X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=avahi-daemon%2Fmain.c;h=43ad74d1ccd75b85d9856f2b97da9b190f9ac806;hb=3f8227311e734f408e34d114be975f400b20c989;hp=6f0624d3ae96389ce30c5dcefa308331a9cbf429;hpb=21dd860429b6a3065118fdba4b298cdb19c28d15;p=catta diff --git a/avahi-daemon/main.c b/avahi-daemon/main.c index 6f0624d..43ad74d 100644 --- a/avahi-daemon/main.c +++ b/avahi-daemon/main.c @@ -50,15 +50,23 @@ #include #include #include +#include #include #include #include #include +#ifdef ENABLE_CHROOT +#include "chroot.h" +#include "caps.h" +#endif + +#include "setproctitle.h" #include "main.h" #include "simple-protocol.h" #include "static-services.h" +#include "static-hosts.h" #include "ini-file-parser.h" #ifdef HAVE_DBUS @@ -67,6 +75,8 @@ AvahiServer *avahi_server = NULL; AvahiSimplePoll *simple_poll_api = NULL; +static char *argv0 = NULL; +int nss_support = 0; typedef enum { DAEMON_RUN, @@ -83,12 +93,20 @@ typedef struct { int daemonize; int use_syslog; char *config_file; +#ifdef HAVE_DBUS int enable_dbus; int fail_on_missing_dbus; +#endif int drop_root; + int set_rlimits; +#ifdef ENABLE_CHROOT + int use_chroot; +#endif + int modify_proc_title; + + int disable_user_service_publishing; int publish_resolv_conf; char ** publish_dns_servers; - int no_rlimits; int debug; int rlimit_as_set, rlimit_core_set, rlimit_data_set, rlimit_fsize_set, rlimit_nofile_set, rlimit_stack_set; @@ -125,8 +143,14 @@ static int load_resolv_conf(void) { avahi_strfreev(resolv_conf); resolv_conf = NULL; - if (!(f = fopen(RESOLV_CONF, "r"))) { - avahi_log_warn("Failed to open "RESOLV_CONF"."); +#ifdef ENABLE_CHROOT + f = avahi_chroot_helper_get_file(RESOLV_CONF); +#else + f = fopen(RESOLV_CONF, "r"); +#endif + + if (!f) { + avahi_log_warn("Failed to open "RESOLV_CONF": %s", strerror(errno)); goto finish; } @@ -208,6 +232,11 @@ static void update_wide_area_servers(void) { unsigned n = 0; char **p; + if (!resolv_conf) { + avahi_server_set_wide_area_servers(avahi_server, NULL, 0); + return; + } + for (p = resolv_conf; *p && n < AVAHI_WIDE_AREA_SERVERS_MAX; p++) { if (!avahi_address_parse(*p, AVAHI_PROTO_UNSPEC, &a[n])) avahi_log_warn("Failed to parse address '%s', ignoring.", *p); @@ -237,7 +266,11 @@ static void server_callback(AvahiServer *s, AvahiServerState state, void *userda switch (state) { case AVAHI_SERVER_RUNNING: avahi_log_info("Server startup complete. Host name is %s. Local service cookie is %u.", avahi_server_get_host_name_fqdn(s), avahi_server_get_local_service_cookie(s)); + + avahi_set_proc_title("%s: running [%s]", argv0, avahi_server_get_host_name_fqdn(s)); + static_service_add_to_server(); + static_hosts_add_to_server(); remove_dns_server_entry_groups(); @@ -254,6 +287,7 @@ static void server_callback(AvahiServer *s, AvahiServerState state, void *userda char *n; static_service_remove_from_server(); + static_hosts_remove_from_server(); remove_dns_server_entry_groups(); @@ -261,6 +295,9 @@ static void server_callback(AvahiServer *s, AvahiServerState state, void *userda avahi_log_warn("Host name conflict, retrying with <%s>", n); avahi_server_set_host_name(s, n); avahi_free(n); + + avahi_set_proc_title("%s: collision", argv0); + break; } @@ -271,13 +308,16 @@ static void server_callback(AvahiServer *s, AvahiServerState state, void *userda break; case AVAHI_SERVER_REGISTERING: + avahi_set_proc_title("%s: registering [%s]", argv0, avahi_server_get_host_name_fqdn(s)); + + case AVAHI_SERVER_INVALID: break; } } -static void help(FILE *f, const char *argv0) { +static void help(FILE *f) { fprintf(f, "%s [options]\n" " -h --help Show this help\n" @@ -291,6 +331,10 @@ static void help(FILE *f, const char *argv0) { " "AVAHI_CONFIG_FILE"\n" " --no-rlimits Don't enforce resource limits\n" " --no-drop-root Don't drop