Annotation of fam/fam/Interest.c++, Revision 1.1
1.1 ! trev 1: // Copyright (C) 1999 Silicon Graphics, Inc. All Rights Reserved.
! 2: //
! 3: // This program is free software; you can redistribute it and/or modify it
! 4: // under the terms of version 2 of the GNU General Public License as
! 5: // published by the Free Software Foundation.
! 6: //
! 7: // This program is distributed in the hope that it would be useful, but
! 8: // WITHOUT ANY WARRANTY; without even the implied warranty of
! 9: // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Further, any
! 10: // license provided herein, whether implied or otherwise, is limited to
! 11: // this program in accordance with the express provisions of the GNU
! 12: // General Public License. Patent licenses, if any, provided herein do not
! 13: // apply to combinations of this program with other product or programs, or
! 14: // any other product whatsoever. This program is distributed without any
! 15: // warranty that the program is delivered free of the rightful claim of any
! 16: // third person by way of infringement or the like. See the GNU General
! 17: // Public License for more details.
! 18: //
! 19: // You should have received a copy of the GNU General Public License along
! 20: // with this program; if not, write the Free Software Foundation, Inc., 59
! 21: // Temple Place - Suite 330, Boston MA 02111-1307, USA.
! 22:
! 23: #include "Interest.h"
! 24:
! 25: #include <string.h>
! 26: #include <errno.h>
! 27: #include <sys/param.h>
! 28: #if !defined(__FreeBSD__)
! 29: # include <sys/sysmacros.h>
! 30: #endif
! 31:
! 32: #ifdef HAVE_IRIX_XTAB_VERIFICATION
! 33: #include <stdio.h>
! 34: #include <exportent.h>
! 35: #include <netdb.h>
! 36: #include <sys/types.h>
! 37: #include <sys/socket.h>
! 38: #include <netinet/in.h>
! 39: #include <arpa/inet.h>
! 40: #endif // HAVE_IRIX_XTAB_VERIFICATION
! 41:
! 42: #include "Boolean.h"
! 43: #include "Event.h"
! 44: #include "FileSystem.h"
! 45: #include "IMon.h"
! 46: #include "Log.h"
! 47: #include "Pollster.h"
! 48: #include "timeval.h"
! 49:
! 50: Interest *Interest::hashtable[];
! 51: IMon Interest::imon(imon_handler);
! 52: bool Interest::xtab_verification = true;
! 53:
! 54: Interest::Interest(const char *name, FileSystem *fs, in_addr host, ExportVerification ev)
! 55: : hashlink(NULL),
! 56: myname(strcpy(new char[strlen(name) + 1], name)),
! 57: scan_state(OK),
! 58: cur_exec_state(NOT_EXECUTING),
! 59: old_exec_state(NOT_EXECUTING),
! 60: myhost(host),
! 61: mypath_exported_to_host(ev == NO_VERIFY_EXPORTED)
! 62: {
! 63: memset(&old_stat, 0, sizeof(old_stat));
! 64: IMon::Status s = IMon::BAD;
! 65:
! 66: s = imon.express(name, &old_stat);
! 67: if (s != IMon::OK)
! 68: { int rc = lstat(name, &old_stat);
! 69: if (rc < 0)
! 70: { Log::info("can't lstat %s", name);
! 71: memset(&old_stat, 0, sizeof old_stat);
! 72: }
! 73: }
! 74:
! 75: dev = old_stat.st_dev;
! 76: ino = old_stat.st_ino;
! 77:
! 78: if (ev == VERIFY_EXPORTED) verify_exported_to_host();
! 79:
! 80: if (s == IMon::OK) {
! 81:
! 82: if ((exported_to_host()) && (dev || ino))
! 83: {
! 84: // Insert on new chain.
! 85:
! 86: Interest **ipp = hashchain();
! 87: hashlink = *ipp;
! 88: *ipp = this;
! 89: }
! 90: else revoke();
! 91: }
! 92:
! 93:
! 94: #if HAVE_STAT_ST_FSTYPE_STRING
! 95: // Enable low-level monitoring.
! 96: // The NetWare filesystem is too slow to monitor, so
! 97: // don't even try.
