BACKENDS: Move the netlink watching to the backends

Network status changes were watched by the monitor and it would signal through D-Bus the backends to check their online status. This commit moves the network status change watching to the backends themselves. Configuration is still managed by the monitor's disable_netlink option. The resetOffline d-bus method is still available although it is no longer used by the monitor upon network status changes. Reviewed-by: Alexey Tikhonov <[email protected]> Reviewed-by: Pavel Březina <[email protected]>
SSSD · May 9, 2024 · be42ada · be42ada
1 parent 31bd16f
commit be42ada
Show file tree

Hide file tree

Showing 6 changed files with 87 additions and 76 deletions.
diff --git a/Makefile.am b/Makefile.am
@@ -689,7 +689,6 @@ if BUILD_SELINUX
 endif
 
 dist_noinst_HEADERS = \
-    src/monitor/monitor.h \
     src/sss_iface/sbus_sss_arguments.h \
     src/sss_iface/sbus_sss_client_async.h \
     src/sss_iface/sbus_sss_client_properties.h \
@@ -747,7 +746,6 @@ dist_noinst_HEADERS = \
     src/responder/kcm/secrets/secrets.h \
     src/responder/kcm/secrets/sec_pvt.h \
     src/util/nss_dl_load.h \
-    src/monitor/monitor.h \
     src/responder/common/responder.h \
     src/responder/common/responder_packet.h \
     src/responder/common/cache_req/cache_req.h \
@@ -843,6 +841,7 @@ dist_noinst_HEADERS = \
     src/providers/data_provider/dp_iface.h \
     src/providers/backend.h \
     src/providers/be_dyndns.h \
+    src/providers/be_netlink.h \
     src/providers/be_ptask_private.h \
     src/providers/be_ptask.h \
     src/providers/be_refresh.h \
@@ -1525,14 +1524,12 @@ endif
 sssd_SOURCES = \
     src/monitor/monitor.c \
     src/monitor/monitor_bootstrap.c \
-    src/monitor/monitor_netlink.c \
     src/confdb/confdb_setup.c \
     src/util/nscd.c \
     $(NULL)
 sssd_LDADD = \
     $(SSSD_LIBS) \
     $(INOTIFY_LIBS) \
-    $(LIBNL_LIBS) \
     $(KEYUTILS_LIBS) \
     $(SSSD_INTERNAL_LTLIBS) \
     libsss_iface.la \
@@ -1838,6 +1835,7 @@ sssd_be_SOURCES = \
     src/providers/data_provider_opts.c \
     src/providers/data_provider_callbacks.c \
     src/providers/be_dyndns.c \
+    src/providers/be_netlink.c \
     src/providers/be_ptask.c \
     src/providers/be_refresh.c \
     src/providers/data_provider/dp.c \
@@ -1864,6 +1862,7 @@ sssd_be_LDADD = \
     $(SSSD_LIBS) \
     $(CARES_LIBS) \
     $(PAM_LIBS) \
+    $(LIBNL_LIBS) \
     $(SSSD_INTERNAL_LTLIBS) \
     libsss_iface.la \
     libsss_sbus.la \
@@ -2126,6 +2125,7 @@ libdlopen_test_providers_la_LIBADD = \
     $(PAM_LIBS) \
     $(SSSD_LIBS) \
     $(CARES_LIBS) \
+    $(LIBNL_LIBS) \
     $(SSSD_INTERNAL_LTLIBS) \
     libsss_iface.la \
     libsss_sbus.la \

diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
@@ -40,7 +40,6 @@
 #include "confdb/confdb.h"
 #include "confdb/confdb_setup.h"
 #include "db/sysdb.h"
-#include "monitor/monitor.h"
 #include "sss_iface/sss_iface_async.h"
 
 #ifdef HAVE_SYSTEMD
@@ -67,6 +66,11 @@
  */
 #define KRB5_RCACHE_DIR_DISABLE "__LIBKRB5_DEFAULTS__"
 
