (smbd.s_fg) {
5331Samw		(void) sigdelset(&set, SIGTSTP);
5331Samw		(void) sigdelset(&set, SIGTTIN);
5331Samw		(void) sigdelset(&set, SIGTTOU);
5331Samw
5331Samw		if (smbd_service_init() != 0) {
5331Samw			smbd_report("service initialization failed");
5331Samw			exit(SMF_EXIT_ERR_FATAL);
5331Samw		}
5331Samw	} else {
5331Samw		/*
5331Samw		 * "pfd" is a pipe descriptor -- any fatal errors
5331Samw		 * during subsequent initialization of the child
5331Samw		 * process should be written to this pipe and the
5331Samw		 * parent will report this error as the exit status.
5331Samw		 */
5331Samw		pfd = smbd_daemonize_init();
5331Samw
5331Samw		if (smbd_service_init() != 0) {
5331Samw			smbd_report("daemon initialization failed");
5331Samw			exit(SMF_EXIT_ERR_FATAL);
5331Samw		}
5331Samw
5331Samw		smbd_daemonize_fini(pfd, SMF_EXIT_OK);
5331Samw	}
5331Samw
5331Samw	(void) atexit(smbd_service_fini);
5331Samw
8334SJose.Borrego@Sun.COM	while (!smbd.s_shutting_down) {
8334SJose.Borrego@Sun.COM		if (smbd.s_sigval == 0 && smbd.s_refreshes == 0)
7052Samw			(void) sigsuspend(&set);
5331Samw
8334SJose.Borrego@Sun.COM		sigval = atomic_swap_uint(&smbd.s_sigval, 0);
7052Samw
7052Samw		switch (sigval) {
5331Samw		case 0:
5331Samw		case SIGPIPE:
5331Samw			break;
5331Samw
5331Samw		case SIGHUP:
8334SJose.Borrego@Sun.COM			syslog(LOG_DEBUG, "refresh requested");
5331Samw			(void) pthread_cond_signal(&refresh_cond);
5331Samw			break;
5331Samw
5331Samw		default:
5331Samw			/*
5331Samw			 * Typically SIGINT or SIGTERM.
5331Samw			 */
8334SJose.Borrego@Sun.COM			smbd.s_shutting_down = B_TRUE;
5331Samw			break;
5331Samw		}
5331Samw	}
5331Samw
5331Samw	smbd_service_fini();
5331Samw	closelog();
5331Samw	return (SMF_EXIT_OK);
5331Samw}
5331Samw
5331Samw/*
5331Samw * This function will fork off a child process,
5331Samw * from which only the child will return.
5331Samw *
5331Samw * Use SMF error codes only on exit.
5331Samw */
5331Samwstatic int
5331Samwsmbd_daemonize_init(void)
5331Samw{
5331Samw	int status, pfds[2];
5331Samw	sigset_t set, oset;
5331Samw	pid_t pid;
5331Samw	int rc;
5331Samw
5331Samw	/*
5331Samw	 * Reset privileges to the minimum set required. We continue
5331Samw	 * to run as root to create and access files in /var.
5331Samw	 */
5331Samw	rc = __init_daemon_priv(PU_RESETGROUPS | PU_LIMITPRIVS,
5331Samw	    smbd.s_uid, smbd.s_gid,
5331Samw	    PRIV_NET_MAC_AWARE, PRIV_NET_PRIVADDR, PRIV_PROC_AUDIT,
5331Samw	    PRIV_SYS_DEVICES, PRIV_SYS_SMB, NULL);
5331Samw
5331Samw	if (rc != 0) {
5331Samw		smbd_report("insufficient privileges");
5331Samw		exit(SMF_EXIT_ERR_FATAL);
5331Samw	}
5331Samw
5331Samw	/*
5331Samw	 * Block all signals prior to the fork and leave them blocked in the
5331Samw	 * parent so we don't get in a situation where the parent gets SIGINT
5331Samw	 * and returns non-zero exit status and the child is actually running.
5331Samw	 * In the child, restore the signal mask once we've done our setsid().
5331Samw	 */
5331Samw	(void) sigfillset(&set);
5331Samw	(void) sigdelset(&set, SIGABRT);
5331Samw	(void) sigprocmask(SIG_BLOCK, &set, &oset);
5331Samw
5331Samw	if (pipe(pfds) == -1) {
5331Samw		smbd_report("unable to create pipe");
5331Samw		exit(SMF_EXIT_ERR_FATAL);
5331Samw	}
5331Samw
5331Samw	closelog();
5331Samw
5331Samw	if ((pid = fork()) == -1) {
5331Samw		openlog(smbd.s_pname, LOG_PID | LOG_NOWAIT, LOG_DAEMON);
5331Samw		smbd_report("unable to fork");
5331Samw		closelog();
5331Samw		exit(SMF_EXIT_ERR_FATAL);
5331Samw	}
5331Samw
5331Samw	/*
5331Samw	 * If we're the parent process, wait for either the child to send us
5331Samw	 * the appropriate exit status over the pipe or for the read to fail
5331Samw	 * (presumably with 0 for EOF if our child terminated abnormally).
