]>
Commit | Line | Data |
---|---|---|
7c673cae | 1 | // -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- |
9f95a23c | 2 | // vim: ts=8 sw=2 smarttab ft=cpp |
11fdf7f2 | 3 | |
7c673cae FG |
4 | /* |
5 | * Ceph - scalable distributed file system | |
6 | * | |
7 | * Copyright (C) 2011 New Dream Network | |
8 | * | |
9 | * This is free software; you can redistribute it and/or | |
10 | * modify it under the terms of the GNU Lesser General Public | |
11 | * License version 2.1, as published by the Free Software | |
12 | * Foundation. See file COPYING. | |
13 | * | |
14 | */ | |
11fdf7f2 | 15 | |
31f18b77 | 16 | #include "include/compat.h" |
7c673cae FG |
17 | #include <sys/types.h> |
18 | #include <string.h> | |
19 | #include <chrono> | |
20 | ||
21 | #include "include/types.h" | |
22 | #include "include/rados/librgw.h" | |
23 | #include "rgw/rgw_acl_s3.h" | |
24 | #include "rgw_acl.h" | |
25 | ||
26 | #include "include/str_list.h" | |
224ce89b | 27 | #include "include/stringify.h" |
7c673cae | 28 | #include "global/global_init.h" |
b32b8144 | 29 | #include "global/signal_handler.h" |
7c673cae FG |
30 | #include "common/config.h" |
31 | #include "common/errno.h" | |
32 | #include "common/Timer.h" | |
33 | #include "common/Throttle.h" | |
34 | #include "common/WorkQueue.h" | |
35 | #include "common/ceph_argparse.h" | |
36 | #include "common/ceph_context.h" | |
37 | #include "common/common_init.h" | |
38 | #include "common/dout.h" | |
39 | ||
7c673cae FG |
40 | #include "rgw_resolve.h" |
41 | #include "rgw_op.h" | |
42 | #include "rgw_rest.h" | |
43 | #include "rgw_frontend.h" | |
44 | #include "rgw_request.h" | |
45 | #include "rgw_process.h" | |
46 | #include "rgw_rest_user.h" | |
47 | #include "rgw_rest_s3.h" | |
48 | #include "rgw_os_lib.h" | |
49 | #include "rgw_auth.h" | |
50 | #include "rgw_auth_s3.h" | |
51 | #include "rgw_lib.h" | |
52 | #include "rgw_lib_frontend.h" | |
f64942e4 AA |
53 | #include "rgw_http_client.h" |
54 | #include "rgw_http_client_curl.h" | |
11fdf7f2 | 55 | #include "rgw_perf_counters.h" |
7c673cae | 56 | |
9f95a23c TL |
57 | #include "services/svc_zone.h" |
58 | ||
7c673cae | 59 | #include <errno.h> |
7c673cae FG |
60 | #include <thread> |
61 | #include <string> | |
7c673cae FG |
62 | #include <mutex> |
63 | ||
7c673cae FG |
64 | #define dout_subsys ceph_subsys_rgw |
65 | ||
66 | bool global_stop = false; | |
67 | ||
b32b8144 FG |
68 | static void handle_sigterm(int signum) |
69 | { | |
70 | dout(20) << __func__ << " SIGUSR1 ignored" << dendl; | |
71 | } | |
72 | ||
7c673cae FG |
73 | namespace rgw { |
74 | ||
75 | using std::string; | |
76 | ||
77 | static std::mutex librgw_mtx; | |
78 | ||
79 | RGWLib rgwlib; | |
80 | ||
81 | class C_InitTimeout : public Context { | |
82 | public: | |
83 | C_InitTimeout() {} | |
84 | void finish(int r) override { | |
85 | derr << "Initialization timeout, failed to initialize" << dendl; | |
86 | exit(1); | |
87 | } | |
88 | }; | |
89 | ||
90 | void RGWLibProcess::checkpoint() | |
91 | { | |
92 | m_tp.drain(&req_wq); | |
93 | } | |
94 | ||
95 | #define MIN_EXPIRE_S 120 | |
96 | ||
97 | void RGWLibProcess::run() | |
98 | { | |
99 | /* write completion interval */ | |
100 | RGWLibFS::write_completion_interval_s = | |
101 | cct->_conf->rgw_nfs_write_completion_interval_s; | |
102 | ||
103 | /* start write timer */ | |
104 | RGWLibFS::write_timer.resume(); | |
