4 * Copyright (c) 2000 The Regents of the University of Michigan.
7 * Copyright (c) 2000 Dug Song <dugsong@UMICH.EDU>.
8 * Copyright (c) 2002 Andy Adamson <andros@UMICH.EDU>.
9 * Copyright (c) 2002 Marius Aamodt Eriksen <marius@UMICH.EDU>.
10 * Copyright (c) 2002 J. Bruce Fields <bfields@UMICH.EDU>.
12 * All rights reserved, all wrongs reversed.
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
18 * 1. Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 * 2. Redistributions in binary form must reproduce the above copyright
21 * notice, this list of conditions and the following disclaimer in the
22 * documentation and/or other materials provided with the distribution.
23 * 3. Neither the name of the University nor the names of its
24 * contributors may be used to endorse or promote products derived
25 * from this software without specific prior written permission.
27 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
28 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
29 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
30 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
34 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
35 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
36 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
37 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
42 #include <sys/param.h>
43 #include <sys/types.h>
45 #include <sys/socket.h>
61 #include "lustre_ver.h"
70 DIR *dir = opendir("/proc/self/fd");
75 while ((d = readdir(dir)) != NULL) {
77 long n = strtol(d->d_name, &endp, 10);
78 if (*endp != '\0' && n >= min && n != dfd)
83 int fd = sysconf(_SC_OPEN_MAX);
90 * mydaemon creates a pipe between the partent and child
91 * process. The parent process will wait until the
92 * child dies or writes a '1' on the pipe signaling
93 * that it started successfully.
95 int pipefds[2] = { -1, -1};
98 mydaemon(int nochdir, int noclose)
100 int pid, status, tempfd;
102 if (pipe(pipefds) < 0) {
103 printerr(1, "mydaemon: pipe() failed: errno %d (%s)\n",
104 errno, strerror(errno));
107 if ((pid = fork ()) < 0) {
108 printerr(1, "mydaemon: fork() failed: errno %d (%s)\n",
109 errno, strerror(errno));
115 * Parent. Wait for status from child.
118 if (read(pipefds[0], &status, 1) != 1)
126 if (chdir ("/") == -1) {
127 printerr(1, "mydaemon: chdir() failed: errno %d (%s)\n",
128 errno, strerror(errno));
133 while (pipefds[1] <= 2) {
134 pipefds[1] = dup(pipefds[1]);
135 if (pipefds[1] < 0) {
136 printerr(1, "mydaemon: dup() failed: errno %d (%s)\n",
137 errno, strerror(errno));
143 tempfd = open("/dev/null", O_RDWR);
157 ssize_t sret __attribute__ ((unused));
159 if (pipefds[1] > 0) {
160 sret = write(pipefds[1], &status, 1);
169 /* destroy krb5 machine creds */
171 printerr(1, "exiting on signal %d\n", signal);
178 /* don't exit on SIGHUP */
179 printerr(1, "Received SIGHUP... Ignoring.\n");
184 usage(FILE *fp, char *progname)
186 fprintf(fp, "usage: %s [ -fnvmogk ]\n",
188 fprintf(stderr, "-f - Run in foreground\n");
189 fprintf(stderr, "-n - Don't establish kerberos credentials\n");
190 fprintf(stderr, "-v - Verbosity\n");
191 fprintf(stderr, "-m - Service MDS\n");
192 fprintf(stderr, "-o - Service OSS\n");
193 fprintf(stderr, "-g - Service MGS\n");
194 fprintf(stderr, "-k - Enable kerberos support\n");
195 #ifdef HAVE_OPENSSL_SSK
196 fprintf(stderr, "-s - Enable shared secret key support\n");
198 fprintf(stderr, "-z - Enable gssnull support\n");
204 main(int argc, char *argv[])
210 int must_srv_mds = 0, must_srv_oss = 0, must_srv_mgs = 0;
213 while ((opt = getopt(argc, argv, "fnvmogksz")) != -1) {
240 usage(stdout, argv[0]);
243 #ifdef HAVE_OPENSSL_SSK
246 fprintf(stderr, "error: request for SSK but service "
247 "support not enabled\n");
248 usage(stderr, argv[0]);
255 usage(stderr, argv[0]);
260 if ((progname = strrchr(argv[0], '/')))
265 if (!sk_enabled && !krb_enabled && !null_enabled) {
266 #if LUSTRE_VERSION_CODE < OBD_OCD_VERSION(3, 0, 53, 0)
267 fprintf(stderr, "warning: no -k, -s, or -z option given, "
268 "assume -k for backward compatibility\n");
271 fprintf(stderr, "error: need one of -k, -s, or -z options\n");
272 usage(stderr, argv[0]);
276 initerr(progname, verbosity, fg);
278 /* For kerberos use gss mechanisms but ignore for sk and null */
280 if (gssd_check_mechs()) {
281 printerr(0, "ERROR: problem with gssapi library\n");
284 if (gssd_get_local_realm()) {
285 printerr(0, "ERROR: Can't get Local Kerberos realm\n");
290 gssd_prepare_creds(must_srv_mgs, must_srv_mds,
292 printerr(0, "unable to obtain root (machine) "
294 printerr(0, "do you have a keytab entry for "
295 "<lustre_xxs>/<your.host>@<YOUR.REALM> in "
296 "/etc/krb5.keytab?\n");
305 * XXX: There is risk of memory leak for missing call
306 * cleanup_mapping() for SIGKILL and SIGSTOP.
308 signal(SIGINT, sig_die);
309 signal(SIGTERM, sig_die);
310 signal(SIGHUP, sig_hup);
315 gssd_init_unique(GSSD_SVC);
319 printerr(0, "gssd_run returned!\n");