2 * Copyright (c) 2009 Rick Macklem, University of Guelph
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 #include <sys/cdefs.h>
29 __FBSDID("$FreeBSD$");
31 #include <sys/param.h>
32 #include <sys/errno.h>
33 #include <sys/linker.h>
34 #include <sys/module.h>
35 #include <sys/mount.h>
36 #include <sys/socket.h>
37 #include <sys/socketvar.h>
38 #include <sys/sysctl.h>
40 #include <sys/ucred.h>
41 #include <sys/vnode.h>
44 #include <netinet/in.h>
46 #include <arpa/inet.h>
48 #include <nfs/nfssvc.h>
52 #include <fs/nfs/rpcv2.h>
53 #include <fs/nfs/nfsproto.h>
54 #include <fs/nfs/nfskpiport.h>
55 #include <fs/nfs/nfs.h>
70 * This program loads the password and group databases into the kernel
74 static void cleanup_term(int);
75 static void usage(void);
76 static void nfsuserdsrv(struct svc_req *, SVCXPRT *);
77 static bool_t xdr_getid(XDR *, caddr_t);
78 static bool_t xdr_getname(XDR *, caddr_t);
79 static bool_t xdr_retval(XDR *, caddr_t);
80 static int nfsbind_localhost(void);
83 #define MAXNFSUSERD 20
85 #define MAXUSERMAX 100000
87 #define DEFUSERMAX 200
88 #define DEFUSERTIMEOUT (1 * 60)
92 char name[MAXNAME + 1];
95 u_char *dnsname = "default.domain";
96 u_char *defaultuser = "nobody";
97 uid_t defaultuid = 65534;
98 u_char *defaultgroup = "nogroup";
99 gid_t defaultgid = 65533;
100 int verbose = 0, im_a_server = 0, nfsuserdcnt = -1, forcestart = 0;
101 int defusertimeout = DEFUSERTIMEOUT, manage_gids = 0;
102 pid_t servers[MAXNFSUSERD];
103 static struct sockaddr_storage fromip;
105 static struct in6_addr in6loopback = IN6ADDR_LOOPBACK_INIT;
109 main(int argc, char *argv[])
112 int error, fnd_dup, len, mustfreeai = 0, start_uidpos;
113 struct nfsd_idargs nid;
118 struct nfsuserd_args nargs;
120 char hostname[MAXHOSTNAMELEN + 1], *cp;
121 struct addrinfo *aip, hints;
122 static uid_t check_dups[MAXUSERMAX];
126 struct sockaddr_in *sin;
129 struct sockaddr_in6 *sin6;
134 if (modfind("nfscommon") < 0) {
135 /* Not present in kernel, try loading it */
136 if (kldload("nfscommon") < 0 ||
137 modfind("nfscommon") < 0)
138 errx(1, "Experimental nfs subsystem is not available");
142 * First, figure out what our domain name and Kerberos Realm
143 * seem to be. Command line args may override these later.
145 if (gethostname(hostname, MAXHOSTNAMELEN) == 0) {
146 if ((cp = strchr(hostname, '.')) != NULL &&
150 memset((void *)&hints, 0, sizeof (hints));
151 hints.ai_flags = AI_CANONNAME;
152 error = getaddrinfo(hostname, NULL, &hints, &aip);
154 if (aip->ai_canonname != NULL &&
155 (cp = strchr(aip->ai_canonname, '.')) != NULL
156 && *(cp + 1) != '\0') {
167 * See if this server handles IPv4 or IPv6 and set up the default
172 s = socket(PF_INET6, SOCK_DGRAM, 0);
174 fromip.ss_family = AF_INET6;
175 fromip.ss_len = sizeof(struct sockaddr_in6);
176 sin6 = (struct sockaddr_in6 *)&fromip;
177 sin6->sin6_addr = in6loopback;
183 s = socket(PF_INET, SOCK_DGRAM, 0);
185 fromip.ss_family = AF_INET;
186 fromip.ss_len = sizeof(struct sockaddr_in);
187 sin = (struct sockaddr_in *)&fromip;
188 sin->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
194 err(1, "Can't create a inet/inet6 socket");
196 nid.nid_usermax = DEFUSERMAX;
197 nid.nid_usertimeout = defusertimeout;
202 if (!strcmp(*argv, "-domain")) {
207 strncpy(hostname, *argv, MAXHOSTNAMELEN);
208 hostname[MAXHOSTNAMELEN] = '\0';
210 } else if (!strcmp(*argv, "-verbose")) {
212 } else if (!strcmp(*argv, "-force")) {
214 } else if (!strcmp(*argv, "-manage-gids")) {
216 } else if (!strcmp(*argv, "-usermax")) {
222 if (i < MINUSERMAX || i > MAXUSERMAX) {
224 "usermax %d out of range %d<->%d\n", i,
225 MINUSERMAX, MAXUSERMAX);
229 } else if (!strcmp(*argv, "-usertimeout")) {
235 if (i < 0 || i > 100000) {
237 "usertimeout %d out of range 0<->100000\n",
241 nid.nid_usertimeout = defusertimeout = i * 60;
242 } else if (nfsuserdcnt == -1) {
243 nfsuserdcnt = atoi(*argv);
246 if (nfsuserdcnt > MAXNFSUSERD) {
247 warnx("nfsuserd count %d; reset to %d",
248 nfsuserdcnt, DEFNFSUSERD);
249 nfsuserdcnt = DEFNFSUSERD;
258 nfsuserdcnt = DEFNFSUSERD;
261 * Strip off leading and trailing '.'s in domain name and map
262 * alphabetics to lower case.