105 | ||
106 | /* gc loop */ | |
107 | while (! shutdown) { | |
108 | lsubdout(cct, rgw, 5) << "RGWLibProcess GC" << dendl; | |
109 | ||
110 | /* dirent invalidate timeout--basically, the upper-bound on | |
111 | * inconsistency with the S3 namespace */ | |
112 | auto expire_s = cct->_conf->rgw_nfs_namespace_expire_secs; | |
113 | ||
114 | /* delay between gc cycles */ | |
c07f9fc5 | 115 | auto delay_s = std::max(int64_t(1), std::min(int64_t(MIN_EXPIRE_S), expire_s/2)); |
7c673cae FG |
116 | |
117 | unique_lock uniq(mtx); | |
118 | restart: | |
119 | int cur_gen = gen; | |
120 | for (auto iter = mounted_fs.begin(); iter != mounted_fs.end(); | |
121 | ++iter) { | |
122 | RGWLibFS* fs = iter->first->ref(); | |
123 | uniq.unlock(); | |
124 | fs->gc(); | |
b3b6e05e TL |
125 | const DoutPrefix dp(cct, dout_subsys, "librgw: "); |
126 | fs->update_user(&dp); | |
7c673cae FG |
127 | fs->rele(); |
128 | uniq.lock(); | |
129 | if (cur_gen != gen) | |
130 | goto restart; /* invalidated */ | |
131 | } | |
f91f0fd5 | 132 | cv.wait_for(uniq, std::chrono::seconds(delay_s)); |
7c673cae | 133 | uniq.unlock(); |
7c673cae FG |
134 | } |
135 | } | |
136 | ||
b3b6e05e | 137 | void RGWLibProcess::handle_request(const DoutPrefixProvider *dpp, RGWRequest* r) |
7c673cae FG |
138 | { |
139 | /* | |
140 | * invariant: valid requests are derived from RGWLibRequst | |
141 | */ | |
142 | RGWLibRequest* req = static_cast<RGWLibRequest*>(r); | |
143 | ||
144 | // XXX move RGWLibIO and timing setup into process_request | |
145 | ||
146 | #if 0 /* XXX */ | |
147 | utime_t tm = ceph_clock_now(); | |
148 | #endif | |
149 | ||
150 | RGWLibIO io_ctx; | |
151 | ||
152 | int ret = process_request(req, &io_ctx); | |
153 | if (ret < 0) { | |
154 | /* we don't really care about return code */ | |
155 | dout(20) << "process_request() returned " << ret << dendl; | |
156 | ||
157 | } | |
158 | delete req; | |
159 | } /* handle_request */ | |
160 | ||
161 | int RGWLibProcess::process_request(RGWLibRequest* req) | |
162 | { | |
163 | // XXX move RGWLibIO and timing setup into process_request | |
164 | ||
165 | #if 0 /* XXX */ | |
166 | utime_t tm = ceph_clock_now(); | |
167 | #endif | |
168 | ||
169 | RGWLibIO io_ctx; | |
170 | ||
171 | int ret = process_request(req, &io_ctx); | |
172 | if (ret < 0) { | |
173 | /* we don't really care about return code */ | |
174 | dout(20) << "process_request() returned " << ret << dendl; | |
175 | } | |
176 | return ret; | |
177 | } /* process_request */ | |
178 | ||
179 | static inline void abort_req(struct req_state *s, RGWOp *op, int err_no) | |
180 | { | |
181 | if (!s) | |
182 | return; | |
183 | ||
184 | /* XXX the dump_errno and dump_bucket_from_state behaviors in | |
185 | * the abort_early (rgw_rest.cc) might be valuable, but aren't | |
186 | * safe to call presently as they return HTTP data */ | |
187 | ||
188 | perfcounter->inc(l_rgw_failed_req); | |
189 | } /* abort_req */ | |
190 | ||
191 | int RGWLibProcess::process_request(RGWLibRequest* req, RGWLibIO* io) | |
192 | { | |
193 | int ret = 0; | |
194 | bool should_log = true; // XXX | |
195 | ||
196 | dout(1) << "====== " << __func__ | |
197 | << " starting new request req=" << hex << req << dec | |
198 | << " ======" << dendl; | |
199 | ||
200 | /* | |
201 | * invariant: valid requests are derived from RGWOp--well-formed | |
