2 * Copyright (c) 1997-1999 Erez Zadok
3 * Copyright (c) 1989 Jan-Simon Pendry
4 * Copyright (c) 1989 Imperial College of Science, Technology & Medicine
5 * Copyright (c) 1989 The Regents of the University of California.
8 * This code is derived from software contributed to Berkeley by
9 * Jan-Simon Pendry at Imperial College, London.
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. All advertising materials mentioning features or use of this software
20 * must display the following acknowledgment:
21 * This product includes software developed by the University of
22 * California, Berkeley and its contributors.
23 * 4. Neither the name of the University nor the names of its contributors
24 * may be used to endorse or promote products derived from this software
25 * without specific prior written permission.
27 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
28 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
30 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
31 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
41 * $Id: homedir.c,v 1.4 1999/01/13 23:31:19 ezk Exp $
42 * $FreeBSD: src/contrib/amd/hlfsd/homedir.c,v 1.4 1999/09/15 05:45:15 obrien Exp $
43 * $DragonFly: src/contrib/amd/hlfsd/homedir.c,v 1.2 2003/06/17 04:23:57 dillon Exp $
45 * HLFSD was written at Columbia University Computer Science Department, by
46 * Erez Zadok <ezk@cs.columbia.edu> and Alexander Dupuy <dupuy@cs.columbia.edu>
47 * It is being distributed under the same terms and conditions as amd does.
52 #endif /* HAVE_CONFIG_H */
58 * STATIC VARIABLES AND FUNCTIONS:
60 static FILE *passwd_fp = NULL;
61 static char pw_name[16], pw_dir[128];
62 static int cur_pwtab_num = 0, max_pwtab_num = 0;
63 static int hlfsd_diskspace(char *);
64 static int hlfsd_stat(char *, struct stat *);
65 static int passwd_line = 0;
66 static int plt_reset(void);
67 static struct passwd passwd_ent;
68 static uid2home_t *lastchild;
69 static uid2home_t *pwtab;
70 static void delay(uid2home_t *, int);
71 static void table_add(int, const char *, const char *);
73 /* GLOBAL FUNCTIONS */
74 char *homeof(char *username);
75 int uidof(char *username);
77 /* GLOBALS VARIABLES */
78 char mboxfile[MAXPATHLEN];
79 username2uid_t *untab; /* user name table */
83 * Return the home directory pathname for the user with uid "userid".
88 static char linkval[MAXPATHLEN + 1];
89 static struct timeval tp;
94 clock_valid = 0; /* invalidate logging clock */
96 if ((int) userid == 0) { /* force superuser to use "/" as home */
97 sprintf(linkval, "/%s", home_subdir);
100 if ((found = plt_search(userid)) == (uid2home_t *) NULL) {
101 return alt_spooldir; /* use alt spool for unknown uid */
103 homename = found->home;
105 if (homename[0] != '/' || homename[1] == '\0') {
106 found->last_status = 1;
107 return alt_spooldir; /* use alt spool for / or rel. home */
109 sprintf(linkval, "%s/%s", homename, home_subdir);
112 found->last_status = 0;
117 * To optimize hlfsd, we don't actually check the validity of the
118 * symlink if it has been in checked in the last N seconds. It is
119 * very likely that the link, machine, and filesystem are still
120 * valid, as long as N is small. But if N ls large, that may not be
121 * true. That's why the default N is 5 minutes, but we allow the
122 * user to override this value via a command line option. Note that
123 * we do not update the last_access_time each time it is accessed,
124 * but only once every N seconds.
126 if (gettimeofday(&tp, (struct timezone *) NULL) < 0) {
129 if ((tp.tv_sec - found->last_access_time) < cache_interval) {
130 if (found->last_status == 0) {
136 found->last_access_time = tp.tv_sec;
142 * only run this forking code if asked for -D fork
143 * or if did not ask for -D nofork
147 /* fork child to process request if none in progress */
148 if (found->child && kill(found->child, 0))
152 delay(found, 5); /* wait a bit if in progress */
153 if (found->child) { /* better safe than sorry - maybe */
154 found->last_status = 1;
157 if ((found->child = fork()) < 0) {
158 found->last_status = 1;
161 if (found->child) { /* PARENT */
164 plog(XLOG_INFO, "cache spill uid = %ld, pid = %ld, home = %s",
165 (long) lastchild->uid, (long) lastchild->child,
169 return (char *) NULL; /* return NULL to parent, so it can continue */
172 } /* end of Debug(D_FORK) */
176 * CHILD: (or parent if -D nofork)
178 * Check and create dir if needed.
