1 kumpf 1.2 /*
2 //%2006////////////////////////////////////////////////////////////////////////
3 //
4 // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development
5 // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems.
6 // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.;
7 // IBM Corp.; EMC Corporation, The Open Group.
8 // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.;
9 // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group.
10 // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.;
11 // EMC Corporation; VERITAS Software Corporation; The Open Group.
12 // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.;
13 // EMC Corporation; Symantec Corporation; The Open Group.
14 //
15 // Permission is hereby granted, free of charge, to any person obtaining a copy
16 // of this software and associated documentation files (the "Software"), to
17 // deal in the Software without restriction, including without limitation the
18 // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
19 // sell copies of the Software, and to permit persons to whom the Software is
20 // furnished to do so, subject to the following conditions:
21 //
22 kumpf 1.2 // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN
23 // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED
24 // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
25 // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
26 // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
27 // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
28 // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
29 // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
30 //
31 //%/////////////////////////////////////////////////////////////////////////////
32 */
33 #include <stdio.h>
34 #include <sys/types.h>
35 #include <sys/stat.h>
36 #include <unistd.h>
37 #include <string.h>
38 #include "Config.h"
39 #include "Child.h"
40 #include "Parent.h"
41 #include "User.h"
42 #include "Fatal.h"
43 kumpf 1.2 #include "Process.h"
44 #include "Path.h"
45 #include "Globals.h"
46 #include "Socket.h"
47 #include "Strlcpy.h"
48 #include "Strlcat.h"
49 #include "Log.h"
50 #include "Policy.h"
51 #include "Macro.h"
52 #include "Assert.h"
53 #include "Options.h"
|
54 kumpf 1.8 #include <Pegasus/Common/PegasusVersion.h>
|
55 kumpf 1.2
56 /*
57 **==============================================================================
58 **
59 ** GetServerUser
60 **
61 ** Determine which user to run CIMSERVERMAIN as.
62 **
63 **==============================================================================
64 */
65
|
66 kumpf 1.3 int GetServerUser(const char** userName, int* uid, int* gid)
|
67 kumpf 1.2 {
|
68 kumpf 1.3 *userName = PEGASUS_CIMSERVERMAIN_USER;
|
69 kumpf 1.2
|
70 kumpf 1.3 if (GetUserInfo(*userName, uid, gid) != 0)
|
71 kumpf 1.2 {
72 Fatal(FL,
73 "The %s user \"%s\" does not exist.",
|
74 kumpf 1.3 CIMSERVERMAIN, *userName);
|
75 kumpf 1.2 }
76
77 return 0;
78 }
79
80 /*
81 **==============================================================================
82 **
83 ** ExecShutdown()
84 **
85 **==============================================================================
86 */
87
|
88 kumpf 1.5 void ExecShutdown(void)
|
89 kumpf 1.2 {
90 char* tmpArgv[3];
91 const char* cimshutdownPath;
92 const char* shutdownTimeout;
93
94 /* Get shutdownTimeout configuration parameter. */
95
96 if ((shutdownTimeout = FindMacro("shutdownTimeout")) == NULL)
97 Fatal(FL, "failed to resolve shutdownTimeout");
98
99 /* Get absolute CIMSHUTDOWN program name. */
100
101 if ((cimshutdownPath = FindMacro("cimshutdownPath")) == NULL)
102 Fatal(FL, "failed to resolve cimshutdownPath");
103
104 /* Create argument list. */
105
106 tmpArgv[0] = CIMSHUTDOWN;
107 tmpArgv[1] = (char*)shutdownTimeout;
108 tmpArgv[2] = 0;
109
110 kumpf 1.2 /* Exec CIMSHUTDOWN program. */
111
112 /* Flawfinder: ignore */
113 execv(cimshutdownPath, tmpArgv);
114 Fatal(FL, "failed to exec %s", cimshutdownPath);
115 }
116
117 /*
118 **==============================================================================
119 **
120 ** DefineExecutorMacros()
121 **
122 ** Define macros used by the executor.