202 | * requests should have assigned RGWRequest::op in their descendant | |
203 | * constructor--if not, the compiler can find it, at the cost of | |
204 | * a runtime check | |
205 | */ | |
206 | RGWOp *op = (req->op) ? req->op : dynamic_cast<RGWOp*>(req); | |
207 | if (! op) { | |
b3b6e05e | 208 | ldpp_dout(op, 1) << "failed to derive cognate RGWOp (invalid op?)" << dendl; |
7c673cae FG |
209 | return -EINVAL; |
210 | } | |
211 | ||
212 | io->init(req->cct); | |
213 | ||
214 | perfcounter->inc(l_rgw_req); | |
215 | ||
216 | RGWEnv& rgw_env = io->get_env(); | |
217 | ||
218 | /* XXX | |
219 | * until major refactoring of req_state and req_info, we need | |
220 | * to build their RGWEnv boilerplate from the RGWLibRequest, | |
221 | * pre-staging any strings (HTTP_HOST) that provoke a crash when | |
222 | * not found | |
223 | */ | |
224 | ||
225 | /* XXX for now, use ""; could be a legit hostname, or, in future, | |
226 | * perhaps a tenant (Yehuda) */ | |
227 | rgw_env.set("HTTP_HOST", ""); | |
228 | ||
229 | /* XXX and -then- bloat up req_state with string copies from it */ | |
f67539c2 | 230 | struct req_state rstate(req->cct, &rgw_env, req->id); |
7c673cae FG |
231 | struct req_state *s = &rstate; |
232 | ||
233 | // XXX fix this | |
234 | s->cio = io; | |
235 | ||
236 | RGWObjectCtx rados_ctx(store, s); // XXX holds std::map | |
237 | ||
9f95a23c | 238 | auto sysobj_ctx = store->svc()->sysobj->init_obj_ctx(); |
81eedcae TL |
239 | s->sysobj_ctx = &sysobj_ctx; |
240 | ||
7c673cae FG |
241 | /* XXX and -then- stash req_state pointers everywhere they are needed */ |
242 | ret = req->init(rgw_env, &rados_ctx, io, s); | |
243 | if (ret < 0) { | |
b3b6e05e | 244 | ldpp_dout(op, 10) << "failed to initialize request" << dendl; |
7c673cae FG |
245 | abort_req(s, op, ret); |
246 | goto done; | |
247 | } | |
248 | ||
249 | /* req is-a RGWOp, currently initialized separately */ | |
250 | ret = req->op_init(); | |
251 | if (ret < 0) { | |
252 | dout(10) << "failed to initialize RGWOp" << dendl; | |
253 | abort_req(s, op, ret); | |
254 | goto done; | |
255 | } | |
256 | ||
94b18763 FG |
257 | /* now expected by rgw_log_op() */ |
258 | rgw_env.set("REQUEST_METHOD", s->info.method); | |
259 | rgw_env.set("REQUEST_URI", s->info.request_uri); | |
260 | rgw_env.set("QUERY_STRING", ""); | |
261 | ||
81eedcae TL |
262 | try { |
263 | /* XXX authorize does less here then in the REST path, e.g., | |
264 | * the user's info is cached, but still incomplete */ | |
265 | ldpp_dout(s, 2) << "authorizing" << dendl; | |
f67539c2 | 266 | ret = req->authorize(op, null_yield); |
81eedcae TL |
267 | if (ret < 0) { |
268 | dout(10) << "failed to authorize request" << dendl; | |
269 | abort_req(s, op, ret); | |
270 | goto done; | |
271 | } | |
7c673cae | 272 | |
81eedcae TL |
273 | /* FIXME: remove this after switching all handlers to the new |
274 | * authentication infrastructure. */ | |
275 | if (! s->auth.identity) { | |
276 | s->auth.identity = rgw::auth::transform_old_authinfo(s); | |
277 | } | |
7c673cae | 278 | |
81eedcae | 279 | ldpp_dout(s, 2) << "reading op permissions" << dendl; |
f67539c2 | 280 | ret = req->read_permissions(op, null_yield); |
81eedcae TL |
281 | if (ret < 0) { |
282 | abort_req(s, op, ret); | |
283 | goto done; | |
284 | } | |
7c673cae | 285 | |
81eedcae | 286 | ldpp_dout(s, 2) << "init op" << dendl; |
f67539c2 | 287 | ret = op->init_processing(null_yield); |
