[PATCH] Log client process name in winbindd
Jeremy Allison
jra at samba.org
Fri Nov 9 20:21:48 UTC 2018
On Fri, Nov 09, 2018 at 05:06:51PM +0100, Andreas Schneider wrote:
> On Friday, 9 November 2018 01:01:05 CET Jeremy Allison wrote:
> > Yeah, OK. But I get nervous when I see
> >
> > snprintf(buf, len, XXXX...)
> >
> > calls with no checks. Maybe just make them
> > into:
> >
> > (void)snprintf(buf, len, XXXX...)
> >
> > so it's explicit we're ignoring the return ?
>
> I hope the attached patchset addresses your concerns.
Yep, thanks Andreas ! RB+ and pushed.
>
>
> Andreas
>
> --
> Andreas Schneider asn at samba.org
> Samba Team www.samba.org
> GPG-ID: 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
> From 6b8f42ad8518c8913619a77e11828f1751c878b1 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Fri, 2 Nov 2018 18:04:28 +0100
> Subject: [PATCH 01/11] lib:replace: Add getprogname()
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> lib/replace/replace.c | 71 +++++++++++++++++++++++++++++++++++++++++++
> lib/replace/replace.h | 5 +++
> lib/replace/wscript | 1 +
> 3 files changed, 77 insertions(+)
>
> diff --git a/lib/replace/replace.c b/lib/replace/replace.c
> index 113137c2992..e38df98ea3a 100644
> --- a/lib/replace/replace.c
> +++ b/lib/replace/replace.c
> @@ -978,3 +978,74 @@ int rep_memset_s(void *dest, size_t destsz, int ch, size_t count)
> return 0;
> }
> #endif /* HAVE_MEMSET_S */
> +
> +#ifndef HAVE_GETPROGNAME
> +# ifndef _GNU_SOURCE
> +# define PROGNAME_SIZE 32
> +static char rep_progname[PROGNAME_SIZE];
> +# endif /* _GNU_SOURCE */
> +
> +const char *rep_getprogname(void)
> +{
> +#ifdef _GNU_SOURCE
> + return program_invocation_short_name;
> +#else /* _GNU_SOURCE */
> + FILE *fp = NULL;
> + char cmdline[4096] = {0};
> + char *p = NULL;
> + pid_t pid;
> + size_t nread;
> + int len;
> +
> + if (rep_progname[0] != '\0') {
> + return rep_progname;
> + }
> +
> + len = snprintf(rep_progname, sizeof(rep_progname), "%s", "<unknown>");
> + if (len <= 0) {
> + return "<unknown>";
> + }
> +
> + pid = getpid();
> + if (pid <= 1 || pid == (pid_t)-1) {
> + return rep_progname;
> + }
> +
> + len = snprintf(cmdline,
> + sizeof(cmdline),
> + "/proc/%u/cmdline",
> + (unsigned int)pid);
> + if (len <= 0 || len == sizeof(cmdline)) {
> + return rep_progname;
> + }
> +
> + fp = fopen(cmdline, "r");
> + if (fp == NULL) {
> + return rep_progname;
> + }
> +
> + nread = fread(cmdline, 1, sizeof(cmdline) - 1, fp);
> + if (nread == 0) {
> + return rep_progname;
> + }
> +
> + cmdline[nread] = '\0';
> +
> + p = strrchr(cmdline, '/');
> + if (p != NULL) {
> + p++;
> + } else {
> + p = cmdline;
> + }
> +
> + len = strlen(p);
> + if (len > PROGNAME_SIZE) {
> + p[PROGNAME_SIZE - 1] = '\0';
> + }
> +
> + (void)snprintf(rep_progname, sizeof(rep_progname), "%s", p);
> +
> + return rep_progname;
> +#endif /* _GNU_SOURCE */
> +}
> +#endif /* HAVE_GETPROGNAME */
> diff --git a/lib/replace/replace.h b/lib/replace/replace.h
> index de4e20c4454..732a8226858 100644
> --- a/lib/replace/replace.h
> +++ b/lib/replace/replace.h
> @@ -933,6 +933,11 @@ void rep_setproctitle_init(int argc, char *argv[], char *envp[]);
> int rep_memset_s(void *dest, size_t destsz, int ch, size_t count);
> #endif
>
> +#ifndef HAVE_GETPROGNAME
> +#define getprogname rep_getprogname
> +const char *rep_getprogname(void);
> +#endif
> +
> #ifndef FALL_THROUGH
> # ifdef HAVE_FALLTHROUGH_ATTRIBUTE
> # define FALL_THROUGH __attribute__ ((fallthrough))
> diff --git a/lib/replace/wscript b/lib/replace/wscript
> index 8adfffe9584..c8693a3f2e1 100644
> --- a/lib/replace/wscript
> +++ b/lib/replace/wscript
> @@ -426,6 +426,7 @@ def configure(conf):
> conf.CHECK_FUNCS('getgrent_r getgrgid_r getgrnam_r getgrouplist getpagesize')
> conf.CHECK_FUNCS('getpwent_r getpwnam_r getpwuid_r epoll_create')
> conf.CHECK_FUNCS('port_create')
> + conf.CHECK_FUNCS('getprogname')
>
> conf.SET_TARGET_TYPE('attr', 'EMPTY')
>
> --
> 2.19.1
>
>
> From 63d94df019eaa68163f490cce42937b246481957 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Fri, 2 Nov 2018 18:39:26 +0100
> Subject: [PATCH 02/11] wbclient: Send the client process name talking to
> winbind
>
> This is for better debugging messages.