123 **
124 **==============================================================================
125 */
126
|
127 kumpf 1.5 void DefineExecutorMacros(void)
|
128 kumpf 1.2 {
129 /* Define ${internalBinDir} */
130 {
131 char path[EXECUTOR_BUFFER_SIZE];
132
133 if (GetPegasusInternalBinDir(path) != 0)
134 Fatal(FL, "failed to resolve internal pegasus bin directory");
135
136 DefineMacro("internalBinDir", path);
137 }
138
139 /* Define ${cimservermain} */
140
141 DefineMacro("cimservermain", CIMSERVERMAIN);
142
143 /* Define ${cimprovagt} */
144
145 DefineMacro("cimprovagt", CIMPROVAGT);
146
147 /* Define ${cimshutdown} */
148
149 kumpf 1.2 DefineMacro("cimshutdown", CIMSHUTDOWN);
150
151 /* Define ${cimservera} */
152
153 DefineMacro("cimservera", CIMSERVERA);
154
155 /* Define ${cimservermainPath} */
156 {
157 char path[EXECUTOR_BUFFER_SIZE];
158
159 if (ExpandMacros("${internalBinDir}/${cimservermain}", path) != 0)
160 Fatal(FL, "failed to resolve cimservermainPath");
161
162 DefineMacro("cimservermainPath", path);
163 }
164
165 /* Define ${cimprovagtPath} */
166 {
167 char path[EXECUTOR_BUFFER_SIZE];
168
169 if (ExpandMacros("${internalBinDir}/${cimprovagt}", path) != 0)
170 kumpf 1.2 Fatal(FL, "failed to resolve cimprovagtPath");
171
172 DefineMacro("cimprovagtPath", path);
173 }
174
175 /* Define ${cimshutdownPath} */
176 {
177 char path[EXECUTOR_BUFFER_SIZE];
178
179 if (ExpandMacros("${internalBinDir}/${cimshutdown}", path) != 0)
180 Fatal(FL, "failed to resolve cimshutdownPath");
181
182 DefineMacro("cimshutdownPath", path);
183 }
184
185 /* Define ${cimserveraPath} */
186 {
187 char path[EXECUTOR_BUFFER_SIZE];
188
189 if (ExpandMacros("${internalBinDir}/${cimservera}", path) != 0)
190 Fatal(FL, "failed to resolve cimserveraPath");
191 kumpf 1.2
192 DefineMacro("cimserveraPath", path);
193 }
194
195 /* Define ${shutdownTimeout} */
196
197 {
198 char buffer[EXECUTOR_BUFFER_SIZE];
199
200 if (GetConfigParam("shutdownTimeout", buffer) != 0)
|
201 kumpf 1.7 {
202 Strlcpy(
203 buffer,
204 PEGASUS_DEFAULT_SHUTDOWN_TIMEOUT_SECONDS_STRING,
205 sizeof(buffer));
206 }
|
207 kumpf 1.2
208 DefineMacro("shutdownTimeout", buffer);
209 }
210
211 /* Define ${currentConfigFilePath} */
212 {
213 char path[EXECUTOR_BUFFER_SIZE];
214
215 if (GetHomedPath(PEGASUS_CURRENT_CONFIG_FILE_PATH, path) != 0)
216 {
217 Fatal(FL, "GetHomedPath() failed on \"%s\"",
218 PEGASUS_CURRENT_CONFIG_FILE_PATH);
219 }
220
221 DefineMacro("currentConfigFilePath", path);
222 }
223
224 /* Define ${plannedConfigFilePath} */
225 {
226 char path[EXECUTOR_BUFFER_SIZE];
227
228 kumpf 1.2 if (GetHomedPath(PEGASUS_PLANNED_CONFIG_FILE_PATH, path) != 0)
229 {
230 Fatal(FL, "GetHomedPath() failed on \"%s\"",
231 PEGASUS_PLANNED_CONFIG_FILE_PATH);
232 }
233
234 DefineMacro("plannedConfigFilePath", path);
235 }
236
237 /* Define ${passwordFilePath} */
238
239 if (DefineConfigPathMacro("passwordFilePath", "cimserver.passwd") != 0)
240 Fatal(FL, "missing \"passwordFilePath\" configuration parameter.");
241
242 /* Define ${sslKeyFilePath} */
243
244 if (DefineConfigPathMacro("sslKeyFilePath", "file.pem") != 0)
245 Fatal(FL, "missing \"sslKeyFilePath\" configuration parameter.");
246
247 /* Define ${sslTrustStore} */
248
249 kumpf 1.2 if (DefineConfigPathMacro("sslTrustStore", "cimserver_trust") != 0)
250 Fatal(FL, "missing \"sslTrustStore\" configuration parameter.");
251
252 /* Define ${crlStore} */
253
254 if (DefineConfigPathMacro("crlStore", "crl") != 0)
255 Fatal(FL, "missing \"crlStore\" configuration parameter.");
256 }
257
258 /*
259 **==============================================================================
260 **
261 ** main()
262 **
263 **==============================================================================
264 */
265
266 int main(int argc, char** argv)
267 {
268 const char* cimservermainPath;
269 int pair[2];
270 kumpf 1.2 char username[EXECUTOR_BUFFER_SIZE];
|
271 kumpf 1.6 const char* childUserName;
272 int childUid;
273 int childGid;
|
274 kumpf 1.2 int childPid;
275 struct Options options;
276
277 /* Get options. */
278
279 GetOptions(&argc, &argv, &options);
280
281 /* Save argc-argv as globals. */
282
283 globals.argc = argc;
284 globals.argv = argv;
285
|
286 kumpf 1.6 /* Open the log. */
287
288 OpenLog("cimserver");
289
|
290 kumpf 1.2 /* Define macros needed by the executor. */
291
292 DefineExecutorMacros();
293
|
294 kumpf 1.6 /* If shutting down, then run CIMSHUTDOWN client. */
|
295 kumpf 1.2
296 if (options.shutdown)
297 ExecShutdown();
298
299 /* Process --policy and --macros options. */
300
301 if (options.dump)
302 {
|
303 kumpf 1.4 DumpPolicy(stdout, 1);
304 DumpMacros(stdout);
|
305 kumpf 1.2 exit(0);
306 }
307
308 /* Get absolute CIMSERVERMAIN program name. */
309
310 if ((cimservermainPath = FindMacro("cimservermainPath")) == NULL)
311 Fatal(FL, "Failed to locate %s program", CIMSERVERMAIN);
312
313 /* If CIMSERVERMAIN is already running, warn and exit now, unless one of
314 * the following options are given: -v, --version, -h, --help (these are
315 * passed through to CIMSERVERMAIN).
