17c478bd9Sstevel@tonic-gate /* 27c478bd9Sstevel@tonic-gate * CDDL HEADER START 37c478bd9Sstevel@tonic-gate * 47c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*45916cd2Sjpk * Common Development and Distribution License (the "License"). 6*45916cd2Sjpk * You may not use this file except in compliance with the License. 77c478bd9Sstevel@tonic-gate * 87c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 97c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 107c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 117c478bd9Sstevel@tonic-gate * and limitations under the License. 127c478bd9Sstevel@tonic-gate * 137c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 147c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 157c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 167c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 177c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 187c478bd9Sstevel@tonic-gate * 197c478bd9Sstevel@tonic-gate * CDDL HEADER END 207c478bd9Sstevel@tonic-gate */ 217c478bd9Sstevel@tonic-gate /* 22*45916cd2Sjpk * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 237c478bd9Sstevel@tonic-gate * Use is subject to license terms. 247c478bd9Sstevel@tonic-gate */ 257c478bd9Sstevel@tonic-gate 267c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 277c478bd9Sstevel@tonic-gate 287c478bd9Sstevel@tonic-gate /* 297c478bd9Sstevel@tonic-gate * Simple doors name server cache daemon 307c478bd9Sstevel@tonic-gate */ 317c478bd9Sstevel@tonic-gate 327c478bd9Sstevel@tonic-gate #include <stdio.h> 337c478bd9Sstevel@tonic-gate #include <signal.h> 347c478bd9Sstevel@tonic-gate #include <sys/door.h> 357c478bd9Sstevel@tonic-gate #include <sys/types.h> 367c478bd9Sstevel@tonic-gate #include <time.h> 377c478bd9Sstevel@tonic-gate #include <string.h> 387c478bd9Sstevel@tonic-gate #include <sys/stat.h> 397c478bd9Sstevel@tonic-gate #include <sys/time.h> 407c478bd9Sstevel@tonic-gate #include <sys/wait.h> 417c478bd9Sstevel@tonic-gate #include <sys/zone.h> 427c478bd9Sstevel@tonic-gate #include <stdlib.h> 437c478bd9Sstevel@tonic-gate #include <errno.h> 447c478bd9Sstevel@tonic-gate #include <pthread.h> 457c478bd9Sstevel@tonic-gate #include <thread.h> 467c478bd9Sstevel@tonic-gate #include <stdarg.h> 477c478bd9Sstevel@tonic-gate #include <fcntl.h> 487c478bd9Sstevel@tonic-gate #include <assert.h> 497c478bd9Sstevel@tonic-gate #include <unistd.h> 507c478bd9Sstevel@tonic-gate #include <memory.h> 517c478bd9Sstevel@tonic-gate #include <sys/socket.h> 527c478bd9Sstevel@tonic-gate #include <net/route.h> 537c478bd9Sstevel@tonic-gate #include <net/if.h> 547c478bd9Sstevel@tonic-gate #include <netinet/in.h> 557c478bd9Sstevel@tonic-gate #include <arpa/nameser.h> 567c478bd9Sstevel@tonic-gate #include <resolv.h> 577c478bd9Sstevel@tonic-gate #include <door.h> 587c478bd9Sstevel@tonic-gate #include "getxby_door.h" 597c478bd9Sstevel@tonic-gate #include "server_door.h" 607c478bd9Sstevel@tonic-gate #include "nscd.h" 617c478bd9Sstevel@tonic-gate /* Includes for filenames of databases */ 627c478bd9Sstevel@tonic-gate #include <shadow.h> 637c478bd9Sstevel@tonic-gate #include <userdefs.h> 647c478bd9Sstevel@tonic-gate #include <netdb.h> 657c478bd9Sstevel@tonic-gate #include <nss_dbdefs.h> 667c478bd9Sstevel@tonic-gate #include <exec_attr.h> 677c478bd9Sstevel@tonic-gate #include <prof_attr.h> 687c478bd9Sstevel@tonic-gate #include <user_attr.h> 697c478bd9Sstevel@tonic-gate #include <ucred.h> 707c478bd9Sstevel@tonic-gate #include <priv.h> 717c478bd9Sstevel@tonic-gate #include <libscf.h> 72*45916cd2Sjpk #include <tsol/label.h> 73*45916cd2Sjpk #include <zone.h> 74*45916cd2Sjpk 75*45916cd2Sjpk #define TSOL_NAME_SERVICE_DOOR "/var/tsol/doors/name_service_door" 767c478bd9Sstevel@tonic-gate 777c478bd9Sstevel@tonic-gate extern int optind; 787c478bd9Sstevel@tonic-gate extern int opterr; 797c478bd9Sstevel@tonic-gate extern int optopt; 807c478bd9Sstevel@tonic-gate extern char *optarg; 817c478bd9Sstevel@tonic-gate 827c478bd9Sstevel@tonic-gate static void switcher(void *, char *, size_t, door_desc_t *, uint_t); 837c478bd9Sstevel@tonic-gate static void rts_mon(void); 847c478bd9Sstevel@tonic-gate static void usage(char *); 857c478bd9Sstevel@tonic-gate static int nsc_calllen(nsc_call_t *); 867c478bd9Sstevel@tonic-gate static int client_getadmin(admin_t *); 877c478bd9Sstevel@tonic-gate static void getadmin(nsc_return_t *, int, nsc_call_t *); 887c478bd9Sstevel@tonic-gate static int setadmin(nsc_return_t *, int, nsc_call_t *); 897c478bd9Sstevel@tonic-gate static void client_killserver(void); 907c478bd9Sstevel@tonic-gate static int client_setadmin(admin_t *); 917c478bd9Sstevel@tonic-gate static void client_showstats(admin_t *); 927c478bd9Sstevel@tonic-gate static void detachfromtty(void); 937c478bd9Sstevel@tonic-gate 947c478bd9Sstevel@tonic-gate 957c478bd9Sstevel@tonic-gate admin_t current_admin; 967c478bd9Sstevel@tonic-gate static int will_become_server; 977c478bd9Sstevel@tonic-gate 987c478bd9Sstevel@tonic-gate void 997c478bd9Sstevel@tonic-gate nsc_reaper(char *tbl_name, hash_t *tbl, nsc_stat_t *admin_ptr, 1007c478bd9Sstevel@tonic-gate mutex_t *hash_lock) 1017c478bd9Sstevel@tonic-gate { 1027c478bd9Sstevel@tonic-gate uint_t count; 1037c478bd9Sstevel@tonic-gate uint_t interval; 1047c478bd9Sstevel@tonic-gate 1057c478bd9Sstevel@tonic-gate while (1) { 1067c478bd9Sstevel@tonic-gate 1077c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_ALL) { 1087c478bd9Sstevel@tonic-gate logit("reaper_%s: %d entries in cache\n", 1097c478bd9Sstevel@tonic-gate tbl_name, admin_ptr->nsc_entries); 1107c478bd9Sstevel@tonic-gate } 1117c478bd9Sstevel@tonic-gate if (admin_ptr->nsc_entries > 0) { 1127c478bd9Sstevel@tonic-gate count = reap_hash(tbl, admin_ptr, hash_lock, 1137c478bd9Sstevel@tonic-gate admin_ptr->nsc_pos_ttl); 1147c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_ALL) { 1157c478bd9Sstevel@tonic-gate logit("reaper_%s: reaped %d entries\n", 1167c478bd9Sstevel@tonic-gate tbl_name, count); 1177c478bd9Sstevel@tonic-gate } 1187c478bd9Sstevel@tonic-gate } else { 1197c478bd9Sstevel@tonic-gate /* 1207c478bd9Sstevel@tonic-gate * We set a minimum wait of 60 before checking again; 1217c478bd9Sstevel@tonic-gate * we don't want to sleep for no time at all. 1227c478bd9Sstevel@tonic-gate * We don't clamp it for the reaping itself, that is 1237c478bd9Sstevel@tonic-gate * done in reap_hash, and with a different minimum. 1247c478bd9Sstevel@tonic-gate */ 1257c478bd9Sstevel@tonic-gate interval = admin_ptr->nsc_pos_ttl; 1267c478bd9Sstevel@tonic-gate if (interval < 60) interval = 60; 1277c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_ALL) { 1287c478bd9Sstevel@tonic-gate logit( 1297c478bd9Sstevel@tonic-gate "reaper_%s: Nothing to reap, sleep %d\n", 1307c478bd9Sstevel@tonic-gate tbl_name, interval); 1317c478bd9Sstevel@tonic-gate } 1327c478bd9Sstevel@tonic-gate sleep(interval); 1337c478bd9Sstevel@tonic-gate } 1347c478bd9Sstevel@tonic-gate } 1357c478bd9Sstevel@tonic-gate } 1367c478bd9Sstevel@tonic-gate 1377c478bd9Sstevel@tonic-gate nsc_stat_t * 1387c478bd9Sstevel@tonic-gate getcacheptr(char *s) 1397c478bd9Sstevel@tonic-gate { 1407c478bd9Sstevel@tonic-gate static const char *caches[7] = {"passwd", "group", "hosts", "ipnodes", 1417c478bd9Sstevel@tonic-gate "exec_attr", "prof_attr", "user_attr" }; 1427c478bd9Sstevel@tonic-gate 1437c478bd9Sstevel@tonic-gate if (strncmp(caches[0], s, strlen(caches[0])) == 0) 1447c478bd9Sstevel@tonic-gate return (¤t_admin.passwd); 1457c478bd9Sstevel@tonic-gate 1467c478bd9Sstevel@tonic-gate if (strncmp(caches[1], s, strlen(caches[1])) == 0) 1477c478bd9Sstevel@tonic-gate return (¤t_admin.group); 1487c478bd9Sstevel@tonic-gate 1497c478bd9Sstevel@tonic-gate if (strncmp(caches[2], s, strlen(caches[2])) == 0) 1507c478bd9Sstevel@tonic-gate return (¤t_admin.host); 1517c478bd9Sstevel@tonic-gate 1527c478bd9Sstevel@tonic-gate if (strncmp(caches[3], s, strlen(caches[3])) == 0) 1537c478bd9Sstevel@tonic-gate return (¤t_admin.node); 1547c478bd9Sstevel@tonic-gate 1557c478bd9Sstevel@tonic-gate if (strncmp(caches[4], s, strlen(caches[4])) == 0) 1567c478bd9Sstevel@tonic-gate return (¤t_admin.exec); 1577c478bd9Sstevel@tonic-gate 1587c478bd9Sstevel@tonic-gate if (strncmp(caches[5], s, strlen(caches[5])) == 0) 1597c478bd9Sstevel@tonic-gate return (¤t_admin.prof); 1607c478bd9Sstevel@tonic-gate 1617c478bd9Sstevel@tonic-gate if (strncmp(caches[6], s, strlen(caches[6])) == 0) 1627c478bd9Sstevel@tonic-gate return (¤t_admin.user); 1637c478bd9Sstevel@tonic-gate 1647c478bd9Sstevel@tonic-gate return (NULL); 1657c478bd9Sstevel@tonic-gate } 1667c478bd9Sstevel@tonic-gate 1677c478bd9Sstevel@tonic-gate static char * 1687c478bd9Sstevel@tonic-gate getcacheopt(char *s) 1697c478bd9Sstevel@tonic-gate { 1707c478bd9Sstevel@tonic-gate while (*s && *s != ',') 1717c478bd9Sstevel@tonic-gate s++; 1727c478bd9Sstevel@tonic-gate return ((*s == ',') ? (s + 1) : NULL); 1737c478bd9Sstevel@tonic-gate } 1747c478bd9Sstevel@tonic-gate 1757c478bd9Sstevel@tonic-gate /* 1767c478bd9Sstevel@tonic-gate * routine to check if server is already running 1777c478bd9Sstevel@tonic-gate */ 1787c478bd9Sstevel@tonic-gate 1797c478bd9Sstevel@tonic-gate static int 1807c478bd9Sstevel@tonic-gate nsc_ping(void) 1817c478bd9Sstevel@tonic-gate { 1827c478bd9Sstevel@tonic-gate nsc_data_t data; 1837c478bd9Sstevel@tonic-gate nsc_data_t *dptr; 1847c478bd9Sstevel@tonic-gate int ndata; 1857c478bd9Sstevel@tonic-gate int adata; 1867c478bd9Sstevel@tonic-gate 1877c478bd9Sstevel@tonic-gate data.nsc_call.nsc_callnumber = NULLCALL; 1887c478bd9Sstevel@tonic-gate ndata = sizeof (data); 1897c478bd9Sstevel@tonic-gate adata = sizeof (data); 1907c478bd9Sstevel@tonic-gate dptr = &data; 1917c478bd9Sstevel@tonic-gate return (_nsc_trydoorcall(&dptr, &ndata, &adata)); 1927c478bd9Sstevel@tonic-gate } 1937c478bd9Sstevel@tonic-gate 1947c478bd9Sstevel@tonic-gate static void 1957c478bd9Sstevel@tonic-gate dozip(void) 1967c478bd9Sstevel@tonic-gate { 1977c478bd9Sstevel@tonic-gate /* not much here */ 1987c478bd9Sstevel@tonic-gate } 1997c478bd9Sstevel@tonic-gate 2007c478bd9Sstevel@tonic-gate static void 2017c478bd9Sstevel@tonic-gate keep_open_dns_socket(void) 2027c478bd9Sstevel@tonic-gate { 2037c478bd9Sstevel@tonic-gate _res.options |= RES_STAYOPEN; /* just keep this udp socket open */ 2047c478bd9Sstevel@tonic-gate } 2057c478bd9Sstevel@tonic-gate 2067c478bd9Sstevel@tonic-gate /* 2077c478bd9Sstevel@tonic-gate * declaring this causes the files backend to use hashing 2087c478bd9Sstevel@tonic-gate * this is of course an utter hack, but provides a nice 2097c478bd9Sstevel@tonic-gate * quiet back door to enable this feature for only the nscd. 2107c478bd9Sstevel@tonic-gate */ 2117c478bd9Sstevel@tonic-gate void 2127c478bd9Sstevel@tonic-gate __nss_use_files_hash(void) 2137c478bd9Sstevel@tonic-gate { 2147c478bd9Sstevel@tonic-gate 2157c478bd9Sstevel@tonic-gate } 2167c478bd9Sstevel@tonic-gate /* 2177c478bd9Sstevel@tonic-gate * 2187c478bd9Sstevel@tonic-gate * The allocation of resources for cache lookups is an interesting 2197c478bd9Sstevel@tonic-gate * problem, and one that has caused several bugs in the beta release 2207c478bd9Sstevel@tonic-gate * of 2.5. In particular, the introduction of a thottle to prevent 2217c478bd9Sstevel@tonic-gate * the creation of excessive numbers of LWPs in the case of a failed 2227c478bd9Sstevel@tonic-gate * name service has led to a denial of service problem when the 2237c478bd9Sstevel@tonic-gate * name service request rate exceeds the name service's ability 2247c478bd9Sstevel@tonic-gate * to respond. As a result, I'm implementing the following 2257c478bd9Sstevel@tonic-gate * algorithm: 2267c478bd9Sstevel@tonic-gate * 2277c478bd9Sstevel@tonic-gate * 1) We cap the number of total threads. 