2 * SPDX-License-Identifier: BSD-3-Clause
4 * Copyright (c) 1989, 1993, 1994
5 * The Regents of the University of California. All rights reserved.
7 * This code is derived from software contributed to Berkeley by
8 * Rick Macklem at The University of Guelph.
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. Neither the name of the University nor the names of its contributors
19 * may be used to endorse or promote products derived from this software
20 * without specific prior written permission.
22 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
23 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
24 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
25 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
27 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
28 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
29 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
30 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
31 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 #include <sys/param.h>
36 #include <sys/syslog.h>
38 #include <sys/mount.h>
39 #include <sys/fcntl.h>
40 #include <sys/linker.h>
41 #include <sys/module.h>
42 #include <sys/types.h>
44 #include <sys/sysctl.h>
45 #include <sys/ucred.h>
48 #include <rpc/pmap_clnt.h>
49 #include <rpcsvc/nfs_prot.h>
52 #include <arpa/inet.h>
53 #include <nfs/nfssvc.h>
55 #include <fs/nfs/nfsproto.h>
56 #include <fs/nfs/nfskpiport.h>
57 #include <fs/nfs/nfs.h>
72 #define NFSD_STABLERESTART "/var/db/nfs-stablerestart"
73 #define NFSD_STABLEBACKUP "/var/db/nfs-stablerestart.bak"
74 #define MAXNFSDCNT 256
79 static pid_t children[MAXNFSDCNT]; /* PIDs of children */
80 static pid_t masterpid; /* PID of master/parent */
81 static int nfsdcnt; /* number of children */
82 static int nfsdcnt_set;
83 static int minthreads;
84 static int maxthreads;
85 static int nfssvc_nfsd; /* Set to correct NFSSVC_xxx flag */
86 static int stablefd = -1; /* Fd for the stable restart file */
87 static int backupfd; /* Fd for the backup stable restart file */
88 static const char *getopt_shortopts;
89 static const char *getopt_usage;
90 static int nfs_minvers = NFS_VER2;
92 static int minthreads_set;
93 static int maxthreads_set;
95 static struct option longopts[] = {
96 { "debug", no_argument, &debug, 1 },
97 { "minthreads", required_argument, &minthreads_set, 1 },
98 { "maxthreads", required_argument, &maxthreads_set, 1 },
99 { "pnfs", required_argument, NULL, 'p' },
100 { "mirror", required_argument, NULL, 'm' },
104 static void cleanup(int);
105 static void child_cleanup(int);
106 static void killchildren(void);
107 static void nfsd_exit(int);
108 static void nonfs(int);
109 static void reapchild(int);
110 static int setbindhost(struct addrinfo **ia, const char *bindhost,
111 struct addrinfo hints);
112 static void start_server(int, struct nfsd_nfsd_args *, const char *vhost);
113 static void unregistration(void);
114 static void usage(void);
115 static void open_stable(int *, int *);
116 static void copy_stable(int, int);
117 static void backup_stable(int);
118 static void set_nfsdcnt(int);
119 static void parse_dsserver(const char *, struct nfsd_nfsd_args *);
122 * Nfs server daemon mostly just a user context for nfssvc()
124 * 1 - do file descriptor and signal cleanup
125 * 2 - fork the nfsd(s)
126 * 3 - create server socket(s)
127 * 4 - register socket with rpcbind
129 * For connectionless protocols, just pass the socket into the kernel via.
131 * For connection based sockets, loop doing accepts. When you get a new
132 * socket from accept, pass the msgsock into the kernel via. nfssvc().
134 * -r - reregister with rpcbind
135 * -d - unregister with rpcbind
136 * -t - support tcp nfs clients
137 * -u - support udp nfs clients
138 * -e - forces it to run a server that supports nfsv4
139 * -p - enable a pNFS service
140 * -m - set the mirroring level for a pNFS service
141 * followed by "n" which is the number of nfsds' to fork off
