usr/src/cmd/backup/dump/dumpmain.c

root/usr/src/cmd/backup/dump/dumpmain.c
/*
 * CDDL HEADER START
 *
 * The contents of this file are subject to the terms of the
 * Common Development and Distribution License (the "License").
 * You may not use this file except in compliance with the License.
 *
 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 * or http://www.opensolaris.org/os/licensing.
 * See the License for the specific language governing permissions
 * and limitations under the License.
 *
 * When distributing Covered Code, include this CDDL HEADER in each
 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 * If applicable, add the following below this CDDL HEADER, with the
 * fields enclosed by brackets "[]" replaced with your own identifying
 * information: Portions Copyright [yyyy] [name of copyright owner]
 *
 * CDDL HEADER END
 */

/*
 * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
 * Use is subject to license terms.
 */

/*      Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T */
/*        All Rights Reserved   */

/*
 * Copyright (c) 1980 Regents of the University of California.
 * All rights reserved.  The Berkeley software License Agreement
 * specifies the terms and conditions for redistribution.
 */

#include "dump.h"
#include <rmt.h>
#include <sys/mtio.h>
#include <limits.h>
#include <priv_utils.h>
#include "roll_log.h"
#include <unistd.h>

char            *filesystem;
char            *host;
char            *debug_chdir;
char            *dumpdev;
char            *sdumpdev;
char            *tlabel;
time_t          *telapsed;
time_t          *tstart_writing;

uchar_t         *clrmap;
uchar_t         *dirmap;
uchar_t         *filmap;
uchar_t         *nodmap;
uchar_t         *shamap;
uchar_t         *activemap;

int             archive;
int             autoload;
int             autoload_period;
int             autoload_tries;
int             archive_opened;
int             doingverify;
int             disk_dynamic;
int             dumpstate;
int             dumptoarchive;
int             fi;
int             leftover;
int             nadded;
int             offline;
int             verify;

uint_t          etapes;
ulong_t         tsize;
ino_t           ino;
off_t           pos;
pid_t           dumppid;
u_offset_t      esize;
union u_shadow  c_shadow_save[1];

int     notify = 0;             /* notify operator flag */
int     blockswritten = 0;      /* number of blocks written on current tape */
uint_t  tapeno = 0;             /* current tape number */
daddr32_t filenum = 0;          /* current file number on tape */
int     density = 0;            /* density in bytes/0.1" */
int     tenthsperirg;           /* inter-record-gap in 0.1"'s */
uint_t  ntrec = 0;              /* # tape blocks in each tape record */
uint_t  saved_ntrec = 0;        /* saved value of ntrec */
uint_t  forceflag = 0;          /* forced to change tp_bsize */
int     cartridge = 0;          /* assume non-cartridge tape */
uint_t  tracks;                 /* # tracks on a cartridge tape */
int     diskette = 0;           /* assume not dumping to a diskette */
int     printsize = 0;          /* just print estimated size and exit */
int     mapfd = -1;             /* if >= 0, file descriptor for mmap */
int32_t tp_bsize = TP_BSIZE_MIN; /* tape block record size (frag size) */
#ifdef DEBUG
int     xflag;                  /* debugging switch */
#endif

char    *myname;

/*
 * This should be struct fs, but there are trailing bits on disk
 * that we also need to read in as part of it.  It's an array of
 * longs instead of char to force proper alignment.
 */
static long sblock_buf[SBSIZE/sizeof (long)];

#ifdef __STDC__
static char *mb(u_offset_t);
static void nextstate(int);
#else
static char *mb();
static void nextstate();
#endif

extern  jmp_buf checkpoint_buf; /* context for return from checkpoint */
#define FUDGE_FACTOR    0x2000000

int
main(int argc, char *argv[])
{
        char            *arg;
        int             bflag = 0, i, error = 0, saverr;
        double          fetapes = 0.0;
        struct  mnttab  *dt;
        char            msgbuf[3000], *msgp;
        char            kbsbuf[BUFSIZ];
        u_offset_t      esize_shift = 0;
        int32_t new_mult = 0;
        time32_t        snapdate;

        host = NULL;

        if (myname = strrchr(argv[0], '/'))
                myname++;
        else
                myname = argv[0];

        if (strcmp("hsmdump", myname) == 0) {
                msg(gettext("hsmdump emulation is no longer supported.\n"));
                Exit(X_ABORT);
        }

        tape = DEFTAPE;
        autoload_period = 12;
        autoload_tries = 12;    /* traditional default of ~2.5 minutes */

        (void) setlocale(LC_ALL, "");
#if !defined(TEXT_DOMAIN)
#define TEXT_DOMAIN "SYS_TEST"
#endif  /* TEXT_DOMAIN */
        (void) textdomain(TEXT_DOMAIN);

        /*
         * If someone strips the set-uid bit, dump will still work for local
         * tapes.  Fail when we try to access a remote tape.
         */
        (void) __init_suid_priv(0, PRIV_NET_PRIVADDR, (char *)NULL);

        if (sysinfo(SI_HOSTNAME, spcl.c_host, sizeof (spcl.c_host)) < 0) {
                saverr = errno;
                msg(gettext("Could not get host name: %s\n"),
                    strerror(saverr));
                bzero(spcl.c_host, sizeof (spcl.c_host));
        }

        dumppid = getpid();
        tsize = 0;      /* no default size, detect EOT dynamically */

        archive_opened = 0;
        disk = NULL;
        dname = NULL;
        disk_dynamic = 0;
        increm = NINCREM;
        incno = '9';
        uflag = 0;
        arg = "u";
        tlabel = "none";
        if (argc > 1) {
                argv++;
                argc--;
                arg = *argv;
                if (*arg == '-')
                        arg++;
        }
        while (*arg)
        switch (*arg++) {               /* BE CAUTIOUS OF FALLTHROUGHS */
        case 'M':
                /*
                 * This undocumented option causes each process to
                 * mkdir debug_chdir/getpid(), and chdir to it.  This is
                 * to ease the collection of profiling information and
                 * core dumps.
                 */
                if (argc > 1) {
                        argv++;
                        argc--;
                        debug_chdir = *argv;
                        msg(gettext(
                            "Each process shall try to chdir to %s/<pid>\n"),
                            debug_chdir);
                        child_chdir();
                } else {
                        msg(gettext("Missing move-to-dir (M) name\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 'w':
                lastdump('w');          /* tell us only what has to be done */
                exit(0);
                break;

        case 'W':                       /* what to do */
                lastdump('W');          /* tell state of what has been done */
                exit(0);                /* do nothing else */
                break;

        case 'T':
                if (argc > 1) {
                        int count;
                        int multiplier;
                        char units;

