author | David Powell <David.Powell@sun.com> |
Wed, 16 Dec 2009 19:06:12 -0800 | |
changeset 401 | fc1223edbd8d |
parent 391 | 71abce159a62 |
child 436 | c28d8d667ea1 |
permissions | -rw-r--r-- |
391 | 1 |
/* |
2 |
* CDDL HEADER START |
|
3 |
* |
|
4 |
* The contents of this file are subject to the terms of the |
|
5 |
* Common Development and Distribution License (the "License"). |
|
6 |
* You may not use this file except in compliance with the License. |
|
7 |
* |
|
8 |
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE |
|
9 |
* or http://www.opensolaris.org/os/licensing. |
|
10 |
* See the License for the specific language governing permissions |
|
11 |
* and limitations under the License. |
|
12 |
* |
|
13 |
* When distributing Covered Code, include this CDDL HEADER in each |
|
14 |
* file and include the License file at usr/src/OPENSOLARIS.LICENSE. |
|
15 |
* If applicable, add the following below this CDDL HEADER, with the |
|
16 |
* fields enclosed by brackets "[]" replaced with your own identifying |
|
17 |
* information: Portions Copyright [yyyy] [name of copyright owner] |
|
18 |
* |
|
19 |
* CDDL HEADER END |
|
20 |
*/ |
|
21 |
||
22 |
/* |
|
23 |
* Copyright 2009 Sun Microsystems, Inc. All rights reserved. |
|
24 |
* Use is subject to license terms. |
|
25 |
*/ |
|
26 |
||
27 |
#include <sys/wait.h> |
|
401
fc1223edbd8d
13421 apache: o.o.o.rad.ContainerException: system error: error talking to slave
David Powell <David.Powell@sun.com>
parents:
391
diff
changeset
|
28 |
#include <sys/stat.h> |
391 | 29 |
#include <stdio.h> |
30 |
#include <stdlib.h> |
|
31 |
#include <signal.h> |
|
32 |
#include <unistd.h> |
|
33 |
#include <locale.h> |
|
34 |
#include <libscf.h> |
|
35 |
#include <errno.h> |
|
36 |
#include <string.h> |
|
37 |
||
38 |
#include <libxml/parser.h> |
|
39 |
||
40 |
#include "rad_object.h" |
|
41 |
#include "rad_module.h" |
|
42 |
#include "rad_xport.h" |
|
43 |
#include "rad_pam.h" |
|
44 |
#include "rad_ticket.h" |
|
45 |
#include "rad_control.h" |
|
46 |
#include "rad_log.h" |
|
47 |
#include "rad_smf.h" |
|
48 |
#include "rad_util.h" |
|
49 |
||
50 |
#include "api_config.h" |
|
51 |
||
52 |
#if !defined(TEXT_DOMAIN) |
|
53 |
#define TEXT_DOMAIN "SYS_TEST" |
|
54 |
#endif |
|
55 |
||
56 |
container_t rad_container = CONTAINER_INITIALIZER; |
|
57 |
container_t rad_container_unauth = CONTAINER_INITIALIZER; |
|
58 |
container_t rad_container_control = CONTAINER_INITIALIZER; |
|
59 |
||
60 |
int rad_exit_failure = 1; |
|
61 |
int rad_exit_config = 1; |
|
62 |
boolean_t rad_isproxy = B_FALSE; |
|
63 |
data_t *moduledirs; |
|
64 |
||
65 |
const char * |
|
66 |
_umem_debug_init() |
|
67 |
{ |
|
68 |
return ("default"); |
|
69 |
} |
|
70 |
||
71 |
/* |
|
72 |
* rad(1M) Configuration |
|
73 |
* --------------------- |
|
74 |
* |
|
75 |
