2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Herb Hasler and Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 4. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
34 static const char copyright[] =
35 "@(#) Copyright (c) 1989, 1993\n\
36 The Regents of the University of California. All rights reserved.\n";
41 static char sccsid[] = "@(#)mountd.c 8.15 (Berkeley) 5/1/95";
45 #include <sys/cdefs.h>
46 __FBSDID("$FreeBSD$");
48 #include <sys/param.h>
49 #include <sys/fcntl.h>
50 #include <sys/linker.h>
51 #include <sys/module.h>
52 #include <sys/mount.h>
54 #include <sys/sysctl.h>
55 #include <sys/syslog.h>
58 #include <rpc/rpc_com.h>
59 #include <rpc/pmap_clnt.h>
60 #include <rpc/pmap_prot.h>
61 #include <rpcsvc/mount.h>
62 #include <nfs/nfsproto.h>
63 #include <nfs/nfssvc.h>
64 #include <nfsserver/nfs.h>
66 #include <fs/nfs/nfsport.h>
68 #include <arpa/inet.h>
83 #include "pathnames.h"
91 * Structures for keeping the mount list and export list
94 struct mountlist *ml_next;
95 char ml_host[MNTNAMLEN+1];
96 char ml_dirp[MNTPATHLEN+1];
100 struct dirlist *dp_left;
101 struct dirlist *dp_right;
103 struct hostlist *dp_hosts; /* List of hosts this dir exported to */
104 char dp_dirp[1]; /* Actually malloc'd to size of dir */
107 #define DP_DEFSET 0x1
108 #define DP_HOSTSET 0x2
111 struct exportlist *ex_next;
112 struct dirlist *ex_dirl;
113 struct dirlist *ex_defdir;
118 int ex_numsecflavors;
119 int ex_secflavors[MAXSECFLAVORS];
122 #define EX_LINKED 0x1
125 struct sockaddr_storage nt_net;
126 struct sockaddr_storage nt_mask;
131 struct addrinfo *gt_addrinfo;
132 struct netmsk gt_net;
137 union grouptypes gr_ptr;
138 struct grouplist *gr_next;
144 #define GT_DEFAULT 0x3
145 #define GT_IGNORE 0x5
148 int ht_flag; /* Uses DP_xx bits */
149 struct grouplist *ht_grp;
150 struct hostlist *ht_next;
157 int fhr_numsecflavors;
162 char *add_expdir(struct dirlist **, char *, int);
163 void add_dlist(struct dirlist **, struct dirlist *,
164 struct grouplist *, int);
165 void add_mlist(char *, char *);
166 int check_dirpath(char *);
167 int check_options(struct dirlist *);
168 int checkmask(struct sockaddr *sa);
169 int chk_host(struct dirlist *, struct sockaddr *, int *, int *);
170 void create_service(struct netconfig *nconf);
171 void del_mlist(char *hostp, char *dirp);
172 struct dirlist *dirp_search(struct dirlist *, char *);
173 int do_mount(struct exportlist *, struct grouplist *, int,
174 struct xucred *, char *, int, struct statfs *);
175 int do_opt(char **, char **, struct exportlist *, struct grouplist *,
176 int *, int *, struct xucred *);
177 struct exportlist *ex_search(fsid_t *);
178 struct exportlist *get_exp(void);
179 void free_dir(struct dirlist *);
180 void free_exp(struct exportlist *);
181 void free_grp(struct grouplist *);
182 void free_host(struct hostlist *);
183 void get_exportlist(void);
184 int get_host(char *, struct grouplist *, struct grouplist *);
185 struct hostlist *get_ht(void);
187 void get_mountlist(void);
188 int get_net(char *, struct netmsk *, int);
189 void getexp_err(struct exportlist *, struct grouplist *);
190 struct grouplist *get_grp(void);
191 void hang_dirp(struct dirlist *, struct grouplist *,
192 struct exportlist *, int);
193 void huphandler(int sig);
194 int makemask(struct sockaddr_storage *ssp, int bitlen);
195 void mntsrv(struct svc_req *, SVCXPRT *);
196 void nextfield(char **, char **);
197 void out_of_mem(void);
198 void parsecred(char *, struct xucred *);
199 int put_exlist(struct dirlist *, XDR *, struct dirlist *, int *, int);
200 void *sa_rawaddr(struct sockaddr *sa, int *nbytes);
201 int sacmp(struct sockaddr *sa1, struct sockaddr *sa2,
202 struct sockaddr *samask);
203 int scan_tree(struct dirlist *, struct sockaddr *);
204 static void usage(void);
205 int xdr_dir(XDR *, char *);
206 int xdr_explist(XDR *, caddr_t);
207 int xdr_explist_brief(XDR *, caddr_t);
208 int xdr_fhs(XDR *, caddr_t);
209 int xdr_mlist(XDR *, caddr_t);
212 struct exportlist *exphead;
213 struct mountlist *mlhead;
214 struct grouplist *grphead;
215 char *exnames_default[2] = { _PATH_EXPORTS, NULL };
218 struct xucred def_anon = {
226 int resvport_only = 1;
233 char *svcport_str = NULL;
236 static int have_v6 = 1;
238 int v4root_phase = 0;
239 char v4root_dirpath[PATH_MAX + 1];
240 int run_v4server = 0;
241 int has_publicfh = 0;
243 struct pidfh *pfh = NULL;
244 /* Bits for opt_flags above */
245 #define OP_MAPROOT 0x01
246 #define OP_MAPALL 0x02
250 #define OP_ALLDIRS 0x40
251 #define OP_HAVEMASK 0x80 /* A mask was specified or inferred. */
252 #define OP_QUIET 0x100
253 #define OP_MASKLEN 0x200
258 void SYSLOG(int, const char *, ...) __printflike(2, 3);
259 #define syslog SYSLOG
265 * Mountd server for NFS mount protocol as described in:
266 * NFS: Network File System Protocol Specification, RFC1094, Appendix A
267 * The optional arguments are the exports file name
268 * default: _PATH_EXPORTS
269 * and "-n" to allow nonroot mount.
277 struct netconfig *nconf;
278 char *endptr, **hosts_bak;
283 int maxrec = RPC_MAXDATASIZE;
285 /* Check that another mountd isn't already running. */
286 pfh = pidfile_open(_PATH_MOUNTDPID, 0600, &otherpid);
289 errx(1, "mountd already running, pid: %d.", otherpid);
290 warn("cannot open or create pidfile");
293 s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
299 while ((c = getopt(argc, argv, "2deh:lnp:r")) != -1)
314 debug = debug ? 0 : 1;
321 svcport = (in_port_t)strtoul(optarg, &endptr, 10);
322 if (endptr == NULL || *endptr != '\0' ||
323 svcport == 0 || svcport >= IPPORT_MAX)
325 svcport_str = strdup(optarg);
330 hosts_bak = realloc(hosts, nhosts * sizeof(char *));
331 if (hosts_bak == NULL) {
333 for (k = 0; k < nhosts; k++)
340 hosts[nhosts - 1] = strdup(optarg);
341 if (hosts[nhosts - 1] == NULL) {
342 for (k = 0; k < (nhosts - 1); k++)
353 * If the "-e" option was specified OR only the nfsd module is
354 * found in the server, run "nfsd".
355 * Otherwise, try and run "nfsserver".