                        argv++;
                        argc--;
                        count = atoi(*argv);
                        if (count < 1) {
                                msg(gettext(
                                    "Unreasonable autoload timeout period\n"));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                        units = *(*argv + strlen(*argv) - 1);
                        switch (units) {
                        case 's':
                                multiplier = 1;
                                break;
                        case 'h':
                                multiplier = 3600;
                                break;
                        case '0': case '1': case '2': case '3': case '4':
                        case '5': case '6': case '7': case '8': case '9':
                        case 'm':
                                multiplier = 60;
                                break;
                        default:
                                msg(gettext(
                                    "Unknown timeout units indicator `%c'\n"),
                                    units);
                                dumpabort();
                                /*NOTREACHED*/
                        }
                        autoload_tries = 1 +
                            ((count * multiplier) / autoload_period);
                } else {
                        msg(gettext("Missing autoload timeout period\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 'f':                       /* output file */
                if (argc > 1) {
                        argv++;
                        argc--;
                        tape = *argv;
                        if (*tape == '\0') {
                                msg(gettext("Bad output device name\n"));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                } else {
                        msg(gettext("Missing output device name\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                if (strcmp(tape, "-") == 0 && verify) {
                        msg(gettext(
                        "Cannot verify when dumping to standard out.\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 'd':                       /* density, in bits per inch */
                if (argc > 1) {
                        argv++;
                        argc--;
                        density = atoi(*argv) / 10;
                        if (density <= 0) {
                                msg(gettext(
                                    "Density must be a positive integer\n"));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                } else {
                        msg(gettext("Missing density\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 's':                       /* tape size, feet */
                if (argc > 1) {
                        argv++;
                        argc--;
                        tsize = atol(*argv);
                        if ((*argv[0] == '-') || (tsize == 0)) {
                                msg(gettext(
                            "Tape size must be a positive integer\n"));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                } else {
                        msg(gettext("Missing tape size\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 't':                       /* tracks */
                if (argc > 1) {
                        argv++;
                        argc--;
                        tracks = atoi(*argv);
                } else {
                        msg(gettext("Missing track count\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 'b':                       /* blocks per tape write */
                if (argc > 1) {
                        argv++;
                        argc--;
                        bflag++;
                        /*
                         * We save the ntrec in case we need to change
                         * tp_bsize later, we will have to recalculate
                         * it.
                         */
                        saved_ntrec = ntrec = atoi(*argv);
                        if (ntrec == 0 || (ntrec&1) || ntrec > (MAXNTREC*2)) {
                                msg(gettext(
                    "Block size must be a positive, even integer <= %d\n"),
                                    MAXNTREC*2);
                                dumpabort();
                                /*NOTREACHED*/
                        }
                        ntrec /= (tp_bsize/DEV_BSIZE);
                } else {
                        msg(gettext("Missing blocking factor\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 'c':                       /* Tape is cart. not 9-track */
        case 'C':                       /* 'C' to be consistent with 'D' */
                cartridge++;
                break;

        case '0':                       /* dump level */
        case '1':
        case '2':
        case '3':
        case '4':
        case '5':
        case '6':
        case '7':
        case '8':
        case '9':
                incno = arg[-1];
                break;

        case 'u':                       /* update /etc/dumpdates */
                uflag++;
                break;

        case 'n':                       /* notify operators */
                notify++;
                break;

        case 'a':                       /* create archive file */
                archive = 1;
                if (argc > 1) {
                        argv++;
                        argc--;
                        if (**argv == '\0') {
                                msg(gettext("Bad archive file name\n"));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                        archivefile = strdup(*argv);
                        if (archivefile == NULL) {
                                saverr = errno;
                                msg(gettext("Cannot allocate memory: %s\n"),
                                    strerror(saverr));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                } else {
                        msg(gettext("Missing archive file name\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 'v':
                verify++;
                doingverify++;
                if (strcmp(tape, "-") == 0) {
                        msg(gettext(
                        "Cannot verify when dumping to standard out.\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 'D':
                diskette++;
                break;

        case 'N':
                if (argc > 1) {
                        argv++;
                        argc--;
                        if (**argv == '\0') {
                                msg(gettext("Missing name for dumpdates "
                                    "entry.\n"));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                        dname = *argv;
                        if (strlen(dname) > MAXNAMLEN + 2) {
                                msg(gettext("Dumpdates entry name too "
                                    "long.\n"));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                        for (i = 0; i < strlen(dname); i++) {
                                if (isspace(*(dname+i))) {
                                        msg(gettext("Dumpdates entry name may "
                                            "not contain white space.\n"));
                                        dumpabort();
                                        /*NOTREACHED*/
                                }
                        }
                } else {
                        msg(gettext("Missing name for dumpdates entry.\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;
        case 'L':
                if (argc > 1) {
                        argv++;
                        argc--;
                        if (**argv == '\0') {
                                msg(gettext("Missing tape label name\n"));
                                dumpabort();
                                /*NOTREACHED*/
                        }
                        tlabel = *argv;
                        if (strlen(tlabel) > (sizeof (spcl.c_label) - 1)) {
                                tlabel[sizeof (spcl.c_label) - 1] = '\0';
                                msg(gettext(
                    "Truncating label to maximum supported length: `%s'\n"),
                                    tlabel);
                        }
                } else {
                        msg(gettext("Missing tape label name\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                break;

        case 'l':
                autoload++;
                break;

        case 'o':
                offline++;
                break;

        case 'S':
                printsize++;
                break;