2287c478bd9Sstevel@tonic-gate * 2) We save CACHE_THREADS of those for cache lookups only. 2297c478bd9Sstevel@tonic-gate * 3) We use a common pool of 2/3 of the remain threads that are used first 2307c478bd9Sstevel@tonic-gate * 4) We save the remainder and allocate 1/3 of it for table specific lookups 2317c478bd9Sstevel@tonic-gate * 2327c478bd9Sstevel@tonic-gate * The intent is to prevent the failure of a single name service from 2337c478bd9Sstevel@tonic-gate * causing denial of service, and to always have threads available for 2347c478bd9Sstevel@tonic-gate * cached lookups. If a request comes in and the answer isn't in the 2357c478bd9Sstevel@tonic-gate * cache and we cannot get a thread, we simply return NOSERVER, forcing 2367c478bd9Sstevel@tonic-gate * the client to lookup the 2377c478bd9Sstevel@tonic-gate * data itself. This will prevent the types of starvation seen 2387c478bd9Sstevel@tonic-gate * at UNC due to a single threaded DNS backend, and allows the cache 2397c478bd9Sstevel@tonic-gate * to eventually become filled. 2407c478bd9Sstevel@tonic-gate * 2417c478bd9Sstevel@tonic-gate */ 2427c478bd9Sstevel@tonic-gate 2437c478bd9Sstevel@tonic-gate /* 7 tables: passwd, group, hosts, ipnodes, exec_attr, prof_attr, user_attr */ 2447c478bd9Sstevel@tonic-gate #define NSCD_TABLES 7 2457c478bd9Sstevel@tonic-gate #define TABLE_THREADS 10 2467c478bd9Sstevel@tonic-gate #define COMMON_THREADS 20 2477c478bd9Sstevel@tonic-gate #define CACHE_MISS_THREADS (COMMON_THREADS + NSCD_TABLES * TABLE_THREADS) 2487c478bd9Sstevel@tonic-gate #define CACHE_HIT_THREADS 20 2497c478bd9Sstevel@tonic-gate #define MAX_SERVER_THREADS (CACHE_HIT_THREADS + CACHE_MISS_THREADS) 2507c478bd9Sstevel@tonic-gate 2517c478bd9Sstevel@tonic-gate static sema_t common_sema; 2527c478bd9Sstevel@tonic-gate static sema_t passwd_sema; 2537c478bd9Sstevel@tonic-gate static sema_t hosts_sema; 2547c478bd9Sstevel@tonic-gate static sema_t nodes_sema; 2557c478bd9Sstevel@tonic-gate static sema_t group_sema; 2567c478bd9Sstevel@tonic-gate static sema_t exec_sema; 2577c478bd9Sstevel@tonic-gate static sema_t prof_sema; 2587c478bd9Sstevel@tonic-gate static sema_t user_sema; 2597c478bd9Sstevel@tonic-gate static thread_key_t lookup_state_key; 2607c478bd9Sstevel@tonic-gate 2617c478bd9Sstevel@tonic-gate static void 2627c478bd9Sstevel@tonic-gate initialize_lookup_clearance(void) 2637c478bd9Sstevel@tonic-gate { 2647c478bd9Sstevel@tonic-gate thr_keycreate(&lookup_state_key, NULL); 2657c478bd9Sstevel@tonic-gate (void) sema_init(&common_sema, COMMON_THREADS, USYNC_THREAD, 0); 2667c478bd9Sstevel@tonic-gate (void) sema_init(&passwd_sema, TABLE_THREADS, USYNC_THREAD, 0); 2677c478bd9Sstevel@tonic-gate (void) sema_init(&hosts_sema, TABLE_THREADS, USYNC_THREAD, 0); 2687c478bd9Sstevel@tonic-gate (void) sema_init(&nodes_sema, TABLE_THREADS, USYNC_THREAD, 0); 2697c478bd9Sstevel@tonic-gate (void) sema_init(&group_sema, TABLE_THREADS, USYNC_THREAD, 0); 2707c478bd9Sstevel@tonic-gate (void) sema_init(&exec_sema, TABLE_THREADS, USYNC_THREAD, 0); 2717c478bd9Sstevel@tonic-gate (void) sema_init(&prof_sema, TABLE_THREADS, USYNC_THREAD, 0); 2727c478bd9Sstevel@tonic-gate (void) sema_init(&user_sema, TABLE_THREADS, USYNC_THREAD, 0); 2737c478bd9Sstevel@tonic-gate } 2747c478bd9Sstevel@tonic-gate 2757c478bd9Sstevel@tonic-gate int 2767c478bd9Sstevel@tonic-gate get_clearance(int callnumber) 2777c478bd9Sstevel@tonic-gate { 2787c478bd9Sstevel@tonic-gate sema_t *table_sema = NULL; 2797c478bd9Sstevel@tonic-gate char *tab; 2807c478bd9Sstevel@tonic-gate 2817c478bd9Sstevel@tonic-gate if (sema_trywait(&common_sema) == 0) { 2827c478bd9Sstevel@tonic-gate thr_setspecific(lookup_state_key, NULL); 2837c478bd9Sstevel@tonic-gate return (0); 2847c478bd9Sstevel@tonic-gate } 2857c478bd9Sstevel@tonic-gate 2867c478bd9Sstevel@tonic-gate switch (MASKUPDATEBIT(callnumber)) { 2877c478bd9Sstevel@tonic-gate 2887c478bd9Sstevel@tonic-gate case GETPWUID: 2897c478bd9Sstevel@tonic-gate case GETPWNAM: 2907c478bd9Sstevel@tonic-gate tab = "passwd"; 2917c478bd9Sstevel@tonic-gate table_sema = &passwd_sema; 2927c478bd9Sstevel@tonic-gate break; 2937c478bd9Sstevel@tonic-gate 2947c478bd9Sstevel@tonic-gate case GETGRNAM: 2957c478bd9Sstevel@tonic-gate case GETGRGID: 2967c478bd9Sstevel@tonic-gate tab = "group"; 2977c478bd9Sstevel@tonic-gate table_sema = &group_sema; 2987c478bd9Sstevel@tonic-gate break; 2997c478bd9Sstevel@tonic-gate 3007c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 3017c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 3027c478bd9Sstevel@tonic-gate tab = "hosts"; 3037c478bd9Sstevel@tonic-gate table_sema = &hosts_sema; 3047c478bd9Sstevel@tonic-gate break; 3057c478bd9Sstevel@tonic-gate 3067c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 3077c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 3087c478bd9Sstevel@tonic-gate tab = "ipnodes"; 3097c478bd9Sstevel@tonic-gate table_sema = &nodes_sema; 3107c478bd9Sstevel@tonic-gate break; 3117c478bd9Sstevel@tonic-gate case GETEXECID: 3127c478bd9Sstevel@tonic-gate tab = "exec_attr"; 3137c478bd9Sstevel@tonic-gate table_sema = &exec_sema; 3147c478bd9Sstevel@tonic-gate break; 3157c478bd9Sstevel@tonic-gate 3167c478bd9Sstevel@tonic-gate case GETPROFNAM: 3177c478bd9Sstevel@tonic-gate tab = "prof_attr"; 3187c478bd9Sstevel@tonic-gate table_sema = &prof_sema; 3197c478bd9Sstevel@tonic-gate break; 3207c478bd9Sstevel@tonic-gate 3217c478bd9Sstevel@tonic-gate case GETUSERNAM: 3227c478bd9Sstevel@tonic-gate tab = "user_attr"; 3237c478bd9Sstevel@tonic-gate table_sema = &user_sema; 3247c478bd9Sstevel@tonic-gate break; 3257c478bd9Sstevel@tonic-gate 3267c478bd9Sstevel@tonic-gate } 3277c478bd9Sstevel@tonic-gate 3287c478bd9Sstevel@tonic-gate if (sema_trywait(table_sema) == 0) { 3297c478bd9Sstevel@tonic-gate thr_setspecific(lookup_state_key, (void*)1); 3307c478bd9Sstevel@tonic-gate return (0); 3317c478bd9Sstevel@tonic-gate } 3327c478bd9Sstevel@tonic-gate 3337c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_CANT_FIND) { 3347c478bd9Sstevel@tonic-gate logit("get_clearance: throttling load for %s table\n", tab); 3357c478bd9Sstevel@tonic-gate } 3367c478bd9Sstevel@tonic-gate return (-1); 3377c478bd9Sstevel@tonic-gate } 3387c478bd9Sstevel@tonic-gate 3397c478bd9Sstevel@tonic-gate int 3407c478bd9Sstevel@tonic-gate release_clearance(int callnumber) 3417c478bd9Sstevel@tonic-gate { 3427c478bd9Sstevel@tonic-gate int which; 3437c478bd9Sstevel@tonic-gate 3447c478bd9Sstevel@tonic-gate sema_t *table_sema = NULL; 3457c478bd9Sstevel@tonic-gate 3467c478bd9Sstevel@tonic-gate thr_getspecific(lookup_state_key, (void**)&which); 3477c478bd9Sstevel@tonic-gate 3487c478bd9Sstevel@tonic-gate if (which == 0) /* from common pool */ { 3497c478bd9Sstevel@tonic-gate (void) sema_post(&common_sema); 3507c478bd9Sstevel@tonic-gate return (0); 3517c478bd9Sstevel@tonic-gate } 3527c478bd9Sstevel@tonic-gate 3537c478bd9Sstevel@tonic-gate switch (MASKUPDATEBIT(callnumber)) { 3547c478bd9Sstevel@tonic-gate 3557c478bd9Sstevel@tonic-gate case GETPWUID: 3567c478bd9Sstevel@tonic-gate case GETPWNAM: 3577c478bd9Sstevel@tonic-gate table_sema = &passwd_sema; 3587c478bd9Sstevel@tonic-gate break; 3597c478bd9Sstevel@tonic-gate 3607c478bd9Sstevel@tonic-gate case GETGRNAM: 3617c478bd9Sstevel@tonic-gate case GETGRGID: 3627c478bd9Sstevel@tonic-gate table_sema = &group_sema; 3637c478bd9Sstevel@tonic-gate break; 3647c478bd9Sstevel@tonic-gate 3657c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 3667c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 3677c478bd9Sstevel@tonic-gate table_sema = &hosts_sema; 3687c478bd9Sstevel@tonic-gate break; 3697c478bd9Sstevel@tonic-gate 3707c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 3717c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 3727c478bd9Sstevel@tonic-gate table_sema = &nodes_sema; 3737c478bd9Sstevel@tonic-gate break; 3747c478bd9Sstevel@tonic-gate 3757c478bd9Sstevel@tonic-gate case GETEXECID: 3767c478bd9Sstevel@tonic-gate table_sema = &exec_sema; 3777c478bd9Sstevel@tonic-gate break; 3787c478bd9Sstevel@tonic-gate 3797c478bd9Sstevel@tonic-gate case GETPROFNAM: 3807c478bd9Sstevel@tonic-gate table_sema = &prof_sema; 3817c478bd9Sstevel@tonic-gate break; 3827c478bd9Sstevel@tonic-gate 3837c478bd9Sstevel@tonic-gate case GETUSERNAM: 3847c478bd9Sstevel@tonic-gate table_sema = &user_sema; 3857c478bd9Sstevel@tonic-gate break; 3867c478bd9Sstevel@tonic-gate } 3877c478bd9Sstevel@tonic-gate 3887c478bd9Sstevel@tonic-gate (void) sema_post(table_sema); 3897c478bd9Sstevel@tonic-gate return (0); 3907c478bd9Sstevel@tonic-gate } 3917c478bd9Sstevel@tonic-gate 3927c478bd9Sstevel@tonic-gate 3937c478bd9Sstevel@tonic-gate static mutex_t create_lock; 3947c478bd9Sstevel@tonic-gate static int nscd_max_servers = MAX_SERVER_THREADS; 3957c478bd9Sstevel@tonic-gate static int num_servers = 0; 3967c478bd9Sstevel@tonic-gate static thread_key_t server_key; 3977c478bd9Sstevel@tonic-gate 3987c478bd9Sstevel@tonic-gate /* 3997c478bd9Sstevel@tonic-gate * Bind a TSD value to a server thread. This enables the destructor to 4007c478bd9Sstevel@tonic-gate * be called if/when this thread exits. This would be a programming error, 4017c478bd9Sstevel@tonic-gate * but better safe than sorry. 4027c478bd9Sstevel@tonic-gate */ 4037c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 4047c478bd9Sstevel@tonic-gate static void * 4057c478bd9Sstevel@tonic-gate server_tsd_bind(void *arg) 4067c478bd9Sstevel@tonic-gate { 4077c478bd9Sstevel@tonic-gate static void *value = 0; 4087c478bd9Sstevel@tonic-gate 4097c478bd9Sstevel@tonic-gate /* disable cancellation to avoid hangs if server threads disappear */ 4107c478bd9Sstevel@tonic-gate pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); 4117c478bd9Sstevel@tonic-gate thr_setspecific(server_key, value); 4127c478bd9Sstevel@tonic-gate door_return(NULL, 0, NULL, 0); 4137c478bd9Sstevel@tonic-gate 4147c478bd9Sstevel@tonic-gate /* make lint happy */ 4157c478bd9Sstevel@tonic-gate return (NULL); 4167c478bd9Sstevel@tonic-gate } 4177c478bd9Sstevel@tonic-gate 4187c478bd9Sstevel@tonic-gate /* 4197c478bd9Sstevel@tonic-gate * Server threads are created here. 4207c478bd9Sstevel@tonic-gate */ 4217c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 4227c478bd9Sstevel@tonic-gate static void 4237c478bd9Sstevel@tonic-gate server_create(door_info_t *dip) 4247c478bd9Sstevel@tonic-gate { 4257c478bd9Sstevel@tonic-gate (void) mutex_lock(&create_lock); 4267c478bd9Sstevel@tonic-gate if (++num_servers > nscd_max_servers) { 4277c478bd9Sstevel@tonic-gate num_servers--; 4287c478bd9Sstevel@tonic-gate (void) mutex_unlock(&create_lock); 4297c478bd9Sstevel@tonic-gate return; 4307c478bd9Sstevel@tonic-gate } 4317c478bd9Sstevel@tonic-gate (void) mutex_unlock(&create_lock); 4327c478bd9Sstevel@tonic-gate thr_create(NULL, 0, server_tsd_bind, NULL, THR_BOUND|THR_DETACHED, 4337c478bd9Sstevel@tonic-gate NULL); 4347c478bd9Sstevel@tonic-gate } 4357c478bd9Sstevel@tonic-gate 4367c478bd9Sstevel@tonic-gate /* 4377c478bd9Sstevel@tonic-gate * Server thread are destroyed here 4387c478bd9Sstevel@tonic-gate */ 4397c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 4407c478bd9Sstevel@tonic-gate static void 4417c478bd9Sstevel@tonic-gate server_destroy(void *arg) 4427c478bd9Sstevel@tonic-gate { 4437c478bd9Sstevel@tonic-gate (void) mutex_lock(&create_lock); 4447c478bd9Sstevel@tonic-gate num_servers--; 4457c478bd9Sstevel@tonic-gate (void) mutex_unlock(&create_lock); 4467c478bd9Sstevel@tonic-gate } 4477c478bd9Sstevel@tonic-gate 4487c478bd9Sstevel@tonic-gate static char **saved_argv; 4497c478bd9Sstevel@tonic-gate static char saved_execname[MAXPATHLEN]; 4507c478bd9Sstevel@tonic-gate 4517c478bd9Sstevel@tonic-gate static void 4527c478bd9Sstevel@tonic-gate save_execname() 4537c478bd9Sstevel@tonic-gate { 4547c478bd9Sstevel@tonic-gate const char *name = getexecname(); 4557c478bd9Sstevel@tonic-gate 4567c478bd9Sstevel@tonic-gate saved_execname[0] = 0; 4577c478bd9Sstevel@tonic-gate 4587c478bd9Sstevel@tonic-gate if (name[0] != '/') { /* started w/ relative path */ 4597c478bd9Sstevel@tonic-gate (void) getcwd(saved_execname, MAXPATHLEN); 4607c478bd9Sstevel@tonic-gate strlcat(saved_execname, "/", MAXPATHLEN); 4617c478bd9Sstevel@tonic-gate } 4627c478bd9Sstevel@tonic-gate strlcat(saved_execname, name, MAXPATHLEN); 4637c478bd9Sstevel@tonic-gate } 4647c478bd9Sstevel@tonic-gate 465f166393fSesolom int 4667c478bd9Sstevel@tonic-gate main(int argc, char ** argv) 4677c478bd9Sstevel@tonic-gate { 4687c478bd9Sstevel@tonic-gate int did; 4697c478bd9Sstevel@tonic-gate int opt; 4707c478bd9Sstevel@tonic-gate int errflg = 0; 4717c478bd9Sstevel@tonic-gate int showstats = 0; 4727c478bd9Sstevel@tonic-gate int doset = 0; 4737c478bd9Sstevel@tonic-gate int loaded_config_file = 0; 4747c478bd9Sstevel@tonic-gate struct stat buf; 4757c478bd9Sstevel@tonic-gate sigset_t myset; 4767c478bd9Sstevel@tonic-gate struct sigaction action; 4777c478bd9Sstevel@tonic-gate 4787c478bd9Sstevel@tonic-gate /* 479*45916cd2Sjpk * The admin model for TX is that labeled zones are managed 480*45916cd2Sjpk * in global zone where most trusted configuration database 481*45916cd2Sjpk * resides. 