2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Herb Hasler and Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#) Copyright (c) 1989, 1993 The Regents of the University of California. All rights reserved.
33 * @(#)mountd.c 8.15 (Berkeley) 5/1/95
34 * $FreeBSD: src/sbin/mountd/mountd.c,v 1.39.2.5 2002/09/13 15:57:43 joerg Exp $
37 #include <sys/param.h>
38 #include <sys/module.h>
39 #include <sys/mount.h>
40 #include <sys/mountctl.h>
41 #include <sys/fcntl.h>
42 #include <sys/linker.h>
44 #include <sys/syslog.h>
45 #include <sys/sysctl.h>
48 #include <rpc/rpc_com.h>
49 #include <rpcsvc/mount.h>
50 #include <vfs/nfs/rpcv2.h>
51 #include <vfs/nfs/nfsproto.h>
52 #include <vfs/nfs/nfs.h>
53 #include <vfs/ufs/ufsmount.h>
54 #include <vfs/msdosfs/msdosfsmount.h>
55 #include <vfs/ntfs/ntfsmount.h>
56 #include <vfs/isofs/cd9660/cd9660_mount.h> /* XXX need isofs in include */
58 #include <arpa/inet.h>
73 #include "pathnames.h"
80 * Structures for keeping the mount list and export list
83 struct mountlist *ml_next;
84 char ml_host[RPCMNT_NAMELEN+1];
85 char ml_dirp[RPCMNT_PATHLEN+1];
89 struct dirlist *dp_left;
90 struct dirlist *dp_right;
92 struct hostlist *dp_hosts; /* List of hosts this dir exported to */
93 char dp_dirp[1]; /* Actually malloc'd to size of dir */
97 #define DP_HOSTSET 0x2
100 struct exportlist *ex_next;
101 struct dirlist *ex_dirl;
102 struct dirlist *ex_defdir;
109 #define EX_LINKED 0x1
112 struct sockaddr_storage nt_net;
113 struct sockaddr_storage nt_mask;
118 struct addrinfo *gt_addrinfo;
119 struct netmsk gt_net;
124 union grouptypes gr_ptr;
125 struct grouplist *gr_next;
131 #define GT_DEFAULT 0x3
132 #define GT_IGNORE 0x5
135 int ht_flag; /* Uses DP_xx bits */
136 struct grouplist *ht_grp;
137 struct hostlist *ht_next;
147 char *add_expdir(struct dirlist **, char *, int);
148 void add_dlist(struct dirlist **, struct dirlist *,
149 struct grouplist *, int);
150 void add_mlist(char *, char *);
151 int check_dirpath(char *);
152 int check_options(struct dirlist *);
153 int checkmask(struct sockaddr *sa);
154 int chk_host(struct dirlist *, struct sockaddr *, int *, int *);
155 void del_mlist(char *, char *);
156 struct dirlist *dirp_search(struct dirlist *, char *);
157 int do_mount(struct exportlist *, struct grouplist *, int,
158 struct ucred *, char *, int, struct statfs *);
159 int do_opt(char **, char **, struct exportlist *, struct grouplist *,
160 int *, int *, struct ucred *);
161 struct exportlist *ex_search(fsid_t *);
162 struct exportlist *get_exp(void);
163 void free_dir(struct dirlist *);
164 void free_exp(struct exportlist *);
165 void free_grp(struct grouplist *);
166 void free_host(struct hostlist *);
167 void get_exportlist(void);
168 int get_host(char *, struct grouplist *, struct grouplist *);
169 struct hostlist *get_ht(void);
171 void get_mountlist(void);
172 int get_net(char *, struct netmsk *, int);
173 void getexp_err(struct exportlist *, struct grouplist *);
174 struct grouplist *get_grp(void);
175 void hang_dirp(struct dirlist *, struct grouplist *,
176 struct exportlist *, int);
177 void huphandler(int sig);
178 int makemask(struct sockaddr_storage *ssp, int bitlen);
179 void mntsrv(struct svc_req *, SVCXPRT *);
180 void nextfield(char **, char **);
181 void out_of_mem(void);
182 void parsecred(char *, struct ucred *);
183 int put_exlist(struct dirlist *, XDR *, struct dirlist *, int *, int);
184 void *sa_rawaddr(struct sockaddr *sa, int *nbytes);
185 int sacmp(struct sockaddr *sa1, struct sockaddr *sa2,
186 struct sockaddr *samask);
187 int scan_tree(struct dirlist *, struct sockaddr *);
188 static void usage(void);
189 int xdr_dir(XDR *, char *);
190 int xdr_explist(XDR *, caddr_t);
191 int xdr_explist_brief(XDR *, caddr_t);
192 int xdr_fhs(XDR *, caddr_t);
193 int xdr_mlist(XDR *, caddr_t);
196 struct exportlist *exphead;
197 struct mountlist *mlhead;
198 struct grouplist *grphead;
199 char exname[MAXPATHLEN];
200 struct ucred def_anon = {
207 int resvport_only = 1;
213 static int have_v6 = 1;
214 #ifdef NI_WITHSCOPEID
215 static const int ninumeric = NI_NUMERICHOST | NI_WITHSCOPEID;
217 static const int ninumeric = NI_NUMERICHOST;
220 struct pidfh *pfh = NULL;
221 /* Bits for the opt_flags above */
222 #define OP_MAPROOT 0x01
223 #define OP_MAPALL 0x02
227 #define OP_ALLDIRS 0x40
228 #define OP_HAVEMASK 0x80 /* A mask was specified or inferred. */
229 #define OP_QUIET 0x100
230 #define OP_MASKLEN 0x200
234 void SYSLOG(int, const char *, ...);
235 #define syslog SYSLOG
241 * Mountd server for NFS mount protocol as described in:
242 * NFS: Network File System Protocol Specification, RFC1094, Appendix A
243 * The optional arguments are the exports file name
244 * default: _PATH_EXPORTS
245 * and "-n" to allow nonroot mount.