#ifdef DEBUG
        case 'z':
                xflag++;
                break;
#endif

        default:
                msg(gettext("Bad option `%c'\n"), arg[-1]);
                dumpabort();
                /*NOTREACHED*/
        }
        if (argc > 1) {
                argv++;
                argc--;
                if (**argv == '\0') {
                        msg(gettext("Bad disk name\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                disk = *argv;
                disk_dynamic = 0;
        }
        if (disk == NULL) {
                (void) fprintf(stderr, gettext(
        "Usage: %s [0123456789fustdWwnNDCcbavloS [argument]] filesystem\n"),
                    myname);
                Exit(X_ABORT);
        }
        if (!filenum)
                filenum = 1;

        if (signal(SIGINT, interrupt) == SIG_IGN)
                (void) signal(SIGINT, SIG_IGN);

        if (strcmp(tape, "-") == 0) {
                pipeout++;
                tape = gettext("standard output");
                dumpdev = sdumpdev = strdup(tape);
                if (dumpdev == NULL) {
                        saverr = errno;
                        msg(gettext("Cannot allocate memory: %s\n"),
                            strerror(saverr));
                        dumpabort();
                        /*NOTREACHED*/
                }
                /*CONSTANTCONDITION*/
                assert(sizeof (spcl.c_label) > 5);
                (void) strcpy(spcl.c_label, "none");
        } else if (*tape == '+') {
                nextdevice();
                (void) strcpy(spcl.c_label, tlabel);
        } else {
                /* if not already set, set diskette to default */
                if (diskette && strcmp(tape, DEFTAPE) == 0)
                        tape = DISKETTE;
                nextdevice();
                (void) strcpy(spcl.c_label, tlabel);
        }
        if (cartridge && diskette) {
                error = 1;
                msg(gettext("Cannot select both cartridge and diskette\n"));
        }
        if (density && diskette) {
                error = 1;
                msg(gettext("Cannot select density of diskette\n"));
        }
        if (tracks && diskette) {
                error = 1;
                msg(gettext("Cannot select number of tracks of diskette\n"));
        }
        if (error) {
                dumpabort();
                /*NOTREACHED*/
        }

        /*
         * Determine how to default tape size and density
         *
         *              density                         tape size
         * 9-track      1600 bpi (160 bytes/.1")        2300 ft.
         * 9-track      6250 bpi (625 bytes/.1")        2300 ft.
         *
         * Most Sun-2's came with 4 track (20MB) cartridge tape drives,
         * while most other machines (Sun-3's and non-Sun's) come with
         * 9 track (45MB) cartridge tape drives.  Some Sun-2's came with
         * 9 track drives, but there is no way for the software to detect
         * which drive type is installed.  Sigh...  We make the gross
         * assumption that #ifdef mc68010 will test for a Sun-2.
         *
         * cartridge    8000 bpi (100 bytes/.1")        425 * tracks ft.
         */
        if (density == 0)
                density = cartridge ? 100 : 625;
        if (tracks == 0)
                tracks = 9;
        if (!bflag) {
                if (cartridge)
                        ntrec = CARTRIDGETREC;
                else if (diskette)
                        ntrec = NTREC;
                else if (density >= 625)
                        ntrec = HIGHDENSITYTREC;
                else
                        ntrec = NTREC;
                /*
                 * save ntrec in case we have to change tp_bsize later.
                 */
                saved_ntrec = (ntrec * (tp_bsize/DEV_BSIZE));
        }
        if (!diskette) {
                tsize *= 12L*10L;
                if (cartridge)
                        tsize *= tracks;
        }
        rmtinit(msg, Exit);
        if (host) {
                char    *cp = strchr(host, '@');
                if (cp == (char *)0)
                        cp = host;
                else
                        cp++;

                if (rmthost(host, ntrec) == 0) {
                        msg(gettext("Cannot connect to tape host `%s'\n"), cp);
                        dumpabort();
                        /*NOTREACHED*/
                }
        }
        if (signal(SIGHUP, sigAbort) == SIG_IGN)
                (void) signal(SIGHUP, SIG_IGN);
        if (signal(SIGTRAP, sigAbort) == SIG_IGN)
                (void) signal(SIGTRAP, SIG_IGN);
        if (signal(SIGFPE, sigAbort) == SIG_IGN)
                (void) signal(SIGFPE, SIG_IGN);
        if (signal(SIGBUS, sigAbort) == SIG_IGN)
                (void) signal(SIGBUS, SIG_IGN);
        if (signal(SIGSEGV, sigAbort) == SIG_IGN)
                (void) signal(SIGSEGV, SIG_IGN);
        if (signal(SIGTERM, sigAbort) == SIG_IGN)
                (void) signal(SIGTERM, SIG_IGN);
        if (signal(SIGUSR1, sigAbort) == SIG_IGN)
                (void) signal(SIGUSR1, SIG_IGN);
        if (signal(SIGPIPE, sigAbort) == SIG_IGN)
                (void) signal(SIGPIPE, SIG_IGN);

        mnttabread();           /* /etc/fstab, /etc/mtab snarfed */

        /*
         *      disk can be either the full special file name,
         *      the suffix of the special file name,
         *      the special name missing the leading '/',
         *      the file system name with or without the leading '/'.
         *      NB:  we attempt to avoid dumping the block device
         *      (using rawname) because specfs and the vm system
         *      are not necessarily in sync.
         */

        /*
         * Attempt to roll the log if its root user before doing the dump.
         * There's nothing the user can do if we are unable to roll the log,
         * so we'll silently ignore failures.
         */
        if (getuid() == 0 && rl_roll_log(disk) != RL_SUCCESS &&
            disk[0] != '/') {
                /* Try it again with leading '/'. */
                char    *slashed;

                slashed = (char *)malloc(strlen(disk) + 2);
                if (slashed != (char *)NULL) {
                        (void) sprintf(slashed, "%c%s", '/', disk);
                        (void) rl_roll_log(slashed);
                        free(slashed);
                }
        }
        dt = mnttabsearch(disk, 0);
        if (dt != 0) {
                filesystem = dt->mnt_mountp;
                if (disk_dynamic) {
                        /* LINTED: disk is not NULL */
                        free(disk);
                }
                disk = rawname(dt->mnt_special);
                disk_dynamic = (disk != dt->mnt_special);

                (void) strncpy(spcl.c_dev, dt->mnt_special,
                    sizeof (spcl.c_dev));
                spcl.c_dev[sizeof (spcl.c_dev) - 1] = '\0';
                (void) strncpy(spcl.c_filesys, dt->mnt_mountp,
                    sizeof (spcl.c_filesys));
                spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';
        } else {
                (void) strncpy(spcl.c_dev, disk, sizeof (spcl.c_dev));
                spcl.c_dev[sizeof (spcl.c_dev) - 1] = '\0';
#ifdef PARTIAL
                /* check for partial filesystem dump */
                partial_check();
                dt = mnttabsearch(disk, 1);
                if (dt != 0) {
                        filesystem = dt->mnt_mountp;
                        if (disk_dynamic)
                                free(disk);
                        disk = rawname(dt->mnt_special);
                        disk_dynamic = (disk != dt->mnt_special);