482*45916cd2Sjpk */ 483*45916cd2Sjpk if (is_system_labeled() && (getzoneid() != GLOBAL_ZONEID)) { 484*45916cd2Sjpk (void) fprintf(stderr, 485*45916cd2Sjpk "With Trusted Extensions nscd runs only in " \ 486*45916cd2Sjpk "the global zone.\n"); 487*45916cd2Sjpk exit(1); 488*45916cd2Sjpk } 489*45916cd2Sjpk 490*45916cd2Sjpk /* 4917c478bd9Sstevel@tonic-gate * Special case non-root user here - he can just print stats 4927c478bd9Sstevel@tonic-gate */ 4937c478bd9Sstevel@tonic-gate 4947c478bd9Sstevel@tonic-gate if (geteuid()) { 4957c478bd9Sstevel@tonic-gate if (argc != 2 || strcmp(argv[1], "-g")) { 4967c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 4977c478bd9Sstevel@tonic-gate "Must be root to use any option other than "\ 4987c478bd9Sstevel@tonic-gate "-g.\n\n"); 4997c478bd9Sstevel@tonic-gate usage(argv[0]); 5007c478bd9Sstevel@tonic-gate } 5017c478bd9Sstevel@tonic-gate 5027c478bd9Sstevel@tonic-gate if ((nsc_ping() != SUCCESS) || 5037c478bd9Sstevel@tonic-gate (client_getadmin(¤t_admin) != 0)) { 5047c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 5057c478bd9Sstevel@tonic-gate "%s doesn't appear to be running.\n", argv[0]); 5067c478bd9Sstevel@tonic-gate exit(1); 5077c478bd9Sstevel@tonic-gate } 5087c478bd9Sstevel@tonic-gate client_showstats(¤t_admin); 5097c478bd9Sstevel@tonic-gate exit(0); 5107c478bd9Sstevel@tonic-gate } 5117c478bd9Sstevel@tonic-gate 5127c478bd9Sstevel@tonic-gate 5137c478bd9Sstevel@tonic-gate 5147c478bd9Sstevel@tonic-gate /* 5157c478bd9Sstevel@tonic-gate * Determine if there is already a daemon running 5167c478bd9Sstevel@tonic-gate */ 5177c478bd9Sstevel@tonic-gate 5187c478bd9Sstevel@tonic-gate will_become_server = (nsc_ping() != SUCCESS); 5197c478bd9Sstevel@tonic-gate 5207c478bd9Sstevel@tonic-gate /* 5217c478bd9Sstevel@tonic-gate * process usual options 5227c478bd9Sstevel@tonic-gate */ 5237c478bd9Sstevel@tonic-gate 5247c478bd9Sstevel@tonic-gate /* 5257c478bd9Sstevel@tonic-gate * load normal config file 5267c478bd9Sstevel@tonic-gate */ 5277c478bd9Sstevel@tonic-gate 5287c478bd9Sstevel@tonic-gate if (will_become_server) { 5297c478bd9Sstevel@tonic-gate static const nsc_stat_t defaults = { 5307c478bd9Sstevel@tonic-gate 0, /* stats */ 5317c478bd9Sstevel@tonic-gate 0, /* stats */ 5327c478bd9Sstevel@tonic-gate 0, /* stats */ 5337c478bd9Sstevel@tonic-gate 0, /* stats */ 5347c478bd9Sstevel@tonic-gate 0, /* stats */ 5357c478bd9Sstevel@tonic-gate 0, /* stats */ 5367c478bd9Sstevel@tonic-gate 0, /* stats */ 5377c478bd9Sstevel@tonic-gate 211, /* suggested size */ 5387c478bd9Sstevel@tonic-gate 1, /* enabled */ 5397c478bd9Sstevel@tonic-gate 0, /* invalidate cmd */ 5407c478bd9Sstevel@tonic-gate 600, /* positive ttl */ 5417c478bd9Sstevel@tonic-gate 10, /* netative ttl */ 5427c478bd9Sstevel@tonic-gate 20, /* keep hot */ 5437c478bd9Sstevel@tonic-gate 0, /* old data not ok */ 5447c478bd9Sstevel@tonic-gate 1 }; /* check files */ 5457c478bd9Sstevel@tonic-gate 5467c478bd9Sstevel@tonic-gate current_admin.passwd = defaults; 5477c478bd9Sstevel@tonic-gate current_admin.group = defaults; 5487c478bd9Sstevel@tonic-gate current_admin.host = defaults; 5497c478bd9Sstevel@tonic-gate current_admin.node = defaults; 5507c478bd9Sstevel@tonic-gate current_admin.exec = defaults; 5517c478bd9Sstevel@tonic-gate current_admin.prof = defaults; 5527c478bd9Sstevel@tonic-gate current_admin.user = defaults; 5537c478bd9Sstevel@tonic-gate 5547c478bd9Sstevel@tonic-gate current_admin.logfile[0] = '\0'; 5557c478bd9Sstevel@tonic-gate 5567c478bd9Sstevel@tonic-gate if (access("/etc/nscd.conf", R_OK) == 0) { 5577c478bd9Sstevel@tonic-gate if (nscd_parse(argv[0], "/etc/nscd.conf") < 0) { 5587c478bd9Sstevel@tonic-gate exit(1); 5597c478bd9Sstevel@tonic-gate } 5607c478bd9Sstevel@tonic-gate loaded_config_file++; 5617c478bd9Sstevel@tonic-gate } 5627c478bd9Sstevel@tonic-gate } 5637c478bd9Sstevel@tonic-gate 5647c478bd9Sstevel@tonic-gate else { 5657c478bd9Sstevel@tonic-gate if (client_getadmin(¤t_admin)) { 5667c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 5677c478bd9Sstevel@tonic-gate "Cannot contact nscd properly(?)\n"); 5687c478bd9Sstevel@tonic-gate exit(1); 5697c478bd9Sstevel@tonic-gate } 5707c478bd9Sstevel@tonic-gate 5717c478bd9Sstevel@tonic-gate current_admin.logfile[0] = '\0'; 5727c478bd9Sstevel@tonic-gate } 5737c478bd9Sstevel@tonic-gate 5747c478bd9Sstevel@tonic-gate while ((opt = getopt(argc, argv, 5757c478bd9Sstevel@tonic-gate "S:Kf:c:ge:p:n:i:l:d:s:h:o:")) != EOF) { 5767c478bd9Sstevel@tonic-gate nsc_stat_t *cache; 5777c478bd9Sstevel@tonic-gate char *cacheopt; 5787c478bd9Sstevel@tonic-gate 5797c478bd9Sstevel@tonic-gate switch (opt) { 5807c478bd9Sstevel@tonic-gate 5817c478bd9Sstevel@tonic-gate case 'S': /* undocumented feature */ 5827c478bd9Sstevel@tonic-gate doset++; 5837c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 5847c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 5857c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 5867c478bd9Sstevel@tonic-gate errflg++; 5877c478bd9Sstevel@tonic-gate break; 5887c478bd9Sstevel@tonic-gate } 5897c478bd9Sstevel@tonic-gate if (strcmp(cacheopt, "yes") == 0) 5907c478bd9Sstevel@tonic-gate cache->nsc_secure_mode = 1; 5917c478bd9Sstevel@tonic-gate else if (strcmp(cacheopt, "no") == 0) 5927c478bd9Sstevel@tonic-gate cache->nsc_secure_mode = 0; 5937c478bd9Sstevel@tonic-gate else 5947c478bd9Sstevel@tonic-gate errflg++; 5957c478bd9Sstevel@tonic-gate break; 5967c478bd9Sstevel@tonic-gate 5977c478bd9Sstevel@tonic-gate case 'K': /* undocumented feature */ 5987c478bd9Sstevel@tonic-gate client_killserver(); 5997c478bd9Sstevel@tonic-gate exit(0); 6007c478bd9Sstevel@tonic-gate break; 6017c478bd9Sstevel@tonic-gate 6027c478bd9Sstevel@tonic-gate case 'f': 6037c478bd9Sstevel@tonic-gate doset++; 6047c478bd9Sstevel@tonic-gate loaded_config_file++; 6057c478bd9Sstevel@tonic-gate if (nscd_parse(argv[0], optarg) < 0) { 6067c478bd9Sstevel@tonic-gate exit(1); 6077c478bd9Sstevel@tonic-gate } 6087c478bd9Sstevel@tonic-gate break; 6097c478bd9Sstevel@tonic-gate 6107c478bd9Sstevel@tonic-gate case 'g': 6117c478bd9Sstevel@tonic-gate showstats++; 6127c478bd9Sstevel@tonic-gate break; 6137c478bd9Sstevel@tonic-gate 6147c478bd9Sstevel@tonic-gate case 'p': 6157c478bd9Sstevel@tonic-gate doset++; 6167c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 6177c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 6187c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 6197c478bd9Sstevel@tonic-gate errflg++; 6207c478bd9Sstevel@tonic-gate break; 6217c478bd9Sstevel@tonic-gate } 6227c478bd9Sstevel@tonic-gate cache->nsc_pos_ttl = atoi(cacheopt); 6237c478bd9Sstevel@tonic-gate break; 6247c478bd9Sstevel@tonic-gate 6257c478bd9Sstevel@tonic-gate case 'n': 6267c478bd9Sstevel@tonic-gate doset++; 6277c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 6287c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 6297c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 6307c478bd9Sstevel@tonic-gate errflg++; 6317c478bd9Sstevel@tonic-gate break; 6327c478bd9Sstevel@tonic-gate } 6337c478bd9Sstevel@tonic-gate cache->nsc_neg_ttl = atoi(cacheopt); 6347c478bd9Sstevel@tonic-gate break; 6357c478bd9Sstevel@tonic-gate 6367c478bd9Sstevel@tonic-gate case 'c': 6377c478bd9Sstevel@tonic-gate doset++; 6387c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 6397c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 6407c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 6417c478bd9Sstevel@tonic-gate errflg++; 6427c478bd9Sstevel@tonic-gate break; 6437c478bd9Sstevel@tonic-gate } 6447c478bd9Sstevel@tonic-gate 6457c478bd9Sstevel@tonic-gate if (strcmp(cacheopt, "yes") == 0) 6467c478bd9Sstevel@tonic-gate cache->nsc_check_files = 1; 6477c478bd9Sstevel@tonic-gate else if (strcmp(cacheopt, "no") == 0) 6487c478bd9Sstevel@tonic-gate cache->nsc_check_files = 0; 6497c478bd9Sstevel@tonic-gate else 6507c478bd9Sstevel@tonic-gate errflg++; 6517c478bd9Sstevel@tonic-gate break; 6527c478bd9Sstevel@tonic-gate 6537c478bd9Sstevel@tonic-gate 6547c478bd9Sstevel@tonic-gate case 'i': 6557c478bd9Sstevel@tonic-gate doset++; 6567c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 6577c478bd9Sstevel@tonic-gate if (!cache) { 6587c478bd9Sstevel@tonic-gate errflg++; 6597c478bd9Sstevel@tonic-gate break; 6607c478bd9Sstevel@tonic-gate } 6617c478bd9Sstevel@tonic-gate cache->nsc_invalidate = 1; 6627c478bd9Sstevel@tonic-gate break; 6637c478bd9Sstevel@tonic-gate 6647c478bd9Sstevel@tonic-gate case 'l': 6657c478bd9Sstevel@tonic-gate doset++; 6667c478bd9Sstevel@tonic-gate (void) strlcpy(current_admin.logfile, optarg, 128); 6677c478bd9Sstevel@tonic-gate break; 6687c478bd9Sstevel@tonic-gate 6697c478bd9Sstevel@tonic-gate case 'd': 6707c478bd9Sstevel@tonic-gate 6717c478bd9Sstevel@tonic-gate doset++; 6727c478bd9Sstevel@tonic-gate current_admin.debug_level = atoi(optarg); 6737c478bd9Sstevel@tonic-gate break; 6747c478bd9Sstevel@tonic-gate 6757c478bd9Sstevel@tonic-gate case 's': 6767c478bd9Sstevel@tonic-gate doset++; 6777c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 6787c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 6797c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 6807c478bd9Sstevel@tonic-gate errflg++; 6817c478bd9Sstevel@tonic-gate break; 6827c478bd9Sstevel@tonic-gate } 6837c478bd9Sstevel@tonic-gate 6847c478bd9Sstevel@tonic-gate cache->nsc_suggestedsize = atoi(cacheopt); 6857c478bd9Sstevel@tonic-gate 6867c478bd9Sstevel@tonic-gate break; 6877c478bd9Sstevel@tonic-gate 6887c478bd9Sstevel@tonic-gate case 'h': 6897c478bd9Sstevel@tonic-gate doset++; 6907c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 6917c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 6927c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 6937c478bd9Sstevel@tonic-gate errflg++; 6947c478bd9Sstevel@tonic-gate break; 6957c478bd9Sstevel@tonic-gate } 6967c478bd9Sstevel@tonic-gate cache->nsc_keephot = atoi(cacheopt); 6977c478bd9Sstevel@tonic-gate break; 6987c478bd9Sstevel@tonic-gate 6997c478bd9Sstevel@tonic-gate case 'o': 7007c478bd9Sstevel@tonic-gate doset++; 7017c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 7027c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 7037c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 7047c478bd9Sstevel@tonic-gate errflg++; 7057c478bd9Sstevel@tonic-gate break; 7067c478bd9Sstevel@tonic-gate } 7077c478bd9Sstevel@tonic-gate if (strcmp(cacheopt, "yes") == 0) 7087c478bd9Sstevel@tonic-gate cache->nsc_old_data_ok = 1; 7097c478bd9Sstevel@tonic-gate else if (strcmp(cacheopt, "no") == 0) 7107c478bd9Sstevel@tonic-gate cache->nsc_old_data_ok = 0; 7117c478bd9Sstevel@tonic-gate else 7127c478bd9Sstevel@tonic-gate errflg++; 7137c478bd9Sstevel@tonic-gate break; 7147c478bd9Sstevel@tonic-gate 7157c478bd9Sstevel@tonic-gate case 'e': 7167c478bd9Sstevel@tonic-gate doset++; 7177c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 7187c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 7197c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 7207c478bd9Sstevel@tonic-gate errflg++; 7217c478bd9Sstevel@tonic-gate break; 7227c478bd9Sstevel@tonic-gate } 7237c478bd9Sstevel@tonic-gate if (strcmp(cacheopt, "yes") == 0) 7247c478bd9Sstevel@tonic-gate cache->nsc_enabled = 1; 7257c478bd9Sstevel@tonic-gate else if (strcmp(cacheopt, "no") == 0) 7267c478bd9Sstevel@tonic-gate cache->nsc_enabled = 0; 7277c478bd9Sstevel@tonic-gate else 7287c478bd9Sstevel@tonic-gate errflg++; 7297c478bd9Sstevel@tonic-gate