1 /*-
2 * Copyright (c) 2012 The FreeBSD Foundation
3 * All rights reserved.
4 *
5 * This software was developed by Pawel Jakub Dawidek under sponsorship from
6 * the FreeBSD Foundation.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 *
17 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 * SUCH DAMAGE.
28 */
29
30 #include <config/config.h>
31
32 #include <sys/param.h>
33 #if defined(HAVE_SYS_ENDIAN_H) && defined(HAVE_BSWAP)
34 #include <sys/endian.h>
35 #else /* !HAVE_SYS_ENDIAN_H || !HAVE_BSWAP */
36 #ifdef HAVE_MACHINE_ENDIAN_H
37 #include <machine/endian.h>
38 #else /* !HAVE_MACHINE_ENDIAN_H */
39 #ifdef HAVE_ENDIAN_H
40 #include <endian.h>
41 #else /* !HAVE_ENDIAN_H */
42 #error "No supported endian.h"
43 #endif /* !HAVE_ENDIAN_H */
44 #endif /* !HAVE_MACHINE_ENDIAN_H */
45 #include <compat/endian.h>
46 #endif /* !HAVE_SYS_ENDIAN_H || !HAVE_BSWAP */
47 #include <sys/queue.h>
48 #include <sys/wait.h>
49
50 #include <ctype.h>
51 #include <err.h>
52 #include <errno.h>
53 #include <fcntl.h>
54 #ifdef HAVE_LIBUTIL_H
55 #include <libutil.h>
56 #endif
57 #include <signal.h>
58 #include <stdio.h>
59 #include <stdlib.h>
60 #include <string.h>
61 #include <strings.h>
62 #include <unistd.h>
63
64 #include <openssl/hmac.h>
65
66 #ifndef HAVE_PIDFILE_OPEN
67 #include <compat/pidfile.h>
68 #endif
69 #ifndef HAVE_STRLCPY
70 #include <compat/strlcpy.h>
71 #endif
72 #ifndef HAVE_SIGTIMEDWAIT
73 #include "sigtimedwait.h"
74 #endif
75
76 #include "auditdistd.h"
77 #include "pjdlog.h"
78 #include "proto.h"
79 #include "subr.h"
80 #include "synch.h"
81
82 /* Path to configuration file. */
83 const char *cfgpath = ADIST_CONFIG;
84 /* Auditdistd configuration. */
85 static struct adist_config *adcfg;
86 /* Was SIGINT or SIGTERM signal received? */
87 bool sigexit_received = false;
88 /* PID file handle. */
89 struct pidfh *pfh;
90
91 /* How often check for hooks running for too long. */
92 #define SIGNALS_CHECK_INTERVAL 5
93
94 static void
usage(void)95 usage(void)
96 {
97
98 errx(EX_USAGE, "[-dFhl] [-c config] [-P pidfile]");
99 }
100
101 void
descriptors_cleanup(struct adist_host * adhost)102 descriptors_cleanup(struct adist_host *adhost)
103 {
104 struct adist_host *adh;
105 struct adist_listen *lst;
106
107 TAILQ_FOREACH(adh, &adcfg->adc_hosts, adh_next) {
108 if (adh == adhost)
109 continue;
110 if (adh->adh_remote != NULL) {
111 proto_close(adh->adh_remote);
112 adh->adh_remote = NULL;
113 }
114 }
115 TAILQ_FOREACH(lst, &adcfg->adc_listen, adl_next) {
116 if (lst->adl_conn != NULL)
117 proto_close(lst->adl_conn);
118 }
119 (void)pidfile_close(pfh);
120 pjdlog_fini();
121 }
122
123 static void
child_cleanup(struct adist_host * adhost)124 child_cleanup(struct adist_host *adhost)
125 {
126
127 if (adhost->adh_conn != NULL) {
128 PJDLOG_ASSERT(adhost->adh_role == ADIST_ROLE_SENDER);
129 proto_close(adhost->adh_conn);
130 adhost->adh_conn = NULL;
131 }
132 adhost->adh_worker_pid = 0;
133 }
134
135 static void
child_exit_log(const char * type,unsigned int pid,int status)136 child_exit_log(const char *type, unsigned int pid, int status)
137 {
138
139 if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
140 pjdlog_debug(1, "%s process exited gracefully (pid=%u).",
141 type, pid);
142 } else if (WIFSIGNALED(status)) {
143 pjdlog_error("%s process killed (pid=%u, signal=%d).",