357 if (run_v4server > 0) {
358 if (modfind("nfsd") < 0) {
359 /* Not present in kernel, try loading it */
360 if (kldload("nfsd") < 0 || modfind("nfsd") < 0)
361 errx(1, "NFS server is not available");
363 } else if (modfind("nfsserver") < 0 && modfind("nfsd") >= 0) {
365 } else if (modfind("nfsserver") < 0) {
366 /* Not present in kernel, try loading it */
367 if (kldload("nfsserver") < 0 || modfind("nfsserver") < 0)
368 errx(1, "NFS server is not available");
373 grphead = (struct grouplist *)NULL;
374 exphead = (struct exportlist *)NULL;
375 mlhead = (struct mountlist *)NULL;
379 exnames = exnames_default;
380 openlog("mountd", LOG_PID, LOG_DAEMON);
382 warnx("getting export list");
385 warnx("getting mount list");
391 signal(SIGINT, SIG_IGN);
392 signal(SIGQUIT, SIG_IGN);
394 signal(SIGHUP, huphandler);
395 signal(SIGTERM, terminate);
396 signal(SIGPIPE, SIG_IGN);
400 rpcb_unset(MOUNTPROG, MOUNTVERS, NULL);
401 rpcb_unset(MOUNTPROG, MOUNTVERS3, NULL);
402 rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec);
404 if (!resvport_only) {
405 if (sysctlbyname("vfs.nfsrv.nfs_privport", NULL, NULL,
406 &resvport_only, sizeof(resvport_only)) != 0 &&
408 syslog(LOG_ERR, "sysctl: %m");
414 * If no hosts were specified, add a wildcard entry to bind to
415 * INADDR_ANY. Otherwise make sure 127.0.0.1 and ::1 are added to the
419 hosts = malloc(sizeof(char**));
427 hosts_bak = realloc(hosts, (nhosts + 2) *
429 if (hosts_bak == NULL) {
430 for (k = 0; k < nhosts; k++)
437 hosts[nhosts - 2] = "::1";
439 hosts_bak = realloc(hosts, (nhosts + 1) * sizeof(char *));
440 if (hosts_bak == NULL) {
441 for (k = 0; k < nhosts; k++)
451 hosts[nhosts - 1] = "127.0.0.1";
454 nc_handle = setnetconfig();
455 while ((nconf = getnetconfig(nc_handle))) {
456 if (nconf->nc_flag & NC_VISIBLE) {
457 if (have_v6 == 0 && strcmp(nconf->nc_protofmly,
461 create_service(nconf);
464 endnetconfig(nc_handle);
467 syslog(LOG_ERR, "could not create any services");
471 /* Expand svc_run() here so that we can call get_exportlist(). */
478 switch (select(svc_maxfd + 1, &readfds, NULL, NULL, NULL)) {
482 syslog(LOG_ERR, "mountd died: select: %m");
487 svc_getreqset(&readfds);
493 * This routine creates and binds sockets on the appropriate
494 * addresses. It gets called one time for each transport and
495 * registrates the service with rpcbind on that trasport.
498 create_service(struct netconfig *nconf)
500 struct addrinfo hints, *res = NULL;
501 struct sockaddr_in *sin;
502 struct sockaddr_in6 *sin6;
503 struct __rpc_sockinfo si;
504 struct netbuf servaddr;
505 SVCXPRT *transp = NULL;
512 u_int32_t host_addr[4]; /* IPv4 or IPv6 */
514 if ((nconf->nc_semantics != NC_TPI_CLTS) &&
515 (nconf->nc_semantics != NC_TPI_COTS) &&
516 (nconf->nc_semantics != NC_TPI_COTS_ORD))
517 return; /* not my type */
520 * XXX - using RPC library internal functions.
522 if (!__rpc_nconf2sockinfo(nconf, &si)) {
523 syslog(LOG_ERR, "cannot get information for %s",
528 /* Get mountd's address on this transport */
529 memset(&hints, 0, sizeof hints);
530 hints.ai_flags = AI_PASSIVE;
531 hints.ai_family = si.si_af;
532 hints.ai_socktype = si.si_socktype;
533 hints.ai_protocol = si.si_proto;
536 * Bind to specific IPs if asked to
539 while (nhostsbak > 0) {
542 * XXX - using RPC library internal functions.
544 if ((fd = __rpc_nconf2fd(nconf)) < 0) {
546 if (errno == EPROTONOSUPPORT &&
547 nconf->nc_semantics != NC_TPI_CLTS)
550 syslog(non_fatal ? LOG_DEBUG : LOG_ERR,
551 "cannot create socket for %s", nconf->nc_netid);
555 switch (hints.ai_family) {
557 if (inet_pton(AF_INET, hosts[nhostsbak],
559 hints.ai_flags &= AI_NUMERICHOST;
562 * Skip if we have an AF_INET6 address.
564 if (inet_pton(AF_INET6, hosts[nhostsbak],
572 if (inet_pton(AF_INET6, hosts[nhostsbak],
574 hints.ai_flags &= AI_NUMERICHOST;
577 * Skip if we have an AF_INET address.
579 if (inet_pton(AF_INET, hosts[nhostsbak],
587 * We're doing host-based access checks here, so don't
588 * allow v4-in-v6 to confuse things. The kernel will
589 * disable it by default on NFS sockets too.
591 if (setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, &one,
594 "can't disable v4-in-v6 on IPv6 socket");
603 * If no hosts were specified, just bind to INADDR_ANY
605 if (strcmp("*", hosts[nhostsbak]) == 0) {
606 if (svcport_str == NULL) {
607 res = malloc(sizeof(struct addrinfo));
610 res->ai_flags = hints.ai_flags;
611 res->ai_family = hints.ai_family;
612 res->ai_protocol = hints.ai_protocol;
613 switch (res->ai_family) {
615 sin = malloc(sizeof(struct sockaddr_in));
618 sin->sin_family = AF_INET;
619 sin->sin_port = htons(0);
620 sin->sin_addr.s_addr = htonl(INADDR_ANY);
621 res->ai_addr = (struct sockaddr*) sin;
622 res->ai_addrlen = (socklen_t)
623 sizeof(res->ai_addr);
626 sin6 = malloc(sizeof(struct sockaddr_in6));
629 sin6->sin6_family = AF_INET6;
630 sin6->sin6_port = htons(0);
631 sin6->sin6_addr = in6addr_any;
632 res->ai_addr = (struct sockaddr*) sin6;
633 res->ai_addrlen = (socklen_t)
634 sizeof(res->ai_addr);
640 if ((aicode = getaddrinfo(NULL, svcport_str,
641 &hints, &res)) != 0) {
643 "cannot get local address for %s: %s",
645 gai_strerror(aicode));
650 if ((aicode = getaddrinfo(hosts[nhostsbak], svcport_str,
651 &hints, &res)) != 0) {
653 "cannot get local address for %s: %s",
654 nconf->nc_netid, gai_strerror(aicode));
659 r = bindresvport_sa(fd, res->ai_addr);
661 syslog(LOG_ERR, "bindresvport_sa: %m");
665 if (nconf->nc_semantics != NC_TPI_CLTS)
666 listen(fd, SOMAXCONN);
668 if (nconf->nc_semantics == NC_TPI_CLTS )
669 transp = svc_dg_create(fd, 0, 0);
671 transp = svc_vc_create(fd, RPC_MAXDATASIZE,
674 if (transp != (SVCXPRT *) NULL) {
675 if (!svc_reg(transp, MOUNTPROG, MOUNTVERS, mntsrv,
678 "can't register %s MOUNTVERS service",
681 if (!svc_reg(transp, MOUNTPROG, MOUNTVERS3,
684 "can't register %s MOUNTVERS3 service",
688 syslog(LOG_WARNING, "can't create %s services",
691 if (registered == 0) {
693 memset(&hints, 0, sizeof hints);
694 hints.ai_flags = AI_PASSIVE;
695 hints.ai_family = si.si_af;
696 hints.ai_socktype = si.si_socktype;
697 hints.ai_protocol = si.si_proto;
699 if (svcport_str == NULL) {
700 svcport_str = malloc(NI_MAXSERV * sizeof(char));
701 if (svcport_str == NULL)
704 if (getnameinfo(res->ai_addr,
705 res->ai_addr->sa_len, NULL, NI_MAXHOST,
706 svcport_str, NI_MAXSERV * sizeof(char),
707 NI_NUMERICHOST | NI_NUMERICSERV))
708 errx(1, "Cannot get port number");
711 if((aicode = getaddrinfo(NULL, svcport_str, &hints,
713 syslog(LOG_ERR, "cannot get local address: %s",
714 gai_strerror(aicode));
718 servaddr.buf = malloc(res->ai_addrlen);
719 memcpy(servaddr.buf, res->ai_addr, res->ai_addrlen);
720 servaddr.len = res->ai_addrlen;
722 rpcb_set(MOUNTPROG, MOUNTVERS, nconf, &servaddr);
723 rpcb_set(MOUNTPROG, MOUNTVERS3, nconf, &servaddr);
735 "usage: mountd [-2] [-d] [-e] [-l] [-n] [-p <port>] [-r] "
736 "[-h <bindip>] [export_file ...]\n");
741 * The mount rpc service
744 mntsrv(rqstp, transp)
745 struct svc_req *rqstp;
748 struct exportlist *ep;
753 char host[NI_MAXHOST], numerichost[NI_MAXHOST];
754 int lookup_failed = 1;
755 struct sockaddr *saddr;
757 char rpcpath[MNTPATHLEN + 1], dirpath[MAXPATHLEN];
758 int bad = 0, defset, hostset;
759 sigset_t sighup_mask;
761 sigemptyset(&sighup_mask);
762 sigaddset(&sighup_mask, SIGHUP);
763 saddr = svc_getrpccaller(transp)->buf;
764 switch (saddr->sa_family) {
766 sport = ntohs(((struct sockaddr_in6 *)saddr)->sin6_port);
769 sport = ntohs(((struct sockaddr_in *)saddr)->sin_port);
772 syslog(LOG_ERR, "request from unknown address family");