81eedcae TL |
288 | if (ret < 0) { |
289 | abort_req(s, op, ret); | |
290 | goto done; | |
291 | } | |
7c673cae | 292 | |
81eedcae TL |
293 | ldpp_dout(s, 2) << "verifying op mask" << dendl; |
294 | ret = op->verify_op_mask(); | |
295 | if (ret < 0) { | |
296 | abort_req(s, op, ret); | |
297 | goto done; | |
298 | } | |
7c673cae | 299 | |
81eedcae | 300 | ldpp_dout(s, 2) << "verifying op permissions" << dendl; |
f67539c2 | 301 | ret = op->verify_permission(null_yield); |
81eedcae TL |
302 | if (ret < 0) { |
303 | if (s->system_request) { | |
b3b6e05e | 304 | ldpp_dout(op, 2) << "overriding permissions due to system operation" << dendl; |
9f95a23c | 305 | } else if (s->auth.identity->is_admin_of(s->user->get_id())) { |
b3b6e05e | 306 | ldpp_dout(op, 2) << "overriding permissions due to admin operation" << dendl; |
81eedcae TL |
307 | } else { |
308 | abort_req(s, op, ret); | |
309 | goto done; | |
310 | } | |
311 | } | |
312 | ||
313 | ldpp_dout(s, 2) << "verifying op params" << dendl; | |
314 | ret = op->verify_params(); | |
315 | if (ret < 0) { | |
7c673cae FG |
316 | abort_req(s, op, ret); |
317 | goto done; | |
318 | } | |
7c673cae | 319 | |
81eedcae TL |
320 | ldpp_dout(s, 2) << "executing" << dendl; |
321 | op->pre_exec(); | |
f67539c2 | 322 | op->execute(null_yield); |
81eedcae | 323 | op->complete(); |
7c673cae | 324 | |
81eedcae TL |
325 | } catch (const ceph::crypto::DigestException& e) { |
326 | dout(0) << "authentication failed" << e.what() << dendl; | |
327 | abort_req(s, op, -ERR_INVALID_SECRET_KEY); | |
328 | } | |
7c673cae FG |
329 | |
330 | done: | |
331 | try { | |
332 | io->complete_request(); | |
333 | } catch (rgw::io::Exception& e) { | |
334 | dout(0) << "ERROR: io->complete_request() returned " | |
335 | << e.what() << dendl; | |
336 | } | |
337 | if (should_log) { | |
9f95a23c | 338 | rgw_log_op(store->getRados(), nullptr /* !rest */, s, |
7c673cae FG |
339 | (op ? op->name() : "unknown"), olog); |
340 | } | |
341 | ||
342 | int http_ret = s->err.http_ret; | |
343 | ||
11fdf7f2 | 344 | ldpp_dout(s, 2) << "http status=" << http_ret << dendl; |
7c673cae | 345 | |
b3b6e05e | 346 | ldpp_dout(op, 1) << "====== " << __func__ |
7c673cae FG |
347 | << " req done req=" << hex << req << dec << " http_status=" |
348 | << http_ret | |
349 | << " ======" << dendl; | |
350 | ||
351 | return (ret < 0 ? ret : s->err.ret); | |
352 | } /* process_request */ | |
353 | ||
354 | int RGWLibProcess::start_request(RGWLibContinuedReq* req) | |
355 | { | |
356 | ||
357 | dout(1) << "====== " << __func__ | |
358 | << " starting new continued request req=" << hex << req << dec | |
359 | << " ======" << dendl; | |
360 | ||
361 | /* | |
362 | * invariant: valid requests are derived from RGWOp--well-formed | |
363 | * requests should have assigned RGWRequest::op in their descendant | |
364 | * constructor--if not, the compiler can find it, at the cost of | |
365 | * a runtime check | |
366 | */ | |
367 | RGWOp *op = (req->op) ? req->op : dynamic_cast<RGWOp*>(req); | |
368 | if (! op) { | |
b3b6e05e | 369 | ldpp_dout(op, 1) << "failed to derive cognate RGWOp (invalid op?)" << dendl; |
7c673cae FG |
370 | return -EINVAL; |
371 | } | |
372 | ||
373 | struct req_state* s = req->get_state(); | |
f67539c2 TL |
374 | RGWLibIO& io_ctx = req->get_io(); |
375 | RGWEnv& rgw_env = io_ctx.get_env(); | |
376 | RGWObjectCtx& rados_ctx = req->get_octx(); | |