                        (void) strncpy(spcl.c_filesys,
                            "a partial file system", sizeof (spcl.c_filesys));
                        spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';
                }
                else
#endif /* PARTIAL */
                {
                        char *old_disk = disk;

                        (void) strncpy(spcl.c_filesys,
                            "an unlisted file system",
                            sizeof (spcl.c_filesys));
                        spcl.c_filesys[sizeof (spcl.c_filesys) - 1] = '\0';

                        disk = rawname(old_disk);
                        if (disk != old_disk) {
                                if (disk_dynamic)
                                        free(old_disk);
                                disk_dynamic = 1;
                        }
                        /*
                         * If disk == old_disk, then disk_dynamic's state
                         * does not change.
                         */
                }
        }

        fi = open64(disk, O_RDONLY);

        if (fi < 0) {
                saverr = errno;
                msg(gettext("Cannot open dump device `%s': %s\n"),
                    disk, strerror(saverr));
                Exit(X_ABORT);
        }

        if (sscanf(&incno, "%1d", &spcl.c_level) != 1) {
                msg(gettext("Bad dump level `%c' specified\n"), incno);
                dumpabort();
                /*NOTREACHED*/
        }
        getitime();             /* /etc/dumpdates snarfed */

        sblock = (struct fs *)&sblock_buf;
        sync();

        bread((diskaddr_t)SBLOCK, (uchar_t *)sblock, (long)SBSIZE);
        if ((sblock->fs_magic != FS_MAGIC) &&
            (sblock->fs_magic != MTB_UFS_MAGIC)) {
                msg(gettext(
            "Warning - super-block on device `%s' is corrupt - run fsck\n"),
                    disk);
                dumpabort();
                /*NOTREACHED*/
        }

        if (sblock->fs_magic == FS_MAGIC &&
            (sblock->fs_version != UFS_EFISTYLE4NONEFI_VERSION_2 &&
            sblock->fs_version != UFS_VERSION_MIN)) {
                msg(gettext("Unrecognized UFS version: %d\n"),
                    sblock->fs_version);
                dumpabort();
                /*NOTREACHED*/
        }

        if (sblock->fs_magic == MTB_UFS_MAGIC &&
            (sblock->fs_version < MTB_UFS_VERSION_MIN ||
            sblock->fs_version > MTB_UFS_VERSION_1)) {
                msg(gettext("Unrecognized UFS version: %d\n"),
                    sblock->fs_version);
                dumpabort();
                /*NOTREACHED*/
        }

        /*
         * Try to set up for using mmap(2).  It only works on the block
         * device, but if we can use it, things go somewhat faster.  If
         * we can't open it, we'll silently fall back to the old method
         * (read/memcpy). We also only try this if it's been cleanly
         * unmounted. Dumping a live filesystem this way runs into
         * buffer consistency problems. Of course, we don't support
         * running dump on a mounted filesystem, but some people do it
         * anyway.
         */
        if (sblock->fs_clean == FSCLEAN) {
                char *block = unrawname(disk);

                if (block != NULL) {
                        mapfd = open(block, O_RDONLY, 0);
                        free(block);
                }
        }

restart:
        bread((diskaddr_t)SBLOCK, (uchar_t *)sblock, (long)SBSIZE);
        if ((sblock->fs_magic != FS_MAGIC) &&
            (sblock->fs_magic != MTB_UFS_MAGIC)) {      /* paranoia */
                msg(gettext("bad super-block magic number, run fsck\n"));
                dumpabort();
                /*NOTREACHED*/
        }

        if (sblock->fs_magic == FS_MAGIC &&
            (sblock->fs_version != UFS_EFISTYLE4NONEFI_VERSION_2 &&
            sblock->fs_version != UFS_VERSION_MIN)) {
                msg(gettext("Unrecognized UFS version: %d\n"),
                    sblock->fs_version);
                dumpabort();
                /*NOTREACHED*/
        }

        if (sblock->fs_magic == MTB_UFS_MAGIC &&
            (sblock->fs_version < MTB_UFS_VERSION_MIN ||
            sblock->fs_version > MTB_UFS_VERSION_1)) {
                msg(gettext("Unrecognized UFS version: %d\n"),
                    sblock->fs_version);
                dumpabort();
                /*NOTREACHED*/
        }

        if (!doingactive)
                allocino();

        /* XXX should sanity-check the super block before trusting/using it */

        /* LINTED XXX time truncated - tolerate until tape format changes */
        spcl.c_date = (time32_t)time((time_t *)NULL);
        bcopy(&(spcl.c_shadow), c_shadow_save, sizeof (c_shadow_save));

        snapdate = is_fssnap_dump(disk);
        if (snapdate)
                spcl.c_date = snapdate;

        if (!printsize) {
                msg(gettext("Date of this level %c dump: %s\n"),
                    incno, prdate(spcl.c_date));
                msg(gettext("Date of last level %c dump: %s\n"),
                    (uchar_t)lastincno, prdate(spcl.c_ddate));
                msg(gettext("Dumping %s "), disk);
                if (filesystem != 0)
                        msgtail("(%.*s:%s) ",
                            /* LINTED unsigned -> signed cast ok */
                            (int)sizeof (spcl.c_host), spcl.c_host, filesystem);
                msgtail(gettext("to %s.\n"), sdumpdev);
        }

        esize = f_esize = o_esize = 0;
        msiz = roundup(d_howmany(sblock->fs_ipg * sblock->fs_ncg, NBBY),
            TP_BSIZE_MAX);
        if (!doingactive) {
                clrmap = (uchar_t *)xcalloc(msiz, sizeof (*clrmap));
                filmap = (uchar_t *)xcalloc(msiz, sizeof (*filmap));
                dirmap = (uchar_t *)xcalloc(msiz, sizeof (*dirmap));
                nodmap = (uchar_t *)xcalloc(msiz, sizeof (*nodmap));
                shamap = (uchar_t *)xcalloc(msiz, sizeof (*shamap));
                activemap = (uchar_t *)xcalloc(msiz, sizeof (*activemap));
        } else {
                if (clrmap == NULL || filmap == NULL || dirmap == NULL ||
                    nodmap == NULL || shamap == NULL || activemap == NULL) {
                        msg(gettext(
            "Internal error: NULL map pointer while re-dumping active files"));
                        dumpabort();
                        /*NOTREACHED*/
                }
                bzero(clrmap, msiz);
                bzero(filmap, msiz);
                bzero(dirmap, msiz);
                bzero(nodmap, msiz);
                bzero(shamap, msiz);
                /* retain active map */
        }

        dumpstate = DS_INIT;
        dumptoarchive = 1;