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> nsswitch/wb_common.c | 23 +++++++++++++++++++++++
> nsswitch/winbind_struct_protocol.h | 4 +++-
> source3/torture/wbc_async.c | 4 ++++
> 3 files changed, 30 insertions(+), 1 deletion(-)
>
> diff --git a/nsswitch/wb_common.c b/nsswitch/wb_common.c
> index 59370aa5bbc..13c38f213ba 100644
> --- a/nsswitch/wb_common.c
> +++ b/nsswitch/wb_common.c
> @@ -31,6 +31,8 @@
> #include <pthread.h>
> #endif
>
> +static char client_name[32];
> +
> /* Global context */
>
> struct winbindd_context {
> @@ -75,6 +77,23 @@ void winbindd_free_response(struct winbindd_response *response)
> SAFE_FREE(response->extra_data.data);
> }
>
> +static const char *winbind_get_client_name(void)
> +{
> + if (client_name[0] == '\0') {
> + int len;
> +
> + len = snprintf(client_name,
> + sizeof(client_name),
> + "%s",
> + getprogname());
> + if (len <= 0) {
> + return "<unkonwn>";
> + }
> + }
> +
> + return client_name;
> +}
> +
> /* Initialise a request structure */
>
> static void winbindd_init_request(struct winbindd_request *request,
> @@ -85,6 +104,10 @@ static void winbindd_init_request(struct winbindd_request *request,
> request->cmd = (enum winbindd_cmd)request_type;
> request->pid = getpid();
>
> + (void)snprintf(request->client_name,
> + sizeof(request->client_name),
> + "%s",
> + winbind_get_client_name());
> }
>
> /* Initialise a response structure */
> diff --git a/nsswitch/winbind_struct_protocol.h b/nsswitch/winbind_struct_protocol.h
> index 3f3ebd0b66d..f184c957ab8 100644
> --- a/nsswitch/winbind_struct_protocol.h
> +++ b/nsswitch/winbind_struct_protocol.h
> @@ -60,8 +60,9 @@ typedef char fstring[FSTRING_LEN];
> * removed WINBINDD_UID_TO_SID
> * 29: added "authoritative" to response.data.auth
> * 30: added "validation_level" and "info6" to response.data.auth
> + * 31: added "client_name" to the request
> */
> -#define WINBIND_INTERFACE_VERSION 30
> +#define WINBIND_INTERFACE_VERSION 31
>
> /* Have to deal with time_t being 4 or 8 bytes due to structure alignment.
> On a 64bit Linux box, we have to support a constant structure size
> @@ -250,6 +251,7 @@ struct winbindd_request {
> uint32_t wb_flags; /* generic flags */
> uint32_t flags; /* flags relevant *only* to a given request */
> fstring domain_name; /* name of domain for which the request applies */
> + char client_name[32]; /* The client process sending the request */
>
> union {
> fstring winsreq; /* WINS request */
> diff --git a/source3/torture/wbc_async.c b/source3/torture/wbc_async.c
> index a9020ddcda5..e45c01c50a0 100644
> --- a/source3/torture/wbc_async.c
> +++ b/source3/torture/wbc_async.c
> @@ -402,6 +402,10 @@ static void wb_open_pipe_connect_nonpriv_done(struct tevent_req *subreq)
> ZERO_STRUCT(state->wb_req);
> state->wb_req.cmd = WINBINDD_INTERFACE_VERSION;
> state->wb_req.pid = getpid();
> + (void)snprintf(state->wb_req.client_name,
> + sizeof(state->wb_req.client_name),
> + "%s",
> + "TORTURE");
>
> subreq = wb_simple_trans_send(state, state->ev, NULL,
> state->wb_ctx->fd, &state->wb_req);
> --
> 2.19.1
>
>
> From 6c715f92cf85f9f057b5bf733005a64bbee5462c Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Fri, 2 Nov 2018 18:45:26 +0100
> Subject: [PATCH 03/11] s3:winbindd: Also log the process name in winbindd
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> source3/winbindd/winbindd.c | 19 ++++++++++++++-----
> source3/winbindd/winbindd.h | 1 +
> 2 files changed, 15 insertions(+), 5 deletions(-)
>
> diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c
> index 07a81329358..86c3cd95244 100644
> --- a/source3/winbindd/winbindd.c
> +++ b/source3/winbindd/winbindd.c
> @@ -708,6 +708,9 @@ static struct tevent_req *process_request_send(
>
> /* Remember who asked us. */
> cli_state->pid = cli_state->request->pid;
> + memcpy(cli_state->client_name,
> + cli_state->request->client_name,
> + sizeof(cli_state->client_name));
>
> cli_state->cmd_name = "unknown request";
> cli_state->recv_fn = NULL;
> @@ -734,8 +737,11 @@ static struct tevent_req *process_request_send(
> cli_state->cmd_name = atable->cmd_name;
> cli_state->recv_fn = atable->recv_req;
>
> - DEBUG(10, ("process_request: Handling async request %d:%s\n",
> - (int)cli_state->pid, cli_state->cmd_name));
> + DBG_DEBUG("process_request: "