248 main(int argc, char **argv)
251 SVCXPRT *udptransp, *tcptransp, *udp6transp, *tcp6transp;
252 struct netconfig *udpconf, *tcpconf, *udp6conf, *tcp6conf;
254 int udpsock, tcpsock, udp6sock, tcp6sock;
256 int maxrec = RPC_MAXDATASIZE;
260 udp6conf = tcp6conf = NULL;
261 udp6sock = tcp6sock = 0;
263 /* Check that another mountd isn't already running. */
264 pfh = pidfile_open(_PATH_MOUNTDPID, 0600, &otherpid);
267 errx(1, "mountd already running, pid: %d.", otherpid);
268 warn("cannot open or create pidfile");
271 s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
276 if (modfind("nfs") < 0) {
277 /* Not present in kernel, try loading it */
278 if (kldload("nfs") < 0 || modfind("nfs") < 0)
279 errx(1, "NFS server is not available or loadable");
282 while ((c = getopt(argc, argv, "2dlnr")) != -1) {
294 debug = debug ? 0 : 1;
305 signal(SIGINT, SIG_IGN);
306 signal(SIGQUIT, SIG_IGN);
314 strncpy(exname, *argv, MAXPATHLEN-1);
315 exname[MAXPATHLEN-1] = '\0';
317 strcpy(exname, _PATH_EXPORTS);
318 openlog("mountd", LOG_PID, LOG_DAEMON);
320 warnx("getting export list");
323 warnx("getting mount list");
327 signal(SIGHUP, huphandler);
328 signal(SIGTERM, terminate);
332 rpcb_unset(RPCPROG_MNT, RPCMNT_VER1, NULL);
333 rpcb_unset(RPCPROG_MNT, RPCMNT_VER3, NULL);
334 udpsock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
335 tcpsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
337 rpc_control(RPC_SVC_CONNMAXREC_SET, &maxrec);
339 udpconf = getnetconfigent("udp");
340 tcpconf = getnetconfigent("tcp");
343 udp6sock = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
344 tcp6sock = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP);
346 * We're doing host-based access checks here, so don't allow
347 * v4-in-v6 to confuse things. The kernel will disable it
348 * by default on NFS sockets too.
350 if (udp6sock != -1 && setsockopt(udp6sock, IPPROTO_IPV6,
351 IPV6_V6ONLY, &one, sizeof one) < 0) {
352 syslog(LOG_ERR, "can't disable v4-in-v6 on UDP socket");
355 if (tcp6sock != -1 && setsockopt(tcp6sock, IPPROTO_IPV6,
356 IPV6_V6ONLY, &one, sizeof one) < 0) {
357 syslog(LOG_ERR, "can't disable v4-in-v6 on TCP socket");
360 udp6conf = getnetconfigent("udp6");
361 tcp6conf = getnetconfigent("tcp6");
364 if (!resvport_only) {
365 if (sysctlbyname("vfs.nfs.nfs_privport", NULL, NULL,
366 &resvport_only, sizeof(resvport_only)) != 0 &&
368 syslog(LOG_ERR, "sysctl: %m");
372 if (udpsock != -1 && udpconf != NULL) {
373 bindresvport(udpsock, NULL);
374 udptransp = svc_dg_create(udpsock, 0, 0);
375 if (udptransp != NULL) {
376 if (!svc_reg(udptransp, RPCPROG_MNT, RPCMNT_VER1,
378 syslog(LOG_WARNING, "can't register UDP RPCMNT_VER1 service");
382 if (!svc_reg(udptransp, RPCPROG_MNT, RPCMNT_VER3,
384 syslog(LOG_WARNING, "can't register UDP RPCMNT_VER3 service");
389 syslog(LOG_WARNING, "can't create UDP services");
392 if (tcpsock != -1 && tcpconf != NULL) {
393 bindresvport(tcpsock, NULL);
394 listen(tcpsock, SOMAXCONN);
395 tcptransp = svc_vc_create(tcpsock, RPC_MAXDATASIZE, RPC_MAXDATASIZE);
396 if (tcptransp != NULL) {
397 if (!svc_reg(tcptransp, RPCPROG_MNT, RPCMNT_VER1,
399 syslog(LOG_WARNING, "can't register TCP RPCMNT_VER1 service");
403 if (!svc_reg(tcptransp, RPCPROG_MNT, RPCMNT_VER3,
405 syslog(LOG_WARNING, "can't register TCP RPCMNT_VER3 service");
410 syslog(LOG_WARNING, "can't create TCP service");
413 if (have_v6 && udp6sock != -1 && udp6conf != NULL) {
414 bindresvport(udp6sock, NULL);
415 udp6transp = svc_dg_create(udp6sock, 0, 0);
416 if (udp6transp != NULL) {
417 if (!svc_reg(udp6transp, RPCPROG_MNT, RPCMNT_VER1,
419 syslog(LOG_WARNING, "can't register UDP6 RPCMNT_VER1 service");
423 if (!svc_reg(udp6transp, RPCPROG_MNT, RPCMNT_VER3,
425 syslog(LOG_WARNING, "can't register UDP6 RPCMNT_VER3 service");
430 syslog(LOG_WARNING, "can't create UDP6 service");
433 if (have_v6 && tcp6sock != -1 && tcp6conf != NULL) {
434 bindresvport(tcp6sock, NULL);
435 listen(tcp6sock, SOMAXCONN);
436 tcp6transp = svc_vc_create(tcp6sock, RPC_MAXDATASIZE, RPC_MAXDATASIZE);
437 if (tcp6transp != NULL) {
438 if (!svc_reg(tcp6transp, RPCPROG_MNT, RPCMNT_VER1,
440 syslog(LOG_WARNING, "can't register TCP6 RPCMNT_VER1 service");
444 if (!svc_reg(tcp6transp, RPCPROG_MNT, RPCMNT_VER3,
446 syslog(LOG_WARNING, "can't register TCP6 RPCMNT_VER3 service");
451 syslog(LOG_WARNING, "can't create TCP6 service");
455 syslog(LOG_ERR, "could not create any services");
459 /* Expand svc_run() here so that we can call get_exportlist(). */
466 switch (select(svc_maxfd + 1, &readfds, NULL, NULL, NULL)) {
470 syslog(LOG_ERR, "mountd died: select: %m");
475 svc_getreqset(&readfds);
484 "usage: mountd [-2] [-d] [-l] [-n] [-r] [export_file]\n");
489 * The mount rpc service
492 mntsrv(struct svc_req *rqstp, SVCXPRT *transp)
494 struct exportlist *ep;
499 char host[NI_MAXHOST], numerichost[NI_MAXHOST];
500 int lookup_failed = 1;
501 struct sockaddr *saddr;
503 char rpcpath[RPCMNT_PATHLEN + 1], dirpath[MAXPATHLEN];
504 int bad = 0, defset, hostset;
505 sigset_t sighup_mask;
507 sigemptyset(&sighup_mask);
508 sigaddset(&sighup_mask, SIGHUP);
509 saddr = svc_getrpccaller(transp)->buf;
510 switch (saddr->sa_family) {
512 sport = ntohs(((struct sockaddr_in6 *)saddr)->sin6_port);
515 sport = ntohs(((struct sockaddr_in *)saddr)->sin_port);
518 syslog(LOG_ERR, "request from unknown address family");
521 lookup_failed = getnameinfo(saddr, saddr->sa_len, host, sizeof host,
523 getnameinfo(saddr, saddr->sa_len, numerichost,
524 sizeof numerichost, NULL, 0, NI_NUMERICHOST);
525 switch (rqstp->rq_proc) {
527 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
528 syslog(LOG_ERR, "can't send reply");
531 if (sport >= IPPORT_RESERVED && resvport_only) {
533 "mount request from %s from unprivileged port",
535 svcerr_weakauth(transp);
538 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
539 syslog(LOG_NOTICE, "undecodable mount request from %s",
541 svcerr_decode(transp);
546 * Get the real pathname and make sure it is a directory
547 * or a regular file if the -r option was specified
550 if (realpath(rpcpath, dirpath) == NULL ||
551 stat(dirpath, &stb) < 0 ||
552 (!S_ISDIR(stb.st_mode) &&
553 (dir_only || !S_ISREG(stb.st_mode))) ||
554 statfs(dirpath, &fsb) < 0) {
555 chdir("/"); /* Just in case realpath doesn't */