privileges\n" +#ifdef ENABLE_CHROOT + " --no-chroot Don't chroot()\n" +#endif + " --no-proc-title Don't modify process title\n" " --debug Increase verbosity\n", argv0); } @@ -302,21 +346,29 @@ static int parse_command_line(DaemonConfig *c, int argc, char *argv[]) { enum { OPTION_NO_RLIMITS = 256, OPTION_NO_DROP_ROOT, +#ifdef ENABLE_CHROOT + OPTION_NO_CHROOT, +#endif + OPTION_NO_PROC_TITLE, OPTION_DEBUG }; static const struct option long_options[] = { - { "help", no_argument, NULL, 'h' }, - { "daemonize", no_argument, NULL, 'D' }, - { "kill", no_argument, NULL, 'k' }, - { "version", no_argument, NULL, 'V' }, - { "file", required_argument, NULL, 'f' }, - { "reload", no_argument, NULL, 'r' }, - { "check", no_argument, NULL, 'c' }, - { "syslog", no_argument, NULL, 's' }, - { "no-rlimits", no_argument, NULL, OPTION_NO_RLIMITS }, - { "no-drop-root", no_argument, NULL, OPTION_NO_DROP_ROOT }, - { "debug", no_argument, NULL, OPTION_DEBUG }, + { "help", no_argument, NULL, 'h' }, + { "daemonize", no_argument, NULL, 'D' }, + { "kill", no_argument, NULL, 'k' }, + { "version", no_argument, NULL, 'V' }, + { "file", required_argument, NULL, 'f' }, + { "reload", no_argument, NULL, 'r' }, + { "check", no_argument, NULL, 'c' }, + { "syslog", no_argument, NULL, 's' }, + { "no-rlimits", no_argument, NULL, OPTION_NO_RLIMITS }, + { "no-drop-root", no_argument, NULL, OPTION_NO_DROP_ROOT }, +#ifdef ENABLE_CHROOT + { "no-chroot", no_argument, NULL, OPTION_NO_CHROOT }, +#endif + { "no-proc-title", no_argument, NULL, OPTION_NO_PROC_TITLE }, + { "debug", no_argument, NULL, OPTION_DEBUG }, { NULL, 0, NULL, 0 } }; @@ -352,11 +404,19 @@ static int parse_command_line(DaemonConfig *c, int argc, char *argv[]) { c->command = DAEMON_CHECK; break; case OPTION_NO_RLIMITS: - c->no_rlimits = 1; + c->set_rlimits = 0; break; case OPTION_NO_DROP_ROOT: c->drop_root = 0; break; +#ifdef ENABLE_CHROOT + case OPTION_NO_CHROOT: + c->use_chroot = 0; + break; +#endif + case OPTION_NO_PROC_TITLE: + c->modify_proc_title = 0; + break; case OPTION_DEBUG: c->debug = 1; break; @@ -403,6 +463,24 @@ static int load_config_file(DaemonConfig *c) { } else if (strcasecmp(p->key, "domain-name") == 0) { avahi_free(c->server_config.domain_name); c->server_config.domain_name = avahi_strdup(p->value); + } else if (strcasecmp(p->key, "browse-domains") == 0) { + char **e, **t; + + e = avahi_split_csv(p->value); + + for (t = e; *t; t++) { + char cleaned[AVAHI_DOMAIN_NAME_MAX]; + + if (!avahi_normalize_name(*t, cleaned, sizeof(cleaned))) { + avahi_log_error("Invalid domain name \"%s\" for key \"%s\" in group \"%s\"\n", *t, p->key, g->name); + avahi_strfreev(e); + goto finish; + } + + c->server_config.browse_domains = avahi_string_list_add(c->server_config.browse_domains, cleaned); + } + + avahi_strfreev(e); } else if (strcasecmp(p->key, "use-ipv4") == 0) c->server_config.use_ipv4 = is_yes(p->value); else if (strcasecmp(p->key, "use-ipv6") == 0) @@ -413,6 +491,7 @@ static int load_config_file(DaemonConfig *c) { c->server_config.use_iff_running = is_yes(p->value); else if (strcasecmp(p->key, "disallow-other-stacks") == 0) c->server_config.disallow_other_stacks = is_yes(p->value); +#ifdef HAVE_DBUS else if (strcasecmp(p->key, "enable-dbus") == 0) { if (*(p->value) == 'w' || *(p->value) == 'W') { @@ -424,10 +503,8 @@ static int load_config_file(DaemonConfig *c) { } else { c->enable_dbus = 0; } - } else if (strcasecmp(p->key, "drop-root") == 0) - c->drop_root = is_yes(p->value); - else if (strcasecmp(p->key, "add-service-cookie") == 0) - c->server_config.add_service_cookie = is_yes(p->value); + } +#endif else { avahi_log_error("Invalid configuration key \"%s\" in group \"%s\"\n", p->key, g->name); goto finish; @@ -449,9 +526,15 @@ static int load_config_file(DaemonConfig *c) { c->server_config.publish_domain = is_yes(p->value); else if (strcasecmp(p->key, "publish-resolv-conf-dns-servers") == 0) c->publish_resolv_conf = is_yes(p->value); + else if (strcasecmp(p->key, "disable-publishing") == 0) + c->server_config.disable_publishing = is_yes(p->value); + else if (strcasecmp(p->key, "disable-user-service-publishing") == 0) + c->disable_user_service_publishing = is_yes(p->value); + else if (strcasecmp(p->key, "add-service-cookie") == 0) + c->server_config.add_service_cookie = is_yes(p->value); else if (strcasecmp(p->key, "publish-dns-servers") == 0) { avahi_strfreev(c->publish_dns_servers); - c->publish_dns_servers = avahi_split_csv(p->value); + c->publish_dns_servers = avahi_split_csv(p->value); } else { avahi_log_error("Invalid configuration key \"%s\" in group \"%s\"\n", p->key, g->name); goto finish; @@ -588,8 +671,15 @@ static void signal_callback(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AVAHI_GC case SIGHUP: avahi_log_info("Got SIGHUP, reloading."); - static_service_load(); +#ifdef ENABLE_CHROOT + static_service_load(config.use_chroot); + static_hosts_load(config.use_chroot); +#else + static_service_load(0); + static_hosts_load(0); +#endif static_service_add_to_server(); + static_service_remove_from_server(); if (resolv_conf_entry_group) avahi_s_entry_group_reset(resolv_conf_entry_group); @@ -614,14 +704,21 @@ static void signal_callback(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AVAHI_GC } } +/* Imported from ../avahi-client/nss-check.c */ +int avahi_nss_support(void); + static int run_server(DaemonConfig *c) { int r = -1; int error; const AvahiPoll *poll_api = NULL; AvahiWatch *sig_watch = NULL; + int retval_is_sent = 0; assert(c); + if (!(nss_support = avahi_nss_support())) + avahi_log_warn("WARNING: No NSS support for mDNS detected, consider installing nss-mdns!"); + if (!(simple_poll_api = avahi_simple_poll_new())) { avahi_log_error("Failed to create main loop object."); goto finish; @@ -641,9 +738,10 @@ static int run_server(DaemonConfig *c) { if (simple_protocol_setup(poll_api) < 0) goto finish; - if (c->enable_dbus) { + #ifdef HAVE_DBUS - if (dbus_protocol_setup(poll_api) < 0) { + if (c->enable_dbus) { + if (dbus_protocol_setup(poll_api, config.disable_user_service_publishing) < 0) { if (c->fail_on_missing_dbus) goto finish; @@ -651,14 +749,37 @@ static int run_server(DaemonConfig *c) { avahi_log_warn("WARNING: Failed to contact D-BUS daemon, disabling D-BUS support."); c->enable_dbus = 0; } -#else - avahi_log_warn("WARNING: We are configured to enable D-BUS but it was not compiled in."); - c->enable_dbus = 0; + } #endif + +#ifdef ENABLE_CHROOT + + if (config.drop_root && config.use_chroot) { + if (chroot(AVAHI_CONFIG_DIR) < 0) { + avahi_log_error("Failed to chroot(): %s", strerror(errno)); + goto finish; + } + + avahi_log_info("Successfully called chroot()."); + chdir("/"); + + if (avahi_caps_drop_all() < 0) { + avahi_log_error("Failed to drop capabilities."); + goto finish; + } + avahi_log_info("Successfully dropped remaining capabilities."); } +#endif + load_resolv_conf(); - static_service_load(); +#ifdef ENABLE_CHROOT + static_service_load(config.use_chroot); + static_hosts_load(config.use_chroot); +#else + static_service_load(0); + static_hosts_load(0); +#endif if (!