> + "Handling async request %s(%d):%s\n",
> + cli_state->client_name,
> + (int)cli_state->pid,
> + cli_state->cmd_name);
>
> subreq = atable->send_req(
> state,
> @@ -797,7 +803,8 @@ static void process_request_done(struct tevent_req *subreq)
> status = cli_state->recv_fn(subreq, cli_state->response);
> TALLOC_FREE(subreq);
>
> - DBG_DEBUG("[%d:%s]: %s\n",
> + DBG_DEBUG("[%s(%d):%s]: %s\n",
> + cli_state->client_name,
> (int)cli_state->pid,
> cli_state->cmd_name,
> nt_errstr(status));
> @@ -841,8 +848,10 @@ static void process_request_written(struct tevent_req *subreq)
> return;
> }
>
> - DBG_DEBUG("[%d:%s]: delivered response to client\n",
> - (int)cli_state->pid, cli_state->cmd_name);
> + DBG_DEBUG("[%s(%d):%s]: delivered response to client\n",
> + cli_state->client_name,
> + (int)cli_state->pid,
> + cli_state->cmd_name);
>
> TALLOC_FREE(cli_state->mem_ctx);
> cli_state->response = NULL;
> diff --git a/source3/winbindd/winbindd.h b/source3/winbindd/winbindd.h
> index 6d4b92f27cf..7490d62a705 100644
> --- a/source3/winbindd/winbindd.h
> +++ b/source3/winbindd/winbindd.h
> @@ -47,6 +47,7 @@ struct winbindd_cli_state {
> struct winbindd_cli_state *prev, *next; /* Linked list pointers */
> int sock; /* Open socket from client */
> pid_t pid; /* pid of client */
> + char client_name[32]; /* The process name of the client */
> time_t last_access; /* Time of last access (read or write) */
> bool privileged; /* Is the client 'privileged' */
>
> --
> 2.19.1
>
>
> From e797427e2525c0a814ec673107fd6fea583ea1cb Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Fri, 2 Nov 2018 18:56:29 +0100
> Subject: [PATCH 04/11] s3:winbind: Log client process name
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> source3/winbindd/winbindd_getdcname.c | 6 ++++--
> source3/winbindd/winbindd_getgrent.c | 4 +++-
> source3/winbindd/winbindd_getgrgid.c | 5 ++++-
> source3/winbindd/winbindd_getgrnam.c | 5 ++++-
> source3/winbindd/winbindd_getgroups.c | 5 ++++-
> source3/winbindd/winbindd_getpwent.c | 4 +++-
> source3/winbindd/winbindd_getpwnam.c | 5 ++++-
> source3/winbindd/winbindd_getpwsid.c | 5 ++++-
> source3/winbindd/winbindd_getpwuid.c | 5 ++++-
> source3/winbindd/winbindd_getsidaliases.c | 5 ++++-
> source3/winbindd/winbindd_getuserdomgroups.c | 5 ++++-
> source3/winbindd/winbindd_getusersids.c | 5 ++++-
> 12 files changed, 46 insertions(+), 13 deletions(-)
>
> diff --git a/source3/winbindd/winbindd_getdcname.c b/source3/winbindd/winbindd_getdcname.c
> index c8213ae4880..f6b62757527 100644
> --- a/source3/winbindd/winbindd_getdcname.c
> +++ b/source3/winbindd/winbindd_getdcname.c
> @@ -43,8 +43,10 @@ struct tevent_req *winbindd_getdcname_send(TALLOC_CTX *mem_ctx,
>
> request->domain_name[sizeof(request->domain_name)-1] = '\0';
>
> - DEBUG(3, ("[%5lu]: getdcname for %s\n", (unsigned long)cli->pid,
> - request->domain_name));
> + DBG_NOTICE("[%s (%u)] getdcname for %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->domain_name);
>
> subreq = wb_dsgetdcname_send(state, ev, request->domain_name, NULL,
> NULL, 0);
> diff --git a/source3/winbindd/winbindd_getgrent.c b/source3/winbindd/winbindd_getgrent.c
> index 15a35f7044e..b78d1f5b465 100644
> --- a/source3/winbindd/winbindd_getgrent.c
> +++ b/source3/winbindd/winbindd_getgrent.c
> @@ -48,7 +48,9 @@ struct tevent_req *winbindd_getgrent_send(TALLOC_CTX *mem_ctx,
> state->num_groups = 0;
> state->cli = cli;
>
> - DEBUG(3, ("[%5lu]: getgrent\n", (unsigned long)cli->pid));
> + DBG_NOTICE("[%s (%u)] getgrent\n",
> + cli->client_name,
> + (unsigned int)cli->pid);
>
> if (cli->grent_state == NULL) {
> tevent_req_nterror(req, NT_STATUS_NO_MORE_ENTRIES);
> diff --git a/source3/winbindd/winbindd_getgrgid.c b/source3/winbindd/winbindd_getgrgid.c
> index 640ebfa4969..49a24dee7a4 100644
> --- a/source3/winbindd/winbindd_getgrgid.c
> +++ b/source3/winbindd/winbindd_getgrgid.c
> @@ -49,7 +49,10 @@ struct tevent_req *winbindd_getgrgid_send(TALLOC_CTX *mem_ctx,
> }
> state->ev = ev;
>
> - DEBUG(3, ("getgrgid %d\n", (int)request->data.gid));
> + DBG_NOTICE("[%s (%u)] getgrgid %d\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + (int)request->data.gid);
>
> state->xid = (struct unixid) {
> .id = request->data.uid, .type = ID_TYPE_GID };
> diff --git a/source3/winbindd/winbindd_getgrnam.c b/source3/winbindd/winbindd_getgrnam.c