179 * Check disk space and/or quotas too.
181 * We don't need to set the _last_status field of found after the fork
182 * in the child, b/c that information would be later determined in
183 * nfsproc_readlink_2() and the correct exit status would be returned
184 * to the parent upon SIGCHLD in interlock().
187 am_set_mypid(); /* for logging routines */
188 if (seteuid(userid) < 0) {
189 plog(XLOG_WARNING, "could not seteuid to %d: %m", userid);
192 if (hlfsd_stat(linkval, &homestat) < 0) {
193 if (errno == ENOENT) { /* make the spool dir if possible */
194 /* don't use recursive mkdirs here */
195 if (mkdir(linkval, PERS_SPOOLMODE) < 0) {
197 plog(XLOG_WARNING, "can't make directory %s: %m", linkval);
200 /* fall through to testing the disk space / quota */
201 } else { /* the home dir itself must not exist then */
203 plog(XLOG_WARNING, "bad link to %s: %m", linkval);
209 * If gets here, then either the spool dir in the home dir exists,
210 * or it was just created. In either case, we now need to
211 * test if we can create a small file and write at least one
212 * byte into it. This will test that we have both enough inodes
213 * and disk blocks to spare, or they fall within the user's quotas too.
214 * We are still seteuid to the user at this point.
216 if (hlfsd_diskspace(linkval) < 0) {
218 plog(XLOG_WARNING, "no more space in %s: %m", linkval);
228 hlfsd_diskspace(char *path)
230 char buf[MAXPATHLEN];
233 clock_valid = 0; /* invalidate logging clock */
235 sprintf(buf, "%s/._hlfstmp_%lu", path, (long) getpid());
236 if ((fd = open(buf, O_RDWR | O_CREAT, 0600)) < 0) {
237 plog(XLOG_ERROR, "cannot open %s: %m", buf);
241 if (write(fd, buf, len) < len) {
242 plog(XLOG_ERROR, "cannot write \"%s\" (%d bytes) to %s : %m", buf, len, buf);
244 unlink(buf); /* cleanup just in case */
247 if (unlink(buf) < 0) {
248 plog(XLOG_ERROR, "cannot unlink %s : %m", buf);
256 hlfsd_stat(char *path, struct stat *statp)
258 if (stat(path, statp) < 0)
260 else if (!S_ISDIR(statp->st_mode)) {
269 delay(uid2home_t *found, int secs)
275 dlog("delaying on child %ld for %d seconds", (long) found->child, secs);
282 if (select(0, 0, 0, 0, &tv) == 0)
284 } while (--secs && found->child);
289 * This function is called when a child has terminated after
290 * servicing an nfs request. We need to check the exit status and
291 * update the last_status field of the requesting user.
294 interlock(int signum)
297 uid2home_t *lostchild;
301 while ((child = waitpid((pid_t) -1, &status, WNOHANG)) > 0) {
302 #else /* not HAVE_WAITPID */
303 while ((child = wait3(&status, WNOHANG, (struct rusage *) 0)) > 0) {
304 #endif /* not HAVE_WAITPID */
306 /* high chances this was the last child forked */
307 if (lastchild && lastchild->child == child) {
308 lastchild->child = 0;
310 if (WIFEXITED(status))
311 lastchild->last_status = WEXITSTATUS(status);
312 lastchild = (uid2home_t *) NULL;
314 /* and if not, we have to search for it... */
315 for (lostchild = pwtab; lostchild < &pwtab[cur_pwtab_num]; lostchild++) {
316 if (lostchild->child == child) {
317 if (WIFEXITED(status))
318 lostchild->last_status = WEXITSTATUS(status);
319 lostchild->child = 0;
329 * PASSWORD AND USERNAME LOOKUP TABLES FUNCTIONS
333 * get index of UserName table entry which matches username.