5331Samw	 * If the read fails, exit with either the child's exit status if it
5331Samw	 * exited or with SMF_EXIT_ERR_FATAL if it died from a fatal signal.
5331Samw	 */
5331Samw	if (pid != 0) {
5331Samw		(void) close(pfds[1]);
5331Samw
5331Samw		if (read(pfds[0], &status, sizeof (status)) == sizeof (status))
5331Samw			_exit(status);
5331Samw
5331Samw		if (waitpid(pid, &status, 0) == pid && WIFEXITED(status))
5331Samw			_exit(WEXITSTATUS(status));
5331Samw
5331Samw		_exit(SMF_EXIT_ERR_FATAL);
5331Samw	}
5331Samw
5331Samw	openlog(smbd.s_pname, LOG_PID | LOG_NOWAIT, LOG_DAEMON);
5331Samw	smbd.s_pid = getpid();
5331Samw	(void) setsid();
5331Samw	(void) sigprocmask(SIG_SETMASK, &oset, NULL);
5331Samw	(void) chdir("/");
5331Samw	(void) umask(022);
5331Samw	(void) close(pfds[0]);
5331Samw
5331Samw	return (pfds[1]);
5331Samw}
5331Samw
5331Samwstatic void
5331Samwsmbd_daemonize_fini(int fd, int exit_status)
5331Samw{
5331Samw	/*
5331Samw	 * Now that we're running, if a pipe fd was specified, write an exit
5331Samw	 * status to it to indicate that our parent process can safely detach.
5331Samw	 * Then proceed to loading the remaining non-built-in modules.
5331Samw	 */
5331Samw	if (fd >= 0)
5331Samw		(void) write(fd, &exit_status, sizeof (exit_status));
5331Samw
5331Samw	(void) close(fd);
5331Samw
5331Samw	if ((fd = open("/dev/null", O_RDWR)) >= 0) {
5331Samw		(void) fcntl(fd, F_DUP2FD, STDIN_FILENO);
5331Samw		(void) fcntl(fd, F_DUP2FD, STDOUT_FILENO);
5331Samw		(void) fcntl(fd, F_DUP2FD, STDERR_FILENO);
5331Samw		(void) close(fd);
5331Samw	}
5331Samw
5331Samw	__fini_daemon_priv(PRIV_PROC_FORK, PRIV_PROC_EXEC, PRIV_PROC_SESSION,
5331Samw	    PRIV_FILE_LINK_ANY, PRIV_PROC_INFO, NULL);
5331Samw}
5331Samw
6139Sjb150015/*
6139Sjb150015 * smbd_service_init
6139Sjb150015 */
5331Samwstatic int
5331Samwsmbd_service_init(void)
5331Samw{
6432Sas200622	int	rc;
8334SJose.Borrego@Sun.COM	char	nb_domain[NETBIOS_NAME_SZ];
6432Sas200622
5331Samw	smbd.s_drv_fd = -1;
5331Samw
6139Sjb150015	if ((mkdir(SMB_DBDIR, 0700) < 0) && (errno != EEXIST)) {
6139Sjb150015		smbd_report("mkdir %s: %s", SMB_DBDIR, strerror(errno));
6139Sjb150015		return (1);
5331Samw	}
5331Samw
6139Sjb150015	if ((rc = smb_ccache_init(SMB_VARRUN_DIR, SMB_CCACHE_FILE)) != 0) {
6139Sjb150015		if (rc == -1)
6139Sjb150015			smbd_report("mkdir %s: %s", SMB_VARRUN_DIR,
6139Sjb150015			    strerror(errno));
6139Sjb150015		else
6139Sjb150015			smbd_report("unable to set KRB5CCNAME");
5331Samw		return (1);
5331Samw	}
5331Samw
6139Sjb150015
5331Samw	(void) oem_language_set("english");
5331Samw
6432Sas200622	if (!smb_wka_init()) {
5331Samw		smbd_report("out of memory");
5331Samw		return (1);
5331Samw	}
5331Samw
6432Sas200622	if (smb_nicmon_start(SMBD_DEFAULT_INSTANCE_FMRI) != 0)
6432Sas200622		smbd_report("NIC monitoring failed to start");
6432Sas200622
8334SJose.Borrego@Sun.COM	(void) dyndns_start();
5331Samw	smbrdr_init();
5331Samw
5772Sas200622	if (smb_netbios_start() != 0)
5772Sas200622		smbd_report("NetBIOS services failed to start");
5772Sas200622	else
5772Sas200622		smbd_report("NetBIOS services started");
5772Sas200622
8334SJose.Borrego@Sun.COM	(void) smb_getdomainname(nb_domain, NETBIOS_NAME_SZ);
8334SJose.Borrego@Sun.COM	(void) utf8_strupr(nb_domain);
5331Samw
5331Samw	/* Get the ID map client handle */
5331Samw	if ((rc = smb_idmap_start()) != 0) {
5331Samw		smbd_report("no idmap handle");
5331Samw		return (rc);
5331Samw	}
5331Samw
