1*7c478bd9Sstevel@tonic-gate /* 2*7c478bd9Sstevel@tonic-gate * CDDL HEADER START 3*7c478bd9Sstevel@tonic-gate * 4*7c478bd9Sstevel@tonic-gate * The contents of this file are subject to the terms of the 5*7c478bd9Sstevel@tonic-gate * Common Development and Distribution License, Version 1.0 only 6*7c478bd9Sstevel@tonic-gate * (the "License"). You may not use this file except in compliance 7*7c478bd9Sstevel@tonic-gate * with the License. 8*7c478bd9Sstevel@tonic-gate * 9*7c478bd9Sstevel@tonic-gate * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*7c478bd9Sstevel@tonic-gate * or http://www.opensolaris.org/os/licensing. 11*7c478bd9Sstevel@tonic-gate * See the License for the specific language governing permissions 12*7c478bd9Sstevel@tonic-gate * and limitations under the License. 13*7c478bd9Sstevel@tonic-gate * 14*7c478bd9Sstevel@tonic-gate * When distributing Covered Code, include this CDDL HEADER in each 15*7c478bd9Sstevel@tonic-gate * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*7c478bd9Sstevel@tonic-gate * If applicable, add the following below this CDDL HEADER, with the 17*7c478bd9Sstevel@tonic-gate * fields enclosed by brackets "[]" replaced with your own identifying 18*7c478bd9Sstevel@tonic-gate * information: Portions Copyright [yyyy] [name of copyright owner] 19*7c478bd9Sstevel@tonic-gate * 20*7c478bd9Sstevel@tonic-gate * CDDL HEADER END 21*7c478bd9Sstevel@tonic-gate */ 22*7c478bd9Sstevel@tonic-gate /* 23*7c478bd9Sstevel@tonic-gate * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 24*7c478bd9Sstevel@tonic-gate * Use is subject to license terms. 25*7c478bd9Sstevel@tonic-gate */ 26*7c478bd9Sstevel@tonic-gate 27*7c478bd9Sstevel@tonic-gate #pragma ident "%Z%%M% %I% %E% SMI" 28*7c478bd9Sstevel@tonic-gate 29*7c478bd9Sstevel@tonic-gate /* 30*7c478bd9Sstevel@tonic-gate * Simple doors name server cache daemon 31*7c478bd9Sstevel@tonic-gate */ 32*7c478bd9Sstevel@tonic-gate 33*7c478bd9Sstevel@tonic-gate #include <stdio.h> 34*7c478bd9Sstevel@tonic-gate #include <signal.h> 35*7c478bd9Sstevel@tonic-gate #include <sys/door.h> 36*7c478bd9Sstevel@tonic-gate #include <sys/types.h> 37*7c478bd9Sstevel@tonic-gate #include <time.h> 38*7c478bd9Sstevel@tonic-gate #include <string.h> 39*7c478bd9Sstevel@tonic-gate #include <sys/stat.h> 40*7c478bd9Sstevel@tonic-gate #include <sys/time.h> 41*7c478bd9Sstevel@tonic-gate #include <sys/wait.h> 42*7c478bd9Sstevel@tonic-gate #include <sys/zone.h> 43*7c478bd9Sstevel@tonic-gate #include <stdlib.h> 44*7c478bd9Sstevel@tonic-gate #include <errno.h> 45*7c478bd9Sstevel@tonic-gate #include <pthread.h> 46*7c478bd9Sstevel@tonic-gate #include <thread.h> 47*7c478bd9Sstevel@tonic-gate #include <stdarg.h> 48*7c478bd9Sstevel@tonic-gate #include <fcntl.h> 49*7c478bd9Sstevel@tonic-gate #include <assert.h> 50*7c478bd9Sstevel@tonic-gate #include <unistd.h> 51*7c478bd9Sstevel@tonic-gate #include <memory.h> 52*7c478bd9Sstevel@tonic-gate #include <sys/socket.h> 53*7c478bd9Sstevel@tonic-gate #include <net/route.h> 54*7c478bd9Sstevel@tonic-gate #include <net/if.h> 55*7c478bd9Sstevel@tonic-gate #include <netinet/in.h> 56*7c478bd9Sstevel@tonic-gate #include <arpa/nameser.h> 57*7c478bd9Sstevel@tonic-gate #include <resolv.h> 58*7c478bd9Sstevel@tonic-gate #include <door.h> 59*7c478bd9Sstevel@tonic-gate #include "getxby_door.h" 60*7c478bd9Sstevel@tonic-gate #include "server_door.h" 61*7c478bd9Sstevel@tonic-gate #include "nscd.h" 62*7c478bd9Sstevel@tonic-gate /* Includes for filenames of databases */ 63*7c478bd9Sstevel@tonic-gate #include <shadow.h> 64*7c478bd9Sstevel@tonic-gate #include <userdefs.h> 65*7c478bd9Sstevel@tonic-gate #include <netdb.h> 66*7c478bd9Sstevel@tonic-gate #include <nss_dbdefs.h> 67*7c478bd9Sstevel@tonic-gate #include <exec_attr.h> 68*7c478bd9Sstevel@tonic-gate #include <prof_attr.h> 69*7c478bd9Sstevel@tonic-gate #include <user_attr.h> 70*7c478bd9Sstevel@tonic-gate #include <ucred.h> 71*7c478bd9Sstevel@tonic-gate #include <priv.h> 72*7c478bd9Sstevel@tonic-gate #include <libscf.h> 73*7c478bd9Sstevel@tonic-gate 74*7c478bd9Sstevel@tonic-gate extern int optind; 75*7c478bd9Sstevel@tonic-gate extern int opterr; 76*7c478bd9Sstevel@tonic-gate extern int optopt; 77*7c478bd9Sstevel@tonic-gate extern char *optarg; 78*7c478bd9Sstevel@tonic-gate 79*7c478bd9Sstevel@tonic-gate static void switcher(void *, char *, size_t, door_desc_t *, uint_t); 80*7c478bd9Sstevel@tonic-gate static void rts_mon(void); 81*7c478bd9Sstevel@tonic-gate static void usage(char *); 82*7c478bd9Sstevel@tonic-gate static int nsc_calllen(nsc_call_t *); 83*7c478bd9Sstevel@tonic-gate static int client_getadmin(admin_t *); 84*7c478bd9Sstevel@tonic-gate static void getadmin(nsc_return_t *, int, nsc_call_t *); 85*7c478bd9Sstevel@tonic-gate static int setadmin(nsc_return_t *, int, nsc_call_t *); 86*7c478bd9Sstevel@tonic-gate static void client_killserver(void); 87*7c478bd9Sstevel@tonic-gate static int client_setadmin(admin_t *); 88*7c478bd9Sstevel@tonic-gate static void client_showstats(admin_t *); 89*7c478bd9Sstevel@tonic-gate static void detachfromtty(void); 90*7c478bd9Sstevel@tonic-gate 91*7c478bd9Sstevel@tonic-gate 92*7c478bd9Sstevel@tonic-gate admin_t current_admin; 93*7c478bd9Sstevel@tonic-gate static int will_become_server; 94*7c478bd9Sstevel@tonic-gate 95*7c478bd9Sstevel@tonic-gate void 96*7c478bd9Sstevel@tonic-gate nsc_reaper(char *tbl_name, hash_t *tbl, nsc_stat_t *admin_ptr, 97*7c478bd9Sstevel@tonic-gate mutex_t *hash_lock) 98*7c478bd9Sstevel@tonic-gate { 99*7c478bd9Sstevel@tonic-gate uint_t count; 100*7c478bd9Sstevel@tonic-gate uint_t interval; 101*7c478bd9Sstevel@tonic-gate 102*7c478bd9Sstevel@tonic-gate while (1) { 103*7c478bd9Sstevel@tonic-gate 104*7c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_ALL) { 105*7c478bd9Sstevel@tonic-gate logit("reaper_%s: %d entries in cache\n", 106*7c478bd9Sstevel@tonic-gate tbl_name, admin_ptr->nsc_entries); 107*7c478bd9Sstevel@tonic-gate } 108*7c478bd9Sstevel@tonic-gate if (admin_ptr->nsc_entries > 0) { 109*7c478bd9Sstevel@tonic-gate count = reap_hash(tbl, admin_ptr, hash_lock, 110*7c478bd9Sstevel@tonic-gate admin_ptr->nsc_pos_ttl); 111*7c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_ALL) { 112*7c478bd9Sstevel@tonic-gate logit("reaper_%s: reaped %d entries\n", 113*7c478bd9Sstevel@tonic-gate tbl_name, count); 114*7c478bd9Sstevel@tonic-gate } 115*7c478bd9Sstevel@tonic-gate } else { 116*7c478bd9Sstevel@tonic-gate /* 117*7c478bd9Sstevel@tonic-gate * We set a minimum wait of 60 before checking again; 118*7c478bd9Sstevel@tonic-gate * we don't want to sleep for no time at all. 119*7c478bd9Sstevel@tonic-gate * We don't clamp it for the reaping itself, that is 120*7c478bd9Sstevel@tonic-gate * done in reap_hash, and with a different minimum. 121*7c478bd9Sstevel@tonic-gate */ 122*7c478bd9Sstevel@tonic-gate interval = admin_ptr->nsc_pos_ttl; 123*7c478bd9Sstevel@tonic-gate if (interval < 60) interval = 60; 124*7c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_ALL) { 125*7c478bd9Sstevel@tonic-gate logit( 126*7c478bd9Sstevel@tonic-gate "reaper_%s: Nothing to reap, sleep %d\n", 127*7c478bd9Sstevel@tonic-gate tbl_name, interval); 128*7c478bd9Sstevel@tonic-gate } 129*7c478bd9Sstevel@tonic-gate sleep(interval); 130*7c478bd9Sstevel@tonic-gate } 131*7c478bd9Sstevel@tonic-gate } 132*7c478bd9Sstevel@tonic-gate } 133*7c478bd9Sstevel@tonic-gate 134*7c478bd9Sstevel@tonic-gate nsc_stat_t * 135*7c478bd9Sstevel@tonic-gate getcacheptr(char *s) 136*7c478bd9Sstevel@tonic-gate { 137*7c478bd9Sstevel@tonic-gate static const char *caches[7] = {"passwd", "group", "hosts", "ipnodes", 138*7c478bd9Sstevel@tonic-gate "exec_attr", "prof_attr", "user_attr" }; 139*7c478bd9Sstevel@tonic-gate 140*7c478bd9Sstevel@tonic-gate if (strncmp(caches[0], s, strlen(caches[0])) == 0) 141*7c478bd9Sstevel@tonic-gate return (¤t_admin.passwd); 142*7c478bd9Sstevel@tonic-gate 143*7c478bd9Sstevel@tonic-gate if (strncmp(caches[1], s, strlen(caches[1])) == 0) 144*7c478bd9Sstevel@tonic-gate return (¤t_admin.group); 145*7c478bd9Sstevel@tonic-gate 146*7c478bd9Sstevel@tonic-gate if (strncmp(caches[2], s, strlen(caches[2])) == 0) 147*7c478bd9Sstevel@tonic-gate return (¤t_admin.host); 148*7c478bd9Sstevel@tonic-gate 149*7c478bd9Sstevel@tonic-gate if (strncmp(caches[3], s, strlen(caches[3])) == 0) 150*7c478bd9Sstevel@tonic-gate return (¤t_admin.node); 151*7c478bd9Sstevel@tonic-gate 152*7c478bd9Sstevel@tonic-gate if (strncmp(caches[4], s, strlen(caches[4])) == 0) 153*7c478bd9Sstevel@tonic-gate return (¤t_admin.exec); 154*7c478bd9Sstevel@tonic-gate 155*7c478bd9Sstevel@tonic-gate if (strncmp(caches[5], s, strlen(caches[5])) == 0) 156*7c478bd9Sstevel@tonic-gate return (¤t_admin.prof); 157*7c478bd9Sstevel@tonic-gate 158*7c478bd9Sstevel@tonic-gate if (strncmp(caches[6], s, strlen(caches[6])) == 0) 159*7c478bd9Sstevel@tonic-gate return (¤t_admin.user); 160*7c478bd9Sstevel@tonic-gate 161*7c478bd9Sstevel@tonic-gate return (NULL); 162*7c478bd9Sstevel@tonic-gate } 163*7c478bd9Sstevel@tonic-gate 164*7c478bd9Sstevel@tonic-gate static char * 165*7c478bd9Sstevel@tonic-gate getcacheopt(char *s) 166*7c478bd9Sstevel@tonic-gate { 167*7c478bd9Sstevel@tonic-gate while (*s && *s != ',') 168*7c478bd9Sstevel@tonic-gate s++; 169*7c478bd9Sstevel@tonic-gate return ((*s == ',') ? (s + 1) : NULL); 170*7c478bd9Sstevel@tonic-gate } 171*7c478bd9Sstevel@tonic-gate 172*7c478bd9Sstevel@tonic-gate /* 173*7c478bd9Sstevel@tonic-gate * routine to check if server is already running 174*7c478bd9Sstevel@tonic-gate */ 175*7c478bd9Sstevel@tonic-gate 176*7c478bd9Sstevel@tonic-gate static int 177*7c478bd9Sstevel@tonic-gate nsc_ping(void) 178*7c478bd9Sstevel@tonic-gate { 179*7c478bd9Sstevel@tonic-gate nsc_data_t data; 180*7c478bd9Sstevel@tonic-gate nsc_data_t *dptr; 181*7c478bd9Sstevel@tonic-gate int ndata; 182*7c478bd9Sstevel@tonic-gate int adata; 183*7c478bd9Sstevel@tonic-gate 184*7c478bd9Sstevel@tonic-gate data.nsc_call.nsc_callnumber = NULLCALL; 185*7c478bd9Sstevel@tonic-gate ndata = sizeof (data); 186*7c478bd9Sstevel@tonic-gate adata = sizeof (data); 187*7c478bd9Sstevel@tonic-gate dptr = &data; 188*7c478bd9Sstevel@tonic-gate return (_nsc_trydoorcall(&dptr, &ndata, &adata)); 189*7c478bd9Sstevel@tonic-gate } 190*7c478bd9Sstevel@tonic-gate 191*7c478bd9Sstevel@tonic-gate static void 192*7c478bd9Sstevel@tonic-gate dozip(void) 193*7c478bd9Sstevel@tonic-gate { 194*7c478bd9Sstevel@tonic-gate /* not much here */ 195*7c478bd9Sstevel@tonic-gate } 196*7c478bd9Sstevel@tonic-gate 197*7c478bd9Sstevel@tonic-gate static void 198*7c478bd9Sstevel@tonic-gate keep_open_dns_socket(void) 199*7c478bd9Sstevel@tonic-gate { 200*7c478bd9Sstevel@tonic-gate _res.options |= RES_STAYOPEN; /* just keep this udp socket open */ 201*7c478bd9Sstevel@tonic-gate } 202*7c478bd9Sstevel@tonic-gate 203*7c478bd9Sstevel@tonic-gate /* 204*7c478bd9Sstevel@tonic-gate * declaring this causes the files backend to use hashing 205*7c478bd9Sstevel@tonic-gate * this is of course an utter hack, but provides a nice 206*7c478bd9Sstevel@tonic-gate * quiet back door to enable this feature for only the nscd. 207*7c478bd9Sstevel@tonic-gate */ 208*7c478bd9Sstevel@tonic-gate void 209*7c478bd9Sstevel@tonic-gate __nss_use_files_hash(void) 210*7c478bd9Sstevel@tonic-gate { 211*7c478bd9Sstevel@tonic-gate 212*7c478bd9Sstevel@tonic-gate } 213*7c478bd9Sstevel@tonic-gate /* 214*7c478bd9Sstevel@tonic-gate * 215*7c478bd9Sstevel@tonic-gate * The allocation of resources for cache lookups is an interesting 216*7c478bd9Sstevel@tonic-gate * problem, and one that has caused several bugs in the beta release 217*7c478bd9Sstevel@tonic-gate * of 2.5. In particular, the introduction of a thottle to prevent 218*7c478bd9Sstevel@tonic-gate * the creation of excessive numbers of LWPs in the case of a failed 219*7c478bd9Sstevel@tonic-gate * name service has led to a denial of service problem when the 220*7c478bd9Sstevel@tonic-gate * name service request rate exceeds the name service's ability 221*7c478bd9Sstevel@tonic-gate * to respond. As a result, I'm implementing the following 222*7c478bd9Sstevel@tonic-gate * algorithm: 223*7c478bd9Sstevel@tonic-gate * 224*7c478bd9Sstevel@tonic-gate * 1) We cap the number of total threads. 