responder/sudo/sudosrv.c

	sudosrv.c revision b95c6b5485eee5f45f62f87df77c9178857d625e
2665d7759e63acff0bcd4135678f2cc6f2041d46Christian Maeder/*
9658657e918981d91c8647ed8c220464f10a6235Christian Maeder    Authors:
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder        Pavel Březina <pbrezina@redhat.com>
e6d40133bc9f858308654afb1262b8b483ec5922Till Mossakowski
d5fe06af711a6912ae028ebf873eada4ee8733f8Christian Maeder    Copyright (C) 2011 Red Hat
98890889ffb2e8f6f722b00e265a211f13b5a861Corneliu-Claudiu Prodescu
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder    This program is free software; you can redistribute it and/or modify
3f69b6948966979163bdfe8331c38833d5d90ecdChristian Maeder    it under the terms of the GNU General Public License as published by
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder    the Free Software Foundation; either version 3 of the License, or
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder    (at your option) any later version.
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder
e6d40133bc9f858308654afb1262b8b483ec5922Till Mossakowski    This program is distributed in the hope that it will be useful,
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder    but WITHOUT ANY WARRANTY; without even the implied warranty of
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
bdeddba30d29f413af1e1ae6b6bab275c017bd98Christian Maeder    GNU General Public License for more details.
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    You should have received a copy of the GNU General Public License
ae35311385999d91f812155fe99439724d54063bChristian Maeder    along with this program.  If not, see <http://www.gnu.org/licenses/>.
46b207daf66b64930a59f3615c8b127aac0b8e43Christian Maeder*/
3143271856dbf456bd7acc1c07193173f886d986Christian Maeder
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder#include <popt.h>
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder
78e7910c3360f74f1db172d63d20bb07c64e56e3Christian Maeder#include "util/util.h"
47d6bc7bc9a708427f96be8d805f712697ad3d9eChristian Maeder#include "confdb/confdb.h"
f9e0b18852b238ddb649d341194e05d7200d1bbeChristian Maeder#include "monitor/monitor_interfaces.h"
697e63e30aa3c309a1ef1f9357745111f8dfc5a9Christian Maeder#include "responder/common/responder.h"
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder#include "responder/sudo/sudosrv_private.h"
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder#include "providers/data_provider.h"
ad270004874ce1d0697fb30d7309f180553bb315Christian Maeder
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maederstruct sbus_method monitor_sudo_methods[] = {
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder    { MON_CLI_METHOD_PING, monitor_common_pong },
46b1095ba983ce859e17c2a12f48b50583b7150cChristian Maeder    { MON_CLI_METHOD_RES_INIT, monitor_common_res_init },
411392046c2ba1752cde81eaa92a95a2c28b672dChristian Maeder    { MON_CLI_METHOD_ROTATE, responder_logrotate },
f8cc2399c16fcda7e3bf9d901a0de0cc8a455f86Ewaryst Schulz    { NULL, NULL }
78e7910c3360f74f1db172d63d20bb07c64e56e3Christian Maeder};
78e7910c3360f74f1db172d63d20bb07c64e56e3Christian Maeder
46b207daf66b64930a59f3615c8b127aac0b8e43Christian Maederstruct sbus_interface monitor_sudo_interface = {
46b1095ba983ce859e17c2a12f48b50583b7150cChristian Maeder    MONITOR_INTERFACE,
46b1095ba983ce859e17c2a12f48b50583b7150cChristian Maeder    MONITOR_PATH,
48a98aa04f4c2c1f5f8f79c007e1ff95e699b31aFlorian Mossakowski    SBUS_DEFAULT_VTABLE,
c8a9d35be2207e0d4fbd26a2411e1ba17e3e4c96Christian Maeder    monitor_sudo_methods,
c2257f94016aeb9e5c3ff3d4d675a81f8f873f0dChristian Maeder    NULL
3986813db69106b9bb1b62faa77532af42512a0cChristian Maeder};
3986813db69106b9bb1b62faa77532af42512a0cChristian Maeder
3986813db69106b9bb1b62faa77532af42512a0cChristian Maederstatic struct sbus_method sudo_dp_methods[] = {
596a8e9039bd2f42c09cc0da4a57c8073f96fbddChristian Maeder    { NULL, NULL }
596a8e9039bd2f42c09cc0da4a57c8073f96fbddChristian Maeder};
596a8e9039bd2f42c09cc0da4a57c8073f96fbddChristian Maeder
46b1095ba983ce859e17c2a12f48b50583b7150cChristian Maederstruct sbus_interface sudo_dp_interface = {
e982190515f83fe6615436530ebe89bb320770d6Christian Maeder    DP_INTERFACE,
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder    DP_PATH,