6432Sas200622	smbd.s_secmode = smb_config_get_secmode();
8334SJose.Borrego@Sun.COM	if ((rc = nt_domain_init(nb_domain, smbd.s_secmode)) != 0) {
5772Sas200622		if (rc == SMB_DOMAIN_NOMACHINE_SID) {
5772Sas200622			smbd_report(
5772Sas200622			    "no machine SID: check idmap configuration");
5772Sas200622			return (rc);
5772Sas200622		}
5331Samw	}
5331Samw
7052Samw	smb_ads_init();
5331Samw	if ((rc = mlsvc_init()) != 0) {
5331Samw		smbd_report("msrpc initialization failed");
5331Samw		return (rc);
5331Samw	}
5331Samw
7348SJose.Borrego@Sun.COM	if (smbd.s_secmode == SMB_SECMODE_DOMAIN)
8334SJose.Borrego@Sun.COM		if (smbd_locate_dc_start() != 0)
7348SJose.Borrego@Sun.COM			smbd_report("dc discovery failed %s", strerror(errno));
6139Sjb150015
6432Sas200622	smbd.s_door_srv = smb_door_srv_start();
6432Sas200622	if (smbd.s_door_srv < 0)
5331Samw		return (rc);
5331Samw
5331Samw	if ((rc = smbd_refresh_init()) != 0)
5331Samw		return (rc);
5331Samw
8334SJose.Borrego@Sun.COM	dyndns_update_zones();
5331Samw
5331Samw	(void) smbd_localtime_init();
5331Samw
7052Samw	smbd.s_door_opipe = smbd_opipe_dsrv_start();
7052Samw	if (smbd.s_door_opipe < 0) {
7052Samw		smbd_report("opipe initialization failed %s",
5521Sas200622		    strerror(errno));
5521Sas200622		return (rc);
5521Sas200622	}
5521Sas200622
5772Sas200622	(void) smb_lgrp_start();
6030Sjb150015
7052Samw	smb_pwd_init(B_TRUE);
6030Sjb150015
7961SNatalie.Li@Sun.COM	if ((rc = smb_shr_start()) != 0) {
7961SNatalie.Li@Sun.COM		smbd_report("share initialization failed: %s", strerror(errno));
7961SNatalie.Li@Sun.COM		return (rc);
7961SNatalie.Li@Sun.COM	}
7961SNatalie.Li@Sun.COM
7961SNatalie.Li@Sun.COM	smbd.s_door_lmshr = smb_share_dsrv_start();
7961SNatalie.Li@Sun.COM	if (smbd.s_door_lmshr < 0) {
7961SNatalie.Li@Sun.COM		smbd_report("share initialization failed");
7961SNatalie.Li@Sun.COM	}
7961SNatalie.Li@Sun.COM
8334SJose.Borrego@Sun.COM	if ((rc = smbd_kernel_bind()) != 0) {
6139Sjb150015		smbd_report("kernel bind error: %s", strerror(errno));
6432Sas200622		return (rc);
6432Sas200622	}
5331Samw
8334SJose.Borrego@Sun.COM	if ((rc = smb_shr_load()) != 0) {
8334SJose.Borrego@Sun.COM		smbd_report("failed to start loading shares: %s",
8334SJose.Borrego@Sun.COM		    strerror(errno));
8334SJose.Borrego@Sun.COM		return (rc);
8334SJose.Borrego@Sun.COM	}
8334SJose.Borrego@Sun.COM
7348SJose.Borrego@Sun.COM	return (0);
5521Sas200622}
5521Sas200622
5331Samw/*
5331Samw * Close the kernel service and shutdown smbd services.
5331Samw * This function is registered with atexit(): ensure that anything
5331Samw * called from here is safe to be called multiple times.
5331Samw */
5331Samwstatic void
5331Samwsmbd_service_fini(void)
5331Samw{
7052Samw	smbd_opipe_dsrv_stop();
6432Sas200622	smb_wka_fini();
5331Samw	smbd_refresh_fini();
5331Samw	smbd_kernel_unbind();
5331Samw	smb_door_srv_stop();
6771Sjb150015	smb_share_dsrv_stop();
7052Samw	smb_shr_stop();
8334SJose.Borrego@Sun.COM	dyndns_stop();
5331Samw	smb_nicmon_stop();
5331Samw	smb_idmap_stop();
5772Sas200622	smb_lgrp_stop();
6139Sjb150015	smb_ccache_remove(SMB_CCACHE_PATH);
6030Sjb150015	smb_pwd_fini();
8474SJose.Borrego@Sun.COM	nt_domain_unlink();
5331Samw}
5331Samw
6139Sjb150015
5331Samw/*
5331Samw * smbd_refresh_init()
5331Samw *
5331Samw * SMB service refresh thread initialization.  This thread waits for a
5331Samw * refresh event and updates the daemon's view of the configuration
5331Samw * before going back to sleep.