144 main(int argc, char **argv)
146 struct nfsd_addsock_args addsockargs;
147 struct addrinfo *ai_udp, *ai_tcp, *ai_udp6, *ai_tcp6, hints;
148 struct netconfig *nconf_udp, *nconf_tcp, *nconf_udp6, *nconf_tcp6;
149 struct netbuf nb_udp, nb_tcp, nb_udp6, nb_tcp6;
150 struct sockaddr_storage peer;
151 fd_set ready, sockbits;
152 int ch, connect_type_cnt, i, maxsock, msgsock;
154 int on = 1, unregister, reregister, sock;
155 int tcp6sock, ip6flag, tcpflag, tcpsock;
156 int udpflag, ecode, error, s;
157 int bindhostc, bindanyflag, rpcbreg, rpcbregcnt;
159 int jailed, longindex = 0;
160 size_t jailed_size, nfs_minvers_size;
162 char **bindhost = NULL;
164 struct nfsd_nfsd_args nfsdargs;
165 const char *vhostname = NULL;
167 nfsdargs.mirrorcnt = 1;
168 nfsdargs.addr = NULL;
169 nfsdargs.addrlen = 0;
170 nfsdcnt = DEFNFSDCNT;
171 unregister = reregister = tcpflag = maxsock = 0;
172 bindanyflag = udpflag = connect_type_cnt = bindhostc = 0;
173 getopt_shortopts = "ah:n:rdtuep:m:V:";
176 " nfsd [-ardtue] [-h bindip]\n"
177 " [-n numservers] [--minthreads #] [--maxthreads #]\n"
178 " [-p/--pnfs dsserver0:/dsserver0-mounted-on-dir,...,"
179 "dsserverN:/dsserverN-mounted-on-dir] [-m mirrorlevel]\n"
180 " [-V virtual_hostname]\n";
181 while ((ch = getopt_long(argc, argv, getopt_shortopts, longopts,
185 if (strlen(optarg) <= MAXHOSTNAMELEN)
188 warnx("Virtual host name (%s) is too long",
195 set_nfsdcnt(atoi(optarg));
199 bindhost = realloc(bindhost,sizeof(char *)*bindhostc);
200 if (bindhost == NULL)
201 errx(1, "Out of memory");
202 bindhost[bindhostc-1] = strdup(optarg);
203 if (bindhost[bindhostc-1] == NULL)
204 errx(1, "Out of memory");
219 /* now a no-op, since this is the default */
222 /* Parse out the DS server host names and mount pts. */
223 parse_dsserver(optarg, &nfsdargs);
226 /* Set the mirror level for a pNFS service. */
228 if (i < 2 || i > NFSDEV_MAXMIRRORS)
229 errx(1, "Mirror level out of range 2<-->%d",
231 nfsdargs.mirrorcnt = i;
234 lopt = longopts[longindex].name;
235 if (!strcmp(lopt, "minthreads")) {
236 minthreads = atoi(optarg);
237 } else if (!strcmp(lopt, "maxthreads")) {
238 maxthreads = atoi(optarg);
245 if (!tcpflag && !udpflag)
249 if (minthreads_set && maxthreads_set && minthreads > maxthreads)
251 "error: minthreads(%d) can't be greater than "
252 "maxthreads(%d)", minthreads, maxthreads);
256 * Backward compatibility, trailing number is the count of daemons.
261 set_nfsdcnt(atoi(argv[0]));
264 * Unless the "-o" option was specified, try and run "nfsd".
265 * If "-o" was specified, try and run "nfsserver".
267 if (modfind("nfsd") < 0) {
268 /* Not present in kernel, try loading it */
269 if (kldload("nfsd") < 0 || modfind("nfsd") < 0)
270 errx(1, "NFS server is not available");
274 s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
276 if (errno != EPROTONOSUPPORT && errno != EAFNOSUPPORT)
279 } else if (getnetconfigent("udp6") == NULL ||
280 getnetconfigent("tcp6") == NULL) {
286 if (bindhostc == 0 || bindanyflag) {
288 bindhost = realloc(bindhost,sizeof(char *)*bindhostc);
289 if (bindhost == NULL)
290 errx(1, "Out of memory");
291 bindhost[bindhostc-1] = strdup("*");
292 if (bindhost[bindhostc-1] == NULL)
293 errx(1, "Out of memory");
298 * Unregister before setting nfs_minvers, in case the
299 * value of vfs.nfsd.server_min_nfsvers has changed
300 * since registering with rpcbind.
306 nfs_minvers_size = sizeof(nfs_minvers);
307 error = sysctlbyname("vfs.nfsd.server_min_nfsvers", &nfs_minvers,
308 &nfs_minvers_size, NULL, 0);
309 if (error != 0 || nfs_minvers < NFS_VER2 || nfs_minvers > NFS_VER4) {
310 warnx("sysctlbyname(vfs.nfsd.server_min_nfsvers) failed,"
311 " defaulting to NFSv2");
312 nfs_minvers = NFS_VER2;
317 memset(&hints, 0, sizeof hints);
318 hints.ai_flags = AI_PASSIVE;
319 hints.ai_family = AF_INET;
320 hints.ai_socktype = SOCK_DGRAM;
321 hints.ai_protocol = IPPROTO_UDP;
322 ecode = getaddrinfo(NULL, "nfs", &hints, &ai_udp);
