2 * Copyright (c) 1989, 1993
3 * The Regents of the University of California. All rights reserved.
5 * This code is derived from software contributed to Berkeley by
6 * Herb Hasler and Rick Macklem at The University of Guelph.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the University nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 * @(#) Copyright (c) 1989, 1993 The Regents of the University of California. All rights reserved.
33 * @(#)mountd.c 8.15 (Berkeley) 5/1/95
34 * $FreeBSD: src/sbin/mountd/mountd.c,v 1.39.2.5 2002/09/13 15:57:43 joerg Exp $
37 #include <sys/param.h>
38 #include <sys/module.h>
39 #include <sys/mount.h>
40 #include <sys/mountctl.h>
41 #include <sys/fcntl.h>
42 #include <sys/linker.h>
44 #include <sys/syslog.h>
45 #include <sys/sysctl.h>
48 #include <rpc/pmap_clnt.h>
49 #include <rpc/pmap_prot.h>
50 #include <rpcsvc/mount.h>
51 #include <vfs/nfs/rpcv2.h>
52 #include <vfs/nfs/nfsproto.h>
53 #include <vfs/nfs/nfs.h>
54 #include <vfs/ufs/ufsmount.h>
55 #include <vfs/msdosfs/msdosfsmount.h>
56 #include <vfs/ntfs/ntfsmount.h>
57 #include <vfs/isofs/cd9660/cd9660_mount.h> /* XXX need isofs in include */
59 #include <arpa/inet.h>
73 #include "pathnames.h"
80 * Structures for keeping the mount list and export list
83 struct mountlist *ml_next;
84 char ml_host[RPCMNT_NAMELEN+1];
85 char ml_dirp[RPCMNT_PATHLEN+1];
89 struct dirlist *dp_left;
90 struct dirlist *dp_right;
92 struct hostlist *dp_hosts; /* List of hosts this dir exported to */
93 char dp_dirp[1]; /* Actually malloc'd to size of dir */
97 #define DP_HOSTSET 0x2
100 struct exportlist *ex_next;
101 struct dirlist *ex_dirl;
102 struct dirlist *ex_defdir;
109 #define EX_LINKED 0x1
112 struct sockaddr_storage nt_net;
113 struct sockaddr_storage nt_mask;
118 struct addrinfo *gt_addrinfo;
119 struct netmsk gt_net;
124 union grouptypes gr_ptr;
125 struct grouplist *gr_next;
131 #define GT_DEFAULT 0x3
132 #define GT_IGNORE 0x5
135 int ht_flag; /* Uses DP_xx bits */
136 struct grouplist *ht_grp;
137 struct hostlist *ht_next;
147 char *add_expdir(struct dirlist **, char *, int);
148 void add_dlist(struct dirlist **, struct dirlist *,
149 struct grouplist *, int);
150 void add_mlist(char *, char *);
151 int check_dirpath(char *);
152 int check_options(struct dirlist *);
153 int checkmask(struct sockaddr *sa);
154 int chk_host(struct dirlist *, struct sockaddr *, int *, int *);
155 void del_mlist(char *, char *);
156 struct dirlist *dirp_search(struct dirlist *, char *);
157 int do_mount(struct exportlist *, struct grouplist *, int,
158 struct ucred *, char *, int, struct statfs *);
159 int do_opt(char **, char **, struct exportlist *, struct grouplist *,
160 int *, int *, struct ucred *);
161 struct exportlist *ex_search(fsid_t *);
162 struct exportlist *get_exp(void);
163 void free_dir(struct dirlist *);
164 void free_exp(struct exportlist *);
165 void free_grp(struct grouplist *);
166 void free_host(struct hostlist *);
167 void get_exportlist(void);
168 int get_host(char *, struct grouplist *, struct grouplist *);
169 struct hostlist *get_ht(void);
171 void get_mountlist(void);
172 int get_net(char *, struct netmsk *, int);
173 void getexp_err(struct exportlist *, struct grouplist *);
174 struct grouplist *get_grp(void);
175 void hang_dirp(struct dirlist *, struct grouplist *,
176 struct exportlist *, int);
177 void huphandler(int sig);
178 int makemask(struct sockaddr_storage *ssp, int bitlen);
179 void mntsrv(struct svc_req *, SVCXPRT *);
180 void nextfield(char **, char **);
181 void out_of_mem(void);
182 void parsecred(char *, struct ucred *);
183 int put_exlist(struct dirlist *, XDR *, struct dirlist *, int *, int);
184 void *sa_rawaddr(struct sockaddr *sa, int *nbytes);
185 int sacmp(struct sockaddr *sa1, struct sockaddr *sa2,
186 struct sockaddr *samask);
187 int scan_tree(struct dirlist *, struct sockaddr *);
188 static void usage(void);
189 int xdr_dir(XDR *, char *);
190 int xdr_explist(XDR *, caddr_t);
191 int xdr_explist_brief(XDR *, caddr_t);
192 int xdr_fhs(XDR *, caddr_t);
193 int xdr_mlist(XDR *, caddr_t);
196 struct exportlist *exphead;
197 struct mountlist *mlhead;
198 struct grouplist *grphead;
199 char exname[MAXPATHLEN];
200 struct ucred def_anon = {
207 int resvport_only = 1;
213 static int have_v6 = 1;
214 #ifdef NI_WITHSCOPEID
215 static const int ninumeric = NI_NUMERICHOST | NI_WITHSCOPEID;
217 static const int ninumeric = NI_NUMERICHOST;
220 struct pidfh *pfh = NULL;
221 /* Bits for the opt_flags above */
222 #define OP_MAPROOT 0x01
223 #define OP_MAPALL 0x02
227 #define OP_ALLDIRS 0x40
228 #define OP_HAVEMASK 0x80 /* A mask was specified or inferred. */
229 #define OP_QUIET 0x100
230 #define OP_MASKLEN 0x200
234 void SYSLOG(int, const char *, ...);
235 #define syslog SYSLOG
241 * Mountd server for NFS mount protocol as described in:
242 * NFS: Network File System Protocol Specification, RFC1094, Appendix A
243 * The optional arguments are the exports file name
244 * default: _PATH_EXPORTS
245 * and "-n" to allow nonroot mount.