557 "mount request from %s for non existent path %s",
558 numerichost, dirpath);
560 warnx("stat failed on %s", dirpath);
561 bad = ENOENT; /* We will send error reply later */
564 /* Check in the exports list */
565 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
566 ep = ex_search(&fsb.f_fsid);
567 hostset = defset = 0;
568 if (ep && (chk_host(ep->ex_defdir, saddr, &defset, &hostset) ||
569 ((dp = dirp_search(ep->ex_dirl, dirpath)) &&
570 chk_host(dp, saddr, &defset, &hostset)) ||
571 (defset && scan_tree(ep->ex_defdir, saddr) == 0 &&
572 scan_tree(ep->ex_dirl, saddr) == 0))) {
574 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
576 syslog(LOG_ERR, "can't send reply");
577 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
580 if (hostset & DP_HOSTSET)
581 fhr.fhr_flag = hostset;
583 fhr.fhr_flag = defset;
584 fhr.fhr_vers = rqstp->rq_vers;
585 /* Get the file handle */
586 memset(&fhr.fhr_fh, 0, sizeof(nfsfh_t));
587 if (getfh(dirpath, (fhandle_t *)&fhr.fhr_fh) < 0) {
589 syslog(LOG_ERR, "can't get fh for %s", dirpath);
590 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
592 syslog(LOG_ERR, "can't send reply");
593 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
596 if (!svc_sendreply(transp, (xdrproc_t)xdr_fhs, &fhr))
597 syslog(LOG_ERR, "can't send reply");
599 add_mlist(host, dirpath);
601 add_mlist(numerichost, dirpath);
603 warnx("mount successful");
606 "mount request succeeded from %s for %s",
607 numerichost, dirpath);
611 "mount request denied from %s for %s",
612 numerichost, dirpath);
615 if (bad && !svc_sendreply(transp, (xdrproc_t)xdr_long, &bad))
616 syslog(LOG_ERR, "can't send reply");
617 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
620 if (!svc_sendreply(transp, (xdrproc_t)xdr_mlist, NULL))
621 syslog(LOG_ERR, "can't send reply");
624 "dump request succeeded from %s",
628 if (sport >= IPPORT_RESERVED && resvport_only) {
630 "umount request from %s from unprivileged port",
632 svcerr_weakauth(transp);
635 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
636 syslog(LOG_NOTICE, "undecodable umount request from %s",
638 svcerr_decode(transp);
641 if (realpath(rpcpath, dirpath) == NULL) {
642 syslog(LOG_NOTICE, "umount request from %s "
643 "for non existent path %s",
644 numerichost, dirpath);
646 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
647 syslog(LOG_ERR, "can't send reply");
649 del_mlist(host, dirpath);
650 del_mlist(numerichost, dirpath);
653 "umount request succeeded from %s for %s",
654 numerichost, dirpath);
657 if (sport >= IPPORT_RESERVED && resvport_only) {
659 "umountall request from %s from unprivileged port",
661 svcerr_weakauth(transp);
664 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
665 syslog(LOG_ERR, "can't send reply");
667 del_mlist(host, NULL);
668 del_mlist(numerichost, NULL);
671 "umountall request succeeded from %s",
675 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist, NULL))
676 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist_brief, NULL))
677 syslog(LOG_ERR, "can't send reply");
680 "export request succeeded from %s",
684 svcerr_noproc(transp);
690 * Xdr conversion for a dirpath string
693 xdr_dir(XDR *xdrsp, char *dirp)
695 return (xdr_string(xdrsp, &dirp, RPCMNT_PATHLEN));
699 * Xdr routine to generate file handle reply
702 xdr_fhs(XDR *xdrsp, caddr_t cp)
704 struct fhreturn *fhrp = (struct fhreturn *)cp;
705 u_long ok = 0, len, auth;
707 if (!xdr_long(xdrsp, &ok))
709 switch (fhrp->fhr_vers) {
711 return (xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, NFSX_V2FH));
714 if (!xdr_long(xdrsp, &len))
716 if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len))
720 if (!xdr_long(xdrsp, &len))
722 return (xdr_long(xdrsp, &auth));
728 xdr_mlist(XDR *xdrsp, caddr_t cp)
730 struct mountlist *mlp;
737 if (!xdr_bool(xdrsp, &true))
739 strp = &mlp->ml_host[0];
740 if (!xdr_string(xdrsp, &strp, RPCMNT_NAMELEN))
742 strp = &mlp->ml_dirp[0];
743 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN))
747 if (!xdr_bool(xdrsp, &false))
753 * Xdr conversion for export list
756 xdr_explist_common(XDR *xdrsp, caddr_t cp, int brief)
758 struct exportlist *ep;
761 sigset_t sighup_mask;
763 sigemptyset(&sighup_mask);
764 sigaddset(&sighup_mask, SIGHUP);
765 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
769 if (put_exlist(ep->ex_dirl, xdrsp, ep->ex_defdir,
772 if (ep->ex_defdir && putdef == 0 &&
773 put_exlist(ep->ex_defdir, xdrsp, NULL,
778 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
779 if (!xdr_bool(xdrsp, &false))
783 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
788 * Called from xdr_explist() to traverse the tree and export the
792 put_exlist(struct dirlist *dp, XDR *xdrsp, struct dirlist *adp, int *putdefp, int brief)
794 struct grouplist *grp;
802 if (put_exlist(dp->dp_left, xdrsp, adp, putdefp, brief))
804 if (!xdr_bool(xdrsp, &true))
807 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN))
809 if (adp && !strcmp(dp->dp_dirp, adp->dp_dirp)) {
814 if (!xdr_bool(xdrsp, &true))
817 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN))
819 } else if ((dp->dp_flag & DP_DEFSET) == 0 &&
820 (gotalldir == 0 || (adp->dp_flag & DP_DEFSET) == 0)) {
824 if (grp->gr_type == GT_HOST) {
825 if (!xdr_bool(xdrsp, &true))
827 strp = grp->gr_ptr.gt_addrinfo->ai_canonname;
828 if (!xdr_string(xdrsp, &strp,
831 } else if (grp->gr_type == GT_NET) {
832 if (!xdr_bool(xdrsp, &true))
834 strp = grp->gr_ptr.gt_net.nt_name;
835 if (!xdr_string(xdrsp, &strp,
840 if (gotalldir && hp == NULL) {
846 if (!xdr_bool(xdrsp, &false))
848 if (put_exlist(dp->dp_right, xdrsp, adp, putdefp, brief))
855 xdr_explist(xdrsp, cp)
860 return xdr_explist_common(xdrsp, cp, 0);
864 xdr_explist_brief(xdrsp, cp)
869 return xdr_explist_common(xdrsp, cp, 1);
877 * Get the export list
882 struct exportlist *ep, *ep2;
883 struct grouplist *grp, *tgrp;
884 struct exportlist **epp;
885 struct dirlist *dirhead;
886 struct statfs fsb, *fsp;
888 char *cp, *endcp, *dirp, *hst, *usr, *dom, savedc;
889 int len, has_host, exflags, got_nondir, dirplen, num, i, netgrp;
895 * First, get rid of the old list
914 * And delete exports that are in the kernel for all local
916 * XXX: Should know how to handle all local exportable filesystems
917 * instead of just "ufs".