334 * must not return uid_t because we want to return a negative number.
337 untab_index(char *username)
339 int max, min, mid, cmp;
341 max = cur_pwtab_num - 1;
345 mid = (max + min) / 2;
346 cmp = strcmp(untab[mid].username, username);
347 if (cmp == 0) /* record found! */
353 } while (max > min + 1);
355 if (STREQ(untab[max].username, username))
357 if (STREQ(untab[min].username, username))
360 /* if gets here then record was not found */
366 * Don't make this return a uid_t, because we need to return negative
367 * numbers as well (error codes.)
370 uidof(char *username)
374 if ((idx = untab_index(username)) < 0) /* not found */
375 return INVALIDID; /* an invalid user id */
376 return untab[idx].uid;
381 * Don't make this return a uid_t, because we need to return negative
382 * numbers as well (error codes.)
385 homeof(char *username)
389 if ((idx = untab_index(username)) < 0) /* not found */
390 return (char *) NULL; /* an invalid user id */
391 return untab[idx].home;
396 mailbox(int uid, char *username)
401 return (char *) NULL; /* not found */
403 if ((home = homeof(username)) == (char *) NULL)
404 return (char *) NULL;
405 if (STREQ(home, "/"))
406 sprintf(mboxfile, "/%s/%s", home_subdir, username);
408 sprintf(mboxfile, "%s/%s/%s", home, home_subdir, username);
414 plt_compare_fxn(const voidp x, const voidp y)
417 uid2home_t *i = (uid2home_t *) x;
418 uid2home_t *j = (uid2home_t *) y;
420 return i->uid - j->uid;
425 unt_compare_fxn(const voidp x, const voidp y)
427 username2uid_t *i = (username2uid_t *) x;
428 username2uid_t *j = (username2uid_t *) y;
430 return strcmp(i->username, j->username);
434 /* perform initialization of user passwd database */
443 passwd_fp = fopen(passwdfile, "r");
445 plog(XLOG_ERROR, "unable to read passwd file %s: %m", passwdfile);
448 plog(XLOG_INFO, "reading password entries from file %s", passwdfile);
451 memset((char *) &passwd_ent, 0, sizeof(struct passwd));
452 passwd_ent.pw_name = (char *) &pw_name;
453 passwd_ent.pw_dir = (char *) &pw_dir;
457 /* perform de-initialization of user passwd database */
463 * Don't actually run this because we will be making more passwd calls
464 * afterwards. On Solaris 2.5.1, making getpwent() calls after calling
465 * endpwent() results in a memory leak! (and no, even Purify didn't
479 /* perform record reading/parsing of individual passwd database records */
480 static struct passwd *
485 /* check if to perform standard unix function */
490 clock_valid = 0; /* invalidate logging clock */
492 /* return here to read another entry */
495 /* return NULL if reached end of file */
499 pw_name[0] = pw_dir[0] = '\0';
503 fgets(buf, 256, passwd_fp);
505 if (!buf || buf[0] == '\0')
509 cp = strtok(buf, ":");
510 if (!cp || cp[0] == '\0') {
511 plog(XLOG_ERROR, "no user name on line %d of %s", passwd_line, passwdfile);
514 strcpy(pw_name, cp); /* will show up in passwd_ent.pw_name */
520 cp = strtok(NULL, ":");
521 if (!cp || cp[0] == '\0') {
522 plog(XLOG_ERROR, "no uid on line %d of %s", passwd_line, passwdfile);
525 passwd_ent.pw_uid = atoi(cp);
527 /* skip gid and gcos */
532 cp = strtok(NULL, ":");
533 if (!cp || cp[0] == '\0') {
534 plog(XLOG_ERROR, "no home dir on line %d of %s", passwd_line, passwdfile);
537 strcpy(pw_dir, cp); /* will show up in passwd_ent.pw_dir */
539 /* the rest of the fields are unimportant and not being considered */
541 plog(XLOG_USER, "hlfsd_getpwent: name=%s, uid=%ld, dir=%s",
542 passwd_ent.pw_name, (long) passwd_ent.pw_uid, passwd_ent.pw_dir);
549 * read and hash the passwd file or NIS map
554 struct passwd *pent_p;
556 if (plt_reset() < 0) /* could not reset table. skip. */
559 plog(XLOG_INFO, "reading password map");
561 hlfsd_setpwent(); /* prepare to read passwd entries */
562 while ((pent_p = hlfsd_getpwent()) != (struct passwd *) NULL) {
563 table_add(pent_p->pw_uid, pent_p->pw_dir, pent_p->pw_name);
567 qsort((char *) pwtab, cur_pwtab_num, sizeof(uid2home_t),
569 qsort((char *) untab, cur_pwtab_num, sizeof(username2uid_t),
572 plog(XLOG_INFO, "password map read and sorted");
577 * This is essentially so that we don't reset known good lookup tables when a
578 * YP server goes down.