225*7c478bd9Sstevel@tonic-gate * 2) We save CACHE_THREADS of those for cache lookups only. 226*7c478bd9Sstevel@tonic-gate * 3) We use a common pool of 2/3 of the remain threads that are used first 227*7c478bd9Sstevel@tonic-gate * 4) We save the remainder and allocate 1/3 of it for table specific lookups 228*7c478bd9Sstevel@tonic-gate * 229*7c478bd9Sstevel@tonic-gate * The intent is to prevent the failure of a single name service from 230*7c478bd9Sstevel@tonic-gate * causing denial of service, and to always have threads available for 231*7c478bd9Sstevel@tonic-gate * cached lookups. If a request comes in and the answer isn't in the 232*7c478bd9Sstevel@tonic-gate * cache and we cannot get a thread, we simply return NOSERVER, forcing 233*7c478bd9Sstevel@tonic-gate * the client to lookup the 234*7c478bd9Sstevel@tonic-gate * data itself. This will prevent the types of starvation seen 235*7c478bd9Sstevel@tonic-gate * at UNC due to a single threaded DNS backend, and allows the cache 236*7c478bd9Sstevel@tonic-gate * to eventually become filled. 237*7c478bd9Sstevel@tonic-gate * 238*7c478bd9Sstevel@tonic-gate */ 239*7c478bd9Sstevel@tonic-gate 240*7c478bd9Sstevel@tonic-gate /* 7 tables: passwd, group, hosts, ipnodes, exec_attr, prof_attr, user_attr */ 241*7c478bd9Sstevel@tonic-gate #define NSCD_TABLES 7 242*7c478bd9Sstevel@tonic-gate #define TABLE_THREADS 10 243*7c478bd9Sstevel@tonic-gate #define COMMON_THREADS 20 244*7c478bd9Sstevel@tonic-gate #define CACHE_MISS_THREADS (COMMON_THREADS + NSCD_TABLES * TABLE_THREADS) 245*7c478bd9Sstevel@tonic-gate #define CACHE_HIT_THREADS 20 246*7c478bd9Sstevel@tonic-gate #define MAX_SERVER_THREADS (CACHE_HIT_THREADS + CACHE_MISS_THREADS) 247*7c478bd9Sstevel@tonic-gate 248*7c478bd9Sstevel@tonic-gate static sema_t common_sema; 249*7c478bd9Sstevel@tonic-gate static sema_t passwd_sema; 250*7c478bd9Sstevel@tonic-gate static sema_t hosts_sema; 251*7c478bd9Sstevel@tonic-gate static sema_t nodes_sema; 252*7c478bd9Sstevel@tonic-gate static sema_t group_sema; 253*7c478bd9Sstevel@tonic-gate static sema_t exec_sema; 254*7c478bd9Sstevel@tonic-gate static sema_t prof_sema; 255*7c478bd9Sstevel@tonic-gate static sema_t user_sema; 256*7c478bd9Sstevel@tonic-gate static thread_key_t lookup_state_key; 257*7c478bd9Sstevel@tonic-gate 258*7c478bd9Sstevel@tonic-gate static void 259*7c478bd9Sstevel@tonic-gate initialize_lookup_clearance(void) 260*7c478bd9Sstevel@tonic-gate { 261*7c478bd9Sstevel@tonic-gate thr_keycreate(&lookup_state_key, NULL); 262*7c478bd9Sstevel@tonic-gate (void) sema_init(&common_sema, COMMON_THREADS, USYNC_THREAD, 0); 263*7c478bd9Sstevel@tonic-gate (void) sema_init(&passwd_sema, TABLE_THREADS, USYNC_THREAD, 0); 264*7c478bd9Sstevel@tonic-gate (void) sema_init(&hosts_sema, TABLE_THREADS, USYNC_THREAD, 0); 265*7c478bd9Sstevel@tonic-gate (void) sema_init(&nodes_sema, TABLE_THREADS, USYNC_THREAD, 0); 266*7c478bd9Sstevel@tonic-gate (void) sema_init(&group_sema, TABLE_THREADS, USYNC_THREAD, 0); 267*7c478bd9Sstevel@tonic-gate (void) sema_init(&exec_sema, TABLE_THREADS, USYNC_THREAD, 0); 268*7c478bd9Sstevel@tonic-gate (void) sema_init(&prof_sema, TABLE_THREADS, USYNC_THREAD, 0); 269*7c478bd9Sstevel@tonic-gate (void) sema_init(&user_sema, TABLE_THREADS, USYNC_THREAD, 0); 270*7c478bd9Sstevel@tonic-gate } 271*7c478bd9Sstevel@tonic-gate 272*7c478bd9Sstevel@tonic-gate int 273*7c478bd9Sstevel@tonic-gate get_clearance(int callnumber) 274*7c478bd9Sstevel@tonic-gate { 275*7c478bd9Sstevel@tonic-gate sema_t *table_sema = NULL; 276*7c478bd9Sstevel@tonic-gate char *tab; 277*7c478bd9Sstevel@tonic-gate 278*7c478bd9Sstevel@tonic-gate if (sema_trywait(&common_sema) == 0) { 279*7c478bd9Sstevel@tonic-gate thr_setspecific(lookup_state_key, NULL); 280*7c478bd9Sstevel@tonic-gate return (0); 281*7c478bd9Sstevel@tonic-gate } 282*7c478bd9Sstevel@tonic-gate 283*7c478bd9Sstevel@tonic-gate switch (MASKUPDATEBIT(callnumber)) { 284*7c478bd9Sstevel@tonic-gate 285*7c478bd9Sstevel@tonic-gate case GETPWUID: 286*7c478bd9Sstevel@tonic-gate case GETPWNAM: 287*7c478bd9Sstevel@tonic-gate tab = "passwd"; 288*7c478bd9Sstevel@tonic-gate table_sema = &passwd_sema; 289*7c478bd9Sstevel@tonic-gate break; 290*7c478bd9Sstevel@tonic-gate 291*7c478bd9Sstevel@tonic-gate case GETGRNAM: 292*7c478bd9Sstevel@tonic-gate case GETGRGID: 293*7c478bd9Sstevel@tonic-gate tab = "group"; 294*7c478bd9Sstevel@tonic-gate table_sema = &group_sema; 295*7c478bd9Sstevel@tonic-gate break; 296*7c478bd9Sstevel@tonic-gate 297*7c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 298*7c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 299*7c478bd9Sstevel@tonic-gate tab = "hosts"; 300*7c478bd9Sstevel@tonic-gate table_sema = &hosts_sema; 301*7c478bd9Sstevel@tonic-gate break; 302*7c478bd9Sstevel@tonic-gate 303*7c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 304*7c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 305*7c478bd9Sstevel@tonic-gate tab = "ipnodes"; 306*7c478bd9Sstevel@tonic-gate table_sema = &nodes_sema; 307*7c478bd9Sstevel@tonic-gate break; 308*7c478bd9Sstevel@tonic-gate case GETEXECID: 309*7c478bd9Sstevel@tonic-gate tab = "exec_attr"; 310*7c478bd9Sstevel@tonic-gate table_sema = &exec_sema; 311*7c478bd9Sstevel@tonic-gate break; 312*7c478bd9Sstevel@tonic-gate 313*7c478bd9Sstevel@tonic-gate case GETPROFNAM: 314*7c478bd9Sstevel@tonic-gate tab = "prof_attr"; 315*7c478bd9Sstevel@tonic-gate table_sema = &prof_sema; 316*7c478bd9Sstevel@tonic-gate break; 317*7c478bd9Sstevel@tonic-gate 318*7c478bd9Sstevel@tonic-gate case GETUSERNAM: 319*7c478bd9Sstevel@tonic-gate tab = "user_attr"; 320*7c478bd9Sstevel@tonic-gate table_sema = &user_sema; 321*7c478bd9Sstevel@tonic-gate break; 322*7c478bd9Sstevel@tonic-gate 323*7c478bd9Sstevel@tonic-gate } 324*7c478bd9Sstevel@tonic-gate 325*7c478bd9Sstevel@tonic-gate if (sema_trywait(table_sema) == 0) { 326*7c478bd9Sstevel@tonic-gate thr_setspecific(lookup_state_key, (void*)1); 327*7c478bd9Sstevel@tonic-gate return (0); 328*7c478bd9Sstevel@tonic-gate } 329*7c478bd9Sstevel@tonic-gate 330*7c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_CANT_FIND) { 331*7c478bd9Sstevel@tonic-gate logit("get_clearance: throttling load for %s table\n", tab); 332*7c478bd9Sstevel@tonic-gate } 333*7c478bd9Sstevel@tonic-gate return (-1); 334*7c478bd9Sstevel@tonic-gate } 335*7c478bd9Sstevel@tonic-gate 336*7c478bd9Sstevel@tonic-gate int 337*7c478bd9Sstevel@tonic-gate release_clearance(int callnumber) 338*7c478bd9Sstevel@tonic-gate { 339*7c478bd9Sstevel@tonic-gate int which; 340*7c478bd9Sstevel@tonic-gate 341*7c478bd9Sstevel@tonic-gate sema_t *table_sema = NULL; 342*7c478bd9Sstevel@tonic-gate 343*7c478bd9Sstevel@tonic-gate thr_getspecific(lookup_state_key, (void**)&which); 344*7c478bd9Sstevel@tonic-gate 345*7c478bd9Sstevel@tonic-gate if (which == 0) /* from common pool */ { 346*7c478bd9Sstevel@tonic-gate (void) sema_post(&common_sema); 347*7c478bd9Sstevel@tonic-gate return (0); 348*7c478bd9Sstevel@tonic-gate } 349*7c478bd9Sstevel@tonic-gate 350*7c478bd9Sstevel@tonic-gate switch (MASKUPDATEBIT(callnumber)) { 351*7c478bd9Sstevel@tonic-gate 352*7c478bd9Sstevel@tonic-gate case GETPWUID: 353*7c478bd9Sstevel@tonic-gate case GETPWNAM: 354*7c478bd9Sstevel@tonic-gate table_sema = &passwd_sema; 355*7c478bd9Sstevel@tonic-gate break; 356*7c478bd9Sstevel@tonic-gate 357*7c478bd9Sstevel@tonic-gate case GETGRNAM: 358*7c478bd9Sstevel@tonic-gate case GETGRGID: 359*7c478bd9Sstevel@tonic-gate table_sema = &group_sema; 360*7c478bd9Sstevel@tonic-gate break; 361*7c478bd9Sstevel@tonic-gate 362*7c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 363*7c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 364*7c478bd9Sstevel@tonic-gate table_sema = &hosts_sema; 365*7c478bd9Sstevel@tonic-gate break; 366*7c478bd9Sstevel@tonic-gate 367*7c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 368*7c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 369*7c478bd9Sstevel@tonic-gate table_sema = &nodes_sema; 370*7c478bd9Sstevel@tonic-gate break; 371*7c478bd9Sstevel@tonic-gate 372*7c478bd9Sstevel@tonic-gate case GETEXECID: 373*7c478bd9Sstevel@tonic-gate table_sema = &exec_sema; 374*7c478bd9Sstevel@tonic-gate break; 375*7c478bd9Sstevel@tonic-gate 376*7c478bd9Sstevel@tonic-gate case GETPROFNAM: 377*7c478bd9Sstevel@tonic-gate table_sema = &prof_sema; 378*7c478bd9Sstevel@tonic-gate break; 379*7c478bd9Sstevel@tonic-gate 380*7c478bd9Sstevel@tonic-gate case GETUSERNAM: 381*7c478bd9Sstevel@tonic-gate table_sema = &user_sema; 382*7c478bd9Sstevel@tonic-gate break; 383*7c478bd9Sstevel@tonic-gate } 384*7c478bd9Sstevel@tonic-gate 385*7c478bd9Sstevel@tonic-gate (void) sema_post(table_sema); 386*7c478bd9Sstevel@tonic-gate return (0); 387*7c478bd9Sstevel@tonic-gate } 388*7c478bd9Sstevel@tonic-gate 389*7c478bd9Sstevel@tonic-gate 390*7c478bd9Sstevel@tonic-gate static mutex_t create_lock; 391*7c478bd9Sstevel@tonic-gate static int nscd_max_servers = MAX_SERVER_THREADS; 392*7c478bd9Sstevel@tonic-gate static int num_servers = 0; 393*7c478bd9Sstevel@tonic-gate static thread_key_t server_key; 394*7c478bd9Sstevel@tonic-gate 395*7c478bd9Sstevel@tonic-gate /* 396*7c478bd9Sstevel@tonic-gate * Bind a TSD value to a server thread. This enables the destructor to 397*7c478bd9Sstevel@tonic-gate * be called if/when this thread exits. This would be a programming error, 398*7c478bd9Sstevel@tonic-gate * but better safe than sorry. 399*7c478bd9Sstevel@tonic-gate */ 400*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 401*7c478bd9Sstevel@tonic-gate static void * 402*7c478bd9Sstevel@tonic-gate server_tsd_bind(void *arg) 403*7c478bd9Sstevel@tonic-gate { 404*7c478bd9Sstevel@tonic-gate static void *value = 0; 405*7c478bd9Sstevel@tonic-gate 406*7c478bd9Sstevel@tonic-gate /* disable cancellation to avoid hangs if server threads disappear */ 407*7c478bd9Sstevel@tonic-gate pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); 408*7c478bd9Sstevel@tonic-gate thr_setspecific(server_key, value); 409*7c478bd9Sstevel@tonic-gate door_return(NULL, 0, NULL, 0); 410*7c478bd9Sstevel@tonic-gate 411*7c478bd9Sstevel@tonic-gate /* make lint happy */ 412*7c478bd9Sstevel@tonic-gate return (NULL); 413*7c478bd9Sstevel@tonic-gate } 414*7c478bd9Sstevel@tonic-gate 415*7c478bd9Sstevel@tonic-gate /* 416*7c478bd9Sstevel@tonic-gate * Server threads are created here. 417*7c478bd9Sstevel@tonic-gate */ 418*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 419*7c478bd9Sstevel@tonic-gate static void 420*7c478bd9Sstevel@tonic-gate server_create(door_info_t *dip) 421*7c478bd9Sstevel@tonic-gate { 422*7c478bd9Sstevel@tonic-gate (void) mutex_lock(&create_lock); 423*7c478bd9Sstevel@tonic-gate if (++num_servers > nscd_max_servers) { 424*7c478bd9Sstevel@tonic-gate num_servers--; 425*7c478bd9Sstevel@tonic-gate (void) mutex_unlock(&create_lock); 426*7c478bd9Sstevel@tonic-gate return; 427*7c478bd9Sstevel@tonic-gate } 428*7c478bd9Sstevel@tonic-gate (void) mutex_unlock(&create_lock); 429*7c478bd9Sstevel@tonic-gate thr_create(NULL, 0, server_tsd_bind, NULL, THR_BOUND|THR_DETACHED, 430*7c478bd9Sstevel@tonic-gate NULL); 431*7c478bd9Sstevel@tonic-gate } 432*7c478bd9Sstevel@tonic-gate 433*7c478bd9Sstevel@tonic-gate /* 434*7c478bd9Sstevel@tonic-gate * Server thread are destroyed here 435*7c478bd9Sstevel@tonic-gate */ 436*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 437*7c478bd9Sstevel@tonic-gate static void 438*7c478bd9Sstevel@tonic-gate server_destroy(void *arg) 439*7c478bd9Sstevel@tonic-gate { 440*7c478bd9Sstevel@tonic-gate (void) mutex_lock(&create_lock); 441*7c478bd9Sstevel@tonic-gate num_servers--; 442*7c478bd9Sstevel@tonic-gate (void) mutex_unlock(&create_lock); 443*7c478bd9Sstevel@tonic-gate } 444*7c478bd9Sstevel@tonic-gate 445*7c478bd9Sstevel@tonic-gate static char **saved_argv; 446*7c478bd9Sstevel@tonic-gate static char saved_execname[MAXPATHLEN]; 447*7c478bd9Sstevel@tonic-gate 448*7c478bd9Sstevel@tonic-gate static void 449*7c478bd9Sstevel@tonic-gate save_execname() 450*7c478bd9Sstevel@tonic-gate { 451*7c478bd9Sstevel@tonic-gate const char *name = getexecname(); 452*7c478bd9Sstevel@tonic-gate 453*7c478bd9Sstevel@tonic-gate saved_execname[0] = 0; 454*7c478bd9Sstevel@tonic-gate 455*7c478bd9Sstevel@tonic-gate if (name[0] != '/') { /* started w/ relative path */ 456*7c478bd9Sstevel@tonic-gate (void) getcwd(saved_execname, MAXPATHLEN); 457*7c478bd9Sstevel@tonic-gate strlcat(saved_execname, "/", MAXPATHLEN); 458*7c478bd9Sstevel@tonic-gate } 459*7c478bd9Sstevel@tonic-gate strlcat(saved_execname, name, MAXPATHLEN); 460*7c478bd9Sstevel@tonic-gate } 461*7c478bd9Sstevel@tonic-gate 462*7c478bd9Sstevel@tonic-gate void 463*7c478bd9Sstevel@tonic-gate main(int argc, char ** argv) 464*7c478bd9Sstevel@tonic-gate { 465*7c478bd9Sstevel@tonic-gate int did; 466*7c478bd9Sstevel@tonic-gate int opt; 467*7c478bd9Sstevel@tonic-gate int errflg = 0; 468*7c478bd9Sstevel@tonic-gate int showstats = 0; 469*7c478bd9Sstevel@tonic-gate int doset = 0; 470*7c478bd9Sstevel@tonic-gate int loaded_config_file = 0; 471*7c478bd9Sstevel@tonic-gate struct stat buf; 472*7c478bd9Sstevel@tonic-gate sigset_t myset; 473*7c478bd9Sstevel@tonic-gate struct sigaction action; 474*7c478bd9Sstevel@tonic-gate 475*7c478bd9Sstevel@tonic-gate /* 476*7c478bd9Sstevel@tonic-gate * Special case non-root user here - he can just print stats 477*7c478bd9Sstevel@tonic-gate */ 478*7c478bd9Sstevel@tonic-gate 479*7c478bd9Sstevel@tonic-gate if (geteuid()) { 480*7c478bd9Sstevel@tonic-gate if (argc != 2 || strcmp(argv[1], "-g")) { 481*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 482*7c478bd9Sstevel@tonic-gate "Must be root to use any option other than "\ 483*7c478bd9Sstevel@tonic-gate "-g.