324 err(1, "getaddrinfo udp: %s", gai_strerror(ecode));
325 nconf_udp = getnetconfigent("udp");
326 if (nconf_udp == NULL)
327 err(1, "getnetconfigent udp failed");
328 nb_udp.buf = ai_udp->ai_addr;
329 nb_udp.len = nb_udp.maxlen = ai_udp->ai_addrlen;
330 if (nfs_minvers == NFS_VER2)
331 if (!rpcb_set(NFS_PROGRAM, 2, nconf_udp,
333 err(1, "rpcb_set udp failed");
334 if (nfs_minvers <= NFS_VER3)
335 if (!rpcb_set(NFS_PROGRAM, 3, nconf_udp,
337 err(1, "rpcb_set udp failed");
338 freeaddrinfo(ai_udp);
340 if (udpflag && ip6flag) {
341 memset(&hints, 0, sizeof hints);
342 hints.ai_flags = AI_PASSIVE;
343 hints.ai_family = AF_INET6;
344 hints.ai_socktype = SOCK_DGRAM;
345 hints.ai_protocol = IPPROTO_UDP;
346 ecode = getaddrinfo(NULL, "nfs", &hints, &ai_udp6);
348 err(1, "getaddrinfo udp6: %s", gai_strerror(ecode));
349 nconf_udp6 = getnetconfigent("udp6");
350 if (nconf_udp6 == NULL)
351 err(1, "getnetconfigent udp6 failed");
352 nb_udp6.buf = ai_udp6->ai_addr;
353 nb_udp6.len = nb_udp6.maxlen = ai_udp6->ai_addrlen;
354 if (nfs_minvers == NFS_VER2)
355 if (!rpcb_set(NFS_PROGRAM, 2, nconf_udp6,
357 err(1, "rpcb_set udp6 failed");
358 if (nfs_minvers <= NFS_VER3)
359 if (!rpcb_set(NFS_PROGRAM, 3, nconf_udp6,
361 err(1, "rpcb_set udp6 failed");
362 freeaddrinfo(ai_udp6);
365 memset(&hints, 0, sizeof hints);
366 hints.ai_flags = AI_PASSIVE;
367 hints.ai_family = AF_INET;
368 hints.ai_socktype = SOCK_STREAM;
369 hints.ai_protocol = IPPROTO_TCP;
370 ecode = getaddrinfo(NULL, "nfs", &hints, &ai_tcp);
372 err(1, "getaddrinfo tcp: %s", gai_strerror(ecode));
373 nconf_tcp = getnetconfigent("tcp");
374 if (nconf_tcp == NULL)
375 err(1, "getnetconfigent tcp failed");
376 nb_tcp.buf = ai_tcp->ai_addr;
377 nb_tcp.len = nb_tcp.maxlen = ai_tcp->ai_addrlen;
378 if (nfs_minvers == NFS_VER2)
379 if (!rpcb_set(NFS_PROGRAM, 2, nconf_tcp,
381 err(1, "rpcb_set tcp failed");
382 if (nfs_minvers <= NFS_VER3)
383 if (!rpcb_set(NFS_PROGRAM, 3, nconf_tcp,
385 err(1, "rpcb_set tcp failed");
386 freeaddrinfo(ai_tcp);
388 if (tcpflag && ip6flag) {
389 memset(&hints, 0, sizeof hints);
390 hints.ai_flags = AI_PASSIVE;
391 hints.ai_family = AF_INET6;
392 hints.ai_socktype = SOCK_STREAM;
393 hints.ai_protocol = IPPROTO_TCP;
394 ecode = getaddrinfo(NULL, "nfs", &hints, &ai_tcp6);
396 err(1, "getaddrinfo tcp6: %s", gai_strerror(ecode));
397 nconf_tcp6 = getnetconfigent("tcp6");
398 if (nconf_tcp6 == NULL)
399 err(1, "getnetconfigent tcp6 failed");
400 nb_tcp6.buf = ai_tcp6->ai_addr;
401 nb_tcp6.len = nb_tcp6.maxlen = ai_tcp6->ai_addrlen;
402 if (nfs_minvers == NFS_VER2)
403 if (!rpcb_set(NFS_PROGRAM, 2, nconf_tcp6,
405 err(1, "rpcb_set tcp6 failed");
406 if (nfs_minvers <= NFS_VER3)
407 if (!rpcb_set(NFS_PROGRAM, 3, nconf_tcp6,
409 err(1, "rpcb_set tcp6 failed");
410 freeaddrinfo(ai_tcp6);
416 (void)signal(SIGHUP, SIG_IGN);
417 (void)signal(SIGINT, SIG_IGN);
419 * nfsd sits in the kernel most of the time. It needs
420 * to ignore SIGTERM/SIGQUIT in order to stay alive as long
421 * as possible during a shutdown, otherwise loopback
422 * mounts will not be able to unmount.
424 (void)signal(SIGTERM, SIG_IGN);
425 (void)signal(SIGQUIT, SIG_IGN);
427 (void)signal(SIGSYS, nonfs);
428 (void)signal(SIGCHLD, reapchild);
429 (void)signal(SIGUSR2, backup_stable);
431 openlog("nfsd", LOG_PID | (debug ? LOG_PERROR : 0), LOG_DAEMON);
434 * For V4, we open the stablerestart file and call nfssvc()
435 * to get it loaded. This is done before the daemons do the
436 * regular nfssvc() call to service NFS requests.
437 * (This way the file remains open until the last nfsd is killed
439 * It and the backup copy will be created as empty files
440 * the first time this nfsd is started and should never be
441 * deleted/replaced if at all possible. It should live on a
442 * local, non-volatile storage device that does not do hardware
443 * level write-back caching. (See SCSI doc for more information
444 * on how to prevent write-back caching on SCSI disks.)