144 type, pid, WTERMSIG(status));
145 } else {
146 pjdlog_error("%s process exited ungracefully (pid=%u, exitcode=%d).",
147 type, pid, WIFEXITED(status) ? WEXITSTATUS(status) : -1);
148 }
149 }
150
151 static void
child_exit(void)152 child_exit(void)
153 {
154 struct adist_host *adhost;
155 bool restart;
156 int status;
157 pid_t pid;
158
159 restart = false;
160 while ((pid = wait3(&status, WNOHANG, NULL)) > 0) {
161 /* Find host related to the process that just exited. */
162 TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
163 if (pid == adhost->adh_worker_pid)
164 break;
165 }
166 if (adhost == NULL) {
167 child_exit_log("Sandbox", pid, status);
168 } else {
169 if (adhost->adh_role == ADIST_ROLE_SENDER)
170 restart = true;
171 pjdlog_prefix_set("[%s] (%s) ", adhost->adh_name,
172 role2str(adhost->adh_role));
173 child_exit_log("Worker", pid, status);
174 child_cleanup(adhost);
175 pjdlog_prefix_set("%s", "");
176 }
177 }
178 if (!restart)
179 return;
180 /* We have some sender processes to restart. */
181 sleep(1);
182 TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
183 if (adhost->adh_role != ADIST_ROLE_SENDER)
184 continue;
185 if (adhost->adh_worker_pid != 0)
186 continue;
187 pjdlog_prefix_set("[%s] (%s) ", adhost->adh_name,
188 role2str(adhost->adh_role));
189 pjdlog_info("Restarting sender process.");
190 adist_sender(adcfg, adhost);
191 pjdlog_prefix_set("%s", "");
192 }
193 }
194
195 /* TODO */
196 static void
adist_reload(void)197 adist_reload(void)
198 {
199
200 pjdlog_info("Reloading configuration is not yet implemented.");
201 }
202
203 static void
terminate_workers(void)204 terminate_workers(void)
205 {
206 struct adist_host *adhost;
207
208 pjdlog_info("Termination signal received, exiting.");
209 TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
210 if (adhost->adh_worker_pid == 0)
211 continue;
212 pjdlog_info("Terminating worker process (adhost=%s, role=%s, pid=%u).",
213 adhost->adh_name, role2str(adhost->adh_role),
214 adhost->adh_worker_pid);
215 if (kill(adhost->adh_worker_pid, SIGTERM) == 0)
216 continue;
217 pjdlog_errno(LOG_WARNING,
218 "Unable to send signal to worker process (adhost=%s, role=%s, pid=%u).",
219 adhost->adh_name, role2str(adhost->adh_role),
220 adhost->adh_worker_pid);
221 }
222 }
223
224 static void
listen_accept(struct adist_listen * lst)225 listen_accept(struct adist_listen *lst)
226 {
227 unsigned char rnd[32], hash[32], resp[32];
228 struct adist_host *adhost;
229 struct proto_conn *conn;
230 char adname[ADIST_HOSTSIZE];
231 char laddr[256], raddr[256];
232 char welcome[8];
233 int status, version;
234 pid_t pid;
235
236 proto_local_address(lst->adl_conn, laddr, sizeof(laddr));
237 pjdlog_debug(1, "Accepting connection to %s.", laddr);
238
239 if (proto_accept(lst->adl_conn, &conn) == -1) {
240 pjdlog_errno(LOG_ERR, "Unable to accept connection to %s",
241 laddr);
242 return;
243 }
244
245 proto_local_address(conn, laddr, sizeof(laddr));
246 proto_remote_address(conn, raddr, sizeof(raddr));
247 pjdlog_info("Connection from %s to %s.", raddr, laddr);
248
249 /* Error in setting timeout is not critical, but why should it fail? */
250 if (proto_timeout(conn, ADIST_TIMEOUT) < 0)
251 pjdlog_errno(LOG_WARNING, "Unable to set connection timeout");
252
253 /*
254 * Before receiving any data see if remote host is known.