f04e8f3ff56405901be968fd4c6e9769239f1a9bKlaus Luettich    SBUS_DEFAULT_VTABLE,
08d506ebb78da1e8656a73a349492e042f4c9f72Christian Maeder    sudo_dp_methods,
d27d203b3f42f0e0ecea00e3f19f55f66045bd96Christian Maeder    NULL
46b1095ba983ce859e17c2a12f48b50583b7150cChristian Maeder};
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maederstatic void sudo_dp_reconnect_init(struct sbus_connection *conn,
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder                                   int status,
ec351e60425e2f99448cb44e933d3828f8025dddChristian Maeder                                   void *pvt)
56440c7ae61e7277a3494452d0165ee52e677b29Christian Maeder{
56440c7ae61e7277a3494452d0165ee52e677b29Christian Maeder    struct be_conn *be_conn = talloc_get_type(pvt, struct be_conn);
ec351e60425e2f99448cb44e933d3828f8025dddChristian Maeder    int ret;
ec351e60425e2f99448cb44e933d3828f8025dddChristian Maeder
56440c7ae61e7277a3494452d0165ee52e677b29Christian Maeder    /* Did we reconnect successfully? */
9603ad7198b72e812688ad7970e4eac4b553837aKlaus Luettich    if (status == SBUS_RECONNECT_SUCCESS) {
1842453990fed8a1bd7a5ac792d7982c1d2bfcd5Christian Maeder        DEBUG(SSSDBG_TRACE_FUNC, ("Reconnected to the Data Provider.\n"));
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder
2dcec0e101ddd4169f5323462911e988337c2deeChristian Maeder        /* Identify ourselves to the data provider */
0b73fd9cab131c1b25b542007c98b5f8717b1d36Klaus Luettich        ret = dp_common_send_id(be_conn->conn,
9f08800df9da91d444560875167fbf7acb8396edChristian Maeder                                DATA_PROVIDER_VERSION,
333780eae2be9f20fe46dedbf5eb46ffa0cbfd02Christian Maeder                                "SUDO");
ec25781c1180ea07f66b48c34f93cf5634e9277cChristian Maeder        /* all fine */
46b1095ba983ce859e17c2a12f48b50583b7150cChristian Maeder        if (ret == EOK) {
64c2422e1ba0691556a6639e959820add102315cChristian Maeder            handle_requests_after_reconnect(be_conn->rctx);
938677803842b384a91fef21f58f86b8e3188b43Ewaryst Schulz            return;
4c8d3c5a9e938633f6147b5a595b9b93bfca99e6Christian Maeder        }
b53688bfed888214b485cf76439d57262d80e0a7Christian Maeder    }
63da71bfb4226f504944b293fb77177ebcaea7d4Ewaryst Schulz
63da71bfb4226f504944b293fb77177ebcaea7d4Ewaryst Schulz    /* Failed to reconnect */
f8cc2399c16fcda7e3bf9d901a0de0cc8a455f86Ewaryst Schulz    DEBUG(SSSDBG_FATAL_FAILURE, ("Could not reconnect to %s provider.\n",
b83ff3749d99d03b641adee264b781039a551addChristian Maeder                                 be_conn->domain->name));
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder}
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder
c2257f94016aeb9e5c3ff3d4d675a81f8f873f0dChristian Maederint sudo_process_init(TALLOC_CTX *mem_ctx,
c2257f94016aeb9e5c3ff3d4d675a81f8f873f0dChristian Maeder                      struct tevent_context *ev,
0850c3e5fb6285405ebaeb5aa433985203ac892dEwaryst Schulz                      struct confdb_ctx *cdb)
bdf2e01977470bedcb4425e2dadabc9e9f6ba149Ewaryst Schulz{
bdf2e01977470bedcb4425e2dadabc9e9f6ba149Ewaryst Schulz    struct sss_cmd_table *sudo_cmds;
bdf2e01977470bedcb4425e2dadabc9e9f6ba149Ewaryst Schulz    struct sudo_ctx *sudo_ctx;
0850c3e5fb6285405ebaeb5aa433985203ac892dEwaryst Schulz    struct be_conn *iter;
bdf2e01977470bedcb4425e2dadabc9e9f6ba149Ewaryst Schulz    int ret;
bdf2e01977470bedcb4425e2dadabc9e9f6ba149Ewaryst Schulz    int max_retries;
938677803842b384a91fef21f58f86b8e3188b43Ewaryst Schulz
0850c3e5fb6285405ebaeb5aa433985203ac892dEwaryst Schulz    sudo_ctx = talloc_zero(mem_ctx, struct sudo_ctx);
e49fd57c63845c7806860a9736ad09f6d44dbaedChristian Maeder    if (!sudo_ctx) {
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder        DEBUG(SSSDBG_FATAL_FAILURE, ("fatal error initializing sudo_ctx\n"));
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder        return ENOMEM;
bbba6dd86153aacb0f662b182b128df0eb09fd54Christian Maeder    }
bbba6dd86153aacb0f662b182b128df0eb09fd54Christian Maeder
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder    sudo_cmds = get_sudo_cmds();
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    ret = sss_process_init(sudo_ctx, ev, cdb,
a43c1a7fa08c12524415386aa13a566cc9e53a4fChristian Maeder                           sudo_cmds,