446 open_stable(&stablefd, &backupfd);
448 syslog(LOG_ERR, "Can't open %s: %m\n", NFSD_STABLERESTART);
451 /* This system call will fail for old kernels, but that's ok. */
452 nfssvc(NFSSVC_BACKUPSTABLE, NULL);
453 if (nfssvc(NFSSVC_STABLERESTART, (caddr_t)&stablefd) < 0) {
454 if (errno == EPERM) {
456 jailed_size = sizeof(jailed);
457 sysctlbyname("security.jail.jailed", &jailed,
458 &jailed_size, NULL, 0);
460 syslog(LOG_ERR, "nfssvc stablerestart failed: "
461 "allow.nfsd might not be configured");
463 syslog(LOG_ERR, "nfssvc stablerestart failed");
464 } else if (errno == ENXIO)
465 syslog(LOG_ERR, "nfssvc stablerestart failed: is nfsd "
468 syslog(LOG_ERR, "Can't read stable storage file: %m\n");
471 nfssvc_addsock = NFSSVC_NFSDADDSOCK;
472 nfssvc_nfsd = NFSSVC_NFSDNFSD | NFSSVC_NEWSTRUCT;
476 * For TCP mode, we fork once to start the first
477 * kernel nfsd thread. The kernel will add more
480 masterpid = getpid();
483 syslog(LOG_ERR, "fork: %m");
489 (void)signal(SIGUSR1, child_cleanup);
490 setproctitle("server");
491 start_server(0, &nfsdargs, vhostname);
495 (void)signal(SIGUSR1, cleanup);
499 /* Set up the socket for udp and rpcb register it. */
502 for (i = 0; i < bindhostc; i++) {
503 memset(&hints, 0, sizeof hints);
504 hints.ai_flags = AI_PASSIVE;
505 hints.ai_family = AF_INET;
506 hints.ai_socktype = SOCK_DGRAM;
507 hints.ai_protocol = IPPROTO_UDP;
508 if (setbindhost(&ai_udp, bindhost[i], hints) == 0) {
511 if ((sock = socket(ai_udp->ai_family,
513 ai_udp->ai_protocol)) < 0) {
515 "can't create udp socket");
518 if (bind(sock, ai_udp->ai_addr,
519 ai_udp->ai_addrlen) < 0) {
521 "can't bind udp addr %s: %m",
525 freeaddrinfo(ai_udp);
526 addsockargs.sock = sock;
527 addsockargs.name = NULL;
528 addsockargs.namelen = 0;
529 if (nfssvc(nfssvc_addsock, &addsockargs) < 0) {
530 syslog(LOG_ERR, "can't Add UDP socket");
537 memset(&hints, 0, sizeof hints);
538 hints.ai_flags = AI_PASSIVE;
539 hints.ai_family = AF_INET;
540 hints.ai_socktype = SOCK_DGRAM;
541 hints.ai_protocol = IPPROTO_UDP;
542 ecode = getaddrinfo(NULL, "nfs", &hints, &ai_udp);
544 syslog(LOG_ERR, "getaddrinfo udp: %s",
545 gai_strerror(ecode));
548 nconf_udp = getnetconfigent("udp");
549 if (nconf_udp == NULL)
550 err(1, "getnetconfigent udp failed");
551 nb_udp.buf = ai_udp->ai_addr;
552 nb_udp.len = nb_udp.maxlen = ai_udp->ai_addrlen;
553 if (nfs_minvers == NFS_VER2)
554 if (!rpcb_set(NFS_PROGRAM, 2, nconf_udp,
556 err(1, "rpcb_set udp failed");
557 if (nfs_minvers <= NFS_VER3)
558 if (!rpcb_set(NFS_PROGRAM, 3, nconf_udp,
560 err(1, "rpcb_set udp failed");
561 freeaddrinfo(ai_udp);
565 /* Set up the socket for udp6 and rpcb register it. */
566 if (udpflag && ip6flag) {
568 for (i = 0; i < bindhostc; i++) {
569 memset(&hints, 0, sizeof hints);
570 hints.ai_flags = AI_PASSIVE;
571 hints.ai_family = AF_INET6;
572 hints.ai_socktype = SOCK_DGRAM;
573 hints.ai_protocol = IPPROTO_UDP;
574 if (setbindhost(&ai_udp6, bindhost[i], hints) == 0) {
577 if ((sock = socket(ai_udp6->ai_family,
578 ai_udp6->ai_socktype,
579 ai_udp6->ai_protocol)) < 0) {
581 "can't create udp6 socket");
584 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY,
585 &on, sizeof on) < 0) {
587 "can't set v6-only binding for "
591 if (bind(sock, ai_udp6->ai_addr,
592 ai_udp6->ai_addrlen) < 0) {
594 "can't bind udp6 addr %s: %m",
598 freeaddrinfo(ai_udp6);
599 addsockargs.sock = sock;
600 addsockargs.name = NULL;
601 addsockargs.namelen = 0;
602 if (nfssvc(nfssvc_addsock, &addsockargs) < 0) {
604 "can't add UDP6 socket");
611 memset(&hints, 0, sizeof hints);
612 hints.ai_flags = AI_PASSIVE;
613 hints.ai_family = AF_INET6;
614 hints.ai_socktype = SOCK_DGRAM;
615 hints.ai_protocol = IPPROTO_UDP;
616 ecode = getaddrinfo(NULL, "nfs", &hints, &ai_udp6);
618 syslog(LOG_ERR, "getaddrinfo udp6: %s",
619 gai_strerror(ecode));
622 nconf_udp6 = getnetconfigent("udp6");
623 if (nconf_udp6 == NULL)
624 err(1, "getnetconfigent udp6 failed");
625 nb_udp6.buf = ai_udp6->ai_addr;
626 nb_udp6.len = nb_udp6.maxlen = ai_udp6->ai_addrlen;
