root/source3/lib/tdb_validate.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. tdb_validate_child
  2. tdb_validate
  3. tdb_validate_open
  4. traverse_copy_fn
  5. tdb_copy
  6. tdb_verify_basic
  7. tdb_backup
  8. rename_file_with_suffix
  9. tdb_backup_with_rotate
  10. tdb_validate_and_backup

   1 /*
   2  * Unix SMB/CIFS implementation.
   3  *
   4  * A general tdb content validation mechanism
   5  *
   6  * Copyright (C) Michael Adam      2007
   7  *
   8  * This program is free software; you can redistribute it and/or modify
   9  * it under the terms of the GNU General Public License as published by
  10  * the Free Software Foundation; either version 3 of the License, or
  11  * (at your option) any later version.
  12  *
  13  * This program is distributed in the hope that it will be useful,
  14  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  * GNU General Public License for more details.
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20  */
  21 
  22 #include "tdb_validate.h"
  23 #include "includes.h"
  24 
  25 /*
  26  * internal validation function, executed by the child.
  27  */
  28 static int tdb_validate_child(struct tdb_context *tdb,
     /* [<][>][^][v][top][bottom][index][help] */
  29                               tdb_validate_data_func validate_fn)
  30 {
  31         int ret = 1;
  32         int num_entries = 0;
  33         struct tdb_validation_status v_status;
  34 
  35         v_status.tdb_error = False;
  36         v_status.bad_freelist = False;
  37         v_status.bad_entry = False;
  38         v_status.unknown_key = False;
  39         v_status.success = True;
  40 
  41         if (!tdb) {
  42                 v_status.tdb_error = True;
  43                 v_status.success = False;
  44                 goto out;
  45         }
  46 
  47         /* Check if the tdb's freelist is good. */
  48         if (tdb_validate_freelist(tdb, &num_entries) == -1) {
  49                 v_status.bad_freelist = True;
  50                 v_status.success = False;
  51                 goto out;
  52         }
  53 
  54         DEBUG(10,("tdb_validate_child: tdb %s freelist has %d entries\n",
  55                   tdb_name(tdb), num_entries));
  56 
  57         /* Now traverse the tdb to validate it. */
  58         num_entries = tdb_traverse(tdb, validate_fn, (void *)&v_status);
  59         if (!v_status.success) {
  60                 goto out;
  61         } else if (num_entries == -1) {
  62                 v_status.tdb_error = True;
  63                 v_status.success = False;
  64                 goto out;
  65         }
  66 
  67         DEBUG(10,("tdb_validate_child: tdb %s is good with %d entries\n",
  68                   tdb_name(tdb), num_entries));
  69         ret = 0; /* Cache is good. */
  70 
  71 out:
  72         DEBUG(10,   ("tdb_validate_child: summary of validation status:\n"));
  73         DEBUGADD(10,(" * tdb error: %s\n", v_status.tdb_error ? "yes" : "no"));
  74         DEBUGADD(10,(" * bad freelist: %s\n",v_status.bad_freelist?"yes":"no"));
  75         DEBUGADD(10,(" * bad entry: %s\n", v_status.bad_entry ? "yes" : "no"));
  76         DEBUGADD(10,(" * unknown key: %s\n", v_status.unknown_key?"yes":"no"));
  77         DEBUGADD(10,(" => overall success: %s\n", v_status.success?"yes":"no"));
  78 
  79         return ret;
  80 }
  81 
  82 /*
  83  * tdb validation function.
  84  * returns 0 if tdb is ok, != 0 if it isn't.
  85  * this function expects an opened tdb.
  86  */
  87 int tdb_validate(struct tdb_context *tdb, tdb_validate_data_func validate_fn)
     /* [<][>][^][v][top][bottom][index][help] */
  88 {
  89         pid_t child_pid = -1;
  90         int child_status = 0;
  91         int wait_pid = 0;
  92         int ret = 1;
  93 
  94         if (tdb == NULL) {
  95                 DEBUG(1, ("Error: tdb_validate called with tdb == NULL\n"));
  96                 return ret;
  97         }
  98 
  99         DEBUG(5, ("tdb_validate called for tdb '%s'\n", tdb_name(tdb)));
 100 
 101         /* fork and let the child do the validation.