\n\n"); 484*7c478bd9Sstevel@tonic-gate usage(argv[0]); 485*7c478bd9Sstevel@tonic-gate } 486*7c478bd9Sstevel@tonic-gate 487*7c478bd9Sstevel@tonic-gate if ((nsc_ping() != SUCCESS) || 488*7c478bd9Sstevel@tonic-gate (client_getadmin(¤t_admin) != 0)) { 489*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 490*7c478bd9Sstevel@tonic-gate "%s doesn't appear to be running.\n", argv[0]); 491*7c478bd9Sstevel@tonic-gate exit(1); 492*7c478bd9Sstevel@tonic-gate } 493*7c478bd9Sstevel@tonic-gate client_showstats(¤t_admin); 494*7c478bd9Sstevel@tonic-gate exit(0); 495*7c478bd9Sstevel@tonic-gate } 496*7c478bd9Sstevel@tonic-gate 497*7c478bd9Sstevel@tonic-gate 498*7c478bd9Sstevel@tonic-gate 499*7c478bd9Sstevel@tonic-gate /* 500*7c478bd9Sstevel@tonic-gate * Determine if there is already a daemon running 501*7c478bd9Sstevel@tonic-gate */ 502*7c478bd9Sstevel@tonic-gate 503*7c478bd9Sstevel@tonic-gate will_become_server = (nsc_ping() != SUCCESS); 504*7c478bd9Sstevel@tonic-gate 505*7c478bd9Sstevel@tonic-gate /* 506*7c478bd9Sstevel@tonic-gate * process usual options 507*7c478bd9Sstevel@tonic-gate */ 508*7c478bd9Sstevel@tonic-gate 509*7c478bd9Sstevel@tonic-gate /* 510*7c478bd9Sstevel@tonic-gate * load normal config file 511*7c478bd9Sstevel@tonic-gate */ 512*7c478bd9Sstevel@tonic-gate 513*7c478bd9Sstevel@tonic-gate if (will_become_server) { 514*7c478bd9Sstevel@tonic-gate static const nsc_stat_t defaults = { 515*7c478bd9Sstevel@tonic-gate 0, /* stats */ 516*7c478bd9Sstevel@tonic-gate 0, /* stats */ 517*7c478bd9Sstevel@tonic-gate 0, /* stats */ 518*7c478bd9Sstevel@tonic-gate 0, /* stats */ 519*7c478bd9Sstevel@tonic-gate 0, /* stats */ 520*7c478bd9Sstevel@tonic-gate 0, /* stats */ 521*7c478bd9Sstevel@tonic-gate 0, /* stats */ 522*7c478bd9Sstevel@tonic-gate 211, /* suggested size */ 523*7c478bd9Sstevel@tonic-gate 1, /* enabled */ 524*7c478bd9Sstevel@tonic-gate 0, /* invalidate cmd */ 525*7c478bd9Sstevel@tonic-gate 600, /* positive ttl */ 526*7c478bd9Sstevel@tonic-gate 10, /* netative ttl */ 527*7c478bd9Sstevel@tonic-gate 20, /* keep hot */ 528*7c478bd9Sstevel@tonic-gate 0, /* old data not ok */ 529*7c478bd9Sstevel@tonic-gate 1 }; /* check files */ 530*7c478bd9Sstevel@tonic-gate 531*7c478bd9Sstevel@tonic-gate current_admin.passwd = defaults; 532*7c478bd9Sstevel@tonic-gate current_admin.group = defaults; 533*7c478bd9Sstevel@tonic-gate current_admin.host = defaults; 534*7c478bd9Sstevel@tonic-gate current_admin.node = defaults; 535*7c478bd9Sstevel@tonic-gate current_admin.exec = defaults; 536*7c478bd9Sstevel@tonic-gate current_admin.prof = defaults; 537*7c478bd9Sstevel@tonic-gate current_admin.user = defaults; 538*7c478bd9Sstevel@tonic-gate 539*7c478bd9Sstevel@tonic-gate current_admin.logfile[0] = '\0'; 540*7c478bd9Sstevel@tonic-gate 541*7c478bd9Sstevel@tonic-gate if (access("/etc/nscd.conf", R_OK) == 0) { 542*7c478bd9Sstevel@tonic-gate if (nscd_parse(argv[0], "/etc/nscd.conf") < 0) { 543*7c478bd9Sstevel@tonic-gate exit(1); 544*7c478bd9Sstevel@tonic-gate } 545*7c478bd9Sstevel@tonic-gate loaded_config_file++; 546*7c478bd9Sstevel@tonic-gate } 547*7c478bd9Sstevel@tonic-gate } 548*7c478bd9Sstevel@tonic-gate 549*7c478bd9Sstevel@tonic-gate else { 550*7c478bd9Sstevel@tonic-gate if (client_getadmin(¤t_admin)) { 551*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 552*7c478bd9Sstevel@tonic-gate "Cannot contact nscd properly(?)\n"); 553*7c478bd9Sstevel@tonic-gate exit(1); 554*7c478bd9Sstevel@tonic-gate } 555*7c478bd9Sstevel@tonic-gate 556*7c478bd9Sstevel@tonic-gate current_admin.logfile[0] = '\0'; 557*7c478bd9Sstevel@tonic-gate } 558*7c478bd9Sstevel@tonic-gate 559*7c478bd9Sstevel@tonic-gate while ((opt = getopt(argc, argv, 560*7c478bd9Sstevel@tonic-gate "S:Kf:c:ge:p:n:i:l:d:s:h:o:")) != EOF) { 561*7c478bd9Sstevel@tonic-gate nsc_stat_t *cache; 562*7c478bd9Sstevel@tonic-gate char *cacheopt; 563*7c478bd9Sstevel@tonic-gate 564*7c478bd9Sstevel@tonic-gate switch (opt) { 565*7c478bd9Sstevel@tonic-gate 566*7c478bd9Sstevel@tonic-gate case 'S': /* undocumented feature */ 567*7c478bd9Sstevel@tonic-gate doset++; 568*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 569*7c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 570*7c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 571*7c478bd9Sstevel@tonic-gate errflg++; 572*7c478bd9Sstevel@tonic-gate break; 573*7c478bd9Sstevel@tonic-gate } 574*7c478bd9Sstevel@tonic-gate if (strcmp(cacheopt, "yes") == 0) 575*7c478bd9Sstevel@tonic-gate cache->nsc_secure_mode = 1; 576*7c478bd9Sstevel@tonic-gate else if (strcmp(cacheopt, "no") == 0) 577*7c478bd9Sstevel@tonic-gate cache->nsc_secure_mode = 0; 578*7c478bd9Sstevel@tonic-gate else 579*7c478bd9Sstevel@tonic-gate errflg++; 580*7c478bd9Sstevel@tonic-gate break; 581*7c478bd9Sstevel@tonic-gate 582*7c478bd9Sstevel@tonic-gate case 'K': /* undocumented feature */ 583*7c478bd9Sstevel@tonic-gate client_killserver(); 584*7c478bd9Sstevel@tonic-gate exit(0); 585*7c478bd9Sstevel@tonic-gate break; 586*7c478bd9Sstevel@tonic-gate 587*7c478bd9Sstevel@tonic-gate case 'f': 588*7c478bd9Sstevel@tonic-gate doset++; 589*7c478bd9Sstevel@tonic-gate loaded_config_file++; 590*7c478bd9Sstevel@tonic-gate if (nscd_parse(argv[0], optarg) < 0) { 591*7c478bd9Sstevel@tonic-gate exit(1); 592*7c478bd9Sstevel@tonic-gate } 593*7c478bd9Sstevel@tonic-gate break; 594*7c478bd9Sstevel@tonic-gate 595*7c478bd9Sstevel@tonic-gate case 'g': 596*7c478bd9Sstevel@tonic-gate showstats++; 597*7c478bd9Sstevel@tonic-gate break; 598*7c478bd9Sstevel@tonic-gate 599*7c478bd9Sstevel@tonic-gate case 'p': 600*7c478bd9Sstevel@tonic-gate doset++; 601*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 602*7c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 603*7c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 604*7c478bd9Sstevel@tonic-gate errflg++; 605*7c478bd9Sstevel@tonic-gate break; 606*7c478bd9Sstevel@tonic-gate } 607*7c478bd9Sstevel@tonic-gate cache->nsc_pos_ttl = atoi(cacheopt); 608*7c478bd9Sstevel@tonic-gate break; 609*7c478bd9Sstevel@tonic-gate 610*7c478bd9Sstevel@tonic-gate case 'n': 611*7c478bd9Sstevel@tonic-gate doset++; 612*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 613*7c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 614*7c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 615*7c478bd9Sstevel@tonic-gate errflg++; 616*7c478bd9Sstevel@tonic-gate break; 617*7c478bd9Sstevel@tonic-gate } 618*7c478bd9Sstevel@tonic-gate cache->nsc_neg_ttl = atoi(cacheopt); 619*7c478bd9Sstevel@tonic-gate break; 620*7c478bd9Sstevel@tonic-gate 621*7c478bd9Sstevel@tonic-gate case 'c': 622*7c478bd9Sstevel@tonic-gate doset++; 623*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 624*7c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 625*7c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 626*7c478bd9Sstevel@tonic-gate errflg++; 627*7c478bd9Sstevel@tonic-gate break; 628*7c478bd9Sstevel@tonic-gate } 629*7c478bd9Sstevel@tonic-gate 630*7c478bd9Sstevel@tonic-gate if (strcmp(cacheopt, "yes") == 0) 631*7c478bd9Sstevel@tonic-gate cache->nsc_check_files = 1; 632*7c478bd9Sstevel@tonic-gate else if (strcmp(cacheopt, "no") == 0) 633*7c478bd9Sstevel@tonic-gate cache->nsc_check_files = 0; 634*7c478bd9Sstevel@tonic-gate else 635*7c478bd9Sstevel@tonic-gate errflg++; 636*7c478bd9Sstevel@tonic-gate break; 637*7c478bd9Sstevel@tonic-gate 638*7c478bd9Sstevel@tonic-gate 639*7c478bd9Sstevel@tonic-gate case 'i': 640*7c478bd9Sstevel@tonic-gate doset++; 641*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 642*7c478bd9Sstevel@tonic-gate if (!cache) { 643*7c478bd9Sstevel@tonic-gate errflg++; 644*7c478bd9Sstevel@tonic-gate break; 645*7c478bd9Sstevel@tonic-gate } 646*7c478bd9Sstevel@tonic-gate cache->nsc_invalidate = 1; 647*7c478bd9Sstevel@tonic-gate break; 648*7c478bd9Sstevel@tonic-gate 649*7c478bd9Sstevel@tonic-gate case 'l': 650*7c478bd9Sstevel@tonic-gate doset++; 651*7c478bd9Sstevel@tonic-gate (void) strlcpy(current_admin.logfile, optarg, 128); 652*7c478bd9Sstevel@tonic-gate break; 653*7c478bd9Sstevel@tonic-gate 654*7c478bd9Sstevel@tonic-gate case 'd': 655*7c478bd9Sstevel@tonic-gate 656*7c478bd9Sstevel@tonic-gate doset++; 657*7c478bd9Sstevel@tonic-gate current_admin.debug_level = atoi(optarg); 658*7c478bd9Sstevel@tonic-gate break; 659*7c478bd9Sstevel@tonic-gate 660*7c478bd9Sstevel@tonic-gate case 's': 661*7c478bd9Sstevel@tonic-gate doset++; 662*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 663*7c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 664*7c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 665*7c478bd9Sstevel@tonic-gate errflg++; 666*7c478bd9Sstevel@tonic-gate break; 667*7c478bd9Sstevel@tonic-gate } 668*7c478bd9Sstevel@tonic-gate 669*7c478bd9Sstevel@tonic-gate cache->nsc_suggestedsize = atoi(cacheopt); 670*7c478bd9Sstevel@tonic-gate 671*7c478bd9Sstevel@tonic-gate break; 672*7c478bd9Sstevel@tonic-gate 673*7c478bd9Sstevel@tonic-gate case 'h': 674*7c478bd9Sstevel@tonic-gate doset++; 675*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 676*7c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 677*7c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 678*7c478bd9Sstevel@tonic-gate errflg++; 679*7c478bd9Sstevel@tonic-gate break; 680*7c478bd9Sstevel@tonic-gate } 681*7c478bd9Sstevel@tonic-gate cache->nsc_keephot = atoi(cacheopt); 682*7c478bd9Sstevel@tonic-gate break; 683*7c478bd9Sstevel@tonic-gate 684*7c478bd9Sstevel@tonic-gate case 'o': 685*7c478bd9Sstevel@tonic-gate doset++; 686*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 687*7c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 688*7c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 689*7c478bd9Sstevel@tonic-gate errflg++; 690*7c478bd9Sstevel@tonic-gate break; 691*7c478bd9Sstevel@tonic-gate } 692*7c478bd9Sstevel@tonic-gate if (strcmp(cacheopt, "yes") == 0) 693*7c478bd9Sstevel@tonic-gate cache->nsc_old_data_ok = 1; 694*7c478bd9Sstevel@tonic-gate else if (strcmp(cacheopt, "no") == 0) 695*7c478bd9Sstevel@tonic-gate cache->nsc_old_data_ok = 0; 696*7c478bd9Sstevel@tonic-gate else 697*7c478bd9Sstevel@tonic-gate errflg++; 698*7c478bd9Sstevel@tonic-gate break; 699*7c478bd9Sstevel@tonic-gate 700*7c478bd9Sstevel@tonic-gate case 'e': 701*7c478bd9Sstevel@tonic-gate doset++; 702*7c478bd9Sstevel@tonic-gate cache = getcacheptr(optarg); 703*7c478bd9Sstevel@tonic-gate cacheopt = getcacheopt(optarg); 704*7c478bd9Sstevel@tonic-gate if (!cache || !cacheopt) { 705*7c478bd9Sstevel@tonic-gate errflg++; 706*7c478bd9Sstevel@tonic-gate break; 707*7c478bd9Sstevel@tonic-gate } 708*7c478bd9Sstevel@tonic-gate if (strcmp(cacheopt, "yes") == 0) 709*7c478bd9Sstevel@tonic-gate cache->nsc_enabled = 1; 710*7c478bd9Sstevel@tonic-gate else if (strcmp(cacheopt, "no") == 0) 711*7c478bd9Sstevel@tonic-gate cache->nsc_enabled = 0; 712*7c478bd9Sstevel@tonic-gate