> index 37c205ddba4..db53848055a 100644
> --- a/source3/winbindd/winbindd_getgrnam.c
> +++ b/source3/winbindd/winbindd_getgrnam.c
> @@ -54,7 +54,10 @@ struct tevent_req *winbindd_getgrnam_send(TALLOC_CTX *mem_ctx,
> /* Ensure null termination */
> request->data.groupname[sizeof(request->data.groupname)-1]='\0';
>
> - DEBUG(3, ("getgrnam %s\n", request->data.groupname));
> + DBG_NOTICE("[%s (%u)] getgrnam %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->data.groupname);
>
> nt_status = normalize_name_unmap(state, request->data.groupname, &tmp);
> /* If we didn't map anything in the above call, just reset the
> diff --git a/source3/winbindd/winbindd_getgroups.c b/source3/winbindd/winbindd_getgroups.c
> index f7f2df5f7b1..16c06395d70 100644
> --- a/source3/winbindd/winbindd_getgroups.c
> +++ b/source3/winbindd/winbindd_getgroups.c
> @@ -59,7 +59,10 @@ struct tevent_req *winbindd_getgroups_send(TALLOC_CTX *mem_ctx,
> /* Ensure null termination */
> request->data.username[sizeof(request->data.username)-1]='\0';
>
> - DEBUG(3, ("getgroups %s\n", request->data.username));
> + DBG_NOTICE("[%s (%u)] getgroups %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->data.username);
>
> domuser = request->data.username;
>
> diff --git a/source3/winbindd/winbindd_getpwent.c b/source3/winbindd/winbindd_getpwent.c
> index 9e5190a3c60..030a013c160 100644
> --- a/source3/winbindd/winbindd_getpwent.c
> +++ b/source3/winbindd/winbindd_getpwent.c
> @@ -47,7 +47,9 @@ struct tevent_req *winbindd_getpwent_send(TALLOC_CTX *mem_ctx,
> state->num_users = 0;
> state->cli = cli;
>
> - DEBUG(3, ("[%5lu]: getpwent\n", (unsigned long)cli->pid));
> + DBG_NOTICE("[%s (%u)] getpwent\n",
> + cli->client_name,
> + (unsigned int)cli->pid);
>
> if (cli->pwent_state == NULL) {
> tevent_req_nterror(req, NT_STATUS_NO_MORE_ENTRIES);
> diff --git a/source3/winbindd/winbindd_getpwnam.c b/source3/winbindd/winbindd_getpwnam.c
> index 8da66c25141..63274cab5a0 100644
> --- a/source3/winbindd/winbindd_getpwnam.c
> +++ b/source3/winbindd/winbindd_getpwnam.c
> @@ -55,7 +55,10 @@ struct tevent_req *winbindd_getpwnam_send(TALLOC_CTX *mem_ctx,
> /* Ensure null termination */
> request->data.username[sizeof(request->data.username)-1]='\0';
>
> - DEBUG(3, ("getpwnam %s\n", request->data.username));
> + DBG_NOTICE("[%s (%u)] getpwnam %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->data.username);
>
> domuser = request->data.username;
>
> diff --git a/source3/winbindd/winbindd_getpwsid.c b/source3/winbindd/winbindd_getpwsid.c
> index 52481700756..f12d5296004 100644
> --- a/source3/winbindd/winbindd_getpwsid.c
> +++ b/source3/winbindd/winbindd_getpwsid.c
> @@ -45,7 +45,10 @@ struct tevent_req *winbindd_getpwsid_send(TALLOC_CTX *mem_ctx,
> /* Ensure null termination */
> request->data.sid[sizeof(request->data.sid)-1]='\0';
>
> - DEBUG(3, ("getpwsid %s\n", request->data.sid));
> + DBG_NOTICE("[%s (%u)] getpwsid %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->data.sid);
>
> if (!string_to_sid(&state->sid, request->data.sid)) {
> DEBUG(1, ("Could not get convert sid %s from string\n",
> diff --git a/source3/winbindd/winbindd_getpwuid.c b/source3/winbindd/winbindd_getpwuid.c
> index d7a1f4de5e5..319f2f71ad9 100644
> --- a/source3/winbindd/winbindd_getpwuid.c
> +++ b/source3/winbindd/winbindd_getpwuid.c
> @@ -46,7 +46,10 @@ struct tevent_req *winbindd_getpwuid_send(TALLOC_CTX *mem_ctx,
> }
> state->ev = ev;
>
> - DEBUG(3, ("getpwuid %d\n", (int)request->data.uid));
> + DBG_NOTICE("[%s (%u)] getpwuid %d\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + (int)request->data.uid);
>
> state->xid = (struct unixid) {
> .id = request->data.uid, .type = ID_TYPE_UID };
> diff --git a/source3/winbindd/winbindd_getsidaliases.c b/source3/winbindd/winbindd_getsidaliases.c
> index e40a51dbd6d..291e32f7996 100644
> --- a/source3/winbindd/winbindd_getsidaliases.c
> +++ b/source3/winbindd/winbindd_getsidaliases.c
> @@ -49,7 +49,10 @@ struct tevent_req *winbindd_getsidaliases_send(TALLOC_CTX *mem_ctx,
> /* Ensure null termination */
> request->data.sid[sizeof(request->data.sid)-1]='\0';
>
> - DEBUG(3, ("getsidaliases %s\n", request->data.sid));
> + DBG_NOTICE("[%s (%u)] getsidaliases %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->data.sid);