585 clock_valid = 0; /* invalidate logging clock */
588 if (hlfsd_getpwent() == (struct passwd *) NULL) {
590 return -1; /* did not reset table */
594 lastchild = (uid2home_t *) NULL;
596 if (max_pwtab_num > 0) /* was used already. cleanup old table */
597 for (i = 0; i < cur_pwtab_num; ++i) {
599 XFREE(pwtab[i].home);
600 pwtab[i].home = (char *) NULL;
602 pwtab[i].uid = INVALIDID; /* not a valid uid (yet...) */
603 pwtab[i].child = (pid_t) 0;
604 pwtab[i].uname = (char *) NULL; /* only a ptr to untab[i].username */
605 if (untab[i].username) {
606 XFREE(untab[i].username);
607 untab[i].username = (char *) NULL;
609 untab[i].uid = INVALIDID; /* invalid uid */
610 untab[i].home = (char *) NULL; /* only a ptr to pwtab[i].home */
612 cur_pwtab_num = 0; /* zero current size */
614 return 0; /* resetting ok */
624 table_add(int u, const char *h, const char *n)
628 clock_valid = 0; /* invalidate logging clock */
630 if (max_pwtab_num <= 0) { /* was never initialized */
632 pwtab = (uid2home_t *) xmalloc(max_pwtab_num *
634 memset((char *) &pwtab[0], 0, max_pwtab_num * sizeof(uid2home_t));
635 untab = (username2uid_t *) xmalloc(max_pwtab_num *
636 sizeof(username2uid_t));
637 memset((char *) &untab[0], 0, max_pwtab_num * sizeof(username2uid_t));
640 /* check if need more space. */
641 if (cur_pwtab_num + 1 > max_pwtab_num) {
642 /* need more space in table */
644 plog(XLOG_INFO, "reallocating table spaces to %d entries", max_pwtab_num);
645 pwtab = (uid2home_t *) xrealloc(pwtab,
646 sizeof(uid2home_t) * max_pwtab_num);
647 untab = (username2uid_t *) xrealloc(untab,
648 sizeof(username2uid_t) *
650 /* zero out newly added entries */
651 for (i=cur_pwtab_num; i<max_pwtab_num; ++i) {
652 memset((char *) &pwtab[i], 0, sizeof(uid2home_t));
653 memset((char *) &untab[i], 0, sizeof(username2uid_t));
657 /* do NOT add duplicate entries (this is an O(N^2) algorithm... */
658 for (i=0; i<cur_pwtab_num; ++i)
659 if (u == pwtab[i].uid && u != 0 ) {
661 dlog("ignoring duplicate home %s for uid %d (already %s)",
662 h, u, pwtab[i].home);
667 /* add new password entry */
668 pwtab[cur_pwtab_num].home = strdup(h);
669 pwtab[cur_pwtab_num].child = 0;
670 pwtab[cur_pwtab_num].last_access_time = 0;
671 pwtab[cur_pwtab_num].last_status = 0; /* assume best: used homedir */
672 pwtab[cur_pwtab_num].uid = u;
674 /* add new userhome entry */
675 untab[cur_pwtab_num].username = strdup(n);
677 /* just a second pointer */
678 pwtab[cur_pwtab_num].uname = untab[cur_pwtab_num].username;
679 untab[cur_pwtab_num].uid = u;
680 untab[cur_pwtab_num].home = pwtab[cur_pwtab_num].home; /* a ptr */
682 /* increment counter */
688 * return entry in lookup table
696 * empty table should not happen,
697 * but I have a bug with signals to trace...