377 | ||
378 | rgw_env.set("HTTP_HOST", ""); | |
379 | ||
380 | int ret = req->init(rgw_env, &rados_ctx, &io_ctx, s); | |
381 | if (ret < 0) { | |
b3b6e05e | 382 | ldpp_dout(op, 10) << "failed to initialize request" << dendl; |
f67539c2 TL |
383 | abort_req(s, op, ret); |
384 | goto done; | |
385 | } | |
7c673cae FG |
386 | |
387 | /* req is-a RGWOp, currently initialized separately */ | |
f67539c2 | 388 | ret = req->op_init(); |
7c673cae FG |
389 | if (ret < 0) { |
390 | dout(10) << "failed to initialize RGWOp" << dendl; | |
391 | abort_req(s, op, ret); | |
392 | goto done; | |
393 | } | |
394 | ||
395 | /* XXX authorize does less here then in the REST path, e.g., | |
396 | * the user's info is cached, but still incomplete */ | |
11fdf7f2 | 397 | ldpp_dout(s, 2) << "authorizing" << dendl; |
f67539c2 | 398 | ret = req->authorize(op, null_yield); |
7c673cae FG |
399 | if (ret < 0) { |
400 | dout(10) << "failed to authorize request" << dendl; | |
401 | abort_req(s, op, ret); | |
402 | goto done; | |
403 | } | |
404 | ||
405 | /* FIXME: remove this after switching all handlers to the new authentication | |
406 | * infrastructure. */ | |
407 | if (! s->auth.identity) { | |
408 | s->auth.identity = rgw::auth::transform_old_authinfo(s); | |
409 | } | |
410 | ||
11fdf7f2 | 411 | ldpp_dout(s, 2) << "reading op permissions" << dendl; |
f67539c2 | 412 | ret = req->read_permissions(op, null_yield); |
7c673cae FG |
413 | if (ret < 0) { |
414 | abort_req(s, op, ret); | |
415 | goto done; | |
416 | } | |
417 | ||
11fdf7f2 | 418 | ldpp_dout(s, 2) << "init op" << dendl; |
f67539c2 | 419 | ret = op->init_processing(null_yield); |
7c673cae FG |
420 | if (ret < 0) { |
421 | abort_req(s, op, ret); | |
422 | goto done; | |
423 | } | |
424 | ||
11fdf7f2 | 425 | ldpp_dout(s, 2) << "verifying op mask" << dendl; |
7c673cae FG |
426 | ret = op->verify_op_mask(); |
427 | if (ret < 0) { | |
428 | abort_req(s, op, ret); | |
429 | goto done; | |
430 | } | |
431 | ||
11fdf7f2 | 432 | ldpp_dout(s, 2) << "verifying op permissions" << dendl; |
f67539c2 | 433 | ret = op->verify_permission(null_yield); |
7c673cae FG |
434 | if (ret < 0) { |
435 | if (s->system_request) { | |
b3b6e05e | 436 | ldpp_dout(op, 2) << "overriding permissions due to system operation" << dendl; |
9f95a23c | 437 | } else if (s->auth.identity->is_admin_of(s->user->get_id())) { |
b3b6e05e | 438 | ldpp_dout(op, 2) << "overriding permissions due to admin operation" << dendl; |
7c673cae FG |
439 | } else { |
440 | abort_req(s, op, ret); | |
441 | goto done; | |
442 | } | |
443 | } | |
444 | ||
11fdf7f2 | 445 | ldpp_dout(s, 2) << "verifying op params" << dendl; |
7c673cae FG |
446 | ret = op->verify_params(); |
447 | if (ret < 0) { | |
448 | abort_req(s, op, ret); | |
449 | goto done; | |
450 | } | |
451 | ||
452 | op->pre_exec(); | |
453 | req->exec_start(); | |
454 | ||
455 | done: | |
456 | return (ret < 0 ? ret : s->err.ret); | |
457 | } | |
458 | ||
459 | int RGWLibProcess::finish_request(RGWLibContinuedReq* req) | |
460 | { | |
461 | RGWOp *op = (req->op) ? req->op : dynamic_cast<RGWOp*>(req); | |
462 | if (! op) { | |
b3b6e05e | 463 | ldpp_dout(op, 1) << "failed to derive cognate RGWOp (invalid op?)" << dendl; |
7c673cae FG |
464 | return -EINVAL; |
465 | } | |
466 | ||
467 | int ret = req->exec_finish(); | |
468 | int op_ret = op->get_ret(); | |
469 | ||