        /*
         * Read cylinder group inode-used bitmaps to avoid reading clear inodes.
         */
        {
                uchar_t *clrp = clrmap;
                struct cg *cgp =
                    (struct cg *)xcalloc((uint_t)sblock->fs_cgsize, 1);

                for (i = 0; i < sblock->fs_ncg; i++) {
                        bread(fsbtodb(sblock, cgtod(sblock, i)),
                            (uchar_t *)cgp, sblock->fs_cgsize);
                        bcopy(cg_inosused(cgp), clrp,
                            (int)sblock->fs_ipg / NBBY);
                        clrp += sblock->fs_ipg / NBBY;
                }
                free((char *)cgp);
                /* XXX right-shift clrmap one bit.  why? */
                for (i = 0; clrp > clrmap; i <<= NBBY) {
                        i |= *--clrp & ((1<<NBBY) - 1);
                        *clrp = i >> 1;
                }
        }

        if (!printsize) {
                msgp = gettext("Mapping (Pass I) [regular files]\n");
                msg(msgp);
        }

        ino = 0;
#ifdef PARTIAL
        if (partial_mark(argc, argv)) {
#endif /* PARTIAL */
                if (!doingactive)
                        pass(mark, clrmap);     /* mark updates 'x'_esize */
                else
                        pass(active_mark, clrmap);      /* updates 'x'_esize */
#ifdef PARTIAL
        }
#endif /* PARTIAL */
        do {
                if (!printsize) {
                        msgp = gettext("Mapping (Pass II) [directories]\n");
                        msg(msgp);
                }
                nadded = 0;
                ino = 0;
                pass(add, dirmap);
        } while (nadded);

        ino = 0; /* adjust estimated size for shadow inodes */
        pass(markshad, nodmap);
        ino = 0;
        pass(estshad, shamap);
        freeshad();

        bmapest(clrmap);
        bmapest(nodmap);
        esize = o_esize + f_esize;
        if (diskette) {
                /* estimate number of floppies */
                if (tsize != 0)
                        fetapes = (double)(esize + ntrec) / (double)tsize;
        } else if (cartridge) {
                /*
                 * Estimate number of tapes, assuming streaming stops at
                 * the end of each block written, and not in mid-block.
                 * Assume no erroneous blocks; this can be compensated for
                 * with an artificially low tape size.
                 */
                tenthsperirg = 16;      /* actually 15.48, says Archive */
                if (tsize != 0)
                        fetapes = ((double)esize /* blocks */
                            * (tp_bsize         /* bytes/block */
                            * (1.0/density))    /* 0.1" / byte */
                            +
                            (double)esize       /* blocks */
                            * (1.0/ntrec)       /* streaming-stops per block */
                            * tenthsperirg)     /* 0.1" / streaming-stop */
                            * (1.0 / tsize);    /* tape / 0.1" */
        } else {
                /* Estimate number of tapes, for old fashioned 9-track tape */
#ifdef sun
                /* sun has long irg's */
                tenthsperirg = (density == 625) ? 6 : 12;
#else
                tenthsperirg = (density == 625) ? 5 : 8;
#endif
                if (tsize != 0)
                        fetapes = ((double)esize /* blocks */
                            * (tp_bsize         /* bytes / block */
                            * (1.0/density))    /* 0.1" / byte */
                            +
                            (double)esize       /* blocks */
                            * (1.0/ntrec)       /* IRG's / block */
                            * tenthsperirg)     /* 0.1" / IRG */
                            * (1.0 / tsize);    /* tape / 0.1" */
        }

        etapes = fetapes;       /* truncating assignment */
        etapes++;
        /* count the nodemap on each additional tape */
        for (i = 1; i < etapes; i++)
                bmapest(nodmap);
        /*
         * If the above bmapest is called, it changes o_esize and f_esize.
         * So we will recalculate esize here anyway to make sure.
         * Also, add tape headers and trailer records.
         */
        esize = o_esize + f_esize + etapes + ntrec;

        /*
         * If the estimated number of tp_bsize tape blocks is greater than
         * INT_MAX we have to adjust tp_bsize and ntrec to handle
         * the larger dump.  esize is an estimate, so we 'fudge'
         * INT_MAX a little.  If tp_bsize is adjusted, it will be adjusted
         * to the size needed for this dump (2048, 4096, 8192, ...)
         */
        if (esize > (INT_MAX - FUDGE_FACTOR)) { /* esize is too big */
                forceflag++;
                esize_shift =
                    ((esize + (INT_MAX - FUDGE_FACTOR) - 1)/
                    ((u_offset_t)(INT_MAX - FUDGE_FACTOR))) - 1;
                if ((esize_shift > ESIZE_SHIFT_MAX) || (ntrec == 0)) {
                        msgp = gettext(
        "Block factor %d ('b' flag) is too small for this size dump.");
                        msg(msgp, saved_ntrec);
                        dumpabort();
                        /*NOTREACHED*/
                }
                /*
                 * recalculate esize from:
                 * o_esize - header tape records
                 * (f_esize + (num_mult -1)) >> esize_shift - new non-header
                 *      tape records for files/maps
                 * etapes - TS_TAPE records
                 * ntrec - TS_END records
                 *
                 * ntrec is adjusted so a tape record is still 'b' flag
                 * number of DEV_BSIZE (512) in size
                 */
                new_mult = (tp_bsize << esize_shift)/tp_bsize;
                tp_bsize = (tp_bsize << esize_shift);
                esize = o_esize + ((f_esize +
                    (new_mult - 1)) >> esize_shift) + etapes + ntrec;
                ntrec = (saved_ntrec/(tp_bsize/DEV_BSIZE));
        }
        if (forceflag != 0) {
                msgp = gettext(
                    "Forcing larger tape block size (%d).\n");
                msg(msgp, tp_bsize);
        }
        alloctape();                    /* allocate tape buffers */

        assert((tp_bsize / DEV_BSIZE != 0) && (tp_bsize % DEV_BSIZE == 0));
        /*
         * If all we wanted was the size estimate,
         * just print it out and exit.
         */
        if (printsize) {
                (void) printf("%llu\n", esize * tp_bsize);
                Exit(0);
        }

        if (tsize != 0) {
                if (diskette)
                        msgp = gettext(
                            "Estimated %lld blocks (%s) on %3.2f diskettes.\n");
                else
                        msgp = gettext(
                            "Estimated %lld blocks (%s) on %3.2f tapes.\n");

                msg(msgp,
                    (esize*(tp_bsize/DEV_BSIZE)), mb(esize), fetapes);
        } else {
                msgp = gettext("Estimated %lld blocks (%s).\n");
                msg(msgp, (esize*(tp_bsize/DEV_BSIZE)), mb(esize));
        }

        dumpstate = DS_CLRI;

        otape(1);                       /* bitmap is the first to tape write */
        *telapsed = 0;
        (void) time(tstart_writing);

