2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1989, 1993
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
8 * Herb Hasler and Rick Macklem at The University of Guelph.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36 static const char copyright[] =
37 "@(#) Copyright (c) 1989, 1993\n\
38 The Regents of the University of California. All rights reserved.\n";
43 static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95";
47 #include <sys/cdefs.h>
48 __FBSDID("$FreeBSD$");
50 #include <sys/param.h>
51 #include <sys/fcntl.h>
52 #include <sys/linker.h>
53 #include <sys/module.h>
54 #include <sys/mount.h>
55 #include <sys/queue.h>
57 #include <sys/sysctl.h>
58 #include <sys/syslog.h>
61 #include <rpc/rpc_com.h>
62 #include <rpc/pmap_clnt.h>
63 #include <rpc/pmap_prot.h>
64 #include <rpcsvc/mount.h>
65 #include <nfs/nfsproto.h>
66 #include <nfs/nfssvc.h>
67 #include <nfsserver/nfs.h>
69 #include <fs/nfs/nfsport.h>
71 #include <arpa/inet.h>
86 #include "pathnames.h"
94 * Structures for keeping the mount list and export list
97 char ml_host[MNTNAMLEN+1];
98 char ml_dirp[MNTPATHLEN+1];
100 SLIST_ENTRY(mountlist) next;
104 struct dirlist *dp_left;
105 struct dirlist *dp_right;
107 struct hostlist *dp_hosts; /* List of hosts this dir exported to */
111 #define DP_DEFSET 0x1
112 #define DP_HOSTSET 0x2
115 struct dirlist *ex_dirl;
116 struct dirlist *ex_defdir;
121 int ex_numsecflavors;
122 int ex_secflavors[MAXSECFLAVORS];
123 int ex_defnumsecflavors;
124 int ex_defsecflavors[MAXSECFLAVORS];
126 SLIST_ENTRY(exportlist) entries;
129 #define EX_LINKED 0x1
131 SLIST_HEAD(exportlisthead, exportlist);
134 struct sockaddr_storage nt_net;
135 struct sockaddr_storage nt_mask;
140 struct addrinfo *gt_addrinfo;
141 struct netmsk gt_net;
146 union grouptypes gr_ptr;
147 struct grouplist *gr_next;
148 int gr_numsecflavors;
149 int gr_secflavors[MAXSECFLAVORS];
155 #define GT_DEFAULT 0x3
156 #define GT_IGNORE 0x5
159 int ht_flag; /* Uses DP_xx bits */
160 struct grouplist *ht_grp;
161 struct hostlist *ht_next;
168 int fhr_numsecflavors;
172 #define GETPORT_MAXTRY 20 /* Max tries to get a port # */
175 static char *add_expdir(struct dirlist **, char *, int);
176 static void add_dlist(struct dirlist **, struct dirlist *,
177 struct grouplist *, int, struct exportlist *);
178 static void add_mlist(char *, char *);
179 static int check_dirpath(char *);
180 static int check_options(struct dirlist *);
181 static int checkmask(struct sockaddr *sa);
182 static int chk_host(struct dirlist *, struct sockaddr *, int *, int *,
184 static char *strsep_quote(char **stringp, const char *delim);
185 static int create_service(struct netconfig *nconf);
186 static void complete_service(struct netconfig *nconf, char *port_str);
187 static void clearout_service(void);
188 static void del_mlist(char *hostp, char *dirp);
189 static struct dirlist *dirp_search(struct dirlist *, char *);
190 static int do_mount(struct exportlist *, struct grouplist *, int,
191 struct xucred *, char *, int, struct statfs *);
192 static int do_opt(char **, char **, struct exportlist *,
193 struct grouplist *, int *, int *, struct xucred *);
194 static struct exportlist *ex_search(fsid_t *, struct exportlisthead *);
195 static struct exportlist *get_exp(void);
196 static void free_dir(struct dirlist *);
197 static void free_exp(struct exportlist *);
198 static void free_grp(struct grouplist *);
199 static void free_host(struct hostlist *);
200 static void get_exportlist(void);
201 static void insert_exports(struct exportlist *, struct exportlisthead *);
202 static void free_exports(struct exportlisthead *);
203 static void read_exportfile(void);
204 static void delete_export(struct iovec *, int, struct statfs *, char *);
205 static int get_host(char *, struct grouplist *, struct grouplist *);
206 static struct hostlist *get_ht(void);
207 static int get_line(void);
208 static void get_mountlist(void);
209 static int get_net(char *, struct netmsk *, int);
210 static void getexp_err(struct exportlist *, struct grouplist *, const char *);
211 static struct grouplist *get_grp(void);
212 static void hang_dirp(struct dirlist *, struct grouplist *,
213 struct exportlist *, int);
214 static void huphandler(int sig);
215 static int makemask(struct sockaddr_storage *ssp, int bitlen);
216 static void mntsrv(struct svc_req *, SVCXPRT *);
217 static void nextfield(char **, char **);
218 static void out_of_mem(void);
219 static void parsecred(char *, struct xucred *);
220 static int parsesec(char *, struct exportlist *);
221 static int put_exlist(struct dirlist *, XDR *, struct dirlist *,
223 static void *sa_rawaddr(struct sockaddr *sa, int *nbytes);
224 static int sacmp(struct sockaddr *sa1, struct sockaddr *sa2,
225 struct sockaddr *samask);
226 static int scan_tree(struct dirlist *, struct sockaddr *);
227 static void usage(void);
228 static int xdr_dir(XDR *, char *);
229 static int xdr_explist(XDR *, caddr_t);
230 static int xdr_explist_brief(XDR *, caddr_t);
231 static int xdr_explist_common(XDR *, caddr_t, int);
232 static int xdr_fhs(XDR *, caddr_t);
233 static int xdr_mlist(XDR *, caddr_t);
234 static void terminate(int);
236 static struct exportlisthead exphead = SLIST_HEAD_INITIALIZER(&exphead);
237 static SLIST_HEAD(, mountlist) mlhead = SLIST_HEAD_INITIALIZER(&mlhead);
238 static struct grouplist *grphead;
239 static char *exnames_default[2] = { _PATH_EXPORTS, NULL };
240 static char **exnames;
241 static char **hosts = NULL;
242 static struct xucred def_anon = {
249 static int force_v2 = 0;
250 static int resvport_only = 1;
251 static int nhosts = 0;
252 static int dir_only = 1;
253 static int dolog = 0;
254 static int got_sighup = 0;
255 static int xcreated = 0;
257 static char *svcport_str = NULL;
258 static int mallocd_svcport = 0;
260 static int sock_fdcnt;
261 static int sock_fdpos;
262 static int suspend_nfsd = 0;
264 static int opt_flags;
265 static int have_v6 = 1;
267 static int v4root_phase = 0;
268 static char v4root_dirpath[PATH_MAX + 1];
269 static int has_publicfh = 0;
271 static struct pidfh *pfh = NULL;
272 /* Bits for opt_flags above */
273 #define OP_MAPROOT 0x01
274 #define OP_MAPALL 0x02
278 #define OP_ALLDIRS 0x40
279 #define OP_HAVEMASK 0x80 /* A mask was specified or inferred. */
280 #define OP_QUIET 0x100
281 #define OP_MASKLEN 0x200
285 static int debug = 1;
286 static void SYSLOG(int, const char *, ...) __printflike(2, 3);
287 #define syslog SYSLOG
289 static int debug = 0;
293 * Similar to strsep(), but it allows for quoted strings
294 * and escaped characters.
296 * It returns the string (or NULL, if *stringp is NULL),
297 * which is a de-quoted version of the string if necessary.
299 * It modifies *stringp in place.
302 strsep_quote(char **stringp, const char *delim)
304 char *srcptr, *dstptr, *retval;
307 if (stringp == NULL || *stringp == NULL)
310 srcptr = dstptr = retval = *stringp;
314 * We're looking for several edge cases here.
315 * First: if we're in quote state (quot != 0),
316 * then we ignore the delim characters, but otherwise
317 * process as normal, unless it is the quote character.
318 * Second: if the current character is a backslash,
319 * we take the next character as-is, without checking
320 * for delim, quote, or backslash. Exception: if the
321 * next character is a NUL, that's the end of the string.
322 * Third: if the character is a quote character, we toggle
324 * Otherwise: check the current character for NUL, or
325 * being in delim, and end the string if either is true.
327 if (*srcptr == '\\') {
330 * The edge case here is if the next character
331 * is NUL, we want to stop processing. But if
332 * it's not NUL, then we simply want to copy it.
335 *dstptr++ = *srcptr++;
339 if (quot == 0 && (*srcptr == '\'' || *srcptr == '"')) {
343 if (quot && *srcptr == quot) {
344 /* End of the quoted part */
349 if (!quot && strchr(delim, *srcptr))
351 *dstptr++ = *srcptr++;
354 *dstptr = 0; /* Terminate the string */
355 *stringp = (*srcptr == '\0') ? NULL : srcptr + 1;
360 * Mountd server for NFS mount protocol as described in:
361 * NFS: Network File System Protocol Specification, RFC1094, Appendix A
362 * The optional arguments are the exports file name
363 * default: _PATH_EXPORTS
364 * and "-n" to allow nonroot mount.