(avahi_server = avahi_server_new(poll_api, &c->server_config, server_callback, c, &error))) { avahi_log_error("Failed to create server: %s", avahi_strerror(error)); @@ -667,8 +788,10 @@ static int run_server(DaemonConfig *c) { update_wide_area_servers(); - if (c->daemonize) + if (c->daemonize) { daemon_retval_send(0); + retval_is_sent = 1; + } for (;;) { if ((r = avahi_simple_poll_iterate(simple_poll_api, -1)) < 0) { @@ -689,11 +812,15 @@ finish: static_service_remove_from_server(); static_service_free_all(); + + static_hosts_remove_from_server(); + static_hosts_free_all(); + remove_dns_server_entry_groups(); simple_protocol_shutdown(); -#ifdef ENABLE_DBUS +#ifdef HAVE_DBUS if (c->enable_dbus) dbus_protocol_shutdown(); #endif @@ -713,7 +840,7 @@ finish: simple_poll_api = NULL; } - if (r != 0 && c->daemonize) + if (!retval_is_sent && c->daemonize) daemon_retval_send(1); return r; @@ -778,7 +905,7 @@ static int drop_root(void) { set_env("USER", pw->pw_name); set_env("LOGNAME", pw->pw_name); set_env("HOME", pw->pw_dir); - + avahi_log_info("Successfully dropped root privileges."); return 0; @@ -862,7 +989,8 @@ static void enforce_rlimits(void) { set_one_rlimit(RLIMIT_NPROC, config.rlimit_nproc, "RLIMIT_NPROC"); #endif -#ifdef RLIMIT_MEMLOCK + /* the sysctl() call from iface-pfroute.c needs locked memory on FreeBSD */ +#if defined(RLIMIT_MEMLOCK) && !defined(__FreeBSD__) /* We don't need locked memory */ set_one_rlimit(RLIMIT_MEMLOCK, 0, "RLIMIT_MEMLOCK"); #endif @@ -890,7 +1018,6 @@ static void init_rand_seed(void) { int main(int argc, char *argv[]) { int r = 255; - const char *argv0; int wrote_pid_file = 0; avahi_set_log_function(log_function); @@ -904,17 +1031,20 @@ int main(int argc, char *argv[]) { #ifdef HAVE_DBUS config.enable_dbus = 1; config.fail_on_missing_dbus = 1; -#else - config.enable_dbus = 0; - config.fail_on_missing_dbus = 0; #endif + config.drop_root = 1; + config.set_rlimits = 1; +#ifdef ENABLE_CHROOT + config.use_chroot = 1; +#endif + config.modify_proc_title = 1; + + config.disable_user_service_publishing = 0; config.publish_dns_servers = NULL; config.publish_resolv_conf = 0; config.use_syslog = 0; - config.no_rlimits = 0; config.debug = 0; - config.rlimit_as_set = 0; config.rlimit_core_set = 0; config.rlimit_data_set = 0; @@ -926,9 +1056,9 @@ int main(int argc, char *argv[]) { #endif if ((argv0 = strrchr(argv[0], '/'))) - argv0++; + argv0 = avahi_strdup(argv0 + 1); else - argv0 = argv[0]; + argv0 = avahi_strdup(argv[0]); daemon_pid_file_ident = (const char *) argv0; daemon_log_ident = (char*) argv0; @@ -937,8 +1067,15 @@ int main(int argc, char *argv[]) { if (parse_command_line(&config, argc, argv) < 0) goto finish; + if (config.modify_proc_title) + avahi_init_proc_title(argc, argv); + +#ifdef ENABLE_CHROOT + config.use_chroot = config.use_chroot && config.drop_root; +#endif + if (config.command == DAEMON_HELP) { - help(stdout, argv0); + help(stdout); r = 0; } else if (config.command == DAEMON_VERSION) { printf("%s "PACKAGE_VERSION"\n", argv0); @@ -1005,8 +1142,20 @@ int main(int argc, char *argv[]) { goto finish; if (config.drop_root) { +#ifdef ENABLE_CHROOT + if (config.use_chroot) + if (avahi_caps_reduce() < 0) + goto finish; +#endif + if (drop_root() < 0) goto finish; + +#ifdef ENABLE_CHROOT + if (config.use_chroot) + if (avahi_caps_reduce2() < 0) + goto finish; +#endif } if (daemon_pid_file_create() < 0) { @@ -1018,12 +1167,21 @@ int main(int argc, char *argv[]) { } else wrote_pid_file = 1; - if (!config.no_rlimits) + if (config.set_rlimits) enforce_rlimits(); chdir("/"); - + +#ifdef ENABLE_CHROOT + if (config.drop_root && config.use_chroot) + if (avahi_chroot_helper_start(argv0) < 0) { + avahi_log_error("failed to start chroot() helper daemon."); + goto finish; + } +#endif avahi_log_info("%s "PACKAGE_VERSION" starting up.", argv0); + + avahi_set_proc_title("%s: starting up", argv0); if (run_server(&config) == 0) r = 0; @@ -1039,8 +1197,19 @@ finish: avahi_strfreev(config.publish_dns_servers); avahi_strfreev(resolv_conf); - if (wrote_pid_file) + if (wrote_pid_file) { +#ifdef ENABLE_CHROOT + avahi_chroot_helper_unlink(pid_file_proc()); +#else daemon_pid_file_remove(); +#endif + } + +#ifdef ENABLE_CHROOT + avahi_chroot_helper_shutdown(); +#endif + + avahi_free(argv0); return r; }