else 713*7c478bd9Sstevel@tonic-gate errflg++; 714*7c478bd9Sstevel@tonic-gate break; 715*7c478bd9Sstevel@tonic-gate 716*7c478bd9Sstevel@tonic-gate default: 717*7c478bd9Sstevel@tonic-gate errflg++; 718*7c478bd9Sstevel@tonic-gate break; 719*7c478bd9Sstevel@tonic-gate } 720*7c478bd9Sstevel@tonic-gate 721*7c478bd9Sstevel@tonic-gate } 722*7c478bd9Sstevel@tonic-gate 723*7c478bd9Sstevel@tonic-gate if (errflg) 724*7c478bd9Sstevel@tonic-gate usage(argv[0]); 725*7c478bd9Sstevel@tonic-gate 726*7c478bd9Sstevel@tonic-gate if (!will_become_server) { 727*7c478bd9Sstevel@tonic-gate 728*7c478bd9Sstevel@tonic-gate if (showstats) { 729*7c478bd9Sstevel@tonic-gate client_showstats(¤t_admin); 730*7c478bd9Sstevel@tonic-gate } 731*7c478bd9Sstevel@tonic-gate 732*7c478bd9Sstevel@tonic-gate if (doset) { 733*7c478bd9Sstevel@tonic-gate if (client_setadmin(¤t_admin) < 0) { 734*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 735*7c478bd9Sstevel@tonic-gate "Error during admin call\n"); 736*7c478bd9Sstevel@tonic-gate exit(1); 737*7c478bd9Sstevel@tonic-gate } 738*7c478bd9Sstevel@tonic-gate } 739*7c478bd9Sstevel@tonic-gate if (!showstats && !doset) { 740*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 741*7c478bd9Sstevel@tonic-gate "%s already running.... no admin specified\n", 742*7c478bd9Sstevel@tonic-gate argv[0]); 743*7c478bd9Sstevel@tonic-gate } 744*7c478bd9Sstevel@tonic-gate exit(0); 745*7c478bd9Sstevel@tonic-gate } 746*7c478bd9Sstevel@tonic-gate 747*7c478bd9Sstevel@tonic-gate /* 748*7c478bd9Sstevel@tonic-gate * daemon from here ou 749*7c478bd9Sstevel@tonic-gate */ 750*7c478bd9Sstevel@tonic-gate 751*7c478bd9Sstevel@tonic-gate if (!loaded_config_file) { 752*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 753*7c478bd9Sstevel@tonic-gate "No configuration file specifed and /etc/nscd.conf" \ 754*7c478bd9Sstevel@tonic-gate "not present\n"); 755*7c478bd9Sstevel@tonic-gate exit(1); 756*7c478bd9Sstevel@tonic-gate } 757*7c478bd9Sstevel@tonic-gate 758*7c478bd9Sstevel@tonic-gate saved_argv = argv; 759*7c478bd9Sstevel@tonic-gate save_execname(); 760*7c478bd9Sstevel@tonic-gate 761*7c478bd9Sstevel@tonic-gate if (current_admin.debug_level) { 762*7c478bd9Sstevel@tonic-gate /* we're debugging... */ 763*7c478bd9Sstevel@tonic-gate if (strlen(current_admin.logfile) == 0) 764*7c478bd9Sstevel@tonic-gate /* no specified log file */ 765*7c478bd9Sstevel@tonic-gate (void) strcpy(current_admin.logfile, "stderr"); 766*7c478bd9Sstevel@tonic-gate else 767*7c478bd9Sstevel@tonic-gate (void) nscd_set_lf(¤t_admin, 768*7c478bd9Sstevel@tonic-gate current_admin.logfile); 769*7c478bd9Sstevel@tonic-gate } else { 770*7c478bd9Sstevel@tonic-gate if (strlen(current_admin.logfile) == 0) 771*7c478bd9Sstevel@tonic-gate (void) strcpy(current_admin.logfile, "/dev/null"); 772*7c478bd9Sstevel@tonic-gate (void) nscd_set_lf(¤t_admin, current_admin.logfile); 773*7c478bd9Sstevel@tonic-gate detachfromtty(); 774*7c478bd9Sstevel@tonic-gate } 775*7c478bd9Sstevel@tonic-gate 776*7c478bd9Sstevel@tonic-gate /* perform some initialization */ 777*7c478bd9Sstevel@tonic-gate initialize_lookup_clearance(); 778*7c478bd9Sstevel@tonic-gate keep_open_dns_socket(); 779*7c478bd9Sstevel@tonic-gate getpw_init(); 780*7c478bd9Sstevel@tonic-gate getgr_init(); 781*7c478bd9Sstevel@tonic-gate gethost_init(); 782*7c478bd9Sstevel@tonic-gate getnode_init(); 783*7c478bd9Sstevel@tonic-gate getexec_init(); 784*7c478bd9Sstevel@tonic-gate getprof_init(); 785*7c478bd9Sstevel@tonic-gate getuser_init(); 786*7c478bd9Sstevel@tonic-gate 787*7c478bd9Sstevel@tonic-gate /* Establish our own server thread pool */ 788*7c478bd9Sstevel@tonic-gate 789*7c478bd9Sstevel@tonic-gate door_server_create(server_create); 790*7c478bd9Sstevel@tonic-gate if (thr_keycreate(&server_key, server_destroy) != 0) { 791*7c478bd9Sstevel@tonic-gate perror("thr_keycreate"); 792*7c478bd9Sstevel@tonic-gate exit(-1); 793*7c478bd9Sstevel@tonic-gate } 794*7c478bd9Sstevel@tonic-gate 795*7c478bd9Sstevel@tonic-gate /* Create a door */ 796*7c478bd9Sstevel@tonic-gate 797*7c478bd9Sstevel@tonic-gate if ((did = door_create(switcher, NAME_SERVICE_DOOR_COOKIE, 798*7c478bd9Sstevel@tonic-gate DOOR_UNREF | DOOR_REFUSE_DESC | DOOR_NO_CANCEL)) < 0) { 799*7c478bd9Sstevel@tonic-gate perror("door_create"); 800*7c478bd9Sstevel@tonic-gate exit(-1); 801*7c478bd9Sstevel@tonic-gate } 802*7c478bd9Sstevel@tonic-gate 803*7c478bd9Sstevel@tonic-gate /* bind to file system */ 804*7c478bd9Sstevel@tonic-gate 805*7c478bd9Sstevel@tonic-gate if (stat(NAME_SERVICE_DOOR, &buf) < 0) { 806*7c478bd9Sstevel@tonic-gate int newfd; 807*7c478bd9Sstevel@tonic-gate if ((newfd = creat(NAME_SERVICE_DOOR, 0444)) < 0) { 808*7c478bd9Sstevel@tonic-gate logit("Cannot create %s:%s\n", 809*7c478bd9Sstevel@tonic-gate NAME_SERVICE_DOOR, 810*7c478bd9Sstevel@tonic-gate strerror(errno)); 811*7c478bd9Sstevel@tonic-gate exit(1); 812*7c478bd9Sstevel@tonic-gate } 813*7c478bd9Sstevel@tonic-gate (void) close(newfd); 814*7c478bd9Sstevel@tonic-gate } 815*7c478bd9Sstevel@tonic-gate 816*7c478bd9Sstevel@tonic-gate if (fattach(did, NAME_SERVICE_DOOR) < 0) { 817*7c478bd9Sstevel@tonic-gate if ((errno != EBUSY) || 818*7c478bd9Sstevel@tonic-gate (fdetach(NAME_SERVICE_DOOR) < 0) || 819*7c478bd9Sstevel@tonic-gate (fattach(did, NAME_SERVICE_DOOR) < 0)) { 820*7c478bd9Sstevel@tonic-gate perror("door_attach"); 821*7c478bd9Sstevel@tonic-gate exit(2); 822*7c478bd9Sstevel@tonic-gate } 823*7c478bd9Sstevel@tonic-gate } 824*7c478bd9Sstevel@tonic-gate 825*7c478bd9Sstevel@tonic-gate action.sa_handler = dozip; 826*7c478bd9Sstevel@tonic-gate action.sa_flags = 0; 827*7c478bd9Sstevel@tonic-gate (void) sigemptyset(&action.sa_mask); 828*7c478bd9Sstevel@tonic-gate (void) sigemptyset(&myset); 829*7c478bd9Sstevel@tonic-gate (void) sigaddset(&myset, SIGHUP); 830*7c478bd9Sstevel@tonic-gate 831*7c478bd9Sstevel@tonic-gate if (sigaction(SIGHUP, &action, NULL) < 0) { 832*7c478bd9Sstevel@tonic-gate perror("sigaction"); 833*7c478bd9Sstevel@tonic-gate exit(1); 834*7c478bd9Sstevel@tonic-gate } 835*7c478bd9Sstevel@tonic-gate 836*7c478bd9Sstevel@tonic-gate if (thr_sigsetmask(SIG_BLOCK, &myset, NULL) < 0) { 837*7c478bd9Sstevel@tonic-gate perror("thr_sigsetmask"); 838*7c478bd9Sstevel@tonic-gate exit(1); 839*7c478bd9Sstevel@tonic-gate } 840*7c478bd9Sstevel@tonic-gate 841*7c478bd9Sstevel@tonic-gate 842*7c478bd9Sstevel@tonic-gate /* 843*7c478bd9Sstevel@tonic-gate * kick off revalidate threads 844*7c478bd9Sstevel@tonic-gate */ 845*7c478bd9Sstevel@tonic-gate 846*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 847*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getpw_revalidate, 0, 0, NULL) != 0) { 848*7c478bd9Sstevel@tonic-gate perror("thr_create"); 849*7c478bd9Sstevel@tonic-gate exit(1); 850*7c478bd9Sstevel@tonic-gate } 851*7c478bd9Sstevel@tonic-gate 852*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 853*7c478bd9Sstevel@tonic-gate (void *(*)(void *))gethost_revalidate, 0, 0, NULL) != 0) { 854*7c478bd9Sstevel@tonic-gate perror("thr_create"); 855*7c478bd9Sstevel@tonic-gate exit(1); 856*7c478bd9Sstevel@tonic-gate } 857*7c478bd9Sstevel@tonic-gate 858*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 859*7c478bd9Sstevel@tonic-gate (void *(*)(void*))getnode_revalidate, 0, 0, NULL) != 0) { 860*7c478bd9Sstevel@tonic-gate perror("thr_create"); 861*7c478bd9Sstevel@tonic-gate exit(1); 862*7c478bd9Sstevel@tonic-gate } 863*7c478bd9Sstevel@tonic-gate 864*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 865*7c478bd9Sstevel@tonic-gate (void *(*)(void*))getgr_revalidate, 0, 0, NULL) != 0) { 866*7c478bd9Sstevel@tonic-gate perror("thr_create"); 867*7c478bd9Sstevel@tonic-gate exit(1); 868*7c478bd9Sstevel@tonic-gate } 869*7c478bd9Sstevel@tonic-gate 870*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 871*7c478bd9Sstevel@tonic-gate (void *(*)(void*))getexec_revalidate, 0, 0, NULL) != 0) { 872*7c478bd9Sstevel@tonic-gate perror("thr_create"); 873*7c478bd9Sstevel@tonic-gate exit(1); 874*7c478bd9Sstevel@tonic-gate } 875*7c478bd9Sstevel@tonic-gate 876*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 877*7c478bd9Sstevel@tonic-gate (void *(*)(void*))getprof_revalidate, 0, 0, NULL) != 0) { 878*7c478bd9Sstevel@tonic-gate perror("thr_create"); 879*7c478bd9Sstevel@tonic-gate exit(1); 880*7c478bd9Sstevel@tonic-gate } 881*7c478bd9Sstevel@tonic-gate 882*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 883*7c478bd9Sstevel@tonic-gate (void *(*)(void*))getuser_revalidate, 0, 0, NULL) != 0) { 884*7c478bd9Sstevel@tonic-gate perror("thr_create"); 885*7c478bd9Sstevel@tonic-gate exit(1); 886*7c478bd9Sstevel@tonic-gate } 887*7c478bd9Sstevel@tonic-gate 888*7c478bd9Sstevel@tonic-gate /* 889*7c478bd9Sstevel@tonic-gate * kick off reaper threads 890*7c478bd9Sstevel@tonic-gate */ 891*7c478bd9Sstevel@tonic-gate 892*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 893*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getpw_uid_reaper, 0, 0, NULL) != 0) { 894*7c478bd9Sstevel@tonic-gate perror("thr_create"); 895*7c478bd9Sstevel@tonic-gate exit(1); 896*7c478bd9Sstevel@tonic-gate } 897*7c478bd9Sstevel@tonic-gate 898*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 899*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getpw_nam_reaper, 0, 0, NULL) != 0) { 900*7c478bd9Sstevel@tonic-gate perror("thr_create"); 901*7c478bd9Sstevel@tonic-gate exit(1); 902*7c478bd9Sstevel@tonic-gate } 903*7c478bd9Sstevel@tonic-gate 904*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 905*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getgr_uid_reaper, 0, 0, NULL) != 0) { 906*7c478bd9Sstevel@tonic-gate perror("thr_create"); 907*7c478bd9Sstevel@tonic-gate exit(1); 908*7c478bd9Sstevel@tonic-gate } 909*7c478bd9Sstevel@tonic-gate 910*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 911*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getgr_nam_reaper, 0, 0, NULL) != 0) { 912*7c478bd9Sstevel@tonic-gate perror("thr_create"); 913*7c478bd9Sstevel@tonic-gate exit(1); 914*7c478bd9Sstevel@tonic-gate } 915*7c478bd9Sstevel@tonic-gate 916*7c478bd9Sstevel@tonic-gate 917*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 918*7c478bd9Sstevel@tonic-gate (void *(*)(void *))gethost_nam_reaper, 0, 0, NULL) != 0) { 919*7c478bd9Sstevel@tonic-gate perror("thr_create"); 920*7c478bd9Sstevel@tonic-gate exit(1); 921*7c478bd9Sstevel@tonic-gate } 922*7c478bd9Sstevel@tonic-gate 923*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 924*7c478bd9Sstevel@tonic-gate (void *(*)(void *))gethost_addr_reaper, 0, 0, NULL) != 0) { 925*7c478bd9Sstevel@tonic-gate perror("thr_create"); 926*7c478bd9Sstevel@tonic-gate exit(1); 927*7c478bd9Sstevel@tonic-gate } 928*7c478bd9Sstevel@tonic-gate 929*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 930*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getnode_nam_reaper, 0, 0, NULL) != 0) { 931*7c478bd9Sstevel@tonic-gate perror("thr_create"); 932*7c478bd9Sstevel@tonic-gate exit(1); 933*7c478bd9Sstevel@tonic-gate } 934*7c478bd9Sstevel@tonic-gate 935*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 936*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getnode_addr_reaper, 0, 0, NULL) != 0) { 937*7c478bd9Sstevel@tonic-gate perror("thr_create"); 938*7c478bd9Sstevel@tonic-gate exit(1); 939*7c478bd9Sstevel@tonic-gate } 940*7c478bd9Sstevel@tonic-gate 941*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 942*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getexec_reaper, 0, 0, NULL) != 0) { 943*7c478bd9Sstevel@tonic-gate perror("thr_create"); 944*7c478bd9Sstevel@tonic-gate exit(1); 945*7c478bd9Sstevel@tonic-gate } 946*7c478bd9Sstevel@tonic-gate 947*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 948*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getprof_reaper, 0, 0, NULL) != 0) { 949*7c478bd9Sstevel@tonic-gate perror("thr_create"); 950*7c478bd9Sstevel@tonic-gate exit(1); 951*7c478bd9Sstevel@tonic-gate } 952*7c478bd9Sstevel@tonic-gate 953*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 954*7c478bd9Sstevel@tonic-gate (void *(*)(void *))getuser_reaper, 0, 0, NULL) != 0) { 955*7c478bd9Sstevel@tonic-gate perror("thr_create"); 956*7c478bd9Sstevel@tonic-gate exit(1); 957*7c478bd9Sstevel@tonic-gate } 