919 num = getmntinfo(&fsp, MNT_NOWAIT);
920 for (i = 0; i < num; i++) {
925 struct msdosfs_args da;
928 struct export_args export;
930 export.ex_flags = MNT_DELEXPORT;
931 if (mountctl(fsp->f_mntonname, MOUNTCTL_SET_EXPORT, -1,
932 &export, sizeof(export), NULL, 0) == 0) {
933 } else if (!strcmp(fsp->f_fstypename, "mfs") ||
934 !strcmp(fsp->f_fstypename, "ufs") ||
935 !strcmp(fsp->f_fstypename, "msdos") ||
936 !strcmp(fsp->f_fstypename, "ntfs") ||
937 !strcmp(fsp->f_fstypename, "cd9660")) {
938 targs.ua.fspec = NULL;
939 targs.ua.export.ex_flags = MNT_DELEXPORT;
940 if (mount(fsp->f_fstypename, fsp->f_mntonname,
941 fsp->f_flags | MNT_UPDATE,
942 (caddr_t)&targs) < 0)
943 syslog(LOG_ERR, "can't delete exports for %s",
950 * Read in the exports file and build the list, calling
951 * mount() as we go along to push the export rules into the kernel.
953 if ((exp_file = fopen(exname, "r")) == NULL) {
954 syslog(LOG_ERR, "can't open %s", exname);
960 warnx("got line %s", line);
962 nextfield(&cp, &endcp);
971 exflags = MNT_EXPORTED;
977 * Create new exports list entry
980 tgrp = grp = get_grp();
982 if (len > RPCMNT_NAMELEN) {
983 getexp_err(ep, tgrp);
988 getexp_err(ep, tgrp);
992 warnx("doing opt %s", cp);
994 if (do_opt(&cp, &endcp, ep, grp, &has_host,
996 getexp_err(ep, tgrp);
999 } else if (*cp == '/') {
1002 if (check_dirpath(cp) &&
1003 statfs(cp, &fsb) >= 0) {
1005 syslog(LOG_ERR, "dirs must be first");
1006 getexp_err(ep, tgrp);
1010 if (ep->ex_fs.val[0] != fsb.f_fsid.val[0] ||
1011 ep->ex_fs.val[1] != fsb.f_fsid.val[1]) {
1012 getexp_err(ep, tgrp);
1017 * See if this directory is already
1020 ep = ex_search(&fsb.f_fsid);
1023 ep->ex_fs = fsb.f_fsid;
1024 ep->ex_fsdir = (char *)
1025 malloc(strlen(fsb.f_mntonname) + 1);
1027 strcpy(ep->ex_fsdir,
1032 warnx("making new ep fs=0x%x,0x%x",
1036 warnx("found ep fs=0x%x,0x%x",
1042 * Add dirpath to export mount point.
1044 dirp = add_expdir(&dirhead, cp, len);
1047 getexp_err(ep, tgrp);
1056 getexp_err(ep, tgrp);
1061 * Get the host or netgroup.
1064 netgrp = getnetgrent(&hst, &usr, &dom);
1067 grp->gr_next = get_grp();
1073 "null hostname in netgroup %s, skipping", cp);
1074 grp->gr_type = GT_IGNORE;
1075 } else if (get_host(hst, grp, tgrp)) {
1077 "bad host %s in netgroup %s, skipping", hst, cp);
1078 grp->gr_type = GT_IGNORE;
1080 } else if (get_host(cp, grp, tgrp)) {
1081 syslog(LOG_ERR, "bad host %s, skipping", cp);
1082 grp->gr_type = GT_IGNORE;
1085 } while (netgrp && getnetgrent(&hst, &usr, &dom));
1090 nextfield(&cp, &endcp);
1093 if (check_options(dirhead)) {
1094 getexp_err(ep, tgrp);
1098 grp->gr_type = GT_DEFAULT;
1100 warnx("adding a default entry");
1103 * Don't allow a network export coincide with a list of
1104 * host(s) on the same line.
1106 } else if ((opt_flags & OP_NET) && tgrp->gr_next) {
1107 syslog(LOG_ERR, "network/host conflict");
1108 getexp_err(ep, tgrp);
1112 * If an export list was specified on this line, make sure
1113 * that we have at least one valid entry, otherwise skip it.
1117 while (grp && grp->gr_type == GT_IGNORE)
1120 getexp_err(ep, tgrp);
1126 * Loop through hosts, pushing the exports into the kernel.
1127 * After loop, tgrp points to the start of the list and
1128 * grp points to the last entry in the list.
1132 if (do_mount(ep, grp, exflags, &anon, dirp, dirplen,
1134 getexp_err(ep, tgrp);
1137 } while (grp->gr_next && (grp = grp->gr_next));
1140 * Success. Update the data structures.
1143 hang_dirp(dirhead, tgrp, ep, opt_flags);
1144 grp->gr_next = grphead;
1147 hang_dirp(dirhead, NULL, ep,
1152 if ((ep->ex_flag & EX_LINKED) == 0) {
1157 * Insert in the list in alphabetical order.
1159 while (ep2 && strcmp(ep2->ex_fsdir, ep->ex_fsdir) < 0) {
1160 epp = &ep2->ex_next;
1166 ep->ex_flag |= EX_LINKED;
1178 * Allocate an export list element
1183 struct exportlist *ep;
1185 ep = (struct exportlist *)malloc(sizeof (struct exportlist));
1188 memset(ep, 0, sizeof(struct exportlist));
1193 * Allocate a group list element
1198 struct grouplist *gp;
1200 gp = (struct grouplist *)malloc(sizeof (struct grouplist));
1203 memset(gp, 0, sizeof(struct grouplist));
1208 * Clean up upon an error in get_exportlist().