775 lookup_failed = getnameinfo(saddr, saddr->sa_len, host, sizeof host,
777 getnameinfo(saddr, saddr->sa_len, numerichost,
778 sizeof numerichost, NULL, 0, NI_NUMERICHOST);
779 switch (rqstp->rq_proc) {
781 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
782 syslog(LOG_ERR, "can't send reply");
785 if (sport >= IPPORT_RESERVED && resvport_only) {
787 "mount request from %s from unprivileged port",
789 svcerr_weakauth(transp);
792 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
793 syslog(LOG_NOTICE, "undecodable mount request from %s",
795 svcerr_decode(transp);
800 * Get the real pathname and make sure it is a directory
801 * or a regular file if the -r option was specified
804 if (realpath(rpcpath, dirpath) == NULL ||
805 stat(dirpath, &stb) < 0 ||
806 (!S_ISDIR(stb.st_mode) &&
807 (dir_only || !S_ISREG(stb.st_mode))) ||
808 statfs(dirpath, &fsb) < 0) {
809 chdir("/"); /* Just in case realpath doesn't */
811 "mount request from %s for non existent path %s",
812 numerichost, dirpath);
814 warnx("stat failed on %s", dirpath);
815 bad = ENOENT; /* We will send error reply later */
818 /* Check in the exports list */
819 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
820 ep = ex_search(&fsb.f_fsid);
821 hostset = defset = 0;
822 if (ep && (chk_host(ep->ex_defdir, saddr, &defset, &hostset) ||
823 ((dp = dirp_search(ep->ex_dirl, dirpath)) &&
824 chk_host(dp, saddr, &defset, &hostset)) ||
825 (defset && scan_tree(ep->ex_defdir, saddr) == 0 &&
826 scan_tree(ep->ex_dirl, saddr) == 0))) {
828 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
830 syslog(LOG_ERR, "can't send reply");
831 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
834 if (hostset & DP_HOSTSET)
835 fhr.fhr_flag = hostset;
837 fhr.fhr_flag = defset;
838 fhr.fhr_vers = rqstp->rq_vers;
839 /* Get the file handle */
840 memset(&fhr.fhr_fh, 0, sizeof(nfsfh_t));
841 if (getfh(dirpath, (fhandle_t *)&fhr.fhr_fh) < 0) {
843 syslog(LOG_ERR, "can't get fh for %s", dirpath);
844 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
846 syslog(LOG_ERR, "can't send reply");
847 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
850 fhr.fhr_numsecflavors = ep->ex_numsecflavors;
851 fhr.fhr_secflavors = ep->ex_secflavors;
852 if (!svc_sendreply(transp, (xdrproc_t)xdr_fhs,
854 syslog(LOG_ERR, "can't send reply");
856 add_mlist(host, dirpath);
858 add_mlist(numerichost, dirpath);
860 warnx("mount successful");
863 "mount request succeeded from %s for %s",
864 numerichost, dirpath);
868 "mount request denied from %s for %s",
869 numerichost, dirpath);
872 if (bad && !svc_sendreply(transp, (xdrproc_t)xdr_long,
874 syslog(LOG_ERR, "can't send reply");
875 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
878 if (!svc_sendreply(transp, (xdrproc_t)xdr_mlist, (caddr_t)NULL))
879 syslog(LOG_ERR, "can't send reply");
882 "dump request succeeded from %s",
886 if (sport >= IPPORT_RESERVED && resvport_only) {
888 "umount request from %s from unprivileged port",
890 svcerr_weakauth(transp);
893 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
894 syslog(LOG_NOTICE, "undecodable umount request from %s",
896 svcerr_decode(transp);
899 if (realpath(rpcpath, dirpath) == NULL) {
900 syslog(LOG_NOTICE, "umount request from %s "
901 "for non existent path %s",
902 numerichost, dirpath);
904 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, (caddr_t)NULL))
905 syslog(LOG_ERR, "can't send reply");
907 del_mlist(host, dirpath);
908 del_mlist(numerichost, dirpath);
911 "umount request succeeded from %s for %s",
912 numerichost, dirpath);
914 case MOUNTPROC_UMNTALL:
915 if (sport >= IPPORT_RESERVED && resvport_only) {
917 "umountall request from %s from unprivileged port",
919 svcerr_weakauth(transp);
922 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, (caddr_t)NULL))
923 syslog(LOG_ERR, "can't send reply");
925 del_mlist(host, NULL);
926 del_mlist(numerichost, NULL);
929 "umountall request succeeded from %s",
932 case MOUNTPROC_EXPORT:
933 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist, (caddr_t)NULL))
934 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist_brief,
936 syslog(LOG_ERR, "can't send reply");
939 "export request succeeded from %s",
943 svcerr_noproc(transp);
949 * Xdr conversion for a dirpath string
956 return (xdr_string(xdrsp, &dirp, MNTPATHLEN));
960 * Xdr routine to generate file handle reply
967 struct fhreturn *fhrp = (struct fhreturn *)cp;
968 u_long ok = 0, len, auth;
971 if (!xdr_long(xdrsp, &ok))
973 switch (fhrp->fhr_vers) {
975 return (xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, NFSX_V2FH));
978 if (!xdr_long(xdrsp, &len))
980 if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len))
982 if (fhrp->fhr_numsecflavors) {
983 if (!xdr_int(xdrsp, &fhrp->fhr_numsecflavors))
985 for (i = 0; i < fhrp->fhr_numsecflavors; i++)
986 if (!xdr_int(xdrsp, &fhrp->fhr_secflavors[i]))
992 if (!xdr_long(xdrsp, &len))
994 return (xdr_long(xdrsp, &auth));
1001 xdr_mlist(xdrsp, cp)
1005 struct mountlist *mlp;
1012 if (!xdr_bool(xdrsp, &true))
1014 strp = &mlp->ml_host[0];
1015 if (!xdr_string(xdrsp, &strp, MNTNAMLEN))
1017 strp = &mlp->ml_dirp[0];
1018 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1022 if (!xdr_bool(xdrsp, &false))
1028 * Xdr conversion for export list
1031 xdr_explist_common(xdrsp, cp, brief)
1036 struct exportlist *ep;
1039 sigset_t sighup_mask;
1041 sigemptyset(&sighup_mask);
1042 sigaddset(&sighup_mask, SIGHUP);
1043 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
1047 if (put_exlist(ep->ex_dirl, xdrsp, ep->ex_defdir,
1050 if (ep->ex_defdir && putdef == 0 &&
1051 put_exlist(ep->ex_defdir, xdrsp, (struct dirlist *)NULL,
1056 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1057 if (!xdr_bool(xdrsp, &false))
1061 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
1066 * Called from xdr_explist() to traverse the tree and export the
1070 put_exlist(dp, xdrsp, adp, putdefp, brief)
1073 struct dirlist *adp;
1077 struct grouplist *grp;
1078 struct hostlist *hp;
1085 if (put_exlist(dp->dp_left, xdrsp, adp, putdefp, brief))
1087 if (!xdr_bool(xdrsp, &true))
1090 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1092 if (adp && !strcmp(dp->dp_dirp, adp->dp_dirp)) {
1097 if (!xdr_bool(xdrsp, &true))
1100 if (!xdr_string(xdrsp, &strp, MNTPATHLEN))
1102 } else if ((dp->dp_flag & DP_DEFSET) == 0 &&
1103 (gotalldir == 0 || (adp->dp_flag & DP_DEFSET) == 0)) {
1107 if (grp->gr_type == GT_HOST) {
1108 if (!xdr_bool(xdrsp, &true))
1110 strp = grp->gr_ptr.gt_addrinfo->ai_canonname;
1111 if (!xdr_string(xdrsp, &strp,
1114 } else if (grp->gr_type == GT_NET) {
1115 if (!xdr_bool(xdrsp, &true))
1117 strp = grp->gr_ptr.gt_net.nt_name;
1118 if (!xdr_string(xdrsp, &strp,
1123 if (gotalldir && hp == (struct hostlist *)NULL) {
1129 if (!xdr_bool(xdrsp, &false))
1131 if (put_exlist(dp->dp_right, xdrsp, adp, putdefp, brief))
1138 xdr_explist(xdrsp, cp)
1143 return xdr_explist_common(xdrsp, cp, 0);
1147 xdr_explist_brief(xdrsp, cp)
1152 return xdr_explist_common(xdrsp, cp, 1);
1160 * Get the export list from one, currently open file
1163 get_exportlist_one()
1165 struct exportlist *ep, *ep2;
1166 struct grouplist *grp, *tgrp;
1167 struct exportlist **epp;
1168 struct dirlist *dirhead;
1171 char *cp, *endcp, *dirp, *hst, *usr, *dom, savedc;
1172 int len, has_host, exflags, got_nondir, dirplen, netgrp;
1175 dirhead = (struct dirlist *)NULL;
1176 while (get_line()) {
1178 warnx("got line %s", line);
1180 nextfield(&cp, &endcp);
1189 exflags = MNT_EXPORTED;
1192 ep = (struct exportlist *)NULL;
1196 * Handle the V4 root dir.