! 98:
! 99: if ( !strcmp( (char *) &old_stat.st_fstype, "nwfs")) {
! 100: return;
! 101: }
! 102: #endif
! 103:
! 104: if (exported_to_host()) fs->ll_monitor(this, s == IMon::OK);
! 105: }
! 106:
! 107: Interest::~Interest()
! 108: {
! 109: Pollster::forget(this);
! 110: revoke();
! 111: delete[] myname;
! 112: }
! 113:
! 114: void
! 115: Interest::revoke()
! 116: {
! 117: // Traverse our hash chain. Delete this entry when we find it.
! 118: // Also check for other entries with same dev/ino.
! 119:
! 120: if (dev || ino)
! 121: {
! 122: bool found_same = false;
! 123: for (Interest *p, **pp = hashchain(); ((p = *pp) != NULL); )
! 124: if (p == this)
! 125: *pp = p->hashlink; // remove this from list
! 126: else
! 127: { if (p->ino == ino && p->dev == dev)
! 128: found_same = true;
! 129: pp = &p->hashlink; // move to next element
! 130: }
! 131: if (!found_same)
! 132: (void) imon.revoke(name(), dev, ino);
! 133: }
! 134: }
! 135:
! 136: bool
! 137: Interest::dev_ino(dev_t newdev, ino_t newino)
! 138: {
! 139: // Remove from hash chain and revoke imon's interest.
! 140:
! 141: revoke();
! 142:
! 143: dev = newdev;
! 144: ino = newino;
! 145:
! 146: if (newdev || newino)
! 147: {
! 148:
! 149: // Express interest.
! 150: IMon::Status s = IMon::BAD;
! 151: s = imon.express(name(), NULL);
! 152: if (s != IMon::OK) {
! 153: return true;
! 154: }
! 155:
! 156: // Insert on new chain.
! 157:
! 158: Interest **ipp = hashchain();
! 159: hashlink = *ipp;
! 160: *ipp = this;
! 161: }
! 162: else {
! 163: hashlink = NULL;
! 164: }
! 165: return false;
! 166: }
! 167:
! 168: /* Returns true if file changed since last stat */
! 169: bool
! 170: Interest::do_stat()
! 171: {
! 172: // Consider the case of a Directory changing into a file to be a
! 173: // simple change, and send only a Changed event.
! 174:
! 175: struct stat status;
! 176:
! 177: int rc = lstat(name(), &status);
! 178: if (rc < 0) {
! 179: if (errno == ETIMEDOUT) {
! 180: return false;
! 181: }
! 182: memset(&status, 0, sizeof status);
! 183: }
! 184:
! 185: bool exists = status.st_mode != 0;
! 186: bool did_exist = old_stat.st_mode != 0;
! 187: #ifdef HAVE_STAT_ST_CTIM_TV_NSEC
! 188: bool stat_changed = (old_stat.st_ctim.tv_sec != status.st_ctim.tv_sec) ||
! 189: (old_stat.st_ctim.tv_nsec != status.st_ctim.tv_nsec) ||
! 190: (old_stat.st_mtim.tv_sec != status.st_mtim.tv_sec) ||
! 191: (old_stat.st_mtim.tv_nsec != status.st_mtim.tv_nsec) ||
! 192: #else
! 193: bool stat_changed = (old_stat.st_ctime != status.st_ctime) ||
! 194: (old_stat.st_mtime != status.st_mtime) ||
! 195: #endif
! 196: (old_stat.st_mode != status.st_mode) ||
! 197: (old_stat.st_uid != status.st_uid) ||
! 198: (old_stat.st_gid != status.st_gid) ||
! 199: (old_stat.st_size != status.st_size) ||
! 200: (old_stat.st_ino != status.st_ino);
! 201: old_stat = status;
! 202:
! 203: // If dev/ino changed, move this interest to the right hash chain.
! 204:
! 205: bool keep_polling = false;
! 206: if (status.st_dev != dev || status.st_ino != ino) {
! 207: keep_polling = dev_ino(status.st_dev, status.st_ino);
! 208: }
! 209:
! 210: if (exists && !did_exist)
! 211: {
! 212: post_event(Event::Created);
! 213: if (!keep_polling) {
! 214: notify_created(this);
! 215: }
! 216: }
! 217: else if (did_exist && !exists)
! 218: {
! 219: post_event(Event::Deleted);
! 220: notify_deleted(this);
! 221: }
! 222:
! 223: return stat_changed;
! 224: }
! 225:
! 226: bool
! 227: Interest::do_scan()
! 228: {
! 229: bool stat_changed = false;
! 230: if (needs_scan() && active())
! 231: { needs_scan(false);
! 232: bool did_exist = exists();
! 233: stat_changed = do_stat();
! 234: if (stat_changed && did_exist && exists())
! 235: post_event(Event::Changed);
! 236: report_exec_state();
! 237: }
! 238: return stat_changed;
! 239: }
! 240:
! 241: void
! 242: Interest::report_exec_state()
! 243: {
! 244: if (old_exec_state != cur_exec_state && active())
! 245: { post_event(cur_exec_state == EXECUTING ?
