fmd_rpc.c revision d9638e547d8811f2c689977f8dd2a353938b61fd
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2005 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
#include <netdir.h>
#include <strings.h>
#include <alloca.h>
#include <limits.h>
#include <unistd.h>
#include <ucred.h>
#include <priv.h>
#include <fmd_rpc_api.h>
#include <fmd_rpc_adm.h>
#include <fmd_subr.h>
#include <fmd_error.h>
#include <fmd_thread.h>
#include <fmd_conf.h>
#include <fmd_api.h>
#include <fmd.h>
/*
* Define range of transient RPC program numbers to use for transient bindings.
* These are defined in the Solaris ONC+ Developer's Guide, Appendix B, but
* are cleverly not defined in any ONC+ standard system header file.
*/
#define RPC_TRANS_MIN 0x40000000
#define RPC_TRANS_MAX 0x5fffffff
/*
* We use our own private version of svc_create() which registers our services
* only on loopback transports and enables an option whereby Solaris ucreds
* are associated with each connection, permitting us to check privilege bits.
*/
static int
{
void *hdl;
int fd, n = 0;
"netconfig database: %s\n", nc_sperror());
return (fmd_set_errno(EFMD_RPC_REG));
}
if (force)
continue;
(void) endnetconfig(hdl);
return (fmd_set_errno(EFMD_RPC_BOUND));
}
continue;
}
continue;
}
continue;
}
n++;
}
(void) endnetconfig(hdl);
/*
* If we failed to register services (n == 0) because rpcbind is down,
* then check to see if the RPC door file exists before attempting an
* svc_door_create(), which cleverly destroys any existing door file.
* The RPC APIs have no stable errnos, so we use rpcb_gettime() as a
* hack to determine if rpcbind itself is down.
*/
return (fmd_set_errno(EFMD_RPC_BOUND));
/*
* Attempt to create a door server for the RPC program as well. Limit
* the maximum request size for the door transport to the receive size.
*/
} else {
n++;
}
return (n);
}
static int
{
char buf[16];
/*
* To aid simulator scripts, save our RPC "digits" in
* the specified file for rendezvous with libfmd_adm.
*/
}
return (0);
}
}
return (-1); /* errno is set for us */
}
void
fmd_rpc_init(void)
{
const char *s;
fmd_panic("failed to enable user-MT rpc mode");
/*
* Infer whether we are the "default" fault manager or an alternate one
* based on whether the initial setting of rpc.adm.prog is non-zero.
*/
if (prog != 0) {
} else {
}
if (err != 0)
}
void
fmd_rpc_fini(void)
{
svc_exit(); /* force svc_run() threads to exit */
}
/*
* Utillity function to fetch the XPRT's ucred and determine if we should deny
* the request. For now, we implement a simple policy of rejecting any caller
* who does not have the PRIV_SYS_CONFIG bit in their Effective privilege set,
* unless the caller is loading a module, which requires all privileges.
*/
int
{
const priv_set_t *psp;
return (1); /* deny access if we can't get credentials */
#ifndef DEBUG
/*
* For convenience of testing, we only require all privileges for a
* module load when running a non-DEBUG fault management daemon.
*/
return (!priv_isfullset(psp));
#endif
}