264 while (*dnsname == '.')
266 if (*dnsname == '\0')
267 errx(1, "Domain name all '.'");
268 len = strlen(dnsname);
269 cp = dnsname + len - 1;
275 for (i = 0; i < len; i++) {
276 if (!isascii(dnsname[i]))
277 errx(1, "Domain name has non-ascii char");
278 if (isupper(dnsname[i]))
279 dnsname[i] = tolower(dnsname[i]);
283 * If the nfsuserd died off ungracefully, this is necessary to
284 * get them to start again.
286 if (forcestart && nfssvc(NFSSVC_NFSUSERDDELPORT, NULL) < 0)
287 errx(1, "Can't do nfssvc() to delete the port");
291 "nfsuserd: domain=%s usermax=%d usertimeout=%d\n",
292 dnsname, nid.nid_usermax, nid.nid_usertimeout);
294 for (i = 0; i < nfsuserdcnt; i++)
295 servers[i] = (pid_t)-1;
297 nargs.nuserd_family = fromip.ss_family;
299 * Set up the service port to accept requests via UDP from
300 * localhost (INADDR_LOOPBACK or IN6ADDR_LOOPBACK_INIT).
302 if ((sock = socket(nargs.nuserd_family, SOCK_DGRAM, IPPROTO_UDP)) < 0)
303 err(1, "cannot create udp socket");
306 * Not sure what this does, so I'll leave it here for now.
308 setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
310 if ((udptransp = svcudp_create(sock)) == NULL)
311 err(1, "Can't set up socket");
314 * By not specifying a protocol, it is linked into the
315 * dispatch queue, but not registered with portmapper,
316 * which is just what I want.
318 if (!svc_register(udptransp, RPCPROG_NFSUSERD, RPCNFSUSERD_VERS,
320 err(1, "Can't register nfsuserd");
323 * Tell the kernel what my port# is.
325 nargs.nuserd_port = htons(udptransp->xp_port);
327 printf("portnum=0x%x\n", nargs.nuserd_port);
329 if (nfssvc(NFSSVC_NFSUSERDPORT | NFSSVC_NEWSTRUCT, &nargs) < 0) {
330 if (errno == EPERM) {
332 jailed_size = sizeof(jailed);
333 sysctlbyname("security.jail.jailed", &jailed,
334 &jailed_size, NULL, 0);
336 fprintf(stderr, "Cannot start nfsuserd. "
337 "allow.nfsd might not be configured\n");
339 fprintf(stderr, "Cannot start nfsuserd "
340 "when already running.");
341 fprintf(stderr, " If not running, "
342 "use the -force option.\n");
345 fprintf(stderr, "Can't do nfssvc() to add port\n");
351 pwd = getpwnam(defaultuser);
353 nid.nid_uid = pwd->pw_uid;
355 nid.nid_uid = defaultuid;
356 grp = getgrnam(defaultgroup);
358 nid.nid_gid = grp->gr_gid;
360 nid.nid_gid = defaultgid;
361 nid.nid_name = dnsname;
362 nid.nid_namelen = strlen(nid.nid_name);
365 nid.nid_flag = NFSID_INITIALIZE;
367 printf("Initialize uid=%d gid=%d dns=%s\n", nid.nid_uid, nid.nid_gid,
370 error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
372 errx(1, "Can't initialize nfs user/groups");
377 * Loop around adding all groups.