248 main(int argc, char **argv)
251 SVCXPRT *udptransp, *tcptransp, *udp6transp, *tcp6transp;
252 struct netconfig *udpconf, *tcpconf, *udp6conf, *tcp6conf;
254 int udpsock, tcpsock, udp6sock, tcp6sock;
259 udp6conf = tcp6conf = NULL;
260 udp6sock = tcp6sock = 0;
262 /* Check that another mountd isn't already running. */
263 pfh = pidfile_open(_PATH_MOUNTDPID, 0600, &otherpid);
266 errx(1, "mountd already running, pid: %d.", otherpid);
267 warn("cannot open or create pidfile");
270 s = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
275 if (modfind("nfs") < 0) {
276 /* Not present in kernel, try loading it */
277 if (kldload("nfs") < 0 || modfind("nfs") < 0)
278 errx(1, "NFS server is not available or loadable");
281 while ((c = getopt(argc, argv, "2dlnr")) != -1) {
293 debug = debug ? 0 : 1;
304 signal(SIGINT, SIG_IGN);
305 signal(SIGQUIT, SIG_IGN);
313 strncpy(exname, *argv, MAXPATHLEN-1);
314 exname[MAXPATHLEN-1] = '\0';
316 strcpy(exname, _PATH_EXPORTS);
317 openlog("mountd", LOG_PID, LOG_DAEMON);
319 warnx("getting export list");
322 warnx("getting mount list");
326 signal(SIGHUP, huphandler);
327 signal(SIGTERM, terminate);
331 rpcb_unset(RPCPROG_MNT, RPCMNT_VER1, NULL);
332 rpcb_unset(RPCPROG_MNT, RPCMNT_VER3, NULL);
333 udpsock = socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
334 tcpsock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
335 udpconf = getnetconfigent("udp");
336 tcpconf = getnetconfigent("tcp");
339 udp6sock = socket(AF_INET6, SOCK_DGRAM, IPPROTO_UDP);
340 tcp6sock = socket(AF_INET6, SOCK_STREAM, IPPROTO_TCP);
342 * We're doing host-based access checks here, so don't allow
343 * v4-in-v6 to confuse things. The kernel will disable it
344 * by default on NFS sockets too.
346 if (udp6sock != -1 && setsockopt(udp6sock, IPPROTO_IPV6,
347 IPV6_V6ONLY, &one, sizeof one) < 0){
348 syslog(LOG_ERR, "can't disable v4-in-v6 on UDP socket");
351 if (tcp6sock != -1 && setsockopt(tcp6sock, IPPROTO_IPV6,
352 IPV6_V6ONLY, &one, sizeof one) < 0){
353 syslog(LOG_ERR, "can't disable v4-in-v6 on UDP socket");
356 udp6conf = getnetconfigent("udp6");
357 tcp6conf = getnetconfigent("tcp6");
360 if (!resvport_only) {
361 if (sysctlbyname("vfs.nfs.nfs_privport", NULL, NULL,
362 &resvport_only, sizeof(resvport_only)) != 0 &&
364 syslog(LOG_ERR, "sysctl: %m");
368 if (udpsock != -1 && udpconf != NULL) {
369 bindresvport(udpsock, NULL);
370 udptransp = svc_dg_create(udpsock, 0, 0);
371 if (udptransp != NULL) {
372 if (!svc_reg(udptransp, RPCPROG_MNT, RPCMNT_VER1,
374 syslog(LOG_WARNING, "can't register UDP RPCMNT_VER1 service");
378 if (!svc_reg(udptransp, RPCPROG_MNT, RPCMNT_VER3,
380 syslog(LOG_WARNING, "can't register UDP RPCMNT_VER3 service");
385 syslog(LOG_WARNING, "can't create UDP services");
388 if (tcpsock != -1 && tcpconf != NULL) {
389 bindresvport(tcpsock, NULL);
390 listen(tcpsock, SOMAXCONN);
391 tcptransp = svc_vc_create(tcpsock, 0, 0);
392 if (tcptransp != NULL) {
393 if (!svc_reg(tcptransp, RPCPROG_MNT, RPCMNT_VER1,
395 syslog(LOG_WARNING, "can't register TCP RPCMNT_VER1 service");
399 if (!svc_reg(tcptransp, RPCPROG_MNT, RPCMNT_VER3,
401 syslog(LOG_WARNING, "can't register TCP RPCMNT_VER3 service");
406 syslog(LOG_WARNING, "can't create TCP service");
409 if (have_v6 && udp6sock != -1 && udp6conf != NULL) {
410 bindresvport(udp6sock, NULL);
411 udp6transp = svc_dg_create(udp6sock, 0, 0);
412 if (udp6transp != NULL) {
413 if (!svc_reg(udp6transp, RPCPROG_MNT, RPCMNT_VER1,
415 syslog(LOG_WARNING, "can't register UDP6 RPCMNT_VER1 service");
419 if (!svc_reg(udp6transp, RPCPROG_MNT, RPCMNT_VER3,
421 syslog(LOG_WARNING, "can't register UDP6 RPCMNT_VER3 service");
426 syslog(LOG_WARNING, "can't create UDP6 service");
429 if (have_v6 && tcp6sock != -1 && tcp6conf != NULL) {
430 bindresvport(tcp6sock, NULL);
431 listen(tcp6sock, SOMAXCONN);
432 tcp6transp = svc_vc_create(tcp6sock, 0, 0);
433 if (tcp6transp != NULL) {
434 if (!svc_reg(tcp6transp, RPCPROG_MNT, RPCMNT_VER1,
436 syslog(LOG_WARNING, "can't register TCP6 RPCMNT_VER1 service");
440 if (!svc_reg(tcp6transp, RPCPROG_MNT, RPCMNT_VER3,
442 syslog(LOG_WARNING, "can't register TCP6 RPCMNT_VER3 service");
447 syslog(LOG_WARNING, "can't create TCP6 service");
451 syslog(LOG_ERR, "could not create any services");
455 /* Expand svc_run() here so that we can call get_exportlist(). */
462 switch (select(svc_maxfd + 1, &readfds, NULL, NULL, NULL)) {
466 syslog(LOG_ERR, "mountd died: select: %m");
471 svc_getreqset(&readfds);
480 "usage: mountd [-2] [-d] [-l] [-n] [-r] [export_file]\n");
485 * The mount rpc service
488 mntsrv(struct svc_req *rqstp, SVCXPRT *transp)
490 struct exportlist *ep;
495 char host[NI_MAXHOST], numerichost[NI_MAXHOST];
496 int lookup_failed = 1;
497 struct sockaddr *saddr;
499 char rpcpath[RPCMNT_PATHLEN + 1], dirpath[MAXPATHLEN];
500 int bad = 0, defset, hostset;
501 sigset_t sighup_mask;
503 sigemptyset(&sighup_mask);
504 sigaddset(&sighup_mask, SIGHUP);
505 saddr = svc_getrpccaller(transp)->buf;
506 switch (saddr->sa_family) {
508 sport = ntohs(((struct sockaddr_in6 *)saddr)->sin6_port);
511 sport = ntohs(((struct sockaddr_in *)saddr)->sin_port);
514 syslog(LOG_ERR, "request from unknown address family");
517 lookup_failed = getnameinfo(saddr, saddr->sa_len, host, sizeof host,
519 getnameinfo(saddr, saddr->sa_len, numerichost,
520 sizeof numerichost, NULL, 0, NI_NUMERICHOST);
521 switch (rqstp->rq_proc) {
523 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
524 syslog(LOG_ERR, "can't send reply");
527 if (sport >= IPPORT_RESERVED && resvport_only) {
529 "mount request from %s from unprivileged port",
531 svcerr_weakauth(transp);
534 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
535 syslog(LOG_NOTICE, "undecodable mount request from %s",
537 svcerr_decode(transp);
542 * Get the real pathname and make sure it is a directory
543 * or a regular file if the -r option was specified
546 if (realpath(rpcpath, dirpath) == NULL ||
547 stat(dirpath, &stb) < 0 ||
548 (!S_ISDIR(stb.st_mode) &&
549 (dir_only || !S_ISREG(stb.st_mode))) ||
550 statfs(dirpath, &fsb) < 0) {
551 chdir("/"); /* Just in case realpath doesn't */
553 "mount request from %s for non existent path %s",