break; 7307c478bd9Sstevel@tonic-gate 7317c478bd9Sstevel@tonic-gate default: 7327c478bd9Sstevel@tonic-gate errflg++; 7337c478bd9Sstevel@tonic-gate break; 7347c478bd9Sstevel@tonic-gate } 7357c478bd9Sstevel@tonic-gate 7367c478bd9Sstevel@tonic-gate } 7377c478bd9Sstevel@tonic-gate 7387c478bd9Sstevel@tonic-gate if (errflg) 7397c478bd9Sstevel@tonic-gate usage(argv[0]); 7407c478bd9Sstevel@tonic-gate 7417c478bd9Sstevel@tonic-gate if (!will_become_server) { 7427c478bd9Sstevel@tonic-gate 7437c478bd9Sstevel@tonic-gate if (showstats) { 7447c478bd9Sstevel@tonic-gate client_showstats(¤t_admin); 7457c478bd9Sstevel@tonic-gate } 7467c478bd9Sstevel@tonic-gate 7477c478bd9Sstevel@tonic-gate if (doset) { 7487c478bd9Sstevel@tonic-gate if (client_setadmin(¤t_admin) < 0) { 7497c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 7507c478bd9Sstevel@tonic-gate "Error during admin call\n"); 7517c478bd9Sstevel@tonic-gate exit(1); 7527c478bd9Sstevel@tonic-gate } 7537c478bd9Sstevel@tonic-gate } 7547c478bd9Sstevel@tonic-gate if (!showstats && !doset) { 7557c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 7567c478bd9Sstevel@tonic-gate "%s already running.... no admin specified\n", 7577c478bd9Sstevel@tonic-gate argv[0]); 7587c478bd9Sstevel@tonic-gate } 7597c478bd9Sstevel@tonic-gate exit(0); 7607c478bd9Sstevel@tonic-gate } 7617c478bd9Sstevel@tonic-gate 7627c478bd9Sstevel@tonic-gate /* 7637c478bd9Sstevel@tonic-gate * daemon from here ou 7647c478bd9Sstevel@tonic-gate */ 7657c478bd9Sstevel@tonic-gate 7667c478bd9Sstevel@tonic-gate if (!loaded_config_file) { 7677c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 7687c478bd9Sstevel@tonic-gate "No configuration file specifed and /etc/nscd.conf" \ 7697c478bd9Sstevel@tonic-gate "not present\n"); 7707c478bd9Sstevel@tonic-gate exit(1); 7717c478bd9Sstevel@tonic-gate } 7727c478bd9Sstevel@tonic-gate 7737c478bd9Sstevel@tonic-gate saved_argv = argv; 7747c478bd9Sstevel@tonic-gate save_execname(); 7757c478bd9Sstevel@tonic-gate 7767c478bd9Sstevel@tonic-gate if (current_admin.debug_level) { 7777c478bd9Sstevel@tonic-gate /* we're debugging... */ 7787c478bd9Sstevel@tonic-gate if (strlen(current_admin.logfile) == 0) 7797c478bd9Sstevel@tonic-gate /* no specified log file */ 7807c478bd9Sstevel@tonic-gate (void) strcpy(current_admin.logfile, "stderr"); 7817c478bd9Sstevel@tonic-gate else 7827c478bd9Sstevel@tonic-gate (void) nscd_set_lf(¤t_admin, 7837c478bd9Sstevel@tonic-gate current_admin.logfile); 7847c478bd9Sstevel@tonic-gate } else { 7857c478bd9Sstevel@tonic-gate if (strlen(current_admin.logfile) == 0) 7867c478bd9Sstevel@tonic-gate (void) strcpy(current_admin.logfile, "/dev/null"); 7877c478bd9Sstevel@tonic-gate (void) nscd_set_lf(¤t_admin, current_admin.logfile); 7887c478bd9Sstevel@tonic-gate detachfromtty(); 7897c478bd9Sstevel@tonic-gate } 7907c478bd9Sstevel@tonic-gate 7917c478bd9Sstevel@tonic-gate /* perform some initialization */ 7927c478bd9Sstevel@tonic-gate initialize_lookup_clearance(); 7937c478bd9Sstevel@tonic-gate keep_open_dns_socket(); 7947c478bd9Sstevel@tonic-gate getpw_init(); 7957c478bd9Sstevel@tonic-gate getgr_init(); 7967c478bd9Sstevel@tonic-gate gethost_init(); 7977c478bd9Sstevel@tonic-gate getnode_init(); 7987c478bd9Sstevel@tonic-gate getexec_init(); 7997c478bd9Sstevel@tonic-gate getprof_init(); 8007c478bd9Sstevel@tonic-gate getuser_init(); 8017c478bd9Sstevel@tonic-gate 8027c478bd9Sstevel@tonic-gate /* Establish our own server thread pool */ 8037c478bd9Sstevel@tonic-gate 8047c478bd9Sstevel@tonic-gate door_server_create(server_create); 8057c478bd9Sstevel@tonic-gate if (thr_keycreate(&server_key, server_destroy) != 0) { 8067c478bd9Sstevel@tonic-gate perror("thr_keycreate"); 8077c478bd9Sstevel@tonic-gate exit(-1); 8087c478bd9Sstevel@tonic-gate } 8097c478bd9Sstevel@tonic-gate 8107c478bd9Sstevel@tonic-gate /* Create a door */ 8117c478bd9Sstevel@tonic-gate 8127c478bd9Sstevel@tonic-gate if ((did = door_create(switcher, NAME_SERVICE_DOOR_COOKIE, 8137c478bd9Sstevel@tonic-gate DOOR_UNREF | DOOR_REFUSE_DESC | DOOR_NO_CANCEL)) < 0) { 8147c478bd9Sstevel@tonic-gate perror("door_create"); 8157c478bd9Sstevel@tonic-gate exit(-1); 8167c478bd9Sstevel@tonic-gate } 8177c478bd9Sstevel@tonic-gate 8187c478bd9Sstevel@tonic-gate /* bind to file system */ 8197c478bd9Sstevel@tonic-gate 820*45916cd2Sjpk if (is_system_labeled()) { 821*45916cd2Sjpk if (stat(TSOL_NAME_SERVICE_DOOR, &buf) < 0) { 822*45916cd2Sjpk int newfd; 823*45916cd2Sjpk if ((newfd = creat(TSOL_NAME_SERVICE_DOOR, 0444)) < 0) { 824*45916cd2Sjpk logit("Cannot create %s:%s\n", 825*45916cd2Sjpk TSOL_NAME_SERVICE_DOOR, strerror(errno)); 826*45916cd2Sjpk exit(1); 827*45916cd2Sjpk } 828*45916cd2Sjpk (void) close(newfd); 829*45916cd2Sjpk } 830*45916cd2Sjpk if (symlink(TSOL_NAME_SERVICE_DOOR, NAME_SERVICE_DOOR) != 0) { 831*45916cd2Sjpk if (errno != EEXIST) { 832*45916cd2Sjpk logit("Cannot symlink %s:%s\n", 833*45916cd2Sjpk NAME_SERVICE_DOOR, strerror(errno)); 834*45916cd2Sjpk exit(1); 835*45916cd2Sjpk } 836*45916cd2Sjpk } 837*45916cd2Sjpk } else if (stat(NAME_SERVICE_DOOR, &buf) < 0) { 8387c478bd9Sstevel@tonic-gate int newfd; 8397c478bd9Sstevel@tonic-gate if ((newfd = creat(NAME_SERVICE_DOOR, 0444)) < 0) { 840*45916cd2Sjpk logit("Cannot create %s:%s\n", NAME_SERVICE_DOOR, 8417c478bd9Sstevel@tonic-gate strerror(errno)); 8427c478bd9Sstevel@tonic-gate exit(1); 8437c478bd9Sstevel@tonic-gate } 8447c478bd9Sstevel@tonic-gate (void) close(newfd); 8457c478bd9Sstevel@tonic-gate } 8467c478bd9Sstevel@tonic-gate 8477c478bd9Sstevel@tonic-gate if (fattach(did, NAME_SERVICE_DOOR) < 0) { 8487c478bd9Sstevel@tonic-gate if ((errno != EBUSY) || 8497c478bd9Sstevel@tonic-gate (fdetach(NAME_SERVICE_DOOR) < 0) || 8507c478bd9Sstevel@tonic-gate (fattach(did, NAME_SERVICE_DOOR) < 0)) { 8517c478bd9Sstevel@tonic-gate perror("door_attach"); 8527c478bd9Sstevel@tonic-gate exit(2); 8537c478bd9Sstevel@tonic-gate } 8547c478bd9Sstevel@tonic-gate } 8557c478bd9Sstevel@tonic-gate 8567c478bd9Sstevel@tonic-gate action.sa_handler = dozip; 8577c478bd9Sstevel@tonic-gate action.sa_flags = 0; 8587c478bd9Sstevel@tonic-gate (void) sigemptyset(&action.sa_mask); 8597c478bd9Sstevel@tonic-gate (void) sigemptyset(&myset); 8607c478bd9Sstevel@tonic-gate (void) sigaddset(&myset, SIGHUP); 8617c478bd9Sstevel@tonic-gate 8627c478bd9Sstevel@tonic-gate if (sigaction(SIGHUP, &action, NULL) < 0) { 8637c478bd9Sstevel@tonic-gate perror("sigaction"); 8647c478bd9Sstevel@tonic-gate exit(1); 8657c478bd9Sstevel@tonic-gate } 8667c478bd9Sstevel@tonic-gate 8677c478bd9Sstevel@tonic-gate if (thr_sigsetmask(SIG_BLOCK, &myset, NULL) < 0) { 8687c478bd9Sstevel@tonic-gate perror("thr_sigsetmask"); 8697c478bd9Sstevel@tonic-gate exit(1); 8707c478bd9Sstevel@tonic-gate } 8717c478bd9Sstevel@tonic-gate 8727c478bd9Sstevel@tonic-gate 8737c478bd9Sstevel@tonic-gate /* 8747c478bd9Sstevel@tonic-gate * kick off revalidate threads 8757c478bd9Sstevel@tonic-gate */ 8767c478bd9Sstevel@tonic-gate 8777c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 8787c478bd9Sstevel@tonic-gate (void *(*)(void *))getpw_revalidate, 0, 0, NULL) != 0) { 8797c478bd9Sstevel@tonic-gate perror("thr_create"); 8807c478bd9Sstevel@tonic-gate exit(1); 8817c478bd9Sstevel@tonic-gate } 8827c478bd9Sstevel@tonic-gate 8837c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 8847c478bd9Sstevel@tonic-gate (void *(*)(void *))gethost_revalidate, 0, 0, NULL) != 0) { 8857c478bd9Sstevel@tonic-gate perror("thr_create"); 8867c478bd9Sstevel@tonic-gate exit(1); 8877c478bd9Sstevel@tonic-gate } 8887c478bd9Sstevel@tonic-gate 8897c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 8907c478bd9Sstevel@tonic-gate (void *(*)(void*))getnode_revalidate, 0, 0, NULL) != 0) { 8917c478bd9Sstevel@tonic-gate perror("thr_create"); 8927c478bd9Sstevel@tonic-gate exit(1); 8937c478bd9Sstevel@tonic-gate } 8947c478bd9Sstevel@tonic-gate 8957c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 8967c478bd9Sstevel@tonic-gate (void *(*)(void*))getgr_revalidate, 0, 0, NULL) != 0) { 8977c478bd9Sstevel@tonic-gate perror("thr_create"); 8987c478bd9Sstevel@tonic-gate exit(1); 8997c478bd9Sstevel@tonic-gate } 9007c478bd9Sstevel@tonic-gate 9017c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9027c478bd9Sstevel@tonic-gate (void *(*)(void*))getexec_revalidate, 0, 0, NULL) != 0) { 9037c478bd9Sstevel@tonic-gate perror("thr_create"); 9047c478bd9Sstevel@tonic-gate exit(1); 9057c478bd9Sstevel@tonic-gate } 9067c478bd9Sstevel@tonic-gate 9077c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9087c478bd9Sstevel@tonic-gate (void *(*)(void*))getprof_revalidate, 0, 0, NULL) != 0) { 9097c478bd9Sstevel@tonic-gate perror("thr_create"); 9107c478bd9Sstevel@tonic-gate exit(1); 9117c478bd9Sstevel@tonic-gate } 9127c478bd9Sstevel@tonic-gate 9137c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9147c478bd9Sstevel@tonic-gate (void *(*)(void*))getuser_revalidate, 0, 0, NULL) != 0) { 9157c478bd9Sstevel@tonic-gate perror("thr_create"); 9167c478bd9Sstevel@tonic-gate exit(1); 9177c478bd9Sstevel@tonic-gate } 9187c478bd9Sstevel@tonic-gate 9197c478bd9Sstevel@tonic-gate /* 9207c478bd9Sstevel@tonic-gate * kick off reaper threads 9217c478bd9Sstevel@tonic-gate */ 9227c478bd9Sstevel@tonic-gate 9237c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9247c478bd9Sstevel@tonic-gate (void *(*)(void *))getpw_uid_reaper, 0, 0, NULL) != 0) { 9257c478bd9Sstevel@tonic-gate perror("thr_create"); 9267c478bd9Sstevel@tonic-gate exit(1); 9277c478bd9Sstevel@tonic-gate } 9287c478bd9Sstevel@tonic-gate 9297c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9307c478bd9Sstevel@tonic-gate (void *(*)(void *))getpw_nam_reaper, 0, 0, NULL) != 0) { 9317c478bd9Sstevel@tonic-gate perror("thr_create"); 9327c478bd9Sstevel@tonic-gate exit(1); 9337c478bd9Sstevel@tonic-gate } 9347c478bd9Sstevel@tonic-gate 9357c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9367c478bd9Sstevel@tonic-gate (void *(*)(void *))getgr_uid_reaper, 0, 0, NULL) != 0) { 9377c478bd9Sstevel@tonic-gate perror("thr_create"); 9387c478bd9Sstevel@tonic-gate exit(1); 9397c478bd9Sstevel@tonic-gate } 9407c478bd9Sstevel@tonic-gate 9417c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9427c478bd9Sstevel@tonic-gate (void *(*)(void *))getgr_nam_reaper, 0, 0, NULL) != 0) { 9437c478bd9Sstevel@tonic-gate perror("thr_create"); 9447c478bd9Sstevel@tonic-gate exit(1); 9457c478bd9Sstevel@tonic-gate } 9467c478bd9Sstevel@tonic-gate 9477c478bd9Sstevel@tonic-gate 9487c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9497c478bd9Sstevel@tonic-gate (void *(*)(void *))gethost_nam_reaper, 0, 0, NULL) != 0) { 9507c478bd9Sstevel@tonic-gate perror("thr_create"); 9517c478bd9Sstevel@tonic-gate exit(1); 9527c478bd9Sstevel@tonic-gate } 9537c478bd9Sstevel@tonic-gate 9547c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9557c478bd9Sstevel@tonic-gate (void *(*)(void *))gethost_addr_reaper, 0, 0, NULL) != 0) { 9567c478bd9Sstevel@tonic-gate perror("thr_create"); 9577c478bd9Sstevel@tonic-gate exit(1); 9587c478bd9Sstevel@tonic-gate } 9597c478bd9Sstevel@tonic-gate 9607c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9617c478bd9Sstevel@tonic-gate (void *(*)(void *))getnode_nam_reaper, 0, 0, NULL) != 0) { 9627c478bd9Sstevel@tonic-gate perror("thr_create"); 9637c478bd9Sstevel@tonic-gate exit(1); 9647c478bd9Sstevel@tonic-gate } 9657c478bd9Sstevel@tonic-gate 9667c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9677c478bd9Sstevel@tonic-gate (void *(*)(void *))getnode_addr_reaper, 0, 0, NULL) != 0) { 9687c478bd9Sstevel@tonic-gate perror("thr_create"); 9697c478bd9Sstevel@tonic-gate exit(1); 9707c478bd9Sstevel@tonic-gate } 9717c478bd9Sstevel@tonic-gate 9727c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9737c478bd9Sstevel@tonic-gate (void *(*)(void *))getexec_reaper, 0, 0, NULL) != 0) { 9747c478bd9Sstevel@tonic-gate perror("thr_create"); 9757c478bd9Sstevel@tonic-gate exit(1); 9767c478bd9Sstevel@tonic-gate } 9777c478bd9Sstevel@tonic-gate 9787c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9797c478bd9Sstevel@tonic-gate (void *(*)(void *))getprof_reaper, 0, 0, NULL) != 0) { 9807c478bd9Sstevel@tonic-gate