627 if (nfs_minvers == NFS_VER2)
628 if (!rpcb_set(NFS_PROGRAM, 2, nconf_udp6,
631 "rpcb_set udp6 failed");
632 if (nfs_minvers <= NFS_VER3)
633 if (!rpcb_set(NFS_PROGRAM, 3, nconf_udp6,
636 "rpcb_set udp6 failed");
637 freeaddrinfo(ai_udp6);
641 /* Set up the socket for tcp and rpcb register it. */
644 for (i = 0; i < bindhostc; i++) {
645 memset(&hints, 0, sizeof hints);
646 hints.ai_flags = AI_PASSIVE;
647 hints.ai_family = AF_INET;
648 hints.ai_socktype = SOCK_STREAM;
649 hints.ai_protocol = IPPROTO_TCP;
650 if (setbindhost(&ai_tcp, bindhost[i], hints) == 0) {
653 if ((tcpsock = socket(AF_INET, SOCK_STREAM,
656 "can't create tcp socket");
659 if (setsockopt(tcpsock, SOL_SOCKET,
661 (char *)&on, sizeof(on)) < 0)
663 "setsockopt SO_REUSEADDR: %m");
664 if (bind(tcpsock, ai_tcp->ai_addr,
665 ai_tcp->ai_addrlen) < 0) {
667 "can't bind tcp addr %s: %m",
671 if (listen(tcpsock, -1) < 0) {
672 syslog(LOG_ERR, "listen failed");
675 freeaddrinfo(ai_tcp);
676 FD_SET(tcpsock, &sockbits);
682 memset(&hints, 0, sizeof hints);
683 hints.ai_flags = AI_PASSIVE;
684 hints.ai_family = AF_INET;
685 hints.ai_socktype = SOCK_STREAM;
686 hints.ai_protocol = IPPROTO_TCP;
687 ecode = getaddrinfo(NULL, "nfs", &hints,
690 syslog(LOG_ERR, "getaddrinfo tcp: %s",
691 gai_strerror(ecode));
694 nconf_tcp = getnetconfigent("tcp");
695 if (nconf_tcp == NULL)
696 err(1, "getnetconfigent tcp failed");
697 nb_tcp.buf = ai_tcp->ai_addr;
698 nb_tcp.len = nb_tcp.maxlen = ai_tcp->ai_addrlen;
699 if (nfs_minvers == NFS_VER2)
700 if (!rpcb_set(NFS_PROGRAM, 2, nconf_tcp,
702 err(1, "rpcb_set tcp failed");
703 if (nfs_minvers <= NFS_VER3)
704 if (!rpcb_set(NFS_PROGRAM, 3, nconf_tcp,
706 err(1, "rpcb_set tcp failed");
707 freeaddrinfo(ai_tcp);
711 /* Set up the socket for tcp6 and rpcb register it. */
712 if (tcpflag && ip6flag) {
714 for (i = 0; i < bindhostc; i++) {
715 memset(&hints, 0, sizeof hints);
716 hints.ai_flags = AI_PASSIVE;
717 hints.ai_family = AF_INET6;
718 hints.ai_socktype = SOCK_STREAM;
719 hints.ai_protocol = IPPROTO_TCP;
720 if (setbindhost(&ai_tcp6, bindhost[i], hints) == 0) {
723 if ((tcp6sock = socket(ai_tcp6->ai_family,
724 ai_tcp6->ai_socktype,
725 ai_tcp6->ai_protocol)) < 0) {
727 "can't create tcp6 socket");
730 if (setsockopt(tcp6sock, SOL_SOCKET,
732 (char *)&on, sizeof(on)) < 0)
734 "setsockopt SO_REUSEADDR: %m");
735 if (setsockopt(tcp6sock, IPPROTO_IPV6,
736 IPV6_V6ONLY, &on, sizeof on) < 0) {
738 "can't set v6-only binding for tcp6 "
742 if (bind(tcp6sock, ai_tcp6->ai_addr,
743 ai_tcp6->ai_addrlen) < 0) {
745 "can't bind tcp6 addr %s: %m",
749 if (listen(tcp6sock, -1) < 0) {
750 syslog(LOG_ERR, "listen failed");
753 freeaddrinfo(ai_tcp6);
754 FD_SET(tcp6sock, &sockbits);
755 if (maxsock < tcp6sock)
761 memset(&hints, 0, sizeof hints);
762 hints.ai_flags = AI_PASSIVE;
763 hints.ai_family = AF_INET6;
764 hints.ai_socktype = SOCK_STREAM;
765 hints.ai_protocol = IPPROTO_TCP;
766 ecode = getaddrinfo(NULL, "nfs", &hints, &ai_tcp6);
768 syslog(LOG_ERR, "getaddrinfo tcp6: %s",
769 gai_strerror(ecode));
772 nconf_tcp6 = getnetconfigent("tcp6");
773 if (nconf_tcp6 == NULL)
774 err(1, "getnetconfigent tcp6 failed");
775 nb_tcp6.buf = ai_tcp6->ai_addr;
776 nb_tcp6.len = nb_tcp6.maxlen = ai_tcp6->ai_addrlen;
777 if (nfs_minvers == NFS_VER2)
778 if (!rpcb_set(NFS_PROGRAM, 2, nconf_tcp6,
780 err(1, "rpcb_set tcp6 failed");
781 if (nfs_minvers <= NFS_VER3)
782 if (!rpcb_set(NFS_PROGRAM, 3, nconf_tcp6,
784 err(1, "rpcb_set tcp6 failed");
785 freeaddrinfo(ai_tcp6);
789 if (rpcbregcnt == 0) {
790 syslog(LOG_ERR, "rpcb_set() failed, nothing to do: %m");
794 if (tcpflag && connect_type_cnt == 0) {
795 syslog(LOG_ERR, "tcp connects == 0, nothing to do: %m");
799 setproctitle("master");
801 * We always want a master to have a clean way to shut nfsd down
802 * (with unregistration): if the master is killed, it unregisters and
803 * kills all children. If we run for UDP only (and so do not have to
804 * loop waiting for accept), we instead make the parent
805 * a "server" too. start_server will not return.