367 main(int argc, char **argv)
370 struct netconfig *nconf;
371 char *endptr, **hosts_bak;
376 int maxrec = RPC_MAXDATASIZE;
377 int attempt_cnt, port_len, port_pos, ret;
380 /* Check that another mountd isn't already running. */
381 pfh = pidfile_open(_PATH_MOUNTDPID, 0600, &otherpid);
384 errx(1, "mountd already running, pid: %d.", otherpid);
385 warn("cannot open or create pidfile");
388 s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
394 while ((c = getopt(argc, argv, "2deh:lnp:rS")) != -1)
400 /* now a no-op, since this is the default */
409 debug = debug ? 0 : 1;
416 svcport = (in_port_t)strtoul(optarg, &endptr, 10);
417 if (endptr == NULL || *endptr != '\0' ||
418 svcport == 0 || svcport >= IPPORT_MAX)
420 svcport_str = strdup(optarg);
425 hosts_bak = realloc(hosts, nhosts * sizeof(char *));
426 if (hosts_bak == NULL) {
428 for (k = 0; k < nhosts; k++)
435 hosts[nhosts - 1] = strdup(optarg);
436 if (hosts[nhosts - 1] == NULL) {
437 for (k = 0; k < (nhosts - 1); k++)
450 if (modfind("nfsd") < 0) {
451 /* Not present in kernel, try loading it */
452 if (kldload("nfsd") < 0 || modfind("nfsd") < 0)
453 errx(1, "NFS server is not available");
458 grphead = (struct grouplist *)NULL;
462 exnames = exnames_default;
463 openlog("mountd", LOG_PID, LOG_DAEMON);
465 warnx("getting export list");
468 warnx("getting mount list");
474 signal(SIGINT, SIG_IGN);
475 signal(SIGQUIT, SIG_IGN);
477 signal(SIGHUP, huphandler);
478 signal(SIGTERM, terminate);
479 signal(SIGPIPE, SIG_IGN);
483 rpcb_unset(MOUNTPROG, MOUNTVERS, NULL);
484 rpcb_unset(MOUNTPROG, MOUNTVERS3, NULL);
485 rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec);
487 if (!resvport_only) {
488 if (sysctlbyname("vfs.nfsd.nfs_privport", NULL, NULL,
489 &resvport_only, sizeof(resvport_only)) != 0 &&
491 syslog(LOG_ERR, "sysctl: %m");
497 * If no hosts were specified, add a wildcard entry to bind to
498 * INADDR_ANY. Otherwise make sure 127.0.0.1 and ::1 are added to the
502 hosts = malloc(sizeof(char *));
510 hosts_bak = realloc(hosts, (nhosts + 2) *
512 if (hosts_bak == NULL) {
513 for (k = 0; k < nhosts; k++)
520 hosts[nhosts - 2] = "::1";
522 hosts_bak = realloc(hosts, (nhosts + 1) * sizeof(char *));
523 if (hosts_bak == NULL) {
524 for (k = 0; k < nhosts; k++)
534 hosts[nhosts - 1] = "127.0.0.1";
542 nc_handle = setnetconfig();
543 while ((nconf = getnetconfig(nc_handle))) {
544 if (nconf->nc_flag & NC_VISIBLE) {
545 if (have_v6 == 0 && strcmp(nconf->nc_protofmly,
549 ret = create_service(nconf);
551 /* Ignore this call */
555 * Failed to bind port, so close off
556 * all sockets created and try again
557 * if the port# was dynamically
558 * assigned via bind(2).
561 if (mallocd_svcport != 0 &&
562 attempt_cnt < GETPORT_MAXTRY) {
569 "bindresvport_sa: %m");
573 /* Start over at the first service. */
577 nc_handle = setnetconfig();
579 } else if (mallocd_svcport != 0 &&
580 attempt_cnt == GETPORT_MAXTRY) {
582 * For the last attempt, allow
583 * different port #s for each nconf
584 * by saving the svcport_str and
585 * setting it back to NULL.
587 port_list = realloc(port_list,
588 (port_len + 1) * sizeof(char *));
589 if (port_list == NULL)
591 port_list[port_len++] = svcport_str;
600 * Successfully bound the ports, so call complete_service() to
601 * do the rest of the setup on the service(s).
605 nc_handle = setnetconfig();
606 while ((nconf = getnetconfig(nc_handle))) {
607 if (nconf->nc_flag & NC_VISIBLE) {
608 if (have_v6 == 0 && strcmp(nconf->nc_protofmly,
611 } else if (port_list != NULL) {
612 if (port_pos >= port_len) {
613 syslog(LOG_ERR, "too many port#s");
616 complete_service(nconf, port_list[port_pos++]);
618 complete_service(nconf, svcport_str);
621 endnetconfig(nc_handle);
623 if (port_list != NULL) {
624 for (port_pos = 0; port_pos < port_len; port_pos++)
625 free(port_list[port_pos]);
630 syslog(LOG_ERR, "could not create any services");
634 /* Expand svc_run() here so that we can call get_exportlist(). */
641 switch (select(svc_maxfd + 1, &readfds, NULL, NULL, NULL)) {
645 syslog(LOG_ERR, "mountd died: select: %m");
650 svc_getreqset(&readfds);
656 * This routine creates and binds sockets on the appropriate
657 * addresses. It gets called one time for each transport.
658 * It returns 0 upon success, 1 for ingore the call and -1 to indicate
659 * bind failed with EADDRINUSE.
660 * Any file descriptors that have been created are stored in sock_fd and
661 * the total count of them is maintained in sock_fdcnt.
664 create_service(struct netconfig *nconf)
666 struct addrinfo hints, *res = NULL;
667 struct sockaddr_in *sin;
668 struct sockaddr_in6 *sin6;
669 struct __rpc_sockinfo si;
675 u_int32_t host_addr[4]; /* IPv4 or IPv6 */
678 if ((nconf->nc_semantics != NC_TPI_CLTS) &&
679 (nconf->nc_semantics != NC_TPI_COTS) &&
680 (nconf->nc_semantics != NC_TPI_COTS_ORD))
681 return (1); /* not my type */
684 * XXX - using RPC library internal functions.
686 if (!__rpc_nconf2sockinfo(nconf, &si)) {
687 syslog(LOG_ERR, "cannot get information for %s",
692 /* Get mountd's address on this transport */
693 memset(&hints, 0, sizeof hints);
694 hints.ai_family = si.si_af;
695 hints.ai_socktype = si.si_socktype;
696 hints.ai_protocol = si.si_proto;
699 * Bind to specific IPs if asked to
702 while (nhostsbak > 0) {
704 sock_fd = realloc(sock_fd, (sock_fdcnt + 1) * sizeof(int));
707 sock_fd[sock_fdcnt++] = -1; /* Set invalid for now. */
710 hints.ai_flags = AI_PASSIVE;
713 * XXX - using RPC library internal functions.
715 if ((fd = __rpc_nconf2fd(nconf)) < 0) {
717 if (errno == EAFNOSUPPORT &&
718 nconf->nc_semantics != NC_TPI_CLTS)
721 syslog(non_fatal ? LOG_DEBUG : LOG_ERR,
722 "cannot create socket for %s", nconf->nc_netid);
728 switch (hints.ai_family) {
730 if (inet_pton(AF_INET, hosts[nhostsbak],
732 hints.ai_flags |= AI_NUMERICHOST;
735 * Skip if we have an AF_INET6 address.
737 if (inet_pton(AF_INET6, hosts[nhostsbak],
745 if (inet_pton(AF_INET6, hosts[nhostsbak],
747 hints.ai_flags |= AI_NUMERICHOST;
750 * Skip if we have an AF_INET address.
752 if (inet_pton(AF_INET, hosts[nhostsbak],
760 * We're doing host-based access checks here, so don't
761 * allow v4-in-v6 to confuse things. The kernel will
762 * disable it by default on NFS sockets too.
764 if (setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &one,
767 "can't disable v4-in-v6 on IPv6 socket");
776 * If no hosts were specified, just bind to INADDR_ANY
778 if (strcmp("*", hosts[nhostsbak]) == 0) {
779 if (svcport_str == NULL) {
780 res = malloc(sizeof(struct addrinfo));
784 res->ai_flags = hints.ai_flags;
785 res->ai_family = hints.ai_family;
786 res->ai_protocol = hints.ai_protocol;
787 switch (res->ai_family) {
789 sin = malloc(sizeof(struct sockaddr_in));
792 sin->sin_family = AF_INET;
793 sin->sin_port = htons(0);
794 sin->sin_addr.s_addr = htonl(INADDR_ANY);
795 res->ai_addr = (struct sockaddr*) sin;
796 res->ai_addrlen = (socklen_t)
797 sizeof(struct sockaddr_in);
800 sin6 = malloc(sizeof(struct sockaddr_in6));
803 sin6->sin6_family = AF_INET6;
804 sin6->sin6_port = htons(0);
805 sin6->sin6_addr = in6addr_any;
806 res->ai_addr = (struct sockaddr*) sin6;
807 res->ai_addrlen = (socklen_t)
808 sizeof(struct sockaddr_in6);
811 syslog(LOG_ERR, "bad addr fam %d",
816 if ((aicode = getaddrinfo(NULL, svcport_str,
817 &hints, &res)) != 0) {
819 "cannot get local address for %s: %s",
821 gai_strerror(aicode));
827 if ((aicode = getaddrinfo(hosts[nhostsbak], svcport_str,
828 &hints, &res)) != 0) {
830 "cannot get local address for %s: %s",
831 nconf->nc_netid, gai_strerror(aicode));
838 sock_fd[sock_fdcnt - 1] = fd;
840 /* Now, attempt the bind. */
841 r = bindresvport_sa(fd, res->ai_addr);
843 if (errno == EADDRINUSE && mallocd_svcport != 0) {
844 if (mallocd_res != 0) {
851 syslog(LOG_ERR, "bindresvport_sa: %m");
855 if (svcport_str == NULL) {
856 svcport_str = malloc(NI_MAXSERV * sizeof(char));
857 if (svcport_str == NULL)
861 if (getnameinfo(res->ai_addr,
862 res->ai_addr->sa_len, NULL, NI_MAXHOST,
863 svcport_str, NI_MAXSERV * sizeof(char),
864 NI_NUMERICHOST | NI_NUMERICSERV))
865 errx(1, "Cannot get port number");
867 if (mallocd_res != 0) {
878 * Called after all the create_service() calls have succeeded, to complete
879 * the setup and registration.