5331Samw */
5331Samwstatic int
5331Samwsmbd_refresh_init()
5331Samw{
6432Sas200622	pthread_attr_t		tattr;
6432Sas200622	pthread_condattr_t	cattr;
6432Sas200622	int			rc;
5331Samw
5331Samw	(void) pthread_condattr_init(&cattr);
5331Samw	(void) pthread_cond_init(&refresh_cond, &cattr);
5331Samw	(void) pthread_condattr_destroy(&cattr);
5331Samw
5331Samw	(void) pthread_mutex_init(&refresh_mutex, NULL);
5331Samw
5331Samw	(void) pthread_attr_init(&tattr);
5331Samw	(void) pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_DETACHED);
5331Samw	rc = pthread_create(&refresh_thr, &tattr, smbd_refresh_monitor, 0);
5331Samw	(void) pthread_attr_destroy(&tattr);
6432Sas200622
5331Samw	return (rc);
5331Samw}
5331Samw
5331Samw/*
5331Samw * smbd_refresh_fini()
5331Samw *
5331Samw * Stop the refresh thread.
5331Samw */
5331Samwstatic void
5331Samwsmbd_refresh_fini()
5331Samw{
5331Samw	(void) pthread_cancel(refresh_thr);
5331Samw
5331Samw	(void) pthread_cond_destroy(&refresh_cond);
5331Samw	(void) pthread_mutex_destroy(&refresh_mutex);
5331Samw}
5331Samw
5331Samw/*
5331Samw * smbd_refresh_monitor()
5331Samw *
5331Samw * Wait for a refresh event. When this thread wakes up, update the
5331Samw * smbd configuration from the SMF config information then go back to
5331Samw * wait for the next refresh.
5331Samw */
5331Samw/*ARGSUSED*/
5331Samwstatic void *
5331Samwsmbd_refresh_monitor(void *arg)
5331Samw{
6432Sas200622	smb_io_t	smb_io;
5331Samw
6771Sjb150015	bzero(&smb_io, sizeof (smb_io));
6771Sjb150015
8334SJose.Borrego@Sun.COM	while (!smbd.s_shutting_down) {
8334SJose.Borrego@Sun.COM		(void) pthread_mutex_lock(&refresh_mutex);
8334SJose.Borrego@Sun.COM		while ((atomic_swap_uint(&smbd.s_refreshes, 0) == 0) &&
8334SJose.Borrego@Sun.COM		    (!smbd.s_shutting_down))
8334SJose.Borrego@Sun.COM			(void) pthread_cond_wait(&refresh_cond, &refresh_mutex);
8334SJose.Borrego@Sun.COM		(void) pthread_mutex_unlock(&refresh_mutex);
8334SJose.Borrego@Sun.COM
8334SJose.Borrego@Sun.COM		if (smbd.s_shutting_down) {
8334SJose.Borrego@Sun.COM			syslog(LOG_DEBUG, "shutting down");
8334SJose.Borrego@Sun.COM			exit(SMF_EXIT_OK);
8334SJose.Borrego@Sun.COM		}
8334SJose.Borrego@Sun.COM
5331Samw		/*
5331Samw		 * We've been woken up by a refresh event so go do
5331Samw		 * what is necessary.
5331Samw		 */
7052Samw		smb_ads_refresh();
6139Sjb150015		smb_ccache_remove(SMB_CCACHE_PATH);
6432Sas200622
8334SJose.Borrego@Sun.COM		/*
8334SJose.Borrego@Sun.COM		 * Start the dyndns thread, if required.
8334SJose.Borrego@Sun.COM		 * Clear the DNS zones for the existing interfaces
8334SJose.Borrego@Sun.COM		 * before updating the NIC interface list.
8334SJose.Borrego@Sun.COM		 */
8334SJose.Borrego@Sun.COM		(void) dyndns_start();
8334SJose.Borrego@Sun.COM		dyndns_clear_zones();
6432Sas200622
6432Sas200622		/* re-initialize NIC table */
6432Sas200622		if (smb_nic_init() != 0)
6432Sas200622			smbd_report("failed to get NIC information");
6432Sas200622		smb_netbios_name_reconfig();
6432Sas200622		smb_browser_reconfig();
8670SJose.Borrego@Sun.COM		smbd_refresh_dc();
8334SJose.Borrego@Sun.COM		dyndns_update_zones();
6432Sas200622
8334SJose.Borrego@Sun.COM		if (smbd_set_netlogon_cred()) {
6432Sas200622			/*
8334SJose.Borrego@Sun.COM			 * Restart required because the domain changed
8334SJose.Borrego@Sun.COM			 * or the credential chain setup failed.