b3b6e05e | 470 | ldpp_dout(op, 1) << "====== " << __func__ |
7c673cae FG |
471 | << " finishing continued request req=" << hex << req << dec |
472 | << " op status=" << op_ret | |
473 | << " ======" << dendl; | |
474 | ||
f67539c2 TL |
475 | perfcounter->inc(l_rgw_req); |
476 | ||
7c673cae FG |
477 | return ret; |
478 | } | |
479 | ||
480 | int RGWLibFrontend::init() | |
481 | { | |
482 | pprocess = new RGWLibProcess(g_ceph_context, &env, | |
11fdf7f2 | 483 | g_conf()->rgw_thread_pool_size, conf); |
7c673cae FG |
484 | return 0; |
485 | } | |
486 | ||
487 | int RGWLib::init() | |
488 | { | |
489 | vector<const char*> args; | |
490 | return init(args); | |
491 | } | |
492 | ||
493 | int RGWLib::init(vector<const char*>& args) | |
494 | { | |
495 | int r = 0; | |
496 | ||
497 | /* alternative default for module */ | |
11fdf7f2 TL |
498 | map<string,string> defaults = { |
499 | { "debug_rgw", "1/5" }, | |
500 | { "keyring", "$rgw_data/keyring" }, | |
501 | { "log_file", "/var/log/radosgw/$cluster-$name.log" } | |
502 | }; | |
7c673cae | 503 | |
11fdf7f2 | 504 | cct = global_init(&defaults, args, |
7c673cae FG |
505 | CEPH_ENTITY_TYPE_CLIENT, |
506 | CODE_ENVIRONMENT_DAEMON, | |
507 | CINIT_FLAG_UNPRIVILEGED_DAEMON_DEFAULTS); | |
508 | ||
9f95a23c | 509 | ceph::mutex mutex = ceph::make_mutex("main"); |
7c673cae FG |
510 | SafeTimer init_timer(g_ceph_context, mutex); |
511 | init_timer.init(); | |
9f95a23c | 512 | mutex.lock(); |
11fdf7f2 | 513 | init_timer.add_event_after(g_conf()->rgw_init_timeout, new C_InitTimeout); |
9f95a23c | 514 | mutex.unlock(); |
7c673cae FG |
515 | |
516 | common_init_finish(g_ceph_context); | |
517 | ||
518 | rgw_tools_init(g_ceph_context); | |
519 | ||
520 | rgw_init_resolver(); | |
f64942e4 | 521 | rgw::curl::setup_curl(boost::none); |
11fdf7f2 | 522 | rgw_http_client_init(g_ceph_context); |
7c673cae | 523 | |
f6b5b4d7 TL |
524 | auto run_gc = |
525 | g_conf()->rgw_enable_gc_threads && | |
526 | g_conf()->rgw_nfs_run_gc_threads; | |
527 | ||
528 | auto run_lc = | |
529 | g_conf()->rgw_enable_lc_threads && | |
530 | g_conf()->rgw_nfs_run_lc_threads; | |
531 | ||
532 | auto run_quota = | |
533 | g_conf()->rgw_enable_quota_threads && | |
534 | g_conf()->rgw_nfs_run_quota_threads; | |
535 | ||
536 | auto run_sync = | |
537 | g_conf()->rgw_run_sync_thread && | |
538 | g_conf()->rgw_nfs_run_sync_thread; | |
539 | ||
b3b6e05e | 540 | store = RGWStoreManager::get_storage(this, g_ceph_context, |
f6b5b4d7 TL |
541 | run_gc, |
542 | run_lc, | |
543 | run_quota, | |
544 | run_sync, | |
11fdf7f2 | 545 | g_conf().get_val<bool>("rgw_dynamic_resharding")); |
7c673cae FG |
546 | |
547 | if (!store) { | |
9f95a23c | 548 | mutex.lock(); |
7c673cae FG |
549 | init_timer.cancel_all_events(); |
550 | init_timer.shutdown(); | |
9f95a23c | 551 | mutex.unlock(); |
7c673cae FG |
552 | |
553 | derr << "Couldn't init storage provider (RADOS)" << dendl; | |
554 | return -EIO; | |
555 | } | |
556 | ||
557 | r = rgw_perf_start(g_ceph_context); | |
558 | ||
9f95a23c | 559 | rgw_rest_init(g_ceph_context, store->svc()->zone->get_zonegroup()); |
7c673cae | 560 | |
9f95a23c | 561 | mutex.lock(); |
7c673cae FG |
562 | init_timer.cancel_all_events(); |
563 | init_timer.shutdown(); | |
9f95a23c | 564 | mutex.unlock(); |
7c673cae FG |
565 | |
566 | if (r) | |
567 | return -EIO; | |
568 | ||
569 | const string& ldap_uri = store->ctx()->_conf->rgw_ldap_uri; | |