1211 getexp_err(struct exportlist *ep, struct grouplist *grp)
1213 struct grouplist *tgrp;
1215 if (!(opt_flags & OP_QUIET))
1216 syslog(LOG_ERR, "bad exports list line %s", line);
1217 if (ep && (ep->ex_flag & EX_LINKED) == 0)
1227 * Search the export list for a matching fs.
1230 ex_search(fsid_t *fsid)
1232 struct exportlist *ep;
1236 if (ep->ex_fs.val[0] == fsid->val[0] &&
1237 ep->ex_fs.val[1] == fsid->val[1])
1245 * Add a directory path to the list.
1248 add_expdir(struct dirlist **dpp, char *cp, int len)
1252 dp = (struct dirlist *)malloc(sizeof (struct dirlist) + len);
1256 dp->dp_right = NULL;
1258 dp->dp_hosts = NULL;
1259 strcpy(dp->dp_dirp, cp);
1261 return (dp->dp_dirp);
1265 * Hang the dir list element off the dirpath binary tree as required
1266 * and update the entry for host.
1269 hang_dirp(struct dirlist *dp, struct grouplist *grp, struct exportlist *ep,
1272 struct hostlist *hp;
1273 struct dirlist *dp2;
1275 if (flags & OP_ALLDIRS) {
1281 ep->ex_defdir->dp_flag |= DP_DEFSET;
1282 } else while (grp) {
1285 hp->ht_next = ep->ex_defdir->dp_hosts;
1286 ep->ex_defdir->dp_hosts = hp;
1292 * Loop through the directories adding them to the tree.
1296 add_dlist(&ep->ex_dirl, dp, grp, flags);
1303 * Traverse the binary tree either updating a node that is already there
1304 * for the new directory or adding the new node.
1307 add_dlist(struct dirlist **dpp, struct dirlist *newdp, struct grouplist *grp,
1311 struct hostlist *hp;
1316 cmp = strcmp(dp->dp_dirp, newdp->dp_dirp);
1318 add_dlist(&dp->dp_left, newdp, grp, flags);
1320 } else if (cmp < 0) {
1321 add_dlist(&dp->dp_right, newdp, grp, flags);
1324 free((caddr_t)newdp);
1333 * Hang all of the host(s) off of the directory point.
1338 hp->ht_next = dp->dp_hosts;
1343 dp->dp_flag |= DP_DEFSET;
1348 * Search for a dirpath on the export point.
1351 dirp_search(struct dirlist *dp, char *dirp)
1356 cmp = strcmp(dp->dp_dirp, dirp);
1358 return (dirp_search(dp->dp_left, dirp));
1360 return (dirp_search(dp->dp_right, dirp));
1368 * Scan for a host match in a directory tree.
1371 chk_host(struct dirlist *dp, struct sockaddr *saddr, int *defsetp,
1374 struct hostlist *hp;
1375 struct grouplist *grp;
1376 struct addrinfo *ai;
1379 if (dp->dp_flag & DP_DEFSET)
1380 *defsetp = dp->dp_flag;
1384 switch (grp->gr_type) {
1386 ai = grp->gr_ptr.gt_addrinfo;
1387 for (; ai; ai = ai->ai_next) {
1388 if (!sacmp(ai->ai_addr, saddr, NULL)) {
1390 (hp->ht_flag | DP_HOSTSET);
1396 if (!sacmp(saddr, (struct sockaddr *)
1397 &grp->gr_ptr.gt_net.nt_net,
1399 &grp->gr_ptr.gt_net.nt_mask)) {
1400 *hostsetp = (hp->ht_flag | DP_HOSTSET);
1412 * Scan tree for a host that matches the address.
1415 scan_tree(struct dirlist *dp, struct sockaddr *saddr)
1417 int defset, hostset;
1420 if (scan_tree(dp->dp_left, saddr))
1422 if (chk_host(dp, saddr, &defset, &hostset))
1424 if (scan_tree(dp->dp_right, saddr))
1431 * Traverse the dirlist tree and free it up.
1434 free_dir(struct dirlist *dp)
1438 free_dir(dp->dp_left);
1439 free_dir(dp->dp_right);
1440 free_host(dp->dp_hosts);
1446 * Parse the option string and update fields.
1447 * Option arguments may either be -<option>=<value> or
1451 do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp,
1452 int *has_hostp, int *exflagsp, struct ucred *cr)
1454 char *cpoptarg, *cpoptend;
1455 char *cp, *endcp, *cpopt, savedc, savedc2;
1456 int allflag, usedarg;
1464 while (cpopt && *cpopt) {
1467 if ((cpoptend = strchr(cpopt, ','))) {
1469 if ((cpoptarg = strchr(cpopt, '=')))
1472 if ((cpoptarg = strchr(cpopt, '=')))
1476 nextfield(&cp, &endcp);
1478 if (endcp > cp && *cp != '-') {
1486 if (!strcmp(cpopt, "ro") || !strcmp(cpopt, "o")) {
1487 *exflagsp |= MNT_EXRDONLY;
1488 } else if (cpoptarg && (!strcmp(cpopt, "maproot") ||
1489 !(allflag = strcmp(cpopt, "mapall")) ||
1490 !strcmp(cpopt, "root") || !strcmp(cpopt, "r"))) {
1492 parsecred(cpoptarg, cr);
1494 *exflagsp |= MNT_EXPORTANON;
1495 opt_flags |= OP_MAPALL;
1497 opt_flags |= OP_MAPROOT;
1498 } else if (cpoptarg && (!strcmp(cpopt, "mask") ||
1499 !strcmp(cpopt, "m"))) {
1500 if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) {
1501 syslog(LOG_ERR, "bad mask: %s", cpoptarg);
1505 opt_flags |= OP_MASK;
1506 } else if (cpoptarg && (!strcmp(cpopt, "network") ||
1507 !strcmp(cpopt, "n"))) {
1508 if (strchr(cpoptarg, '/') != NULL) {
1510 fprintf(stderr, "setting OP_MASKLEN\n");
1511 opt_flags |= OP_MASKLEN;
1513 if (grp->gr_type != GT_NULL) {
1514 syslog(LOG_ERR, "network/host conflict");
1516 } else if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 0)) {
1517 syslog(LOG_ERR, "bad net: %s", cpoptarg);
1520 grp->gr_type = GT_NET;
1523 opt_flags |= OP_NET;
1524 } else if (!strcmp(cpopt, "alldirs")) {
1525 opt_flags |= OP_ALLDIRS;
1526 } else if (!strcmp(cpopt, "public")) {
1527 *exflagsp |= MNT_EXPUBLIC;
1528 } else if (!strcmp(cpopt, "webnfs")) {
1529 *exflagsp |= (MNT_EXPUBLIC|MNT_EXRDONLY|MNT_EXPORTANON);
1530 opt_flags |= OP_MAPALL;
1531 } else if (cpoptarg && !strcmp(cpopt, "index")) {
1532 ep->ex_indexfile = strdup(cpoptarg);
1533 } else if (!strcmp(cpopt, "quiet")) {
1534 opt_flags |= OP_QUIET;
1536 syslog(LOG_ERR, "bad opt %s", cpopt);
1555 * Translate a character string to the corresponding list of network
1556 * addresses for a hostname.