6432Sas200622			 */
8334SJose.Borrego@Sun.COM			if (smb_smf_restart_service() != 0) {
8334SJose.Borrego@Sun.COM				syslog(LOG_ERR,
8334SJose.Borrego@Sun.COM				    "unable to restart smb service. "
8334SJose.Borrego@Sun.COM				    "Run 'svcs -xv smb/server' for more "
8334SJose.Borrego@Sun.COM				    "information.");
8334SJose.Borrego@Sun.COM				smbd.s_shutting_down = B_TRUE;
8334SJose.Borrego@Sun.COM				exit(SMF_EXIT_OK);
8334SJose.Borrego@Sun.COM			}
8334SJose.Borrego@Sun.COM
8334SJose.Borrego@Sun.COM			break;
8334SJose.Borrego@Sun.COM		}
8334SJose.Borrego@Sun.COM
8334SJose.Borrego@Sun.COM		if (smbd.s_drv_fd == -1) {
6432Sas200622			if (smbd_kernel_bind()) {
6432Sas200622				smbd_report("kernel bind error: %s",
6432Sas200622				    strerror(errno));
8334SJose.Borrego@Sun.COM			} else {
8334SJose.Borrego@Sun.COM				(void) smb_shr_load();
6432Sas200622			}
6432Sas200622			continue;
6432Sas200622		}
6432Sas200622
8334SJose.Borrego@Sun.COM		(void) smb_shr_load();
8334SJose.Borrego@Sun.COM
8334SJose.Borrego@Sun.COM		smb_load_kconfig(&smb_io.sio_data.cfg);
8334SJose.Borrego@Sun.COM
8167Samw@Sun.COM		if (smbd_ioctl(SMB_IOC_CONFIG, &smb_io) < 0) {
5331Samw			smbd_report("configuration update ioctl: %s",
5331Samw			    strerror(errno));
5331Samw		}
5331Samw	}
8334SJose.Borrego@Sun.COM
5331Samw	return (NULL);
5331Samw}
5331Samw
8670SJose.Borrego@Sun.COM/*
8670SJose.Borrego@Sun.COM * Update DC information on a refresh.
8670SJose.Borrego@Sun.COM */
8670SJose.Borrego@Sun.COMstatic void
8670SJose.Borrego@Sun.COMsmbd_refresh_dc(void)
8670SJose.Borrego@Sun.COM{
8670SJose.Borrego@Sun.COM	char fqdomain[MAXHOSTNAMELEN];
8670SJose.Borrego@Sun.COM	if (smb_config_get_secmode() != SMB_SECMODE_DOMAIN)
8670SJose.Borrego@Sun.COM		return;
8670SJose.Borrego@Sun.COM
8670SJose.Borrego@Sun.COM	if (smb_getfqdomainname(fqdomain, MAXHOSTNAMELEN))
8670SJose.Borrego@Sun.COM		return;
8670SJose.Borrego@Sun.COM
8670SJose.Borrego@Sun.COM	if (smb_locate_dc(fqdomain, "", NULL))
8670SJose.Borrego@Sun.COM		smbd_report("DC discovery failed");
8670SJose.Borrego@Sun.COM}
8670SJose.Borrego@Sun.COM
8334SJose.Borrego@Sun.COMvoid
8334SJose.Borrego@Sun.COMsmbd_set_secmode(int secmode)
8334SJose.Borrego@Sun.COM{
8334SJose.Borrego@Sun.COM	switch (secmode) {
8334SJose.Borrego@Sun.COM	case SMB_SECMODE_WORKGRP:
8334SJose.Borrego@Sun.COM	case SMB_SECMODE_DOMAIN:
8334SJose.Borrego@Sun.COM		(void) smb_config_set_secmode(secmode);
8334SJose.Borrego@Sun.COM		smbd.s_secmode = secmode;
8334SJose.Borrego@Sun.COM		break;
8334SJose.Borrego@Sun.COM
8334SJose.Borrego@Sun.COM	default:
8334SJose.Borrego@Sun.COM		syslog(LOG_ERR, "invalid security mode: %d", secmode);
8334SJose.Borrego@Sun.COM		syslog(LOG_ERR, "entering maintenance mode");
8334SJose.Borrego@Sun.COM		(void) smb_smf_maintenance_mode();
8334SJose.Borrego@Sun.COM	}
8334SJose.Borrego@Sun.COM}
5331Samw
5331Samw/*
5331Samw * If the door has already been opened by another process (non-zero pid
5331Samw * in target), we assume that another smbd is already running.  If there
5331Samw * is a race here, it will be caught later when smbsrv is opened because
5331Samw * only one process is allowed to open the device at a time.
5331Samw */
5331Samwstatic int
5331Samwsmbd_already_running(void)
5331Samw{
5331Samw	door_info_t info;
5331Samw	int door;
5331Samw
6139Sjb150015	if ((door = open(SMB_DR_SVC_NAME, O_RDONLY)) < 0)
5331Samw		return (0);
5331Samw
5331Samw	if (door_info(door, &info) < 0)
5331Samw		return (0);
5331Samw
5331Samw	if (info.di_target > 0) {
5331Samw		smbd_report("already running: pid %ld\n", info.di_target);
5331Samw		(void) close(door);
5331Samw		return (1);
5331Samw	}
5331Samw
5331Samw	(void) close(door);
5331Samw	return (0);
5331Samw}
5331Samw
6139Sjb150015/*
6139Sjb150015 * smbd_kernel_bind
6432Sas200622 *
6432Sas200622 * This function open the smbsrv device and start the kernel service.
