a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce/*
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce SSSD
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce Secrets Responder
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce Copyright (C) Simo Sorce <ssorce@redhat.com> 2016
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce This program is free software; you can redistribute it and/or modify
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce it under the terms of the GNU General Public License as published by
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce the Free Software Foundation; either version 3 of the License, or
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce (at your option) any later version.
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce This program is distributed in the hope that it will be useful,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce but WITHOUT ANY WARRANTY; without even the implied warranty of
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce GNU General Public License for more details.
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce You should have received a copy of the GNU General Public License
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce along with this program. If not, see <http://www.gnu.org/licenses/>.
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce*/
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce#include "util/util.h"
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce#include <sys/socket.h>
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce#include <sys/un.h>
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce#include <popt.h>
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce#include "responder/common/responder.h"
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce#include "responder/secrets/secsrv.h"
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce#include "resolv/async_resolv.h"
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce#define DEFAULT_SEC_FD_LIMIT 2048
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio#define DEFAULT_SEC_CONTAINERS_NEST_LEVEL 4
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio#define DEFAULT_SEC_MAX_SECRETS 1024
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio#define DEFAULT_SEC_MAX_PAYLOAD_SIZE 16
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorcestatic int sec_get_config(struct sec_ctx *sctx)
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce{
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce int ret;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = confdb_get_int(sctx->rctx->cdb,
ff35d4ffe5eedcb484deb7ef1a04c02c19e634c9Jakub Hrozek sctx->rctx->confdb_service_path,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce CONFDB_SERVICE_FD_LIMIT,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEFAULT_SEC_FD_LIMIT,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce &sctx->fd_limit);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (ret != EOK) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG(SSSDBG_FATAL_FAILURE,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce "Failed to get file descriptors limit\n");
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce goto fail;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio ret = confdb_get_int(sctx->rctx->cdb,
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio sctx->rctx->confdb_service_path,
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio CONFDB_SEC_CONTAINERS_NEST_LEVEL,
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio DEFAULT_SEC_CONTAINERS_NEST_LEVEL,
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio &sctx->containers_nest_level);
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio if (ret != EOK) {
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio DEBUG(SSSDBG_FATAL_FAILURE,
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio "Failed to get containers' maximum depth\n");
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio goto fail;
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio }
efc65e78fa4e01e6cecc8690a9899af61213be62Fabiano Fidêncio
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio ret = confdb_get_int(sctx->rctx->cdb,
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio sctx->rctx->confdb_service_path,
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio CONFDB_SEC_MAX_SECRETS,
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio DEFAULT_SEC_MAX_SECRETS,
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio &sctx->max_secrets);
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio if (ret != EOK) {
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio DEBUG(SSSDBG_FATAL_FAILURE,
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio "Failed to get maximum number of entries\n");
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio goto fail;
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio }
65a38b8c9cabde6c46cc0e9868f54cb9bb10afbfFabiano Fidêncio
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio ret = confdb_get_int(sctx->rctx->cdb,
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio sctx->rctx->confdb_service_path,
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio CONFDB_SEC_MAX_PAYLOAD_SIZE,
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio DEFAULT_SEC_MAX_PAYLOAD_SIZE,
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio &sctx->max_payload_size);
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio if (ret != EOK) {
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio DEBUG(SSSDBG_FATAL_FAILURE,
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio "Failed to get payload's maximum size for an entry\n");
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio goto fail;
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio }
7171a7584dda534dde5409f3e7f4657e845ece15Fabiano Fidêncio
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = confdb_get_int(sctx->rctx->cdb, sctx->rctx->confdb_service_path,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce CONFDB_RESPONDER_CLI_IDLE_TIMEOUT,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce CONFDB_RESPONDER_CLI_IDLE_DEFAULT_TIMEOUT,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce &sctx->rctx->client_idle_timeout);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (ret != EOK) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG(SSSDBG_OP_FAILURE,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce "Cannot get the client idle timeout [%d]: %s\n",
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret, strerror(ret));
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce goto fail;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce /* Ensure that the client timeout is at least ten seconds */
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (sctx->rctx->client_idle_timeout < 10) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce sctx->rctx->client_idle_timeout = 10;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = EOK;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorcefail:
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce return ret;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce}
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorcestatic int sec_responder_ctx_destructor(void *ptr)
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce{
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce struct resp_ctx *rctx = talloc_get_type(ptr, struct resp_ctx);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce /* mark that we are shutting down the responder, so it is propagated