958*7c478bd9Sstevel@tonic-gate 959*7c478bd9Sstevel@tonic-gate /* 960*7c478bd9Sstevel@tonic-gate * kick off routing socket monitor thread 961*7c478bd9Sstevel@tonic-gate */ 962*7c478bd9Sstevel@tonic-gate 963*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, NULL, 964*7c478bd9Sstevel@tonic-gate (void *(*)(void *))rts_mon, 0, 0, NULL) != 0) { 965*7c478bd9Sstevel@tonic-gate perror("thr_create"); 966*7c478bd9Sstevel@tonic-gate exit(1); 967*7c478bd9Sstevel@tonic-gate } 968*7c478bd9Sstevel@tonic-gate 969*7c478bd9Sstevel@tonic-gate if (thr_sigsetmask(SIG_UNBLOCK, &myset, NULL) < 0) { 970*7c478bd9Sstevel@tonic-gate perror("thr_sigsetmask"); 971*7c478bd9Sstevel@tonic-gate exit(1); 972*7c478bd9Sstevel@tonic-gate } 973*7c478bd9Sstevel@tonic-gate 974*7c478bd9Sstevel@tonic-gate for (;;) { 975*7c478bd9Sstevel@tonic-gate (void) pause(); 976*7c478bd9Sstevel@tonic-gate logit("Reloading /etc/nscd.conf\n"); 977*7c478bd9Sstevel@tonic-gate nscd_parse(argv[0], "/etc/nscd.conf"); 978*7c478bd9Sstevel@tonic-gate } 979*7c478bd9Sstevel@tonic-gate } 980*7c478bd9Sstevel@tonic-gate 981*7c478bd9Sstevel@tonic-gate 982*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 983*7c478bd9Sstevel@tonic-gate static void 984*7c478bd9Sstevel@tonic-gate switcher(void *cookie, char *argp, size_t arg_size, 985*7c478bd9Sstevel@tonic-gate door_desc_t *dp, uint_t n_desc) 986*7c478bd9Sstevel@tonic-gate { 987*7c478bd9Sstevel@tonic-gate union { 988*7c478bd9Sstevel@tonic-gate nsc_data_t data; 989*7c478bd9Sstevel@tonic-gate char space[8192]; 990*7c478bd9Sstevel@tonic-gate } u; 991*7c478bd9Sstevel@tonic-gate 992*7c478bd9Sstevel@tonic-gate time_t now; 993*7c478bd9Sstevel@tonic-gate 994*7c478bd9Sstevel@tonic-gate static time_t last_nsswitch_check; 995*7c478bd9Sstevel@tonic-gate static time_t last_nsswitch_modified; 996*7c478bd9Sstevel@tonic-gate static time_t last_resolv_modified; 997*7c478bd9Sstevel@tonic-gate 998*7c478bd9Sstevel@tonic-gate static mutex_t nsswitch_lock; 999*7c478bd9Sstevel@tonic-gate 1000*7c478bd9Sstevel@tonic-gate nsc_call_t *ptr = (nsc_call_t *)argp; 1001*7c478bd9Sstevel@tonic-gate 1002*7c478bd9Sstevel@tonic-gate if (argp == DOOR_UNREF_DATA) { 1003*7c478bd9Sstevel@tonic-gate (void) printf("Door Slam... exiting\n"); 1004*7c478bd9Sstevel@tonic-gate exit(0); 1005*7c478bd9Sstevel@tonic-gate } 1006*7c478bd9Sstevel@tonic-gate 1007*7c478bd9Sstevel@tonic-gate if (ptr == NULL) { /* empty door call */ 1008*7c478bd9Sstevel@tonic-gate (void) door_return(NULL, 0, 0, 0); /* return the favor */ 1009*7c478bd9Sstevel@tonic-gate } 1010*7c478bd9Sstevel@tonic-gate 1011*7c478bd9Sstevel@tonic-gate now = time(NULL); 1012*7c478bd9Sstevel@tonic-gate 1013*7c478bd9Sstevel@tonic-gate /* 1014*7c478bd9Sstevel@tonic-gate * just in case check 1015*7c478bd9Sstevel@tonic-gate */ 1016*7c478bd9Sstevel@tonic-gate 1017*7c478bd9Sstevel@tonic-gate (void) mutex_lock(&nsswitch_lock); 1018*7c478bd9Sstevel@tonic-gate 1019*7c478bd9Sstevel@tonic-gate if (now - last_nsswitch_check > 10) { 1020*7c478bd9Sstevel@tonic-gate struct stat nss_buf; 1021*7c478bd9Sstevel@tonic-gate struct stat res_buf; 1022*7c478bd9Sstevel@tonic-gate 1023*7c478bd9Sstevel@tonic-gate last_nsswitch_check = now; 1024*7c478bd9Sstevel@tonic-gate 1025*7c478bd9Sstevel@tonic-gate (void) mutex_unlock(&nsswitch_lock); /* let others continue */ 1026*7c478bd9Sstevel@tonic-gate 1027*7c478bd9Sstevel@tonic-gate /* 1028*7c478bd9Sstevel@tonic-gate * This code keeps us from statting resolv.conf 1029*7c478bd9Sstevel@tonic-gate * if it doesn't exist, yet prevents us from ignoring 1030*7c478bd9Sstevel@tonic-gate * it if it happens to disappear later on for a bit. 1031*7c478bd9Sstevel@tonic-gate */ 1032*7c478bd9Sstevel@tonic-gate 1033*7c478bd9Sstevel@tonic-gate if (last_resolv_modified >= 0) { 1034*7c478bd9Sstevel@tonic-gate if (stat("/etc/resolv.conf", &res_buf) < 0) { 1035*7c478bd9Sstevel@tonic-gate if (last_resolv_modified == 0) 1036*7c478bd9Sstevel@tonic-gate last_resolv_modified = -1; 1037*7c478bd9Sstevel@tonic-gate else 1038*7c478bd9Sstevel@tonic-gate res_buf.st_mtime = last_resolv_modified; 1039*7c478bd9Sstevel@tonic-gate } else if (last_resolv_modified == 0) { 1040*7c478bd9Sstevel@tonic-gate last_resolv_modified = res_buf.st_mtime; 1041*7c478bd9Sstevel@tonic-gate } 1042*7c478bd9Sstevel@tonic-gate } 1043*7c478bd9Sstevel@tonic-gate 1044*7c478bd9Sstevel@tonic-gate if (stat("/etc/nsswitch.conf", &nss_buf) < 0) { 1045*7c478bd9Sstevel@tonic-gate 1046*7c478bd9Sstevel@tonic-gate /*EMPTY*/; 1047*7c478bd9Sstevel@tonic-gate 1048*7c478bd9Sstevel@tonic-gate } else if (last_nsswitch_modified == 0) { 1049*7c478bd9Sstevel@tonic-gate 1050*7c478bd9Sstevel@tonic-gate last_nsswitch_modified = nss_buf.st_mtime; 1051*7c478bd9Sstevel@tonic-gate 1052*7c478bd9Sstevel@tonic-gate } else if ((last_nsswitch_modified < nss_buf.st_mtime) || 1053*7c478bd9Sstevel@tonic-gate ((last_resolv_modified > 0) && 1054*7c478bd9Sstevel@tonic-gate (last_resolv_modified < res_buf.st_mtime))) { 1055*7c478bd9Sstevel@tonic-gate static mutex_t exit_lock; 1056*7c478bd9Sstevel@tonic-gate char *fmri; 1057*7c478bd9Sstevel@tonic-gate /* 1058*7c478bd9Sstevel@tonic-gate * time for restart 1059*7c478bd9Sstevel@tonic-gate */ 1060*7c478bd9Sstevel@tonic-gate logit("nscd restart due to /etc/nsswitch.conf or "\ 1061*7c478bd9Sstevel@tonic-gate "resolv.conf change\n"); 1062*7c478bd9Sstevel@tonic-gate /* 1063*7c478bd9Sstevel@tonic-gate * try to restart under smf 1064*7c478bd9Sstevel@tonic-gate */ 1065*7c478bd9Sstevel@tonic-gate if ((fmri = getenv("SMF_FMRI")) == NULL) { 1066*7c478bd9Sstevel@tonic-gate /* not running under smf - reexec */ 1067*7c478bd9Sstevel@tonic-gate execv(saved_execname, saved_argv); 1068*7c478bd9Sstevel@tonic-gate exit(1); /* just in case */ 1069*7c478bd9Sstevel@tonic-gate } 1070*7c478bd9Sstevel@tonic-gate 1071*7c478bd9Sstevel@tonic-gate mutex_lock(&exit_lock); /* prevent multiple restarts */ 1072*7c478bd9Sstevel@tonic-gate if (smf_restart_instance(fmri) == 0) 1073*7c478bd9Sstevel@tonic-gate sleep(10); /* wait a bit */ 1074*7c478bd9Sstevel@tonic-gate exit(1); /* give up waiting for resurrection */ 1075*7c478bd9Sstevel@tonic-gate } 1076*7c478bd9Sstevel@tonic-gate 1077*7c478bd9Sstevel@tonic-gate } else 1078*7c478bd9Sstevel@tonic-gate (void) mutex_unlock(&nsswitch_lock); 1079*7c478bd9Sstevel@tonic-gate 1080*7c478bd9Sstevel@tonic-gate switch (ptr->nsc_callnumber) { 1081*7c478bd9Sstevel@tonic-gate 1082*7c478bd9Sstevel@tonic-gate case NULLCALL: 1083*7c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_return_code = SUCCESS; 1084*7c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_bufferbytesused = sizeof (nsc_return_t); 1085*7c478bd9Sstevel@tonic-gate break; 1086*7c478bd9Sstevel@tonic-gate 1087*7c478bd9Sstevel@tonic-gate 1088*7c478bd9Sstevel@tonic-gate case GETPWNAM: 1089*7c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; /* FALLTHROUGH */ 1090*7c478bd9Sstevel@tonic-gate case GETPWUID: 1091*7c478bd9Sstevel@tonic-gate getpw_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 1092*7c478bd9Sstevel@tonic-gate break; 1093*7c478bd9Sstevel@tonic-gate 1094*7c478bd9Sstevel@tonic-gate case GETGRNAM: 1095*7c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; /* FALLTHROUGH */ 1096*7c478bd9Sstevel@tonic-gate case GETGRGID: 1097*7c478bd9Sstevel@tonic-gate getgr_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 1098*7c478bd9Sstevel@tonic-gate break; 1099*7c478bd9Sstevel@tonic-gate 1100*7c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 1101*7c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; /* FALLTHROUGH */ 1102*7c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 1103*7c478bd9Sstevel@tonic-gate gethost_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 1104*7c478bd9Sstevel@tonic-gate break; 1105*7c478bd9Sstevel@tonic-gate 1106*7c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 1107*7c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; /* FALLTHROUGH */ 1108*7c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 1109*7c478bd9Sstevel@tonic-gate getnode_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 1110*7c478bd9Sstevel@tonic-gate break; 1111*7c478bd9Sstevel@tonic-gate 1112*7c478bd9Sstevel@tonic-gate case GETEXECID: 1113*7c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; 1114*7c478bd9Sstevel@tonic-gate getexec_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 1115*7c478bd9Sstevel@tonic-gate break; 1116*7c478bd9Sstevel@tonic-gate 1117*7c478bd9Sstevel@tonic-gate case GETPROFNAM: 1118*7c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; 1119*7c478bd9Sstevel@tonic-gate getprof_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 1120*7c478bd9Sstevel@tonic-gate break; 1121*7c478bd9Sstevel@tonic-gate 1122*7c478bd9Sstevel@tonic-gate case GETUSERNAM: 1123*7c478bd9Sstevel@tonic-gate *(argp + arg_size - 1) = 0; 1124*7c478bd9Sstevel@tonic-gate getuser_lookup(&u.data.nsc_ret, sizeof (u), ptr, now); 1125*7c478bd9Sstevel@tonic-gate break; 1126*7c478bd9Sstevel@tonic-gate 1127*7c478bd9Sstevel@tonic-gate case GETADMIN: 1128*7c478bd9Sstevel@tonic-gate getadmin(&u.data.nsc_ret, sizeof (u), ptr); 1129*7c478bd9Sstevel@tonic-gate break; 1130*7c478bd9Sstevel@tonic-gate 1131*7c478bd9Sstevel@tonic-gate case SETADMIN: 1132*7c478bd9Sstevel@tonic-gate case KILLSERVER: { 1133*7c478bd9Sstevel@tonic-gate 1134*7c478bd9Sstevel@tonic-gate ucred_t *uc = NULL; 1135*7c478bd9Sstevel@tonic-gate const priv_set_t *eset; 1136*7c478bd9Sstevel@tonic-gate zoneid_t zoneid; 1137*7c478bd9Sstevel@tonic-gate 1138*7c478bd9Sstevel@tonic-gate if (door_ucred(&uc) != 0) { 1139*7c478bd9Sstevel@tonic-gate perror("door_ucred"); 1140*7c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_return_code = NOTFOUND; 1141*7c478bd9Sstevel@tonic-gate break; 1142*7c478bd9Sstevel@tonic-gate } 1143*7c478bd9Sstevel@tonic-gate 1144*7c478bd9Sstevel@tonic-gate eset = ucred_getprivset(uc, PRIV_EFFECTIVE); 1145*7c478bd9Sstevel@tonic-gate zoneid = ucred_getzoneid(uc); 1146*7c478bd9Sstevel@tonic-gate 1147*7c478bd9Sstevel@tonic-gate if ((zoneid != GLOBAL_ZONEID && zoneid != getzoneid()) || 1148*7c478bd9Sstevel@tonic-gate eset != NULL ? !priv_ismember(eset, PRIV_SYS_ADMIN) : 1149*7c478bd9Sstevel@tonic-gate ucred_geteuid(uc) != 0) { 1150*7c478bd9Sstevel@tonic-gate logit("SETADMIN call failed(cred): caller pid %d, " 1151*7c478bd9Sstevel@tonic-gate "uid %d, euid %d, zoneid %d\n", ucred_getpid(uc), 1152*7c478bd9Sstevel@tonic-gate ucred_getruid(uc), ucred_geteuid(uc), zoneid); 1153*7c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_return_code = NOTFOUND; 1154*7c478bd9Sstevel@tonic-gate ucred_free(uc); 1155*7c478bd9Sstevel@tonic-gate break; 1156*7c478bd9Sstevel@tonic-gate } 1157*7c478bd9Sstevel@tonic-gate 1158*7c478bd9Sstevel@tonic-gate if (ptr->nsc_callnumber == KILLSERVER) { 1159*7c478bd9Sstevel@tonic-gate logit("Nscd received KILLSERVER cmd from pid %d, " 1160*7c478bd9Sstevel@tonic-gate "uid %d, euid %d, zoneid %d\n", ucred_getpid(uc), 1161*7c478bd9Sstevel@tonic-gate ucred_getruid(uc), ucred_geteuid(uc), zoneid); 1162*7c478bd9Sstevel@tonic-gate exit(0); 1163*7c478bd9Sstevel@tonic-gate } else { 1164*7c478bd9Sstevel@tonic-gate if (setadmin(&u.data.nsc_ret, sizeof (u), ptr) != 0) 1165*7c478bd9Sstevel@tonic-gate logit("SETADMIN call failed\n"); 1166*7c478bd9Sstevel@tonic-gate } 1167*7c478bd9Sstevel@tonic-gate ucred_free(uc); 1168*7c478bd9Sstevel@tonic-gate break; 1169*7c478bd9Sstevel@tonic-gate } 1170*7c478bd9Sstevel@tonic-gate 1171*7c478bd9Sstevel@tonic-gate default: 1172*7c478bd9Sstevel@tonic-gate logit("Unknown name service door call op %d\n", 1173*7c478bd9Sstevel@tonic-gate ptr->nsc_callnumber); 1174*7c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_return_code = -1; 1175*7c478bd9Sstevel@tonic-gate u.data.nsc_ret.nsc_bufferbytesused = sizeof (nsc_return_t); 1176*7c478bd9Sstevel@tonic-gate break; 1177*7c478bd9Sstevel@tonic-gate 1178*7c478bd9Sstevel@tonic-gate } 1179*7c478bd9Sstevel@tonic-gate door_return((char *)&u.data, u.data.nsc_ret.nsc_bufferbytesused, 1180*7c478bd9Sstevel@tonic-gate NULL, 0); 1181*7c478bd9Sstevel@tonic-gate } 1182*7c478bd9Sstevel@tonic-gate 1183*7c478bd9Sstevel@tonic-gate /* 1184*7c478bd9Sstevel@tonic-gate * Monitor the routing socket. Address lists stored in the ipnodes 1185*7c478bd9Sstevel@tonic-gate * cache are sorted based on destination address selection rules, 1186*7c478bd9Sstevel@tonic-gate * so when things change that could affect that sorting (interfaces 1187*7c478bd9Sstevel@tonic-gate * go up or down, flags change, etc.), we clear that cache so the 1188*7c478bd9Sstevel@tonic-gate * list will be re-ordered the next time the hostname is resolved. 