 102          * benefit: no need to twist signal handlers and panic functions.
 103          * just let the child panic. we catch the signal. */
 104 
 105         DEBUG(10, ("tdb_validate: forking to let child do validation.\n"));
 106         child_pid = sys_fork();
 107         if (child_pid == 0) {
 108                 /* child code */
 109                 DEBUG(10, ("tdb_validate (validation child): created\n"));
 110                 DEBUG(10, ("tdb_validate (validation child): "
 111                            "calling tdb_validate_child\n"));
 112                 exit(tdb_validate_child(tdb, validate_fn));
 113         }
 114         else if (child_pid < 0) {
 115                 DEBUG(1, ("tdb_validate: fork for validation failed.\n"));
 116                 goto done;
 117         }
 118 
 119         /* parent */
 120 
 121         DEBUG(10, ("tdb_validate: fork succeeded, child PID = %u\n",
 122                 (unsigned int)child_pid));
 123 
 124         DEBUG(10, ("tdb_validate: waiting for child to finish...\n"));
 125         while  ((wait_pid = sys_waitpid(child_pid, &child_status, 0)) < 0) {
 126                 if (errno == EINTR) {
 127                         DEBUG(10, ("tdb_validate: got signal during waitpid, "
 128                                    "retrying\n"));
 129                         errno = 0;
 130                         continue;
 131                 }
 132                 DEBUG(1, ("tdb_validate: waitpid failed with error '%s'.\n",
 133                           strerror(errno)));
 134                 goto done;
 135         }
 136         if (wait_pid != child_pid) {
 137                 DEBUG(1, ("tdb_validate: waitpid returned pid %d, "
 138                           "but %u was expected\n", wait_pid, (unsigned int)child_pid));
 139                 goto done;
 140         }
 141 
 142         DEBUG(10, ("tdb_validate: validating child returned.\n"));
 143         if (WIFEXITED(child_status)) {
 144                 DEBUG(10, ("tdb_validate: child exited, code %d.\n",
 145                            WEXITSTATUS(child_status)));
 146                 ret = WEXITSTATUS(child_status);
 147         }
 148         if (WIFSIGNALED(child_status)) {
 149                 DEBUG(10, ("tdb_validate: child terminated by signal %d\n",
 150                            WTERMSIG(child_status)));
 151 #ifdef WCOREDUMP
 152                 if (WCOREDUMP(child_status)) {
 153                         DEBUGADD(10, ("core dumped\n"));
 154                 }
 155 #endif
 156                 ret = WTERMSIG(child_status);
 157         }
 158         if (WIFSTOPPED(child_status)) {
 159                 DEBUG(10, ("tdb_validate: child was stopped by signal %d\n",
 160                            WSTOPSIG(child_status)));
 161                 ret = WSTOPSIG(child_status);
 162         }
 163 
 164 done:
 165         DEBUG(5, ("tdb_validate returning code '%d' for tdb '%s'\n", ret,
 166                   tdb_name(tdb)));
 167 
 168         return ret;
 169 }
 170 
 171 /*
 172  * tdb validation function.
 173  * returns 0 if tdb is ok, != 0 if it isn't.
 174  * this is a wrapper around the actual validation function that opens and closes
 175  * the tdb.
 176  */
 177 int tdb_validate_open(const char *tdb_path, tdb_validate_data_func validate_fn)
     /* [<][>][^][v][top][bottom][index][help] */
 178 {
 179         TDB_CONTEXT *tdb = NULL;
 180         int ret = 1;
 181 
 182         DEBUG(5, ("tdb_validate_open called for tdb '%s'\n", tdb_path));
 183 
 184         tdb = tdb_open_log(tdb_path, 0, TDB_DEFAULT, O_RDONLY, 0);
 185         if (!tdb) {
 186                 DEBUG(1, ("Error opening tdb %s\n", tdb_path));
 187                 return ret;
 188         }
 189 
 190         ret = tdb_validate(tdb, validate_fn);
 191         tdb_close(tdb);
 192         return ret;
 193 }
 194 
 195 /*
 196  * tdb backup function and helpers for tdb_validate wrapper with backup
 197  * handling.