+/* for detecting if NSCD is running */
+#ifndef NSCD_SOCKET_PATH
+#define NSCD_SOCKET_PATH "/var/run/nscd/socket"
+#endif
+
 int cmdline_debug_level;
 int cmdline_debug_timestamps;
 int cmdline_debug_microseconds;
@@ -111,7 +115,6 @@ struct mt_ctx {
     struct mt_svc *svc_list;
     bool check_children;
     bool services_started;
-    struct netlink_ctx *nlctx;
     struct sss_sigchild_ctx *sigchld_ctx;
     bool pid_file_created;
     bool is_daemon;
@@ -150,21 +153,6 @@ static int mark_service_as_started(struct mt_svc *svc);
 
 static int monitor_cleanup(void);
 
-static void network_status_change_cb(void *cb_data)
-{
-    struct mt_svc *iter;
-    struct mt_ctx *ctx = (struct mt_ctx *) cb_data;
-
-    DEBUG(SSSDBG_TRACE_INTERNAL, "A networking status change detected "
-          "signaling providers to reset offline status\n");
-    for (iter = ctx->svc_list; iter; iter = iter->next) {
-        /* Don't signal services, only providers */
-        if (iter->provider) {
-            service_signal_reset_offline(iter);
-        }
-    }
-}
-
 static int add_svc_conn_spy(struct mt_svc *svc);
 
 static int service_not_found(const char *svc_name,
@@ -1601,7 +1589,6 @@ static void monitor_sbus_connected(struct tevent_req *req)
 {
     struct mt_ctx *ctx;
     struct sss_domain_info *dom;
-    bool disable_netlink;
     int num_providers;
     errno_t ret;
 
@@ -1647,28 +1634,6 @@ static void monitor_sbus_connected(struct tevent_req *req)
         goto done;
     }
 
-    ret = confdb_get_bool(ctx->cdb,
-                          CONFDB_MONITOR_CONF_ENTRY,
-                          CONFDB_MONITOR_DISABLE_NETLINK,
-                          false, &disable_netlink);
-
-    if (ret != EOK) {
-        DEBUG(SSSDBG_OP_FAILURE,
-              "Failed to read disable_netlink from confdb: [%d] %s\n",
-              ret, sss_strerror(ret));
-        goto done;
-    }
-
-    if (disable_netlink == false) {
-        ret = setup_netlink(ctx, ctx->ev, network_status_change_cb,
-                            ctx, &ctx->nlctx);
-        if (ret != EOK) {
-            DEBUG(SSSDBG_OP_FAILURE,
-                  "Cannot set up listening for network notifications\n");
-            goto done;
-        }
-    }
-
     /* start providers */
     num_providers = 0;
     for (dom = ctx->domains; dom; dom = get_next_domain(dom, 0)) {

diff --git a/src/providers/backend.h b/src/providers/backend.h
@@ -24,6 +24,7 @@
 
 #include "providers/data_provider.h"
 #include "providers/fail_over.h"
+#include "providers/be_netlink.h"
 #include "providers/be_refresh.h"
 #include "providers/data_provider/dp.h"
 #include "util/child_common.h"
@@ -104,6 +105,7 @@ struct be_ctx {
     struct be_ptask *check_if_online_ptask;
 
     struct be_refresh_ctx *refresh_ctx;
+    struct be_netlink_ctx *nlctx;
 
     size_t check_online_ref_count;
     int check_online_retry_delay;

diff --git a/src/monitor/monitor_netlink.c → src/providers/be_netlink.c b/src/monitor/monitor_netlink.c → src/providers/be_netlink.c
@@ -33,7 +33,7 @@
 #include <unistd.h>
 #include <fcntl.h>
 
-#include "monitor/monitor.h"
+#include "providers/be_netlink.h"
 #include "util/util.h"
 
 #ifdef HAVE_LIBNL
@@ -102,7 +102,7 @@ enum nlw_msg_type {
     NLW_OTHER
 };
 
