xref: /minix/crypto/external/bsd/heimdal/dist/kdc/main.c (revision ebfedea0) 
1 /*	$NetBSD: main.c,v 1.1.1.1 2011/04/13 18:14:37 elric Exp $	*/
2 
3 /*
4  * Copyright (c) 1997-2005 Kungliga Tekniska Högskolan
5  * (Royal Institute of Technology, Stockholm, Sweden).
6  * All rights reserved.
7  *
8  * Portions Copyright (c) 2009 Apple Inc. All rights reserved.
9  *
10  * Redistribution and use in source and binary forms, with or without
11  * modification, are permitted provided that the following conditions
12  * are met:
13  *
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  *
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  *
21  * 3. Neither the name of the Institute nor the names of its contributors
22  *    may be used to endorse or promote products derived from this software
23  *    without specific prior written permission.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
26  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
29  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35  * SUCH DAMAGE.
36  */
37 
38 #include "kdc_locl.h"
39 #ifdef HAVE_UTIL_H
40 #include <util.h>
41 #endif
42 
43 #ifdef HAVE_CAPNG
44 #include <cap-ng.h>
45 #endif
46 
47 sig_atomic_t exit_flag = 0;
48 
49 #ifdef SUPPORT_DETACH
50 int detach_from_console = -1;
51 #endif
52 
53 static RETSIGTYPE
54 sigterm(int sig)
55 {
56     exit_flag = sig;
57 }
58 
59 /*
60  * Allow dropping root bit, since heimdal reopens the database all the
61  * time the database needs to be owned by the user you are switched
62  * too. A better solution is to split the kdc in to more processes and
63  * run the network facing part with very low privilege.
64  */
65 
66 static void
67 switch_environment(void)
68 {
69 #ifdef HAVE_GETEUID
70     if ((runas_string || chroot_string) && geteuid() != 0)
71 	errx(1, "no running as root, can't switch user/chroot");
72 
73     if (chroot_string && chroot(chroot_string) != 0)
74 	errx(1, "chroot(%s)", "chroot_string failed");
75 
76     if (runas_string) {
77 	struct passwd *pw;
78 
79 	pw = getpwnam(runas_string);
80 	if (pw == NULL)
81 	    errx(1, "unknown user %s", runas_string);
82 
83 	if (initgroups(pw->pw_name, pw->pw_gid) < 0)
84 	    err(1, "initgroups failed");
85 
86 #ifndef HAVE_CAPNG
87 	if (setgid(pw->pw_gid) < 0)
88 	    err(1, "setgid(%s) failed", runas_string);
89 
90 	if (setuid(pw->pw_uid) < 0)
91 	    err(1, "setuid(%s)", runas_string);
92 #else
93 	capng_clear (CAPNG_EFFECTIVE | CAPNG_PERMITTED);
94 	if (capng_updatev (CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED,
95 	                   CAP_NET_BIND_SERVICE, CAP_SETPCAP, -1) < 0)
96 	    err(1, "capng_updateev");
97 
98 	if (capng_change_id(pw->pw_uid, pw->pw_gid,
99 	                    CAPNG_CLEAR_BOUNDING) < 0)
100 	    err(1, "capng_change_id(%s)", runas_string);
101 #endif
102     }
103 #endif
104 }
105 
106 
107 int
108 main(int argc, char **argv)
109 {
110     krb5_error_code ret;
111     krb5_context context;
112     krb5_kdc_configuration *config;
113 
114     setprogname(argv[0]);
115 
116     ret = krb5_init_context(&context);
117     if (ret == KRB5_CONFIG_BADFORMAT)
118 	errx (1, "krb5_init_context failed to parse configuration file");
119     else if (ret)
120 	errx (1, "krb5_init_context failed: %d", ret);
121 
122     ret = krb5_kt_register(context, &hdb_kt_ops);
123     if (ret)
124 	errx (1, "krb5_kt_register(HDB) failed: %d", ret);
125 
126     config = configure(context, argc, argv);
127 
128 #ifdef HAVE_SIGACTION
129     {
130 	struct sigaction sa;
131 
132 	sa.sa_flags = 0;
133 	sa.sa_handler = sigterm;
134 	sigemptyset(&sa.sa_mask);
135 
136 	sigaction(SIGINT, &sa, NULL);
137 	sigaction(SIGTERM, &sa, NULL);
138 #ifdef SIGXCPU
139 	sigaction(SIGXCPU, &sa, NULL);
140 #endif
141 
142 	sa.sa_handler = SIG_IGN;
143 #ifdef SIGPIPE
144 	sigaction(SIGPIPE, &sa, NULL);
145 #endif
146     }
147 #else
148     signal(SIGINT, sigterm);
149     signal(SIGTERM, sigterm);
150 #ifdef SIGXCPU
151     signal(SIGXCPU, sigterm);
152 #endif
153 #ifdef SIGPIPE
154     signal(SIGPIPE, SIG_IGN);
155 #endif
156 #endif
157 #ifdef SUPPORT_DETACH
158     if (detach_from_console)
159 	daemon(0, 0);
160 #endif
161 #ifdef __APPLE__
162     bonjour_announce(context, config);
163 #endif
164     pidfile(NULL);
165 
166     switch_environment();
167 
168     loop(context, config);
169     krb5_free_context(context);
170     return 0;
171 }
172