perror("thr_create"); 9817c478bd9Sstevel@tonic-gate exit(1); 9827c478bd9Sstevel@tonic-gate } 9837c478bd9Sstevel@tonic-gate 9847c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9857c478bd9Sstevel@tonic-gate (void *(*)(void *))getuser_reaper, 0, 0, NULL) != 0) { 9867c478bd9Sstevel@tonic-gate perror("thr_create"); 9877c478bd9Sstevel@tonic-gate exit(1); 9887c478bd9Sstevel@tonic-gate } 9897c478bd9Sstevel@tonic-gate 9907c478bd9Sstevel@tonic-gate /* 9917c478bd9Sstevel@tonic-gate * kick off routing socket monitor thread 9927c478bd9Sstevel@tonic-gate */ 9937c478bd9Sstevel@tonic-gate 9947c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 9957c478bd9Sstevel@tonic-gate (void *(*)(void *))rts_mon, 0, 0, NULL) != 0) { 9967c478bd9Sstevel@tonic-gate perror("thr_create"); 9977c478bd9Sstevel@tonic-gate exit(1); 9987c478bd9Sstevel@tonic-gate } 9997c478bd9Sstevel@tonic-gate 10007c478bd9Sstevel@tonic-gate if (thr_sigsetmask(SIG_UNBLOCK, &myset, NULL) < 0) { 10017c478bd9Sstevel@tonic-gate perror("thr_sigsetmask"); 1002f166393fSesolom return (1); 10037c478bd9Sstevel@tonic-gate } 10047c478bd9Sstevel@tonic-gate 10057c478bd9Sstevel@tonic-gate for (;;) { 10067c478bd9Sstevel@tonic-gate (void) pause(); 10077c478bd9Sstevel@tonic-gate logit("Reloading /etc/nscd.conf\n"); 10087c478bd9Sstevel@tonic-gate nscd_parse(argv[0], "/etc/nscd.conf"); 10097c478bd9Sstevel@tonic-gate } 10107c478bd9Sstevel@tonic-gate } 10117c478bd9Sstevel@tonic-gate 10127c478bd9Sstevel@tonic-gate 10137c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 10147c478bd9Sstevel@tonic-gate static void 10157c478bd9Sstevel@tonic-gate switcher(void *cookie, char *argp, size_t arg_size, 10167c478bd9Sstevel@tonic-gate door_desc_t *dp, uint_t n_desc) 10177c478bd9Sstevel@tonic-gate { 10187c478bd9Sstevel@tonic-gate union { 10197c478bd9Sstevel@tonic-gate nsc_data_t data; 10207c478bd9Sstevel@tonic-gate char space[8192]; 10217c478bd9Sstevel@tonic-gate } u; 10227c478bd9Sstevel@tonic-gate 10237c478bd9Sstevel@tonic-gate time_t now; 10247c478bd9Sstevel@tonic-gate 10257c478bd9Sstevel@tonic-gate static time_t last_nsswitch_check; 10267c478bd9Sstevel@tonic-gate static time_t last_nsswitch_modified; 10277c478bd9Sstevel@tonic-gate static time_t last_resolv_modified; 10287c478bd9Sstevel@tonic-gate 10297c478bd9Sstevel@tonic-gate static mutex_t nsswitch_lock; 10307c478bd9Sstevel@tonic-gate 10317c478bd9Sstevel@tonic-gate nsc_call_t *ptr = (nsc_call_t *)argp; 10327c478bd9Sstevel@tonic-gate 10337c478bd9Sstevel@tonic-gate if (argp == DOOR_UNREF_DATA) { 10347c478bd9Sstevel@tonic-gate (void) printf("Door Slam... exiting\n"); 10357c478bd9Sstevel@tonic-gate exit(0); 10367c478bd9Sstevel@tonic-gate } 10377c478bd9Sstevel@tonic-gate 10387c478bd9Sstevel@tonic-gate if (ptr == NULL) { /* empty door call */ 10397c478bd9Sstevel@tonic-gate (void) door_return(NULL, 0, 0, 0); /* return the favor */ 10407c478bd9Sstevel@tonic-gate } 10417c478bd9Sstevel@tonic-gate 10427c478bd9Sstevel@tonic-gate now = time(NULL); 10437c478bd9Sstevel@tonic-gate 10447c478bd9Sstevel@tonic-gate /* 10457c478bd9Sstevel@tonic-gate * just in case check 10467c478bd9Sstevel@tonic-gate */ 10477c478bd9Sstevel@tonic-gate 10487c478bd9Sstevel@tonic-gate (void) mutex_lock(&nsswitch_lock); 10497c478bd9Sstevel@tonic-gate 10507c478bd9Sstevel@tonic-gate if (now - last_nsswitch_check > 10) { 10517c478bd9Sstevel@tonic-gate struct stat nss_buf; 10527c478bd9Sstevel@tonic-gate struct stat res_buf; 10537c478bd9Sstevel@tonic-gate 10547c478bd9Sstevel@tonic-gate last_nsswitch_check = now; 10557c478bd9Sstevel@tonic-gate 10567c478bd9Sstevel@tonic-gate (void) mutex_unlock(&nsswitch_lock); /* let others continue */ 10577c478bd9Sstevel@tonic-gate 10587c478bd9Sstevel@tonic-gate /* 10597c478bd9Sstevel@tonic-gate * This code keeps us from statting resolv.conf 10607c478bd9Sstevel@tonic-gate * if it doesn't exist, yet prevents us from ignoring 10617c478bd9Sstevel@tonic-gate * it if it happens to disappear later on for a bit. 10627c478bd9Sstevel@tonic-gate */ 10637c478bd9Sstevel@tonic-gate 10647c478bd9Sstevel@tonic-gate if (last_resolv_modified >= 0) { 10657c478bd9Sstevel@tonic-gate if (stat("/etc/resolv.conf", &res_buf) < 0) { 10667c478bd9Sstevel@tonic-gate if (last_resolv_modified == 0) 10677c478bd9Sstevel@tonic-gate last_resolv_modified = -1; 10687c478bd9Sstevel@tonic-gate else 10697c478bd9Sstevel@tonic-gate res_buf.st_mtime = last_resolv_modified; 10707c478bd9Sstevel@tonic-gate } else if (last_resolv_modified == 0) { 10717c478bd9Sstevel@tonic-gate last_resolv_modified = res_buf.st_mtime; 10727c478bd9Sstevel@tonic-gate } 10737c478bd9Sstevel@tonic-gate } 10747c478bd9Sstevel@tonic-gate 10757c478bd9Sstevel@tonic-gate if (stat("/etc/nsswitch.conf", &nss_buf) < 0) { 10767c478bd9Sstevel@tonic-gate 10777c478bd9Sstevel@tonic-gate /*EMPTY*/; 10787c478bd9Sstevel@tonic-gate 10797c478bd9Sstevel@tonic-gate } else if (last_nsswitch_modified == 0) { 10807c478bd9Sstevel@tonic-gate 10817c478bd9Sstevel@tonic-gate last_nsswitch_modified = nss_buf.st_mtime; 10827c478bd9Sstevel@tonic-gate 10837c478bd9Sstevel@tonic-gate } else if ((last_nsswitch_modified < nss_buf.st_mtime) || 10847c478bd9Sstevel@tonic-gate ((last_resolv_modified > 0) && 10857c478bd9Sstevel@tonic-gate (last_resolv_modified < res_buf.st_mtime))) { 10867c478bd9Sstevel@tonic-gate static mutex_t exit_lock; 10877c478bd9Sstevel@tonic-gate char *fmri; 10887c478bd9Sstevel@tonic-gate /* 10897c478bd9Sstevel@tonic-gate * time for restart 10907c478bd9Sstevel@tonic-gate */ 10917c478bd9Sstevel@tonic-gate logit("nscd restart due to /etc/nsswitch.conf or "\ 10927c478bd9Sstevel@tonic-gate "resolv.conf change\n"); 10937c478bd9Sstevel@tonic-gate /* 10947c478bd9Sstevel@tonic-gate * try to restart under smf 10957c478bd9Sstevel@tonic-gate */ 10967c478bd9Sstevel@tonic-gate if ((fmri = getenv("SMF_FMRI")) == NULL) { 10977c478bd9Sstevel@tonic-gate /* not running under smf - reexec */ 10987c478bd9Sstevel@tonic-gate execv(saved_execname, saved_argv); 10997c478bd9Sstevel@tonic-gate exit(1); /* just in case */ 11007c478bd9Sstevel@tonic-gate } 11017c478bd9Sstevel@tonic-gate 11027c478bd9Sstevel@tonic-gate mutex_lock(&exit_lock); /* prevent multiple restarts */ 11037c478bd9Sstevel@tonic-gate if (smf_restart_instance(fmri) == 0) 11047c478bd9Sstevel@tonic-gate sleep(10); /* wait a bit */ 11057c478bd9Sstevel@tonic-gate exit(1); /* give up waiting for resurrection */ 11067c478bd9Sstevel@tonic-gate } 11077c478bd9Sstevel@tonic-gate 11087c478bd9Sstevel@tonic-gate } else 11097c478bd9Sstevel@tonic-gate (void) mutex_unlock(&nsswitch_lock); 11107c478bd9Sstevel@tonic-gate 11117c478bd9Sstevel@tonic-gate switch (ptr->nsc_callnumber) { 11127c478bd9Sstevel@tonic-gate 11137c478bd9Sstevel@tonic-gate case NULLCALL: 11147c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_return_code = SUCCESS; 11157c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_bufferbytesused = sizeof (nsc_return_t); 11167c478bd9Sstevel@tonic-gate break; 11177c478bd9Sstevel@tonic-gate 11187c478bd9Sstevel@tonic-gate 11197c478bd9Sstevel@tonic-gate case GETPWNAM: 11207c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; /* FALLTHROUGH */ 11217c478bd9Sstevel@tonic-gate case GETPWUID: 11227c478bd9Sstevel@tonic-gate getpw_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 11237c478bd9Sstevel@tonic-gate break; 11247c478bd9Sstevel@tonic-gate 11257c478bd9Sstevel@tonic-gate case GETGRNAM: 11267c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; /* FALLTHROUGH */ 11277c478bd9Sstevel@tonic-gate case GETGRGID: 11287c478bd9Sstevel@tonic-gate getgr_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 11297c478bd9Sstevel@tonic-gate break; 11307c478bd9Sstevel@tonic-gate 11317c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 11327c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; /* FALLTHROUGH */ 11337c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 11347c478bd9Sstevel@tonic-gate gethost_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 11357c478bd9Sstevel@tonic-gate break; 11367c478bd9Sstevel@tonic-gate 11377c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 11387c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; /* FALLTHROUGH */ 11397c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 11407c478bd9Sstevel@tonic-gate getnode_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 11417c478bd9Sstevel@tonic-gate break; 11427c478bd9Sstevel@tonic-gate 11437c478bd9Sstevel@tonic-gate case GETEXECID: 11447c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; 11457c478bd9Sstevel@tonic-gate getexec_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 11467c478bd9Sstevel@tonic-gate break; 11477c478bd9Sstevel@tonic-gate 11487c478bd9Sstevel@tonic-gate case GETPROFNAM: 11497c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; 11507c478bd9Sstevel@tonic-gate getprof_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 11517c478bd9Sstevel@tonic-gate break; 11527c478bd9Sstevel@tonic-gate 11537c478bd9Sstevel@tonic-gate case GETUSERNAM: 11547c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; 11557c478bd9Sstevel@tonic-gate getuser_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 11567c478bd9Sstevel@tonic-gate break; 11577c478bd9Sstevel@tonic-gate 11587c478bd9Sstevel@tonic-gate case GETADMIN: 11597c478bd9Sstevel@tonic-gate getadmin(&u.data.nsc_ret, sizeof (u), ptr); 11607c478bd9Sstevel@tonic-gate break; 11617c478bd9Sstevel@tonic-gate 11627c478bd9Sstevel@tonic-gate case SETADMIN: 11637c478bd9Sstevel@tonic-gate case KILLSERVER: { 11647c478bd9Sstevel@tonic-gate 11657c478bd9Sstevel@tonic-gate ucred_t *uc = NULL; 11667c478bd9Sstevel@tonic-gate const priv_set_t *eset; 11677c478bd9Sstevel@tonic-gate zoneid_t zoneid; 11687c478bd9Sstevel@tonic-gate 11697c478bd9Sstevel@tonic-gate if (door_ucred(&uc) != 0) { 11707c478bd9Sstevel@tonic-gate perror("door_ucred"); 11717c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_return_code = NOTFOUND; 11727c478bd9Sstevel@tonic-gate break; 11737c478bd9Sstevel@tonic-gate } 11747c478bd9Sstevel@tonic-gate 11757c478bd9Sstevel@tonic-gate eset = ucred_getprivset(uc, PRIV_EFFECTIVE); 11767c478bd9Sstevel@tonic-gate zoneid = ucred_getzoneid(uc); 11777c478bd9Sstevel@tonic-gate 11787c478bd9Sstevel@tonic-gate if ((zoneid != GLOBAL_ZONEID && zoneid != getzoneid()) || 11797c478bd9Sstevel@tonic-gate eset != NULL ? !priv_ismember(eset, PRIV_SYS_ADMIN) : 11807c478bd9Sstevel@tonic-gate ucred_geteuid(uc) != 0) { 11817c478bd9Sstevel@tonic-gate logit("SETADMIN call failed(cred): caller pid %d, " 11827c478bd9Sstevel@tonic-gate "uid %d, euid %d, zoneid %d\n", ucred_getpid(uc), 11837c478bd9Sstevel@tonic-gate ucred_getruid(uc), ucred_geteuid(uc), zoneid); 11847c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_return_code = NOTFOUND; 11857c478bd9Sstevel@tonic-gate ucred_free(uc); 11867c478bd9Sstevel@tonic-gate break; 11877c478bd9Sstevel@tonic-gate } 11887c478bd9Sstevel@tonic-gate 11897c478bd9Sstevel@tonic-gate if (ptr->nsc_callnumber == KILLSERVER) { 11907c478bd9Sstevel@tonic-gate logit("Nscd received KILLSERVER cmd from pid %d, " 11917c478bd9Sstevel@tonic-gate "uid %d, euid %d, zoneid %d\n", ucred_getpid(uc), 11927c478bd9Sstevel@tonic-gate ucred_getruid(uc), ucred_geteuid(uc), zoneid); 11937c478bd9Sstevel@tonic-gate exit(0); 11947c478bd9Sstevel@tonic-gate } else { 11957c478bd9Sstevel@tonic-gate if (setadmin(&u.data.nsc_ret, sizeof (u), ptr) != 0) 11967c478bd9Sstevel@tonic-gate logit("SETADMIN call failed\n"); 11977c478bd9Sstevel@tonic-gate } 11987c478bd9Sstevel@tonic-gate ucred_free(uc); 11997c478bd9Sstevel@tonic-gate break; 12007c478bd9Sstevel@tonic-gate } 12017c478bd9Sstevel@tonic-gate 12027c478bd9Sstevel@tonic-gate default: 12037c478bd9Sstevel@tonic-gate logit("Unknown name service door call op %d\n", 12047c478bd9Sstevel@tonic-gate ptr->nsc_callnumber); 12057c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_return_code = -1; 12067c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_bufferbytesused = sizeof (nsc_return_t); 12077c478bd9Sstevel@tonic-gate break; 12087c478bd9Sstevel@tonic-gate 12097c478bd9Sstevel@tonic-gate } 12107c478bd9Sstevel@tonic-gate door_return((char *)&u.data, u.data.nsc_ret.nsc_bufferbytesused, 12117c478bd9Sstevel@tonic-gate NULL, 0); 12127c478bd9Sstevel@tonic-gate } 12137c478bd9Sstevel@tonic-gate 12147c478bd9Sstevel@tonic-gate /* 12157c478bd9Sstevel@tonic-gate * Monitor the routing socket. Address lists stored in the ipnodes 12167c478bd9Sstevel@tonic-gate * cache are sorted based on destination address selection rules, 12177c478bd9Sstevel@tonic-gate * so when things change that could affect that sorting (interfaces 12187c478bd9Sstevel@tonic-gate * go up or down, flags change, etc.), we clear that cache so the 12197c478bd9Sstevel@tonic-gate * list will be re-ordered the next time the hostname is resolved. 