882 complete_service(struct netconfig *nconf, char *port_str)
884 struct addrinfo hints, *res = NULL;
885 struct __rpc_sockinfo si;
886 struct netbuf servaddr;
887 SVCXPRT *transp = NULL;
888 int aicode, fd, nhostsbak;
891 if ((nconf->nc_semantics != NC_TPI_CLTS) &&
892 (nconf->nc_semantics != NC_TPI_COTS) &&
893 (nconf->nc_semantics != NC_TPI_COTS_ORD))
894 return; /* not my type */
897 * XXX - using RPC library internal functions.
899 if (!__rpc_nconf2sockinfo(nconf, &si)) {
900 syslog(LOG_ERR, "cannot get information for %s",
906 while (nhostsbak > 0) {
908 if (sock_fdpos >= sock_fdcnt) {
909 /* Should never happen. */
910 syslog(LOG_ERR, "Ran out of socket fd's");
913 fd = sock_fd[sock_fdpos++];
918 * Using -1 tells listen(2) to use
919 * kern.ipc.soacceptqueue for the backlog.
921 if (nconf->nc_semantics != NC_TPI_CLTS)
924 if (nconf->nc_semantics == NC_TPI_CLTS )
925 transp = svc_dg_create(fd, 0, 0);
927 transp = svc_vc_create(fd, RPC_MAXDATASIZE,
930 if (transp != (SVCXPRT *) NULL) {
931 if (!svc_reg(transp, MOUNTPROG, MOUNTVERS, mntsrv,
934 "can't register %s MOUNTVERS service",
937 if (!svc_reg(transp, MOUNTPROG, MOUNTVERS3,
940 "can't register %s MOUNTVERS3 service",
944 syslog(LOG_WARNING, "can't create %s services",
947 if (registered == 0) {
949 memset(&hints, 0, sizeof hints);
950 hints.ai_flags = AI_PASSIVE;
951 hints.ai_family = si.si_af;
952 hints.ai_socktype = si.si_socktype;
953 hints.ai_protocol = si.si_proto;
955 if ((aicode = getaddrinfo(NULL, port_str, &hints,
957 syslog(LOG_ERR, "cannot get local address: %s",
958 gai_strerror(aicode));
962 servaddr.buf = malloc(res->ai_addrlen);
963 memcpy(servaddr.buf, res->ai_addr, res->ai_addrlen);
964 servaddr.len = res->ai_addrlen;
966 rpcb_set(MOUNTPROG, MOUNTVERS, nconf, &servaddr);
967 rpcb_set(MOUNTPROG, MOUNTVERS3, nconf, &servaddr);
976 * Clear out sockets after a failure to bind one of them, so that the
977 * cycle of socket creation/binding can start anew.
980 clearout_service(void)
984 for (i = 0; i < sock_fdcnt; i++) {
985 if (sock_fd[i] >= 0) {
986 shutdown(sock_fd[i], SHUT_RDWR);
996 "usage: mountd [-2] [-d] [-e] [-l] [-n] [-p <port>] [-r] "
997 "[-S] [-h <bindip>] [export_file ...]\n");
1002 * The mount rpc service
1005 mntsrv(struct svc_req *rqstp, SVCXPRT *transp)
1007 struct exportlist *ep;
1009 struct fhreturn fhr;
1012 char host[NI_MAXHOST], numerichost[NI_MAXHOST];
1013 int lookup_failed = 1;
1014 struct sockaddr *saddr;
1016 char rpcpath[MNTPATHLEN + 1], dirpath[MAXPATHLEN];
1017 int bad = 0, defset, hostset;
1018 sigset_t sighup_mask;
1019 int numsecflavors, *secflavorsp;
1021 sigemptyset(&sighup_mask);
1022 sigaddset(&sighup_mask, SIGHUP);
1023 saddr = svc_getrpccaller(transp)->buf;
1024 switch (saddr->sa_family) {
1026 sport = ntohs(((struct sockaddr_in6 *)saddr)->sin6_port);
1029 sport = ntohs(((struct sockaddr_in *)saddr)->sin_port);
1032 syslog(LOG_ERR, "request from unknown address family");
1035 switch (rqstp->rq_proc) {
1037 case MOUNTPROC_UMNT:
1038 case MOUNTPROC_UMNTALL:
1039 lookup_failed = getnameinfo(saddr, saddr->sa_len, host,
1040 sizeof host, NULL, 0, 0);
1042 getnameinfo(saddr, saddr->sa_len, numerichost,
1043 sizeof numerichost, NULL, 0, NI_NUMERICHOST);
1044 switch (rqstp->rq_proc) {
1046 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
1047 syslog(LOG_ERR, "can't send reply");
1050 if (sport >= IPPORT_RESERVED && resvport_only) {
1052 "mount request from %s from unprivileged port",
1054 svcerr_weakauth(transp);
1057 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
1058 syslog(LOG_NOTICE, "undecodable mount request from %s",
1060 svcerr_decode(transp);
1065 * Get the real pathname and make sure it is a directory
1066 * or a regular file if the -r option was specified
1069 if (realpath(rpcpath, dirpath) == NULL ||
1070 stat(dirpath, &stb) < 0 ||
1071 statfs(dirpath, &fsb) < 0) {
1072 chdir("/"); /* Just in case realpath doesn't */
1074 "mount request from %s for non existent path %s",
1075 numerichost, dirpath);
1077 warnx("stat failed on %s", dirpath);
1078 bad = ENOENT; /* We will send error reply later */
1081 !S_ISDIR(stb.st_mode) &&
1082 (dir_only || !S_ISREG(stb.st_mode))) {
1084 "mount request from %s for non-directory path %s",
1085 numerichost, dirpath);
1087 warnx("mounting non-directory %s", dirpath);
1088 bad = ENOTDIR; /* We will send error reply later */
1091 /* Check in the exports list */
1092 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
1096 ep = ex_search(&fsb.f_fsid, &exphead);
1097 hostset = defset = 0;
1098 if (ep && (chk_host(ep->ex_defdir, saddr, &defset, &hostset,
1099 &numsecflavors, &secflavorsp) ||
1100 ((dp = dirp_search(ep->ex_dirl, dirpath)) &&
1101 chk_host(dp, saddr, &defset, &hostset, &numsecflavors,
1103 (defset && scan_tree(ep->ex_defdir, saddr) == 0 &&
1104 scan_tree(ep->ex_dirl, saddr) == 0))) {
1106 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
1108 syslog(LOG_ERR, "can't send reply");
1109 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1112 if (hostset & DP_HOSTSET) {
1113 fhr.fhr_flag = hostset;
1114 fhr.fhr_numsecflavors = numsecflavors;
1115 fhr.fhr_secflavors = secflavorsp;
1117 fhr.fhr_flag = defset;
1118 fhr.fhr_numsecflavors = ep->ex_defnumsecflavors;
1119 fhr.fhr_secflavors = ep->ex_defsecflavors;
1121 fhr.fhr_vers = rqstp->rq_vers;
1122 /* Get the file handle */
1123 memset(&fhr.fhr_fh, 0, sizeof(nfsfh_t));
1124 if (getfh(dirpath, (fhandle_t *)&fhr.fhr_fh) < 0) {
1126 syslog(LOG_ERR, "can't get fh for %s", dirpath);
1127 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
1129 syslog(LOG_ERR, "can't send reply");
1130 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1133 if (!svc_sendreply(transp, (xdrproc_t)xdr_fhs,
1135 syslog(LOG_ERR, "can't send reply");
1137 add_mlist(host, dirpath);
1139 add_mlist(numerichost, dirpath);
1141 warnx("mount successful");
1144 "mount request succeeded from %s for %s",
1145 numerichost, dirpath);
1150 "mount request denied from %s for %s",
1151 numerichost, dirpath);
1154 if (bad && !svc_sendreply(transp, (xdrproc_t)xdr_long,
1156 syslog(LOG_ERR, "can't send reply");
1157 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1159 case MOUNTPROC_DUMP:
1160 if (!svc_sendreply(transp, (xdrproc_t)xdr_mlist, (caddr_t)NULL))
1161 syslog(LOG_ERR, "can't send reply");
1164 "dump request succeeded from %s",
1167 case MOUNTPROC_UMNT:
1168 if (sport >= IPPORT_RESERVED && resvport_only) {
1170 "umount request from %s from unprivileged port",
1172 svcerr_weakauth(transp);
1175 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
1176 syslog(LOG_NOTICE, "undecodable umount request from %s",
1178 svcerr_decode(transp);
1181 if (realpath(rpcpath, dirpath) == NULL) {
1182 syslog(LOG_NOTICE, "umount request from %s "
1183 "for non existent path %s",
1184 numerichost, dirpath);
1186 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, (caddr_t)NULL))
1187 syslog(LOG_ERR, "can't send reply");
1189 del_mlist(host, dirpath);
1190 del_mlist(numerichost, dirpath);
1193 "umount request succeeded from %s for %s",
1194 numerichost, dirpath);
1196 case MOUNTPROC_UMNTALL:
1197 if (sport >= IPPORT_RESERVED && resvport_only) {
1199 "umountall request from %s from unprivileged port",
1201 svcerr_weakauth(transp);
1204 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, (caddr_t)NULL))
1205 syslog(LOG_ERR, "can't send reply");
1207 del_mlist(host, NULL);
1208 del_mlist(numerichost, NULL);
1211 "umountall request succeeded from %s",
1214 case MOUNTPROC_EXPORT:
1215 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist, (caddr_t)NULL))