255 */
256 TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
257 if (adhost->adh_role != ADIST_ROLE_RECEIVER)
258 continue;
259 if (!proto_address_match(conn, adhost->adh_remoteaddr))
260 continue;
261 break;
262 }
263 if (adhost == NULL) {
264 pjdlog_error("Client %s is not known.", raddr);
265 goto close;
266 }
267 /* Ok, remote host is known. */
268
269 /* Exchange welcome message, which include version number. */
270 bzero(welcome, sizeof(welcome));
271 if (proto_recv(conn, welcome, sizeof(welcome)) == -1) {
272 pjdlog_errno(LOG_WARNING,
273 "Unable to receive welcome message from %s",
274 adhost->adh_remoteaddr);
275 goto close;
276 }
277 if (strncmp(welcome, "ADIST", 5) != 0 || !isdigit(welcome[5]) ||
278 !isdigit(welcome[6]) || welcome[7] != '\0') {
279 pjdlog_warning("Invalid welcome message from %s.",
280 adhost->adh_remoteaddr);
281 goto close;
282 }
283
284 version = MIN(ADIST_VERSION, atoi(welcome + 5));
285
286 (void)snprintf(welcome, sizeof(welcome), "ADIST%02d", version);
287 if (proto_send(conn, welcome, sizeof(welcome)) == -1) {
288 pjdlog_errno(LOG_WARNING,
289 "Unable to send welcome message to %s",
290 adhost->adh_remoteaddr);
291 goto close;
292 }
293
294 if (proto_recv(conn, adname, sizeof(adhost->adh_name)) < 0) {
295 pjdlog_errno(LOG_ERR, "Unable to receive hostname from %s",
296 raddr);
297 goto close;
298 }
299
300 /* Find host now that we have hostname. */
301 TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
302 if (adhost->adh_role != ADIST_ROLE_RECEIVER)
303 continue;
304 if (!proto_address_match(conn, adhost->adh_remoteaddr))
305 continue;
306 if (strcmp(adhost->adh_name, adname) != 0)
307 continue;
308 break;
309 }
310 if (adhost == NULL) {
311 pjdlog_error("No configuration for host %s from address %s.",
312 adname, raddr);
313 goto close;
314 }
315
316 adhost->adh_version = version;
317 pjdlog_debug(1, "Version %d negotiated with %s.", adhost->adh_version,
318 adhost->adh_remoteaddr);
319
320 /* Now that we know host name setup log prefix. */
321 pjdlog_prefix_set("[%s] (%s) ", adhost->adh_name,
322 role2str(adhost->adh_role));
323
324 if (adist_random(rnd, sizeof(rnd)) == -1) {
325 pjdlog_error("Unable to generate challenge.");
326 goto close;
327 }
328 pjdlog_debug(1, "Challenge generated.");
329
330 if (proto_send(conn, rnd, sizeof(rnd)) == -1) {
331 pjdlog_errno(LOG_ERR, "Unable to send challenge to %s",
332 adhost->adh_remoteaddr);
333 goto close;
334 }
335 pjdlog_debug(1, "Challenge sent.");
336
337 if (proto_recv(conn, resp, sizeof(resp)) == -1) {
338 pjdlog_errno(LOG_ERR, "Unable to receive response from %s",
339 adhost->adh_remoteaddr);
340 goto close;
341 }
342 pjdlog_debug(1, "Response received.");
343
344 if (HMAC(EVP_sha256(), adhost->adh_password,
345 (int)strlen(adhost->adh_password), rnd, (int)sizeof(rnd), hash,