554 numerichost, dirpath);
556 warnx("stat failed on %s", dirpath);
557 bad = ENOENT; /* We will send error reply later */
560 /* Check in the exports list */
561 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
562 ep = ex_search(&fsb.f_fsid);
563 hostset = defset = 0;
564 if (ep && (chk_host(ep->ex_defdir, saddr, &defset, &hostset) ||
565 ((dp = dirp_search(ep->ex_dirl, dirpath)) &&
566 chk_host(dp, saddr, &defset, &hostset)) ||
567 (defset && scan_tree(ep->ex_defdir, saddr) == 0 &&
568 scan_tree(ep->ex_dirl, saddr) == 0))) {
570 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
572 syslog(LOG_ERR, "can't send reply");
573 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
576 if (hostset & DP_HOSTSET)
577 fhr.fhr_flag = hostset;
579 fhr.fhr_flag = defset;
580 fhr.fhr_vers = rqstp->rq_vers;
581 /* Get the file handle */
582 memset(&fhr.fhr_fh, 0, sizeof(nfsfh_t));
583 if (getfh(dirpath, (fhandle_t *)&fhr.fhr_fh) < 0) {
585 syslog(LOG_ERR, "can't get fh for %s", dirpath);
586 if (!svc_sendreply(transp, (xdrproc_t)xdr_long,
588 syslog(LOG_ERR, "can't send reply");
589 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
592 if (!svc_sendreply(transp, (xdrproc_t)xdr_fhs, &fhr))
593 syslog(LOG_ERR, "can't send reply");
595 add_mlist(host, dirpath);
597 add_mlist(numerichost, dirpath);
599 warnx("mount successful");
602 "mount request succeeded from %s for %s",
603 numerichost, dirpath);
607 "mount request denied from %s for %s",
608 numerichost, dirpath);
611 if (bad && !svc_sendreply(transp, (xdrproc_t)xdr_long, &bad))
612 syslog(LOG_ERR, "can't send reply");
613 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
616 if (!svc_sendreply(transp, (xdrproc_t)xdr_mlist, NULL))
617 syslog(LOG_ERR, "can't send reply");
620 "dump request succeeded from %s",
624 if (sport >= IPPORT_RESERVED && resvport_only) {
626 "umount request from %s from unprivileged port",
628 svcerr_weakauth(transp);
631 if (!svc_getargs(transp, (xdrproc_t)xdr_dir, rpcpath)) {
632 syslog(LOG_NOTICE, "undecodable umount request from %s",
634 svcerr_decode(transp);
637 if (realpath(rpcpath, dirpath) == NULL) {
638 syslog(LOG_NOTICE, "umount request from %s "
639 "for non existent path %s",
640 numerichost, dirpath);
642 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
643 syslog(LOG_ERR, "can't send reply");
645 del_mlist(host, dirpath);
646 del_mlist(numerichost, dirpath);
649 "umount request succeeded from %s for %s",
650 numerichost, dirpath);
653 if (sport >= IPPORT_RESERVED && resvport_only) {
655 "umountall request from %s from unprivileged port",
657 svcerr_weakauth(transp);
660 if (!svc_sendreply(transp, (xdrproc_t)xdr_void, NULL))
661 syslog(LOG_ERR, "can't send reply");
663 del_mlist(host, NULL);
664 del_mlist(numerichost, NULL);
667 "umountall request succeeded from %s",
671 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist, NULL))
672 if (!svc_sendreply(transp, (xdrproc_t)xdr_explist_brief, NULL))
673 syslog(LOG_ERR, "can't send reply");
676 "export request succeeded from %s",
680 svcerr_noproc(transp);
686 * Xdr conversion for a dirpath string
689 xdr_dir(XDR *xdrsp, char *dirp)
691 return (xdr_string(xdrsp, &dirp, RPCMNT_PATHLEN));
695 * Xdr routine to generate file handle reply
698 xdr_fhs(XDR *xdrsp, caddr_t cp)
700 struct fhreturn *fhrp = (struct fhreturn *)cp;
701 u_long ok = 0, len, auth;
703 if (!xdr_long(xdrsp, &ok))
705 switch (fhrp->fhr_vers) {
707 return (xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, NFSX_V2FH));
710 if (!xdr_long(xdrsp, &len))
712 if (!xdr_opaque(xdrsp, (caddr_t)&fhrp->fhr_fh, len))
716 if (!xdr_long(xdrsp, &len))
718 return (xdr_long(xdrsp, &auth));
724 xdr_mlist(XDR *xdrsp, caddr_t cp)
726 struct mountlist *mlp;
733 if (!xdr_bool(xdrsp, &true))
735 strp = &mlp->ml_host[0];
736 if (!xdr_string(xdrsp, &strp, RPCMNT_NAMELEN))
738 strp = &mlp->ml_dirp[0];
739 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN))
743 if (!xdr_bool(xdrsp, &false))
749 * Xdr conversion for export list
752 xdr_explist_common(XDR *xdrsp, caddr_t cp, int brief)
754 struct exportlist *ep;
757 sigset_t sighup_mask;
759 sigemptyset(&sighup_mask);
760 sigaddset(&sighup_mask, SIGHUP);
761 sigprocmask(SIG_BLOCK, &sighup_mask, NULL);
765 if (put_exlist(ep->ex_dirl, xdrsp, ep->ex_defdir,
768 if (ep->ex_defdir && putdef == 0 &&
769 put_exlist(ep->ex_defdir, xdrsp, NULL,
774 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
775 if (!xdr_bool(xdrsp, &false))
779 sigprocmask(SIG_UNBLOCK, &sighup_mask, NULL);
784 * Called from xdr_explist() to traverse the tree and export the
788 put_exlist(struct dirlist *dp, XDR *xdrsp, struct dirlist *adp, int *putdefp, int brief)
790 struct grouplist *grp;
798 if (put_exlist(dp->dp_left, xdrsp, adp, putdefp, brief))
800 if (!xdr_bool(xdrsp, &true))
803 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN))
805 if (adp && !strcmp(dp->dp_dirp, adp->dp_dirp)) {
810 if (!xdr_bool(xdrsp, &true))
813 if (!xdr_string(xdrsp, &strp, RPCMNT_PATHLEN))
815 } else if ((dp->dp_flag & DP_DEFSET) == 0 &&
816 (gotalldir == 0 || (adp->dp_flag & DP_DEFSET) == 0)) {
820 if (grp->gr_type == GT_HOST) {
821 if (!xdr_bool(xdrsp, &true))
823 strp = grp->gr_ptr.gt_addrinfo->ai_canonname;
824 if (!xdr_string(xdrsp, &strp,
827 } else if (grp->gr_type == GT_NET) {
828 if (!xdr_bool(xdrsp, &true))
830 strp = grp->gr_ptr.gt_net.nt_name;
831 if (!xdr_string(xdrsp, &strp,
836 if (gotalldir && hp == NULL) {
842 if (!xdr_bool(xdrsp, &false))
844 if (put_exlist(dp->dp_right, xdrsp, adp, putdefp, brief))
851 xdr_explist(xdrsp, cp)
856 return xdr_explist_common(xdrsp, cp, 0);
860 xdr_explist_brief(xdrsp, cp)
865 return xdr_explist_common(xdrsp, cp, 1);
873 * Get the export list
878 struct exportlist *ep, *ep2;
879 struct grouplist *grp, *tgrp;
880 struct exportlist **epp;
881 struct dirlist *dirhead;
882 struct statfs fsb, *fsp;
884 char *cp, *endcp, *dirp, *hst, *usr, *dom, savedc;
885 int len, has_host, exflags, got_nondir, dirplen, num, i, netgrp;
891 * First, get rid of the old list
910 * And delete exports that are in the kernel for all local
912 * XXX: Should know how to handle all local exportable filesystems
913 * instead of just "ufs".