1216 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist_brief,
1218 syslog(LOG_ERR, "can't send reply");
1221 "export request succeeded from %s",
1225 svcerr_noproc(transp);
1231 * Xdr conversion for a dirpath string
1234 xdr_dir(XDR *xdrsp, char *dirp)
1236 return (xdr_string(xdrsp, &dirp, MNTPATHLEN));
1240 * Xdr routine to generate file handle reply
1243 xdr_fhs(XDR *xdrsp, caddr_t cp)
1245 struct fhreturn *fhrp = (struct fhreturn *)cp;
1246 u_long ok = 0, len, auth;
1249 if (!xdr_long(xdrsp, &ok))
1251 switch (fhrp->fhr_vers) {
1253 return (xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, NFSX_V2FH));
1256 if (!xdr_long(xdrsp, &len))
1258 if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len))
1260 if (fhrp->fhr_numsecflavors) {
1261 if (!xdr_int(xdrsp, &fhrp->fhr_numsecflavors))
1263 for (i = 0; i < fhrp->fhr_numsecflavors; i++)
1264 if (!xdr_int(xdrsp, &fhrp->fhr_secflavors[i]))
1270 if (!xdr_long(xdrsp, &len))
1272 return (xdr_long(xdrsp, &auth));
1279 xdr_mlist(XDR *xdrsp, caddr_t cp __unused)
1281 struct mountlist *mlp;
1286 SLIST_FOREACH(mlp, &mlhead, next) {
1287 if (!xdr_bool(xdrsp, &true))
1289 strp = &mlp->ml_host[0];
1290 if (!xdr_string(xdrsp, &strp, MNTNAMLEN))
1292 strp = &mlp->ml_dirp[0];
1293 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1296 if (!xdr_bool(xdrsp, &false))
1302 * Xdr conversion for export list
1305 xdr_explist_common(XDR *xdrsp, caddr_t cp __unused, int brief)
1307 struct exportlist *ep;
1310 sigset_t sighup_mask;
1312 sigemptyset(&sighup_mask);
1313 sigaddset(&sighup_mask, SIGHUP);
1314 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
1316 SLIST_FOREACH(ep, &exphead, entries) {
1318 if (put_exlist(ep->ex_dirl, xdrsp, ep->ex_defdir,
1321 if (ep->ex_defdir && putdef == 0 &&
1322 put_exlist(ep->ex_defdir, xdrsp, (struct dirlist *)NULL,
1326 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1327 if (!xdr_bool(xdrsp, &false))
1331 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1336 * Called from xdr_explist() to traverse the tree and export the
1340 put_exlist(struct dirlist *dp, XDR *xdrsp, struct dirlist *adp, int *putdefp,
1343 struct grouplist *grp;
1344 struct hostlist *hp;
1351 if (put_exlist(dp->dp_left, xdrsp, adp, putdefp, brief))
1353 if (!xdr_bool(xdrsp, &true))
1356 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1358 if (adp && !strcmp(dp->dp_dirp, adp->dp_dirp)) {
1363 if (!xdr_bool(xdrsp, &true))
1366 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1368 } else if ((dp->dp_flag & DP_DEFSET) == 0 &&
1369 (gotalldir == 0 || (adp->dp_flag & DP_DEFSET) == 0)) {
1373 if (grp->gr_type == GT_HOST) {
1374 if (!xdr_bool(xdrsp, &true))
1376 strp = grp->gr_ptr.gt_addrinfo->ai_canonname;
1377 if (!xdr_string(xdrsp, &strp,
1380 } else if (grp->gr_type == GT_NET) {
1381 if (!xdr_bool(xdrsp, &true))
1383 strp = grp->gr_ptr.gt_net.nt_name;
1384 if (!xdr_string(xdrsp, &strp,
1389 if (gotalldir && hp == (struct hostlist *)NULL) {
1395 if (!xdr_bool(xdrsp, &false))
1397 if (put_exlist(dp->dp_right, xdrsp, adp, putdefp, brief))
1404 xdr_explist(XDR *xdrsp, caddr_t cp)
1407 return xdr_explist_common(xdrsp, cp, 0);
1411 xdr_explist_brief(XDR *xdrsp, caddr_t cp)
1414 return xdr_explist_common(xdrsp, cp, 1);
1418 static size_t linesize;
1419 static FILE *exp_file;
1422 * Get the export list from one, currently open file
1425 get_exportlist_one(void)
1427 struct exportlist *ep;
1428 struct grouplist *grp, *tgrp;
1429 struct dirlist *dirhead;
1432 char *cp, *endcp, *dirp, *hst, *usr, *dom, savedc;
1433 int len, has_host, exflags, got_nondir, dirplen, netgrp;
1436 dirhead = (struct dirlist *)NULL;
1437 while (get_line()) {
1439 warnx("got line %s", line);
1441 nextfield(&cp, &endcp);
1450 exflags = MNT_EXPORTED;
1453 ep = (struct exportlist *)NULL;
1457 * Handle the V4 root dir.
1459 if (*cp == 'V' && *(cp + 1) == '4' && *(cp + 2) == ':') {
1461 * V4: just indicates that it is the v4 root point,
1462 * so skip over that and set v4root_phase.
1464 if (v4root_phase > 0) {
1465 syslog(LOG_ERR, "V4:duplicate line, ignored");
1470 nextfield(&cp, &endcp);
1474 * Create new exports list entry
1477 tgrp = grp = get_grp();
1479 if (len > MNTNAMLEN) {
1480 getexp_err(ep, tgrp, "mountpoint too long");
1484 if (ep == (struct exportlist *)NULL) {
1485 getexp_err(ep, tgrp,
1486 "flag before export path definition");
1490 warnx("doing opt %s", cp);
1492 if (do_opt(&cp, &endcp, ep, grp, &has_host,
1494 getexp_err(ep, tgrp, NULL);
1497 } else if (*cp == '/') {
1500 if (v4root_phase > 1) {
1502 getexp_err(ep, tgrp, "Multiple V4 dirs");
1506 if (check_dirpath(cp) &&
1507 statfs(cp, &fsb) >= 0) {
1508 if ((fsb.f_flags & MNT_AUTOMOUNTED) != 0)
1509 syslog(LOG_ERR, "Warning: exporting of "
1510 "automounted fs %s not supported", cp);
1512 getexp_err(ep, tgrp, "dirs must be first");
1515 if (v4root_phase == 1) {
1517 getexp_err(ep, tgrp, "Multiple V4 dirs");
1520 if (strlen(v4root_dirpath) == 0) {
1521 strlcpy(v4root_dirpath, cp,
1522 sizeof (v4root_dirpath));
1523 } else if (strcmp(v4root_dirpath, cp)
1526 "different V4 dirpath %s", cp);
1527 getexp_err(ep, tgrp, NULL);
1536 if (ep->ex_fs.val[0] !=
1537 fsb.f_fsid.val[0] ||
1539 fsb.f_fsid.val[1]) {
1540 getexp_err(ep, tgrp,
1546 * See if this directory is already
1549 ep = ex_search(&fsb.f_fsid, &exphead);
1550 if (ep == (struct exportlist *)NULL) {
1552 ep->ex_fs = fsb.f_fsid;
1553 ep->ex_fsdir = strdup(fsb.f_mntonname);
1554 if (ep->ex_fsdir == NULL)
1558 "making new ep fs=0x%x,0x%x",
1562 warnx("found ep fs=0x%x,0x%x",
1568 * Add dirpath to export mount point.
1570 dirp = add_expdir(&dirhead, cp, len);
1574 getexp_err(ep, tgrp,
1575 "symbolic link in export path or statfs failed");
1583 if (ep == (struct exportlist *)NULL) {
1584 getexp_err(ep, tgrp,
1585 "host(s) before export path definition");
1590 * Get the host or netgroup.
1593 netgrp = getnetgrent(&hst, &usr, &dom);
1596 grp->gr_next = get_grp();
1602 "null hostname in netgroup %s, skipping", cp);
1603 grp->gr_type = GT_IGNORE;
1604 } else if (get_host(hst, grp, tgrp)) {
1606 "bad host %s in netgroup %s, skipping", hst, cp);
1607 grp->gr_type = GT_IGNORE;
1609 } else if (get_host(cp, grp, tgrp)) {
1610 syslog(LOG_ERR, "bad host %s, skipping", cp);
1611 grp->gr_type = GT_IGNORE;
1614 } while (netgrp && getnetgrent(&hst, &usr, &dom));
1619 nextfield(&cp, &endcp);
1622 if (check_options(dirhead)) {
1623 getexp_err(ep, tgrp, NULL);
1627 grp->gr_type = GT_DEFAULT;
1629 warnx("adding a default entry");
1632 * Don't allow a network export coincide with a list of
1633 * host(s) on the same line.
1635 } else if ((opt_flags & OP_NET) && tgrp->gr_next) {
1636 getexp_err(ep, tgrp, "network/host conflict");
1640 * If an export list was specified on this line, make sure
1641 * that we have at least one valid entry, otherwise skip it.
1645 while (grp && grp->gr_type == GT_IGNORE)
1648 getexp_err(ep, tgrp, "no valid entries");
1653 if (v4root_phase == 1) {
1654 getexp_err(ep, tgrp, "V4:root, no dirp, ignored");
1659 * Loop through hosts, pushing the exports into the kernel.
1660 * After loop, tgrp points to the start of the list and
1661 * grp points to the last entry in the list.
1665 if (do_mount(ep, grp, exflags, &anon, dirp, dirplen,
1667 getexp_err(ep, tgrp, NULL);
1670 } while (grp->gr_next && (grp = grp->gr_next));
1673 * For V4: don't enter in mount lists.
1675 if (v4root_phase > 0 && v4root_phase <= 2) {
1677 * Since these structures aren't used by mountd,
1682 while (tgrp != NULL) {
1684 tgrp = tgrp->gr_next;
1691 * Success. Update the data structures.