        /* filmap indicates all non-directory inodes */
        {
                uchar_t *np, *fp, *dp;
                np = nodmap;
                dp = dirmap;
                fp = filmap;
                for (i = 0; i < msiz; i++)
                        *fp++ = *np++ ^ *dp++;
        }

        while (dumpstate != DS_DONE) {
                /*
                 * When we receive EOT notification from
                 * the writer, the signal handler calls
                 * rollforward and then jumps here.
                 */
                (void) setjmp(checkpoint_buf);
                switch (dumpstate) {
                case DS_INIT:
                        /*
                         * We get here if a tape error occurred
                         * after releasing the name lock but before
                         * the volume containing the last of the
                         * dir info was completed.  We have to start
                         * all over in this case.
                         */
                        {
                                char *rmsg = gettext(
                "Warning - output error occurred after releasing name lock\n\
\tThe dump will restart\n");
                                msg(rmsg);
                                goto restart;
                        }
                        /* NOTREACHED */
                case DS_START:
                case DS_CLRI:
                        ino = UFSROOTINO;
                        dumptoarchive = 1;
                        bitmap(clrmap, TS_CLRI);
                        nextstate(DS_BITS);
                        /* FALLTHROUGH */
                case DS_BITS:
                        ino = UFSROOTINO;
                        dumptoarchive = 1;
                        if (BIT(UFSROOTINO, nodmap))    /* empty dump check */
                                bitmap(nodmap, TS_BITS);
                        nextstate(DS_DIRS);
                        if (!doingverify) {
                                msgp = gettext(
                                    "Dumping (Pass III) [directories]\n");
                                msg(msgp);
                        }
                        /* FALLTHROUGH */
                case DS_DIRS:
                        dumptoarchive = 1;
                        pass(dirdump, dirmap);
                        nextstate(DS_FILES);
                        if (!doingverify) {
                                msgp = gettext(
                                    "Dumping (Pass IV) [regular files]\n");
                                msg(msgp);
                        }
                        /* FALLTHROUGH */
                case DS_FILES:
                        dumptoarchive = 0;

                        pass(lf_dump, filmap);

                        flushcmds();
                        dumpstate = DS_END;     /* don't reset ino */
                        /* FALLTHROUGH */
                case DS_END:
                        dumptoarchive = 1;
                        spcl.c_type = TS_END;
                        for (i = 0; i < ntrec; i++) {
                                spclrec();
                        }
                        flusht();
                        break;
                case DS_DONE:
                        break;
                default:
                        msg(gettext("Internal state error\n"));
                        dumpabort();
                        /*NOTREACHED*/
                }
        }

        if ((! doingactive) && (! active))
                trewind();
        if (verify && !doingverify) {
                msgp = gettext("Finished writing last dump volume\n");
                msg(msgp);
                Exit(X_VERIFY);
        }
        if (spcl.c_volume > 1)
                (void) snprintf(msgbuf, sizeof (msgbuf),
                    gettext("%lld blocks (%s) on %ld volumes"),
                    ((uint64_t)spcl.c_tapea*(tp_bsize/DEV_BSIZE)),
                    mb((u_offset_t)(unsigned)(spcl.c_tapea)),
                    spcl.c_volume);
        else
                (void) snprintf(msgbuf, sizeof (msgbuf),
                    gettext("%lld blocks (%s) on 1 volume"),
                    ((uint64_t)spcl.c_tapea*(tp_bsize/DEV_BSIZE)),
                    mb((u_offset_t)(unsigned)(spcl.c_tapea)));
        if (timeclock((time_t)0) != (time_t)0) {
                (void) snprintf(kbsbuf, sizeof (kbsbuf),
                    gettext(" at %ld KB/sec"),
                    (long)(((float)spcl.c_tapea / (float)timeclock((time_t)0))
                    * 1000.0));
                (void) strcat(msgbuf, kbsbuf);
        }
        (void) strcat(msgbuf, "\n");
        msg(msgbuf);
        (void) timeclock((time_t)-1);

        if (archive)
                msg(gettext("Archiving dump to `%s'\n"), archivefile);
        if (active && !verify) {
                nextstate(DS_INIT);
                activepass();
                goto restart;
        }
        msgp = gettext("DUMP IS DONE\n");
        msg(msgp);
        broadcast(msgp);
        if (! doingactive)
                putitime();
        Exit(X_FINOK);

        /*NOTREACHED*/
        return (0);
}

void
sigAbort(int sig)
{
        char    *sigtype;

        switch (sig) {
        case SIGHUP:
                sigtype = "SIGHUP";
                break;
        case SIGTRAP:
                sigtype = "SIGTRAP";
                break;
        case SIGFPE:
                sigtype = "SIGFPE";
                break;
        case SIGBUS:
                msg(gettext("%s  ABORTING!\n"), "SIGBUS()");
                (void) signal(SIGUSR2, SIG_DFL);
                abort();
                /*NOTREACHED*/
        case SIGSEGV:
                msg(gettext("%s  ABORTING!\n"), "SIGSEGV()");
                (void) signal(SIGUSR2, SIG_DFL);
                abort();
                /*NOTREACHED*/
        case SIGALRM:
                sigtype = "SIGALRM";
                break;
        case SIGTERM:
                sigtype = "SIGTERM";
                break;
        case SIGPIPE:
                msg(gettext("Broken pipe\n"));
                dumpabort();
                /*NOTREACHED*/
        default:
                sigtype = "SIGNAL";
                break;
        }
        msg(gettext("%s()  try rewriting\n"), sigtype);
        if (pipeout) {
                msg(gettext("Unknown signal, Cannot recover\n"));
                dumpabort();
                /*NOTREACHED*/
        }
        msg(gettext("Rewriting attempted as response to unknown signal.\n"));
        (void) fflush(stderr);
        (void) fflush(stdout);
        close_rewind();
        Exit(X_REWRITE);
}