! 246: Event::Executing : Event::Exited);
! 247: old_exec_state = cur_exec_state;
! 248: }
! 249: }
! 250:
! 251: void
! 252: Interest::imon_handler(dev_t device, ino_t inumber, int event)
! 253: {
! 254: assert(device || inumber);
! 255:
! 256: for (Interest *p = *hashchain(device, inumber), *next = p; p; p = next)
! 257: { next = p->hashlink;
! 258: if (p->ino == inumber && p->dev == device)
! 259: { if (event == IMon::EXEC)
! 260: { p->cur_exec_state = EXECUTING;
! 261: (void) p->report_exec_state();
! 262: }
! 263: else if (event == IMon::EXIT)
! 264: { p->cur_exec_state = NOT_EXECUTING;
! 265: (void) p->report_exec_state();
! 266: }
! 267: else
! 268: { assert(event == IMon::CHANGE);
! 269: p->scan();
! 270: }
! 271: }
! 272: }
! 273: }
! 274:
! 275: void
! 276: Interest::enable_xtab_verification(bool enable)
! 277: {
! 278: #ifdef HAVE_IRIX_XTAB_VERIFICATION
! 279: xtab_verification = enable;
! 280: Log::info("%s xtab verification of remote requests",
! 281: enable ? "Enabling" : "Disabling");
! 282: #endif
! 283: }
! 284:
! 285: // This determines whether this Interest falls on a filesystem which is
! 286: // exported to the host from which the request originated, and sets
! 287: // mypath_exported_to_host accordingly.
! 288: void
! 289: Interest::verify_exported_to_host()
! 290: {
! 291: #ifdef HAVE_IRIX_XTAB_VERIFICATION
! 292:
! 293: // This sets mypath_exported_to_host by checking /etc/xtab and seeing
! 294: // whether the export entry has an access list; if it does, we see
! 295: // whether each entry in the list is a netgroup-containing-the-
! 296: // requesting-host or the-requesting-host-itself.
! 297:
! 298: if ((!xtab_verification) ||
! 299: (myhost.s_addr == htonl(INADDR_LOOPBACK)))
! 300: {
! 301: mypath_exported_to_host = true;
! 302: return;
! 303: }
! 304: mypath_exported_to_host = false;
! 305:
! 306: // Check the xtab for the list of exported filesystems. If this
! 307: // Interest is located on a filesystem which has been exported to the
! 308: // Interest's host, set mypath_exported_to_host to true.
! 309:
! 310: Log::debug("XTAB: checking requested interest %s, dev/ino %d/%d, "
! 311: "from host %s", name(), dev, ino, inet_ntoa(myhost));
! 312:
! 313: // This is a little bogus... if we don't have a dev or ino, we're not
! 314: // going to find a matching exported filesystem, so let's bail.
! 315: if (!dev && !ino) {
! 316: Log::debug("XTAB: returning false for dev/ino %d/%d", dev, ino);
! 317: return;
! 318: }
! 319:
! 320: Cred::SuperUser.become_user(); // setexportent fails if you're not root??
! 321: exportent *xent;
! 322: FILE *xtab = setexportent();
! 323: if (xtab == NULL) {
! 324: Log::perror("setexportent");
! 325: return;
! 326: }
! 327:
! 328: while ((xent = getexportent(xtab)) != NULL) {
! 329: // See if the Interest falls under this export entry.
! 330: char *xent_path = xent->xent_dirname;
! 331: int xent_pathlen = strlen(xent_path);
! 332: if (xent_path[xent_pathlen - 1] == '/') --xent_pathlen;
! 333: if ((xent_pathlen == 0) || // xent_path was "/"
! 334: ((strncmp(xent_path, name(), xent_pathlen) == 0) &&
! 335: ((name()[xent_pathlen] == '/') || // so /usr doesn't
! 336: (name()[xent_pathlen] == '\0')))) // match /usrbooboo
! 337: {
! 338: // This export entry is somewhere above the requested directory.