6139Sjb150015 */
5331Samwstatic int
6432Sas200622smbd_kernel_bind(void)
5331Samw{
6139Sjb150015	smb_io_t	smb_io;
6139Sjb150015	int		rc;
6139Sjb150015
6139Sjb150015	bzero(&smb_io, sizeof (smb_io));
6139Sjb150015
8334SJose.Borrego@Sun.COM	smbd_kernel_unbind();
5331Samw
5331Samw	if ((smbd.s_drv_fd = open(DRV_DEVICE_PATH, 0)) < 0) {
5331Samw		smbd.s_drv_fd = -1;
6139Sjb150015		return (errno);
6139Sjb150015	}
8167Samw@Sun.COM
8334SJose.Borrego@Sun.COM	smb_load_kconfig(&smb_io.sio_data.cfg);
8334SJose.Borrego@Sun.COM
8167Samw@Sun.COM	if (smbd_ioctl(SMB_IOC_CONFIG, &smb_io) < 0) {
6139Sjb150015		(void) close(smbd.s_drv_fd);
6139Sjb150015		smbd.s_drv_fd = -1;
6139Sjb150015		return (errno);
6139Sjb150015	}
7348SJose.Borrego@Sun.COM	smb_io.sio_data.gmtoff = smbd_gmtoff();
8167Samw@Sun.COM	if (smbd_ioctl(SMB_IOC_GMTOFF, &smb_io) < 0) {
6139Sjb150015		(void) close(smbd.s_drv_fd);
6139Sjb150015		smbd.s_drv_fd = -1;
6139Sjb150015		return (errno);
5331Samw	}
7052Samw	smb_io.sio_data.start.opipe = smbd.s_door_opipe;
6432Sas200622	smb_io.sio_data.start.lmshrd = smbd.s_door_lmshr;
6432Sas200622	smb_io.sio_data.start.udoor = smbd.s_door_srv;
8167Samw@Sun.COM	if (smbd_ioctl(SMB_IOC_START, &smb_io) < 0) {
6139Sjb150015		(void) close(smbd.s_drv_fd);
6139Sjb150015		smbd.s_drv_fd = -1;
6139Sjb150015		return (errno);
6139Sjb150015	}
6139Sjb150015
*9046SJose.Borrego@Sun.COM	rc = smbd_start_listeners();
6139Sjb150015	if (rc == 0) {
7826SJose.Borrego@Sun.COM		smbd.s_kbound = B_TRUE;
7826SJose.Borrego@Sun.COM		return (0);
6432Sas200622	}
*9046SJose.Borrego@Sun.COM	smbd_stop_listeners();
6139Sjb150015	(void) close(smbd.s_drv_fd);
6139Sjb150015	smbd.s_drv_fd = -1;
6139Sjb150015	return (rc);
5331Samw}
5331Samw
6139Sjb150015/*
6139Sjb150015 * smbd_kernel_unbind
6139Sjb150015 */
6139Sjb150015static void
6139Sjb150015smbd_kernel_unbind(void)
6139Sjb150015{
6139Sjb150015	if (smbd.s_drv_fd != -1) {
*9046SJose.Borrego@Sun.COM		smbd_stop_listeners();
6139Sjb150015		(void) close(smbd.s_drv_fd);
6139Sjb150015		smbd.s_drv_fd = -1;
6432Sas200622		smbd.s_kbound = B_FALSE;
6139Sjb150015	}
6139Sjb150015}
5331Samw
8167Samw@Sun.COMint
8167Samw@Sun.COMsmbd_ioctl(int cmd, smb_io_t *smb_io)
8167Samw@Sun.COM{
8167Samw@Sun.COM	smb_io->sio_version = SMB_IOC_VERSION;
8167Samw@Sun.COM	smb_io->sio_crc = 0;
8167Samw@Sun.COM	smb_io->sio_crc = smb_crc_gen((uint8_t *)smb_io, sizeof (smb_io_t));
8167Samw@Sun.COM
8167Samw@Sun.COM	return (ioctl(smbd.s_drv_fd, cmd, smb_io));
8167Samw@Sun.COM}
8167Samw@Sun.COM
5331Samw/*
5331Samw * Initialization of the localtime thread.
5331Samw * Returns 0 on success, an error number if thread creation fails.
5331Samw */
5331Samw
5331Samwint
5331Samwsmbd_localtime_init(void)
5331Samw{
5331Samw	pthread_attr_t tattr;
5331Samw	int rc;
5331Samw
5331Samw	(void) pthread_attr_init(&tattr);
5331Samw	(void) pthread_attr_setdetachstate(&tattr, PTHREAD_CREATE_DETACHED);
5331Samw	rc = pthread_create(&localtime_thr, &tattr, smbd_localtime_monitor, 0);
5331Samw	(void) pthread_attr_destroy(&tattr);
5331Samw	return (rc);
5331Samw}
5331Samw
5331Samw/*
5331Samw * Local time thread to kernel land.
5331Samw * Send local gmtoff to kernel module one time at startup
5331Samw * and each time it changes (up to twice a year).
5331Samw * Local gmtoff is checked once every 15 minutes and
5331Samw * since some timezones are aligned on half and qtr hour boundaries,
5331Samw * once an hour would likely suffice.