1198 if (*cp == 'V' && *(cp + 1) == '4' && *(cp + 2) == ':') {
1200 * V4: just indicates that it is the v4 root point,
1201 * so skip over that and set v4root_phase.
1203 if (v4root_phase > 0) {
1204 syslog(LOG_ERR, "V4:duplicate line, ignored");
1209 nextfield(&cp, &endcp);
1213 * Create new exports list entry
1216 tgrp = grp = get_grp();
1218 if (len > MNTNAMLEN) {
1219 getexp_err(ep, tgrp);
1223 if (ep == (struct exportlist *)NULL) {
1224 getexp_err(ep, tgrp);
1228 warnx("doing opt %s", cp);
1230 if (do_opt(&cp, &endcp, ep, grp, &has_host,
1232 getexp_err(ep, tgrp);
1235 } else if (*cp == '/') {
1238 if (v4root_phase > 1) {
1240 syslog(LOG_ERR, "Multiple V4 dirs");
1241 getexp_err(ep, tgrp);
1245 if (check_dirpath(cp) &&
1246 statfs(cp, &fsb) >= 0) {
1248 syslog(LOG_ERR, "dirs must be first");
1249 getexp_err(ep, tgrp);
1252 if (v4root_phase == 1) {
1254 syslog(LOG_ERR, "Multiple V4 dirs");
1255 getexp_err(ep, tgrp);
1258 if (strlen(v4root_dirpath) == 0) {
1259 strlcpy(v4root_dirpath, cp,
1260 sizeof (v4root_dirpath));
1261 } else if (strcmp(v4root_dirpath, cp)
1264 "different V4 dirpath %s", cp);
1265 getexp_err(ep, tgrp);
1274 if (ep->ex_fs.val[0] !=
1275 fsb.f_fsid.val[0] ||
1277 fsb.f_fsid.val[1]) {
1278 getexp_err(ep, tgrp);
1283 * See if this directory is already
1286 ep = ex_search(&fsb.f_fsid);
1287 if (ep == (struct exportlist *)NULL) {
1289 ep->ex_fs = fsb.f_fsid;
1290 ep->ex_fsdir = (char *)malloc
1291 (strlen(fsb.f_mntonname) + 1);
1293 strcpy(ep->ex_fsdir,
1299 "making new ep fs=0x%x,0x%x",
1303 warnx("found ep fs=0x%x,0x%x",
1309 * Add dirpath to export mount point.
1311 dirp = add_expdir(&dirhead, cp, len);
1315 getexp_err(ep, tgrp);
1323 if (ep == (struct exportlist *)NULL) {
1324 getexp_err(ep, tgrp);
1329 * Get the host or netgroup.
1332 netgrp = getnetgrent(&hst, &usr, &dom);
1335 grp->gr_next = get_grp();
1341 "null hostname in netgroup %s, skipping", cp);
1342 grp->gr_type = GT_IGNORE;
1343 } else if (get_host(hst, grp, tgrp)) {
1345 "bad host %s in netgroup %s, skipping", hst, cp);
1346 grp->gr_type = GT_IGNORE;
1348 } else if (get_host(cp, grp, tgrp)) {
1349 syslog(LOG_ERR, "bad host %s, skipping", cp);
1350 grp->gr_type = GT_IGNORE;
1353 } while (netgrp && getnetgrent(&hst, &usr, &dom));
1358 nextfield(&cp, &endcp);
1361 if (check_options(dirhead)) {
1362 getexp_err(ep, tgrp);
1366 grp->gr_type = GT_DEFAULT;
1368 warnx("adding a default entry");
1371 * Don't allow a network export coincide with a list of
1372 * host(s) on the same line.
1374 } else if ((opt_flags & OP_NET) && tgrp->gr_next) {
1375 syslog(LOG_ERR, "network/host conflict");
1376 getexp_err(ep, tgrp);
1380 * If an export list was specified on this line, make sure
1381 * that we have at least one valid entry, otherwise skip it.
1385 while (grp && grp->gr_type == GT_IGNORE)
1388 getexp_err(ep, tgrp);
1393 if (v4root_phase == 1) {
1394 syslog(LOG_ERR, "V4:root, no dirp, ignored");
1395 getexp_err(ep, tgrp);
1400 * Loop through hosts, pushing the exports into the kernel.
1401 * After loop, tgrp points to the start of the list and
1402 * grp points to the last entry in the list.
1406 if (do_mount(ep, grp, exflags, &anon, dirp, dirplen,
1408 getexp_err(ep, tgrp);
1411 } while (grp->gr_next && (grp = grp->gr_next));
1414 * For V4: don't enter in mount lists.
1416 if (v4root_phase > 0 && v4root_phase <= 2) {
1418 * Since these structures aren't used by mountd,
1423 while (tgrp != NULL) {
1425 tgrp = tgrp->gr_next;
1432 * Success. Update the data structures.
1435 hang_dirp(dirhead, tgrp, ep, opt_flags);
1436 grp->gr_next = grphead;
1439 hang_dirp(dirhead, (struct grouplist *)NULL, ep,
1443 dirhead = (struct dirlist *)NULL;
1444 if ((ep->ex_flag & EX_LINKED) == 0) {
1449 * Insert in the list in alphabetical order.
1451 while (ep2 && strcmp(ep2->ex_fsdir, ep->ex_fsdir) < 0) {
1452 epp = &ep2->ex_next;
1458 ep->ex_flag |= EX_LINKED;
1464 dirhead = (struct dirlist *)NULL;
1470 * Get the export list from all specified files
1475 struct exportlist *ep, *ep2;
1476 struct grouplist *grp, *tgrp;
1477 struct export_args export;
1479 struct statfs *fsp, *mntbufp;
1480 struct xvfsconf vfc;
1483 int dirplen, num, i;
1486 struct nfsex_args eargs;
1488 v4root_dirpath[0] = '\0';
1489 bzero(&export, sizeof(export));
1490 export.ex_flags = MNT_DELEXPORT;
1495 bzero(errmsg, sizeof(errmsg));
1498 * First, get rid of the old list
1506 exphead = (struct exportlist *)NULL;
1514 grphead = (struct grouplist *)NULL;
1517 * and the old V4 root dir.
1519 bzero(&eargs, sizeof (eargs));
1520 eargs.export.ex_flags = MNT_DELEXPORT;
1521 if (run_v4server > 0 &&
1522 nfssvc(NFSSVC_V4ROOTEXPORT, (caddr_t)&eargs) < 0 &&
1524 syslog(LOG_ERR, "Can't delete exports for V4:");
1527 * and clear flag that notes if a public fh has been exported.
1532 * And delete exports that are in the kernel for all local
1534 * XXX: Should know how to handle all local exportable filesystems.
1536 num = getmntinfo(&mntbufp, MNT_NOWAIT);
1539 build_iovec(&iov, &iovlen, "fstype", NULL, 0);
1540 build_iovec(&iov, &iovlen, "fspath", NULL, 0);
1541 build_iovec(&iov, &iovlen, "from", NULL, 0);
1542 build_iovec(&iov, &iovlen, "update", NULL, 0);
1543 build_iovec(&iov, &iovlen, "export", &export, sizeof(export));
1544 build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg));
1547 for (i = 0; i < num; i++) {
1549 if (getvfsbyname(fsp->f_fstypename, &vfc) != 0) {
1550 syslog(LOG_ERR, "getvfsbyname() failed for %s",
1556 * Do not delete export for network filesystem by
1557 * passing "export" arg to nmount().
1558 * It only makes sense to do this for local filesystems.