 198  */
 199 
 200 /* this structure eliminates the need for a global overall status for
 201  * the traverse-copy */
 202 struct tdb_copy_data {
 203         struct tdb_context *dst;
 204         bool success;
 205 };
 206 
 207 static int traverse_copy_fn(struct tdb_context *tdb, TDB_DATA key,
     /* [<][>][^][v][top][bottom][index][help] */
 208                             TDB_DATA dbuf, void *private_data)
 209 {
 210         struct tdb_copy_data *data = (struct tdb_copy_data *)private_data;
 211 
 212         if (tdb_store(data->dst, key, dbuf, TDB_INSERT) != 0) {
 213                 DEBUG(4, ("Failed to insert into %s: %s\n", tdb_name(data->dst),
 214                           strerror(errno)));
 215                 data->success = False;
 216                 return 1;
 217         }
 218         return 0;
 219 }
 220 
 221 static int tdb_copy(struct tdb_context *src, struct tdb_context *dst)
     /* [<][>][^][v][top][bottom][index][help] */
 222 {
 223         struct tdb_copy_data data;
 224         int count;
 225 
 226         data.dst = dst;
 227         data.success = True;
 228 
 229         count = tdb_traverse(src, traverse_copy_fn, (void *)(&data));
 230         if ((count < 0) || (data.success == False)) {
 231                 return -1;
 232         }
 233         return count;
 234 }
 235 
 236 static int tdb_verify_basic(struct tdb_context *tdb)
     /* [<][>][^][v][top][bottom][index][help] */
 237 {
 238         return tdb_traverse(tdb, NULL, NULL);
 239 }
 240 
 241 /* this backup function is essentially taken from lib/tdb/tools/tdbbackup.tdb
 242  */
 243 static int tdb_backup(TALLOC_CTX *ctx, const char *src_path,
     /* [<][>][^][v][top][bottom][index][help] */
 244                       const char *dst_path, int hash_size)
 245 {
 246         struct tdb_context *src_tdb = NULL;
 247         struct tdb_context *dst_tdb = NULL;
 248         char *tmp_path = NULL;
 249         struct stat st;
 250         int count1, count2;
 251         int saved_errno = 0;
 252         int ret = -1;
 253 
 254         if (stat(src_path, &st) != 0) {
 255                 DEBUG(3, ("Could not stat '%s': %s\n", src_path,
 256                           strerror(errno)));
 257                 goto done;
 258         }
 259 
 260         /* open old tdb RDWR - so we can lock it */
 261         src_tdb = tdb_open_log(src_path, 0, TDB_DEFAULT, O_RDWR, 0);
 262         if (src_tdb == NULL) {
 263                 DEBUG(3, ("Failed to open tdb '%s'\n", src_path));
 264                 goto done;
 265         }
 266 
 267         if (tdb_lockall(src_tdb) != 0) {
 268                 DEBUG(3, ("Failed to lock tdb '%s'\n", src_path));
 269                 goto done;
 270         }
 271 
 272         tmp_path = talloc_asprintf(ctx, "%s%s", dst_path, ".tmp");
 273         unlink(tmp_path);
 274         dst_tdb = tdb_open_log(tmp_path,
 275                                hash_size ? hash_size : tdb_hash_size(src_tdb),
 276                                TDB_DEFAULT, O_RDWR | O_CREAT | O_EXCL,
 277                                st.st_mode & 0777);
 278         if (dst_tdb == NULL) {
 279                 DEBUG(3, ("Error creating tdb '%s': %s\n", tmp_path,
 280                           strerror(errno)));
 281                 saved_errno = errno;
 282                 unlink(tmp_path);
 283                 goto done;
 284         }
 285 
 286         count1 = tdb_copy(src_tdb, dst_tdb);
 287         if (count1 < 0) {
 288                 DEBUG(3, ("Failed to copy tdb '%s': %s\n", src_path,
 289                           strerror(errno)));
 290                 tdb_close(dst_tdb);
 291                 goto done;
 292         }
 293 
 294         /* reopen ro and do basic verification */
 295         tdb_close(dst_tdb);
 296         dst_tdb = tdb_open_log(tmp_path, 0, TDB_DEFAULT, O_RDONLY, 0);
 297         if (!dst_tdb) {
 298                 DEBUG(3, ("Failed to reopen tdb '%s': %s\n", tmp_path,
 299                           strerror(errno)));
 300                 goto done;
 301         }
 302         count2 = tdb_verify_basic(dst_tdb);
 303         if (count2 != count1) {
 304                 DEBUG(3, ("Failed to verify result of copying tdb '%s'.\n",
 305                           src_path));
 306                 tdb_close(dst_tdb);
 307                 goto done;
 308         }
 309 