346 NULL) == NULL) {
347 pjdlog_error("Unable to generate hash.");
348 goto close;
349 }
350 pjdlog_debug(1, "Hash generated.");
351
352 if (memcmp(resp, hash, sizeof(hash)) != 0) {
353 pjdlog_error("Invalid response from %s (wrong password?).",
354 adhost->adh_remoteaddr);
355 goto close;
356 }
357 pjdlog_info("Sender authenticated.");
358
359 if (proto_recv(conn, rnd, sizeof(rnd)) == -1) {
360 pjdlog_errno(LOG_ERR, "Unable to receive challenge from %s",
361 adhost->adh_remoteaddr);
362 goto close;
363 }
364 pjdlog_debug(1, "Challenge received.");
365
366 if (HMAC(EVP_sha256(), adhost->adh_password,
367 (int)strlen(adhost->adh_password), rnd, (int)sizeof(rnd), hash,
368 NULL) == NULL) {
369 pjdlog_error("Unable to generate response.");
370 goto close;
371 }
372 pjdlog_debug(1, "Response generated.");
373
374 if (proto_send(conn, hash, sizeof(hash)) == -1) {
375 pjdlog_errno(LOG_ERR, "Unable to send response to %s",
376 adhost->adh_remoteaddr);
377 goto close;
378 }
379 pjdlog_debug(1, "Response sent.");
380
381 if (adhost->adh_worker_pid != 0) {
382 pjdlog_debug(1,
383 "Receiver process exists (pid=%u), stopping it.",
384 (unsigned int)adhost->adh_worker_pid);
385 /* Stop child process. */
386 if (kill(adhost->adh_worker_pid, SIGINT) == -1) {
387 pjdlog_errno(LOG_ERR,
388 "Unable to stop worker process (pid=%u)",
389 (unsigned int)adhost->adh_worker_pid);
390 /*
391 * Other than logging the problem we
392 * ignore it - nothing smart to do.
393 */
394 }
395 /* Wait for it to exit. */
396 else if ((pid = waitpid(adhost->adh_worker_pid,
397 &status, 0)) != adhost->adh_worker_pid) {
398 /* We can only log the problem. */
399 pjdlog_errno(LOG_ERR,
400 "Waiting for worker process (pid=%u) failed",
401 (unsigned int)adhost->adh_worker_pid);
402 } else {
403 child_exit_log("Worker", adhost->adh_worker_pid,
404 status);
405 }
406 child_cleanup(adhost);
407 }
408
409 adhost->adh_remote = conn;
410 adist_receiver(adcfg, adhost);
411
412 pjdlog_prefix_set("%s", "");
413 return;
414 close:
415 proto_close(conn);
416 pjdlog_prefix_set("%s", "");
417 }
418
419 static void
connection_migrate(struct adist_host * adhost)420 connection_migrate(struct adist_host *adhost)
421 {
422 struct proto_conn *conn;
423 int16_t val = 0;
424
425 pjdlog_prefix_set("[%s] (%s) ", adhost->adh_name,
426 role2str(adhost->adh_role));
427
428 PJDLOG_ASSERT(adhost->adh_role == ADIST_ROLE_SENDER);
429
430 if (proto_recv(adhost->adh_conn, &val, sizeof(val)) < 0) {
431 pjdlog_errno(LOG_WARNING,
432 "Unable to receive connection command");
433 return;
434 }
435 if (proto_set("tls:fingerprint", adhost->adh_fingerprint) == -1) {
436 val = errno;
437 pjdlog_errno(LOG_WARNING, "Unable to set fingerprint");
438 goto out;
439 }
440 if (proto_connect(adhost->adh_localaddr[0] != '\0' ?