a43c1a7fa08c12524415386aa13a566cc9e53a4fChristian Maeder                           SSS_SUDO_SOCKET_NAME, NULL,
72079df98b3cb7cc1fd82a0a24984893dcd05ecaEwaryst Schulz                           CONFDB_SUDO_CONF_ENTRY,
5ca1fe655d7d4e35e59a082b5955b306643329d0Ewaryst Schulz                           SSS_SUDO_SBUS_SERVICE_NAME,
5f2c34b8971f9ca7e63364b69e167851d001168eEwaryst Schulz                           SSS_SUDO_SBUS_SERVICE_VERSION,
5f2c34b8971f9ca7e63364b69e167851d001168eEwaryst Schulz                           &monitor_sudo_interface,
bdf2e01977470bedcb4425e2dadabc9e9f6ba149Ewaryst Schulz                           "SUDO",
0850c3e5fb6285405ebaeb5aa433985203ac892dEwaryst Schulz                           &sudo_dp_interface,
5f2c34b8971f9ca7e63364b69e167851d001168eEwaryst Schulz                           &sudo_ctx->rctx);
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    if (ret != EOK) {
9b3aefff51492156e8e7f7f6a57986dac35a55fcChristian Maeder        return ret;
ce900a84ed9d9882c64fccbd6300f6b0d67efa82Christian Maeder    }
48a98aa04f4c2c1f5f8f79c007e1ff95e699b31aFlorian Mossakowski    sudo_ctx->rctx->pvt_ctx = sudo_ctx;
e49fd57c63845c7806860a9736ad09f6d44dbaedChristian Maeder
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder    /* Enable automatic reconnection to the Data Provider */
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    ret = confdb_get_int(sudo_ctx->rctx->cdb,
53e165a53dfa59f717588d1f8236c9a763826525Christian Maeder                         CONFDB_SUDO_CONF_ENTRY,
53e165a53dfa59f717588d1f8236c9a763826525Christian Maeder                         CONFDB_SERVICE_RECON_RETRIES,
1937dccb04b363364f7a7de17fdaae1d70583af9Christian Maeder                         3, &max_retries);
53e165a53dfa59f717588d1f8236c9a763826525Christian Maeder    if (ret != EOK) {
53e165a53dfa59f717588d1f8236c9a763826525Christian Maeder        DEBUG(SSSDBG_FATAL_FAILURE,
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder              ("Failed to set up automatic reconnection\n"));
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder        return ret;
08d506ebb78da1e8656a73a349492e042f4c9f72Christian Maeder    }
08d506ebb78da1e8656a73a349492e042f4c9f72Christian Maeder
f6b2c6c33c635279973b8f378470da7dbb8ecee8Christian Maeder    for (iter = sudo_ctx->rctx->be_conns; iter; iter = iter->next) {
d27d203b3f42f0e0ecea00e3f19f55f66045bd96Christian Maeder        sbus_reconnect_init(iter->conn, max_retries,
d27d203b3f42f0e0ecea00e3f19f55f66045bd96Christian Maeder                            sudo_dp_reconnect_init, iter);
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    }
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    /* Get responder options */
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder
e49fd57c63845c7806860a9736ad09f6d44dbaedChristian Maeder    /* Get sudo_timed option */
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder    ret = confdb_get_bool(sudo_ctx->rctx->cdb,
e6ac593966607b1da5b619e0f9492d37820eed74Christian Maeder                          CONFDB_SUDO_CONF_ENTRY, CONFDB_SUDO_TIMED,
f6b2c6c33c635279973b8f378470da7dbb8ecee8Christian Maeder                          CONFDB_DEFAULT_SUDO_TIMED,
1937dccb04b363364f7a7de17fdaae1d70583af9Christian Maeder                          &sudo_ctx->timed);
e6ac593966607b1da5b619e0f9492d37820eed74Christian Maeder    if (ret != EOK) {
f6b2c6c33c635279973b8f378470da7dbb8ecee8Christian Maeder        DEBUG(SSSDBG_FATAL_FAILURE, ("Error reading from confdb (%d) [%s]\n",
f6b2c6c33c635279973b8f378470da7dbb8ecee8Christian Maeder              ret, strerror(ret)));
f6b2c6c33c635279973b8f378470da7dbb8ecee8Christian Maeder        return ret;
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    }
f6b2c6c33c635279973b8f378470da7dbb8ecee8Christian Maeder
e6ac593966607b1da5b619e0f9492d37820eed74Christian Maeder    DEBUG(SSSDBG_TRACE_FUNC, ("SUDO Initialization complete\n"));
e6ac593966607b1da5b619e0f9492d37820eed74Christian Maeder
e6ac593966607b1da5b619e0f9492d37820eed74Christian Maeder    return EOK;
e6ac593966607b1da5b619e0f9492d37820eed74Christian Maeder}
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maederint main(int argc, const char *argv[])
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder{
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    int opt;