 310         DEBUG(10, ("tdb_backup: successfully copied %d entries\n", count1));
 311 
 312         /* make sure the new tdb has reached stable storage
 313          * then rename it to its destination */
 314         fsync(tdb_fd(dst_tdb));
 315         tdb_close(dst_tdb);
 316         unlink(dst_path);
 317         if (rename(tmp_path, dst_path) != 0) {
 318                 DEBUG(3, ("Failed to rename '%s' to '%s': %s\n",
 319                           tmp_path, dst_path, strerror(errno)));
 320                 goto done;
 321         }
 322 
 323         /* success */
 324         ret = 0;
 325 
 326 done:
 327         if (src_tdb != NULL) {
 328                 tdb_close(src_tdb);
 329         }
 330         if (tmp_path != NULL) {
 331                 unlink(tmp_path);
 332                 TALLOC_FREE(tmp_path);
 333         }
 334         if (saved_errno != 0) {
 335                 errno = saved_errno;
 336         }
 337         return ret;
 338 }
 339 
 340 static int rename_file_with_suffix(TALLOC_CTX *ctx, const char *path,
     /* [<][>][^][v][top][bottom][index][help] */
 341                                    const char *suffix)
 342 {
 343         int ret = -1;
 344         char *dst_path;
 345 
 346         dst_path = talloc_asprintf(ctx, "%s%s", path, suffix);
 347 
 348         ret = (rename(path, dst_path) != 0);
 349 
 350         if (ret == 0) {
 351                 DEBUG(5, ("moved '%s' to '%s'\n", path, dst_path));
 352         } else if (errno == ENOENT) {
 353                 DEBUG(3, ("file '%s' does not exist - so not moved\n", path));
 354                 ret = 0;
 355         } else {
 356                 DEBUG(3, ("error renaming %s to %s: %s\n", path, dst_path,
 357                           strerror(errno)));
 358         }
 359 
 360         TALLOC_FREE(dst_path);
 361         return ret;
 362 }
 363 
 364 /*
 365  * do a backup of a tdb, moving the destination out of the way first
 366  */
 367 static int tdb_backup_with_rotate(TALLOC_CTX *ctx, const char *src_path,
     /* [<][>][^][v][top][bottom][index][help] */
 368                                   const char *dst_path, int hash_size,
 369                                   const char *rotate_suffix,
 370                                   bool retry_norotate_if_nospc,
 371                                   bool rename_as_last_resort_if_nospc)
 372 {
 373         int ret;
 374 
 375         rename_file_with_suffix(ctx, dst_path, rotate_suffix);
 376 
 377         ret = tdb_backup(ctx, src_path, dst_path, hash_size);
 378 
 379         if (ret != 0) {
 380                 DEBUG(10, ("backup of %s failed: %s\n", src_path, strerror(errno)));
 381         }
 382         if ((ret != 0) && (errno == ENOSPC) && retry_norotate_if_nospc)
 383         {
 384                 char *rotate_path = talloc_asprintf(ctx, "%s%s", dst_path,
 385                                                     rotate_suffix);
 386                 DEBUG(10, ("backup of %s failed due to lack of space\n",
 387                            src_path));
 388                 DEBUGADD(10, ("trying to free some space by removing rotated "
 389                               "dst %s\n", rotate_path));
 390                 if (unlink(rotate_path) == -1) {
 391                         DEBUG(10, ("unlink of %s failed: %s\n", rotate_path,
 392                                    strerror(errno)));
 393                 } else {
 394                         ret = tdb_backup(ctx, src_path, dst_path, hash_size);
 395                 }
 396                 TALLOC_FREE(rotate_path);
 397         }
 398 
 399         if ((ret != 0) && (errno == ENOSPC) && rename_as_last_resort_if_nospc)
 400         {
 401                 DEBUG(10, ("backup of %s failed due to lack of space\n", 
 402                            src_path));
 403                 DEBUGADD(10, ("using 'rename' as a last resort\n"));
 404                 ret = rename(src_path, dst_path);
 405         }
 406 
 407         return ret;
 408 }
 409 
 410 /*
 411  * validation function with backup handling:
 412  *
 413  *  - calls tdb_validate
 414  *  - if the tdb is ok, create a backup "name.bak", possibly moving
 415  *    existing backup to name.bak.old,
 416  *    return 0 (success) even if the backup fails
 417  *  - if the tdb is corrupt:
 418  *    - move the tdb to "name.corrupt"
 419  *    - check if there is valid backup.