5331Samw */
5331Samw
5331Samw/*ARGSUSED*/
5331Samwstatic void *
5331Samwsmbd_localtime_monitor(void *arg)
5331Samw{
8167Samw@Sun.COM	smb_io_t smb_io;
5331Samw	struct tm local_tm;
7348SJose.Borrego@Sun.COM	time_t secs;
7348SJose.Borrego@Sun.COM	int32_t gmtoff, last_gmtoff = -1;
5331Samw	int timeout;
5331Samw
8167Samw@Sun.COM	bzero(&smb_io, sizeof (smb_io));
8167Samw@Sun.COM
5331Samw	for (;;) {
7348SJose.Borrego@Sun.COM		gmtoff = smbd_gmtoff();
5331Samw
5331Samw		if ((last_gmtoff != gmtoff) && (smbd.s_drv_fd != -1)) {
8167Samw@Sun.COM			smb_io.sio_data.gmtoff = gmtoff;
8167Samw@Sun.COM			if (smbd_ioctl(SMB_IOC_GMTOFF, &smb_io) < 0) {
5331Samw				smbd_report("localtime ioctl: %s",
5331Samw				    strerror(errno));
5331Samw			}
5331Samw		}
5331Samw
5331Samw		/*
5331Samw		 * Align the next iteration on a fifteen minute boundary.
5331Samw		 */
5331Samw		secs = time(0);
5331Samw		(void) localtime_r(&secs, &local_tm);
5331Samw		timeout = ((15 - (local_tm.tm_min % 15)) * SECSPERMIN);
5331Samw		(void) sleep(timeout);
5331Samw
5331Samw		last_gmtoff = gmtoff;
5331Samw	}
5331Samw
5331Samw	/*NOTREACHED*/
5331Samw	return (NULL);
5331Samw}
5331Samw
7348SJose.Borrego@Sun.COM/*
7348SJose.Borrego@Sun.COM * smbd_gmtoff
7348SJose.Borrego@Sun.COM *
7348SJose.Borrego@Sun.COM * Determine offset from GMT. If daylight saving time use altzone,
7348SJose.Borrego@Sun.COM * otherwise use timezone.
7348SJose.Borrego@Sun.COM */
7348SJose.Borrego@Sun.COMstatic int32_t
7348SJose.Borrego@Sun.COMsmbd_gmtoff(void)
7348SJose.Borrego@Sun.COM{
7348SJose.Borrego@Sun.COM	time_t clock_val;
7348SJose.Borrego@Sun.COM	struct tm *atm;
7348SJose.Borrego@Sun.COM	int32_t gmtoff;
7348SJose.Borrego@Sun.COM
7348SJose.Borrego@Sun.COM	(void) time(&clock_val);
7348SJose.Borrego@Sun.COM	atm = localtime(&clock_val);
7348SJose.Borrego@Sun.COM
7348SJose.Borrego@Sun.COM	gmtoff = (atm->tm_isdst) ? altzone : timezone;
7348SJose.Borrego@Sun.COM
7348SJose.Borrego@Sun.COM	return (gmtoff);
7348SJose.Borrego@Sun.COM}
7348SJose.Borrego@Sun.COM
5331Samwstatic void
5331Samwsmbd_sig_handler(int sigval)
5331Samw{
5331Samw	if (smbd.s_sigval == 0)
8334SJose.Borrego@Sun.COM		(void) atomic_swap_uint(&smbd.s_sigval, sigval);
8334SJose.Borrego@Sun.COM
8334SJose.Borrego@Sun.COM	if (sigval == SIGHUP) {
8334SJose.Borrego@Sun.COM		atomic_inc_uint(&smbd.s_refreshes);
8334SJose.Borrego@Sun.COM		(void) pthread_cond_signal(&refresh_cond);
8334SJose.Borrego@Sun.COM	}
8334SJose.Borrego@Sun.COM
8334SJose.Borrego@Sun.COM	if (sigval == SIGINT || sigval == SIGTERM) {
8334SJose.Borrego@Sun.COM		smbd.s_shutting_down = B_TRUE;
8334SJose.Borrego@Sun.COM		(void) pthread_cond_signal(&refresh_cond);
8334SJose.Borrego@Sun.COM	}
5331Samw}
5331Samw
5331Samw/*
5331Samw * Set up configuration options and parse the command line.
5331Samw * This function will determine if we will run as a daemon
5331Samw * or in the foreground.
5331Samw *
5331Samw * Failure to find a uid or gid results in using the default (0).
5331Samw */
5331Samwstatic int
5331Samwsmbd_setup_options(int argc, char *argv[])
5331Samw{
5331Samw	struct passwd *pwd;
5331Samw	struct group *grp;
5331Samw	int c;
5331Samw
5331Samw	if ((pwd = getpwnam("root")) != NULL)
5331Samw		smbd.s_uid = pwd->pw_uid;
5331Samw
5331Samw	if ((grp = getgrnam("sys")) != NULL)
5331Samw		smbd.s_gid = grp->gr_gid;
5331Samw
5772Sas200622	smbd.s_fg = smb_config_get_fg_flag();
5331Samw
5331Samw	while ((c = getopt(argc, argv, ":f")) != -1) {
5331Samw		switch (c) {
5331Samw		case 'f':
5331Samw			smbd.s_fg = 1;
5331Samw			break;
5331Samw
5331Samw		case ':':
5331Samw		case '?':
5331Samw		default:
5331Samw			smbd_usage(stderr);
5331Samw			return (-1);
5331Samw		}
5331Samw	}
5331Samw
5331Samw	return (0);
5331Samw}
5331Samw
5331Samwstatic void
5331Samwsmbd_usage(FILE *fp)
5331Samw{
5331Samw	static char *help[] = {
5331Samw		"-f  run program in foreground"
5331Samw	};
5331Samw
5331Samw	int i;
5331Samw
5331Samw	(void) fprintf(fp, "Usage: %s [-f]\n", smbd.s_pname);
5331Samw
5331Samw	for (i = 0; i < sizeof (help)/sizeof (help[0]); ++i)
5331Samw		(void) fprintf(fp, "    %s\n", help[i]);
5331Samw}
5331Samw
5331Samwstatic void
5331Samwsmbd_report(const char *fmt, ...)