699 if (pwtab == (uid2home_t *) NULL)
700 return (uid2home_t *) NULL;
702 max = cur_pwtab_num - 1;
706 mid = (max + min) / 2;
707 if (pwtab[mid].uid == u) /* record found! */
709 if (pwtab[mid].uid > u)
713 } while (max > min + 1);
715 if (pwtab[max].uid == u)
717 if (pwtab[min].uid == u)
720 /* if gets here then record was not found */
721 return (uid2home_t *) NULL;
725 #if defined(DEBUG) || defined(DEBUG_PRINT)
727 plt_print(int signum)
731 char dumptmp[] = "/usr/tmp/hlfsd.dump.XXXXXX";
735 dumpfd = mkstemp(dumptmp);
736 #else /* not HAVE_MKSTEMP */
739 plot(XLOG_ERROR, "cannot create temporary dump file");
742 dumpfd = open(dumptmp, O_RDONLY);
743 #endif /* not HAVE_MKSTEMP */
745 plog(XLOG_ERROR, "cannot open temporary dump file");
748 if ((dumpfile = fdopen(dumpfd, "a")) != NULL) {
749 plog(XLOG_INFO, "dumping internal state to file %s", dumptmp);
750 fprintf(dumpfile, "\n\nNew plt_dump():\n");
751 for (i = 0; i < cur_pwtab_num; ++i)
753 "%4d %5lu %10lu %1d %4lu \"%s\" uname=\"%s\"\n",
755 (long) pwtab[i].child,
756 pwtab[i].last_access_time,
757 pwtab[i].last_status,
761 fprintf(dumpfile, "\nUserName table by plt_print():\n");
762 for (i = 0; i < cur_pwtab_num; ++i)
763 fprintf(dumpfile, "%4d : \"%s\" %4lu \"%s\"\n", i,
764 untab[i].username, (long) untab[i].uid, untab[i].home);
772 plt_dump(uid2home_t *lastc, pid_t this)
777 if ((dumpfile = fopen("/var/tmp/hlfsdump", "a")) != NULL) {
778 fprintf(dumpfile, "\n\nNEW PLT_DUMP -- ");
779 fprintf(dumpfile, "lastchild->child=%d ",
780 (int) (lastc ? lastc->child : -999));
781 fprintf(dumpfile, ", child from wait3=%lu:\n", (long) this);
782 for (i = 0; i < cur_pwtab_num; ++i)
783 fprintf(dumpfile, "%4d %5lu: %4lu \"%s\" uname=\"%s\"\n", i,
784 (long) pwtab[i].child, (long) pwtab[i].uid,
785 pwtab[i].home, pwtab[i].uname);
786 fprintf(dumpfile, "\nUserName table by plt_dump():\n");
787 for (i = 0; i < cur_pwtab_num; ++i)
788 fprintf(dumpfile, "%4d : \"%s\" %4lu \"%s\"\n", i,
789 untab[i].username, (long) untab[i].uid, untab[i].home);
790 fprintf(dumpfile, "ezk: ent=%d, uid=%lu, home=\"%s\"\n",
792 (long) untab[untab_index("ezk")].uid,
793 pwtab[untab[untab_index("ezk")].uid].home);
794 fprintf(dumpfile, "rezk: ent=%d, uid=%lu, home=\"%s\"\n",
796 (long) untab[untab_index("rezk")].uid,
797 pwtab[untab[untab_index("rezk")].uid].home);
801 #endif /* defined(DEBUG) || defined(DEBUG_PRINT) */