 420  *      if so, restore the backup.
 421  *      if restore is successful, return 0 (success),
 422  *    - otherwise return -1 (failure)
 423  */
 424 int tdb_validate_and_backup(const char *tdb_path,
     /* [<][>][^][v][top][bottom][index][help] */
 425                             tdb_validate_data_func validate_fn)
 426 {
 427         int ret = -1;
 428         const char *backup_suffix = ".bak";
 429         const char *corrupt_suffix = ".corrupt";
 430         const char *rotate_suffix = ".old";
 431         char *tdb_path_backup;
 432         struct stat st;
 433         TALLOC_CTX *ctx = NULL;
 434 
 435         ctx = talloc_new(NULL);
 436         if (ctx == NULL) {
 437                 DEBUG(0, ("tdb_validate_and_backup: out of memory\n"));
 438                 goto done;
 439         }
 440 
 441         tdb_path_backup = talloc_asprintf(ctx, "%s%s", tdb_path, backup_suffix);
 442 
 443         ret = tdb_validate_open(tdb_path, validate_fn);
 444 
 445         if (ret == 0) {
 446                 DEBUG(1, ("tdb '%s' is valid\n", tdb_path));
 447                 ret = tdb_backup_with_rotate(ctx, tdb_path, tdb_path_backup, 0,
 448                                              rotate_suffix, True, False);
 449                 if (ret != 0) {
 450                         DEBUG(1, ("Error creating backup of tdb '%s'\n",
 451                                   tdb_path));
 452                         /* the actual validation was successful: */
 453                         ret = 0;
 454                 } else {
 455                         DEBUG(1, ("Created backup '%s' of tdb '%s'\n",
 456                                   tdb_path_backup, tdb_path));
 457                 }
 458         } else {
 459                 DEBUG(1, ("tdb '%s' is invalid\n", tdb_path));
 460 
 461                 ret =stat(tdb_path_backup, &st);
 462                 if (ret != 0) {
 463                         DEBUG(5, ("Could not stat '%s': %s\n", tdb_path_backup,
 464                                   strerror(errno)));
 465                         DEBUG(1, ("No backup found.\n"));
 466                 } else {
 467                         DEBUG(1, ("backup '%s' found.\n", tdb_path_backup));
 468                         ret = tdb_validate_open(tdb_path_backup, validate_fn);
 469                         if (ret != 0) {
 470                                 DEBUG(1, ("Backup '%s' is invalid.\n",
 471                                           tdb_path_backup));
 472                         }
 473                 }
 474 
 475                 if (ret != 0) {
 476                         int renamed = rename_file_with_suffix(ctx, tdb_path,
 477                                                               corrupt_suffix);
 478                         if (renamed != 0) {
 479                                 DEBUG(1, ("Error moving tdb to '%s%s'\n",
 480                                           tdb_path, corrupt_suffix));
 481                         } else {
 482                                 DEBUG(1, ("Corrupt tdb stored as '%s%s'\n",
 483                                           tdb_path, corrupt_suffix));
 484                         }
 485                         goto done;
 486                 }
 487 
 488                 DEBUG(1, ("valid backup '%s' found\n", tdb_path_backup));
 489                 ret = tdb_backup_with_rotate(ctx, tdb_path_backup, tdb_path, 0,
 490                                              corrupt_suffix, True, True);
 491                 if (ret != 0) {
 492                         DEBUG(1, ("Error restoring backup from '%s'\n",
 493                                   tdb_path_backup));
 494                 } else {
 495                         DEBUG(1, ("Restored tdb backup from '%s'\n",
 496                                   tdb_path_backup));
 497                 }
 498         }
 499 
 500 done:
 501         TALLOC_FREE(ctx);
 502         return ret;
 503 }

/* [<][>][^][v][top][bottom][index][help] */