/* Note that returned value is malloc'd if != cp && != NULL */
char *
rawname(char *cp)
{
        struct stat64 st;
        char *dp;
        extern char *getfullrawname();

        if (stat64(cp, &st) < 0 || (st.st_mode & S_IFMT) != S_IFBLK)
                return (cp);

        dp = getfullrawname(cp);
        if (dp == 0)
                return (0);
        if (*dp == '\0') {
                free(dp);
                return (0);
        }

        if (stat64(dp, &st) < 0 || (st.st_mode & S_IFMT) != S_IFCHR) {
                free(dp);
                return (cp);
        }

        return (dp);
}

static char *
mb(u_offset_t blks)
{
        static char buf[16];

        if (blks < 1024)
                (void) snprintf(buf, sizeof (buf), "%lldKB", blks);
        else
                (void) snprintf(buf, sizeof (buf), "%.2fMB",
                    ((double)(blks*tp_bsize)) / (double)(1024*1024));
        return (buf);
}

#ifdef signal
void (*nsignal(int sig, void (*act)(int)))(int)
{
        struct sigaction sa, osa;

        sa.sa_handler = act;
        (void) sigemptyset(&sa.sa_mask);
        sa.sa_flags = SA_RESTART;
        if (sigaction(sig, &sa, &osa) < 0)
                return ((void (*)(int))-1);
        return (osa.sa_handler);
}
#endif

static void
nextstate(int state)
{
        /* LINTED assigned value never used - kept for documentary purposes */
        dumpstate = state;
        /* LINTED assigned value never used - kept for documentary purposes */
        ino = 0;
        /* LINTED assigned value never used - kept for documentary purposes */
        pos = 0;
        leftover = 0;
}

/*
 * timeclock() function, for keeping track of how much time we've spent
 * writing to the tape device.  it always returns the amount of time
 * already spent, in milliseconds.  if you pass it a positive, then that's
 * telling it that we're writing, so the time counts.  if you pass it a
 * zero, then that's telling it we're not writing; perhaps we're waiting
 * for user input.
 *
 * a state of -1 resets everything.
 */
time32_t
timeclock(time32_t state)
{
        static int *currentState = NULL;
        static struct timeval *clockstart;
        static time32_t *emilli;

        struct timeval current[1];
        int fd, saverr;

#ifdef DEBUG
        fprintf(stderr, "pid=%d timeclock ", getpid());
        if (state == (time32_t)-1)
                fprintf(stderr, "cleared\n");
        else if (state > 0)
                fprintf(stderr, "ticking\n");
        else
                fprintf(stderr, "paused\n");
#endif /* DEBUG */

        /* if we haven't setup the shared memory, init */
        if (currentState == (int *)NULL) {
                if ((fd = open("/dev/zero", O_RDWR)) < 0) {
                        saverr = errno;
                        msg(gettext("Cannot open `%s': %s\n"),
                            "/dev/zero", strerror(saverr));
                        dumpabort();
                        /*NOTREACHED*/
                }
                /*LINTED [mmap always returns an aligned value]*/
                currentState = (int *)mmap((char *)0, getpagesize(),
                    PROT_READ|PROT_WRITE, MAP_SHARED, fd, (off_t)0);
                if (currentState == (int *)-1) {
                        saverr = errno;
                        msg(gettext(
                            "Cannot memory map monitor variables: %s\n"),
                            strerror(saverr));
                        dumpabort();
                        /*NOTREACHED*/
                }
                (void) close(fd);

                /* LINTED currentState is sufficiently aligned */
                clockstart = (struct timeval *)(currentState + 1);
                emilli = (time32_t *)(clockstart + 1);
                /* Note everything is initialized to zero via /dev/zero */
        }

        if (state == (time32_t)-1) {
                bzero(clockstart, sizeof (*clockstart));
                *currentState = 0;
                *emilli = (time32_t)0;
                return (0);
        }

        (void) gettimeofday(current, NULL);

        if (*currentState != 0) {
                current->tv_usec += 1000000;
                current->tv_sec--;

                /* LINTED: result will fit in a time32_t */
                *emilli += (current->tv_sec - clockstart->tv_sec) * 1000;
                /* LINTED: result will fit in a time32_t */
                *emilli += (current->tv_usec - clockstart->tv_usec) / 1000;
        }

        if (state != 0)
                bcopy(current, clockstart, sizeof (current));

        *currentState = state;

        return (*emilli);
}

static int
statcmp(const struct stat64 *left, const struct stat64 *right)
{
        int result = 1;

        if ((left->st_dev == right->st_dev) &&
            (left->st_ino == right->st_ino) &&
            (left->st_mode == right->st_mode) &&
            (left->st_nlink == right->st_nlink) &&
            (left->st_uid == right->st_uid) &&
            (left->st_gid == right->st_gid) &&
            (left->st_rdev == right->st_rdev) &&
            (left->st_ctim.tv_sec == right->st_ctim.tv_sec) &&
            (left->st_ctim.tv_nsec == right->st_ctim.tv_nsec) &&
            (left->st_mtim.tv_sec == right->st_mtim.tv_sec) &&
            (left->st_mtim.tv_nsec == right->st_mtim.tv_nsec)) {
                /*
                 * Unlike in the ufsrestore version
                 * st_blocks and st_blksiz are not
                 * compared. The reason for this is
                 * problems with zfs dump files. Zfs
                 * changes it's statistics in those
                 * fields.
                 */
                result = 0;
        }

        return (result);
}

/*
 * Safely open a file or device.
 */
static int
safe_open_common(const char *filename, int mode, int perms, int device)
{
        int fd;
        int working_mode;
        int saverr;
        char *errtext;
        struct stat64 pre_stat, pre_lstat;
        struct stat64 post_stat, post_lstat;

        /*
         * Don't want to be spoofed into trashing something we
         * shouldn't, thus the following rigamarole.  If it doesn't
         * exist, we create it and proceed.  Otherwise, require that
         * what's there be a real file with no extraneous links and
         * owned by whoever ran us.
         *
         * The silliness with using both lstat() and fstat() is to avoid
         * race-condition games with someone replacing the file with a
         * symlink after we've opened it.  If there was an flstat(),
         * we wouldn't need the fstat().
         *
         * The initial open with the hard-coded flags is ok even if we
         * are intending to open only for reading.  If it succeeds,
         * then the file did not exist, and we'll synthesize an appropriate
         * complaint below.  Otherwise, it does exist, so we won't be
         * truncating it with the open.
         */
        if ((fd = open(filename, O_WRONLY|O_CREAT|O_TRUNC|O_EXCL|O_LARGEFILE,
            perms)) < 0) {
                if (errno == EEXIST) {
                        if (lstat64(filename, &pre_lstat) < 0) {
                                return (-1);
                        }