* rad(1M) configuration can be obtained from two sources. Firstly, if |
|
76 |
* rad is started from SMF and the -s option is specified, it will obtain |
|
77 |
* configuration from the corresponding service instance. Secondly, |
|
78 |
* command line arguments can be provided to specify a particular |
|
79 |
* configuration. If configuration is available from both sources, |
|
80 |
* command line configuration is processed before SMF configuration. |
|
81 |
* |
|
82 |
* There are two things that are configurable in rad(1M). |
|
83 |
* |
|
84 |
* 1) The set of directories to scan for modules: |
|
85 |
* SMF: config/moduledir astring[] |
|
86 |
* Command line: '-m <moduledir>' option |
|
87 |
* |
|
88 |
* 2) The set of endpoints to listen on |
|
89 |
* SMF: <pgname>:xport_<xport type> / * |
|
90 |
* Command line: '-t <transport>[:opt1[=val1][,opt2[=val2]...]]' |
|
91 |
* |
|
92 |
* Available transports are 'stdin', 'tcp', 'tls', and 'uds'. |
|
93 |
* All transports take a 'proto' option, which defaults to 'rad'. |
|
94 |
* 'tcp' and 'tls' require a 'port' option. 'uds' requires a |
|
95 |
* 'path' option. |
|
96 |
*/ |
|
97 |
||
98 |
static int |
|
99 |
rad_service_wait() |
|
100 |
{ |
|
101 |
int status; |
|
102 |
pid_t pid; |
|
103 |
int fds[2]; |
|
104 |
||
105 |
if (pipe(fds) == -1) |
|
106 |
rad_log(RL_FATAL, "unable to create pipe: %s", strerror(errno)); |
|
107 |
||
108 |
if ((pid = fork()) == -1) |
|
109 |
rad_log(RL_FATAL, "unable to fork daemon: %s", strerror(errno)); |
|
110 |
||
111 |
if (pid > 0) { |
|
112 |
pid_t wpid; |
|
113 |
||
114 |
(void) close(fds[1]); |
|
115 |
if (read(fds[0], &status, sizeof (status)) == sizeof (status)) |
|
116 |
_exit(status); |
|
117 |
||
118 |
do { |
|
119 |
wpid = waitpid(pid, &status, 0); |
|
120 |
} while (wpid != pid && errno == EINTR); |
|
121 |
if (WIFEXITED(status)) |
|
122 |
_exit(WEXITSTATUS(status)); |
|
123 |
_exit(SMF_EXIT_ERR_FATAL); |
|
124 |
} |
|
125 |
||
126 |
(void) close(fds[0]); |
|
127 |
return (fds[1]); |
|
128 |
} |
|
129 |
||
130 |
static void |
|
131 |
rad_service_done(int fd) |
|
132 |
{ |
|
133 |
int status = SMF_EXIT_OK; |
|
134 |
(void) write(fd, &status, sizeof (status)); |
|
135 |
} |
|
136 |
||
137 |
/* -s is for SMF consumption only; not documented */ |
|
138 |
static const char *usage = |
|
139 |
"Usage: rad [ -d ] [ -S fmri ] [ -m moduledir ] [ -t transport ]\n"; |
|
140 |
||
141 |
int |
|
142 |
main(int argc, char **argv) |
|
143 |
{ |
|
144 |
int opt, i; |
|
145 |
int nxport = 0, nmoddir = 0; |
|
146 |
const char *xports[argc], *moddirs[argc]; |
|
147 |
boolean_t smf_startup = B_FALSE; |
|
148 |
boolean_t smf_config = B_FALSE; |
|
149 |
const char *smf_fmri = NULL; |
|
150 |
sigset_t hupset; |
|
151 |
int svc_fd = -1; |
|
152 |
||
401
fc1223edbd8d
13421 apache: o.o.o.rad.ContainerException: system error: error talking to slave