1560 if (vfc.vfc_flags & VFCF_NETWORK)
1563 iov[1].iov_base = fsp->f_fstypename;
1564 iov[1].iov_len = strlen(fsp->f_fstypename) + 1;
1565 iov[3].iov_base = fsp->f_mntonname;
1566 iov[3].iov_len = strlen(fsp->f_mntonname) + 1;
1567 iov[5].iov_base = fsp->f_mntfromname;
1568 iov[5].iov_len = strlen(fsp->f_mntfromname) + 1;
1570 if (nmount(iov, iovlen, fsp->f_flags) < 0 &&
1571 errno != ENOENT && errno != ENOTSUP) {
1573 "can't delete exports for %s: %m %s",
1574 fsp->f_mntonname, errmsg);
1579 /* Free strings allocated by strdup() in getmntopts.c */
1580 free(iov[0].iov_base); /* fstype */
1581 free(iov[2].iov_base); /* fspath */
1582 free(iov[4].iov_base); /* from */
1583 free(iov[6].iov_base); /* update */
1584 free(iov[8].iov_base); /* export */
1585 free(iov[10].iov_base); /* errmsg */
1587 /* free iov, allocated by realloc() */
1593 * Read in the exports file and build the list, calling
1594 * nmount() as we go along to push the export rules into the kernel.
1597 for (i = 0; exnames[i] != NULL; i++) {
1599 warnx("reading exports from %s", exnames[i]);
1600 if ((exp_file = fopen(exnames[i], "r")) == NULL) {
1601 syslog(LOG_WARNING, "can't open %s", exnames[i]);
1604 get_exportlist_one();
1609 syslog(LOG_ERR, "can't open any exports file");
1614 * If there was no public fh, clear any previous one set.
1616 if (run_v4server > 0 && has_publicfh == 0)
1617 (void) nfssvc(NFSSVC_NOPUBLICFH, NULL);
1621 * Allocate an export list element
1626 struct exportlist *ep;
1628 ep = (struct exportlist *)malloc(sizeof (struct exportlist));
1629 if (ep == (struct exportlist *)NULL)
1631 memset(ep, 0, sizeof(struct exportlist));
1636 * Allocate a group list element
1641 struct grouplist *gp;
1643 gp = (struct grouplist *)malloc(sizeof (struct grouplist));
1644 if (gp == (struct grouplist *)NULL)
1646 memset(gp, 0, sizeof(struct grouplist));
1651 * Clean up upon an error in get_exportlist().
1655 struct exportlist *ep;
1656 struct grouplist *grp;
1658 struct grouplist *tgrp;
1660 if (!(opt_flags & OP_QUIET))
1661 syslog(LOG_ERR, "bad exports list line %s", line);
1662 if (ep && (ep->ex_flag & EX_LINKED) == 0)
1672 * Search the export list for a matching fs.
1678 struct exportlist *ep;
1682 if (ep->ex_fs.val[0] == fsid->val[0] &&
1683 ep->ex_fs.val[1] == fsid->val[1])
1691 * Add a directory path to the list.
1694 add_expdir(dpp, cp, len)
1695 struct dirlist **dpp;
1701 dp = (struct dirlist *)malloc(sizeof (struct dirlist) + len);
1702 if (dp == (struct dirlist *)NULL)
1705 dp->dp_right = (struct dirlist *)NULL;
1707 dp->dp_hosts = (struct hostlist *)NULL;
1708 strcpy(dp->dp_dirp, cp);
1710 return (dp->dp_dirp);
1714 * Hang the dir list element off the dirpath binary tree as required
1715 * and update the entry for host.
1718 hang_dirp(dp, grp, ep, flags)
1720 struct grouplist *grp;
1721 struct exportlist *ep;
1724 struct hostlist *hp;
1725 struct dirlist *dp2;
1727 if (flags & OP_ALLDIRS) {
1732 if (grp == (struct grouplist *)NULL) {
1733 ep->ex_defdir->dp_flag |= DP_DEFSET;
1734 } else while (grp) {
1737 hp->ht_next = ep->ex_defdir->dp_hosts;
1738 ep->ex_defdir->dp_hosts = hp;
1744 * Loop through the directories adding them to the tree.
1748 add_dlist(&ep->ex_dirl, dp, grp, flags);
1755 * Traverse the binary tree either updating a node that is already there
1756 * for the new directory or adding the new node.
1759 add_dlist(dpp, newdp, grp, flags)
1760 struct dirlist **dpp;
1761 struct dirlist *newdp;
1762 struct grouplist *grp;
1766 struct hostlist *hp;
1771 cmp = strcmp(dp->dp_dirp, newdp->dp_dirp);
1773 add_dlist(&dp->dp_left, newdp, grp, flags);
1775 } else if (cmp < 0) {
1776 add_dlist(&dp->dp_right, newdp, grp, flags);
1779 free((caddr_t)newdp);
1782 dp->dp_left = (struct dirlist *)NULL;
1788 * Hang all of the host(s) off of the directory point.
1793 hp->ht_next = dp->dp_hosts;
1798 dp->dp_flag |= DP_DEFSET;
1803 * Search for a dirpath on the export point.
1806 dirp_search(dp, dirp)
1813 cmp = strcmp(dp->dp_dirp, dirp);
1815 return (dirp_search(dp->dp_left, dirp));
1817 return (dirp_search(dp->dp_right, dirp));
1825 * Scan for a host match in a directory tree.
1828 chk_host(dp, saddr, defsetp, hostsetp)
1830 struct sockaddr *saddr;
1834 struct hostlist *hp;
1835 struct grouplist *grp;
1836 struct addrinfo *ai;
1839 if (dp->dp_flag & DP_DEFSET)
1840 *defsetp = dp->dp_flag;
1844 switch (grp->gr_type) {
1846 ai = grp->gr_ptr.gt_addrinfo;
1847 for (; ai; ai = ai->ai_next) {
1848 if (!sacmp(ai->ai_addr, saddr, NULL)) {
1850 (hp->ht_flag | DP_HOSTSET);
1856 if (!sacmp(saddr, (struct sockaddr *)
1857 &grp->gr_ptr.gt_net.nt_net,
1859 &grp->gr_ptr.gt_net.nt_mask)) {
1860 *hostsetp = (hp->ht_flag | DP_HOSTSET);
1872 * Scan tree for a host that matches the address.
1875 scan_tree(dp, saddr)
1877 struct sockaddr *saddr;
1879 int defset, hostset;
1882 if (scan_tree(dp->dp_left, saddr))
1884 if (chk_host(dp, saddr, &defset, &hostset))
1886 if (scan_tree(dp->dp_right, saddr))
1893 * Traverse the dirlist tree and free it up.
1901 free_dir(dp->dp_left);
1902 free_dir(dp->dp_right);
1903 free_host(dp->dp_hosts);
1909 * Parse a colon separated list of security flavors
1912 parsesec(seclist, ep)
1914 struct exportlist *ep;
1919 ep->ex_numsecflavors = 0;
1921 cp = strchr(seclist, ':');
1927 if (!strcmp(seclist, "sys"))
1929 else if (!strcmp(seclist, "krb5"))
1930 flavor = RPCSEC_GSS_KRB5;
1931 else if (!strcmp(seclist, "krb5i"))
1932 flavor = RPCSEC_GSS_KRB5I;
1933 else if (!strcmp(seclist, "krb5p"))
1934 flavor = RPCSEC_GSS_KRB5P;
1938 syslog(LOG_ERR, "bad sec flavor: %s", seclist);
1941 if (ep->ex_numsecflavors == MAXSECFLAVORS) {
1944 syslog(LOG_ERR, "too many sec flavors: %s", seclist);
1947 ep->ex_secflavors[ep->ex_numsecflavors] = flavor;
1948 ep->ex_numsecflavors++;
1960 * Parse the option string and update fields.