808 start_server(1, &nfsdargs, vhostname);
811 * Loop forever accepting connections and passing the sockets
812 * into the kernel for the mounts.
816 if (connect_type_cnt > 1) {
817 if (select(maxsock + 1,
818 &ready, NULL, NULL, NULL) < 1) {
822 syslog(LOG_ERR, "select failed: %m");
826 for (tcpsock = 0; tcpsock <= maxsock; tcpsock++) {
827 if (FD_ISSET(tcpsock, &ready)) {
829 if ((msgsock = accept(tcpsock,
830 (struct sockaddr *)&peer, &len)) < 0) {
832 syslog(LOG_ERR, "accept failed: %m");
833 if (error == ECONNABORTED ||
838 if (setsockopt(msgsock, SOL_SOCKET,
839 SO_KEEPALIVE, (char *)&on, sizeof(on)) < 0)
841 "setsockopt SO_KEEPALIVE: %m");
842 addsockargs.sock = msgsock;
843 addsockargs.name = (caddr_t)&peer;
844 addsockargs.namelen = len;
845 nfssvc(nfssvc_addsock, &addsockargs);
846 (void)close(msgsock);
853 setbindhost(struct addrinfo **ai, const char *bindhost, struct addrinfo hints)
856 u_int32_t host_addr[4]; /* IPv4 or IPv6 */
859 if (bindhost == NULL || strcmp("*", bindhost) == 0)
864 if (hostptr != NULL) {
865 switch (hints.ai_family) {
867 if (inet_pton(AF_INET, hostptr, host_addr) == 1) {
868 hints.ai_flags = AI_NUMERICHOST;
870 if (inet_pton(AF_INET6, hostptr,
876 if (inet_pton(AF_INET6, hostptr, host_addr) == 1) {
877 hints.ai_flags = AI_NUMERICHOST;
879 if (inet_pton(AF_INET, hostptr,
889 ecode = getaddrinfo(hostptr, "nfs", &hints, ai);
891 syslog(LOG_ERR, "getaddrinfo %s: %s", bindhost,
892 gai_strerror(ecode));
899 set_nfsdcnt(int proposed)
903 warnx("nfsd count too low %d; reset to %d", proposed,
905 nfsdcnt = DEFNFSDCNT;
906 } else if (proposed > MAXNFSDCNT) {
907 warnx("nfsd count too high %d; truncated to %d", proposed,
909 nfsdcnt = MAXNFSDCNT;
918 (void)fprintf(stderr, "%s", getopt_usage);
923 nonfs(__unused int signo)
925 syslog(LOG_ERR, "missing system call: NFS not available");
929 reapchild(__unused int signo)
934 while ((pid = wait3(NULL, WNOHANG, NULL)) > 0) {
935 for (i = 0; i < nfsdcnt; i++)
936 if (pid == children[i])
944 if ((nfs_minvers == NFS_VER2 && !rpcb_unset(NFS_PROGRAM, 2, NULL)) ||
945 (nfs_minvers <= NFS_VER3 && !rpcb_unset(NFS_PROGRAM, 3, NULL)))
946 syslog(LOG_ERR, "rpcb_unset failed");
954 for (i = 0; i < nfsdcnt; i++) {
956 kill(children[i], SIGKILL);
961 * Cleanup master after SIGUSR1.
964 cleanup(__unused int signo)
970 * Cleanup child after SIGUSR1.