915 num = getmntinfo(&fsp, MNT_NOWAIT);
916 for (i = 0; i < num; i++) {
921 struct msdosfs_args da;
924 struct export_args export;
926 export.ex_flags = MNT_DELEXPORT;
927 if (mountctl(fsp->f_mntonname, MOUNTCTL_SET_EXPORT, -1,
928 &export, sizeof(export), NULL, 0) == 0) {
929 } else if (!strcmp(fsp->f_fstypename, "mfs") ||
930 !strcmp(fsp->f_fstypename, "ufs") ||
931 !strcmp(fsp->f_fstypename, "msdos") ||
932 !strcmp(fsp->f_fstypename, "ntfs") ||
933 !strcmp(fsp->f_fstypename, "cd9660")) {
934 targs.ua.fspec = NULL;
935 targs.ua.export.ex_flags = MNT_DELEXPORT;
936 if (mount(fsp->f_fstypename, fsp->f_mntonname,
937 fsp->f_flags | MNT_UPDATE,
938 (caddr_t)&targs) < 0)
939 syslog(LOG_ERR, "can't delete exports for %s",
946 * Read in the exports file and build the list, calling
947 * mount() as we go along to push the export rules into the kernel.
949 if ((exp_file = fopen(exname, "r")) == NULL) {
950 syslog(LOG_ERR, "can't open %s", exname);
956 warnx("got line %s", line);
958 nextfield(&cp, &endcp);
967 exflags = MNT_EXPORTED;
973 * Create new exports list entry
976 tgrp = grp = get_grp();
978 if (len > RPCMNT_NAMELEN) {
979 getexp_err(ep, tgrp);
984 getexp_err(ep, tgrp);
988 warnx("doing opt %s", cp);
990 if (do_opt(&cp, &endcp, ep, grp, &has_host,
992 getexp_err(ep, tgrp);
995 } else if (*cp == '/') {
998 if (check_dirpath(cp) &&
999 statfs(cp, &fsb) >= 0) {
1001 syslog(LOG_ERR, "dirs must be first");
1002 getexp_err(ep, tgrp);
1006 if (ep->ex_fs.val[0] != fsb.f_fsid.val[0] ||
1007 ep->ex_fs.val[1] != fsb.f_fsid.val[1]) {
1008 getexp_err(ep, tgrp);
1013 * See if this directory is already
1016 ep = ex_search(&fsb.f_fsid);
1019 ep->ex_fs = fsb.f_fsid;
1020 ep->ex_fsdir = (char *)
1021 malloc(strlen(fsb.f_mntonname) + 1);
1023 strcpy(ep->ex_fsdir,
1028 warnx("making new ep fs=0x%x,0x%x",
1032 warnx("found ep fs=0x%x,0x%x",
1038 * Add dirpath to export mount point.
1040 dirp = add_expdir(&dirhead, cp, len);
1043 getexp_err(ep, tgrp);
1052 getexp_err(ep, tgrp);
1057 * Get the host or netgroup.
1060 netgrp = getnetgrent(&hst, &usr, &dom);
1063 grp->gr_next = get_grp();
1069 "null hostname in netgroup %s, skipping", cp);
1070 grp->gr_type = GT_IGNORE;
1071 } else if (get_host(hst, grp, tgrp)) {
1073 "bad host %s in netgroup %s, skipping", hst, cp);
1074 grp->gr_type = GT_IGNORE;
1076 } else if (get_host(cp, grp, tgrp)) {
1077 syslog(LOG_ERR, "bad host %s, skipping", cp);
1078 grp->gr_type = GT_IGNORE;
1081 } while (netgrp && getnetgrent(&hst, &usr, &dom));
1086 nextfield(&cp, &endcp);
1089 if (check_options(dirhead)) {
1090 getexp_err(ep, tgrp);
1094 grp->gr_type = GT_DEFAULT;
1096 warnx("adding a default entry");
1099 * Don't allow a network export coincide with a list of
1100 * host(s) on the same line.
1102 } else if ((opt_flags & OP_NET) && tgrp->gr_next) {
1103 syslog(LOG_ERR, "network/host conflict");
1104 getexp_err(ep, tgrp);
1108 * If an export list was specified on this line, make sure
1109 * that we have at least one valid entry, otherwise skip it.
1113 while (grp && grp->gr_type == GT_IGNORE)
1116 getexp_err(ep, tgrp);
1122 * Loop through hosts, pushing the exports into the kernel.
1123 * After loop, tgrp points to the start of the list and
1124 * grp points to the last entry in the list.
1128 if (do_mount(ep, grp, exflags, &anon, dirp, dirplen,
1130 getexp_err(ep, tgrp);
1133 } while (grp->gr_next && (grp = grp->gr_next));
1136 * Success. Update the data structures.
1139 hang_dirp(dirhead, tgrp, ep, opt_flags);
1140 grp->gr_next = grphead;
1143 hang_dirp(dirhead, NULL, ep,
1148 if ((ep->ex_flag & EX_LINKED) == 0) {
1153 * Insert in the list in alphabetical order.
1155 while (ep2 && strcmp(ep2->ex_fsdir, ep->ex_fsdir) < 0) {
1156 epp = &ep2->ex_next;
1162 ep->ex_flag |= EX_LINKED;
1174 * Allocate an export list element
1179 struct exportlist *ep;
1181 ep = (struct exportlist *)malloc(sizeof (struct exportlist));
1184 memset(ep, 0, sizeof(struct exportlist));
1189 * Allocate a group list element
1194 struct grouplist *gp;
1196 gp = (struct grouplist *)malloc(sizeof (struct grouplist));
1199 memset(gp, 0, sizeof(struct grouplist));
1204 * Clean up upon an error in get_exportlist().