David Powell <David.Powell@sun.com>
parents:
391
diff
changeset
|
153 |
(void) umask(077); |
391 | 154 |
(void) setlocale(LC_ALL, ""); |
155 |
(void) textdomain(TEXT_DOMAIN); |
|
156 |
||
157 |
(void) sigemptyset(&hupset); |
|
158 |
(void) sigaddset(&hupset, SIGHUP); |
|
159 |
(void) sigprocmask(SIG_BLOCK, &hupset, NULL); |
|
160 |
(void) sigignore(SIGPIPE); |
|
161 |
(void) sigignore(SIGCHLD); |
|
162 |
||
163 |
while ((opt = getopt(argc, argv, "dpsS:t:m:")) != EOF) { |
|
164 |
switch (opt) { |
|
165 |
case 't': |
|
166 |
xports[nxport++] = optarg; |
|
167 |
break; |
|
168 |
case 'm': |
|
169 |
moddirs[nmoddir++] = optarg; |
|
170 |
break; |
|
171 |
case 'p': |
|
172 |
rad_isproxy = B_TRUE; |
|
173 |
break; |
|
174 |
case 's': |
|
175 |
smf_startup = B_TRUE; |
|
176 |
smf_config = B_TRUE; |
|
177 |
rad_exit_failure = SMF_EXIT_ERR_FATAL; |
|
178 |
rad_exit_config = SMF_EXIT_ERR_CONFIG; |
|
179 |
break; |
|
180 |
case 'S': |
|
181 |
/* Read config from specified FMRI */ |
|
182 |
smf_config = B_TRUE; |
|
183 |
smf_fmri = optarg; |
|
184 |
break; |
|
185 |
case 'd': |
|
186 |
rad_loglevel = RL_ALL; |
|
187 |
break; |
|
188 |
default: |
|
189 |
(void) fprintf(stderr, usage); |
|
190 |
exit(2); |
|
191 |
} |
|
192 |
} |
|
193 |
||
194 |
moduledirs = rad_strarray(moddirs, nmoddir, lt_copy); |
|
195 |
||
196 |
if (smf_config) { |
|
197 |
data_t *config = rad_smf_read_pg_byname(smf_fmri, "config", |
|
198 |
&t__radconfig); |
|
199 |
if (config == NULL) |
|
200 |
rad_log(RL_CONFIG, |
|
201 |
"unable to read configuration from service\n"); |
|
202 |
data_t *modules = struct_get(config, "moduledir"); |
|
203 |
data_t *debug = struct_get(config, "debug"); |
|
204 |
if (debug != NULL && debug->d_data.boolean) |
|
205 |
rad_loglevel = RL_ALL; |
|
206 |
moduledirs = array_combine(moduledirs, data_ref(modules)); |
|
207 |
} |
|
208 |
||
209 |
/* parent exits, child returns */ |
|
210 |
if (smf_startup) |
|
211 |
svc_fd = rad_service_wait(); |
|
212 |
||
213 |
xmlInitParser(); /* So libxml consumers are MT safe */ |
|
214 |
rad_ticket_init(); |
|
215 |
rad_pam_init(); |
|
216 |
rad_module_init(); |
|
217 |
rad_control_init(); |
|
218 |
||
219 |
if (moduledirs->d_rsize == 0) |
|
220 |
rad_log(RL_CONFIG, "No module directories specified.\n"); |
|
221 |
||
222 |
for (i = 0; i < moduledirs->d_rsize; i++) |
|
223 |
rad_module_scan(moduledirs->d_data.array[i]->d_data.string); |
|
224 |
||
225 |
for (i = 0; i < nxport; i++) |
|
226 |
rad_xport_parse(xports[i]); |
|
227 |
||
228 |
if (smf_startup) { |
|
229 |
/* |
|
230 |
* Only process SMF-configured transports when really |
|
231 |
* run as a service. |
|
232 |
*/ |
|
233 |
rad_xport_smf(); |
|
234 |
rad_service_done(svc_fd); |
|
235 |
} |
|
236 |
||
237 |
(void) sigprocmask(SIG_UNBLOCK, &hupset, NULL); |
|
238 |
for (;;) |
|
239 |
pause(); |
|
240 |
} |