1961 * Option arguments may either be -<option>=<value> or
1965 do_opt(cpp, endcpp, ep, grp, has_hostp, exflagsp, cr)
1966 char **cpp, **endcpp;
1967 struct exportlist *ep;
1968 struct grouplist *grp;
1973 char *cpoptarg, *cpoptend;
1974 char *cp, *endcp, *cpopt, savedc, savedc2;
1975 int allflag, usedarg;
1983 while (cpopt && *cpopt) {
1986 if ((cpoptend = strchr(cpopt, ','))) {
1988 if ((cpoptarg = strchr(cpopt, '=')))
1991 if ((cpoptarg = strchr(cpopt, '=')))
1995 nextfield(&cp, &endcp);
1997 if (endcp > cp && *cp != '-') {
2005 if (!strcmp(cpopt, "ro") || !strcmp(cpopt, "o")) {
2006 *exflagsp |= MNT_EXRDONLY;
2007 } else if (cpoptarg && (!strcmp(cpopt, "maproot") ||
2008 !(allflag = strcmp(cpopt, "mapall")) ||
2009 !strcmp(cpopt, "root") || !strcmp(cpopt, "r"))) {
2011 parsecred(cpoptarg, cr);
2013 *exflagsp |= MNT_EXPORTANON;
2014 opt_flags |= OP_MAPALL;
2016 opt_flags |= OP_MAPROOT;
2017 } else if (cpoptarg && (!strcmp(cpopt, "mask") ||
2018 !strcmp(cpopt, "m"))) {
2019 if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) {
2020 syslog(LOG_ERR, "bad mask: %s", cpoptarg);
2024 opt_flags |= OP_MASK;
2025 } else if (cpoptarg && (!strcmp(cpopt, "network") ||
2026 !strcmp(cpopt, "n"))) {
2027 if (strchr(cpoptarg, '/') != NULL) {
2029 fprintf(stderr, "setting OP_MASKLEN\n");
2030 opt_flags |= OP_MASKLEN;
2032 if (grp->gr_type != GT_NULL) {
2033 syslog(LOG_ERR, "network/host conflict");
2035 } else if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 0)) {
2036 syslog(LOG_ERR, "bad net: %s", cpoptarg);
2039 grp->gr_type = GT_NET;
2042 opt_flags |= OP_NET;
2043 } else if (!strcmp(cpopt, "alldirs")) {
2044 opt_flags |= OP_ALLDIRS;
2045 } else if (!strcmp(cpopt, "public")) {
2046 *exflagsp |= MNT_EXPUBLIC;
2047 } else if (!strcmp(cpopt, "webnfs")) {
2048 *exflagsp |= (MNT_EXPUBLIC|MNT_EXRDONLY|MNT_EXPORTANON);
2049 opt_flags |= OP_MAPALL;
2050 } else if (cpoptarg && !strcmp(cpopt, "index")) {
2051 ep->ex_indexfile = strdup(cpoptarg);
2052 } else if (!strcmp(cpopt, "quiet")) {
2053 opt_flags |= OP_QUIET;
2054 } else if (!strcmp(cpopt, "sec")) {
2055 if (parsesec(cpoptarg, ep))
2057 opt_flags |= OP_SEC;
2060 syslog(LOG_ERR, "bad opt %s", cpopt);
2079 * Translate a character string to the corresponding list of network
2080 * addresses for a hostname.
2083 get_host(cp, grp, tgrp)
2085 struct grouplist *grp;
2086 struct grouplist *tgrp;
2088 struct grouplist *checkgrp;
2089 struct addrinfo *ai, *tai, hints;
2091 char host[NI_MAXHOST];
2093 if (grp->gr_type != GT_NULL) {
2094 syslog(LOG_ERR, "Bad netgroup type for ip host %s", cp);
2097 memset(&hints, 0, sizeof hints);
2098 hints.ai_flags = AI_CANONNAME;
2099 hints.ai_protocol = IPPROTO_UDP;
2100 ecode = getaddrinfo(cp, NULL, &hints, &ai);
2102 syslog(LOG_ERR,"can't get address info for host %s", cp);
2105 grp->gr_ptr.gt_addrinfo = ai;
2106 while (ai != NULL) {
2107 if (ai->ai_canonname == NULL) {
2108 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host,
2109 sizeof host, NULL, 0, NI_NUMERICHOST) != 0)
2110 strlcpy(host, "?", sizeof(host));
2111 ai->ai_canonname = strdup(host);
2112 ai->ai_flags |= AI_CANONNAME;
2115 fprintf(stderr, "got host %s\n", ai->ai_canonname);
2117 * Sanity check: make sure we don't already have an entry
2118 * for this host in the grouplist.
2120 for (checkgrp = tgrp; checkgrp != NULL;
2121 checkgrp = checkgrp->gr_next) {
2122 if (checkgrp->gr_type != GT_HOST)
2124 for (tai = checkgrp->gr_ptr.gt_addrinfo; tai != NULL;
2125 tai = tai->ai_next) {
2126 if (sacmp(tai->ai_addr, ai->ai_addr, NULL) != 0)
2130 "ignoring duplicate host %s\n",
2132 grp->gr_type = GT_IGNORE;
2138 grp->gr_type = GT_HOST;
2143 * Free up an exports list component
2147 struct exportlist *ep;
2150 if (ep->ex_defdir) {
2151 free_host(ep->ex_defdir->dp_hosts);
2152 free((caddr_t)ep->ex_defdir);
2156 if (ep->ex_indexfile)
2157 free(ep->ex_indexfile);
2158 free_dir(ep->ex_dirl);
2167 struct hostlist *hp;
2169 struct hostlist *hp2;
2181 struct hostlist *hp;
2183 hp = (struct hostlist *)malloc(sizeof (struct hostlist));
2184 if (hp == (struct hostlist *)NULL)
2186 hp->ht_next = (struct hostlist *)NULL;
2192 * Out of memory, fatal
2198 syslog(LOG_ERR, "out of memory");
2203 * Do the nmount() syscall with the update flag to push the export info into
2207 do_mount(struct exportlist *ep, struct grouplist *grp, int exflags,
2208 struct xucred *anoncrp, char *dirp, int dirplen, struct statfs *fsb)
2211 struct addrinfo *ai;
2212 struct export_args ea, *eap;
2220 struct nfsex_args nfsea;
2222 if (run_v4server > 0)
2223 eap = &nfsea.export;
2233 bzero(eap, sizeof (struct export_args));
2234 bzero(errmsg, sizeof(errmsg));
2235 eap->ex_flags = exflags;
2236 eap->ex_anon = *anoncrp;
2237 eap->ex_indexfile = ep->ex_indexfile;
2238 if (grp->gr_type == GT_HOST)
2239 ai = grp->gr_ptr.gt_addrinfo;
2242 eap->ex_numsecflavors = ep->ex_numsecflavors;
2243 for (i = 0; i < eap->ex_numsecflavors; i++)
2244 eap->ex_secflavors[i] = ep->ex_secflavors[i];
2245 if (eap->ex_numsecflavors == 0) {
2246 eap->ex_numsecflavors = 1;
2247 eap->ex_secflavors[0] = AUTH_SYS;
2251 if (v4root_phase == 0) {
2252 build_iovec(&iov, &iovlen, "fstype", NULL, 0);
2253 build_iovec(&iov, &iovlen, "fspath", NULL, 0);
2254 build_iovec(&iov, &iovlen, "from", NULL, 0);
2255 build_iovec(&iov, &iovlen, "update", NULL, 0);
2256 build_iovec(&iov, &iovlen, "export", eap,
2257 sizeof (struct export_args));
2258 build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg));
2262 switch (grp->gr_type) {
2264 if (ai->ai_addr->sa_family == AF_INET6 && have_v6 == 0)
2266 eap->ex_addr = ai->ai_addr;
2267 eap->ex_addrlen = ai->ai_addrlen;
2268 eap->ex_masklen = 0;
2271 if (grp->gr_ptr.gt_net.nt_net.ss_family == AF_INET6 &&
2275 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_net;
2277 ((struct sockaddr *)&grp->gr_ptr.gt_net.nt_net)->sa_len;
2279 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask;
2280 eap->ex_masklen = ((struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask)->sa_len;
2283 eap->ex_addr = NULL;
2284 eap->ex_addrlen = 0;
2285 eap->ex_mask = NULL;
2286 eap->ex_masklen = 0;
2293 syslog(LOG_ERR, "bad grouptype");
2301 * For V4:, use the nfssvc() syscall, instead of mount().
2303 if (v4root_phase == 2) {
2304 nfsea.fspec = v4root_dirpath;
2305 if (run_v4server > 0 &&
2306 nfssvc(NFSSVC_V4ROOTEXPORT, (caddr_t)&nfsea) < 0) {
2307 syslog(LOG_ERR, "Exporting V4: failed");
2313 * Maybe I should just use the fsb->f_mntonname path
2314 * instead of looping back up the dirp to the mount
2316 * Also, needs to know how to export all types of local
2317 * exportable filesystems and not just "ufs".