1207 getexp_err(struct exportlist *ep, struct grouplist *grp)
1209 struct grouplist *tgrp;
1211 if (!(opt_flags & OP_QUIET))
1212 syslog(LOG_ERR, "bad exports list line %s", line);
1213 if (ep && (ep->ex_flag & EX_LINKED) == 0)
1223 * Search the export list for a matching fs.
1226 ex_search(fsid_t *fsid)
1228 struct exportlist *ep;
1232 if (ep->ex_fs.val[0] == fsid->val[0] &&
1233 ep->ex_fs.val[1] == fsid->val[1])
1241 * Add a directory path to the list.
1244 add_expdir(struct dirlist **dpp, char *cp, int len)
1248 dp = (struct dirlist *)malloc(sizeof (struct dirlist) + len);
1252 dp->dp_right = NULL;
1254 dp->dp_hosts = NULL;
1255 strcpy(dp->dp_dirp, cp);
1257 return (dp->dp_dirp);
1261 * Hang the dir list element off the dirpath binary tree as required
1262 * and update the entry for host.
1265 hang_dirp(struct dirlist *dp, struct grouplist *grp, struct exportlist *ep,
1268 struct hostlist *hp;
1269 struct dirlist *dp2;
1271 if (flags & OP_ALLDIRS) {
1277 ep->ex_defdir->dp_flag |= DP_DEFSET;
1278 } else while (grp) {
1281 hp->ht_next = ep->ex_defdir->dp_hosts;
1282 ep->ex_defdir->dp_hosts = hp;
1288 * Loop through the directories adding them to the tree.
1292 add_dlist(&ep->ex_dirl, dp, grp, flags);
1299 * Traverse the binary tree either updating a node that is already there
1300 * for the new directory or adding the new node.
1303 add_dlist(struct dirlist **dpp, struct dirlist *newdp, struct grouplist *grp,
1307 struct hostlist *hp;
1312 cmp = strcmp(dp->dp_dirp, newdp->dp_dirp);
1314 add_dlist(&dp->dp_left, newdp, grp, flags);
1316 } else if (cmp < 0) {
1317 add_dlist(&dp->dp_right, newdp, grp, flags);
1320 free((caddr_t)newdp);
1329 * Hang all of the host(s) off of the directory point.
1334 hp->ht_next = dp->dp_hosts;
1339 dp->dp_flag |= DP_DEFSET;
1344 * Search for a dirpath on the export point.
1347 dirp_search(struct dirlist *dp, char *dirp)
1352 cmp = strcmp(dp->dp_dirp, dirp);
1354 return (dirp_search(dp->dp_left, dirp));
1356 return (dirp_search(dp->dp_right, dirp));
1364 * Scan for a host match in a directory tree.
1367 chk_host(struct dirlist *dp, struct sockaddr *saddr, int *defsetp,
1370 struct hostlist *hp;
1371 struct grouplist *grp;
1372 struct addrinfo *ai;
1375 if (dp->dp_flag & DP_DEFSET)
1376 *defsetp = dp->dp_flag;
1380 switch (grp->gr_type) {
1382 ai = grp->gr_ptr.gt_addrinfo;
1383 for (; ai; ai = ai->ai_next) {
1384 if (!sacmp(ai->ai_addr, saddr, NULL)) {
1386 (hp->ht_flag | DP_HOSTSET);
1392 if (!sacmp(saddr, (struct sockaddr *)
1393 &grp->gr_ptr.gt_net.nt_net,
1395 &grp->gr_ptr.gt_net.nt_mask)) {
1396 *hostsetp = (hp->ht_flag | DP_HOSTSET);
1408 * Scan tree for a host that matches the address.
1411 scan_tree(struct dirlist *dp, struct sockaddr *saddr)
1413 int defset, hostset;
1416 if (scan_tree(dp->dp_left, saddr))
1418 if (chk_host(dp, saddr, &defset, &hostset))
1420 if (scan_tree(dp->dp_right, saddr))
1427 * Traverse the dirlist tree and free it up.
1430 free_dir(struct dirlist *dp)
1434 free_dir(dp->dp_left);
1435 free_dir(dp->dp_right);
1436 free_host(dp->dp_hosts);
1442 * Parse the option string and update fields.
1443 * Option arguments may either be -<option>=<value> or
1447 do_opt(char **cpp, char **endcpp, struct exportlist *ep, struct grouplist *grp,
1448 int *has_hostp, int *exflagsp, struct ucred *cr)
1450 char *cpoptarg, *cpoptend;
1451 char *cp, *endcp, *cpopt, savedc, savedc2;
1452 int allflag, usedarg;
1460 while (cpopt && *cpopt) {
1463 if ((cpoptend = strchr(cpopt, ','))) {
1465 if ((cpoptarg = strchr(cpopt, '=')))
1468 if ((cpoptarg = strchr(cpopt, '=')))
1472 nextfield(&cp, &endcp);
1474 if (endcp > cp && *cp != '-') {
1482 if (!strcmp(cpopt, "ro") || !strcmp(cpopt, "o")) {
1483 *exflagsp |= MNT_EXRDONLY;
1484 } else if (cpoptarg && (!strcmp(cpopt, "maproot") ||
1485 !(allflag = strcmp(cpopt, "mapall")) ||
1486 !strcmp(cpopt, "root") || !strcmp(cpopt, "r"))) {
1488 parsecred(cpoptarg, cr);
1490 *exflagsp |= MNT_EXPORTANON;
1491 opt_flags |= OP_MAPALL;
1493 opt_flags |= OP_MAPROOT;
1494 } else if (cpoptarg && (!strcmp(cpopt, "mask") ||
1495 !strcmp(cpopt, "m"))) {
1496 if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 1)) {
1497 syslog(LOG_ERR, "bad mask: %s", cpoptarg);
1501 opt_flags |= OP_MASK;
1502 } else if (cpoptarg && (!strcmp(cpopt, "network") ||
1503 !strcmp(cpopt, "n"))) {
1504 if (strchr(cpoptarg, '/') != NULL) {
1506 fprintf(stderr, "setting OP_MASKLEN\n");
1507 opt_flags |= OP_MASKLEN;
1509 if (grp->gr_type != GT_NULL) {
1510 syslog(LOG_ERR, "network/host conflict");
1512 } else if (get_net(cpoptarg, &grp->gr_ptr.gt_net, 0)) {
1513 syslog(LOG_ERR, "bad net: %s", cpoptarg);
1516 grp->gr_type = GT_NET;
1519 opt_flags |= OP_NET;
1520 } else if (!strcmp(cpopt, "alldirs")) {
1521 opt_flags |= OP_ALLDIRS;
1522 } else if (!strcmp(cpopt, "public")) {
1523 *exflagsp |= MNT_EXPUBLIC;
1524 } else if (!strcmp(cpopt, "webnfs")) {
1525 *exflagsp |= (MNT_EXPUBLIC|MNT_EXRDONLY|MNT_EXPORTANON);
1526 opt_flags |= OP_MAPALL;
1527 } else if (cpoptarg && !strcmp(cpopt, "index")) {
1528 ep->ex_indexfile = strdup(cpoptarg);
1529 } else if (!strcmp(cpopt, "quiet")) {
1530 opt_flags |= OP_QUIET;
1532 syslog(LOG_ERR, "bad opt %s", cpopt);
1551 * Translate a character string to the corresponding list of network
1552 * addresses for a hostname.