1189*7c478bd9Sstevel@tonic-gate */ 1190*7c478bd9Sstevel@tonic-gate static void 1191*7c478bd9Sstevel@tonic-gate rts_mon(void) 1192*7c478bd9Sstevel@tonic-gate { 1193*7c478bd9Sstevel@tonic-gate int rt_sock, rdlen; 1194*7c478bd9Sstevel@tonic-gate union { 1195*7c478bd9Sstevel@tonic-gate struct { 1196*7c478bd9Sstevel@tonic-gate struct rt_msghdr rtm; 1197*7c478bd9Sstevel@tonic-gate struct sockaddr_storage addrs[RTA_NUMBITS]; 1198*7c478bd9Sstevel@tonic-gate } r; 1199*7c478bd9Sstevel@tonic-gate struct if_msghdr ifm; 1200*7c478bd9Sstevel@tonic-gate struct ifa_msghdr ifam; 1201*7c478bd9Sstevel@tonic-gate } mbuf; 1202*7c478bd9Sstevel@tonic-gate struct ifa_msghdr *ifam = &mbuf.ifam; 1203*7c478bd9Sstevel@tonic-gate 1204*7c478bd9Sstevel@tonic-gate rt_sock = socket(PF_ROUTE, SOCK_RAW, 0); 1205*7c478bd9Sstevel@tonic-gate if (rt_sock < 0) { 1206*7c478bd9Sstevel@tonic-gate logit("Failed to open routing socket: %s\n", strerror(errno)); 1207*7c478bd9Sstevel@tonic-gate thr_exit(0); 1208*7c478bd9Sstevel@tonic-gate } 1209*7c478bd9Sstevel@tonic-gate 1210*7c478bd9Sstevel@tonic-gate for (;;) { 1211*7c478bd9Sstevel@tonic-gate rdlen = read(rt_sock, &mbuf, sizeof (mbuf)); 1212*7c478bd9Sstevel@tonic-gate if (rdlen <= 0) { 1213*7c478bd9Sstevel@tonic-gate if (rdlen == 0 || (errno != EINTR && errno != EAGAIN)) { 1214*7c478bd9Sstevel@tonic-gate logit("routing socket read: %s\n", 1215*7c478bd9Sstevel@tonic-gate strerror(errno)); 1216*7c478bd9Sstevel@tonic-gate thr_exit(0); 1217*7c478bd9Sstevel@tonic-gate } 1218*7c478bd9Sstevel@tonic-gate continue; 1219*7c478bd9Sstevel@tonic-gate } 1220*7c478bd9Sstevel@tonic-gate if (ifam->ifam_version != RTM_VERSION) { 1221*7c478bd9Sstevel@tonic-gate logit("rx unknown version (%d) on routing socket.\n", 1222*7c478bd9Sstevel@tonic-gate ifam->ifam_version); 1223*7c478bd9Sstevel@tonic-gate continue; 1224*7c478bd9Sstevel@tonic-gate } 1225*7c478bd9Sstevel@tonic-gate switch (ifam->ifam_type) { 1226*7c478bd9Sstevel@tonic-gate case RTM_NEWADDR: 1227*7c478bd9Sstevel@tonic-gate case RTM_DELADDR: 1228*7c478bd9Sstevel@tonic-gate getnode_name_invalidate(); 1229*7c478bd9Sstevel@tonic-gate break; 1230*7c478bd9Sstevel@tonic-gate case RTM_ADD: 1231*7c478bd9Sstevel@tonic-gate case RTM_DELETE: 1232*7c478bd9Sstevel@tonic-gate case RTM_CHANGE: 1233*7c478bd9Sstevel@tonic-gate case RTM_GET: 1234*7c478bd9Sstevel@tonic-gate case RTM_LOSING: 1235*7c478bd9Sstevel@tonic-gate case RTM_REDIRECT: 1236*7c478bd9Sstevel@tonic-gate case RTM_MISS: 1237*7c478bd9Sstevel@tonic-gate case RTM_LOCK: 1238*7c478bd9Sstevel@tonic-gate case RTM_OLDADD: 1239*7c478bd9Sstevel@tonic-gate case RTM_OLDDEL: 1240*7c478bd9Sstevel@tonic-gate case RTM_RESOLVE: 1241*7c478bd9Sstevel@tonic-gate case RTM_IFINFO: 1242*7c478bd9Sstevel@tonic-gate break; 1243*7c478bd9Sstevel@tonic-gate default: 1244*7c478bd9Sstevel@tonic-gate logit("rx unknown msg type (%d) on routing socket.\n", 1245*7c478bd9Sstevel@tonic-gate ifam->ifam_type); 1246*7c478bd9Sstevel@tonic-gate break; 1247*7c478bd9Sstevel@tonic-gate } 1248*7c478bd9Sstevel@tonic-gate } 1249*7c478bd9Sstevel@tonic-gate } 1250*7c478bd9Sstevel@tonic-gate 1251*7c478bd9Sstevel@tonic-gate static void 1252*7c478bd9Sstevel@tonic-gate usage(char *s) 1253*7c478bd9Sstevel@tonic-gate { 1254*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1255*7c478bd9Sstevel@tonic-gate "Usage: %s [-d debug_level] [-l logfilename]\n", s); 1256*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1257*7c478bd9Sstevel@tonic-gate " [-p cachename,positive_time_to_live]\n"); 1258*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1259*7c478bd9Sstevel@tonic-gate " [-n cachename,negative_time_to_live]\n"); 1260*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1261*7c478bd9Sstevel@tonic-gate " [-i cachename] [-s cachename,suggestedsize]\n"); 1262*7c478bd9Sstevel@tonic-gate 1263*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1264*7c478bd9Sstevel@tonic-gate " [-h cachename,keep_hot_count] "\ 1265*7c478bd9Sstevel@tonic-gate "[-o cachename,\"yes\"|\"no\"]\n"); 1266*7c478bd9Sstevel@tonic-gate 1267*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1268*7c478bd9Sstevel@tonic-gate " [-e cachename,\"yes\"|\"no\"] [-g] " \ 1269*7c478bd9Sstevel@tonic-gate "[-c cachename,\"yes\"|\"no\"]\n"); 1270*7c478bd9Sstevel@tonic-gate 1271*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1272*7c478bd9Sstevel@tonic-gate " [-f configfilename] \n"); 1273*7c478bd9Sstevel@tonic-gate 1274*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1275*7c478bd9Sstevel@tonic-gate "\n Supported caches: passwd, group, hosts, ipnodes\n"); 1276*7c478bd9Sstevel@tonic-gate 1277*7c478bd9Sstevel@tonic-gate (void) fprintf(stderr, 1278*7c478bd9Sstevel@tonic-gate " exec_attr, prof_attr, and user_attr.\n"); 1279*7c478bd9Sstevel@tonic-gate 1280*7c478bd9Sstevel@tonic-gate exit(1); 1281*7c478bd9Sstevel@tonic-gate 1282*7c478bd9Sstevel@tonic-gate } 1283*7c478bd9Sstevel@tonic-gate 1284*7c478bd9Sstevel@tonic-gate 1285*7c478bd9Sstevel@tonic-gate static int logfd = 2; 1286*7c478bd9Sstevel@tonic-gate 1287*7c478bd9Sstevel@tonic-gate int 1288*7c478bd9Sstevel@tonic-gate nscd_set_lf(admin_t *ptr, char *s) 1289*7c478bd9Sstevel@tonic-gate { 1290*7c478bd9Sstevel@tonic-gate int newlogfd; 1291*7c478bd9Sstevel@tonic-gate 1292*7c478bd9Sstevel@tonic-gate /* 1293*7c478bd9Sstevel@tonic-gate * we don't really want to try and open the log file 1294*7c478bd9Sstevel@tonic-gate * /dev/null since that will fail w/ our security fixes 1295*7c478bd9Sstevel@tonic-gate */ 1296*7c478bd9Sstevel@tonic-gate 1297*7c478bd9Sstevel@tonic-gate if (*s == 0) { 1298*7c478bd9Sstevel@tonic-gate /* ignore empty log file specs */ 1299*7c478bd9Sstevel@tonic-gate /*EMPTY*/; 1300*7c478bd9Sstevel@tonic-gate } else if (s == NULL || strcmp(s, "/dev/null") == 0) { 1301*7c478bd9Sstevel@tonic-gate (void) strcpy(current_admin.logfile, "/dev/null"); 1302*7c478bd9Sstevel@tonic-gate (void) close(logfd); 1303*7c478bd9Sstevel@tonic-gate logfd = -1; 1304*7c478bd9Sstevel@tonic-gate } else { 1305*7c478bd9Sstevel@tonic-gate /* 1306*7c478bd9Sstevel@tonic-gate * In order to open this file securely, we'll try a few tricks 1307*7c478bd9Sstevel@tonic-gate */ 1308*7c478bd9Sstevel@tonic-gate 1309*7c478bd9Sstevel@tonic-gate if ((newlogfd = open(s, O_EXCL|O_WRONLY|O_CREAT, 0644)) < 0) { 1310*7c478bd9Sstevel@tonic-gate /* 1311*7c478bd9Sstevel@tonic-gate * File already exists... now we need to get cute 1312*7c478bd9Sstevel@tonic-gate * since opening a file in a world-writeable directory 1313*7c478bd9Sstevel@tonic-gate * safely is hard = it could be a hard link or a 1314*7c478bd9Sstevel@tonic-gate * symbolic link to a system file. 1315*7c478bd9Sstevel@tonic-gate */ 1316*7c478bd9Sstevel@tonic-gate struct stat before; 1317*7c478bd9Sstevel@tonic-gate 1318*7c478bd9Sstevel@tonic-gate if (lstat(s, &before) < 0) { 1319*7c478bd9Sstevel@tonic-gate logit("Cannot open new logfile \"%s\": %sn", 1320*7c478bd9Sstevel@tonic-gate s, strerror(errno)); 1321*7c478bd9Sstevel@tonic-gate return (-1); 1322*7c478bd9Sstevel@tonic-gate } 1323*7c478bd9Sstevel@tonic-gate 1324*7c478bd9Sstevel@tonic-gate if (S_ISREG(before.st_mode) && /* no symbolic links */ 1325*7c478bd9Sstevel@tonic-gate (before.st_nlink == 1) && /* no hard links */ 1326*7c478bd9Sstevel@tonic-gate (before.st_uid == 0)) { /* owned by root */ 1327*7c478bd9Sstevel@tonic-gate if ((newlogfd = 1328*7c478bd9Sstevel@tonic-gate open(s, O_APPEND|O_WRONLY, 0644)) < 0) { 1329*7c478bd9Sstevel@tonic-gate logit("Cannot open new "\ 1330*7c478bd9Sstevel@tonic-gate "logfile \"%s\": %s\n", s, 1331*7c478bd9Sstevel@tonic-gate strerror(errno)); 1332*7c478bd9Sstevel@tonic-gate return (-1); 1333*7c478bd9Sstevel@tonic-gate } 1334*7c478bd9Sstevel@tonic-gate } else { 1335*7c478bd9Sstevel@tonic-gate logit("Cannot use specified logfile \"%s\": "\ 1336*7c478bd9Sstevel@tonic-gate "file is/has links or isn't owned by "\ 1337*7c478bd9Sstevel@tonic-gate "root\n", s); 1338*7c478bd9Sstevel@tonic-gate return (-1); 1339*7c478bd9Sstevel@tonic-gate } 1340*7c478bd9Sstevel@tonic-gate } 1341*7c478bd9Sstevel@tonic-gate 1342*7c478bd9Sstevel@tonic-gate (void) strlcpy(ptr->logfile, s, 128); 1343*7c478bd9Sstevel@tonic-gate (void) close(logfd); 1344*7c478bd9Sstevel@tonic-gate logfd = newlogfd; 1345*7c478bd9Sstevel@tonic-gate logit("Start of new logfile %s\n", s); 1346*7c478bd9Sstevel@tonic-gate } 1347*7c478bd9Sstevel@tonic-gate return (0); 1348*7c478bd9Sstevel@tonic-gate } 1349*7c478bd9Sstevel@tonic-gate 1350*7c478bd9Sstevel@tonic-gate void 1351*7c478bd9Sstevel@tonic-gate logit(char *format, ...) 1352*7c478bd9Sstevel@tonic-gate { 1353*7c478bd9Sstevel@tonic-gate static mutex_t loglock; 1354*7c478bd9Sstevel@tonic-gate struct timeval tv; 1355*7c478bd9Sstevel@tonic-gate 1356*7c478bd9Sstevel@tonic-gate #define LOGBUFLEN 1024 1357*7c478bd9Sstevel@tonic-gate char buffer[LOGBUFLEN]; 1358*7c478bd9Sstevel@tonic-gate 1359*7c478bd9Sstevel@tonic-gate va_list ap; 1360*7c478bd9Sstevel@tonic-gate va_start(ap, format); 1361*7c478bd9Sstevel@tonic-gate 1362*7c478bd9Sstevel@tonic-gate if (logfd >= 0) { 1363*7c478bd9Sstevel@tonic-gate int safechars, offset; 1364*7c478bd9Sstevel@tonic-gate if (gettimeofday(&tv, NULL) != 0 || 1365*7c478bd9Sstevel@tonic-gate ctime_r(&tv.tv_sec, buffer, LOGBUFLEN) == NULL) { 1366*7c478bd9Sstevel@tonic-gate (void) snprintf(buffer, LOGBUFLEN, 1367*7c478bd9Sstevel@tonic-gate "<time conversion failed>\t"); 1368*7c478bd9Sstevel@tonic-gate } else { 1369*7c478bd9Sstevel@tonic-gate /* 1370*7c478bd9Sstevel@tonic-gate * ctime_r() includes some stuff we don't want; 1371*7c478bd9Sstevel@tonic-gate * adjust length to overwrite " YYYY\n". 1372*7c478bd9Sstevel@tonic-gate */ 1373*7c478bd9Sstevel@tonic-gate offset = strlen(buffer) - 6; 1374*7c478bd9Sstevel@tonic-gate safechars = LOGBUFLEN - (offset - 1); 1375*7c478bd9Sstevel@tonic-gate (void) snprintf(buffer + offset, safechars, ".%.4ld\t", 1376*7c478bd9Sstevel@tonic-gate tv.tv_usec/100); 1377*7c478bd9Sstevel@tonic-gate } 1378*7c478bd9Sstevel@tonic-gate offset = strlen(buffer); 1379*7c478bd9Sstevel@tonic-gate safechars = LOGBUFLEN - (offset - 1); 1380*7c478bd9Sstevel@tonic-gate if (vsnprintf(buffer + offset, safechars, format, ap) > 1381*7c478bd9Sstevel@tonic-gate safechars) { 1382*7c478bd9Sstevel@tonic-gate (void) strncat(buffer, "...