12207c478bd9Sstevel@tonic-gate */ 12217c478bd9Sstevel@tonic-gate static void 12227c478bd9Sstevel@tonic-gate rts_mon(void) 12237c478bd9Sstevel@tonic-gate { 12247c478bd9Sstevel@tonic-gate int rt_sock, rdlen; 12257c478bd9Sstevel@tonic-gate union { 12267c478bd9Sstevel@tonic-gate struct { 12277c478bd9Sstevel@tonic-gate struct rt_msghdr rtm; 12287c478bd9Sstevel@tonic-gate struct sockaddr_storage addrs[RTA_NUMBITS]; 12297c478bd9Sstevel@tonic-gate } r; 12307c478bd9Sstevel@tonic-gate struct if_msghdr ifm; 12317c478bd9Sstevel@tonic-gate struct ifa_msghdr ifam; 12327c478bd9Sstevel@tonic-gate } mbuf; 12337c478bd9Sstevel@tonic-gate struct ifa_msghdr *ifam = &mbuf.ifam; 12347c478bd9Sstevel@tonic-gate 12357c478bd9Sstevel@tonic-gate rt_sock = socket(PF_ROUTE, SOCK_RAW, 0); 12367c478bd9Sstevel@tonic-gate if (rt_sock < 0) { 12377c478bd9Sstevel@tonic-gate logit("Failed to open routing socket: %s\n", strerror(errno)); 12387c478bd9Sstevel@tonic-gate thr_exit(0); 12397c478bd9Sstevel@tonic-gate } 12407c478bd9Sstevel@tonic-gate 12417c478bd9Sstevel@tonic-gate for (;;) { 12427c478bd9Sstevel@tonic-gate rdlen = read(rt_sock, &mbuf, sizeof (mbuf)); 12437c478bd9Sstevel@tonic-gate if (rdlen <= 0) { 12447c478bd9Sstevel@tonic-gate if (rdlen == 0 || (errno != EINTR && errno != EAGAIN)) { 12457c478bd9Sstevel@tonic-gate logit("routing socket read: %s\n", 12467c478bd9Sstevel@tonic-gate strerror(errno)); 12477c478bd9Sstevel@tonic-gate thr_exit(0); 12487c478bd9Sstevel@tonic-gate } 12497c478bd9Sstevel@tonic-gate continue; 12507c478bd9Sstevel@tonic-gate } 12517c478bd9Sstevel@tonic-gate if (ifam->ifam_version != RTM_VERSION) { 12527c478bd9Sstevel@tonic-gate logit("rx unknown version (%d) on routing socket.\n", 12537c478bd9Sstevel@tonic-gate ifam->ifam_version); 12547c478bd9Sstevel@tonic-gate continue; 12557c478bd9Sstevel@tonic-gate } 12567c478bd9Sstevel@tonic-gate switch (ifam->ifam_type) { 12577c478bd9Sstevel@tonic-gate case RTM_NEWADDR: 12587c478bd9Sstevel@tonic-gate case RTM_DELADDR: 12597c478bd9Sstevel@tonic-gate getnode_name_invalidate(); 12607c478bd9Sstevel@tonic-gate break; 12617c478bd9Sstevel@tonic-gate case RTM_ADD: 12627c478bd9Sstevel@tonic-gate case RTM_DELETE: 12637c478bd9Sstevel@tonic-gate case RTM_CHANGE: 12647c478bd9Sstevel@tonic-gate case RTM_GET: 12657c478bd9Sstevel@tonic-gate case RTM_LOSING: 12667c478bd9Sstevel@tonic-gate case RTM_REDIRECT: 12677c478bd9Sstevel@tonic-gate case RTM_MISS: 12687c478bd9Sstevel@tonic-gate case RTM_LOCK: 12697c478bd9Sstevel@tonic-gate case RTM_OLDADD: 12707c478bd9Sstevel@tonic-gate case RTM_OLDDEL: 12717c478bd9Sstevel@tonic-gate case RTM_RESOLVE: 12727c478bd9Sstevel@tonic-gate case RTM_IFINFO: 12737c478bd9Sstevel@tonic-gate break; 12747c478bd9Sstevel@tonic-gate default: 12757c478bd9Sstevel@tonic-gate logit("rx unknown msg type (%d) on routing socket.\n", 12767c478bd9Sstevel@tonic-gate ifam->ifam_type); 12777c478bd9Sstevel@tonic-gate break; 12787c478bd9Sstevel@tonic-gate } 12797c478bd9Sstevel@tonic-gate } 12807c478bd9Sstevel@tonic-gate } 12817c478bd9Sstevel@tonic-gate 12827c478bd9Sstevel@tonic-gate static void 12837c478bd9Sstevel@tonic-gate usage(char *s) 12847c478bd9Sstevel@tonic-gate { 12857c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 12867c478bd9Sstevel@tonic-gate "Usage: %s [-d debug_level] [-l logfilename]\n", s); 12877c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 12887c478bd9Sstevel@tonic-gate " [-p cachename,positive_time_to_live]\n"); 12897c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 12907c478bd9Sstevel@tonic-gate " [-n cachename,negative_time_to_live]\n"); 12917c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 12927c478bd9Sstevel@tonic-gate " [-i cachename] [-s cachename,suggestedsize]\n"); 12937c478bd9Sstevel@tonic-gate 12947c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 12957c478bd9Sstevel@tonic-gate " [-h cachename,keep_hot_count] "\ 12967c478bd9Sstevel@tonic-gate "[-o cachename,\"yes\"|\"no\"]\n"); 12977c478bd9Sstevel@tonic-gate 12987c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 12997c478bd9Sstevel@tonic-gate " [-e cachename,\"yes\"|\"no\"] [-g] " \ 13007c478bd9Sstevel@tonic-gate "[-c cachename,\"yes\"|\"no\"]\n"); 13017c478bd9Sstevel@tonic-gate 13027c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 13037c478bd9Sstevel@tonic-gate " [-f configfilename] \n"); 13047c478bd9Sstevel@tonic-gate 13057c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 13067c478bd9Sstevel@tonic-gate "\n Supported caches: passwd, group, hosts, ipnodes\n"); 13077c478bd9Sstevel@tonic-gate 13087c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 13097c478bd9Sstevel@tonic-gate " exec_attr, prof_attr, and user_attr.\n"); 13107c478bd9Sstevel@tonic-gate 13117c478bd9Sstevel@tonic-gate exit(1); 13127c478bd9Sstevel@tonic-gate 13137c478bd9Sstevel@tonic-gate } 13147c478bd9Sstevel@tonic-gate 13157c478bd9Sstevel@tonic-gate 13167c478bd9Sstevel@tonic-gate static int logfd = 2; 13177c478bd9Sstevel@tonic-gate 13187c478bd9Sstevel@tonic-gate int 13197c478bd9Sstevel@tonic-gate nscd_set_lf(admin_t *ptr, char *s) 13207c478bd9Sstevel@tonic-gate { 13217c478bd9Sstevel@tonic-gate int newlogfd; 13227c478bd9Sstevel@tonic-gate 13237c478bd9Sstevel@tonic-gate /* 13247c478bd9Sstevel@tonic-gate * we don't really want to try and open the log file 13257c478bd9Sstevel@tonic-gate * /dev/null since that will fail w/ our security fixes 13267c478bd9Sstevel@tonic-gate */ 13277c478bd9Sstevel@tonic-gate 13287c478bd9Sstevel@tonic-gate if (*s == 0) { 13297c478bd9Sstevel@tonic-gate /* ignore empty log file specs */ 13307c478bd9Sstevel@tonic-gate /*EMPTY*/; 13317c478bd9Sstevel@tonic-gate } else if (s == NULL || strcmp(s, "/dev/null") == 0) { 13327c478bd9Sstevel@tonic-gate (void) strcpy(current_admin.logfile, "/dev/null"); 13337c478bd9Sstevel@tonic-gate (void) close(logfd); 13347c478bd9Sstevel@tonic-gate logfd = -1; 13357c478bd9Sstevel@tonic-gate } else { 13367c478bd9Sstevel@tonic-gate /* 13377c478bd9Sstevel@tonic-gate * In order to open this file securely, we'll try a few tricks 13387c478bd9Sstevel@tonic-gate */ 13397c478bd9Sstevel@tonic-gate 13407c478bd9Sstevel@tonic-gate if ((newlogfd = open(s, O_EXCL|O_WRONLY|O_CREAT, 0644)) < 0) { 13417c478bd9Sstevel@tonic-gate /* 13427c478bd9Sstevel@tonic-gate * File already exists... now we need to get cute 13437c478bd9Sstevel@tonic-gate * since opening a file in a world-writeable directory 13447c478bd9Sstevel@tonic-gate * safely is hard = it could be a hard link or a 13457c478bd9Sstevel@tonic-gate * symbolic link to a system file. 13467c478bd9Sstevel@tonic-gate */ 13477c478bd9Sstevel@tonic-gate struct stat before; 13487c478bd9Sstevel@tonic-gate 13497c478bd9Sstevel@tonic-gate if (lstat(s, &before) < 0) { 13507c478bd9Sstevel@tonic-gate logit("Cannot open new logfile \"%s\": %sn", 13517c478bd9Sstevel@tonic-gate s, strerror(errno)); 13527c478bd9Sstevel@tonic-gate return (-1); 13537c478bd9Sstevel@tonic-gate } 13547c478bd9Sstevel@tonic-gate 13557c478bd9Sstevel@tonic-gate if (S_ISREG(before.st_mode) && /* no symbolic links */ 13567c478bd9Sstevel@tonic-gate (before.st_nlink == 1) && /* no hard links */ 13577c478bd9Sstevel@tonic-gate (before.st_uid == 0)) { /* owned by root */ 13587c478bd9Sstevel@tonic-gate if ((newlogfd = 13597c478bd9Sstevel@tonic-gate open(s, O_APPEND|O_WRONLY, 0644)) < 0) { 13607c478bd9Sstevel@tonic-gate logit("Cannot open new "\ 13617c478bd9Sstevel@tonic-gate "logfile \"%s\": %s\n", s, 13627c478bd9Sstevel@tonic-gate strerror(errno)); 13637c478bd9Sstevel@tonic-gate return (-1); 13647c478bd9Sstevel@tonic-gate } 13657c478bd9Sstevel@tonic-gate } else { 13667c478bd9Sstevel@tonic-gate logit("Cannot use specified logfile \"%s\": "\ 13677c478bd9Sstevel@tonic-gate "file is/has links or isn't owned by "\ 13687c478bd9Sstevel@tonic-gate "root\n", s); 13697c478bd9Sstevel@tonic-gate return (-1); 13707c478bd9Sstevel@tonic-gate } 13717c478bd9Sstevel@tonic-gate } 13727c478bd9Sstevel@tonic-gate 13737c478bd9Sstevel@tonic-gate (void) strlcpy(ptr->logfile, s, 128); 13747c478bd9Sstevel@tonic-gate (void) close(logfd); 13757c478bd9Sstevel@tonic-gate logfd = newlogfd; 13767c478bd9Sstevel@tonic-gate logit("Start of new logfile %s\n", s); 13777c478bd9Sstevel@tonic-gate } 13787c478bd9Sstevel@tonic-gate return (0); 13797c478bd9Sstevel@tonic-gate } 13807c478bd9Sstevel@tonic-gate 13817c478bd9Sstevel@tonic-gate void 13827c478bd9Sstevel@tonic-gate logit(char *format, ...) 13837c478bd9Sstevel@tonic-gate { 13847c478bd9Sstevel@tonic-gate static mutex_t loglock; 13857c478bd9Sstevel@tonic-gate struct timeval tv; 13867c478bd9Sstevel@tonic-gate 13877c478bd9Sstevel@tonic-gate #define LOGBUFLEN 1024 13887c478bd9Sstevel@tonic-gate char buffer[LOGBUFLEN]; 13897c478bd9Sstevel@tonic-gate 13907c478bd9Sstevel@tonic-gate va_list ap; 13917c478bd9Sstevel@tonic-gate va_start(ap, format); 13927c478bd9Sstevel@tonic-gate 13937c478bd9Sstevel@tonic-gate if (logfd >= 0) { 13947c478bd9Sstevel@tonic-gate int safechars, offset; 13957c478bd9Sstevel@tonic-gate if (gettimeofday(&tv, NULL) != 0 || 13967c478bd9Sstevel@tonic-gate ctime_r(&tv.tv_sec, buffer, LOGBUFLEN) == NULL) { 13977c478bd9Sstevel@tonic-gate (void) snprintf(buffer, LOGBUFLEN, 13987c478bd9Sstevel@tonic-gate "<time conversion failed>\t"); 13997c478bd9Sstevel@tonic-gate } else { 14007c478bd9Sstevel@tonic-gate /* 14017c478bd9Sstevel@tonic-gate * ctime_r() includes some stuff we don't want; 14027c478bd9Sstevel@tonic-gate * adjust length to overwrite " YYYY\n". 14037c478bd9Sstevel@tonic-gate */ 14047c478bd9Sstevel@tonic-gate offset = strlen(buffer) - 6; 14057c478bd9Sstevel@tonic-gate safechars = LOGBUFLEN - (offset - 1); 14067c478bd9Sstevel@tonic-gate (void) snprintf(buffer + offset, safechars, ".%.4ld\t", 14077c478bd9Sstevel@tonic-gate tv.tv_usec/100); 14087c478bd9Sstevel@tonic-gate } 14097c478bd9Sstevel@tonic-gate offset = strlen(buffer); 14107c478bd9Sstevel@tonic-gate safechars = LOGBUFLEN - (offset - 1); 14117c478bd9Sstevel@tonic-gate if (vsnprintf(buffer + offset, safechars, format, ap) > 14127c478bd9Sstevel@tonic-gate safechars) { 14137c478bd9Sstevel@tonic-gate (void) strncat(buffer, "...