2319 iov[1].iov_base = fsb->f_fstypename; /* "fstype" */
2320 iov[1].iov_len = strlen(fsb->f_fstypename) + 1;
2321 iov[3].iov_base = fsb->f_mntonname; /* "fspath" */
2322 iov[3].iov_len = strlen(fsb->f_mntonname) + 1;
2323 iov[5].iov_base = fsb->f_mntfromname; /* "from" */
2324 iov[5].iov_len = strlen(fsb->f_mntfromname) + 1;
2326 while (nmount(iov, iovlen, fsb->f_flags) < 0) {
2330 cp = dirp + dirplen - 1;
2331 if (opt_flags & OP_QUIET) {
2335 if (errno == EPERM) {
2337 warnx("can't change attributes for %s",
2340 "can't change attributes for %s",
2345 if (opt_flags & OP_ALLDIRS) {
2346 if (errno == EINVAL)
2348 "-alldirs requested but %s is not a filesystem mountpoint",
2352 "could not remount %s: %m",
2357 /* back up over the last component */
2358 while (*cp == '/' && cp > dirp)
2360 while (*(cp - 1) != '/' && cp > dirp)
2364 warnx("mnt unsucc");
2365 syslog(LOG_ERR, "can't export %s %s",
2373 * Check that we're still on the same
2376 if (statfs(dirp, &fsb1) != 0 ||
2377 bcmp(&fsb1.f_fsid, &fsb->f_fsid,
2378 sizeof (fsb1.f_fsid)) != 0) {
2381 "can't export %s %s", dirp,
2390 * For the experimental server:
2391 * If this is the public directory, get the file handle
2392 * and load it into the kernel via the nfssvc() syscall.
2394 if (run_v4server > 0 && (exflags & MNT_EXPUBLIC) != 0) {
2398 if (eap->ex_indexfile != NULL)
2399 public_name = eap->ex_indexfile;
2402 if (getfh(public_name, &fh) < 0)
2404 "Can't get public fh for %s", public_name);
2405 else if (nfssvc(NFSSVC_PUBLICFH, (caddr_t)&fh) < 0)
2407 "Can't set public fh for %s", public_name);
2420 /* free strings allocated by strdup() in getmntopts.c */
2422 free(iov[0].iov_base); /* fstype */
2423 free(iov[2].iov_base); /* fspath */
2424 free(iov[4].iov_base); /* from */
2425 free(iov[6].iov_base); /* update */
2426 free(iov[8].iov_base); /* export */
2427 free(iov[10].iov_base); /* errmsg */
2429 /* free iov, allocated by realloc() */
2436 * Translate a net address.
2438 * If `maskflg' is nonzero, then `cp' is a netmask, not a network address.
2441 get_net(cp, net, maskflg)
2446 struct netent *np = NULL;
2447 char *name, *p, *prefp;
2448 struct sockaddr_in sin;
2449 struct sockaddr *sa = NULL;
2450 struct addrinfo hints, *ai = NULL;
2451 char netname[NI_MAXHOST];
2455 if ((opt_flags & OP_MASKLEN) && !maskflg) {
2456 p = strchr(cp, '/');
2462 * Check for a numeric address first. We wish to avoid
2463 * possible DNS lookups in getnetbyname().
2465 if (isxdigit(*cp) || *cp == ':') {
2466 memset(&hints, 0, sizeof hints);
2467 /* Ensure the mask and the network have the same family. */
2468 if (maskflg && (opt_flags & OP_NET))
2469 hints.ai_family = net->nt_net.ss_family;
2470 else if (!maskflg && (opt_flags & OP_HAVEMASK))
2471 hints.ai_family = net->nt_mask.ss_family;
2473 hints.ai_family = AF_UNSPEC;
2474 hints.ai_flags = AI_NUMERICHOST;
2475 if (getaddrinfo(cp, NULL, &hints, &ai) == 0)
2477 if (sa != NULL && ai->ai_family == AF_INET) {
2479 * The address in `cp' is really a network address, so
2480 * use inet_network() to re-interpret this correctly.
2481 * e.g. "127.1" means 127.1.0.0, not 127.0.0.1.
2483 bzero(&sin, sizeof sin);
2484 sin.sin_family = AF_INET;
2485 sin.sin_len = sizeof sin;
2486 sin.sin_addr = inet_makeaddr(inet_network(cp), 0);
2488 fprintf(stderr, "get_net: v4 addr %s\n",
2489 inet_ntoa(sin.sin_addr));
2490 sa = (struct sockaddr *)&sin;
2493 if (sa == NULL && (np = getnetbyname(cp)) != NULL) {
2494 bzero(&sin, sizeof sin);
2495 sin.sin_family = AF_INET;
2496 sin.sin_len = sizeof sin;
2497 sin.sin_addr = inet_makeaddr(np->n_net, 0);
2498 sa = (struct sockaddr *)&sin;
2504 /* The specified sockaddr is a mask. */
2505 if (checkmask(sa) != 0)
2507 bcopy(sa, &net->nt_mask, sa->sa_len);
2508 opt_flags |= OP_HAVEMASK;
2510 /* The specified sockaddr is a network address. */
2511 bcopy(sa, &net->nt_net, sa->sa_len);
2513 /* Get a network name for the export list. */
2516 } else if (getnameinfo(sa, sa->sa_len, netname, sizeof netname,
2517 NULL, 0, NI_NUMERICHOST) == 0) {
2522 if ((net->nt_name = strdup(name)) == NULL)
2526 * Extract a mask from either a "/<masklen>" suffix, or
2527 * from the class of an IPv4 address.
2529 if (opt_flags & OP_MASKLEN) {
2530 preflen = strtol(prefp, NULL, 10);
2531 if (preflen < 0L || preflen == LONG_MAX)
2533 bcopy(sa, &net->nt_mask, sa->sa_len);
2534 if (makemask(&net->nt_mask, (int)preflen) != 0)
2536 opt_flags |= OP_HAVEMASK;
2538 } else if (sa->sa_family == AF_INET &&
2539 (opt_flags & OP_MASK) == 0) {
2542 addr = ((struct sockaddr_in *)sa)->sin_addr.s_addr;
2543 if (IN_CLASSA(addr))
2545 else if (IN_CLASSB(addr))
2547 else if (IN_CLASSC(addr))
2549 else if (IN_CLASSD(addr))
2552 preflen = 32; /* XXX */
2554 bcopy(sa, &net->nt_mask, sa->sa_len);
2555 makemask(&net->nt_mask, (int)preflen);
2556 opt_flags |= OP_HAVEMASK;
2571 * Parse out the next white space separated field
2574 nextfield(cp, endcp)
2581 while (*p == ' ' || *p == '\t')
2583 if (*p == '\n' || *p == '\0')
2587 while (*p != ' ' && *p != '\t' && *p != '\n' && *p != '\0')
2594 * Get an exports file line. Skip over blank lines and handle line
2602 int totlen, cont_line;
2605 * Loop around ignoring blank lines and getting all continuation lines.
2610 if ((p = fgetln(exp_file, &len)) == NULL)
2615 (*cp == ' ' || *cp == '\t' || *cp == '\n' || *cp == '\\')) {
2625 if (linesize < len + totlen + 1) {
2626 linesize = len + totlen + 1;
2627 line = realloc(line, linesize);
2631 memcpy(line + totlen, p, len);
2633 line[totlen] = '\0';
2634 } while (totlen == 0 || cont_line);
2639 * Parse a description of a credential.
2642 parsecred(namelist, cr)
2651 gid_t groups[XU_NGROUPS + 1];
2654 cr->cr_version = XUCRED_VERSION;
2656 * Set up the unprivileged user.
2659 cr->cr_groups[0] = -2;
2662 * Get the user's password table entry.
2664 names = strsep(&namelist, " \t\n");
2665 name = strsep(&names, ":");
2666 if (isdigit(*name) || *name == '-')
2667 pw = getpwuid(atoi(name));
2669 pw = getpwnam(name);
2671 * Credentials specified as those of a user.
2673 if (names == NULL) {
2675 syslog(LOG_ERR, "unknown user: %s", name);
2678 cr->cr_uid = pw->pw_uid;
2679 ngroups = XU_NGROUPS + 1;
2680 if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups))
2681 syslog(LOG_ERR, "too many groups");
2683 * Compress out duplicate.