570 | const string& ldap_binddn = store->ctx()->_conf->rgw_ldap_binddn; | |
571 | const string& ldap_searchdn = store->ctx()->_conf->rgw_ldap_searchdn; | |
572 | const string& ldap_searchfilter = store->ctx()->_conf->rgw_ldap_searchfilter; | |
573 | const string& ldap_dnattr = | |
574 | store->ctx()->_conf->rgw_ldap_dnattr; | |
575 | std::string ldap_bindpw = parse_rgw_ldap_bindpw(store->ctx()); | |
576 | ||
577 | ldh = new rgw::LDAPHelper(ldap_uri, ldap_binddn, ldap_bindpw.c_str(), | |
578 | ldap_searchdn, ldap_searchfilter, ldap_dnattr); | |
579 | ldh->init(); | |
580 | ldh->bind(); | |
581 | ||
9f95a23c | 582 | rgw_log_usage_init(g_ceph_context, store->getRados()); |
7c673cae FG |
583 | |
584 | // XXX ex-RGWRESTMgr_lib, mgr->set_logging(true) | |
585 | ||
11fdf7f2 TL |
586 | if (!g_conf()->rgw_ops_log_socket_path.empty()) { |
587 | olog = new OpsLogSocket(g_ceph_context, g_conf()->rgw_ops_log_data_backlog); | |
588 | olog->init(g_conf()->rgw_ops_log_socket_path); | |
7c673cae FG |
589 | } |
590 | ||
591 | int port = 80; | |
592 | RGWProcessEnv env = { store, &rest, olog, port }; | |
593 | ||
224ce89b | 594 | string fe_count{"0"}; |
7c673cae FG |
595 | fec = new RGWFrontendConfig("rgwlib"); |
596 | fe = new RGWLibFrontend(env, fec); | |
597 | ||
b32b8144 FG |
598 | init_async_signal_handler(); |
599 | register_async_signal_handler(SIGUSR1, handle_sigterm); | |
600 | ||
224ce89b WB |
601 | map<string, string> service_map_meta; |
602 | service_map_meta["pid"] = stringify(getpid()); | |
603 | service_map_meta["frontend_type#" + fe_count] = "rgw-nfs"; | |
604 | service_map_meta["frontend_config#" + fe_count] = fec->get_config(); | |
605 | ||
7c673cae FG |
606 | fe->init(); |
607 | if (r < 0) { | |
608 | derr << "ERROR: failed initializing frontend" << dendl; | |
609 | return r; | |
610 | } | |
611 | ||
612 | fe->run(); | |
613 | ||
9f95a23c | 614 | r = store->getRados()->register_to_service_map("rgw-nfs", service_map_meta); |
224ce89b WB |
615 | if (r < 0) { |
616 | derr << "ERROR: failed to register to service map: " << cpp_strerror(-r) << dendl; | |
617 | /* ignore error */ | |
618 | } | |
619 | ||
7c673cae FG |
620 | return 0; |
621 | } /* RGWLib::init() */ | |
622 | ||
623 | int RGWLib::stop() | |
624 | { | |
625 | derr << "shutting down" << dendl; | |
626 | ||
627 | fe->stop(); | |
628 | ||
629 | fe->join(); | |
630 | ||
631 | delete fe; | |
632 | delete fec; | |
633 | delete ldh; | |
634 | ||
b32b8144 FG |
635 | unregister_async_signal_handler(SIGUSR1, handle_sigterm); |
636 | shutdown_async_signal_handler(); | |
637 | ||
7c673cae FG |
638 | rgw_log_usage_finalize(); |
639 | ||
640 | delete olog; | |
641 | ||
642 | RGWStoreManager::close_storage(store); | |
643 | ||
644 | rgw_tools_cleanup(); | |
645 | rgw_shutdown_resolver(); | |
11fdf7f2 | 646 | rgw_http_client_cleanup(); |
f64942e4 | 647 | rgw::curl::cleanup_curl(); |
7c673cae FG |
648 | |
649 | rgw_perf_stop(g_ceph_context); | |
650 | ||
651 | dout(1) << "final shutdown" << dendl; | |
652 | cct.reset(); | |
653 | ||
654 | return 0; | |
655 | } /* RGWLib::stop() */ | |
656 | ||
9f95a23c | 657 | int RGWLibIO::set_uid(rgw::sal::RGWRadosStore *store, const rgw_user& uid) |
7c673cae | 658 | { |
b3b6e05e TL |
659 | const DoutPrefix dp(store->ctx(), dout_subsys, "librgw: "); |
660 | int ret = store->ctl()->user->get_info_by_uid(&dp, uid, &user_info, null_yield); | |