973 child_cleanup(__unused int signo)
979 nfsd_exit(int status)
987 get_tuned_nfsdcount(void)
989 int ncpu, error, tuned_nfsdcnt;
992 ncpu_size = sizeof(ncpu);
993 error = sysctlbyname("hw.ncpu", &ncpu, &ncpu_size, NULL, 0);
995 warnx("sysctlbyname(hw.ncpu) failed defaulting to %d nfs servers",
997 tuned_nfsdcnt = DEFNFSDCNT;
999 tuned_nfsdcnt = ncpu * 8;
1001 return tuned_nfsdcnt;
1005 start_server(int master, struct nfsd_nfsd_args *nfsdargp, const char *vhost)
1007 char principal[MAXHOSTNAMELEN + 5];
1009 char hostname[MAXHOSTNAMELEN + 1], *cp;
1010 struct addrinfo *aip, hints;
1014 gethostname(hostname, sizeof (hostname));
1016 strlcpy(hostname, vhost, sizeof (hostname));
1017 snprintf(principal, sizeof (principal), "nfs@%s", hostname);
1018 if ((cp = strchr(hostname, '.')) == NULL ||
1019 *(cp + 1) == '\0') {
1020 /* If not fully qualified, try getaddrinfo() */
1021 memset((void *)&hints, 0, sizeof (hints));
1022 hints.ai_flags = AI_CANONNAME;
1023 error = getaddrinfo(hostname, NULL, &hints, &aip);
1025 if (aip->ai_canonname != NULL &&
1026 (cp = strchr(aip->ai_canonname, '.')) !=
1027 NULL && *(cp + 1) != '\0')
1028 snprintf(principal, sizeof (principal),
1029 "nfs@%s", aip->ai_canonname);
1033 nfsdargp->principal = principal;
1036 nfsdargp->minthreads = nfsdargp->maxthreads = nfsdcnt;
1038 nfsdargp->minthreads = minthreads_set ? minthreads : get_tuned_nfsdcount();
1039 nfsdargp->maxthreads = maxthreads_set ? maxthreads : nfsdargp->minthreads;
1040 if (nfsdargp->maxthreads < nfsdargp->minthreads)
1041 nfsdargp->maxthreads = nfsdargp->minthreads;
1043 error = nfssvc(nfssvc_nfsd, nfsdargp);
1044 if (error < 0 && errno == EAUTH) {
1046 * This indicates that it could not register the
1047 * rpcsec_gss credentials, usually because the
1048 * gssd daemon isn't running.
1049 * (only the experimental server with nfsv4)
1051 syslog(LOG_ERR, "No gssd, using AUTH_SYS only");
1052 principal[0] = '\0';
1053 error = nfssvc(nfssvc_nfsd, nfsdargp);
1056 if (errno == ENXIO) {
1057 syslog(LOG_ERR, "Bad -p option, cannot run");
1058 if (masterpid != 0 && master == 0)
1059 kill(masterpid, SIGUSR1);
1061 syslog(LOG_ERR, "nfssvc: %m");
1071 * Open the stable restart file and return the file descriptor for it.
1074 open_stable(int *stable_fdp, int *backup_fdp)
1076 int stable_fd, backup_fd = -1, ret;
1077 struct stat st, backup_st;
1079 /* Open and stat the stable restart file. */
1080 stable_fd = open(NFSD_STABLERESTART, O_RDWR, 0);
1082 stable_fd = open(NFSD_STABLERESTART, O_RDWR | O_CREAT, 0600);
1083 if (stable_fd >= 0) {
1084 ret = fstat(stable_fd, &st);
1091 /* Open and stat the backup stable restart file. */
1092 if (stable_fd >= 0) {
1093 backup_fd = open(NFSD_STABLEBACKUP, O_RDWR, 0);
1095 backup_fd = open(NFSD_STABLEBACKUP, O_RDWR | O_CREAT,
1097 if (backup_fd >= 0) {
1098 ret = fstat(backup_fd, &backup_st);
1104 if (backup_fd < 0) {
1110 *stable_fdp = stable_fd;
1111 *backup_fdp = backup_fd;
1115 /* Sync up the 2 files, as required. */
1117 copy_stable(stable_fd, backup_fd);
1118 else if (backup_st.st_size > 0)
1119 copy_stable(backup_fd, stable_fd);
1123 * Copy the stable restart file to the backup or vice versa.
1126 copy_stable(int from_fd, int to_fd)
1129 static char buf[1024];
1131 ret = lseek(from_fd, (off_t)0, SEEK_SET);
1133 ret = lseek(to_fd, (off_t)0, SEEK_SET);
1135 ret = ftruncate(to_fd, (off_t)0);
1138 cnt = read(from_fd, buf, 1024);
1140 ret = write(to_fd, buf, cnt);
1143 } while (cnt > 0 && ret >= 0);
1147 syslog(LOG_ERR, "stable restart copy failure: %m");
1151 * Back up the stable restart file when indicated by the kernel.
1154 backup_stable(__unused int signo)
1158 copy_stable(stablefd, backupfd);
1162 * Parse the pNFS string and extract the DS servers and ports numbers.