>
> if (!string_to_sid(&state->sid, request->data.sid)) {
> DEBUG(1, ("Could not get convert sid %s from string\n",
> diff --git a/source3/winbindd/winbindd_getuserdomgroups.c b/source3/winbindd/winbindd_getuserdomgroups.c
> index 24ec1ddc019..df90a87c7a2 100644
> --- a/source3/winbindd/winbindd_getuserdomgroups.c
> +++ b/source3/winbindd/winbindd_getuserdomgroups.c
> @@ -46,7 +46,10 @@ struct tevent_req *winbindd_getuserdomgroups_send(TALLOC_CTX *mem_ctx,
> /* Ensure null termination */
> request->data.sid[sizeof(request->data.sid)-1]='\0';
>
> - DEBUG(3, ("getuserdomgroups %s\n", request->data.sid));
> + DBG_NOTICE("[%s (%u)] getuserdomgroups %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->data.sid);
>
> if (!string_to_sid(&state->sid, request->data.sid)) {
> DEBUG(1, ("Could not get convert sid %s from string\n",
> diff --git a/source3/winbindd/winbindd_getusersids.c b/source3/winbindd/winbindd_getusersids.c
> index d6995c4390a..024bad2b9e5 100644
> --- a/source3/winbindd/winbindd_getusersids.c
> +++ b/source3/winbindd/winbindd_getusersids.c
> @@ -46,7 +46,10 @@ struct tevent_req *winbindd_getusersids_send(TALLOC_CTX *mem_ctx,
> /* Ensure null termination */
> request->data.sid[sizeof(request->data.sid)-1]='\0';
>
> - DEBUG(3, ("getusersids %s\n", request->data.sid));
> + DBG_NOTICE("[%s (%u)] getusersids %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->data.sid);
>
> if (!string_to_sid(&state->sid, request->data.sid)) {
> DEBUG(1, ("Could not get convert sid %s from string\n",
> --
> 2.19.1
>
>
> From ddd4c121301cfa35c32a66a74579495601d11a24 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Mon, 5 Nov 2018 11:55:46 +0100
> Subject: [PATCH 05/11] s3:winbind: Log client process name in winbind_misc
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> source3/winbindd/winbindd_misc.c | 46 +++++++++++++++++++++-----------
> 1 file changed, 30 insertions(+), 16 deletions(-)
>
> diff --git a/source3/winbindd/winbindd_misc.c b/source3/winbindd/winbindd_misc.c
> index 99606ca4cf5..df817126447 100644
> --- a/source3/winbindd/winbindd_misc.c
> +++ b/source3/winbindd/winbindd_misc.c
> @@ -212,8 +212,9 @@ bool winbindd_list_trusted_domains(struct winbindd_cli_state *state)
> size_t i = 0;
> bool ret = false;
>
> - DEBUG(3, ("[%5lu]: list trusted domains\n",
> - (unsigned long)state->pid));
> + DBG_NOTICE("[%s (%u)]: list trusted domains\n",
> + state->client_name,
> + (unsigned int)state->pid);
>
> if( !wcache_tdc_fetch_list( &dom_list, &num_domains )) {
> goto done;
> @@ -284,8 +285,9 @@ enum winbindd_result winbindd_dual_list_trusted_domains(struct winbindd_domain *
> bool have_own_domain = False;
> struct netr_DomainTrustList trusts;
>
> - DEBUG(3, ("[%5lu]: list trusted domains\n",
> - (unsigned long)state->pid));
> + DBG_NOTICE("[%s %u]: list trusted domains\n",
> + state->client_name,
> + (unsigned int)state->pid);
>
> result = wb_cache_trusted_domains(domain, state->mem_ctx, &trusts);
>
> @@ -353,8 +355,10 @@ bool winbindd_dc_info(struct winbindd_cli_state *cli)
>
> cli->request->domain_name[sizeof(cli->request->domain_name)-1] = '\0';
>
> - DEBUG(3, ("[%5lu]: domain_info [%s]\n", (unsigned long)cli->pid,
> - cli->request->domain_name));
> + DBG_NOTICE("[%s (%u)]: domain_info [%s]\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + cli->request->domain_name);
>
> if (cli->request->domain_name[0] != '\0') {
> domain = find_trust_from_name_noinit(
> @@ -395,7 +399,9 @@ bool winbindd_dc_info(struct winbindd_cli_state *cli)
>
> bool winbindd_ping(struct winbindd_cli_state *state)
> {
> - DEBUG(3, ("[%5lu]: ping\n", (unsigned long)state->pid));
> + DBG_NOTICE("[%s (%u)]: ping\n",
> + state->client_name,
> + (unsigned int)state->pid);
> return true;
> }
>
> @@ -404,7 +410,9 @@ bool winbindd_ping(struct winbindd_cli_state *state)
> bool winbindd_info(struct winbindd_cli_state *state)
> {
>
> - DEBUG(3, ("[%5lu]: request misc info\n", (unsigned long)state->pid));
> + DBG_NOTICE("[%s (%u)]: request misc info\n",
> + state->client_name,
> + (unsigned int)state->pid);
>
> state->response->data.info.winbind_separator = *lp_winbind_separator();
> fstrcpy(state->response->data.info.samba_version, samba_version_string());
> @@ -415,8 +423,10 @@ bool winbindd_info(struct winbindd_cli_state *state)