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    poptContext pc;
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    struct main_context *main_ctx;
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    int ret;
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    struct poptOption long_options[] = {
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder        POPT_AUTOHELP
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder        SSSD_MAIN_OPTS
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder        POPT_TABLEEND
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder    };
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder
e49fd57c63845c7806860a9736ad09f6d44dbaedChristian Maeder    /* Set debug level to invalid value so we can deside if -d 0 was used. */
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder    debug_level = SSSDBG_INVALID;
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder
1bc5dccbf0083a620ae1181c717fea75e4af5e5cChristian Maeder    pc = poptGetContext(argv[0], argc, argv, long_options, 0);
ab9b86500ed66416e1a7c01be54491ed72c7d633Christian Maeder    while((opt = poptGetNextOpt(pc)) != -1) {
5382091fd2a705e6f026026e8a6adcd3607bdb9fChristian Maeder        switch(opt) {
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder        default:
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder            fprintf(stderr, "\nInvalid option %s: %s\n\n",
e6ac593966607b1da5b619e0f9492d37820eed74Christian Maeder                  poptBadOption(pc, 0), poptStrerror(opt));
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder            poptPrintUsage(pc, stderr, 0);
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder            return 1;
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder        }
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder    }
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    poptFreeContext(pc);
25662bf82f592e3268fddcc2c86e83c203b82e53Ewaryst Schulz
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder    CONVERT_AND_SET_DEBUG_LEVEL(debug_level);
154be5bfac61cf5b61fd1571e7bfc2572c4b546aMihai Codescu
154be5bfac61cf5b61fd1571e7bfc2572c4b546aMihai Codescu    /* set up things like debug, signals, daemonization, etc... */
25662bf82f592e3268fddcc2c86e83c203b82e53Ewaryst Schulz    debug_log_file = "sssd_sudo";
21489db35f79507a68ee6e6926e01b8e8ea60c6bChristian Maeder
7fe976d9f9c4af1aa7636c568d9919859523de0aChristian Maeder    ret = server_setup("sssd[sudo]", 0, CONFDB_SUDO_CONF_ENTRY, &main_ctx);
7fe976d9f9c4af1aa7636c568d9919859523de0aChristian Maeder    if (ret != EOK) {
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder        return 2;
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    }
25662bf82f592e3268fddcc2c86e83c203b82e53Ewaryst Schulz
154be5bfac61cf5b61fd1571e7bfc2572c4b546aMihai Codescu    ret = die_if_parent_died();
154be5bfac61cf5b61fd1571e7bfc2572c4b546aMihai Codescu    if (ret != EOK) {
7fe976d9f9c4af1aa7636c568d9919859523de0aChristian Maeder        /* This is not fatal, don't return */
154be5bfac61cf5b61fd1571e7bfc2572c4b546aMihai Codescu        DEBUG(SSSDBG_OP_FAILURE, ("Could not set up to exit "
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder                                  "when parent process does\n"));
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder    }
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder    ret = sudo_process_init(main_ctx,
63719301448519453f66383f4e583d9fd5b89ecbChristian Maeder                            main_ctx->event_ctx,
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder                            main_ctx->confdb_ctx);
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder    if (ret != EOK) {
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder        return 3;
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder    }
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder    /* loop on main */
706201451843aa76b8d862de800570c9838c9910Christian Maeder    server_loop(main_ctx);
4067eba4f5605d9569d78085deb1a27f08ac34e2Christian Maeder
38824a7dba4f7d82532afec67e0b594a5af5d76bChristian Maeder    return 0;
ec351e60425e2f99448cb44e933d3828f8025dddChristian Maeder}
56440c7ae61e7277a3494452d0165ee52e677b29Christian Maeder