1559 get_host(char *cp, struct grouplist *grp, struct grouplist *tgrp)
1561 struct grouplist *checkgrp;
1562 struct addrinfo *ai, *tai, hints;
1564 char host[NI_MAXHOST];
1566 if (grp->gr_type != GT_NULL) {
1567 syslog(LOG_ERR, "Bad netgroup type for ip host %s", cp);
1570 memset(&hints, 0, sizeof hints);
1571 hints.ai_flags = AI_CANONNAME;
1572 hints.ai_protocol = IPPROTO_UDP;
1573 ecode = getaddrinfo(cp, NULL, &hints, &ai);
1575 syslog(LOG_ERR,"can't get address info for host %s", cp);
1578 grp->gr_ptr.gt_addrinfo = ai;
1579 while (ai != NULL) {
1580 if (ai->ai_canonname == NULL) {
1581 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host,
1582 sizeof host, NULL, 0, ninumeric) != 0)
1583 strlcpy(host, "?", sizeof(host));
1584 ai->ai_canonname = strdup(host);
1585 ai->ai_flags |= AI_CANONNAME;
1588 fprintf(stderr, "got host %s\n", ai->ai_canonname);
1590 * Sanity check: make sure we don't already have an entry
1591 * for this host in the grouplist.
1593 for (checkgrp = tgrp; checkgrp != NULL;
1594 checkgrp = checkgrp->gr_next) {
1595 if (checkgrp->gr_type != GT_HOST)
1597 for (tai = checkgrp->gr_ptr.gt_addrinfo; tai != NULL;
1598 tai = tai->ai_next) {
1599 if (sacmp(tai->ai_addr, ai->ai_addr, NULL) != 0)
1603 "ignoring duplicate host %s\n",
1605 grp->gr_type = GT_IGNORE;
1611 grp->gr_type = GT_HOST;
1616 * Free up an exports list component
1619 free_exp(struct exportlist *ep)
1622 if (ep->ex_defdir) {
1623 free_host(ep->ex_defdir->dp_hosts);
1624 free((caddr_t)ep->ex_defdir);
1628 if (ep->ex_indexfile)
1629 free(ep->ex_indexfile);
1630 free_dir(ep->ex_dirl);
1638 free_host(struct hostlist *hp)
1640 struct hostlist *hp2;
1652 struct hostlist *hp;
1654 hp = (struct hostlist *)malloc(sizeof (struct hostlist));
1663 * Out of memory, fatal
1669 syslog(LOG_ERR, "out of memory");
1674 * Do the mount syscall with the update flag to push the export info into
1678 do_mount(struct exportlist *ep, struct grouplist *grp, int exflags,
1679 struct ucred *anoncrp, char *dirp, int dirplen, struct statfs *fsb)
1682 struct addrinfo *ai;
1683 struct export_args *eap;
1691 struct msdosfs_args da;
1692 struct ntfs_args na;
1695 bzero(&args, sizeof args);
1696 /* XXX, we assume that all xx_args look like ufs_args. */
1698 eap = &args.ua.export;
1700 eap->ex_flags = exflags;
1701 eap->ex_anon = *anoncrp;
1702 eap->ex_indexfile = ep->ex_indexfile;
1703 if (grp->gr_type == GT_HOST)
1704 ai = grp->gr_ptr.gt_addrinfo;
1709 switch (grp->gr_type) {
1711 if (ai->ai_addr->sa_family == AF_INET6 && have_v6 == 0)
1713 eap->ex_addr = ai->ai_addr;
1714 eap->ex_addrlen = ai->ai_addrlen;
1715 eap->ex_masklen = 0;
1718 if (grp->gr_ptr.gt_net.nt_net.ss_family == AF_INET6 &&
1722 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_net;
1723 eap->ex_addrlen = args.ua.export.ex_addr->sa_len;
1725 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask;
1726 eap->ex_masklen = args.ua.export.ex_mask->sa_len;
1729 eap->ex_addr = NULL;
1730 eap->ex_addrlen = 0;
1731 eap->ex_mask = NULL;
1732 eap->ex_masklen = 0;
1738 syslog(LOG_ERR, "bad grouptype");
1746 * Maybe I should just use the fsb->f_mntonname path instead
1747 * of looping back up the dirp to the mount point??
1748 * Also, needs to know how to export all types of local
1749 * exportable filesystems and not just "ufs".
1754 r = mountctl(fsb->f_mntonname, MOUNTCTL_SET_EXPORT,
1756 &args.ua.export, sizeof(args.ua.export),
1758 if (r < 0 && errno == EOPNOTSUPP) {
1759 r = mount(fsb->f_fstypename, dirp,
1760 fsb->f_flags | MNT_UPDATE,
1768 cp = dirp + dirplen - 1;
1769 if (opt_flags & OP_QUIET)
1771 if (errno == EPERM) {
1773 warnx("can't change attributes for %s",
1776 "can't change attributes for %s", dirp);
1779 if (opt_flags & OP_ALLDIRS) {
1780 if (errno == EINVAL)
1782 "-alldirs requested but %s is not a filesystem mountpoint",
1786 "could not remount %s: %m",
1790 /* back up over the last component */
1791 while (*cp == '/' && cp > dirp)
1793 while (*(cp - 1) != '/' && cp > dirp)
1797 warnx("mnt unsucc");
1798 syslog(LOG_ERR, "can't export %s", dirp);
1803 /* Check that we're still on the same filesystem. */
1804 if (statfs(dirp, &fsb1) != 0 || bcmp(&fsb1.f_fsid,
1805 &fsb->f_fsid, sizeof(fsb1.f_fsid)) != 0) {
1807 syslog(LOG_ERR, "can't export %s", dirp);
1823 * Translate a net address.
1825 * If `maskflg' is nonzero, then `cp' is a netmask, not a network address.
1828 get_net(char *cp, struct netmsk *net, int maskflg)
1830 struct netent *np = NULL;
1831 char *name, *p, *prefp;
1832 struct sockaddr_in sin;
1833 struct sockaddr *sa = NULL;
1834 struct addrinfo hints, *ai = NULL;
1835 char netname[NI_MAXHOST];
1839 if ((opt_flags & OP_MASKLEN) && !maskflg) {
1840 p = strchr(cp, '/');
1846 * Check for a numeric address first. We wish to avoid
1847 * possible DNS lookups in getnetbyname().