441 adhost->adh_localaddr : NULL,
442 adhost->adh_remoteaddr, -1, &conn) < 0) {
443 val = errno;
444 pjdlog_errno(LOG_WARNING, "Unable to connect to %s",
445 adhost->adh_remoteaddr);
446 goto out;
447 }
448 val = 0;
449 out:
450 if (proto_send(adhost->adh_conn, &val, sizeof(val)) < 0) {
451 pjdlog_errno(LOG_WARNING,
452 "Unable to send reply to connection request");
453 }
454 if (val == 0 && proto_connection_send(adhost->adh_conn, conn) < 0)
455 pjdlog_errno(LOG_WARNING, "Unable to send connection");
456
457 pjdlog_prefix_set("%s", "");
458 }
459
460 static void
check_signals(void)461 check_signals(void)
462 {
463 struct timespec sigtimeout;
464 sigset_t mask;
465 int signo;
466
467 sigtimeout.tv_sec = 0;
468 sigtimeout.tv_nsec = 0;
469
470 PJDLOG_VERIFY(sigemptyset(&mask) == 0);
471 PJDLOG_VERIFY(sigaddset(&mask, SIGHUP) == 0);
472 PJDLOG_VERIFY(sigaddset(&mask, SIGINT) == 0);
473 PJDLOG_VERIFY(sigaddset(&mask, SIGTERM) == 0);
474 PJDLOG_VERIFY(sigaddset(&mask, SIGCHLD) == 0);
475
476 while ((signo = sigtimedwait(&mask, NULL, &sigtimeout)) != -1) {
477 switch (signo) {
478 case SIGINT:
479 case SIGTERM:
480 sigexit_received = true;
481 terminate_workers();
482 exit(EX_OK);
483 break;
484 case SIGCHLD:
485 child_exit();
486 break;
487 case SIGHUP:
488 adist_reload();
489 break;
490 default:
491 PJDLOG_ABORT("Unexpected signal (%d).", signo);
492 }
493 }
494 }
495
496 static void
main_loop(void)497 main_loop(void)
498 {
499 struct adist_host *adhost;
500 struct adist_listen *lst;
501 struct timeval seltimeout;
502 int fd, maxfd, ret;
503 fd_set rfds;
504
505 seltimeout.tv_sec = SIGNALS_CHECK_INTERVAL;
506 seltimeout.tv_usec = 0;
507
508 pjdlog_info("Started successfully.");
509
510 for (;;) {
511 check_signals();
512
513 /* Setup descriptors for select(2). */
514 FD_ZERO(&rfds);
515 maxfd = -1;
516 TAILQ_FOREACH(lst, &adcfg->adc_listen, adl_next) {
517 if (lst->adl_conn == NULL)
518 continue;
519 fd = proto_descriptor(lst->adl_conn);
520 PJDLOG_ASSERT(fd >= 0);
521 FD_SET(fd, &rfds);
522 maxfd = fd > maxfd ? fd : maxfd;
523 }
524 TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
525 if (adhost->adh_role == ADIST_ROLE_SENDER) {
526 /* Only sender workers ask for connections. */
527 PJDLOG_ASSERT(adhost->adh_conn != NULL);
528 fd = proto_descriptor(adhost->adh_conn);
529 PJDLOG_ASSERT(fd >= 0);
530 FD_SET(fd, &rfds);
531 maxfd = fd > maxfd ? fd : maxfd;
532 } else {
533 PJDLOG_ASSERT(adhost->adh_conn == NULL);
534 }
535 }
536
537 PJDLOG_ASSERT(maxfd + 1 <= (int)FD_SETSIZE);
538 ret = select(maxfd + 1, &rfds, NULL, NULL, &seltimeout);
539 if (ret == 0) {
540 /*
541 * select(2) timed out, so there should be no
542 * descriptors to check.
543 */
544 continue;
545 } else if (ret == -1) {
546 if (errno == EINTR)
547 continue;
548 KEEP_ERRNO((void)pidfile_remove(pfh));
549 pjdlog_exit(EX_OSERR, "select() failed");
550 }
551 PJDLOG_ASSERT(ret > 0);
552
553 /*
554 * Check for signals before we do anything to update our
555 * info about terminated workers in the meantime.