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce * into underlying contexts that are freed right before rctx */
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG(SSSDBG_TRACE_FUNC, "Responder is being shut down\n");
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce rctx->shutting_down = true;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce return 0;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce}
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorcestatic int sec_process_init(TALLOC_CTX *mem_ctx,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce struct tevent_context *ev,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce struct confdb_ctx *cdb)
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce{
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce struct resp_ctx *rctx;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce struct sec_ctx *sctx;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce int ret;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce rctx = talloc_zero(mem_ctx, struct resp_ctx);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (!rctx) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing resp_ctx\n");
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce return ENOMEM;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce rctx->ev = ev;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce rctx->cdb = cdb;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce rctx->sock_name = SSS_SEC_SOCKET_NAME;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce rctx->confdb_service_path = CONFDB_SEC_CONF_ENTRY;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce rctx->shutting_down = false;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce talloc_set_destructor((TALLOC_CTX*)rctx, sec_responder_ctx_destructor);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce sctx = talloc_zero(rctx, struct sec_ctx);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (!sctx) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing sec_ctx\n");
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = ENOMEM;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce goto fail;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce sctx->rctx = rctx;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce sctx->rctx->pvt_ctx = sctx;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = sec_get_config(sctx);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (ret != EOK) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG(SSSDBG_FATAL_FAILURE, "fatal error getting secrets config\n");
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce goto fail;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce ret = resolv_init(sctx, ev, SEC_NET_TIMEOUT, &sctx->resctx);
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce if (ret != EOK) {
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce /* not fatal for now */
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce DEBUG(SSSDBG_CRIT_FAILURE, "Failed to initialize resolver library\n");
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce }
8f2a34cc6964a1f80a1434e05315a7ae0bb5774eSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce /* Set up file descriptor limits */
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce responder_set_fd_limit(sctx->fd_limit);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = activate_unix_sockets(rctx, sec_connection_setup);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (ret != EOK) goto fail;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG(SSSDBG_TRACE_FUNC, "Secrets Initialization complete\n");
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce return EOK;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorcefail:
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce talloc_free(rctx);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce return ret;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce}
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorceint main(int argc, const char *argv[])
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce{
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce int opt;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce poptContext pc;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce struct main_context *main_ctx;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce int ret;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce uid_t uid;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce gid_t gid;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce struct poptOption long_options[] = {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce POPT_AUTOHELP
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce SSSD_MAIN_OPTS
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce SSSD_SERVER_OPTS(uid, gid)
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce POPT_TABLEEND
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce };
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce /* Set debug level to invalid value so we can deside if -d 0 was used. */
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce debug_level = SSSDBG_INVALID;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce umask(DFL_RSP_UMASK);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce pc = poptGetContext(argv[0], argc, argv, long_options, 0);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce while((opt = poptGetNextOpt(pc)) != -1) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce switch(opt) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce default:
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce fprintf(stderr, "\nInvalid option %s: %s\n\n",
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce poptBadOption(pc, 0), poptStrerror(opt));
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce poptPrintUsage(pc, stderr, 0);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce return 1;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce poptFreeContext(pc);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG_INIT(debug_level);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce /* set up things like debug, signals, daemonization, etc... */
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce debug_log_file = "sssd_secrets";
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = server_setup("sssd[secrets]", 0, uid, gid, CONFDB_SEC_CONF_ENTRY,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce &main_ctx);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (ret != EOK) return 2;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = die_if_parent_died();
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (ret != EOK) {
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce /* This is not fatal, don't return */
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce DEBUG(SSSDBG_OP_FAILURE,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce "Could not set up to exit when parent process does\n");
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce }
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce ret = sec_process_init(main_ctx,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce main_ctx->event_ctx,
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce main_ctx->confdb_ctx);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce if (ret != EOK) return 3;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce /* loop on main */
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce server_loop(main_ctx);
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce return 0;
a8d1a344e580f29699aed9b88d87fc3c6f5d113bSimo Sorce}