1849 if (isxdigit(*cp) || *cp == ':') {
1850 memset(&hints, 0, sizeof hints);
1851 /* Ensure the mask and the network have the same family. */
1852 if (maskflg && (opt_flags & OP_NET))
1853 hints.ai_family = net->nt_net.ss_family;
1854 else if (!maskflg && (opt_flags & OP_HAVEMASK))
1855 hints.ai_family = net->nt_mask.ss_family;
1857 hints.ai_family = AF_UNSPEC;
1858 hints.ai_flags = AI_NUMERICHOST;
1859 if (getaddrinfo(cp, NULL, &hints, &ai) == 0)
1861 if (sa != NULL && ai->ai_family == AF_INET) {
1863 * The address in `cp' is really a network address, so
1864 * use inet_network() to re-interpret this correctly.
1865 * e.g. "127.1" means 127.1.0.0, not 127.0.0.1.
1867 bzero(&sin, sizeof sin);
1868 sin.sin_family = AF_INET;
1869 sin.sin_len = sizeof sin;
1870 sin.sin_addr = inet_makeaddr(inet_network(cp), 0);
1872 fprintf(stderr, "get_net: v4 addr %s\n",
1873 inet_ntoa(sin.sin_addr));
1874 sa = (struct sockaddr *)&sin;
1877 if (sa == NULL && (np = getnetbyname(cp)) != NULL) {
1878 bzero(&sin, sizeof sin);
1879 sin.sin_family = AF_INET;
1880 sin.sin_len = sizeof sin;
1881 sin.sin_addr = inet_makeaddr(np->n_net, 0);
1882 sa = (struct sockaddr *)&sin;
1888 /* The specified sockaddr is a mask. */
1889 if (checkmask(sa) != 0)
1891 bcopy(sa, &net->nt_mask, sa->sa_len);
1892 opt_flags |= OP_HAVEMASK;
1894 /* The specified sockaddr is a network address. */
1895 bcopy(sa, &net->nt_net, sa->sa_len);
1897 /* Get a network name for the export list. */
1900 } else if (getnameinfo(sa, sa->sa_len, netname, sizeof netname,
1901 NULL, 0, ninumeric) == 0) {
1906 if ((net->nt_name = strdup(name)) == NULL)
1910 * Extract a mask from either a "/<masklen>" suffix, or
1911 * from the class of an IPv4 address.
1913 if (opt_flags & OP_MASKLEN) {
1914 preflen = strtol(prefp, NULL, 10);
1915 if (preflen < 0L || preflen == LONG_MAX)
1917 bcopy(sa, &net->nt_mask, sa->sa_len);
1918 if (makemask(&net->nt_mask, (int)preflen) != 0)
1920 opt_flags |= OP_HAVEMASK;
1922 } else if (sa->sa_family == AF_INET &&
1923 (opt_flags & OP_MASK) == 0) {
1926 addr = ((struct sockaddr_in *)sa)->sin_addr.s_addr;
1927 if (IN_CLASSA(addr))
1929 else if (IN_CLASSB(addr))
1931 else if (IN_CLASSC(addr))
1933 else if (IN_CLASSD(addr))
1936 preflen = 32; /* XXX */
1938 bcopy(sa, &net->nt_mask, sa->sa_len);
1939 makemask(&net->nt_mask, (int)preflen);
1940 opt_flags |= OP_HAVEMASK;
1955 * Parse out the next white space separated field
1958 nextfield(char **cp, char **endcp)
1963 while (*p == ' ' || *p == '\t')
1965 if (*p == '\n' || *p == '\0')
1969 while (*p != ' ' && *p != '\t' && *p != '\n' && *p != '\0')
1976 * Get an exports file line. Skip over blank lines and handle line
1984 int totlen, cont_line;
1987 * Loop around ignoring blank lines and getting all continuation lines.
1992 if ((p = fgetln(exp_file, &len)) == NULL)
1997 (*cp == ' ' || *cp == '\t' || *cp == '\n' || *cp == '\\')) {
2007 if (linesize < len + totlen + 1) {
2008 linesize = len + totlen + 1;
2009 line = realloc(line, linesize);
2013 memcpy(line + totlen, p, len);
2015 line[totlen] = '\0';
2016 } while (totlen == 0 || cont_line);
2021 * Parse a description of a credential.
2024 parsecred(char *namelist, struct ucred *cr)
2031 int ngroups, groups[NGROUPS + 1];
2034 * Set up the unprivileged user.
2038 cr->cr_groups[0] = -2;
2041 * Get the user's password table entry.
2043 names = strsep(&namelist, " \t\n");
2044 name = strsep(&names, ":");
2045 if (isdigit(*name) || *name == '-')
2046 pw = getpwuid(atoi(name));
2048 pw = getpwnam(name);
2050 * Credentials specified as those of a user.