1555 get_host(char *cp, struct grouplist *grp, struct grouplist *tgrp)
1557 struct grouplist *checkgrp;
1558 struct addrinfo *ai, *tai, hints;
1560 char host[NI_MAXHOST];
1562 if (grp->gr_type != GT_NULL) {
1563 syslog(LOG_ERR, "Bad netgroup type for ip host %s", cp);
1566 memset(&hints, 0, sizeof hints);
1567 hints.ai_flags = AI_CANONNAME;
1568 hints.ai_protocol = IPPROTO_UDP;
1569 ecode = getaddrinfo(cp, NULL, &hints, &ai);
1571 syslog(LOG_ERR,"can't get address info for host %s", cp);
1574 grp->gr_ptr.gt_addrinfo = ai;
1575 while (ai != NULL) {
1576 if (ai->ai_canonname == NULL) {
1577 if (getnameinfo(ai->ai_addr, ai->ai_addrlen, host,
1578 sizeof host, NULL, 0, ninumeric) != 0)
1579 strlcpy(host, "?", sizeof(host));
1580 ai->ai_canonname = strdup(host);
1581 ai->ai_flags |= AI_CANONNAME;
1584 fprintf(stderr, "got host %s\n", ai->ai_canonname);
1586 * Sanity check: make sure we don't already have an entry
1587 * for this host in the grouplist.
1589 for (checkgrp = tgrp; checkgrp != NULL;
1590 checkgrp = checkgrp->gr_next) {
1591 if (checkgrp->gr_type != GT_HOST)
1593 for (tai = checkgrp->gr_ptr.gt_addrinfo; tai != NULL;
1594 tai = tai->ai_next) {
1595 if (sacmp(tai->ai_addr, ai->ai_addr, NULL) != 0)
1599 "ignoring duplicate host %s\n",
1601 grp->gr_type = GT_IGNORE;
1607 grp->gr_type = GT_HOST;
1612 * Free up an exports list component
1615 free_exp(struct exportlist *ep)
1618 if (ep->ex_defdir) {
1619 free_host(ep->ex_defdir->dp_hosts);
1620 free((caddr_t)ep->ex_defdir);
1624 if (ep->ex_indexfile)
1625 free(ep->ex_indexfile);
1626 free_dir(ep->ex_dirl);
1634 free_host(struct hostlist *hp)
1636 struct hostlist *hp2;
1648 struct hostlist *hp;
1650 hp = (struct hostlist *)malloc(sizeof (struct hostlist));
1659 * Out of memory, fatal
1665 syslog(LOG_ERR, "out of memory");
1670 * Do the mount syscall with the update flag to push the export info into
1674 do_mount(struct exportlist *ep, struct grouplist *grp, int exflags,
1675 struct ucred *anoncrp, char *dirp, int dirplen, struct statfs *fsb)
1678 struct addrinfo *ai;
1679 struct export_args *eap;
1687 struct msdosfs_args da;
1688 struct ntfs_args na;
1691 bzero(&args, sizeof args);
1692 /* XXX, we assume that all xx_args look like ufs_args. */
1694 eap = &args.ua.export;
1696 eap->ex_flags = exflags;
1697 eap->ex_anon = *anoncrp;
1698 eap->ex_indexfile = ep->ex_indexfile;
1699 if (grp->gr_type == GT_HOST)
1700 ai = grp->gr_ptr.gt_addrinfo;
1705 switch (grp->gr_type) {
1707 if (ai->ai_addr->sa_family == AF_INET6 && have_v6 == 0)
1709 eap->ex_addr = ai->ai_addr;
1710 eap->ex_addrlen = ai->ai_addrlen;
1711 eap->ex_masklen = 0;
1714 if (grp->gr_ptr.gt_net.nt_net.ss_family == AF_INET6 &&
1718 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_net;
1719 eap->ex_addrlen = args.ua.export.ex_addr->sa_len;
1721 (struct sockaddr *)&grp->gr_ptr.gt_net.nt_mask;
1722 eap->ex_masklen = args.ua.export.ex_mask->sa_len;
1725 eap->ex_addr = NULL;
1726 eap->ex_addrlen = 0;
1727 eap->ex_mask = NULL;
1728 eap->ex_masklen = 0;
1734 syslog(LOG_ERR, "bad grouptype");
1742 * Maybe I should just use the fsb->f_mntonname path instead
1743 * of looping back up the dirp to the mount point??
1744 * Also, needs to know how to export all types of local
1745 * exportable filesystems and not just "ufs".
1750 r = mountctl(fsb->f_mntonname, MOUNTCTL_SET_EXPORT,
1752 &args.ua.export, sizeof(args.ua.export),
1754 if (r < 0 && errno == EOPNOTSUPP) {
1755 r = mount(fsb->f_fstypename, dirp,
1756 fsb->f_flags | MNT_UPDATE,
1764 cp = dirp + dirplen - 1;
1765 if (opt_flags & OP_QUIET)
1767 if (errno == EPERM) {
1769 warnx("can't change attributes for %s",
1772 "can't change attributes for %s", dirp);
1775 if (opt_flags & OP_ALLDIRS) {
1776 if (errno == EINVAL)
1778 "-alldirs requested but %s is not a filesystem mountpoint",
1782 "could not remount %s: %m",
1786 /* back up over the last component */
1787 while (*cp == '/' && cp > dirp)
1789 while (*(cp - 1) != '/' && cp > dirp)
1793 warnx("mnt unsucc");
1794 syslog(LOG_ERR, "can't export %s", dirp);
1799 /* Check that we're still on the same filesystem. */
1800 if (statfs(dirp, &fsb1) != 0 || bcmp(&fsb1.f_fsid,
1801 &fsb->f_fsid, sizeof(fsb1.f_fsid)) != 0) {
1803 syslog(LOG_ERR, "can't export %s", dirp);
1819 * Translate a net address.
1821 * If `maskflg' is nonzero, then `cp' is a netmask, not a network address.
1824 get_net(char *cp, struct netmsk *net, int maskflg)
1826 struct netent *np = NULL;
1827 char *name, *p, *prefp;
1828 struct sockaddr_in sin;
1829 struct sockaddr *sa = NULL;
1830 struct addrinfo hints, *ai = NULL;
1831 char netname[NI_MAXHOST];
1835 if ((opt_flags & OP_MASKLEN) && !maskflg) {
1836 p = strchr(cp, '/');
1842 * Check for a numeric address first. We wish to avoid
1843 * possible DNS lookups in getnetbyname().