1694 hang_dirp(dirhead, tgrp, ep, opt_flags);
1695 grp->gr_next = grphead;
1698 hang_dirp(dirhead, (struct grouplist *)NULL, ep,
1702 dirhead = (struct dirlist *)NULL;
1703 if ((ep->ex_flag & EX_LINKED) == 0) {
1704 insert_exports(ep, &exphead);
1706 ep->ex_flag |= EX_LINKED;
1712 dirhead = (struct dirlist *)NULL;
1718 * Get the export list from all specified files
1721 get_exportlist(void)
1723 struct grouplist *grp, *tgrp;
1724 struct export_args export;
1726 struct statfs *mntbufp;
1730 struct nfsex_args eargs;
1732 if (suspend_nfsd != 0)
1733 (void)nfssvc(NFSSVC_SUSPENDNFSD, NULL);
1734 v4root_dirpath[0] = '\0';
1735 bzero(&export, sizeof(export));
1736 export.ex_flags = MNT_DELEXPORT;
1739 bzero(errmsg, sizeof(errmsg));
1742 * First, get rid of the old list
1744 free_exports(&exphead);
1752 grphead = (struct grouplist *)NULL;
1755 * and the old V4 root dir.
1757 bzero(&eargs, sizeof (eargs));
1758 eargs.export.ex_flags = MNT_DELEXPORT;
1759 if (nfssvc(NFSSVC_V4ROOTEXPORT, (caddr_t)&eargs) < 0 &&
1761 syslog(LOG_ERR, "Can't delete exports for V4:");
1764 * and clear flag that notes if a public fh has been exported.
1769 * And delete exports that are in the kernel for all local
1771 * XXX: Should know how to handle all local exportable filesystems.
1773 num = getmntinfo(&mntbufp, MNT_NOWAIT);
1776 build_iovec(&iov, &iovlen, "fstype", NULL, 0);
1777 build_iovec(&iov, &iovlen, "fspath", NULL, 0);
1778 build_iovec(&iov, &iovlen, "from", NULL, 0);
1779 build_iovec(&iov, &iovlen, "update", NULL, 0);
1780 build_iovec(&iov, &iovlen, "export", &export, sizeof(export));
1781 build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg));
1784 for (i = 0; i < num; i++)
1785 delete_export(iov, iovlen, &mntbufp[i], errmsg);
1788 /* Free strings allocated by strdup() in getmntopts.c */
1789 free(iov[0].iov_base); /* fstype */
1790 free(iov[2].iov_base); /* fspath */
1791 free(iov[4].iov_base); /* from */
1792 free(iov[6].iov_base); /* update */
1793 free(iov[8].iov_base); /* export */
1794 free(iov[10].iov_base); /* errmsg */
1796 /* free iov, allocated by realloc() */
1804 * If there was no public fh, clear any previous one set.
1806 if (has_publicfh == 0)
1807 (void) nfssvc(NFSSVC_NOPUBLICFH, NULL);
1809 /* Resume the nfsd. If they weren't suspended, this is harmless. */
1810 (void)nfssvc(NFSSVC_RESUMENFSD, NULL);
1814 * Insert an export entry in the appropriate list.
1817 insert_exports(struct exportlist *ep, struct exportlisthead *exhp)
1820 SLIST_INSERT_HEAD(exhp, ep, entries);
1824 * Free up the exports lists passed in as arguments.
1827 free_exports(struct exportlisthead *exhp)
1829 struct exportlist *ep, *ep2;
1831 SLIST_FOREACH_SAFE(ep, exhp, entries, ep2) {
1832 SLIST_REMOVE(exhp, ep, exportlist, entries);
1839 * Read the exports file(s) and call get_exportlist_one() for each line.
1842 read_exportfile(void)
1847 * Read in the exports file and build the list, calling
1848 * nmount() as we go along to push the export rules into the kernel.
1851 for (i = 0; exnames[i] != NULL; i++) {
1853 warnx("reading exports from %s", exnames[i]);
1854 if ((exp_file = fopen(exnames[i], "r")) == NULL) {
1855 syslog(LOG_WARNING, "can't open %s", exnames[i]);
1858 get_exportlist_one();
1863 syslog(LOG_ERR, "can't open any exports file");
1869 * Delete an exports entry.
1872 delete_export(struct iovec *iov, int iovlen, struct statfs *fsp, char *errmsg)
1874 struct xvfsconf vfc;
1876 if (getvfsbyname(fsp->f_fstypename, &vfc) != 0) {
1877 syslog(LOG_ERR, "getvfsbyname() failed for %s",
1883 * We do not need to delete "export" flag from
1884 * filesystems that do not have it set.
1886 if (!(fsp->f_flags & MNT_EXPORTED))
1889 * Do not delete export for network filesystem by
1890 * passing "export" arg to nmount().
1891 * It only makes sense to do this for local filesystems.
1893 if (vfc.vfc_flags & VFCF_NETWORK)
1896 iov[1].iov_base = fsp->f_fstypename;
1897 iov[1].iov_len = strlen(fsp->f_fstypename) + 1;
1898 iov[3].iov_base = fsp->f_mntonname;
1899 iov[3].iov_len = strlen(fsp->f_mntonname) + 1;
1900 iov[5].iov_base = fsp->f_mntfromname;
1901 iov[5].iov_len = strlen(fsp->f_mntfromname) + 1;
1905 * EXDEV is returned when path exists but is not a
1906 * mount point. May happens if raced with unmount.
1908 if (nmount(iov, iovlen, fsp->f_flags) < 0 && errno != ENOENT &&
1909 errno != ENOTSUP && errno != EXDEV) {
1911 "can't delete exports for %s: %m %s",
1912 fsp->f_mntonname, errmsg);
1917 * Allocate an export list element
1919 static struct exportlist *
1922 struct exportlist *ep;
1924 ep = (struct exportlist *)calloc(1, sizeof (struct exportlist));
1925 if (ep == (struct exportlist *)NULL)
1931 * Allocate a group list element
1933 static struct grouplist *
1936 struct grouplist *gp;
1938 gp = (struct grouplist *)calloc(1, sizeof (struct grouplist));
1939 if (gp == (struct grouplist *)NULL)
1945 * Clean up upon an error in get_exportlist().
1948 getexp_err(struct exportlist *ep, struct grouplist *grp, const char *reason)
1950 struct grouplist *tgrp;
1952 if (!(opt_flags & OP_QUIET)) {
1954 syslog(LOG_ERR, "bad exports list line '%s': %s", line,
1957 syslog(LOG_ERR, "bad exports list line '%s'", line);
1959 if (ep && (ep->ex_flag & EX_LINKED) == 0)
1969 * Search the export list for a matching fs.
1971 static struct exportlist *
1972 ex_search(fsid_t *fsid, struct exportlisthead *exhp)
1974 struct exportlist *ep;
1976 SLIST_FOREACH(ep, exhp, entries) {
1977 if (ep->ex_fs.val[0] == fsid->val[0] &&
1978 ep->ex_fs.val[1] == fsid->val[1])
1986 * Add a directory path to the list.
1989 add_expdir(struct dirlist **dpp, char *cp, int len)
1993 dp = malloc(sizeof (struct dirlist));
1994 if (dp == (struct dirlist *)NULL)
1997 dp->dp_right = (struct dirlist *)NULL;
1999 dp->dp_hosts = (struct hostlist *)NULL;
2000 dp->dp_dirp = strndup(cp, len);
2001 if (dp->dp_dirp == NULL)
2004 return (dp->dp_dirp);
2008 * Hang the dir list element off the dirpath binary tree as required
2009 * and update the entry for host.
2012 hang_dirp(struct dirlist *dp, struct grouplist *grp, struct exportlist *ep,
2015 struct hostlist *hp;
2016 struct dirlist *dp2;
2018 if (flags & OP_ALLDIRS) {
2023 if (grp == (struct grouplist *)NULL) {
2024 ep->ex_defdir->dp_flag |= DP_DEFSET;
2025 /* Save the default security flavors list. */
2026 ep->ex_defnumsecflavors = ep->ex_numsecflavors;
2027 if (ep->ex_numsecflavors > 0)
2028 memcpy(ep->ex_defsecflavors, ep->ex_secflavors,
2029 sizeof(ep->ex_secflavors));
2030 } else while (grp) {
2033 hp->ht_next = ep->ex_defdir->dp_hosts;
2034 ep->ex_defdir->dp_hosts = hp;
2035 /* Save the security flavors list for this host set. */
2036 grp->gr_numsecflavors = ep->ex_numsecflavors;
2037 if (ep->ex_numsecflavors > 0)
2038 memcpy(grp->gr_secflavors, ep->ex_secflavors,
2039 sizeof(ep->ex_secflavors));
2045 * Loop through the directories adding them to the tree.
2049 add_dlist(&ep->ex_dirl, dp, grp, flags, ep);
2056 * Traverse the binary tree either updating a node that is already there
2057 * for the new directory or adding the new node.
2060 add_dlist(struct dirlist **dpp, struct dirlist *newdp, struct grouplist *grp,
2061 int flags, struct exportlist *ep)
2064 struct hostlist *hp;
2069 cmp = strcmp(dp->dp_dirp, newdp->dp_dirp);
2071 add_dlist(&dp->dp_left, newdp, grp, flags, ep);
2073 } else if (cmp < 0) {
2074 add_dlist(&dp->dp_right, newdp, grp, flags, ep);
2077 free((caddr_t)newdp);
2080 dp->dp_left = (struct dirlist *)NULL;
2086 * Hang all of the host(s) off of the directory point.
2091 hp->ht_next = dp->dp_hosts;
2093 /* Save the security flavors list for this host set. */
2094 grp->gr_numsecflavors = ep->ex_numsecflavors;
2095 if (ep->ex_numsecflavors > 0)
2096 memcpy(grp->gr_secflavors, ep->ex_secflavors,
2097 sizeof(ep->ex_secflavors));
2101 dp->dp_flag |= DP_DEFSET;
2102 /* Save the default security flavors list. */
2103 ep->ex_defnumsecflavors = ep->ex_numsecflavors;
2104 if (ep->ex_numsecflavors > 0)
2105 memcpy(ep->ex_defsecflavors, ep->ex_secflavors,
2106 sizeof(ep->ex_secflavors));
2111 * Search for a dirpath on the export point.