380 while (i < nid.nid_usermax && (grp = getgrent())) {
381 nid.nid_gid = grp->gr_gid;
382 nid.nid_name = grp->gr_name;
383 nid.nid_namelen = strlen(grp->gr_name);
386 nid.nid_flag = NFSID_ADDGID;
388 printf("add gid=%d name=%s\n", nid.nid_gid, nid.nid_name);
390 error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
392 errx(1, "Can't add group %s", grp->gr_name);
399 * Loop around adding all users.
403 while (i < nid.nid_usermax && (pwd = getpwent())) {
406 * Yes, this is inefficient, but it is only done once when
407 * the daemon is started and will run in a fraction of a second
408 * for nid_usermax at 10000. If nid_usermax is cranked up to
409 * 100000, it will take several seconds, depending on the CPU.
411 for (j = 0; j < (i - start_uidpos); j++)
412 if (check_dups[j] == pwd->pw_uid) {
413 /* Found another entry for uid, so skip it */
419 check_dups[i - start_uidpos] = pwd->pw_uid;
420 nid.nid_uid = pwd->pw_uid;
421 nid.nid_name = pwd->pw_name;
422 nid.nid_namelen = strlen(pwd->pw_name);
423 if (manage_gids != 0) {
424 /* Get the group list for this user. */
426 if (getgrouplist(pwd->pw_name, pwd->pw_gid, grps,
428 syslog(LOG_ERR, "Group list too small");
429 nid.nid_ngroup = ngroup;
435 nid.nid_flag = NFSID_ADDUID;
437 printf("add uid=%d name=%s\n", nid.nid_uid, nid.nid_name);
439 error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
441 errx(1, "Can't add user %s", pwd->pw_name);
448 * I should feel guilty for not calling this for all the above exit()
449 * upon error cases, but I don't.
458 * Temporarily block SIGUSR1 and SIGCHLD, so servers[] can't
461 sigemptyset(&signew);
462 sigaddset(&signew, SIGUSR1);
463 sigaddset(&signew, SIGCHLD);
464 sigprocmask(SIG_BLOCK, &signew, NULL);
467 (void)signal(SIGHUP, SIG_IGN);
468 (void)signal(SIGINT, SIG_IGN);
469 (void)signal(SIGQUIT, SIG_IGN);
470 (void)signal(SIGTERM, SIG_IGN);
471 (void)signal(SIGUSR1, cleanup_term);
472 (void)signal(SIGCHLD, cleanup_term);
474 openlog("nfsuserd:", LOG_PID, LOG_DAEMON);
477 * Fork off the server daemons that do the work. All the master
478 * does is terminate them and cleanup.
480 for (i = 0; i < nfsuserdcnt; i++) {
482 if (servers[i] == 0) {
484 setproctitle("server");
485 sigemptyset(&signew);
486 sigaddset(&signew, SIGUSR1);
487 sigprocmask(SIG_UNBLOCK, &signew, NULL);
493 syslog(LOG_ERR, "nfsuserd died: %m");
495 } else if (servers[i] < 0) {
496 syslog(LOG_ERR, "fork: %m");
501 * Just wait for SIGUSR1 or a child to die and then...
502 * As the Governor of California would say, "Terminate them".
504 setproctitle("master");
505 sigemptyset(&signew);
511 * The nfsuserd rpc service
514 nfsuserdsrv(struct svc_req *rqstp, SVCXPRT *transp)
519 #if defined(INET) || defined(INET6)
524 struct nfsd_idargs nid;
528 struct sockaddr_in *fromsin, *sin;
531 struct sockaddr_in6 *fromsin6, *sin6;
532 char buf[INET6_ADDRSTRLEN];
536 * Only handle requests from localhost on a reserved port number.
537 * If the upcall is from a different address, call nfsbind_localhost()
538 * to check for a remapping of localhost, due to jails.