1165 parse_dsserver(const char *optionarg, struct nfsd_nfsd_args *nfsdargp)
1167 char *cp, *cp2, *dsaddr, *dshost, *dspath, *dsvol, nfsprt[9];
1168 char *mdspath, *mdsp, ip6[INET6_ADDRSTRLEN];
1171 u_int adsiz, dsaddrcnt, dshostcnt, dspathcnt, hostsiz, pathsiz;
1173 size_t dsaddrsiz, dshostsiz, dspathsiz, nfsprtsiz, mdspathsiz;
1174 struct addrinfo hints, *ai_tcp, *res;
1175 struct sockaddr_in sin;
1176 struct sockaddr_in6 sin6;
1178 cp = strdup(optionarg);
1180 errx(1, "Out of memory");
1182 /* Now, do the host names. */
1185 dspath = malloc(dspathsiz);
1187 errx(1, "Out of memory");
1190 dshost = malloc(dshostsiz);
1192 errx(1, "Out of memory");
1195 dsaddr = malloc(dsaddrsiz);
1197 errx(1, "Out of memory");
1200 mdspath = malloc(mdspathsiz);
1201 if (mdspath == NULL)
1202 errx(1, "Out of memory");
1204 /* Put the NFS port# in "." form. */
1205 snprintf(nfsprt, 9, ".%d.%d", 2049 >> 8, 2049 & 0xff);
1206 nfsprtsiz = strlen(nfsprt);
1209 /* Loop around for each DS server name. */
1211 cp2 = strchr(cp, ',');
1213 /* Not the last DS in the list. */
1219 dsvol = strchr(cp, ':');
1220 if (dsvol == NULL || *(dsvol + 1) == '\0')
1224 /* Optional path for MDS file system to be stored on DS. */
1225 mdsp = strchr(dsvol, '#');
1227 if (*(mdsp + 1) == '\0' || mdsp <= dsvol)
1232 /* Append this pathname to dspath. */
1233 pathsiz = strlen(dsvol);
1234 if (dspathcnt + pathsiz + 1 > dspathsiz) {
1236 dspath = realloc(dspath, dspathsiz);
1238 errx(1, "Out of memory");
1240 strcpy(&dspath[dspathcnt], dsvol);
1241 dspathcnt += pathsiz + 1;
1243 /* Append this pathname to mdspath. */
1245 pathsiz = strlen(mdsp);
1248 if (mdspathcnt + pathsiz + 1 > mdspathsiz) {
1250 mdspath = realloc(mdspath, mdspathsiz);
1251 if (mdspath == NULL)
1252 errx(1, "Out of memory");
1255 strcpy(&mdspath[mdspathcnt], mdsp);
1257 mdspath[mdspathcnt] = '\0';
1258 mdspathcnt += pathsiz + 1;
1261 freeaddrinfo(ai_tcp);
1263 /* Get the fully qualified domain name and IP address. */
1264 memset(&hints, 0, sizeof(hints));
1265 hints.ai_flags = AI_CANONNAME | AI_ADDRCONFIG;
1266 hints.ai_family = PF_UNSPEC;
1267 hints.ai_socktype = SOCK_STREAM;
1268 hints.ai_protocol = IPPROTO_TCP;
1269 ecode = getaddrinfo(cp, NULL, &hints, &ai_tcp);
1271 err(1, "getaddrinfo pnfs: %s %s", cp,
1272 gai_strerror(ecode));
1274 for (res = ai_tcp; res != NULL; res = res->ai_next) {
1275 if (res->ai_addr->sa_family == AF_INET) {
1276 if (res->ai_addrlen < sizeof(sin))
1277 err(1, "getaddrinfo() returned "
1278 "undersized IPv4 address");
1280 * Mips cares about sockaddr_in alignment,
1281 * so copy the address.
1283 memcpy(&sin, res->ai_addr, sizeof(sin));
1284 ad = inet_ntoa(sin.sin_addr);
1286 } else if (res->ai_family == AF_INET6) {
1287 if (res->ai_addrlen < sizeof(sin6))
1288 err(1, "getaddrinfo() returned "
1289 "undersized IPv6 address");
1291 * Mips cares about sockaddr_in6 alignment,
1292 * so copy the address.
1294 memcpy(&sin6, res->ai_addr, sizeof(sin6));
1295 ad = inet_ntop(AF_INET6, &sin6.sin6_addr, ip6,
1300 * Since a link local address will only
1301 * work if the client and DS are in the
1302 * same scope zone, only use it if it is
1306 !IN6_IS_ADDR_LINKLOCAL(&sin6.sin6_addr))
1311 err(1, "No IP address for %s", cp);
1313 /* Append this address to dsaddr. */
1315 if (dsaddrcnt + adsiz + nfsprtsiz + 1 > dsaddrsiz) {
1317 dsaddr = realloc(dsaddr, dsaddrsiz);
1319 errx(1, "Out of memory");
1321 strcpy(&dsaddr[dsaddrcnt], ad);
1322 strcat(&dsaddr[dsaddrcnt], nfsprt);
1323 dsaddrcnt += adsiz + nfsprtsiz + 1;
1325 /* Append this hostname to dshost. */
1326 hostsiz = strlen(ai_tcp->ai_canonname);
1327 if (dshostcnt + hostsiz + 1 > dshostsiz) {
1329 dshost = realloc(dshost, dshostsiz);
1331 errx(1, "Out of memory");
1333 strcpy(&dshost[dshostcnt], ai_tcp->ai_canonname);
1334 dshostcnt += hostsiz + 1;
1337 } while (cp != NULL);
1339 nfsdargp->addr = dsaddr;
1340 nfsdargp->addrlen = dsaddrcnt;
1341 nfsdargp->dnshost = dshost;
1342 nfsdargp->dnshostlen = dshostcnt;
1343 nfsdargp->dspath = dspath;
1344 nfsdargp->dspathlen = dspathcnt;
1345 nfsdargp->mdspath = mdspath;
1346 nfsdargp->mdspathlen = mdspathcnt;
1347 freeaddrinfo(ai_tcp);