\n", LOGBUFLEN); 14147c478bd9Sstevel@tonic-gate } 14157c478bd9Sstevel@tonic-gate 14167c478bd9Sstevel@tonic-gate (void) mutex_lock(&loglock); 14177c478bd9Sstevel@tonic-gate (void) write(logfd, buffer, strlen(buffer)); 14187c478bd9Sstevel@tonic-gate (void) mutex_unlock(&loglock); 14197c478bd9Sstevel@tonic-gate } 14207c478bd9Sstevel@tonic-gate 14217c478bd9Sstevel@tonic-gate va_end(ap); 14227c478bd9Sstevel@tonic-gate #undef LOGBUFLEN 14237c478bd9Sstevel@tonic-gate } 14247c478bd9Sstevel@tonic-gate 14257c478bd9Sstevel@tonic-gate static void 14267c478bd9Sstevel@tonic-gate do_update(nsc_call_t *in) 14277c478bd9Sstevel@tonic-gate { 14287c478bd9Sstevel@tonic-gate union { 14297c478bd9Sstevel@tonic-gate nsc_data_t data; 14307c478bd9Sstevel@tonic-gate char space[8192]; 14317c478bd9Sstevel@tonic-gate } u; 14327c478bd9Sstevel@tonic-gate 14337c478bd9Sstevel@tonic-gate time_t now = time(NULL); 14347c478bd9Sstevel@tonic-gate 14357c478bd9Sstevel@tonic-gate switch (MASKUPDATEBIT(in->nsc_callnumber)) { 14367c478bd9Sstevel@tonic-gate 14377c478bd9Sstevel@tonic-gate case GETPWUID: 14387c478bd9Sstevel@tonic-gate case GETPWNAM: 14397c478bd9Sstevel@tonic-gate getpw_lookup(&u.data.nsc_ret, sizeof (u), in, now); 14407c478bd9Sstevel@tonic-gate break; 14417c478bd9Sstevel@tonic-gate 14427c478bd9Sstevel@tonic-gate case GETGRNAM: 14437c478bd9Sstevel@tonic-gate case GETGRGID: 14447c478bd9Sstevel@tonic-gate getgr_lookup(&u.data.nsc_ret, sizeof (u), in, now); 14457c478bd9Sstevel@tonic-gate break; 14467c478bd9Sstevel@tonic-gate 14477c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 14487c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 14497c478bd9Sstevel@tonic-gate gethost_lookup(&u.data.nsc_ret, sizeof (u), in, now); 14507c478bd9Sstevel@tonic-gate break; 14517c478bd9Sstevel@tonic-gate 14527c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 14537c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 14547c478bd9Sstevel@tonic-gate getnode_lookup(&u.data.nsc_ret, sizeof (u), in, now); 14557c478bd9Sstevel@tonic-gate break; 14567c478bd9Sstevel@tonic-gate 14577c478bd9Sstevel@tonic-gate case GETEXECID: 14587c478bd9Sstevel@tonic-gate getexec_lookup(&u.data.nsc_ret, sizeof (u), in, now); 14597c478bd9Sstevel@tonic-gate break; 14607c478bd9Sstevel@tonic-gate 14617c478bd9Sstevel@tonic-gate case GETPROFNAM: 14627c478bd9Sstevel@tonic-gate getprof_lookup(&u.data.nsc_ret, sizeof (u), in, now); 14637c478bd9Sstevel@tonic-gate break; 14647c478bd9Sstevel@tonic-gate 14657c478bd9Sstevel@tonic-gate case GETUSERNAM: 14667c478bd9Sstevel@tonic-gate getuser_lookup(&u.data.nsc_ret, sizeof (u), in, now); 14677c478bd9Sstevel@tonic-gate break; 14687c478bd9Sstevel@tonic-gate 14697c478bd9Sstevel@tonic-gate default: 14707c478bd9Sstevel@tonic-gate assert(0); 14717c478bd9Sstevel@tonic-gate break; 14727c478bd9Sstevel@tonic-gate } 14737c478bd9Sstevel@tonic-gate 14747c478bd9Sstevel@tonic-gate free(in); 14757c478bd9Sstevel@tonic-gate } 14767c478bd9Sstevel@tonic-gate 14777c478bd9Sstevel@tonic-gate int 14787c478bd9Sstevel@tonic-gate launch_update(nsc_call_t *in) 14797c478bd9Sstevel@tonic-gate { 14807c478bd9Sstevel@tonic-gate nsc_call_t *c; 14817c478bd9Sstevel@tonic-gate 14827c478bd9Sstevel@tonic-gate int l = nsc_calllen(in); 14837c478bd9Sstevel@tonic-gate 14847c478bd9Sstevel@tonic-gate in->nsc_callnumber |= UPDATEBIT; 14857c478bd9Sstevel@tonic-gate 14867c478bd9Sstevel@tonic-gate if ((c = malloc(l)) == NULL) { 14877c478bd9Sstevel@tonic-gate logit("thread create failed: %s\n", strerror(errno)); 14887c478bd9Sstevel@tonic-gate exit(1); 14897c478bd9Sstevel@tonic-gate } 14907c478bd9Sstevel@tonic-gate (void) memcpy(c, in, l); 14917c478bd9Sstevel@tonic-gate 14927c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_ALL) { 14937c478bd9Sstevel@tonic-gate logit("launching update\n"); 14947c478bd9Sstevel@tonic-gate } 14957c478bd9Sstevel@tonic-gate 14967c478bd9Sstevel@tonic-gate if (thr_create(NULL, 14977c478bd9Sstevel@tonic-gate NULL, 14987c478bd9Sstevel@tonic-gate (void *(*)(void*))do_update, 14997c478bd9Sstevel@tonic-gate c, 15007c478bd9Sstevel@tonic-gate 0|THR_DETACHED, NULL) != 0) { 15017c478bd9Sstevel@tonic-gate logit("thread create failed\n"); 15027c478bd9Sstevel@tonic-gate exit(1); 15037c478bd9Sstevel@tonic-gate } 15047c478bd9Sstevel@tonic-gate 15057c478bd9Sstevel@tonic-gate return (0); 15067c478bd9Sstevel@tonic-gate } 15077c478bd9Sstevel@tonic-gate 15087c478bd9Sstevel@tonic-gate static int 15097c478bd9Sstevel@tonic-gate nsc_calllen(nsc_call_t *in) 15107c478bd9Sstevel@tonic-gate { 15117c478bd9Sstevel@tonic-gate switch (MASKUPDATEBIT(in->nsc_callnumber)) { 15127c478bd9Sstevel@tonic-gate 15137c478bd9Sstevel@tonic-gate case GETPWUID: 15147c478bd9Sstevel@tonic-gate case GETGRGID: 15157c478bd9Sstevel@tonic-gate case NULLCALL: 15167c478bd9Sstevel@tonic-gate return (sizeof (*in)); 15177c478bd9Sstevel@tonic-gate 15187c478bd9Sstevel@tonic-gate case GETPWNAM: 15197c478bd9Sstevel@tonic-gate case GETGRNAM: 15207c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 15217c478bd9Sstevel@tonic-gate return (sizeof (*in) + strlen(in->nsc_u.name)); 15227c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 15237c478bd9Sstevel@tonic-gate return (sizeof (*in) + strlen(in->nsc_u.ipnode.name)); 15247c478bd9Sstevel@tonic-gate 15257c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 15267c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 15277c478bd9Sstevel@tonic-gate return (sizeof (*in) + in->nsc_u.addr.a_length); 15287c478bd9Sstevel@tonic-gate 15297c478bd9Sstevel@tonic-gate case GETEXECID: 15307c478bd9Sstevel@tonic-gate case GETPROFNAM: 15317c478bd9Sstevel@tonic-gate case GETUSERNAM: 15327c478bd9Sstevel@tonic-gate 15337c478bd9Sstevel@tonic-gate return (sizeof (*in) + strlen(in->nsc_u.name)); 15347c478bd9Sstevel@tonic-gate } 15357c478bd9Sstevel@tonic-gate 15367c478bd9Sstevel@tonic-gate return (0); 15377c478bd9Sstevel@tonic-gate } 15387c478bd9Sstevel@tonic-gate 15397c478bd9Sstevel@tonic-gate static int 15407c478bd9Sstevel@tonic-gate client_getadmin(admin_t *ptr) 15417c478bd9Sstevel@tonic-gate { 15427c478bd9Sstevel@tonic-gate union { 15437c478bd9Sstevel@tonic-gate nsc_data_t data; 15447c478bd9Sstevel@tonic-gate char space[8192]; 15457c478bd9Sstevel@tonic-gate } u; 15467c478bd9Sstevel@tonic-gate 15477c478bd9Sstevel@tonic-gate nsc_data_t *dptr; 15487c478bd9Sstevel@tonic-gate int ndata; 15497c478bd9Sstevel@tonic-gate int adata; 15507c478bd9Sstevel@tonic-gate 15517c478bd9Sstevel@tonic-gate u.data.nsc_call.nsc_callnumber = GETADMIN; 15527c478bd9Sstevel@tonic-gate ndata = sizeof (u); 15537c478bd9Sstevel@tonic-gate adata = sizeof (u.data); 15547c478bd9Sstevel@tonic-gate dptr = &u.data; 15557c478bd9Sstevel@tonic-gate 15567c478bd9Sstevel@tonic-gate if (_nsc_trydoorcall(&dptr, &ndata, &adata) != SUCCESS) { 15577c478bd9Sstevel@tonic-gate return (-1); 15587c478bd9Sstevel@tonic-gate } 15597c478bd9Sstevel@tonic-gate 15607c478bd9Sstevel@tonic-gate (void) memcpy(ptr, dptr->nsc_ret.nsc_u.buff, sizeof (*ptr)); 15617c478bd9Sstevel@tonic-gate return (0); 15627c478bd9Sstevel@tonic-gate } 15637c478bd9Sstevel@tonic-gate 15647c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 15657c478bd9Sstevel@tonic-gate static void 15667c478bd9Sstevel@tonic-gate getadmin(nsc_return_t *out, int size, nsc_call_t *ptr) 15677c478bd9Sstevel@tonic-gate { 15687c478bd9Sstevel@tonic-gate out->nsc_return_code = SUCCESS; 15697c478bd9Sstevel@tonic-gate out->nsc_bufferbytesused = sizeof (current_admin); 15707c478bd9Sstevel@tonic-gate (void) memcpy(out->nsc_u.buff, ¤t_admin, sizeof (current_admin)); 15717c478bd9Sstevel@tonic-gate } 15727c478bd9Sstevel@tonic-gate 15737c478bd9Sstevel@tonic-gate 15747c478bd9Sstevel@tonic-gate static int 15757c478bd9Sstevel@tonic-gate nscd_set_rbac(admin_t *new_admin, int invalidate) 15767c478bd9Sstevel@tonic-gate { 15777c478bd9Sstevel@tonic-gate int i; 15787c478bd9Sstevel@tonic-gate char *dbname = NULL; 15797c478bd9Sstevel@tonic-gate nsc_stat_t *cache = NULL; 15807c478bd9Sstevel@tonic-gate nsc_stat_t *new = NULL; 15817c478bd9Sstevel@tonic-gate void (*invalidate_func)(void); 15827c478bd9Sstevel@tonic-gate 15837c478bd9Sstevel@tonic-gate 15847c478bd9Sstevel@tonic-gate for (i = 1; i <= 3; i++) { 15857c478bd9Sstevel@tonic-gate /* 15867c478bd9Sstevel@tonic-gate * Three of the RBAC databases are cached. 15877c478bd9Sstevel@tonic-gate */ 15887c478bd9Sstevel@tonic-gate switch (i) { 15897c478bd9Sstevel@tonic-gate case 1: 15907c478bd9Sstevel@tonic-gate dbname = NSS_DBNAM_EXECATTR; 15917c478bd9Sstevel@tonic-gate cache = ¤t_admin.exec; 15927c478bd9Sstevel@tonic-gate new = &new_admin->exec; 15937c478bd9Sstevel@tonic-gate invalidate_func = getexec_invalidate; 15947c478bd9Sstevel@tonic-gate break; 15957c478bd9Sstevel@tonic-gate case 2: 15967c478bd9Sstevel@tonic-gate dbname = NSS_DBNAM_PROFATTR; 15977c478bd9Sstevel@tonic-gate cache = ¤t_admin.prof; 15987c478bd9Sstevel@tonic-gate new = &new_admin->prof; 15997c478bd9Sstevel@tonic-gate invalidate_func = getprof_invalidate; 16007c478bd9Sstevel@tonic-gate break; 16017c478bd9Sstevel@tonic-gate case 3: 16027c478bd9Sstevel@tonic-gate dbname = NSS_DBNAM_USERATTR; 16037c478bd9Sstevel@tonic-gate cache = ¤t_admin.user; 16047c478bd9Sstevel@tonic-gate new = &new_admin->user; 16057c478bd9Sstevel@tonic-gate invalidate_func = getuser_invalidate; 16067c478bd9Sstevel@tonic-gate break; 16077c478bd9Sstevel@tonic-gate default: 16087c478bd9Sstevel@tonic-gate break; 16097c478bd9Sstevel@tonic-gate } 16107c478bd9Sstevel@tonic-gate 16117c478bd9Sstevel@tonic-gate if (invalidate) { 16127c478bd9Sstevel@tonic-gate if (new->nsc_invalidate) { 16137c478bd9Sstevel@tonic-gate logit("Invalidating %s cache\n", dbname); 16147c478bd9Sstevel@tonic-gate (*invalidate_func)(); 16157c478bd9Sstevel@tonic-gate } 16167c478bd9Sstevel@tonic-gate } else { 16177c478bd9Sstevel@tonic-gate if (nscd_set_ttl_positive(cache, dbname, 16187c478bd9Sstevel@tonic-gate new->nsc_pos_ttl) < 0 || 16197c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(cache, dbname, 16207c478bd9Sstevel@tonic-gate new->nsc_neg_ttl) < 0 || 16217c478bd9Sstevel@tonic-gate nscd_set_khc(cache, dbname, new->nsc_keephot) < 0 || 16227c478bd9Sstevel@tonic-gate nscd_set_odo(cache, dbname, 16237c478bd9Sstevel@tonic-gate new->nsc_old_data_ok) < 0 || 16247c478bd9Sstevel@tonic-gate nscd_set_ec(cache, dbname, new->nsc_enabled) < 0 || 16257c478bd9Sstevel@tonic-gate nscd_set_ss(cache, dbname, 16267c478bd9Sstevel@tonic-gate new->nsc_suggestedsize) < 0) 16277c478bd9Sstevel@tonic-gate return (-1); 16287c478bd9Sstevel@tonic-gate } 16297c478bd9Sstevel@tonic-gate } 16307c478bd9Sstevel@tonic-gate 16317c478bd9Sstevel@tonic-gate return (0); 16327c478bd9Sstevel@tonic-gate } 16337c478bd9Sstevel@tonic-gate 16347c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 16357c478bd9Sstevel@tonic-gate static int 16367c478bd9Sstevel@tonic-gate setadmin(nsc_return_t *out, int size, nsc_call_t *ptr) 16377c478bd9Sstevel@tonic-gate { 16387c478bd9Sstevel@tonic-gate admin_t *new; 16397c478bd9Sstevel@tonic-gate 16407c478bd9Sstevel@tonic-gate out->nsc_return_code = SUCCESS; 16417c478bd9Sstevel@tonic-gate out->nsc_bufferbytesused = sizeof (nsc_return_t); 16427c478bd9Sstevel@tonic-gate 16437c478bd9Sstevel@tonic-gate new = (admin_t *)ptr->nsc_u.name; 16447c478bd9Sstevel@tonic-gate 16457c478bd9Sstevel@tonic-gate 16467c478bd9Sstevel@tonic-gate /* 16477c478bd9Sstevel@tonic-gate * global admin stuff 16487c478bd9Sstevel@tonic-gate */ 16497c478bd9Sstevel@tonic-gate 16507c478bd9Sstevel@tonic-gate if ((nscd_set_lf(¤t_admin, new->logfile) < 0) || 16517c478bd9Sstevel@tonic-gate nscd_set_dl(¤t_admin, new->debug_level) < 0) { 16527c478bd9Sstevel@tonic-gate out->nsc_return_code = NOTFOUND; 16537c478bd9Sstevel@tonic-gate return (-1); 16547c478bd9Sstevel@tonic-gate } 16557c478bd9Sstevel@tonic-gate 16567c478bd9Sstevel@tonic-gate /* 16577c478bd9Sstevel@tonic-gate * per cache items 16587c478bd9Sstevel@tonic-gate */ 16597c478bd9Sstevel@tonic-gate 16607c478bd9Sstevel@tonic-gate if (new->passwd.nsc_invalidate) { 16617c478bd9Sstevel@tonic-gate logit("Invalidating passwd cache\n"); 16627c478bd9Sstevel@tonic-gate getpw_invalidate(); 16637c478bd9Sstevel@tonic-gate } 16647c478bd9Sstevel@tonic-gate 16657c478bd9Sstevel@tonic-gate if (new->group.nsc_invalidate) { 16667c478bd9Sstevel@tonic-gate logit("Invalidating group cache\n"); 16677c478bd9Sstevel@tonic-gate getgr_invalidate(); 16687c478bd9Sstevel@tonic-gate } 16697c478bd9Sstevel@tonic-gate 16707c478bd9Sstevel@tonic-gate if (new->host.nsc_invalidate) { 16717c478bd9Sstevel@tonic-gate logit("Invalidating host cache\n"); 16727c478bd9Sstevel@tonic-gate gethost_invalidate(); 16737c478bd9Sstevel@tonic-gate } 16747c478bd9Sstevel@tonic-gate 16757c478bd9Sstevel@tonic-gate if (new->node.nsc_invalidate) { 16767c478bd9Sstevel@tonic-gate logit("Invalidating ipnodes cache\n"); 16777c478bd9Sstevel@tonic-gate getnode_invalidate(); 16787c478bd9Sstevel@tonic-gate } 16797c478bd9Sstevel@tonic-gate 16807c478bd9Sstevel@tonic-gate (void) nscd_set_rbac(new, 1); /* invalidate rbac cache */ 16817c478bd9Sstevel@tonic-gate 16827c478bd9Sstevel@tonic-gate if (nscd_set_ttl_positive(¤t_admin.passwd, 16837c478bd9Sstevel@tonic-gate "passwd", 16847c478bd9Sstevel@tonic-gate new->passwd.nsc_pos_ttl) < 0 || 16857c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(¤t_admin.passwd, 16867c478bd9Sstevel@tonic-gate "passwd", 