316 */
317
|
318 kumpf 1.4 if (!options.version &&
319 !options.help &&
320 TestProcessRunning(PEGASUS_CIMSERVER_START_FILE, CIMSERVERMAIN) == 0)
|
321 kumpf 1.2 {
322 fprintf(stderr,
323 "%s: cimserver is already running (the PID found in the file "
324 "\"%s\" corresponds to an existing process named \"%s\").\n\n",
325 globals.argv[0], PEGASUS_CIMSERVER_START_FILE, CIMSERVERMAIN);
326
327 exit(1);
328 }
329
330 /* Get enableAuthentication configuration option. */
331
332 {
333 char buffer[EXECUTOR_BUFFER_SIZE];
334
335 if (GetConfigParam("enableAuthentication", buffer) == 0 &&
336 strcasecmp(buffer, "true") == 0)
337 {
338 globals.enableAuthentication = 1;
339 }
340 }
341
342 kumpf 1.2 /* Create a socket pair for communicating with the child process. */
343
344 if (CreateSocketPair(pair) != 0)
345 Fatal(FL, "Failed to create socket pair");
346
347 CloseOnExec(pair[1]);
348
|
349 kumpf 1.4 /* Initialize the log-level from the configuration parameter. */
|
350 kumpf 1.2
|
351 kumpf 1.4 InitLogLevel();
|
352 kumpf 1.2
353 Log(LL_INFORMATION, "starting");
354
355 /* Be sure this process is running as root (otherwise fail). */
356
357 if (setuid(0) != 0 || setgid(0) != 0)
358 Fatal(FL, "attempted to run program as non-root user");
359
360 /* Warn if authentication not enabled (suspicious use of executor). */
361
362 if (!globals.enableAuthentication)
363 Log(LL_WARNING, "authentication is NOT enabled");
364 else
365 Log(LL_TRACE, "authentication is enabled");
366
367 /* Print user info. */
368
369 if (GetUserName(getuid(), username) != 0)
370 Fatal(FL, "cannot resolve user from uid=%d", getuid());
371
372 Log(LL_TRACE, "running as %s (uid=%d, gid=%d)",
373 kumpf 1.2 username, (int)getuid(), (int)getgid());
374
|
375 mateus.baur 1.9 /* Change the current directory */
376
377 #if (defined(PEGASUS_OS_HPUX) || defined(PEGASUS_OS_LINUX)) \
378 && defined(PEGASUS_USE_RELEASE_DIRS)
379 chdir(PEGASUS_CORE_DIR);
380 #else
381 chdir("/");
382 #endif
383
|
384 kumpf 1.2 /* Determine user for running CIMSERVERMAIN. */
385
|
386 kumpf 1.6 GetServerUser(&childUserName, &childUid, &childGid);
|
387 kumpf 1.2
388 /* Fork child process. */
389
390 childPid = fork();
391
392 if (childPid == 0)
393 {
394 /* Child. */
395 close(pair[1]);
|
396 kumpf 1.3 Child(
397 argc,
398 argv,
399 cimservermainPath,
|
400 kumpf 1.6 childUserName,
401 childUid,
402 childGid,
|
403 kumpf 1.3 pair[0]);
|
404 kumpf 1.2 }
405 else if (childPid > 0)
406 {
407 /* Parent. */
408 close(pair[0]);
409 Parent(pair[1], childPid, options.bindVerbose);
410 }
411 else
412 {
413 Fatal(FL, "fork() failed");
414 }
415
416 return 0;
417 }
|