>
> bool winbindd_interface_version(struct winbindd_cli_state *state)
> {
> - DEBUG(3, ("[%5lu]: request interface version (version = %d)\n",
> - (unsigned long)state->pid, WINBIND_INTERFACE_VERSION));
> + DBG_NOTICE("[%s (%u)]: request interface version (version = %d)\n",
> + state->client_name,
> + (unsigned int)state->pid,
> + WINBIND_INTERFACE_VERSION);
>
> state->response->data.interface_version = WINBIND_INTERFACE_VERSION;
> return true;
> @@ -426,7 +436,9 @@ bool winbindd_interface_version(struct winbindd_cli_state *state)
>
> bool winbindd_domain_name(struct winbindd_cli_state *state)
> {
> - DEBUG(3, ("[%5lu]: request domain name\n", (unsigned long)state->pid));
> + DBG_NOTICE("[%s (%u)]: request domain name\n",
> + state->client_name,
> + (unsigned int)state->pid);
>
> fstrcpy(state->response->data.domain_name, lp_workgroup());
> return true;
> @@ -436,8 +448,9 @@ bool winbindd_domain_name(struct winbindd_cli_state *state)
>
> bool winbindd_netbios_name(struct winbindd_cli_state *state)
> {
> - DEBUG(3, ("[%5lu]: request netbios name\n",
> - (unsigned long)state->pid));
> + DBG_NOTICE("[%s (%u)]: request netbios name\n",
> + state->client_name,
> + (unsigned int)state->pid);
>
> fstrcpy(state->response->data.netbios_name, lp_netbios_name());
> return true;
> @@ -448,8 +461,10 @@ bool winbindd_netbios_name(struct winbindd_cli_state *state)
> bool winbindd_priv_pipe_dir(struct winbindd_cli_state *state)
> {
> char *priv_dir;
> - DEBUG(3, ("[%5lu]: request location of privileged pipe\n",
> - (unsigned long)state->pid));
> +
> + DBG_NOTICE("[%s (%u)]: request location of privileged pipe\n",
> + state->client_name,
> + (unsigned int)state->pid);
>
> priv_dir = get_winbind_priv_pipe_dir();
> state->response->extra_data.data = talloc_move(state->mem_ctx,
> @@ -461,4 +476,3 @@ bool winbindd_priv_pipe_dir(struct winbindd_cli_state *state)
>
> return true;
> }
> -
> --
> 2.19.1
>
>
> From 6e28a7b5ed7d539e152c4abca16e60043e90adfd Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Mon, 5 Nov 2018 11:56:21 +0100
> Subject: [PATCH 06/11] s3:winbind: Log client process name for PAM auth
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> source3/winbindd/winbindd_pam_auth.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/source3/winbindd/winbindd_pam_auth.c b/source3/winbindd/winbindd_pam_auth.c
> index f91879e1c17..e3c18f9525c 100644
> --- a/source3/winbindd/winbindd_pam_auth.c
> +++ b/source3/winbindd/winbindd_pam_auth.c
> @@ -52,8 +52,10 @@ struct tevent_req *winbindd_pam_auth_send(TALLOC_CTX *mem_ctx,
> request->data.auth.user[sizeof(request->data.auth.user)-1] = '\0';
> request->data.auth.pass[sizeof(request->data.auth.pass)-1] = '\0';
>
> - DEBUG(3, ("[%5lu]: pam auth %s\n", (unsigned long)cli->pid,
> - request->data.auth.user));
> + DBG_NOTICE("[%s (%u)]: pam auth %s\n",
> + cli->client_name,
> + (unsigned int)cli->pid,
> + request->data.auth.user);
>
> if (!check_request_flags(request->flags)) {
> tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER_MIX);
> --
> 2.19.1
>
>
> From 48f4e4bd473769469556a6705b5d775dcff6f738 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Fri, 2 Nov 2018 18:57:05 +0100
> Subject: [PATCH 07/11] wbclient: Add wbcSetClientProcessName()
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> nsswitch/libwbclient/wbc_util.c | 5 +++++
> nsswitch/libwbclient/wbclient.h | 13 +++++++++++++
> nsswitch/wb_common.c | 9 +++++++++
> nsswitch/winbind_client.h | 2 ++
> 4 files changed, 29 insertions(+)
>
> diff --git a/nsswitch/libwbclient/wbc_util.c b/nsswitch/libwbclient/wbc_util.c
> index fc6a840cc71..476ed50fa44 100644
> --- a/nsswitch/libwbclient/wbc_util.c
> +++ b/nsswitch/libwbclient/wbc_util.c
> @@ -894,3 +894,8 @@ done:
> wbcFreeMemory(blobs);
> return wbc_status;
> }
> +
> +void wbcSetClientProcessName(const char *name)
> +{
> + winbind_set_client_name(name);
> +}
> diff --git a/nsswitch/libwbclient/wbclient.h b/nsswitch/libwbclient/wbclient.h
> index 81a6a6a069b..341a733dd6c 100644
> --- a/nsswitch/libwbclient/wbclient.h
> +++ b/nsswitch/libwbclient/wbclient.h
> @@ -2051,4 +2051,17 @@ wbcErr wbcAddNamedBlob(size_t *num_blobs,
> uint8_t *data,
> size_t length);
>
> +/**
> + * @brief Set the name of the process which call wbclient.