2113 static struct dirlist *
2114 dirp_search(struct dirlist *dp, char *dirp)
2119 cmp = strcmp(dp->dp_dirp, dirp);
2121 return (dirp_search(dp->dp_left, dirp));
2123 return (dirp_search(dp->dp_right, dirp));
2131 * Scan for a host match in a directory tree.
2134 chk_host(struct dirlist *dp, struct sockaddr *saddr, int *defsetp,
2135 int *hostsetp, int *numsecflavors, int **secflavorsp)
2137 struct hostlist *hp;
2138 struct grouplist *grp;
2139 struct addrinfo *ai;
2142 if (dp->dp_flag & DP_DEFSET)
2143 *defsetp = dp->dp_flag;
2147 switch (grp->gr_type) {
2149 ai = grp->gr_ptr.gt_addrinfo;
2150 for (; ai; ai = ai->ai_next) {
2151 if (!sacmp(ai->ai_addr, saddr, NULL)) {
2153 (hp->ht_flag | DP_HOSTSET);
2154 if (numsecflavors != NULL) {
2156 grp->gr_numsecflavors;
2165 if (!sacmp(saddr, (struct sockaddr *)
2166 &grp->gr_ptr.gt_net.nt_net,
2168 &grp->gr_ptr.gt_net.nt_mask)) {
2169 *hostsetp = (hp->ht_flag | DP_HOSTSET);
2170 if (numsecflavors != NULL) {
2172 grp->gr_numsecflavors;
2187 * Scan tree for a host that matches the address.
2190 scan_tree(struct dirlist *dp, struct sockaddr *saddr)
2192 int defset, hostset;
2195 if (scan_tree(dp->dp_left, saddr))
2197 if (chk_host(dp, saddr, &defset, &hostset, NULL, NULL))
2199 if (scan_tree(dp->dp_right, saddr))
2206 * Traverse the dirlist tree and free it up.
2209 free_dir(struct dirlist *dp)
2213 free_dir(dp->dp_left);
2214 free_dir(dp->dp_right);
2215 free_host(dp->dp_hosts);
2222 * Parse a colon separated list of security flavors
2225 parsesec(char *seclist, struct exportlist *ep)
2230 ep->ex_numsecflavors = 0;
2232 cp = strchr(seclist, ':');
2238 if (!strcmp(seclist, "sys"))
2240 else if (!strcmp(seclist, "krb5"))
2241 flavor = RPCSEC_GSS_KRB5;
2242 else if (!strcmp(seclist, "krb5i"))
2243 flavor = RPCSEC_GSS_KRB5I;
2244 else if (!strcmp(seclist, "krb5p"))
2245 flavor = RPCSEC_GSS_KRB5P;
2249 syslog(LOG_ERR, "bad sec flavor: %s", seclist);
2252 if (ep->ex_numsecflavors == MAXSECFLAVORS) {
2255 syslog(LOG_ERR, "too many sec flavors: %s", seclist);
2258 ep->ex_secflavors[ep->ex_numsecflavors] = flavor;
2259 ep->ex_numsecflavors++;
2271 * Parse the option string and update fields.
2272 * Option arguments may either be -<option>=<value> or
2276 do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp,
2277 int *has_hostp, int *exflagsp, struct xucred *cr)
2279 char *cpoptarg, *cpoptend;
2280 char *cp, *endcp, *cpopt, savedc, savedc2;
2281 int allflag, usedarg;
2289 while (cpopt && *cpopt) {
2292 if ((cpoptend = strchr(cpopt, ','))) {
2294 if ((cpoptarg = strchr(cpopt, '=')))
2297 if ((cpoptarg = strchr(cpopt, '=')))
2301 nextfield(&cp, &endcp);
2303 if (endcp > cp && *cp != '-') {
2311 if (!strcmp(cpopt, "ro") || !strcmp(cpopt, "o")) {
2312 *exflagsp |= MNT_EXRDONLY;
2313 } else if (cpoptarg && (!strcmp(cpopt, "maproot") ||
2314 !(allflag = strcmp(cpopt, "mapall")) ||
2315 !strcmp(cpopt, "root") || !strcmp(cpopt, "r"))) {
2317 parsecred(cpoptarg, cr);
2319 *exflagsp |= MNT_EXPORTANON;
2320 opt_flags |= OP_MAPALL;
2322 opt_flags |= OP_MAPROOT;
2323 } else if (cpoptarg && (!strcmp(cpopt, "mask") ||
2324 !strcmp(cpopt, "m"))) {
2325 if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) {
2326 syslog(LOG_ERR, "bad mask: %s", cpoptarg);
2330 opt_flags |= OP_MASK;
2331 } else if (cpoptarg && (!strcmp(cpopt, "network") ||
2332 !strcmp(cpopt, "n"))) {
2333 if (strchr(cpoptarg, '/') != NULL) {
2335 fprintf(stderr, "setting OP_MASKLEN\n");
2336 opt_flags |= OP_MASKLEN;
2338 if (grp->gr_type != GT_NULL) {
2339 syslog(LOG_ERR, "network/host conflict");
2341 } else if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 0)) {
2342 syslog(LOG_ERR, "bad net: %s", cpoptarg);
2345 grp->gr_type = GT_NET;
2348 opt_flags |= OP_NET;
2349 } else if (!strcmp(cpopt, "alldirs")) {
2350 opt_flags |= OP_ALLDIRS;
2351 } else if (!strcmp(cpopt, "public")) {
2352 *exflagsp |= MNT_EXPUBLIC;
2353 } else if (!strcmp(cpopt, "webnfs")) {
2354 *exflagsp |= (MNT_EXPUBLIC|MNT_EXRDONLY|MNT_EXPORTANON);
2355 opt_flags |= OP_MAPALL;
2356 } else if (cpoptarg && !strcmp(cpopt, "index")) {
2357 ep->ex_indexfile = strdup(cpoptarg);
2358 } else if (!strcmp(cpopt, "quiet")) {
2359 opt_flags |= OP_QUIET;
2360 } else if (cpoptarg && !strcmp(cpopt, "sec")) {
2361 if (parsesec(cpoptarg, ep))
2363 opt_flags |= OP_SEC;
2366 syslog(LOG_ERR, "bad opt %s", cpopt);
2385 * Translate a character string to the corresponding list of network
2386 * addresses for a hostname.
2389 get_host(char *cp, struct grouplist *grp, struct grouplist *tgrp)
2391 struct grouplist *checkgrp;
2392 struct addrinfo *ai, *tai, hints;
2394 char host[NI_MAXHOST];
2396 if (grp->gr_type != GT_NULL) {
2397 syslog(LOG_ERR, "Bad netgroup type for ip host %s", cp);
2400 memset(&hints, 0, sizeof hints);
2401 hints.ai_flags = AI_CANONNAME;
2402 hints.ai_protocol = IPPROTO_UDP;
2403 ecode = getaddrinfo(cp, NULL, &hints, &ai);
2405 syslog(LOG_ERR,"can't get address info for host %s", cp);
2408 grp->gr_ptr.gt_addrinfo = ai;
2409 while (ai != NULL) {
2410 if (ai->ai_canonname == NULL) {
2411 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host,
2412 sizeof host, NULL, 0, NI_NUMERICHOST) != 0)
2413 strlcpy(host, "?", sizeof(host));
2414 ai->ai_canonname = strdup(host);
2415 ai->ai_flags |= AI_CANONNAME;
2418 fprintf(stderr, "got host %s\n", ai->ai_canonname);
2420 * Sanity check: make sure we don't already have an entry
2421 * for this host in the grouplist.
2423 for (checkgrp = tgrp; checkgrp != NULL;
2424 checkgrp = checkgrp->gr_next) {
2425 if (checkgrp->gr_type != GT_HOST)
2427 for (tai = checkgrp->gr_ptr.gt_addrinfo; tai != NULL;
2428 tai = tai->ai_next) {
2429 if (sacmp(tai->ai_addr, ai->ai_addr, NULL) != 0)
2433 "ignoring duplicate host %s\n",
2435 grp->gr_type = GT_IGNORE;
2441 grp->gr_type = GT_HOST;
2446 * Free up an exports list component
2449 free_exp(struct exportlist *ep)
2452 if (ep->ex_defdir) {
2453 free_host(ep->ex_defdir->dp_hosts);
2454 free((caddr_t)ep->ex_defdir);
2458 if (ep->ex_indexfile)
2459 free(ep->ex_indexfile);
2460 free_dir(ep->ex_dirl);
2468 free_host(struct hostlist *hp)
2470 struct hostlist *hp2;
2479 static struct hostlist *
2482 struct hostlist *hp;
2484 hp = (struct hostlist *)malloc(sizeof (struct hostlist));
2485 if (hp == (struct hostlist *)NULL)
2487 hp->ht_next = (struct hostlist *)NULL;
2493 * Out of memory, fatal
2499 syslog(LOG_ERR, "out of memory");
2504 * Do the nmount() syscall with the update flag to push the export info into
2508 do_mount(struct exportlist *ep, struct grouplist *grp, int exflags,
2509 struct xucred *anoncrp, char *dirp, int dirplen, struct statfs *fsb)
2512 struct addrinfo *ai;
2513 struct export_args *eap;
2521 struct nfsex_args nfsea;
2523 eap = &nfsea.export;
2531 bzero(eap, sizeof (struct export_args));
2532 bzero(errmsg, sizeof(errmsg));
2533 eap->ex_flags = exflags;
2534 eap->ex_anon = *anoncrp;
2535 eap->ex_indexfile = ep->ex_indexfile;
2536 if (grp->gr_type == GT_HOST)
2537 ai = grp->gr_ptr.gt_addrinfo;
2540 eap->ex_numsecflavors = ep->ex_numsecflavors;
2541 for (i = 0; i < eap->ex_numsecflavors; i++)
2542 eap->ex_secflavors[i] = ep->ex_secflavors[i];
2543 if (eap->ex_numsecflavors == 0) {
2544 eap->ex_numsecflavors = 1;
2545 eap->ex_secflavors[0] = AUTH_SYS;
2549 if (v4root_phase == 0) {
2550 build_iovec(&iov, &iovlen, "fstype", NULL, 0);
2551 build_iovec(&iov, &iovlen, "fspath", NULL, 0);
2552 build_iovec(&iov, &iovlen, "from", NULL, 0);
2553 build_iovec(&iov, &iovlen, "update", NULL, 0);
2554 build_iovec(&iov, &iovlen, "export", eap,
2555 sizeof (struct export_args));
2556 build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg));
2560 switch (grp->gr_type) {
2562 if (ai->ai_addr->sa_family == AF_INET6 && have_v6 == 0)
2564 eap->ex_addr = ai->ai_addr;
2565 eap->ex_addrlen = ai->ai_addrlen;
2566 eap->ex_masklen = 0;
2569 if (grp->gr_ptr.gt_net.nt_net.ss_family == AF_INET6 &&
2573 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_net;
2575 ((struct sockaddr *)&grp->gr_ptr.gt_net.nt_net)->sa_len;
2577 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask;
2578 eap->ex_masklen = ((struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask)->sa_len;
2581 eap->ex_addr = NULL;
2582 eap->ex_addrlen = 0;
2583 eap->ex_mask = NULL;
2584 eap->ex_masklen = 0;
2591 syslog(LOG_ERR, "bad grouptype");
2599 * For V4:, use the nfssvc() syscall, instead of mount().