2052 if (names == NULL) {
2054 syslog(LOG_ERR, "unknown user: %s", name);
2057 cr->cr_uid = pw->pw_uid;
2058 ngroups = NGROUPS + 1;
2059 if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups))
2060 syslog(LOG_ERR, "too many groups");
2062 * Convert from int's to gid_t's and compress out duplicate
2064 cr->cr_ngroups = ngroups - 1;
2065 cr->cr_groups[0] = groups[0];
2066 for (cnt = 2; cnt < ngroups; cnt++)
2067 cr->cr_groups[cnt - 1] = groups[cnt];
2071 * Explicit credential specified as a colon separated list:
2075 cr->cr_uid = pw->pw_uid;
2076 else if (isdigit(*name) || *name == '-')
2077 cr->cr_uid = atoi(name);
2079 syslog(LOG_ERR, "unknown user: %s", name);
2083 while (names != NULL && *names != '\0' && cr->cr_ngroups < NGROUPS) {
2084 name = strsep(&names, ":");
2085 if (isdigit(*name) || *name == '-') {
2086 cr->cr_groups[cr->cr_ngroups++] = atoi(name);
2088 if ((gr = getgrnam(name)) == NULL) {
2089 syslog(LOG_ERR, "unknown group: %s", name);
2092 cr->cr_groups[cr->cr_ngroups++] = gr->gr_gid;
2095 if (names != NULL && *names != '\0' && cr->cr_ngroups == NGROUPS)
2096 syslog(LOG_ERR, "too many groups");
2099 #define STRSIZ (RPCMNT_NAMELEN+RPCMNT_PATHLEN+50)
2101 * Routines that maintain the remote mounttab
2106 struct mountlist *mlp, **mlpp;
2107 char *host, *dirp, *cp;
2111 if ((mlfile = fopen(_PATH_RMOUNTLIST, "r")) == NULL) {
2112 if (errno == ENOENT)
2115 syslog(LOG_ERR, "can't open %s", _PATH_RMOUNTLIST);
2120 while (fgets(str, STRSIZ, mlfile) != NULL) {
2122 host = strsep(&cp, " \t\n");
2123 dirp = strsep(&cp, " \t\n");
2124 if (host == NULL || dirp == NULL)
2126 mlp = (struct mountlist *)malloc(sizeof (*mlp));
2129 strncpy(mlp->ml_host, host, RPCMNT_NAMELEN);
2130 mlp->ml_host[RPCMNT_NAMELEN] = '\0';
2131 strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN);
2132 mlp->ml_dirp[RPCMNT_PATHLEN] = '\0';
2133 mlp->ml_next = NULL;
2135 mlpp = &mlp->ml_next;
2141 del_mlist(char *hostp, char *dirp)
2143 struct mountlist *mlp, **mlpp;
2144 struct mountlist *mlp2;
2151 if (!strcmp(mlp->ml_host, hostp) &&
2152 (!dirp || !strcmp(mlp->ml_dirp, dirp))) {
2155 *mlpp = mlp = mlp->ml_next;
2156 free((caddr_t)mlp2);
2158 mlpp = &mlp->ml_next;
2163 if ((mlfile = fopen(_PATH_RMOUNTLIST, "w")) == NULL) {
2164 syslog(LOG_ERR,"can't update %s", _PATH_RMOUNTLIST);
2169 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
2177 add_mlist(char *hostp, char *dirp)
2179 struct mountlist *mlp, **mlpp;
2185 if (!strcmp(mlp->ml_host, hostp) && !strcmp(mlp->ml_dirp, dirp))
2187 mlpp = &mlp->ml_next;
2190 mlp = (struct mountlist *)malloc(sizeof (*mlp));
2193 strncpy(mlp->ml_host, hostp, RPCMNT_NAMELEN);
2194 mlp->ml_host[RPCMNT_NAMELEN] = '\0';
2195 strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN);
2196 mlp->ml_dirp[RPCMNT_PATHLEN] = '\0';
2197 mlp->ml_next = NULL;
2199 if ((mlfile = fopen(_PATH_RMOUNTLIST, "a")) == NULL) {
2200 syslog(LOG_ERR, "can't update %s", _PATH_RMOUNTLIST);
2203 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
2208 * Free up a group list.
2211 free_grp(struct grouplist *grp)
2213 if (grp->gr_type == GT_HOST) {
2214 if (grp->gr_ptr.gt_addrinfo != NULL)
2215 freeaddrinfo(grp->gr_ptr.gt_addrinfo);
2216 } else if (grp->gr_type == GT_NET) {
2217 if (grp->gr_ptr.gt_net.nt_name)
2218 free(grp->gr_ptr.gt_net.nt_name);
2225 SYSLOG(int pri, const char *fmt, ...)
2230 vfprintf(stderr, fmt, ap);
2236 * Check options for consistency.
2239 check_options(struct dirlist *dp)
2244 if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) {
2245 syslog(LOG_ERR, "-mapall and -maproot mutually exclusive");
2248 if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) {
2249 syslog(LOG_ERR, "-mask requires -network");
2252 if ((opt_flags & OP_NET) && (opt_flags & OP_HAVEMASK) == 0) {
2253 syslog(LOG_ERR, "-network requires mask specification");
2256 if ((opt_flags & OP_MASK) && (opt_flags & OP_MASKLEN)) {
2257 syslog(LOG_ERR, "-mask and /masklen are mutually exclusive");
2260 if ((opt_flags & OP_ALLDIRS) && dp->dp_left) {
2261 syslog(LOG_ERR, "-alldirs has multiple directories");
2268 * Check an absolute directory path for any symbolic links. Return true
2271 check_dirpath(char *dirp)
2278 while (*cp && ret) {
2281 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
2287 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
2293 * Make a netmask according to the specified prefix length. The ss_family
2294 * and other non-address fields must be initialised before calling this.
2297 makemask(struct sockaddr_storage *ssp, int bitlen)
2302 if ((p = sa_rawaddr((struct sockaddr *)ssp, &len)) == NULL)
2304 if (bitlen > len * CHAR_BIT)
2306 for (i = 0; i < len; i++) {
2307 bits = (bitlen > CHAR_BIT) ? CHAR_BIT : bitlen;
2308 *p++ = (1 << bits) - 1;
2315 * Check that the sockaddr is a valid netmask. Returns 0 if the mask
2316 * is acceptable (i.e. of the form 1...10....0).
2319 checkmask(struct sockaddr *sa)
2324 if ((mask = sa_rawaddr(sa, &len)) == NULL)
2327 for (i = 0; i < len; i++)
2328 if (mask[i] != 0xff)
2331 if (~mask[i] & (u_char)(~mask[i] + 1))
2335 for (; i < len; i++)
2342 * Compare two sockaddrs according to a specified mask. Return zero if
2343 * `sa1' matches `sa2' when filtered by the netmask in `samask'.
2344 * If samask is NULL, perform a full comparision.
2347 sacmp(struct sockaddr *sa1, struct sockaddr *sa2, struct sockaddr *samask)
2349 unsigned char *p1, *p2, *mask;
2352 if (sa1->sa_family != sa2->sa_family ||
2353 (p1 = sa_rawaddr(sa1, &len)) == NULL ||
2354 (p2 = sa_rawaddr(sa2, NULL)) == NULL)
2357 switch (sa1->sa_family) {
2359 if (((struct sockaddr_in6 *)sa1)->sin6_scope_id !=
2360 ((struct sockaddr_in6 *)sa2)->sin6_scope_id)
2365 /* Simple binary comparison if no mask specified. */
2367 return (memcmp(p1, p2, len));
2369 /* Set up the mask, and do a mask-based comparison. */
2370 if (sa1->sa_family != samask->sa_family ||
2371 (mask = sa_rawaddr(samask, NULL)) == NULL)
2374 for (i = 0; i < len; i++)
2375 if ((p1[i] & mask[i]) != (p2[i] & mask[i]))
2381 * Return a pointer to the part of the sockaddr that contains the
2382 * raw address, and set *nbytes to its length in bytes. Returns
2383 * NULL if the address family is unknown.
2386 sa_rawaddr(struct sockaddr *sa, int *nbytes) {
2390 switch (sa->sa_family) {
2392 len = sizeof(((struct sockaddr_in *)sa)->sin_addr);
2393 p = &((struct sockaddr_in *)sa)->sin_addr;
2396 len = sizeof(((struct sockaddr_in6 *)sa)->sin6_addr);
2397 p = &((struct sockaddr_in6 *)sa)->sin6_addr;
2415 void terminate(int sig)
2417 pidfile_remove(pfh);
2418 rpcb_unset(RPCPROG_MNT, RPCMNT_VER1, NULL);
2419 rpcb_unset(RPCPROG_MNT, RPCMNT_VER3, NULL);