5331Samw{
5331Samw	char buf[128];
5331Samw	va_list ap;
5331Samw
5331Samw	if (fmt == NULL)
5331Samw		return;
5331Samw
5331Samw	va_start(ap, fmt);
5331Samw	(void) vsnprintf(buf, 128, fmt, ap);
5331Samw	va_end(ap);
5331Samw
5331Samw	(void) fprintf(stderr, "smbd: %s\n", buf);
5331Samw}
5331Samw
*9046SJose.Borrego@Sun.COMstatic int
*9046SJose.Borrego@Sun.COMsmbd_start_listeners(void)
*9046SJose.Borrego@Sun.COM{
*9046SJose.Borrego@Sun.COM	int		rc1;
*9046SJose.Borrego@Sun.COM	int		rc2;
*9046SJose.Borrego@Sun.COM	pthread_attr_t	tattr;
*9046SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COM	(void) pthread_attr_init(&tattr);
*9046SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COM	if (!smbd.s_nbt_listener_running) {
*9046SJose.Borrego@Sun.COM		rc1 = pthread_create(&smbd.s_nbt_listener_id, &tattr,
*9046SJose.Borrego@Sun.COM		    smbd_nbt_listener, NULL);
*9046SJose.Borrego@Sun.COM		if (rc1 != 0)
*9046SJose.Borrego@Sun.COM			smbd_report("unable to start NBT service");
*9046SJose.Borrego@Sun.COM		else
*9046SJose.Borrego@Sun.COM			smbd.s_nbt_listener_running = B_TRUE;
*9046SJose.Borrego@Sun.COM	}
*9046SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COM	if (!smbd.s_tcp_listener_running) {
*9046SJose.Borrego@Sun.COM		rc2 = pthread_create(&smbd.s_tcp_listener_id, &tattr,
*9046SJose.Borrego@Sun.COM		    smbd_tcp_listener, NULL);
*9046SJose.Borrego@Sun.COM		if (rc2 != 0)
*9046SJose.Borrego@Sun.COM			smbd_report("unable to start TCP service");
*9046SJose.Borrego@Sun.COM		else
*9046SJose.Borrego@Sun.COM			smbd.s_tcp_listener_running = B_TRUE;
*9046SJose.Borrego@Sun.COM	}
*9046SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COM	(void) pthread_attr_destroy(&tattr);
*9046SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COM	if (rc1 != 0)
*9046SJose.Borrego@Sun.COM		return (rc1);
*9046SJose.Borrego@Sun.COM	return (rc2);
*9046SJose.Borrego@Sun.COM}
*9046SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COMstatic void
*9046SJose.Borrego@Sun.COMsmbd_stop_listeners(void)
*9046SJose.Borrego@Sun.COM{
*9046SJose.Borrego@Sun.COM	void	*status;
*9046SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COM	if (smbd.s_nbt_listener_running) {
*9046SJose.Borrego@Sun.COM		(void) pthread_kill(smbd.s_nbt_listener_id, SIGTERM);
*9046SJose.Borrego@Sun.COM		(void) pthread_join(smbd.s_nbt_listener_id, &status);
*9046SJose.Borrego@Sun.COM		smbd.s_nbt_listener_running = B_FALSE;
*9046SJose.Borrego@Sun.COM	}
*9046SJose.Borrego@Sun.COM
*9046SJose.Borrego@Sun.COM	if (smbd.s_tcp_listener_running) {
*9046SJose.Borrego@Sun.COM		(void) pthread_kill(smbd.s_tcp_listener_id, SIGTERM);
*9046SJose.Borrego@Sun.COM		(void) pthread_join(smbd.s_tcp_listener_id, &status);
*9046SJose.Borrego@Sun.COM		smbd.s_tcp_listener_running = B_FALSE;
*9046SJose.Borrego@Sun.COM	}
*9046SJose.Borrego@Sun.COM}
*9046SJose.Borrego@Sun.COM
5331Samw/*
5331Samw * Enable libumem debugging by default on DEBUG builds.
5331Samw */
5331Samw#ifdef DEBUG
5331Samwconst char *
5331Samw_umem_debug_init(void)
5331Samw{
5331Samw	return ("default,verbose"); /* $UMEM_DEBUG setting */
5331Samw}
5331Samw
5331Samwconst char *
5331Samw_umem_logging_init(void)
5331Samw{
5331Samw	return ("fail,contents"); /* $UMEM_LOGGING setting */
5331Samw}
5331Samw#endif