2601 if (v4root_phase == 2) {
2602 nfsea.fspec = v4root_dirpath;
2603 if (nfssvc(NFSSVC_V4ROOTEXPORT, (caddr_t)&nfsea) < 0) {
2604 syslog(LOG_ERR, "Exporting V4: failed");
2610 * Maybe I should just use the fsb->f_mntonname path
2611 * instead of looping back up the dirp to the mount
2613 * Also, needs to know how to export all types of local
2614 * exportable filesystems and not just "ufs".
2616 iov[1].iov_base = fsb->f_fstypename; /* "fstype" */
2617 iov[1].iov_len = strlen(fsb->f_fstypename) + 1;
2618 iov[3].iov_base = fsb->f_mntonname; /* "fspath" */
2619 iov[3].iov_len = strlen(fsb->f_mntonname) + 1;
2620 iov[5].iov_base = fsb->f_mntfromname; /* "from" */
2621 iov[5].iov_len = strlen(fsb->f_mntfromname) + 1;
2624 while (nmount(iov, iovlen, fsb->f_flags) < 0) {
2628 cp = dirp + dirplen - 1;
2629 if (opt_flags & OP_QUIET) {
2633 if (errno == EPERM) {
2635 warnx("can't change attributes for %s: %s",
2638 "can't change attributes for %s: %s",
2643 if (opt_flags & OP_ALLDIRS) {
2644 if (errno == EINVAL)
2646 "-alldirs requested but %s is not a filesystem mountpoint",
2650 "could not remount %s: %m",
2655 /* back up over the last component */
2656 while (*cp == '/' && cp > dirp)
2658 while (*(cp - 1) != '/' && cp > dirp)
2662 warnx("mnt unsucc");
2663 syslog(LOG_ERR, "can't export %s %s",
2671 * Check that we're still on the same
2674 if (statfs(dirp, &fsb1) != 0 ||
2675 bcmp(&fsb1.f_fsid, &fsb->f_fsid,
2676 sizeof (fsb1.f_fsid)) != 0) {
2679 "can't export %s %s", dirp,
2688 * For the experimental server:
2689 * If this is the public directory, get the file handle
2690 * and load it into the kernel via the nfssvc() syscall.
2692 if ((exflags & MNT_EXPUBLIC) != 0) {
2696 if (eap->ex_indexfile != NULL)
2697 public_name = eap->ex_indexfile;
2700 if (getfh(public_name, &fh) < 0)
2702 "Can't get public fh for %s", public_name);
2703 else if (nfssvc(NFSSVC_PUBLICFH, (caddr_t)&fh) < 0)
2705 "Can't set public fh for %s", public_name);
2718 /* free strings allocated by strdup() in getmntopts.c */
2720 free(iov[0].iov_base); /* fstype */
2721 free(iov[2].iov_base); /* fspath */
2722 free(iov[4].iov_base); /* from */
2723 free(iov[6].iov_base); /* update */
2724 free(iov[8].iov_base); /* export */
2725 free(iov[10].iov_base); /* errmsg */
2727 /* free iov, allocated by realloc() */
2734 * Translate a net address.
2736 * If `maskflg' is nonzero, then `cp' is a netmask, not a network address.
2739 get_net(char *cp, struct netmsk *net, int maskflg)
2741 struct netent *np = NULL;
2742 char *name, *p, *prefp;
2743 struct sockaddr_in sin;
2744 struct sockaddr *sa = NULL;
2745 struct addrinfo hints, *ai = NULL;
2746 char netname[NI_MAXHOST];
2750 if ((opt_flags & OP_MASKLEN) && !maskflg) {
2751 p = strchr(cp, '/');
2757 * Check for a numeric address first. We wish to avoid
2758 * possible DNS lookups in getnetbyname().
2760 if (isxdigit(*cp) || *cp == ':') {
2761 memset(&hints, 0, sizeof hints);
2762 /* Ensure the mask and the network have the same family. */
2763 if (maskflg && (opt_flags & OP_NET))
2764 hints.ai_family = net->nt_net.ss_family;
2765 else if (!maskflg && (opt_flags & OP_HAVEMASK))
2766 hints.ai_family = net->nt_mask.ss_family;
2768 hints.ai_family = AF_UNSPEC;
2769 hints.ai_flags = AI_NUMERICHOST;
2770 if (getaddrinfo(cp, NULL, &hints, &ai) == 0)
2772 if (sa != NULL && ai->ai_family == AF_INET) {
2774 * The address in `cp' is really a network address, so
2775 * use inet_network() to re-interpret this correctly.
2776 * e.g. "127.1" means 127.1.0.0, not 127.0.0.1.
2778 bzero(&sin, sizeof sin);
2779 sin.sin_family = AF_INET;
2780 sin.sin_len = sizeof sin;
2781 sin.sin_addr = inet_makeaddr(inet_network(cp), 0);
2783 fprintf(stderr, "get_net: v4 addr %s\n",
2784 inet_ntoa(sin.sin_addr));
2785 sa = (struct sockaddr *)&sin;
2788 if (sa == NULL && (np = getnetbyname(cp)) != NULL) {
2789 bzero(&sin, sizeof sin);
2790 sin.sin_family = AF_INET;
2791 sin.sin_len = sizeof sin;
2792 sin.sin_addr = inet_makeaddr(np->n_net, 0);
2793 sa = (struct sockaddr *)&sin;
2799 /* The specified sockaddr is a mask. */
2800 if (checkmask(sa) != 0)
2802 bcopy(sa, &net->nt_mask, sa->sa_len);
2803 opt_flags |= OP_HAVEMASK;
2805 /* The specified sockaddr is a network address. */
2806 bcopy(sa, &net->nt_net, sa->sa_len);
2808 /* Get a network name for the export list. */
2811 } else if (getnameinfo(sa, sa->sa_len, netname, sizeof netname,
2812 NULL, 0, NI_NUMERICHOST) == 0) {
2817 if ((net->nt_name = strdup(name)) == NULL)
2821 * Extract a mask from either a "/<masklen>" suffix, or
2822 * from the class of an IPv4 address.
2824 if (opt_flags & OP_MASKLEN) {
2825 preflen = strtol(prefp, NULL, 10);
2826 if (preflen < 0L || preflen == LONG_MAX)
2828 bcopy(sa, &net->nt_mask, sa->sa_len);
2829 if (makemask(&net->nt_mask, (int)preflen) != 0)
2831 opt_flags |= OP_HAVEMASK;
2833 } else if (sa->sa_family == AF_INET &&
2834 (opt_flags & OP_MASK) == 0) {
2837 addr = ((struct sockaddr_in *)sa)->sin_addr.s_addr;
2838 if (IN_CLASSA(addr))
2840 else if (IN_CLASSB(addr))
2842 else if (IN_CLASSC(addr))
2844 else if (IN_CLASSD(addr))
2847 preflen = 32; /* XXX */
2849 bcopy(sa, &net->nt_mask, sa->sa_len);
2850 makemask(&net->nt_mask, (int)preflen);
2851 opt_flags |= OP_HAVEMASK;
2866 * Parse out the next white space separated field
2869 nextfield(char **cp, char **endcp)
2875 while (*p == ' ' || *p == '\t')
2878 while (*p != '\0') {
2883 if (*p == '\\' && *(p + 1) != '\0')
2885 else if (*p == '\'' || *p == '"')
2887 else if (*p == ' ' || *p == '\t')
2896 * Get an exports file line. Skip over blank lines and handle line
2904 int totlen, cont_line;
2907 * Loop around ignoring blank lines and getting all continuation lines.
2912 if ((p = fgetln(exp_file, &len)) == NULL)
2917 (*cp == ' ' || *cp == '\t' || *cp == '\n' || *cp == '\\')) {
2927 if (linesize < len + totlen + 1) {
2928 linesize = len + totlen + 1;
2929 line = realloc(line, linesize);
2933 memcpy(line + totlen, p, len);
2935 line[totlen] = '\0';
2936 } while (totlen == 0 || cont_line);
2941 * Parse a description of a credential.
2944 parsecred(char *namelist, struct xucred *cr)
2951 gid_t groups[XU_NGROUPS + 1];
2954 cr->cr_version = XUCRED_VERSION;
2956 * Set up the unprivileged user.