-struct netlink_ctx {
+struct be_netlink_ctx {
 #ifdef HAVE_LIBNL
     struct nlw_handle *nlp;
 #endif
@@ -115,8 +115,8 @@ struct netlink_ctx {
 #ifdef HAVE_LIBNL
 static int netlink_ctx_destructor(void *ptr)
 {
-    struct netlink_ctx *nlctx;
-    nlctx = talloc_get_type(ptr, struct netlink_ctx);
+    struct be_netlink_ctx *nlctx;
+    nlctx = talloc_get_type(ptr, struct be_netlink_ctx);
 
     nlw_destroy_handle(nlctx->nlp);
     return 0;
@@ -469,7 +469,7 @@ static int nlw_groups_subscribe(struct nlw_handle *nlp, int *groups)
 
 static int event_msg_recv(struct nl_msg *msg, void *arg)
 {
-    struct netlink_ctx *ctx = (struct netlink_ctx *) arg;
+    struct be_netlink_ctx *ctx = (struct be_netlink_ctx *) arg;
     struct nlmsghdr *hdr;
     const struct sockaddr_nl *snl;
     struct ucred *creds;
@@ -631,7 +631,7 @@ static bool route_is_multicast(struct rtnl_route *route_obj)
 static void route_msg_handler(struct nl_object *obj, void *arg)
 {
     struct rtnl_route *route_obj;
-    struct netlink_ctx *ctx = (struct netlink_ctx *) arg;
+    struct be_netlink_ctx *ctx = (struct be_netlink_ctx *) arg;
 
     if (!nlw_is_route_object(obj)) return;
 
@@ -672,7 +672,7 @@ static void addr_msg_debug_print(struct rtnl_addr *addr_obj)
 static void addr_msg_handler(struct nl_object *obj, void *arg)
 {
     int err;
-    struct netlink_ctx *ctx = (struct netlink_ctx *) arg;
+    struct be_netlink_ctx *ctx = (struct be_netlink_ctx *) arg;
     struct rtnl_addr *addr_obj;
     struct nl_addr *local_addr;
     struct sockaddr_in sa4;
@@ -688,9 +688,9 @@ static void addr_msg_handler(struct nl_object *obj, void *arg)
 
     local_addr = rtnl_addr_get_local(addr_obj);
     if (local_addr == NULL) {
-    DEBUG(SSSDBG_MINOR_FAILURE,
-          "Received RTM_NEWADDR with no address\n");
-    return;
+        DEBUG(SSSDBG_MINOR_FAILURE,
+              "Received RTM_NEWADDR with no address\n");
+        return;
     }
 
     switch (nl_addr_get_family(local_addr)) {
@@ -736,7 +736,7 @@ static void addr_msg_handler(struct nl_object *obj, void *arg)
 
 static void link_msg_handler(struct nl_object *obj, void *arg)
 {
-    struct netlink_ctx *ctx = (struct netlink_ctx *) arg;
+    struct be_netlink_ctx *ctx = (struct be_netlink_ctx *) arg;
     struct rtnl_link *link_obj;
     unsigned int flags;
     char str_flags[512];
@@ -765,7 +765,7 @@ static void link_msg_handler(struct nl_object *obj, void *arg)
 static void netlink_fd_handler(struct tevent_context *ev, struct tevent_fd *fde,
                                uint16_t flags, void *data)
 {
-    struct netlink_ctx *nlctx = talloc_get_type(data, struct netlink_ctx);
+    struct be_netlink_ctx *nlctx = talloc_get_type(data, struct be_netlink_ctx);
     int ret;
 
     if (!nlctx || !nlctx->nlp) {
@@ -786,17 +786,17 @@ static void netlink_fd_handler(struct tevent_context *ev, struct tevent_fd *fde,
  * Set up the netlink library
  *******************************************************************/
 
-int setup_netlink(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
+int netlink_watch(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
                   network_change_cb change_cb, void *cb_data,
-                  struct netlink_ctx **_nlctx)
+                  struct be_netlink_ctx **_nlctx)
 {
-    struct netlink_ctx *nlctx;
+    struct be_netlink_ctx *nlctx;
     int ret;
     int nlfd;
     int groups[] = { RTNLGRP_LINK, RTNLGRP_IPV4_ROUTE, RTNLGRP_IPV6_ROUTE,
                      RTNLGRP_IPV4_IFADDR, RTNLGRP_IPV6_IFADDR, 0 };
 
-    nlctx = talloc_zero(mem_ctx, struct netlink_ctx);
+    nlctx = talloc_zero(mem_ctx, struct be_netlink_ctx);
     if (!nlctx) return ENOMEM;
     talloc_set_destructor((TALLOC_CTX *) nlctx, netlink_ctx_destructor);
 