> + *
> + * By default wbclient will figure out the process name. This should just be
> + * used in special cases like pam modules or similar. Only alpha numeric
> + * chars in ASCII are allowed.
> + *
> + * This function should only be called once!
> + *
> + * @param[in] name The process name to set.
> + */
> +void wbcSetClientProcessName(const char *name);
> +
> #endif /* _WBCLIENT_H */
> diff --git a/nsswitch/wb_common.c b/nsswitch/wb_common.c
> index 13c38f213ba..6eea32c7e2a 100644
> --- a/nsswitch/wb_common.c
> +++ b/nsswitch/wb_common.c
> @@ -77,6 +77,15 @@ void winbindd_free_response(struct winbindd_response *response)
> SAFE_FREE(response->extra_data.data);
> }
>
> +void winbind_set_client_name(const char *name)
> +{
> + if (name == NULL || strlen(name) == 0) {
> + return;
> + }
> +
> + (void)snprintf(client_name, sizeof(client_name), "%s", name);
> +}
> +
> static const char *winbind_get_client_name(void)
> {
> if (client_name[0] == '\0') {
> diff --git a/nsswitch/winbind_client.h b/nsswitch/winbind_client.h
> index fd39ea39b4e..c0ee6c9391a 100644
> --- a/nsswitch/winbind_client.h
> +++ b/nsswitch/winbind_client.h
> @@ -44,6 +44,8 @@ NSS_STATUS winbindd_priv_request_response(struct winbindd_context *ctx,
> struct winbindd_request *request,
> struct winbindd_response *response);
>
> +void winbind_set_client_name(const char *name);
> +
> #define winbind_env_set() \
> (strcmp(getenv(WINBINDD_DONT_ENV)?getenv(WINBINDD_DONT_ENV):"0","1") == 0)
>
> --
> 2.19.1
>
>
> From 2a8ad3aa222452806541878c5b456884ee870f6d Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Mon, 5 Nov 2018 08:11:27 +0100
> Subject: [PATCH 08/11] krb5_plugin: Set the wbclient process name
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> nsswitch/krb5_plugin/winbind_krb5_localauth.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/nsswitch/krb5_plugin/winbind_krb5_localauth.c b/nsswitch/krb5_plugin/winbind_krb5_localauth.c
> index b412575e4fe..e27bd6c6c54 100644
> --- a/nsswitch/krb5_plugin/winbind_krb5_localauth.c
> +++ b/nsswitch/krb5_plugin/winbind_krb5_localauth.c
> @@ -52,6 +52,8 @@ static krb5_error_code winbind_init(krb5_context context,
> return ENOMEM;
> }
>
> + wbcSetClientProcessName("krb5_localauth_plugin");
> +
> *data = d;
>
> return 0;
> --
> 2.19.1
>
>
> From c68b6beb32592745ec855495be045c8dcf8e5065 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Mon, 5 Nov 2018 08:14:48 +0100
> Subject: [PATCH 09/11] nss_winbind: Set the client process name
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> nsswitch/winbind_nss_linux.c | 11 +++++++++++
> 1 file changed, 11 insertions(+)
>
> diff --git a/nsswitch/winbind_nss_linux.c b/nsswitch/winbind_nss_linux.c
> index 442c06e612f..c7443e505bf 100644
> --- a/nsswitch/winbind_nss_linux.c
> +++ b/nsswitch/winbind_nss_linux.c
> @@ -378,6 +378,7 @@ _nss_winbind_setpwent(void)
> winbindd_free_response(&getpwent_response);
> }
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_SETPWENT, NULL, NULL);
> #ifdef DEBUG_NSS
> fprintf(stderr, "[%5d]: setpwent returns %s (%d)\n", getpid(),
> @@ -409,6 +410,7 @@ _nss_winbind_endpwent(void)
> winbindd_free_response(&getpwent_response);
> }
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_ENDPWENT, NULL, NULL);
> #ifdef DEBUG_NSS
> fprintf(stderr, "[%5d]: endpwent returns %s (%d)\n", getpid(),
> @@ -458,6 +460,7 @@ _nss_winbind_getpwent_r(struct passwd *result, char *buffer,
>
> request.data.num_entries = MAX_GETPWENT_USERS;
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_GETPWENT, &request,
> &getpwent_response);
>
> @@ -546,6 +549,7 @@ _nss_winbind_getpwuid_r(uid_t uid, struct passwd *result, char *buffer,
>
> request.data.uid = uid;
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_GETPWUID, &request, &response);
>
> if (ret == NSS_STATUS_SUCCESS) {