! 339: // If it has the same device number, this is the entry we want.
! 340: struct stat sb;
! 341: //need to set cred here?
! 342: if (stat(xent_path, &sb) == -1) {
! 343: //only log if errno != EACCES or ENOENT?
! 344: Log::perror("stat(%s)", name());
! 345: continue;
! 346: }
! 347: if (sb.st_dev == dev) break; // yippee
! 348:
! 349: // Are there other cases we need to handle? Child filesystems
! 350: // exported -nohide still need to be exported, and we'll keep
! 351: // going until we find them.
! 352: }
! 353: }
! 354: endexportent(xtab); // Note that we're still using memory returned by
! 355: // getexportent().
! 356:
! 357: if (xent == NULL) {
! 358: // no matching xtab entry.
! 359: Log::info("Found no matching xtab entry for remote request from %s "
! 360: "for %s", inet_ntoa(myhost), name());
! 361: return;
! 362: }
! 363:
! 364: Log::debug("XTAB: %s is on xent %s", name(), xent->xent_dirname);
! 365:
! 366: char *xopt;
! 367: if ((xopt = getexportopt(xent, ACCESS_OPT)) == NULL) {
! 368: // This is exported to all clients, so we're OK.
! 369: Log::debug("XTAB: no access list for %s, so remote request was "
! 370: "granted", xent->xent_dirname);
! 371: mypath_exported_to_host = true;
! 372: return;
! 373: }
! 374:
! 375: hostent *hent = gethostbyaddr(&myhost, sizeof(in_addr), AF_INET);
! 376: if (hent == NULL) {
! 377: Log::perror("gethostbyaddr(%s)", inet_ntoa(myhost));
! 378: return;
! 379: }
! 380:
! 381: // This export entry has a list of netgroups and/or hosts which are
! 382: // allowed access. Run through the list & see if our host is there.
! 383: char *cs = xopt, *ce;
! 384: while ((!mypath_exported_to_host) && (cs != NULL) && (*cs != '\0')) {
! 385: ce = strchr(cs, ':');
! 386: if (ce != NULL) *ce = '\0';
! 387:
! 388: // See if this client is a netgroup containing myhost.
! 389: Log::debug("XTAB: seeing if %s is a netgroup containing host %s",
! 390: cs, hent->h_name);
! 391: if (innetgr(cs, hent->h_name, NULL, NULL)) {
! 392: mypath_exported_to_host = true;
! 393: break;
! 394: }
! 395: // See if this client is a netgroup containing one of myhost's aliases.
! 396: for (int ai = 0; hent->h_aliases[ai] != NULL; ++ai) {
! 397: Log::debug("XTAB: seeing if %s is a netgroup containing host "
! 398: "alias %s", cs, hent->h_aliases[ai]);
! 399: if (innetgr(cs, hent->h_aliases[ai], NULL, NULL)) {
! 400: mypath_exported_to_host = true;
! 401: break;
! 402: }
! 403: }
! 404: if (mypath_exported_to_host) break;
! 405:
! 406: // See if this client is a host.
! 407: Log::debug("XTAB: seeing if %s is a host with the address %s", cs,
! 408: inet_ntoa(myhost));
! 409: hostent *chent = gethostbyname(cs);
! 410: if ((chent != NULL) &&
! 411: (chent->h_addrtype == AF_INET) &&
! 412: chent->h_length == sizeof(in_addr)) {
! 413: for (int i = 0; chent->h_addr_list[i] != NULL; ++i) {
! 414: if (((in_addr *)(chent->h_addr_list[i]))->s_addr ==
! 415: myhost.s_addr) {
! 416: // whew. what a pain.
! 417: mypath_exported_to_host = true;
! 418: break;
! 419: }
! 420: }
! 421: }
! 422:
! 423: if(ce != NULL) cs = ce + 1;
! 424: else break;
! 425: }
! 426:
! 427: Log::info("XTAB: %s request from %s to monitor %s",
! 428: mypath_exported_to_host ? "Granted" : "Denied",
! 429: inet_ntoa(myhost), name());
! 430: return;
! 431:
! 432: #else
! 433:
! 434: // We don't have xtab verification, so this just says we're OK.
! 435: mypath_exported_to_host = true;
! 436:
! 437: #endif // HAVE_IRIX_XTAB_VERIFICATION
! 438: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to Interest.c++ CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [Development] / fam / fam