1845 if (isxdigit(*cp) || *cp == ':') {
1846 memset(&hints, 0, sizeof hints);
1847 /* Ensure the mask and the network have the same family. */
1848 if (maskflg && (opt_flags & OP_NET))
1849 hints.ai_family = net->nt_net.ss_family;
1850 else if (!maskflg && (opt_flags & OP_HAVEMASK))
1851 hints.ai_family = net->nt_mask.ss_family;
1853 hints.ai_family = AF_UNSPEC;
1854 hints.ai_flags = AI_NUMERICHOST;
1855 if (getaddrinfo(cp, NULL, &hints, &ai) == 0)
1857 if (sa != NULL && ai->ai_family == AF_INET) {
1859 * The address in `cp' is really a network address, so
1860 * use inet_network() to re-interpret this correctly.
1861 * e.g. "127.1" means 127.1.0.0, not 127.0.0.1.
1863 bzero(&sin, sizeof sin);
1864 sin.sin_family = AF_INET;
1865 sin.sin_len = sizeof sin;
1866 sin.sin_addr = inet_makeaddr(inet_network(cp), 0);
1868 fprintf(stderr, "get_net: v4 addr %s\n",
1869 inet_ntoa(sin.sin_addr));
1870 sa = (struct sockaddr *)&sin;
1873 if (sa == NULL && (np = getnetbyname(cp)) != NULL) {
1874 bzero(&sin, sizeof sin);
1875 sin.sin_family = AF_INET;
1876 sin.sin_len = sizeof sin;
1877 sin.sin_addr = inet_makeaddr(np->n_net, 0);
1878 sa = (struct sockaddr *)&sin;
1884 /* The specified sockaddr is a mask. */
1885 if (checkmask(sa) != 0)
1887 bcopy(sa, &net->nt_mask, sa->sa_len);
1888 opt_flags |= OP_HAVEMASK;
1890 /* The specified sockaddr is a network address. */
1891 bcopy(sa, &net->nt_net, sa->sa_len);
1893 /* Get a network name for the export list. */
1896 } else if (getnameinfo(sa, sa->sa_len, netname, sizeof netname,
1897 NULL, 0, ninumeric) == 0) {
1902 if ((net->nt_name = strdup(name)) == NULL)
1906 * Extract a mask from either a "/<masklen>" suffix, or
1907 * from the class of an IPv4 address.
1909 if (opt_flags & OP_MASKLEN) {
1910 preflen = strtol(prefp, NULL, 10);
1911 if (preflen < 0L || preflen == LONG_MAX)
1913 bcopy(sa, &net->nt_mask, sa->sa_len);
1914 if (makemask(&net->nt_mask, (int)preflen) != 0)
1916 opt_flags |= OP_HAVEMASK;
1918 } else if (sa->sa_family == AF_INET &&
1919 (opt_flags & OP_MASK) == 0) {
1922 addr = ((struct sockaddr_in *)sa)->sin_addr.s_addr;
1923 if (IN_CLASSA(addr))
1925 else if (IN_CLASSB(addr))
1927 else if (IN_CLASSC(addr))
1929 else if (IN_CLASSD(addr))
1932 preflen = 32; /* XXX */
1934 bcopy(sa, &net->nt_mask, sa->sa_len);
1935 makemask(&net->nt_mask, (int)preflen);
1936 opt_flags |= OP_HAVEMASK;
1951 * Parse out the next white space separated field
1954 nextfield(char **cp, char **endcp)
1959 while (*p == ' ' || *p == '\t')
1961 if (*p == '\n' || *p == '\0')
1965 while (*p != ' ' && *p != '\t' && *p != '\n' && *p != '\0')
1972 * Get an exports file line. Skip over blank lines and handle line
1980 int totlen, cont_line;
1983 * Loop around ignoring blank lines and getting all continuation lines.
1988 if ((p = fgetln(exp_file, &len)) == NULL)
1993 (*cp == ' ' || *cp == '\t' || *cp == '\n' || *cp == '\\')) {
2003 if (linesize < len + totlen + 1) {
2004 linesize = len + totlen + 1;
2005 line = realloc(line, linesize);
2009 memcpy(line + totlen, p, len);
2011 line[totlen] = '\0';
2012 } while (totlen == 0 || cont_line);
2017 * Parse a description of a credential.
2020 parsecred(char *namelist, struct ucred *cr)
2027 int ngroups, groups[NGROUPS + 1];
2030 * Set up the unprivileged user.
2034 cr->cr_groups[0] = -2;
2037 * Get the user's password table entry.
2039 names = strsep(&namelist, " \t\n");
2040 name = strsep(&names, ":");
2041 if (isdigit(*name) || *name == '-')
2042 pw = getpwuid(atoi(name));
2044 pw = getpwnam(name);
2046 * Credentials specified as those of a user.
2048 if (names == NULL) {
2050 syslog(LOG_ERR, "unknown user: %s", name);
2053 cr->cr_uid = pw->pw_uid;
2054 ngroups = NGROUPS + 1;
2055 if (getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups))
2056 syslog(LOG_ERR, "too many groups");
2058 * Convert from int's to gid_t's and compress out duplicate
2060 cr->cr_ngroups = ngroups - 1;
2061 cr->cr_groups[0] = groups[0];
2062 for (cnt = 2; cnt < ngroups; cnt++)
2063 cr->cr_groups[cnt - 1] = groups[cnt];
2067 * Explicit credential specified as a colon separated list:
2071 cr->cr_uid = pw->pw_uid;
2072 else if (isdigit(*name) || *name == '-')
2073 cr->cr_uid = atoi(name);
2075 syslog(LOG_ERR, "unknown user: %s", name);
2079 while (names != NULL && *names != '\0' && cr->cr_ngroups < NGROUPS) {
2080 name = strsep(&names, ":");
2081 if (isdigit(*name) || *name == '-') {
2082 cr->cr_groups[cr->cr_ngroups++] = atoi(name);
2084 if ((gr = getgrnam(name)) == NULL) {
2085 syslog(LOG_ERR, "unknown group: %s", name);
2088 cr->cr_groups[cr->cr_ngroups++] = gr->gr_gid;
2091 if (names != NULL && *names != '\0' && cr->cr_ngroups == NGROUPS)
2092 syslog(LOG_ERR, "too many groups");
2095 #define STRSIZ (RPCMNT_NAMELEN+RPCMNT_PATHLEN+50)
2097 * Routines that maintain the remote mounttab
2102 struct mountlist *mlp, **mlpp;
2103 char *host, *dirp, *cp;
2107 if ((mlfile = fopen(_PATH_RMOUNTLIST, "r")) == NULL) {
2108 if (errno == ENOENT)
2111 syslog(LOG_ERR, "can't open %s", _PATH_RMOUNTLIST);
2116 while (fgets(str, STRSIZ, mlfile) != NULL) {
2118 host = strsep(&cp, " \t\n");