2685 cr->cr_ngroups = ngroups - 1;
2686 cr->cr_groups[0] = groups[0];
2687 for (cnt = 2; cnt < ngroups; cnt++)
2688 cr->cr_groups[cnt - 1] = groups[cnt];
2692 * Explicit credential specified as a colon separated list:
2696 cr->cr_uid = pw->pw_uid;
2697 else if (isdigit(*name) || *name == '-')
2698 cr->cr_uid = atoi(name);
2700 syslog(LOG_ERR, "unknown user: %s", name);
2704 while (names != NULL && *names != '\0' && cr->cr_ngroups < XU_NGROUPS) {
2705 name = strsep(&names, ":");
2706 if (isdigit(*name) || *name == '-') {
2707 cr->cr_groups[cr->cr_ngroups++] = atoi(name);
2709 if ((gr = getgrnam(name)) == NULL) {
2710 syslog(LOG_ERR, "unknown group: %s", name);
2713 cr->cr_groups[cr->cr_ngroups++] = gr->gr_gid;
2716 if (names != NULL && *names != '\0' && cr->cr_ngroups == XU_NGROUPS)
2717 syslog(LOG_ERR, "too many groups");
2720 #define STRSIZ (MNTNAMLEN+MNTPATHLEN+50)
2722 * Routines that maintain the remote mounttab
2727 struct mountlist *mlp, **mlpp;
2728 char *host, *dirp, *cp;
2732 if ((mlfile = fopen(_PATH_RMOUNTLIST, "r")) == NULL) {
2733 if (errno == ENOENT)
2736 syslog(LOG_ERR, "can't open %s", _PATH_RMOUNTLIST);
2741 while (fgets(str, STRSIZ, mlfile) != NULL) {
2743 host = strsep(&cp, " \t\n");
2744 dirp = strsep(&cp, " \t\n");
2745 if (host == NULL || dirp == NULL)
2747 mlp = (struct mountlist *)malloc(sizeof (*mlp));
2748 if (mlp == (struct mountlist *)NULL)
2750 strncpy(mlp->ml_host, host, MNTNAMLEN);
2751 mlp->ml_host[MNTNAMLEN] = '\0';
2752 strncpy(mlp->ml_dirp, dirp, MNTPATHLEN);
2753 mlp->ml_dirp[MNTPATHLEN] = '\0';
2754 mlp->ml_next = (struct mountlist *)NULL;
2756 mlpp = &mlp->ml_next;
2762 del_mlist(char *hostp, char *dirp)
2764 struct mountlist *mlp, **mlpp;
2765 struct mountlist *mlp2;
2772 if (!strcmp(mlp->ml_host, hostp) &&
2773 (!dirp || !strcmp(mlp->ml_dirp, dirp))) {
2776 *mlpp = mlp = mlp->ml_next;
2777 free((caddr_t)mlp2);
2779 mlpp = &mlp->ml_next;
2784 if ((mlfile = fopen(_PATH_RMOUNTLIST, "w")) == NULL) {
2785 syslog(LOG_ERR,"can't update %s", _PATH_RMOUNTLIST);
2790 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
2798 add_mlist(hostp, dirp)
2801 struct mountlist *mlp, **mlpp;
2807 if (!strcmp(mlp->ml_host, hostp) && !strcmp(mlp->ml_dirp, dirp))
2809 mlpp = &mlp->ml_next;
2812 mlp = (struct mountlist *)malloc(sizeof (*mlp));
2813 if (mlp == (struct mountlist *)NULL)
2815 strncpy(mlp->ml_host, hostp, MNTNAMLEN);
2816 mlp->ml_host[MNTNAMLEN] = '\0';
2817 strncpy(mlp->ml_dirp, dirp, MNTPATHLEN);
2818 mlp->ml_dirp[MNTPATHLEN] = '\0';
2819 mlp->ml_next = (struct mountlist *)NULL;
2821 if ((mlfile = fopen(_PATH_RMOUNTLIST, "a")) == NULL) {
2822 syslog(LOG_ERR, "can't update %s", _PATH_RMOUNTLIST);
2825 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
2830 * Free up a group list.
2834 struct grouplist *grp;
2836 if (grp->gr_type == GT_HOST) {
2837 if (grp->gr_ptr.gt_addrinfo != NULL)
2838 freeaddrinfo(grp->gr_ptr.gt_addrinfo);
2839 } else if (grp->gr_type == GT_NET) {
2840 if (grp->gr_ptr.gt_net.nt_name)
2841 free(grp->gr_ptr.gt_net.nt_name);
2848 SYSLOG(int pri, const char *fmt, ...)
2853 vfprintf(stderr, fmt, ap);
2859 * Check options for consistency.
2866 if (v4root_phase == 0 && dp == NULL)
2868 if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) {
2869 syslog(LOG_ERR, "-mapall and -maproot mutually exclusive");
2872 if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) {
2873 syslog(LOG_ERR, "-mask requires -network");
2876 if ((opt_flags & OP_NET) && (opt_flags & OP_HAVEMASK) == 0) {
2877 syslog(LOG_ERR, "-network requires mask specification");
2880 if ((opt_flags & OP_MASK) && (opt_flags & OP_MASKLEN)) {
2881 syslog(LOG_ERR, "-mask and /masklen are mutually exclusive");
2884 if (v4root_phase > 0 &&
2886 ~(OP_SEC | OP_MASK | OP_NET | OP_HAVEMASK | OP_MASKLEN)) != 0) {
2887 syslog(LOG_ERR,"only -sec,-net,-mask options allowed on V4:");
2890 if ((opt_flags & OP_ALLDIRS) && dp->dp_left) {
2891 syslog(LOG_ERR, "-alldirs has multiple directories");
2898 * Check an absolute directory path for any symbolic links. Return true
2909 while (*cp && ret) {
2912 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
2918 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
2924 * Make a netmask according to the specified prefix length. The ss_family
2925 * and other non-address fields must be initialised before calling this.
2928 makemask(struct sockaddr_storage *ssp, int bitlen)
2933 if ((p = sa_rawaddr((struct sockaddr *)ssp, &len)) == NULL)
2935 if (bitlen > len * CHAR_BIT)
2938 for (i = 0; i < len; i++) {
2939 bits = (bitlen > CHAR_BIT) ? CHAR_BIT : bitlen;
2940 *p++ = (u_char)~0 << (CHAR_BIT - bits);
2947 * Check that the sockaddr is a valid netmask. Returns 0 if the mask
2948 * is acceptable (i.e. of the form 1...10....0).
2951 checkmask(struct sockaddr *sa)
2956 if ((mask = sa_rawaddr(sa, &len)) == NULL)
2959 for (i = 0; i < len; i++)
2960 if (mask[i] != 0xff)
2963 if (~mask[i] & (u_char)(~mask[i] + 1))
2967 for (; i < len; i++)
2974 * Compare two sockaddrs according to a specified mask. Return zero if
2975 * `sa1' matches `sa2' when filtered by the netmask in `samask'.
2976 * If samask is NULL, perform a full comparision.
2979 sacmp(struct sockaddr *sa1, struct sockaddr *sa2, struct sockaddr *samask)
2981 unsigned char *p1, *p2, *mask;
2984 if (sa1->sa_family != sa2->sa_family ||
2985 (p1 = sa_rawaddr(sa1, &len)) == NULL ||
2986 (p2 = sa_rawaddr(sa2, NULL)) == NULL)
2989 switch (sa1->sa_family) {
2991 if (((struct sockaddr_in6 *)sa1)->sin6_scope_id !=
2992 ((struct sockaddr_in6 *)sa2)->sin6_scope_id)
2997 /* Simple binary comparison if no mask specified. */
2999 return (memcmp(p1, p2, len));
3001 /* Set up the mask, and do a mask-based comparison. */
3002 if (sa1->sa_family != samask->sa_family ||
3003 (mask = sa_rawaddr(samask, NULL)) == NULL)
3006 for (i = 0; i < len; i++)
3007 if ((p1[i] & mask[i]) != (p2[i] & mask[i]))
3013 * Return a pointer to the part of the sockaddr that contains the
3014 * raw address, and set *nbytes to its length in bytes. Returns
3015 * NULL if the address family is unknown.
3018 sa_rawaddr(struct sockaddr *sa, int *nbytes) {
3022 switch (sa->sa_family) {
3024 len = sizeof(((struct sockaddr_in *)sa)->sin_addr);
3025 p = &((struct sockaddr_in *)sa)->sin_addr;
3028 len = sizeof(((struct sockaddr_in6 *)sa)->sin6_addr);
3029 p = &((struct sockaddr_in6 *)sa)->sin6_addr;
3050 pidfile_remove(pfh);
3051 rpcb_unset(MOUNTPROG, MOUNTVERS, NULL);
3052 rpcb_unset(MOUNTPROG, MOUNTVERS3, NULL);
projects / FreeBSD / releng / 8.2.git / blob