556 */
557 check_signals();
558
559 TAILQ_FOREACH(lst, &adcfg->adc_listen, adl_next) {
560 if (lst->adl_conn == NULL)
561 continue;
562 if (FD_ISSET(proto_descriptor(lst->adl_conn), &rfds))
563 listen_accept(lst);
564 }
565 TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
566 if (adhost->adh_role == ADIST_ROLE_SENDER) {
567 PJDLOG_ASSERT(adhost->adh_conn != NULL);
568 if (FD_ISSET(proto_descriptor(adhost->adh_conn),
569 &rfds)) {
570 connection_migrate(adhost);
571 }
572 } else {
573 PJDLOG_ASSERT(adhost->adh_conn == NULL);
574 }
575 }
576 }
577 }
578
579 static void
adist_config_dump(struct adist_config * cfg)580 adist_config_dump(struct adist_config *cfg)
581 {
582 struct adist_host *adhost;
583 struct adist_listen *lst;
584
585 pjdlog_debug(2, "Configuration:");
586 pjdlog_debug(2, " Global:");
587 pjdlog_debug(2, " pidfile: %s", cfg->adc_pidfile);
588 pjdlog_debug(2, " timeout: %d", cfg->adc_timeout);
589 if (TAILQ_EMPTY(&cfg->adc_listen)) {
590 pjdlog_debug(2, " Sender only, not listening.");
591 } else {
592 pjdlog_debug(2, " Listening on:");
593 TAILQ_FOREACH(lst, &cfg->adc_listen, adl_next) {
594 pjdlog_debug(2, " listen: %s", lst->adl_addr);
595 pjdlog_debug(2, " conn: %p", lst->adl_conn);
596 }
597 }
598 pjdlog_debug(2, " Hosts:");
599 TAILQ_FOREACH(adhost, &cfg->adc_hosts, adh_next) {
600 pjdlog_debug(2, " name: %s", adhost->adh_name);
601 pjdlog_debug(2, " role: %s", role2str(adhost->adh_role));
602 pjdlog_debug(2, " version: %d", adhost->adh_version);
603 pjdlog_debug(2, " localaddr: %s", adhost->adh_localaddr);
604 pjdlog_debug(2, " remoteaddr: %s", adhost->adh_remoteaddr);
605 pjdlog_debug(2, " remote: %p", adhost->adh_remote);
606 pjdlog_debug(2, " directory: %s", adhost->adh_directory);
607 pjdlog_debug(2, " compression: %d", adhost->adh_compression);
608 pjdlog_debug(2, " checksum: %d", adhost->adh_checksum);
609 pjdlog_debug(2, " pid: %ld", (long)adhost->adh_worker_pid);
610 pjdlog_debug(2, " conn: %p", adhost->adh_conn);
611 }
612 }
613
614 static void
dummy_sighandler(int sig __unused)615 dummy_sighandler(int sig __unused)
616 {
617 /* Nothing to do. */
618 }
619
620 int
main(int argc,char * argv[])621 main(int argc, char *argv[])
622 {
623 struct adist_host *adhost;
624 struct adist_listen *lst;
625 const char *execpath, *pidfile;
626 bool foreground, launchd;
627 pid_t otherpid;
628 int debuglevel;
629 sigset_t mask;
630
631 execpath = argv[0];
632 if (execpath[0] != '/') {
633 errx(EX_USAGE,
634 "auditdistd requires execution with an absolute path.");
635 }
636
637 /*
638 * We are executed from proto to create sandbox.
639 */
640 if (argc > 1 && strcmp(argv[1], "proto") == 0) {
641 argc -= 2;
642 argv += 2;
643 if (proto_exec(argc, argv) == -1)
644 err(EX_USAGE, "Unable to execute proto");
645 }
646
647 foreground = false;
648 debuglevel = 0;
649 launchd = false;
650 pidfile = NULL;
651
652 for (;;) {
653 int ch;
654
655 ch = getopt(argc, argv, "c:dFhlP:");
656 if (ch == -1)
657 break;
658 switch (ch) {
659 case 'c':
660 cfgpath = optarg;
661 break;
662 case 'd':
663 debuglevel++;
664 break;
665 case 'F':
666 foreground = true;
667 break;
668 case 'l':
669 launchd = true;
670 break;
671 case 'P':
672 pidfile = optarg;
673 break;
674 case 'h':
675 default:
676 usage();
677 }
678 }
679 argc -= optind;
680 argv += optind;
681
682 pjdlog_init(PJDLOG_MODE_STD);
683 pjdlog_debug_set(debuglevel);
684
685 if (proto_set("execpath", execpath) == -1)
686 pjdlog_exit(EX_TEMPFAIL, "Unable to set executable name");
687 if (proto_set("user", ADIST_USER) == -1)
688 pjdlog_exit(EX_TEMPFAIL, "Unable to set proto user");
689 if (proto_set("tcp:port", ADIST_TCP_PORT) == -1)
690 pjdlog_exit(EX_TEMPFAIL, "Unable to set default TCP port");
691
692 /*
693 * When path to the configuration file is relative, obtain full path,
694 * so we can always find the file, even after daemonizing and changing
695 * working directory to /.