2119 dirp = strsep(&cp, " \t\n");
2120 if (host == NULL || dirp == NULL)
2122 mlp = (struct mountlist *)malloc(sizeof (*mlp));
2125 strncpy(mlp->ml_host, host, RPCMNT_NAMELEN);
2126 mlp->ml_host[RPCMNT_NAMELEN] = '\0';
2127 strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN);
2128 mlp->ml_dirp[RPCMNT_PATHLEN] = '\0';
2129 mlp->ml_next = NULL;
2131 mlpp = &mlp->ml_next;
2137 del_mlist(char *hostp, char *dirp)
2139 struct mountlist *mlp, **mlpp;
2140 struct mountlist *mlp2;
2147 if (!strcmp(mlp->ml_host, hostp) &&
2148 (!dirp || !strcmp(mlp->ml_dirp, dirp))) {
2151 *mlpp = mlp = mlp->ml_next;
2152 free((caddr_t)mlp2);
2154 mlpp = &mlp->ml_next;
2159 if ((mlfile = fopen(_PATH_RMOUNTLIST, "w")) == NULL) {
2160 syslog(LOG_ERR,"can't update %s", _PATH_RMOUNTLIST);
2165 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
2173 add_mlist(char *hostp, char *dirp)
2175 struct mountlist *mlp, **mlpp;
2181 if (!strcmp(mlp->ml_host, hostp) && !strcmp(mlp->ml_dirp, dirp))
2183 mlpp = &mlp->ml_next;
2186 mlp = (struct mountlist *)malloc(sizeof (*mlp));
2189 strncpy(mlp->ml_host, hostp, RPCMNT_NAMELEN);
2190 mlp->ml_host[RPCMNT_NAMELEN] = '\0';
2191 strncpy(mlp->ml_dirp, dirp, RPCMNT_PATHLEN);
2192 mlp->ml_dirp[RPCMNT_PATHLEN] = '\0';
2193 mlp->ml_next = NULL;
2195 if ((mlfile = fopen(_PATH_RMOUNTLIST, "a")) == NULL) {
2196 syslog(LOG_ERR, "can't update %s", _PATH_RMOUNTLIST);
2199 fprintf(mlfile, "%s %s\n", mlp->ml_host, mlp->ml_dirp);
2204 * Free up a group list.
2207 free_grp(struct grouplist *grp)
2209 if (grp->gr_type == GT_HOST) {
2210 if (grp->gr_ptr.gt_addrinfo != NULL)
2211 freeaddrinfo(grp->gr_ptr.gt_addrinfo);
2212 } else if (grp->gr_type == GT_NET) {
2213 if (grp->gr_ptr.gt_net.nt_name)
2214 free(grp->gr_ptr.gt_net.nt_name);
2221 SYSLOG(int pri, const char *fmt, ...)
2226 vfprintf(stderr, fmt, ap);
2232 * Check options for consistency.
2235 check_options(struct dirlist *dp)
2240 if ((opt_flags & (OP_MAPROOT | OP_MAPALL)) == (OP_MAPROOT | OP_MAPALL)) {
2241 syslog(LOG_ERR, "-mapall and -maproot mutually exclusive");
2244 if ((opt_flags & OP_MASK) && (opt_flags & OP_NET) == 0) {
2245 syslog(LOG_ERR, "-mask requires -network");
2248 if ((opt_flags & OP_NET) && (opt_flags & OP_HAVEMASK) == 0) {
2249 syslog(LOG_ERR, "-network requires mask specification");
2252 if ((opt_flags & OP_MASK) && (opt_flags & OP_MASKLEN)) {
2253 syslog(LOG_ERR, "-mask and /masklen are mutually exclusive");
2256 if ((opt_flags & OP_ALLDIRS) && dp->dp_left) {
2257 syslog(LOG_ERR, "-alldirs has multiple directories");
2264 * Check an absolute directory path for any symbolic links. Return true
2267 check_dirpath(char *dirp)
2274 while (*cp && ret) {
2277 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
2283 if (lstat(dirp, &sb) < 0 || !S_ISDIR(sb.st_mode))
2289 * Make a netmask according to the specified prefix length. The ss_family
2290 * and other non-address fields must be initialised before calling this.
2293 makemask(struct sockaddr_storage *ssp, int bitlen)
2298 if ((p = sa_rawaddr((struct sockaddr *)ssp, &len)) == NULL)
2300 if (bitlen > len * NBBY)
2302 for (i = 0; i < len; i++) {
2303 bits = (bitlen > NBBY) ? NBBY : bitlen;
2304 *p++ = (1 << bits) - 1;
2311 * Check that the sockaddr is a valid netmask. Returns 0 if the mask
2312 * is acceptable (i.e. of the form 1...10....0).
2315 checkmask(struct sockaddr *sa)
2320 if ((mask = sa_rawaddr(sa, &len)) == NULL)
2323 for (i = 0; i < len; i++)
2324 if (mask[i] != 0xff)
2327 if (~mask[i] & (u_char)(~mask[i] + 1))
2331 for (; i < len; i++)
2338 * Compare two sockaddrs according to a specified mask. Return zero if
2339 * `sa1' matches `sa2' when filtered by the netmask in `samask'.
2340 * If samask is NULL, perform a full comparision.
2343 sacmp(struct sockaddr *sa1, struct sockaddr *sa2, struct sockaddr *samask)
2345 unsigned char *p1, *p2, *mask;
2348 if (sa1->sa_family != sa2->sa_family ||
2349 (p1 = sa_rawaddr(sa1, &len)) == NULL ||
2350 (p2 = sa_rawaddr(sa2, NULL)) == NULL)
2353 switch (sa1->sa_family) {
2355 if (((struct sockaddr_in6 *)sa1)->sin6_scope_id !=
2356 ((struct sockaddr_in6 *)sa2)->sin6_scope_id)
2361 /* Simple binary comparison if no mask specified. */
2363 return (memcmp(p1, p2, len));
2365 /* Set up the mask, and do a mask-based comparison. */
2366 if (sa1->sa_family != samask->sa_family ||
2367 (mask = sa_rawaddr(samask, NULL)) == NULL)
2370 for (i = 0; i < len; i++)
2371 if ((p1[i] & mask[i]) != (p2[i] & mask[i]))
2377 * Return a pointer to the part of the sockaddr that contains the
2378 * raw address, and set *nbytes to its length in bytes. Returns
2379 * NULL if the address family is unknown.
2382 sa_rawaddr(struct sockaddr *sa, int *nbytes) {
2386 switch (sa->sa_family) {
2388 len = sizeof(((struct sockaddr_in *)sa)->sin_addr);
2389 p = &((struct sockaddr_in *)sa)->sin_addr;
2392 len = sizeof(((struct sockaddr_in6 *)sa)->sin6_addr);
2393 p = &((struct sockaddr_in6 *)sa)->sin6_addr;
2411 void terminate(int sig)
2413 pidfile_remove(pfh);
2414 rpcb_unset(RPCPROG_MNT, RPCMNT_VER1, NULL);
2415 rpcb_unset(RPCPROG_MNT, RPCMNT_VER3, NULL);