16877c478bd9Sstevel@tonic-gate new->passwd.nsc_neg_ttl) < 0 || 16887c478bd9Sstevel@tonic-gate nscd_set_khc(¤t_admin.passwd, 16897c478bd9Sstevel@tonic-gate "passwd", 16907c478bd9Sstevel@tonic-gate new->passwd.nsc_keephot) < 0 || 16917c478bd9Sstevel@tonic-gate nscd_set_odo(¤t_admin.passwd, 16927c478bd9Sstevel@tonic-gate "passwd", 16937c478bd9Sstevel@tonic-gate new->passwd.nsc_old_data_ok) < 0 || 16947c478bd9Sstevel@tonic-gate nscd_set_ec(¤t_admin.passwd, 16957c478bd9Sstevel@tonic-gate "passwd", 16967c478bd9Sstevel@tonic-gate new->passwd.nsc_enabled) < 0 || 16977c478bd9Sstevel@tonic-gate nscd_set_ss(¤t_admin.passwd, 16987c478bd9Sstevel@tonic-gate "passwd", 16997c478bd9Sstevel@tonic-gate new->passwd.nsc_suggestedsize) < 0 || 17007c478bd9Sstevel@tonic-gate 17017c478bd9Sstevel@tonic-gate nscd_set_ttl_positive(¤t_admin.group, 17027c478bd9Sstevel@tonic-gate "group", 17037c478bd9Sstevel@tonic-gate new->group.nsc_pos_ttl) < 0 || 17047c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(¤t_admin.group, 17057c478bd9Sstevel@tonic-gate "group", 17067c478bd9Sstevel@tonic-gate new->group.nsc_neg_ttl) < 0 || 17077c478bd9Sstevel@tonic-gate nscd_set_khc(¤t_admin.group, 17087c478bd9Sstevel@tonic-gate "group", 17097c478bd9Sstevel@tonic-gate new->group.nsc_keephot) < 0 || 17107c478bd9Sstevel@tonic-gate nscd_set_odo(¤t_admin.group, 17117c478bd9Sstevel@tonic-gate "group", 17127c478bd9Sstevel@tonic-gate new->group.nsc_old_data_ok) < 0 || 17137c478bd9Sstevel@tonic-gate nscd_set_ec(¤t_admin.group, 17147c478bd9Sstevel@tonic-gate "group", 17157c478bd9Sstevel@tonic-gate new->group.nsc_enabled) < 0 || 17167c478bd9Sstevel@tonic-gate nscd_set_ss(¤t_admin.group, 17177c478bd9Sstevel@tonic-gate "group", 17187c478bd9Sstevel@tonic-gate new->group.nsc_suggestedsize) < 0 || 17197c478bd9Sstevel@tonic-gate 17207c478bd9Sstevel@tonic-gate nscd_set_ttl_positive(¤t_admin.node, 17217c478bd9Sstevel@tonic-gate "ipnodes", 17227c478bd9Sstevel@tonic-gate new->node.nsc_pos_ttl) < 0 || 17237c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(¤t_admin.node, 17247c478bd9Sstevel@tonic-gate "ipnodes", 17257c478bd9Sstevel@tonic-gate new->node.nsc_neg_ttl) < 0 || 17267c478bd9Sstevel@tonic-gate nscd_set_khc(¤t_admin.node, 17277c478bd9Sstevel@tonic-gate "ipnodes", 17287c478bd9Sstevel@tonic-gate new->node.nsc_keephot) < 0 || 17297c478bd9Sstevel@tonic-gate nscd_set_odo(¤t_admin.node, 17307c478bd9Sstevel@tonic-gate "ipnodes", 17317c478bd9Sstevel@tonic-gate new->node.nsc_old_data_ok) < 0 || 17327c478bd9Sstevel@tonic-gate nscd_set_ec(¤t_admin.node, 17337c478bd9Sstevel@tonic-gate "ipnodes", 17347c478bd9Sstevel@tonic-gate new->node.nsc_enabled) < 0 || 17357c478bd9Sstevel@tonic-gate nscd_set_ss(¤t_admin.node, 17367c478bd9Sstevel@tonic-gate "ipnodes", 17377c478bd9Sstevel@tonic-gate new->node.nsc_suggestedsize) < 0 || 17387c478bd9Sstevel@tonic-gate 17397c478bd9Sstevel@tonic-gate nscd_set_ttl_positive(¤t_admin.host, 17407c478bd9Sstevel@tonic-gate "hosts", 17417c478bd9Sstevel@tonic-gate new->host.nsc_pos_ttl) < 0 || 17427c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(¤t_admin.host, 17437c478bd9Sstevel@tonic-gate "hosts", 17447c478bd9Sstevel@tonic-gate new->host.nsc_neg_ttl) < 0 || 17457c478bd9Sstevel@tonic-gate nscd_set_khc(¤t_admin.host, 17467c478bd9Sstevel@tonic-gate "hosts", 17477c478bd9Sstevel@tonic-gate new->host.nsc_keephot) < 0 || 17487c478bd9Sstevel@tonic-gate nscd_set_odo(¤t_admin.host, 17497c478bd9Sstevel@tonic-gate "hosts", 17507c478bd9Sstevel@tonic-gate new->host.nsc_old_data_ok) < 0 || 17517c478bd9Sstevel@tonic-gate nscd_set_ec(¤t_admin.host, 17527c478bd9Sstevel@tonic-gate "hosts", 17537c478bd9Sstevel@tonic-gate new->host.nsc_enabled) < 0 || 17547c478bd9Sstevel@tonic-gate nscd_set_ss(¤t_admin.host, 17557c478bd9Sstevel@tonic-gate "hosts", 17567c478bd9Sstevel@tonic-gate new->host.nsc_suggestedsize) < 0 || 17577c478bd9Sstevel@tonic-gate nscd_set_rbac(new, 0) < 0) { 17587c478bd9Sstevel@tonic-gate out->nsc_return_code = NOTFOUND; 17597c478bd9Sstevel@tonic-gate return (-1); 17607c478bd9Sstevel@tonic-gate } 17617c478bd9Sstevel@tonic-gate out->nsc_return_code = SUCCESS; 17627c478bd9Sstevel@tonic-gate return (0); 17637c478bd9Sstevel@tonic-gate } 17647c478bd9Sstevel@tonic-gate 17657c478bd9Sstevel@tonic-gate void 17667c478bd9Sstevel@tonic-gate client_killserver(void) 17677c478bd9Sstevel@tonic-gate { 17687c478bd9Sstevel@tonic-gate union { 17697c478bd9Sstevel@tonic-gate nsc_data_t data; 17707c478bd9Sstevel@tonic-gate char space[8192]; 17717c478bd9Sstevel@tonic-gate } u; 17727c478bd9Sstevel@tonic-gate 17737c478bd9Sstevel@tonic-gate nsc_data_t *dptr; 17747c478bd9Sstevel@tonic-gate int ndata; 17757c478bd9Sstevel@tonic-gate int adata; 17767c478bd9Sstevel@tonic-gate 17777c478bd9Sstevel@tonic-gate u.data.nsc_call.nsc_callnumber = KILLSERVER; 17787c478bd9Sstevel@tonic-gate 17797c478bd9Sstevel@tonic-gate ndata = sizeof (u); 17807c478bd9Sstevel@tonic-gate adata = sizeof (nsc_call_t); 17817c478bd9Sstevel@tonic-gate 17827c478bd9Sstevel@tonic-gate dptr = &u.data; 17837c478bd9Sstevel@tonic-gate 17847c478bd9Sstevel@tonic-gate _nsc_trydoorcall(&dptr, &ndata, &adata); 17857c478bd9Sstevel@tonic-gate } 17867c478bd9Sstevel@tonic-gate 17877c478bd9Sstevel@tonic-gate 17887c478bd9Sstevel@tonic-gate static int 17897c478bd9Sstevel@tonic-gate client_setadmin(admin_t *ptr) 17907c478bd9Sstevel@tonic-gate { 17917c478bd9Sstevel@tonic-gate union { 17927c478bd9Sstevel@tonic-gate nsc_data_t data; 17937c478bd9Sstevel@tonic-gate char space[8192]; 17947c478bd9Sstevel@tonic-gate } u; 17957c478bd9Sstevel@tonic-gate 17967c478bd9Sstevel@tonic-gate nsc_data_t *dptr; 17977c478bd9Sstevel@tonic-gate int ndata; 17987c478bd9Sstevel@tonic-gate int adata; 17997c478bd9Sstevel@tonic-gate 18007c478bd9Sstevel@tonic-gate u.data.nsc_call.nsc_callnumber = SETADMIN; 18017c478bd9Sstevel@tonic-gate 18027c478bd9Sstevel@tonic-gate (void) memcpy(u.data.nsc_call.nsc_u.name, ptr, sizeof (*ptr)); 18037c478bd9Sstevel@tonic-gate 18047c478bd9Sstevel@tonic-gate ndata = sizeof (u); 18057c478bd9Sstevel@tonic-gate adata = sizeof (*ptr); 18067c478bd9Sstevel@tonic-gate 18077c478bd9Sstevel@tonic-gate dptr = &u.data; 18087c478bd9Sstevel@tonic-gate 18097c478bd9Sstevel@tonic-gate if (_nsc_trydoorcall(&dptr, &ndata, &adata) != SUCCESS) { 18107c478bd9Sstevel@tonic-gate return (-1); 18117c478bd9Sstevel@tonic-gate } 18127c478bd9Sstevel@tonic-gate 18137c478bd9Sstevel@tonic-gate return (0); 18147c478bd9Sstevel@tonic-gate } 18157c478bd9Sstevel@tonic-gate 18167c478bd9Sstevel@tonic-gate static void 18177c478bd9Sstevel@tonic-gate dump_stat(nsc_stat_t *ptr) 18187c478bd9Sstevel@tonic-gate { 18197c478bd9Sstevel@tonic-gate double hitrate; 18207c478bd9Sstevel@tonic-gate (void) printf("%10s cache is enabled\n", 18217c478bd9Sstevel@tonic-gate (ptr->nsc_enabled?"Yes":"No")); 18227c478bd9Sstevel@tonic-gate (void) printf("%10d cache hits on positive entries\n", 18237c478bd9Sstevel@tonic-gate ptr->nsc_pos_cache_hits); 18247c478bd9Sstevel@tonic-gate (void) printf("%10d cache hits on negative entries\n", 18257c478bd9Sstevel@tonic-gate ptr->nsc_neg_cache_hits); 18267c478bd9Sstevel@tonic-gate (void) printf("%10d cache misses on positive entries\n", 18277c478bd9Sstevel@tonic-gate ptr->nsc_pos_cache_misses); 18287c478bd9Sstevel@tonic-gate (void) printf("%10d cache misses on negative entries\n", 18297c478bd9Sstevel@tonic-gate ptr->nsc_neg_cache_misses); 18307c478bd9Sstevel@tonic-gate hitrate = ptr->nsc_pos_cache_misses + ptr->nsc_neg_cache_misses + 18317c478bd9Sstevel@tonic-gate ptr->nsc_pos_cache_hits + ptr->nsc_neg_cache_hits; 18327c478bd9Sstevel@tonic-gate 18337c478bd9Sstevel@tonic-gate if (hitrate > 0.0) 18347c478bd9Sstevel@tonic-gate hitrate = (100.0 * ((double)ptr->nsc_pos_cache_hits + 18357c478bd9Sstevel@tonic-gate (double)ptr->nsc_neg_cache_hits))/hitrate; 18367c478bd9Sstevel@tonic-gate 18377c478bd9Sstevel@tonic-gate (void) printf("%10.1f%% cache hit rate\n", hitrate); 18387c478bd9Sstevel@tonic-gate (void) printf("%10d queries deferred\n", ptr->nsc_throttle_count); 18397c478bd9Sstevel@tonic-gate (void) printf("%10d total entries\n", ptr->nsc_entries); 18407c478bd9Sstevel@tonic-gate (void) printf("%10d complete cache invalidations\n", 18417c478bd9Sstevel@tonic-gate ptr->nsc_invalidate_count); 18427c478bd9Sstevel@tonic-gate (void) printf("%10d suggested size\n", ptr->nsc_suggestedsize); 18437c478bd9Sstevel@tonic-gate (void) printf("%10d seconds time to live for positive entries\n", 18447c478bd9Sstevel@tonic-gate ptr->nsc_pos_ttl); 18457c478bd9Sstevel@tonic-gate (void) printf("%10d seconds time to live for negative entries\n", 18467c478bd9Sstevel@tonic-gate ptr->nsc_neg_ttl); 18477c478bd9Sstevel@tonic-gate (void) printf("%10d most active entries to be kept valid\n", 18487c478bd9Sstevel@tonic-gate ptr->nsc_keephot); 18497c478bd9Sstevel@tonic-gate (void) printf("%10s check /etc/{passwd, group, hosts, inet/ipnodes} " 18507c478bd9Sstevel@tonic-gate "file for changes\n", 18517c478bd9Sstevel@tonic-gate (ptr->nsc_check_files?"Yes":"No")); 18527c478bd9Sstevel@tonic-gate 18537c478bd9Sstevel@tonic-gate (void) printf("%10s use possibly stale data rather than waiting for " 18547c478bd9Sstevel@tonic-gate "refresh\n", 18557c478bd9Sstevel@tonic-gate (ptr->nsc_old_data_ok?"Yes":"No")); 18567c478bd9Sstevel@tonic-gate } 18577c478bd9Sstevel@tonic-gate 18587c478bd9Sstevel@tonic-gate static void 18597c478bd9Sstevel@tonic-gate client_showstats(admin_t *ptr) 18607c478bd9Sstevel@tonic-gate { 18617c478bd9Sstevel@tonic-gate 18627c478bd9Sstevel@tonic-gate (void) printf("nscd configuration:\n\n"); 18637c478bd9Sstevel@tonic-gate (void) printf("%10d server debug level\n", ptr->debug_level); 18647c478bd9Sstevel@tonic-gate (void) printf("\"%s\" is server log file\n", ptr->logfile); 18657c478bd9Sstevel@tonic-gate 18667c478bd9Sstevel@tonic-gate (void) printf("\npasswd cache:\n\n"); 18677c478bd9Sstevel@tonic-gate dump_stat(&(ptr->passwd)); 18687c478bd9Sstevel@tonic-gate (void) printf("\ngroup cache:\n\n"); 18697c478bd9Sstevel@tonic-gate dump_stat(&(ptr->group)); 18707c478bd9Sstevel@tonic-gate (void) printf("\nhosts cache:\n\n"); 18717c478bd9Sstevel@tonic-gate dump_stat(&(ptr->host)); 18727c478bd9Sstevel@tonic-gate (void) printf("\nipnodes cache:\n\n"); 18737c478bd9Sstevel@tonic-gate dump_stat(&(ptr->node)); 18747c478bd9Sstevel@tonic-gate (void) printf("\nexec_attr cache:\n\n"); 18757c478bd9Sstevel@tonic-gate dump_stat(&(ptr->exec)); 18767c478bd9Sstevel@tonic-gate (void) printf("\nprof_attr cache:\n\n"); 18777c478bd9Sstevel@tonic-gate dump_stat(&(ptr->prof)); 18787c478bd9Sstevel@tonic-gate (void) printf("\nuser_attr cache:\n\n"); 18797c478bd9Sstevel@tonic-gate dump_stat(&(ptr->user)); 18807c478bd9Sstevel@tonic-gate } 18817c478bd9Sstevel@tonic-gate 18827c478bd9Sstevel@tonic-gate 18837c478bd9Sstevel@tonic-gate 18847c478bd9Sstevel@tonic-gate /* 18857c478bd9Sstevel@tonic-gate * detach from tty 18867c478bd9Sstevel@tonic-gate */ 18877c478bd9Sstevel@tonic-gate static void 18887c478bd9Sstevel@tonic-gate detachfromtty(void) 18897c478bd9Sstevel@tonic-gate { 18907c478bd9Sstevel@tonic-gate if (logfd > 0) { 18917c478bd9Sstevel@tonic-gate int i; 18927c478bd9Sstevel@tonic-gate for (i = 0; i < logfd; i++) 18937c478bd9Sstevel@tonic-gate (void) close(i); 18947c478bd9Sstevel@tonic-gate closefrom(logfd+1); 18957c478bd9Sstevel@tonic-gate } else 18967c478bd9Sstevel@tonic-gate closefrom(0); 18977c478bd9Sstevel@tonic-gate 18987c478bd9Sstevel@tonic-gate (void) chdir("/"); 18997c478bd9Sstevel@tonic-gate 19007c478bd9Sstevel@tonic-gate switch (fork1()) { 19017c478bd9Sstevel@tonic-gate case (pid_t)-1: 19027c478bd9Sstevel@tonic-gate exit(1); 19037c478bd9Sstevel@tonic-gate break; 19047c478bd9Sstevel@tonic-gate case 0: 19057c478bd9Sstevel@tonic-gate break; 19067c478bd9Sstevel@tonic-gate default: 19077c478bd9Sstevel@tonic-gate exit(0); 19087c478bd9Sstevel@tonic-gate } 19097c478bd9Sstevel@tonic-gate (void) setsid(); 19107c478bd9Sstevel@tonic-gate (void) open("/dev/null", O_RDWR, 0); 19117c478bd9Sstevel@tonic-gate (void) dup(0); 19127c478bd9Sstevel@tonic-gate (void) dup(0); 19137c478bd9Sstevel@tonic-gate } 1914