\n", LOGBUFLEN); 1383*7c478bd9Sstevel@tonic-gate } 1384*7c478bd9Sstevel@tonic-gate 1385*7c478bd9Sstevel@tonic-gate (void) mutex_lock(&loglock); 1386*7c478bd9Sstevel@tonic-gate (void) write(logfd, buffer, strlen(buffer)); 1387*7c478bd9Sstevel@tonic-gate (void) mutex_unlock(&loglock); 1388*7c478bd9Sstevel@tonic-gate } 1389*7c478bd9Sstevel@tonic-gate 1390*7c478bd9Sstevel@tonic-gate va_end(ap); 1391*7c478bd9Sstevel@tonic-gate #undef LOGBUFLEN 1392*7c478bd9Sstevel@tonic-gate } 1393*7c478bd9Sstevel@tonic-gate 1394*7c478bd9Sstevel@tonic-gate static void 1395*7c478bd9Sstevel@tonic-gate do_update(nsc_call_t *in) 1396*7c478bd9Sstevel@tonic-gate { 1397*7c478bd9Sstevel@tonic-gate union { 1398*7c478bd9Sstevel@tonic-gate nsc_data_t data; 1399*7c478bd9Sstevel@tonic-gate char space[8192]; 1400*7c478bd9Sstevel@tonic-gate } u; 1401*7c478bd9Sstevel@tonic-gate 1402*7c478bd9Sstevel@tonic-gate time_t now = time(NULL); 1403*7c478bd9Sstevel@tonic-gate 1404*7c478bd9Sstevel@tonic-gate switch (MASKUPDATEBIT(in->nsc_callnumber)) { 1405*7c478bd9Sstevel@tonic-gate 1406*7c478bd9Sstevel@tonic-gate case GETPWUID: 1407*7c478bd9Sstevel@tonic-gate case GETPWNAM: 1408*7c478bd9Sstevel@tonic-gate getpw_lookup(&u.data.nsc_ret, sizeof (u), in, now); 1409*7c478bd9Sstevel@tonic-gate break; 1410*7c478bd9Sstevel@tonic-gate 1411*7c478bd9Sstevel@tonic-gate case GETGRNAM: 1412*7c478bd9Sstevel@tonic-gate case GETGRGID: 1413*7c478bd9Sstevel@tonic-gate getgr_lookup(&u.data.nsc_ret, sizeof (u), in, now); 1414*7c478bd9Sstevel@tonic-gate break; 1415*7c478bd9Sstevel@tonic-gate 1416*7c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 1417*7c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 1418*7c478bd9Sstevel@tonic-gate gethost_lookup(&u.data.nsc_ret, sizeof (u), in, now); 1419*7c478bd9Sstevel@tonic-gate break; 1420*7c478bd9Sstevel@tonic-gate 1421*7c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 1422*7c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 1423*7c478bd9Sstevel@tonic-gate getnode_lookup(&u.data.nsc_ret, sizeof (u), in, now); 1424*7c478bd9Sstevel@tonic-gate break; 1425*7c478bd9Sstevel@tonic-gate 1426*7c478bd9Sstevel@tonic-gate case GETEXECID: 1427*7c478bd9Sstevel@tonic-gate getexec_lookup(&u.data.nsc_ret, sizeof (u), in, now); 1428*7c478bd9Sstevel@tonic-gate break; 1429*7c478bd9Sstevel@tonic-gate 1430*7c478bd9Sstevel@tonic-gate case GETPROFNAM: 1431*7c478bd9Sstevel@tonic-gate getprof_lookup(&u.data.nsc_ret, sizeof (u), in, now); 1432*7c478bd9Sstevel@tonic-gate break; 1433*7c478bd9Sstevel@tonic-gate 1434*7c478bd9Sstevel@tonic-gate case GETUSERNAM: 1435*7c478bd9Sstevel@tonic-gate getuser_lookup(&u.data.nsc_ret, sizeof (u), in, now); 1436*7c478bd9Sstevel@tonic-gate break; 1437*7c478bd9Sstevel@tonic-gate 1438*7c478bd9Sstevel@tonic-gate default: 1439*7c478bd9Sstevel@tonic-gate assert(0); 1440*7c478bd9Sstevel@tonic-gate break; 1441*7c478bd9Sstevel@tonic-gate } 1442*7c478bd9Sstevel@tonic-gate 1443*7c478bd9Sstevel@tonic-gate free(in); 1444*7c478bd9Sstevel@tonic-gate } 1445*7c478bd9Sstevel@tonic-gate 1446*7c478bd9Sstevel@tonic-gate int 1447*7c478bd9Sstevel@tonic-gate launch_update(nsc_call_t *in) 1448*7c478bd9Sstevel@tonic-gate { 1449*7c478bd9Sstevel@tonic-gate nsc_call_t *c; 1450*7c478bd9Sstevel@tonic-gate 1451*7c478bd9Sstevel@tonic-gate int l = nsc_calllen(in); 1452*7c478bd9Sstevel@tonic-gate 1453*7c478bd9Sstevel@tonic-gate in->nsc_callnumber |= UPDATEBIT; 1454*7c478bd9Sstevel@tonic-gate 1455*7c478bd9Sstevel@tonic-gate if ((c = malloc(l)) == NULL) { 1456*7c478bd9Sstevel@tonic-gate logit("thread create failed: %s\n", strerror(errno)); 1457*7c478bd9Sstevel@tonic-gate exit(1); 1458*7c478bd9Sstevel@tonic-gate } 1459*7c478bd9Sstevel@tonic-gate (void) memcpy(c, in, l); 1460*7c478bd9Sstevel@tonic-gate 1461*7c478bd9Sstevel@tonic-gate if (current_admin.debug_level >= DBG_ALL) { 1462*7c478bd9Sstevel@tonic-gate logit("launching update\n"); 1463*7c478bd9Sstevel@tonic-gate } 1464*7c478bd9Sstevel@tonic-gate 1465*7c478bd9Sstevel@tonic-gate if (thr_create(NULL, 1466*7c478bd9Sstevel@tonic-gate NULL, 1467*7c478bd9Sstevel@tonic-gate (void *(*)(void*))do_update, 1468*7c478bd9Sstevel@tonic-gate c, 1469*7c478bd9Sstevel@tonic-gate 0|THR_DETACHED, NULL) != 0) { 1470*7c478bd9Sstevel@tonic-gate logit("thread create failed\n"); 1471*7c478bd9Sstevel@tonic-gate exit(1); 1472*7c478bd9Sstevel@tonic-gate } 1473*7c478bd9Sstevel@tonic-gate 1474*7c478bd9Sstevel@tonic-gate return (0); 1475*7c478bd9Sstevel@tonic-gate } 1476*7c478bd9Sstevel@tonic-gate 1477*7c478bd9Sstevel@tonic-gate static int 1478*7c478bd9Sstevel@tonic-gate nsc_calllen(nsc_call_t *in) 1479*7c478bd9Sstevel@tonic-gate { 1480*7c478bd9Sstevel@tonic-gate switch (MASKUPDATEBIT(in->nsc_callnumber)) { 1481*7c478bd9Sstevel@tonic-gate 1482*7c478bd9Sstevel@tonic-gate case GETPWUID: 1483*7c478bd9Sstevel@tonic-gate case GETGRGID: 1484*7c478bd9Sstevel@tonic-gate case NULLCALL: 1485*7c478bd9Sstevel@tonic-gate return (sizeof (*in)); 1486*7c478bd9Sstevel@tonic-gate 1487*7c478bd9Sstevel@tonic-gate case GETPWNAM: 1488*7c478bd9Sstevel@tonic-gate case GETGRNAM: 1489*7c478bd9Sstevel@tonic-gate case GETHOSTBYNAME: 1490*7c478bd9Sstevel@tonic-gate return (sizeof (*in) + strlen(in->nsc_u.name)); 1491*7c478bd9Sstevel@tonic-gate case GETIPNODEBYNAME: 1492*7c478bd9Sstevel@tonic-gate return (sizeof (*in) + strlen(in->nsc_u.ipnode.name)); 1493*7c478bd9Sstevel@tonic-gate 1494*7c478bd9Sstevel@tonic-gate case GETHOSTBYADDR: 1495*7c478bd9Sstevel@tonic-gate case GETIPNODEBYADDR: 1496*7c478bd9Sstevel@tonic-gate return (sizeof (*in) + in->nsc_u.addr.a_length); 1497*7c478bd9Sstevel@tonic-gate 1498*7c478bd9Sstevel@tonic-gate case GETEXECID: 1499*7c478bd9Sstevel@tonic-gate case GETPROFNAM: 1500*7c478bd9Sstevel@tonic-gate case GETUSERNAM: 1501*7c478bd9Sstevel@tonic-gate 1502*7c478bd9Sstevel@tonic-gate return (sizeof (*in) + strlen(in->nsc_u.name)); 1503*7c478bd9Sstevel@tonic-gate } 1504*7c478bd9Sstevel@tonic-gate 1505*7c478bd9Sstevel@tonic-gate return (0); 1506*7c478bd9Sstevel@tonic-gate } 1507*7c478bd9Sstevel@tonic-gate 1508*7c478bd9Sstevel@tonic-gate static int 1509*7c478bd9Sstevel@tonic-gate client_getadmin(admin_t *ptr) 1510*7c478bd9Sstevel@tonic-gate { 1511*7c478bd9Sstevel@tonic-gate union { 1512*7c478bd9Sstevel@tonic-gate nsc_data_t data; 1513*7c478bd9Sstevel@tonic-gate char space[8192]; 1514*7c478bd9Sstevel@tonic-gate } u; 1515*7c478bd9Sstevel@tonic-gate 1516*7c478bd9Sstevel@tonic-gate nsc_data_t *dptr; 1517*7c478bd9Sstevel@tonic-gate int ndata; 1518*7c478bd9Sstevel@tonic-gate int adata; 1519*7c478bd9Sstevel@tonic-gate 1520*7c478bd9Sstevel@tonic-gate u.data.nsc_call.nsc_callnumber = GETADMIN; 1521*7c478bd9Sstevel@tonic-gate ndata = sizeof (u); 1522*7c478bd9Sstevel@tonic-gate adata = sizeof (u.data); 1523*7c478bd9Sstevel@tonic-gate dptr = &u.data; 1524*7c478bd9Sstevel@tonic-gate 1525*7c478bd9Sstevel@tonic-gate if (_nsc_trydoorcall(&dptr, &ndata, &adata) != SUCCESS) { 1526*7c478bd9Sstevel@tonic-gate return (-1); 1527*7c478bd9Sstevel@tonic-gate } 1528*7c478bd9Sstevel@tonic-gate 1529*7c478bd9Sstevel@tonic-gate (void) memcpy(ptr, dptr->nsc_ret.nsc_u.buff, sizeof (*ptr)); 1530*7c478bd9Sstevel@tonic-gate return (0); 1531*7c478bd9Sstevel@tonic-gate } 1532*7c478bd9Sstevel@tonic-gate 1533*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 1534*7c478bd9Sstevel@tonic-gate static void 1535*7c478bd9Sstevel@tonic-gate getadmin(nsc_return_t *out, int size, nsc_call_t *ptr) 1536*7c478bd9Sstevel@tonic-gate { 1537*7c478bd9Sstevel@tonic-gate out->nsc_return_code = SUCCESS; 1538*7c478bd9Sstevel@tonic-gate out->nsc_bufferbytesused = sizeof (current_admin); 1539*7c478bd9Sstevel@tonic-gate (void) memcpy(out->nsc_u.buff, ¤t_admin, sizeof (current_admin)); 1540*7c478bd9Sstevel@tonic-gate } 1541*7c478bd9Sstevel@tonic-gate 1542*7c478bd9Sstevel@tonic-gate 1543*7c478bd9Sstevel@tonic-gate static int 1544*7c478bd9Sstevel@tonic-gate nscd_set_rbac(admin_t *new_admin, int invalidate) 1545*7c478bd9Sstevel@tonic-gate { 1546*7c478bd9Sstevel@tonic-gate int i; 1547*7c478bd9Sstevel@tonic-gate char *dbname = NULL; 1548*7c478bd9Sstevel@tonic-gate nsc_stat_t *cache = NULL; 1549*7c478bd9Sstevel@tonic-gate nsc_stat_t *new = NULL; 1550*7c478bd9Sstevel@tonic-gate void (*invalidate_func)(void); 1551*7c478bd9Sstevel@tonic-gate 1552*7c478bd9Sstevel@tonic-gate 1553*7c478bd9Sstevel@tonic-gate for (i = 1; i <= 3; i++) { 1554*7c478bd9Sstevel@tonic-gate /* 1555*7c478bd9Sstevel@tonic-gate * Three of the RBAC databases are cached. 1556*7c478bd9Sstevel@tonic-gate */ 1557*7c478bd9Sstevel@tonic-gate switch (i) { 1558*7c478bd9Sstevel@tonic-gate case 1: 1559*7c478bd9Sstevel@tonic-gate dbname = NSS_DBNAM_EXECATTR; 1560*7c478bd9Sstevel@tonic-gate cache = ¤t_admin.exec; 1561*7c478bd9Sstevel@tonic-gate new = &new_admin->exec; 1562*7c478bd9Sstevel@tonic-gate invalidate_func = getexec_invalidate; 1563*7c478bd9Sstevel@tonic-gate break; 1564*7c478bd9Sstevel@tonic-gate case 2: 1565*7c478bd9Sstevel@tonic-gate dbname = NSS_DBNAM_PROFATTR; 1566*7c478bd9Sstevel@tonic-gate cache = ¤t_admin.prof; 1567*7c478bd9Sstevel@tonic-gate new = &new_admin->prof; 1568*7c478bd9Sstevel@tonic-gate invalidate_func = getprof_invalidate; 1569*7c478bd9Sstevel@tonic-gate break; 1570*7c478bd9Sstevel@tonic-gate case 3: 1571*7c478bd9Sstevel@tonic-gate dbname = NSS_DBNAM_USERATTR; 1572*7c478bd9Sstevel@tonic-gate cache = ¤t_admin.user; 1573*7c478bd9Sstevel@tonic-gate new = &new_admin->user; 1574*7c478bd9Sstevel@tonic-gate invalidate_func = getuser_invalidate; 1575*7c478bd9Sstevel@tonic-gate break; 1576*7c478bd9Sstevel@tonic-gate default: 1577*7c478bd9Sstevel@tonic-gate break; 1578*7c478bd9Sstevel@tonic-gate } 1579*7c478bd9Sstevel@tonic-gate 1580*7c478bd9Sstevel@tonic-gate if (invalidate) { 1581*7c478bd9Sstevel@tonic-gate if (new->nsc_invalidate) { 1582*7c478bd9Sstevel@tonic-gate logit("Invalidating %s cache\n", dbname); 1583*7c478bd9Sstevel@tonic-gate (*invalidate_func)(); 1584*7c478bd9Sstevel@tonic-gate } 1585*7c478bd9Sstevel@tonic-gate } else { 1586*7c478bd9Sstevel@tonic-gate if (nscd_set_ttl_positive(cache, dbname, 1587*7c478bd9Sstevel@tonic-gate new->nsc_pos_ttl) < 0 || 1588*7c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(cache, dbname, 1589*7c478bd9Sstevel@tonic-gate new->nsc_neg_ttl) < 0 || 1590*7c478bd9Sstevel@tonic-gate nscd_set_khc(cache, dbname, new->nsc_keephot) < 0 || 1591*7c478bd9Sstevel@tonic-gate nscd_set_odo(cache, dbname, 1592*7c478bd9Sstevel@tonic-gate new->nsc_old_data_ok) < 0 || 1593*7c478bd9Sstevel@tonic-gate nscd_set_ec(cache, dbname, new->nsc_enabled) < 0 || 1594*7c478bd9Sstevel@tonic-gate nscd_set_ss(cache, dbname, 1595*7c478bd9Sstevel@tonic-gate new->nsc_suggestedsize) < 0) 1596*7c478bd9Sstevel@tonic-gate return (-1); 1597*7c478bd9Sstevel@tonic-gate } 1598*7c478bd9Sstevel@tonic-gate } 1599*7c478bd9Sstevel@tonic-gate 1600*7c478bd9Sstevel@tonic-gate return (0); 1601*7c478bd9Sstevel@tonic-gate } 1602*7c478bd9Sstevel@tonic-gate 1603*7c478bd9Sstevel@tonic-gate /*ARGSUSED*/ 1604*7c478bd9Sstevel@tonic-gate static int 1605*7c478bd9Sstevel@tonic-gate setadmin(nsc_return_t *out, int size, nsc_call_t *ptr) 1606*7c478bd9Sstevel@tonic-gate { 1607*7c478bd9Sstevel@tonic-gate admin_t *new; 1608*7c478bd9Sstevel@tonic-gate 1609*7c478bd9Sstevel@tonic-gate out->nsc_return_code = SUCCESS; 1610*7c478bd9Sstevel@tonic-gate out->nsc_bufferbytesused = sizeof (nsc_return_t); 1611*7c478bd9Sstevel@tonic-gate 1612*7c478bd9Sstevel@tonic-gate new = (admin_t *)ptr->nsc_u.name; 1613*7c478bd9Sstevel@tonic-gate 1614*7c478bd9Sstevel@tonic-gate 1615*7c478bd9Sstevel@tonic-gate /* 1616*7c478bd9Sstevel@tonic-gate * global admin stuff 1617*7c478bd9Sstevel@tonic-gate */ 1618*7c478bd9Sstevel@tonic-gate 1619*7c478bd9Sstevel@tonic-gate if ((nscd_set_lf(¤t_admin, new->logfile) < 0) || 1620*7c478bd9Sstevel@tonic-gate nscd_set_dl(¤t_admin, new->debug_level) < 0) { 1621*7c478bd9Sstevel@tonic-gate out->nsc_return_code = NOTFOUND; 1622*7c478bd9Sstevel@tonic-gate return (-1); 1623*7c478bd9Sstevel@tonic-gate } 1624*7c478bd9Sstevel@tonic-gate 1625*7c478bd9Sstevel@tonic-gate /* 1626*7c478bd9Sstevel@tonic-gate * per cache items 1627*7c478bd9Sstevel@tonic-gate */ 1628*7c478bd9Sstevel@tonic-gate 1629*7c478bd9Sstevel@tonic-gate if (new->passwd.nsc_invalidate) { 1630*7c478bd9Sstevel@tonic-gate logit("Invalidating passwd cache\n"); 1631*7c478bd9Sstevel@tonic-gate getpw_invalidate(); 1632*7c478bd9Sstevel@tonic-gate } 1633*7c478bd9Sstevel@tonic-gate 1634*7c478bd9Sstevel@tonic-gate if (new->group.nsc_invalidate) { 1635*7c478bd9Sstevel@tonic-gate logit("Invalidating group cache\n"); 1636*7c478bd9Sstevel@tonic-gate getgr_invalidate(); 1637*7c478bd9Sstevel@tonic-gate } 1638*7c478bd9Sstevel@tonic-gate 1639*7c478bd9Sstevel@tonic-gate if (new->host.nsc_invalidate) { 1640*7c478bd9Sstevel@tonic-gate logit("Invalidating host cache\n"); 1641*7c478bd9Sstevel@tonic-gate gethost_invalidate(); 1642*7c478bd9Sstevel@tonic-gate } 1643*7c478bd9Sstevel@tonic-gate 1644*7c478bd9Sstevel@tonic-gate if (new->node.nsc_invalidate) { 1645*7c478bd9Sstevel@tonic-gate logit("Invalidating ipnodes cache\n"); 1646*7c478bd9Sstevel@tonic-gate getnode_invalidate(); 1647*7c478bd9Sstevel@tonic-gate } 1648*7c478bd9Sstevel@tonic-gate 1649*7c478bd9Sstevel@tonic-gate (void) nscd_set_rbac(new, 1); /* invalidate rbac cache */ 1650*7c478bd9Sstevel@tonic-gate 1651*7c478bd9Sstevel@tonic-gate if (nscd_set_ttl_positive(¤t_admin.passwd, 1652*7c478bd9Sstevel@tonic-gate "passwd", 1653*7c478bd9Sstevel@tonic-gate new->passwd.nsc_pos_ttl) < 0 || 1654*7c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(¤t_admin.passwd, 1655*7c478bd9Sstevel@tonic-gate "passwd", 1656*7c478bd9Sstevel@tonic-gate new->passwd.nsc_neg_ttl) < 0 || 1657*7c478bd9Sstevel@tonic-gate nscd_set_khc(¤t_admin.passwd, 