> @@ -622,6 +626,7 @@ _nss_winbind_getpwnam_r(const char *name, struct passwd *result, char *buffer,
> request.data.username
> [sizeof(request.data.username) - 1] = '\0';
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_GETPWNAM, &request, &response);
>
> if (ret == NSS_STATUS_SUCCESS) {
> @@ -693,6 +698,7 @@ _nss_winbind_setgrent(void)
> winbindd_free_response(&getgrent_response);
> }
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_SETGRENT, NULL, NULL);
> #ifdef DEBUG_NSS
> fprintf(stderr, "[%5d]: setgrent returns %s (%d)\n", getpid(),
> @@ -725,6 +731,7 @@ _nss_winbind_endgrent(void)
> winbindd_free_response(&getgrent_response);
> }
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_ENDGRENT, NULL, NULL);
> #ifdef DEBUG_NSS
> fprintf(stderr, "[%5d]: endgrent returns %s (%d)\n", getpid(),
> @@ -776,6 +783,7 @@ winbind_getgrent(enum winbindd_cmd cmd,
>
> request.data.num_entries = MAX_GETGRENT_USERS;
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, cmd, &request,
> &getgrent_response);
>
> @@ -895,6 +903,7 @@ _nss_winbind_getgrnam_r(const char *name,
> request.data.groupname
> [sizeof(request.data.groupname) - 1] = '\0';
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_GETGRNAM,
> &request, &response);
>
> @@ -974,6 +983,7 @@ _nss_winbind_getgrgid_r(gid_t gid,
>
> request.data.gid = gid;
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_GETGRGID,
> &request, &response);
>
> @@ -1048,6 +1058,7 @@ _nss_winbind_initgroups_dyn(const char *user, gid_t group, long int *start,
> strncpy(request.data.username, user,
> sizeof(request.data.username) - 1);
>
> + winbind_set_client_name("nss_winbind");
> ret = winbindd_request_response(NULL, WINBINDD_GETGROUPS,
> &request, &response);
>
> --
> 2.19.1
>
>
> From 3c387f69f67ac742a93a04a2fdd5bbf72716a598 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Mon, 5 Nov 2018 08:16:23 +0100
> Subject: [PATCH 10/11] nss_wins: Set client process name
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> nsswitch/wins.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/nsswitch/wins.c b/nsswitch/wins.c
> index 72055f099b6..ddbbb03d844 100644
> --- a/nsswitch/wins.c
> +++ b/nsswitch/wins.c
> @@ -69,6 +69,7 @@ static char *lookup_byname_backend(const char *name)
> return NULL;
> }
>
> + wbcSetClientProcessName("nss_wins");
> result = wbcResolveWinsByName(name, &ip);
> if (result != WBC_ERR_SUCCESS) {
> return NULL;
> @@ -89,6 +90,7 @@ static char *lookup_byaddr_backend(const char *ip)
> wbcErr result;
> char *name = NULL;
>
> + wbcSetClientProcessName("nss_wins");
> result = wbcResolveWinsByIP(ip, &name);
> if (result != WBC_ERR_SUCCESS) {
> return NULL;
> --
> 2.19.1
>
>
> From 38bca00441347b7eafb325f6d2035a917dedb405 Mon Sep 17 00:00:00 2001
> From: Andreas Schneider <asn at samba.org>
> Date: Fri, 2 Nov 2018 18:58:25 +0100
> Subject: [PATCH 11/11] pam_winbind: Set the request type as client name
>
> Signed-off-by: Andreas Schneider <asn at samba.org>
> ---
> nsswitch/pam_winbind.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
>
> diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
> index 1a58ba49c48..757fdae6e3c 100644
> --- a/nsswitch/pam_winbind.c
> +++ b/nsswitch/pam_winbind.c
> @@ -564,6 +564,8 @@ static int _pam_winbind_init_context(pam_handle_t *pamh,
> struct pwb_context **ctx_p)
> {
> struct pwb_context *r = NULL;
> + const char *service = NULL;
> + char service_name[32] = {0};
> int ctrl_code;
>
> #ifdef HAVE_GETTEXT
> @@ -594,6 +596,12 @@ static int _pam_winbind_init_context(pam_handle_t *pamh,
> return PAM_SYSTEM_ERR;
> }
>
> + pam_get_item(pamh, PAM_SERVICE, (const void **)&service);
> +
> + snprintf(service_name, sizeof(service_name), "PAM_WINBIND[%s]", service);
> +
> + wbcSetClientProcessName(service_name);
> +
> *ctx_p = r;
>
> return PAM_SUCCESS;
> --
> 2.19.1
>
More information about the samba-technical
mailing list