696 */
697 if (cfgpath[0] != '/') {
698 const char *newcfgpath;
699
700 newcfgpath = realpath(cfgpath, NULL);
701 if (newcfgpath == NULL) {
702 pjdlog_exit(EX_CONFIG,
703 "Unable to obtain full path of %s", cfgpath);
704 }
705 cfgpath = newcfgpath;
706 }
707
708 adcfg = yy_config_parse(cfgpath, true);
709 PJDLOG_ASSERT(adcfg != NULL);
710 adist_config_dump(adcfg);
711
712 if (proto_set("tls:certfile", adcfg->adc_certfile) == -1)
713 pjdlog_exit(EX_TEMPFAIL, "Unable to set certfile path");
714 if (proto_set("tls:keyfile", adcfg->adc_keyfile) == -1)
715 pjdlog_exit(EX_TEMPFAIL, "Unable to set keyfile path");
716
717 if (pidfile != NULL) {
718 if (strlcpy(adcfg->adc_pidfile, pidfile,
719 sizeof(adcfg->adc_pidfile)) >=
720 sizeof(adcfg->adc_pidfile)) {
721 pjdlog_exitx(EX_CONFIG, "Pidfile path is too long.");
722 }
723 }
724 if (foreground && pidfile == NULL) {
725 pfh = NULL;
726 } else {
727 pfh = pidfile_open(adcfg->adc_pidfile, 0600, &otherpid);
728 if (pfh == NULL) {
729 if (errno == EEXIST) {
730 pjdlog_exitx(EX_TEMPFAIL,
731 "Another auditdistd is already running, pid: %jd.",
732 (intmax_t)otherpid);
733 }
734 /*
735 * If we cannot create pidfile from other reasons,
736 * only warn.
737 */
738 pjdlog_errno(LOG_WARNING,
739 "Unable to open or create pidfile %s",
740 adcfg->adc_pidfile);
741 }
742 }
743
744 /*
745 * Restore default actions for interesting signals in case parent
746 * process (like init(8)) decided to ignore some of them (like SIGHUP).
747 */
748 PJDLOG_VERIFY(signal(SIGHUP, SIG_DFL) != SIG_ERR);
749 PJDLOG_VERIFY(signal(SIGINT, SIG_DFL) != SIG_ERR);
750 PJDLOG_VERIFY(signal(SIGTERM, SIG_DFL) != SIG_ERR);
751 /*
752 * Because SIGCHLD is ignored by default, setup dummy handler for it,
753 * so we can mask it.
754 */
755 PJDLOG_VERIFY(signal(SIGCHLD, dummy_sighandler) != SIG_ERR);
756
757 PJDLOG_VERIFY(sigemptyset(&mask) == 0);
758 PJDLOG_VERIFY(sigaddset(&mask, SIGHUP) == 0);
759 PJDLOG_VERIFY(sigaddset(&mask, SIGINT) == 0);
760 PJDLOG_VERIFY(sigaddset(&mask, SIGTERM) == 0);
761 PJDLOG_VERIFY(sigaddset(&mask, SIGCHLD) == 0);
762 PJDLOG_VERIFY(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
763
764 /* Listen for remote connections. */
765 TAILQ_FOREACH(lst, &adcfg->adc_listen, adl_next) {
766 if (proto_server(lst->adl_addr, &lst->adl_conn) == -1) {
767 KEEP_ERRNO((void)pidfile_remove(pfh));
768 pjdlog_exit(EX_OSERR, "Unable to listen on address %s",
769 lst->adl_addr);
770 }
771 }
772
773 if (!foreground) {
774 if (!launchd && daemon(0, 0) == -1) {
775 KEEP_ERRNO((void)pidfile_remove(pfh));
776 pjdlog_exit(EX_OSERR, "Unable to daemonize");
777 }
778
779 /* Start logging to syslog. */
780 pjdlog_mode_set(PJDLOG_MODE_SYSLOG);
781 }
782 if (pfh != NULL) {
783 /* Write PID to a file. */
784 if (pidfile_write(pfh) < 0) {
785 pjdlog_errno(LOG_WARNING,
786 "Unable to write PID to a file");
787 }
788 }
789
790 TAILQ_FOREACH(adhost, &adcfg->adc_hosts, adh_next) {
791 if (adhost->adh_role == ADIST_ROLE_SENDER)
792 adist_sender(adcfg, adhost);
793 }
794
795 main_loop();
796
797 exit(0);
798 }
799