@@ -863,6 +863,7 @@ int setup_netlink(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
         goto fail;
     }
 
+    DEBUG(SSSDBG_TRACE_LIBS, "Netlink watching is enabled\n");
     *_nlctx = nlctx;
     return EOK;
 
@@ -872,9 +873,9 @@ int setup_netlink(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
 }
 
 #else       /* HAVE_LIBNL not defined */
-int setup_netlink(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
+int netlink_watch(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
                   network_change_cb change_cb, void *cb_data,
-                  struct netlink_ctx **_nlctx)
+                  struct be_netlink_ctx **_nlctx)
 {
     if (_nlctx) *_nlctx = NULL;
     return EOK;

diff --git a/src/monitor/monitor.h → src/providers/be_netlink.h b/src/monitor/monitor.h → src/providers/be_netlink.h
@@ -19,23 +19,19 @@
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
-#ifndef _MONITOR_H_
-#define _MONITOR_H_
+#ifndef _DP_NETLINK_H_
+#define _DP_NETLINK_H_
 
-/* for detecting if NSCD is running */
-#ifndef NSCD_SOCKET_PATH
-#define NSCD_SOCKET_PATH "/var/run/nscd/socket"
-#endif
+#include <talloc.h>
+#include <tevent.h>
 
-struct mt_ctx;
-
-/* from monitor_netlink.c */
-struct netlink_ctx;
+/* from be_netlink.c */
+struct be_netlink_ctx;
 
 typedef void (*network_change_cb)(void *);
 
-int setup_netlink(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
+int netlink_watch(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
                   network_change_cb change_cb, void *cb_data,
-                  struct netlink_ctx **_nlctx);
+                  struct be_netlink_ctx **_nlctx);
 
-#endif /* _MONITOR_H */
+#endif /* _DP_MONITOR_H */
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
@@ -526,6 +526,48 @@ static int watch_config_files(struct be_ctx *ctx)
     return EOK;
 }
 
+static void network_status_change_cb(void *cb_data)
+{
+    struct be_ctx *ctx = (struct be_ctx *) cb_data;
+
+    check_if_online(ctx, 1);
+}
+
+
+static int watch_netlink(struct be_ctx *ctx)
+{
+    int ret;
+    bool disable_netlink;
+
+    ret = confdb_get_bool(ctx->cdb,
+                          CONFDB_MONITOR_CONF_ENTRY,
+                          CONFDB_MONITOR_DISABLE_NETLINK,
+                          false, &disable_netlink);
+
+    if (ret != EOK) {
+        DEBUG(SSSDBG_OP_FAILURE,
+              "Failed to read %s from confdb: [%d] %s\n",
+              CONFDB_MONITOR_DISABLE_NETLINK,
+              ret, sss_strerror(ret));
+        return ret;
+    }
+
+
+    if (disable_netlink) {
+        DEBUG(SSS_LOG_NOTICE, "Netlink watching is disabled\n");
+    } else {
+        ret = netlink_watch(ctx, ctx->ev, network_status_change_cb,
+                            ctx, &ctx->nlctx);
+        if (ret != EOK) {
+            DEBUG(SSSDBG_OP_FAILURE,
+                  "Failed to set up listener for network status changes\n");
+            return ret;
+        }
+    }
+
+    return EOK;
+}
+
 static errno_t
 be_register_monitor_iface(struct sbus_connection *conn, struct be_ctx *be_ctx)
 {
@@ -677,12 +719,17 @@ errno_t be_process_init(TALLOC_CTX *mem_ctx,
         goto done;
     }
 
-    /* Set up watchers for system config files */
+    /* Set up watchers for system config files and the net links */
     ret = watch_config_files(be_ctx);
     if (ret != EOK) {
         goto done;
     }
 
+    ret = watch_netlink(be_ctx);
+    if (ret != EOK) {
+        goto done;
+    }
+
     ret = sss_monitor_register_service(be_ctx, be_ctx->conn,
                                        be_ctx->identity, DATA_PROVIDER_VERSION,
                                        MT_SVC_PROVIDER);