2959 cr->cr_groups[0] = 65533;
2962 * Get the user's password table entry.
2965 name = strsep_quote(&names, ":");
2966 /* Bug? name could be NULL here */
2967 if (isdigit(*name) || *name == '-')
2968 pw = getpwuid(atoi(name));
2970 pw = getpwnam(name);
2972 * Credentials specified as those of a user.
2974 if (names == NULL) {
2976 syslog(LOG_ERR, "unknown user: %s", name);
2979 cr->cr_uid = pw->pw_uid;
2980 ngroups = XU_NGROUPS + 1;
2981 if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups)) {
2982 syslog(LOG_ERR, "too many groups");
2983 ngroups = XU_NGROUPS + 1;
2987 * Compress out duplicate.
2989 cr->cr_ngroups = ngroups - 1;
2990 cr->cr_groups[0] = groups[0];
2991 for (cnt = 2; cnt < ngroups; cnt++)
2992 cr->cr_groups[cnt - 1] = groups[cnt];
2996 * Explicit credential specified as a colon separated list:
3000 cr->cr_uid = pw->pw_uid;
3001 else if (isdigit(*name) || *name == '-')
3002 cr->cr_uid = atoi(name);
3004 syslog(LOG_ERR, "unknown user: %s", name);
3008 while (names != NULL && *names != '\0' && cr->cr_ngroups < XU_NGROUPS) {
3009 name = strsep_quote(&names, ":");
3010 if (isdigit(*name) || *name == '-') {
3011 cr->cr_groups[cr->cr_ngroups++] = atoi(name);
3013 if ((gr = getgrnam(name)) == NULL) {
3014 syslog(LOG_ERR, "unknown group: %s", name);
3017 cr->cr_groups[cr->cr_ngroups++] = gr->gr_gid;
3020 if (names != NULL && *names != '\0' && cr->cr_ngroups == XU_NGROUPS)
3021 syslog(LOG_ERR, "too many groups");
3024 #define STRSIZ (MNTNAMLEN+MNTPATHLEN+50)
3026 * Routines that maintain the remote mounttab
3031 struct mountlist *mlp;
3032 char *host, *dirp, *cp;
3036 if ((mlfile = fopen(_PATH_RMOUNTLIST, "r")) == NULL) {
3037 if (errno == ENOENT)
3040 syslog(LOG_ERR, "can't open %s", _PATH_RMOUNTLIST);
3044 while (fgets(str, STRSIZ, mlfile) != NULL) {
3046 host = strsep(&cp, " \t\n");
3047 dirp = strsep(&cp, " \t\n");
3048 if (host == NULL || dirp == NULL)
3050 mlp = (struct mountlist *)malloc(sizeof (*mlp));
3051 if (mlp == (struct mountlist *)NULL)
3053 strncpy(mlp->ml_host, host, MNTNAMLEN);
3054 mlp->ml_host[MNTNAMLEN] = '\0';
3055 strncpy(mlp->ml_dirp, dirp, MNTPATHLEN);
3056 mlp->ml_dirp[MNTPATHLEN] = '\0';
3058 SLIST_INSERT_HEAD(&mlhead, mlp, next);
3064 del_mlist(char *hostp, char *dirp)
3066 struct mountlist *mlp, *mlp2;
3070 SLIST_FOREACH_SAFE(mlp, &mlhead, next, mlp2) {
3071 if (!strcmp(mlp->ml_host, hostp) &&
3072 (!dirp || !strcmp(mlp->ml_dirp, dirp))) {
3074 SLIST_REMOVE(&mlhead, mlp, mountlist, next);
3079 if ((mlfile = fopen(_PATH_RMOUNTLIST, "w")) == NULL) {
3080 syslog(LOG_ERR,"can't update %s", _PATH_RMOUNTLIST);
3083 SLIST_FOREACH(mlp, &mlhead, next) {
3084 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
3091 add_mlist(char *hostp, char *dirp)
3093 struct mountlist *mlp;
3096 SLIST_FOREACH(mlp, &mlhead, next) {
3097 if (!strcmp(mlp->ml_host, hostp) && !strcmp(mlp->ml_dirp, dirp))
3101 mlp = (struct mountlist *)malloc(sizeof (*mlp));
3102 if (mlp == (struct mountlist *)NULL)
3104 strncpy(mlp->ml_host, hostp, MNTNAMLEN);
3105 mlp->ml_host[MNTNAMLEN] = '\0';
3106 strncpy(mlp->ml_dirp, dirp, MNTPATHLEN);
3107 mlp->ml_dirp[MNTPATHLEN] = '\0';
3108 SLIST_INSERT_HEAD(&mlhead, mlp, next);
3109 if ((mlfile = fopen(_PATH_RMOUNTLIST, "a")) == NULL) {
3110 syslog(LOG_ERR, "can't update %s", _PATH_RMOUNTLIST);
3113 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
3118 * Free up a group list.
3121 free_grp(struct grouplist *grp)
3123 if (grp->gr_type == GT_HOST) {
3124 if (grp->gr_ptr.gt_addrinfo != NULL)
3125 freeaddrinfo(grp->gr_ptr.gt_addrinfo);
3126 } else if (grp->gr_type == GT_NET) {
3127 if (grp->gr_ptr.gt_net.nt_name)
3128 free(grp->gr_ptr.gt_net.nt_name);
3135 SYSLOG(int pri, const char *fmt, ...)
3140 vfprintf(stderr, fmt, ap);
3146 * Check options for consistency.
3149 check_options(struct dirlist *dp)
3152 if (v4root_phase == 0 && dp == NULL)
3154 if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) {
3155 syslog(LOG_ERR, "-mapall and -maproot mutually exclusive");
3158 if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) {
3159 syslog(LOG_ERR, "-mask requires -network");
3162 if ((opt_flags & OP_NET) && (opt_flags & OP_HAVEMASK) == 0) {
3163 syslog(LOG_ERR, "-network requires mask specification");
3166 if ((opt_flags & OP_MASK) && (opt_flags & OP_MASKLEN)) {
3167 syslog(LOG_ERR, "-mask and /masklen are mutually exclusive");
3170 if (v4root_phase > 0 &&
3172 ~(OP_SEC | OP_MASK | OP_NET | OP_HAVEMASK | OP_MASKLEN)) != 0) {
3173 syslog(LOG_ERR,"only -sec,-net,-mask options allowed on V4:");
3176 if ((opt_flags & OP_ALLDIRS) && dp->dp_left) {
3177 syslog(LOG_ERR, "-alldirs has multiple directories");
3184 * Check an absolute directory path for any symbolic links. Return true
3187 check_dirpath(char *dirp)
3194 while (*cp && ret) {
3197 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
3203 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
3209 * Make a netmask according to the specified prefix length. The ss_family
3210 * and other non-address fields must be initialised before calling this.
3213 makemask(struct sockaddr_storage *ssp, int bitlen)
3218 if ((p = sa_rawaddr((struct sockaddr *)ssp, &len)) == NULL)
3220 if (bitlen > len * CHAR_BIT)
3223 for (i = 0; i < len; i++) {
3224 bits = MIN(CHAR_BIT, bitlen);
3225 *p++ = (u_char)~0 << (CHAR_BIT - bits);
3232 * Check that the sockaddr is a valid netmask. Returns 0 if the mask
3233 * is acceptable (i.e. of the form 1...10....0).
3236 checkmask(struct sockaddr *sa)
3241 if ((mask = sa_rawaddr(sa, &len)) == NULL)
3244 for (i = 0; i < len; i++)
3245 if (mask[i] != 0xff)
3248 if (~mask[i] & (u_char)(~mask[i] + 1))
3252 for (; i < len; i++)
3259 * Compare two sockaddrs according to a specified mask. Return zero if
3260 * `sa1' matches `sa2' when filtered by the netmask in `samask'.
3261 * If samask is NULL, perform a full comparison.
3264 sacmp(struct sockaddr *sa1, struct sockaddr *sa2, struct sockaddr *samask)
3266 unsigned char *p1, *p2, *mask;
3269 if (sa1->sa_family != sa2->sa_family ||
3270 (p1 = sa_rawaddr(sa1, &len)) == NULL ||
3271 (p2 = sa_rawaddr(sa2, NULL)) == NULL)
3274 switch (sa1->sa_family) {
3276 if (((struct sockaddr_in6 *)sa1)->sin6_scope_id !=
3277 ((struct sockaddr_in6 *)sa2)->sin6_scope_id)
3282 /* Simple binary comparison if no mask specified. */
3284 return (memcmp(p1, p2, len));
3286 /* Set up the mask, and do a mask-based comparison. */
3287 if (sa1->sa_family != samask->sa_family ||
3288 (mask = sa_rawaddr(samask, NULL)) == NULL)
3291 for (i = 0; i < len; i++)
3292 if ((p1[i] & mask[i]) != (p2[i] & mask[i]))
3298 * Return a pointer to the part of the sockaddr that contains the
3299 * raw address, and set *nbytes to its length in bytes. Returns
3300 * NULL if the address family is unknown.
3303 sa_rawaddr(struct sockaddr *sa, int *nbytes) {
3307 switch (sa->sa_family) {
3309 len = sizeof(((struct sockaddr_in *)sa)->sin_addr);
3310 p = &((struct sockaddr_in *)sa)->sin_addr;
3313 len = sizeof(((struct sockaddr_in6 *)sa)->sin6_addr);
3314 p = &((struct sockaddr_in6 *)sa)->sin6_addr;
3327 huphandler(int sig __unused)
3334 terminate(int sig __unused)
3336 pidfile_remove(pfh);
3337 rpcb_unset(MOUNTPROG, MOUNTVERS, NULL);
3338 rpcb_unset(MOUNTPROG, MOUNTVERS3, NULL);