7c673cae FG |
661 | if (ret < 0) { |
662 | derr << "ERROR: failed reading user info: uid=" << uid << " ret=" | |
663 | << ret << dendl; | |
664 | } | |
665 | return ret; | |
666 | } | |
667 | ||
f67539c2 | 668 | int RGWLibRequest::read_permissions(RGWOp* op, optional_yield y) { |
7c673cae FG |
669 | /* bucket and object ops */ |
670 | int ret = | |
b3b6e05e | 671 | rgw_build_bucket_policies(op, rgwlib.get_store(), get_state(), y); |
7c673cae | 672 | if (ret < 0) { |
b3b6e05e | 673 | ldpp_dout(op, 10) << "read_permissions (bucket policy) on " |
7c673cae FG |
674 | << get_state()->bucket << ":" |
675 | << get_state()->object | |
676 | << " only_bucket=" << only_bucket() | |
677 | << " ret=" << ret << dendl; | |
678 | if (ret == -ENODATA) | |
679 | ret = -EACCES; | |
680 | } else if (! only_bucket()) { | |
681 | /* object ops */ | |
b3b6e05e | 682 | ret = rgw_build_object_policies(op, rgwlib.get_store(), get_state(), |
f67539c2 | 683 | op->prefetch_data(), y); |
7c673cae | 684 | if (ret < 0) { |
b3b6e05e | 685 | ldpp_dout(op, 10) << "read_permissions (object policy) on" |
7c673cae FG |
686 | << get_state()->bucket << ":" |
687 | << get_state()->object | |
688 | << " ret=" << ret << dendl; | |
689 | if (ret == -ENODATA) | |
690 | ret = -EACCES; | |
691 | } | |
692 | } | |
693 | return ret; | |
694 | } /* RGWLibRequest::read_permissions */ | |
695 | ||
f67539c2 | 696 | int RGWHandler_Lib::authorize(const DoutPrefixProvider *dpp, optional_yield y) |
7c673cae FG |
697 | { |
698 | /* TODO: handle | |
699 | * 1. subusers | |
700 | * 2. anonymous access | |
701 | * 3. system access | |
702 | * 4. ? | |
703 | * | |
704 | * Much or all of this depends on handling the cached authorization | |
705 | * correctly (e.g., dealing with keystone) at mount time. | |
706 | */ | |
707 | s->perm_mask = RGW_PERM_FULL_CONTROL; | |
708 | ||
709 | // populate the owner info | |
9f95a23c TL |
710 | s->owner.set_id(s->user->get_id()); |
711 | s->owner.set_name(s->user->get_display_name()); | |
7c673cae FG |
712 | |
713 | return 0; | |
714 | } /* RGWHandler_Lib::authorize */ | |
715 | ||
716 | } /* namespace rgw */ | |
717 | ||
718 | extern "C" { | |
719 | ||
720 | int librgw_create(librgw_t* rgw, int argc, char **argv) | |
721 | { | |
722 | using namespace rgw; | |
723 | ||
724 | int rc = -EINVAL; | |
725 | ||
726 | if (! g_ceph_context) { | |
727 | std::lock_guard<std::mutex> lg(librgw_mtx); | |
728 | if (! g_ceph_context) { | |
729 | vector<const char*> args; | |
730 | std::vector<std::string> spl_args; | |
731 | // last non-0 argument will be split and consumed | |
732 | if (argc > 1) { | |
733 | const std::string spl_arg{argv[(--argc)]}; | |
734 | get_str_vec(spl_arg, " \t", spl_args); | |
735 | } | |
736 | argv_to_vec(argc, const_cast<const char**>(argv), args); | |
737 | // append split args, if any | |
738 | for (const auto& elt : spl_args) { | |
739 | args.push_back(elt.c_str()); | |
740 | } | |
7c673cae FG |
741 | rc = rgwlib.init(args); |
742 | } | |
743 | } | |
744 | ||
745 | *rgw = g_ceph_context->get(); | |
746 | ||
747 | return rc; | |
748 | } | |
749 | ||
750 | void librgw_shutdown(librgw_t rgw) | |
751 | { | |
752 | using namespace rgw; | |
753 | ||
754 | CephContext* cct = static_cast<CephContext*>(rgw); | |
755 | rgwlib.stop(); | |
756 | cct->put(); | |
757 | } | |
758 | ||
759 | } /* extern "C" */ |