539 * (Since a reserved port # at localhost implies a client with
540 * local root, there won't be a security breach. This is about
541 * the only case I can think of where a reserved port # means
544 if (rqstp->rq_proc != NULLPROC) {
545 switch (fromip.ss_family) {
548 if (transp->xp_rtaddr.len < sizeof(*sin)) {
549 syslog(LOG_ERR, "xp_rtaddr too small");
550 svcerr_weakauth(transp);
553 sin = (struct sockaddr_in *)transp->xp_rtaddr.buf;
554 fromsin = (struct sockaddr_in *)&fromip;
555 sport = ntohs(sin->sin_port);
556 if (sport >= IPPORT_RESERVED) {
557 syslog(LOG_ERR, "not a reserved port#");
558 svcerr_weakauth(transp);
562 if (sin->sin_addr.s_addr != fromsin->sin_addr.s_addr)
563 ret = nfsbind_localhost();
564 if (ret == 0 || sin->sin_addr.s_addr !=
565 fromsin->sin_addr.s_addr) {
566 syslog(LOG_ERR, "bad from ip %s",
567 inet_ntoa(sin->sin_addr));
568 svcerr_weakauth(transp);
575 if (transp->xp_rtaddr.len < sizeof(*sin6)) {
576 syslog(LOG_ERR, "xp_rtaddr too small");
577 svcerr_weakauth(transp);
580 sin6 = (struct sockaddr_in6 *)transp->xp_rtaddr.buf;
581 fromsin6 = (struct sockaddr_in6 *)&fromip;
582 sport = ntohs(sin6->sin6_port);
583 if (sport >= IPV6PORT_RESERVED) {
584 syslog(LOG_ERR, "not a reserved port#");
585 svcerr_weakauth(transp);
589 if (!IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr,
590 &fromsin6->sin6_addr))
591 ret = nfsbind_localhost();
592 if (ret == 0 || !IN6_ARE_ADDR_EQUAL(&sin6->sin6_addr,
593 &fromsin6->sin6_addr)) {
594 if (inet_ntop(AF_INET6, &sin6->sin6_addr, buf,
595 INET6_ADDRSTRLEN) != NULL)
596 syslog(LOG_ERR, "bad from ip %s", buf);
598 syslog(LOG_ERR, "bad from ip6 addr");
599 svcerr_weakauth(transp);
606 switch (rqstp->rq_proc) {
608 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
609 syslog(LOG_ERR, "Can't send reply");
611 case RPCNFSUSERD_GETUID:
612 if (!svc_getargs(transp, (xdrproc_t)xdr_getid,
614 svcerr_decode(transp);
617 pwd = getpwuid((uid_t)info.id);
620 nid.nid_usertimeout = defusertimeout;
621 nid.nid_uid = pwd->pw_uid;
622 nid.nid_name = pwd->pw_name;
623 if (manage_gids != 0) {
624 /* Get the group list for this user. */
626 if (getgrouplist(pwd->pw_name, pwd->pw_gid,
628 syslog(LOG_ERR, "Group list too small");
629 nid.nid_ngroup = ngroup;
636 nid.nid_usertimeout = 5;
637 nid.nid_uid = (uid_t)info.id;
638 nid.nid_name = defaultuser;
642 nid.nid_namelen = strlen(nid.nid_name);
643 nid.nid_flag = NFSID_ADDUID;
644 error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
647 syslog(LOG_ERR, "Can't add user %s\n", pwd->pw_name);
648 } else if (verbose) {
649 syslog(LOG_ERR,"Added uid=%d name=%s\n",
650 nid.nid_uid, nid.nid_name);
652 if (!svc_sendreply(transp, (xdrproc_t)xdr_retval,
654 syslog(LOG_ERR, "Can't send reply");
656 case RPCNFSUSERD_GETGID:
657 if (!svc_getargs(transp, (xdrproc_t)xdr_getid,
659 svcerr_decode(transp);
662 grp = getgrgid((gid_t)info.id);
665 nid.nid_usertimeout = defusertimeout;
666 nid.nid_gid = grp->gr_gid;
667 nid.nid_name = grp->gr_name;
669 nid.nid_usertimeout = 5;
670 nid.nid_gid = (gid_t)info.id;
671 nid.nid_name = defaultgroup;
673 nid.nid_namelen = strlen(nid.nid_name);
676 nid.nid_flag = NFSID_ADDGID;
677 error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
680 syslog(LOG_ERR, "Can't add group %s\n",
682 } else if (verbose) {
683 syslog(LOG_ERR,"Added gid=%d name=%s\n",
684 nid.nid_gid, nid.nid_name);
686 if (!svc_sendreply(transp, (xdrproc_t)xdr_retval,
688 syslog(LOG_ERR, "Can't send reply");
690 case RPCNFSUSERD_GETUSER:
691 if (!svc_getargs(transp, (xdrproc_t)xdr_getname,
693 svcerr_decode(transp);
696 pwd = getpwnam(info.name);
699 nid.nid_usertimeout = defusertimeout;
700 nid.nid_uid = pwd->pw_uid;
701 nid.nid_name = pwd->pw_name;
703 nid.nid_usertimeout = 5;
704 nid.nid_uid = defaultuid;
705 nid.nid_name = info.name;
707 nid.nid_namelen = strlen(nid.nid_name);
710 nid.nid_flag = NFSID_ADDUSERNAME;
711 error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
714 syslog(LOG_ERR, "Can't add user %s\n", pwd->pw_name);
715 } else if (verbose) {
716 syslog(LOG_ERR,"Added uid=%d name=%s\n",
717 nid.nid_uid, nid.nid_name);
719 if (!svc_sendreply(transp, (xdrproc_t)xdr_retval,
721 syslog(LOG_ERR, "Can't send reply");
723 case RPCNFSUSERD_GETGROUP:
724 if (!svc_getargs(transp, (xdrproc_t)xdr_getname,
726 svcerr_decode(transp);
729 grp = getgrnam(info.name);
732 nid.nid_usertimeout = defusertimeout;
733 nid.nid_gid = grp->gr_gid;
734 nid.nid_name = grp->gr_name;
736 nid.nid_usertimeout = 5;
737 nid.nid_gid = defaultgid;
738 nid.nid_name = info.name;
740 nid.nid_namelen = strlen(nid.nid_name);
743 nid.nid_flag = NFSID_ADDGROUPNAME;
744 error = nfssvc(NFSSVC_IDNAME | NFSSVC_NEWSTRUCT, &nid);
747 syslog(LOG_ERR, "Can't add group %s\n",
749 } else if (verbose) {
750 syslog(LOG_ERR,"Added gid=%d name=%s\n",
751 nid.nid_gid, nid.nid_name);
753 if (!svc_sendreply(transp, (xdrproc_t)xdr_retval,
755 syslog(LOG_ERR, "Can't send reply");
758 svcerr_noproc(transp);
764 * Xdr routine to get an id number
767 xdr_getid(XDR *xdrsp, caddr_t cp)
769 struct info *ifp = (struct info *)cp;
771 return (xdr_long(xdrsp, &ifp->id));
775 * Xdr routine to get a user name
778 xdr_getname(XDR *xdrsp, caddr_t cp)
780 struct info *ifp = (struct info *)cp;
783 if (!xdr_long(xdrsp, &len))
787 if (!xdr_opaque(xdrsp, ifp->name, len))
789 ifp->name[len] = '\0';
794 * Xdr routine to return the value.
797 xdr_retval(XDR *xdrsp, caddr_t cp)
799 struct info *ifp = (struct info *)cp;
803 return (xdr_long(xdrsp, &val));
807 * cleanup_term() called via SIGUSR1.
810 cleanup_term(int signo __unused)
818 * Ok, so I'm the master.
819 * As the Governor of California might say, "Terminate them".
822 for (i = 0; i < nfsuserdcnt; i++) {
823 if (servers[i] != (pid_t)-1) {
825 kill(servers[i], SIGUSR1);
830 * and wait for them to die
832 for (i = 0; i < cnt; i++)
833 wait3(NULL, 0, NULL);
836 * Finally, get rid of the socket
838 if (nfssvc(NFSSVC_NFSUSERDDELPORT, NULL) < 0) {
839 syslog(LOG_ERR, "Can't do nfssvc() to delete the port\n");
846 * Get the IP address that the localhost address maps to.
847 * This is needed when jails map localhost to another IP address.
850 nfsbind_localhost(void)
853 struct sockaddr_in sin;
856 struct sockaddr_in6 sin6;
861 switch (fromip.ss_family) {
864 s = socket(PF_INET6, SOCK_DGRAM, 0);
867 memset(&sin6, 0, sizeof(sin6));
868 sin6.sin6_len = sizeof(sin6);
869 sin6.sin6_family = AF_INET6;
870 sin6.sin6_addr = in6loopback;
872 ret = bind(s, (struct sockaddr *)&sin6, sizeof(sin6));
881 s = socket(PF_INET, SOCK_DGRAM, 0);
884 memset(&sin, 0, sizeof(sin));
885 sin.sin_len = sizeof(sin);
886 sin.sin_family = AF_INET;
887 sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
889 ret = bind(s, (struct sockaddr *)&sin, sizeof(sin));
897 memset(&fromip, 0, sizeof(fromip));
898 slen = sizeof(fromip);
899 ret = getsockname(s, (struct sockaddr *)&fromip, &slen);
911 "usage: nfsuserd [-usermax cache_size] [-usertimeout minutes] [-verbose] [-manage-gids] [-domain domain_name] [n]");