1/* $NetBSD$ */ 2 3/* 4 * Copyright (c) 1997-2005 Kungliga Tekniska H��gskolan 5 * (Royal Institute of Technology, Stockholm, Sweden). 6 * All rights reserved. 7 * 8 * Portions Copyright (c) 2009 Apple Inc. All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 17 * 2. Redistributions in binary form must reproduce the above copyright 18 * notice, this list of conditions and the following disclaimer in the 19 * documentation and/or other materials provided with the distribution. 20 * 21 * 3. Neither the name of the Institute nor the names of its contributors 22 * may be used to endorse or promote products derived from this software 23 * without specific prior written permission. 24 * 25 * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 26 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 27 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 28 * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 30 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 31 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 32 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 33 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 34 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 35 * SUCH DAMAGE. 36 */ 37 38#include "kdc_locl.h" 39#ifdef HAVE_UTIL_H 40#include <util.h> 41#endif 42 43#ifdef HAVE_CAPNG 44#include <cap-ng.h> 45#endif 46 47sig_atomic_t exit_flag = 0; 48 49#ifdef SUPPORT_DETACH 50int detach_from_console = -1; 51#endif 52 53static RETSIGTYPE 54sigterm(int sig) 55{ 56 exit_flag = sig; 57} 58 59/* 60 * Allow dropping root bit, since heimdal reopens the database all the 61 * time the database needs to be owned by the user you are switched 62 * too. A better solution is to split the kdc in to more processes and 63 * run the network facing part with very low privilege. 64 */ 65 66static void 67switch_environment(void) 68{ 69#ifdef HAVE_GETEUID 70 if ((runas_string || chroot_string) && geteuid() != 0) 71 errx(1, "no running as root, can't switch user/chroot"); 72 73 if (chroot_string && chroot(chroot_string) != 0) 74 errx(1, "chroot(%s)", "chroot_string failed"); 75 76 if (runas_string) { 77 struct passwd *pw; 78 79 pw = getpwnam(runas_string); 80 if (pw == NULL) 81 errx(1, "unknown user %s", runas_string); 82 83 if (initgroups(pw->pw_name, pw->pw_gid) < 0) 84 err(1, "initgroups failed"); 85 86#ifndef HAVE_CAPNG 87 if (setgid(pw->pw_gid) < 0) 88 err(1, "setgid(%s) failed", runas_string); 89 90 if (setuid(pw->pw_uid) < 0) 91 err(1, "setuid(%s)", runas_string); 92#else 93 capng_clear (CAPNG_EFFECTIVE | CAPNG_PERMITTED); 94 if (capng_updatev (CAPNG_ADD, CAPNG_EFFECTIVE | CAPNG_PERMITTED, 95 CAP_NET_BIND_SERVICE, CAP_SETPCAP, -1) < 0) 96 err(1, "capng_updateev"); 97 98 if (capng_change_id(pw->pw_uid, pw->pw_gid, 99 CAPNG_CLEAR_BOUNDING) < 0) 100 err(1, "capng_change_id(%s)", runas_string); 101#endif 102 } 103#endif 104} 105 106 107int 108main(int argc, char **argv) 109{ 110 krb5_error_code ret; 111 krb5_context context; 112 krb5_kdc_configuration *config; 113 114 setprogname(argv[0]); 115 116 ret = krb5_init_context(&context); 117 if (ret == KRB5_CONFIG_BADFORMAT) 118 errx (1, "krb5_init_context failed to parse configuration file"); 119 else if (ret) 120 errx (1, "krb5_init_context failed: %d", ret); 121 122 ret = krb5_kt_register(context, &hdb_kt_ops); 123 if (ret) 124 errx (1, "krb5_kt_register(HDB) failed: %d", ret); 125 126 config = configure(context, argc, argv); 127 128#ifdef HAVE_SIGACTION 129 { 130 struct sigaction sa; 131 132 sa.sa_flags = 0; 133 sa.sa_handler = sigterm; 134 sigemptyset(&sa.sa_mask); 135 136 sigaction(SIGINT, &sa, NULL); 137 sigaction(SIGTERM, &sa, NULL); 138#ifdef SIGXCPU 139 sigaction(SIGXCPU, &sa, NULL); 140#endif 141 142 sa.sa_handler = SIG_IGN; 143#ifdef SIGPIPE 144 sigaction(SIGPIPE, &sa, NULL); 145#endif 146 } 147#else 148 signal(SIGINT, sigterm); 149 signal(SIGTERM, sigterm); 150#ifdef SIGXCPU 151 signal(SIGXCPU, sigterm); 152#endif 153#ifdef SIGPIPE 154 signal(SIGPIPE, SIG_IGN); 155#endif 156#endif 157#ifdef SUPPORT_DETACH 158 if (detach_from_console) 159 daemon(0, 0); 160#endif 161#ifdef __APPLE__ 162 bonjour_announce(context, config); 163#endif 164 pidfile(NULL); 165 166 switch_environment(); 167 168 loop(context, config); 169 krb5_free_context(context); 170 return 0; 171} 172