1658*7c478bd9Sstevel@tonic-gate "passwd", 1659*7c478bd9Sstevel@tonic-gate new->passwd.nsc_keephot) < 0 || 1660*7c478bd9Sstevel@tonic-gate nscd_set_odo(¤t_admin.passwd, 1661*7c478bd9Sstevel@tonic-gate "passwd", 1662*7c478bd9Sstevel@tonic-gate new->passwd.nsc_old_data_ok) < 0 || 1663*7c478bd9Sstevel@tonic-gate nscd_set_ec(¤t_admin.passwd, 1664*7c478bd9Sstevel@tonic-gate "passwd", 1665*7c478bd9Sstevel@tonic-gate new->passwd.nsc_enabled) < 0 || 1666*7c478bd9Sstevel@tonic-gate nscd_set_ss(¤t_admin.passwd, 1667*7c478bd9Sstevel@tonic-gate "passwd", 1668*7c478bd9Sstevel@tonic-gate new->passwd.nsc_suggestedsize) < 0 || 1669*7c478bd9Sstevel@tonic-gate 1670*7c478bd9Sstevel@tonic-gate nscd_set_ttl_positive(¤t_admin.group, 1671*7c478bd9Sstevel@tonic-gate "group", 1672*7c478bd9Sstevel@tonic-gate new->group.nsc_pos_ttl) < 0 || 1673*7c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(¤t_admin.group, 1674*7c478bd9Sstevel@tonic-gate "group", 1675*7c478bd9Sstevel@tonic-gate new->group.nsc_neg_ttl) < 0 || 1676*7c478bd9Sstevel@tonic-gate nscd_set_khc(¤t_admin.group, 1677*7c478bd9Sstevel@tonic-gate "group", 1678*7c478bd9Sstevel@tonic-gate new->group.nsc_keephot) < 0 || 1679*7c478bd9Sstevel@tonic-gate nscd_set_odo(¤t_admin.group, 1680*7c478bd9Sstevel@tonic-gate "group", 1681*7c478bd9Sstevel@tonic-gate new->group.nsc_old_data_ok) < 0 || 1682*7c478bd9Sstevel@tonic-gate nscd_set_ec(¤t_admin.group, 1683*7c478bd9Sstevel@tonic-gate "group", 1684*7c478bd9Sstevel@tonic-gate new->group.nsc_enabled) < 0 || 1685*7c478bd9Sstevel@tonic-gate nscd_set_ss(¤t_admin.group, 1686*7c478bd9Sstevel@tonic-gate "group", 1687*7c478bd9Sstevel@tonic-gate new->group.nsc_suggestedsize) < 0 || 1688*7c478bd9Sstevel@tonic-gate 1689*7c478bd9Sstevel@tonic-gate nscd_set_ttl_positive(¤t_admin.node, 1690*7c478bd9Sstevel@tonic-gate "ipnodes", 1691*7c478bd9Sstevel@tonic-gate new->node.nsc_pos_ttl) < 0 || 1692*7c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(¤t_admin.node, 1693*7c478bd9Sstevel@tonic-gate "ipnodes", 1694*7c478bd9Sstevel@tonic-gate new->node.nsc_neg_ttl) < 0 || 1695*7c478bd9Sstevel@tonic-gate nscd_set_khc(¤t_admin.node, 1696*7c478bd9Sstevel@tonic-gate "ipnodes", 1697*7c478bd9Sstevel@tonic-gate new->node.nsc_keephot) < 0 || 1698*7c478bd9Sstevel@tonic-gate nscd_set_odo(¤t_admin.node, 1699*7c478bd9Sstevel@tonic-gate "ipnodes", 1700*7c478bd9Sstevel@tonic-gate new->node.nsc_old_data_ok) < 0 || 1701*7c478bd9Sstevel@tonic-gate nscd_set_ec(¤t_admin.node, 1702*7c478bd9Sstevel@tonic-gate "ipnodes", 1703*7c478bd9Sstevel@tonic-gate new->node.nsc_enabled) < 0 || 1704*7c478bd9Sstevel@tonic-gate nscd_set_ss(¤t_admin.node, 1705*7c478bd9Sstevel@tonic-gate "ipnodes", 1706*7c478bd9Sstevel@tonic-gate new->node.nsc_suggestedsize) < 0 || 1707*7c478bd9Sstevel@tonic-gate 1708*7c478bd9Sstevel@tonic-gate nscd_set_ttl_positive(¤t_admin.host, 1709*7c478bd9Sstevel@tonic-gate "hosts", 1710*7c478bd9Sstevel@tonic-gate new->host.nsc_pos_ttl) < 0 || 1711*7c478bd9Sstevel@tonic-gate nscd_set_ttl_negative(¤t_admin.host, 1712*7c478bd9Sstevel@tonic-gate "hosts", 1713*7c478bd9Sstevel@tonic-gate new->host.nsc_neg_ttl) < 0 || 1714*7c478bd9Sstevel@tonic-gate nscd_set_khc(¤t_admin.host, 1715*7c478bd9Sstevel@tonic-gate "hosts", 1716*7c478bd9Sstevel@tonic-gate new->host.nsc_keephot) < 0 || 1717*7c478bd9Sstevel@tonic-gate nscd_set_odo(¤t_admin.host, 1718*7c478bd9Sstevel@tonic-gate "hosts", 1719*7c478bd9Sstevel@tonic-gate new->host.nsc_old_data_ok) < 0 || 1720*7c478bd9Sstevel@tonic-gate nscd_set_ec(¤t_admin.host, 1721*7c478bd9Sstevel@tonic-gate "hosts", 1722*7c478bd9Sstevel@tonic-gate new->host.nsc_enabled) < 0 || 1723*7c478bd9Sstevel@tonic-gate nscd_set_ss(¤t_admin.host, 1724*7c478bd9Sstevel@tonic-gate "hosts", 1725*7c478bd9Sstevel@tonic-gate new->host.nsc_suggestedsize) < 0 || 1726*7c478bd9Sstevel@tonic-gate nscd_set_rbac(new, 0) < 0) { 1727*7c478bd9Sstevel@tonic-gate out->nsc_return_code = NOTFOUND; 1728*7c478bd9Sstevel@tonic-gate return (-1); 1729*7c478bd9Sstevel@tonic-gate } 1730*7c478bd9Sstevel@tonic-gate out->nsc_return_code = SUCCESS; 1731*7c478bd9Sstevel@tonic-gate return (0); 1732*7c478bd9Sstevel@tonic-gate } 1733*7c478bd9Sstevel@tonic-gate 1734*7c478bd9Sstevel@tonic-gate void 1735*7c478bd9Sstevel@tonic-gate client_killserver(void) 1736*7c478bd9Sstevel@tonic-gate { 1737*7c478bd9Sstevel@tonic-gate union { 1738*7c478bd9Sstevel@tonic-gate nsc_data_t data; 1739*7c478bd9Sstevel@tonic-gate char space[8192]; 1740*7c478bd9Sstevel@tonic-gate } u; 1741*7c478bd9Sstevel@tonic-gate 1742*7c478bd9Sstevel@tonic-gate nsc_data_t *dptr; 1743*7c478bd9Sstevel@tonic-gate int ndata; 1744*7c478bd9Sstevel@tonic-gate int adata; 1745*7c478bd9Sstevel@tonic-gate 1746*7c478bd9Sstevel@tonic-gate u.data.nsc_call.nsc_callnumber = KILLSERVER; 1747*7c478bd9Sstevel@tonic-gate 1748*7c478bd9Sstevel@tonic-gate ndata = sizeof (u); 1749*7c478bd9Sstevel@tonic-gate adata = sizeof (nsc_call_t); 1750*7c478bd9Sstevel@tonic-gate 1751*7c478bd9Sstevel@tonic-gate dptr = &u.data; 1752*7c478bd9Sstevel@tonic-gate 1753*7c478bd9Sstevel@tonic-gate _nsc_trydoorcall(&dptr, &ndata, &adata); 1754*7c478bd9Sstevel@tonic-gate } 1755*7c478bd9Sstevel@tonic-gate 1756*7c478bd9Sstevel@tonic-gate 1757*7c478bd9Sstevel@tonic-gate static int 1758*7c478bd9Sstevel@tonic-gate client_setadmin(admin_t *ptr) 1759*7c478bd9Sstevel@tonic-gate { 1760*7c478bd9Sstevel@tonic-gate union { 1761*7c478bd9Sstevel@tonic-gate nsc_data_t data; 1762*7c478bd9Sstevel@tonic-gate char space[8192]; 1763*7c478bd9Sstevel@tonic-gate } u; 1764*7c478bd9Sstevel@tonic-gate 1765*7c478bd9Sstevel@tonic-gate nsc_data_t *dptr; 1766*7c478bd9Sstevel@tonic-gate int ndata; 1767*7c478bd9Sstevel@tonic-gate int adata; 1768*7c478bd9Sstevel@tonic-gate 1769*7c478bd9Sstevel@tonic-gate u.data.nsc_call.nsc_callnumber = SETADMIN; 1770*7c478bd9Sstevel@tonic-gate 1771*7c478bd9Sstevel@tonic-gate (void) memcpy(u.data.nsc_call.nsc_u.name, ptr, sizeof (*ptr)); 1772*7c478bd9Sstevel@tonic-gate 1773*7c478bd9Sstevel@tonic-gate ndata = sizeof (u); 1774*7c478bd9Sstevel@tonic-gate adata = sizeof (*ptr); 1775*7c478bd9Sstevel@tonic-gate 1776*7c478bd9Sstevel@tonic-gate dptr = &u.data; 1777*7c478bd9Sstevel@tonic-gate 1778*7c478bd9Sstevel@tonic-gate if (_nsc_trydoorcall(&dptr, &ndata, &adata) != SUCCESS) { 1779*7c478bd9Sstevel@tonic-gate return (-1); 1780*7c478bd9Sstevel@tonic-gate } 1781*7c478bd9Sstevel@tonic-gate 1782*7c478bd9Sstevel@tonic-gate return (0); 1783*7c478bd9Sstevel@tonic-gate } 1784*7c478bd9Sstevel@tonic-gate 1785*7c478bd9Sstevel@tonic-gate static void 1786*7c478bd9Sstevel@tonic-gate dump_stat(nsc_stat_t *ptr) 1787*7c478bd9Sstevel@tonic-gate { 1788*7c478bd9Sstevel@tonic-gate double hitrate; 1789*7c478bd9Sstevel@tonic-gate (void) printf("%10s cache is enabled\n", 1790*7c478bd9Sstevel@tonic-gate (ptr->nsc_enabled?"Yes":"No")); 1791*7c478bd9Sstevel@tonic-gate (void) printf("%10d cache hits on positive entries\n", 1792*7c478bd9Sstevel@tonic-gate ptr->nsc_pos_cache_hits); 1793*7c478bd9Sstevel@tonic-gate (void) printf("%10d cache hits on negative entries\n", 1794*7c478bd9Sstevel@tonic-gate ptr->nsc_neg_cache_hits); 1795*7c478bd9Sstevel@tonic-gate (void) printf("%10d cache misses on positive entries\n", 1796*7c478bd9Sstevel@tonic-gate ptr->nsc_pos_cache_misses); 1797*7c478bd9Sstevel@tonic-gate (void) printf("%10d cache misses on negative entries\n", 1798*7c478bd9Sstevel@tonic-gate ptr->nsc_neg_cache_misses); 1799*7c478bd9Sstevel@tonic-gate hitrate = ptr->nsc_pos_cache_misses + ptr->nsc_neg_cache_misses + 1800*7c478bd9Sstevel@tonic-gate ptr->nsc_pos_cache_hits + ptr->nsc_neg_cache_hits; 1801*7c478bd9Sstevel@tonic-gate 1802*7c478bd9Sstevel@tonic-gate if (hitrate > 0.0) 1803*7c478bd9Sstevel@tonic-gate hitrate = (100.0 * ((double)ptr->nsc_pos_cache_hits + 1804*7c478bd9Sstevel@tonic-gate (double)ptr->nsc_neg_cache_hits))/hitrate; 1805*7c478bd9Sstevel@tonic-gate 1806*7c478bd9Sstevel@tonic-gate (void) printf("%10.1f%% cache hit rate\n", hitrate); 1807*7c478bd9Sstevel@tonic-gate (void) printf("%10d queries deferred\n", ptr->nsc_throttle_count); 1808*7c478bd9Sstevel@tonic-gate (void) printf("%10d total entries\n", ptr->nsc_entries); 1809*7c478bd9Sstevel@tonic-gate (void) printf("%10d complete cache invalidations\n", 1810*7c478bd9Sstevel@tonic-gate ptr->nsc_invalidate_count); 1811*7c478bd9Sstevel@tonic-gate (void) printf("%10d suggested size\n", ptr->nsc_suggestedsize); 1812*7c478bd9Sstevel@tonic-gate (void) printf("%10d seconds time to live for positive entries\n", 1813*7c478bd9Sstevel@tonic-gate ptr->nsc_pos_ttl); 1814*7c478bd9Sstevel@tonic-gate (void) printf("%10d seconds time to live for negative entries\n", 1815*7c478bd9Sstevel@tonic-gate ptr->nsc_neg_ttl); 1816*7c478bd9Sstevel@tonic-gate (void) printf("%10d most active entries to be kept valid\n", 1817*7c478bd9Sstevel@tonic-gate ptr->nsc_keephot); 1818*7c478bd9Sstevel@tonic-gate (void) printf("%10s check /etc/{passwd, group, hosts, inet/ipnodes} " 1819*7c478bd9Sstevel@tonic-gate "file for changes\n", 1820*7c478bd9Sstevel@tonic-gate (ptr->nsc_check_files?"Yes":"No")); 1821*7c478bd9Sstevel@tonic-gate 1822*7c478bd9Sstevel@tonic-gate (void) printf("%10s use possibly stale data rather than waiting for " 1823*7c478bd9Sstevel@tonic-gate "refresh\n", 1824*7c478bd9Sstevel@tonic-gate (ptr->nsc_old_data_ok?"Yes":"No")); 1825*7c478bd9Sstevel@tonic-gate } 1826*7c478bd9Sstevel@tonic-gate 1827*7c478bd9Sstevel@tonic-gate static void 1828*7c478bd9Sstevel@tonic-gate client_showstats(admin_t *ptr) 1829*7c478bd9Sstevel@tonic-gate { 1830*7c478bd9Sstevel@tonic-gate 1831*7c478bd9Sstevel@tonic-gate (void) printf("nscd configuration:\n\n"); 1832*7c478bd9Sstevel@tonic-gate (void) printf("%10d server debug level\n", ptr->debug_level); 1833*7c478bd9Sstevel@tonic-gate (void) printf("\"%s\" is server log file\n", ptr->logfile); 1834*7c478bd9Sstevel@tonic-gate 1835*7c478bd9Sstevel@tonic-gate (void) printf("\npasswd cache:\n\n"); 1836*7c478bd9Sstevel@tonic-gate dump_stat(&(ptr->passwd)); 1837*7c478bd9Sstevel@tonic-gate (void) printf("\ngroup cache:\n\n"); 1838*7c478bd9Sstevel@tonic-gate dump_stat(&(ptr->group)); 1839*7c478bd9Sstevel@tonic-gate (void) printf("\nhosts cache:\n\n"); 1840*7c478bd9Sstevel@tonic-gate dump_stat(&(ptr->host)); 1841*7c478bd9Sstevel@tonic-gate (void) printf("\nipnodes cache:\n\n"); 1842*7c478bd9Sstevel@tonic-gate dump_stat(&(ptr->node)); 1843*7c478bd9Sstevel@tonic-gate (void) printf("\nexec_attr cache:\n\n"); 1844*7c478bd9Sstevel@tonic-gate dump_stat(&(ptr->exec)); 1845*7c478bd9Sstevel@tonic-gate (void) printf("\nprof_attr cache:\n\n"); 1846*7c478bd9Sstevel@tonic-gate dump_stat(&(ptr->prof)); 1847*7c478bd9Sstevel@tonic-gate (void) printf("\nuser_attr cache:\n\n"); 1848*7c478bd9Sstevel@tonic-gate dump_stat(&(ptr->user)); 1849*7c478bd9Sstevel@tonic-gate } 1850*7c478bd9Sstevel@tonic-gate 1851*7c478bd9Sstevel@tonic-gate 1852*7c478bd9Sstevel@tonic-gate 1853*7c478bd9Sstevel@tonic-gate /* 1854*7c478bd9Sstevel@tonic-gate * detach from tty 1855*7c478bd9Sstevel@tonic-gate */ 1856*7c478bd9Sstevel@tonic-gate static void 1857*7c478bd9Sstevel@tonic-gate detachfromtty(void) 1858*7c478bd9Sstevel@tonic-gate { 1859*7c478bd9Sstevel@tonic-gate if (logfd > 0) { 1860*7c478bd9Sstevel@tonic-gate int i; 1861*7c478bd9Sstevel@tonic-gate for (i = 0; i < logfd; i++) 1862*7c478bd9Sstevel@tonic-gate (void) close(i); 1863*7c478bd9Sstevel@tonic-gate closefrom(logfd+1); 1864*7c478bd9Sstevel@tonic-gate } else 1865*7c478bd9Sstevel@tonic-gate closefrom(0); 1866*7c478bd9Sstevel@tonic-gate 1867*7c478bd9Sstevel@tonic-gate (void) chdir("/"); 1868*7c478bd9Sstevel@tonic-gate 1869*7c478bd9Sstevel@tonic-gate switch (fork1()) { 1870*7c478bd9Sstevel@tonic-gate case (pid_t)-1: 1871*7c478bd9Sstevel@tonic-gate exit(1); 1872*7c478bd9Sstevel@tonic-gate break; 1873*7c478bd9Sstevel@tonic-gate case 0: 1874*7c478bd9Sstevel@tonic-gate break; 1875*7c478bd9Sstevel@tonic-gate default: 1876*7c478bd9Sstevel@tonic-gate exit(0); 1877*7c478bd9Sstevel@tonic-gate } 1878*7c478bd9Sstevel@tonic-gate (void) setsid(); 1879*7c478bd9Sstevel@tonic-gate (void) open("/dev/null", O_RDWR, 0); 1880*7c478bd9Sstevel@tonic-gate (void) dup(0); 1881*7c478bd9Sstevel@tonic-gate (void) dup(0); 1882*7c478bd9Sstevel@tonic-gate } 1883