                        if (stat64(filename, &pre_stat) < 0) {
                                return (-1);
                        }

                        working_mode = mode & (O_WRONLY|O_RDWR|O_RDONLY);
                        working_mode |= O_LARGEFILE;
                        if ((fd = open(filename, working_mode)) < 0) {
                                if (errno == ENOENT) {
                                        errtext = gettext(
"Unexpected condition detected: %s used to exist, but doesn't any longer\n");
                                        msg(errtext, filename);
                                        syslog(LOG_WARNING, errtext, filename);
                                        errno = ENOENT;
                                }
                                return (-1);
                        }

                        if (lstat64(filename, &post_lstat) < 0) {
                                saverr = errno;
                                (void) close(fd);
                                errno = saverr;
                                return (-1);
                        }

                        if (fstat64(fd, &post_stat) < 0) {
                                saverr = errno;
                                (void) close(fd);
                                errno = saverr;
                                return (-1);
                        }

                        /*
                         * Can't just use memcmp(3C), because the access
                         * time is updated by open(2).
                         */
                        if (statcmp(&pre_lstat, &post_lstat) != 0) {
                                errtext = gettext("Unexpected change detected: "
                                    "%s's lstat(2) information changed\n");
                                msg(errtext, filename);
                                syslog(LOG_WARNING, errtext, filename);
                                errno = EPERM;
                                return (-1);
                        }

                        if (statcmp(&pre_stat, &post_stat) != 0) {
                                errtext = gettext("Unexpected change detected: "
                                    "%s's stat(2) information changed\n"),
                                    msg(errtext, filename);
                                syslog(LOG_WARNING, errtext, filename);
                                errno = EPERM;
                                return (-1);
                        }

                        /*
                         * If inode, device, or type are wrong, bail out.
                         * Note using post_stat instead of post_lstat for the
                         * S_ISCHR() test.  This is to allow the /dev ->
                         * /devices bit to work, as long as the final target
                         * is a character device (i.e., raw disk or tape).
                         */
                        if (device && !(S_ISCHR(post_stat.st_mode)) &&
                            !(S_ISFIFO(post_stat.st_mode)) &&
                            !(S_ISREG(post_lstat.st_mode))) {
                                errtext = gettext("Unexpected condition "
                                    "detected: %s is not a supported device\n"),
                                    msg(errtext, filename);
                                syslog(LOG_WARNING, errtext, filename);
                                (void) close(fd);
                                errno = EPERM;
                                return (-1);
                        } else if (!device &&
                            (!S_ISREG(post_lstat.st_mode) ||
                            (post_stat.st_ino != post_lstat.st_ino) ||
                            (post_stat.st_dev != post_lstat.st_dev))) {
                                errtext = gettext("Unexpected condition "
                                    "detected: %s is not a regular file\n"),
                                    msg(errtext, filename);
                                syslog(LOG_WARNING, errtext, filename);
                                (void) close(fd);
                                errno = EPERM;
                                return (-1);
                        }

                        /*
                         * Bad link count implies someone's linked our
                         * target to something else, which we probably
                         * shouldn't step on.
                         */
                        if (post_lstat.st_nlink != 1) {
                                errtext = gettext("Unexpected condition "
                                    "detected: %s must have exactly one "
                                    "link\n"), msg(errtext, filename);
                                syslog(LOG_WARNING, errtext, filename);
                                (void) close(fd);
                                errno = EPERM;
                                return (-1);
                        }
                        /*
                         * Root might make a file, but non-root might
                         * need to open it.  If the permissions let us
                         * get this far, then let it through.
                         */
                        if (post_lstat.st_uid != getuid() &&
                            post_lstat.st_uid != 0) {
                                errtext = gettext("Unsupported "
                                    "condition detected: %s "
                                    "must be owned by uid %ld or 0\n"),
                                    msg(errtext, filename, (long)getuid());
                                syslog(LOG_WARNING, errtext, filename,
                                    (long)getuid());
                                (void) close(fd);
                                errno = EPERM;
                                return (-1);
                        }
                        if (mode & O_TRUNC) {
                                if (ftruncate(fd, (off_t)0) < 0) {
                                        msg("ftruncate(%s): %s\n",
                                            filename, strerror(errno));
                                        (void) close(fd);
                                        return (-1);
                                }
                        }
                } else {
                        /*
                         * Didn't exist, but couldn't open it.
                         */
                        return (-1);
                }
        } else {
                /*
                 * If truncating open succeeded for a read-only open,
                 * bail out, as we really shouldn't have succeeded.
                 */
                if (mode & O_RDONLY) {
                        /* Undo the O_CREAT */
                        (void) unlink(filename);
                        msg("open(%s): %s\n",
                            filename, strerror(ENOENT));
                        (void) close(fd);
                        errno = ENOENT;
                        return (-1);
                }
        }

        return (fd);
}

/*
 * Safely open a file.
 */
int
safe_file_open(const char *filename, int mode, int perms)
{
        return (safe_open_common(filename, mode, perms, 0));
}

/*
 * Safely open a device.
 */
int
safe_device_open(const char *filename, int mode, int perms)
{
        return (safe_open_common(filename, mode, perms, 1));
}

/*
 * STDIO version of safe_open
 */
FILE *
safe_fopen(const char *filename, const char *smode, int perms)
{
        int fd;
        int bmode;

        /*
         * accepts only modes  "r", "r+", and "w"
         */
        if (smode[0] == 'r') {
                if (smode[1] == '\0') {
                        bmode = O_RDONLY;
                } else if ((smode[1] == '+') && (smode[2] == '\0')) {
                        bmode = O_RDWR;
                }
        } else if ((smode[0] == 'w') && (smode[1] == '\0')) {
                bmode = O_WRONLY;
        } else {
                msg(gettext("internal error: safe_fopen: invalid mode `%s'\n"),
                    smode);
                return (NULL);
        }

        fd = safe_file_open(filename, bmode, perms);

        /*
         * caller is expected to report error.
         */
        if (fd >= 0)
                return (fdopen(fd, smode));

        return ((FILE *)NULL);
}

void
child_chdir(void)
{
        char name[MAXPATHLEN];

        if (debug_chdir != NULL) {
                snprintf(name, sizeof (name), "%s/%ld",
                    debug_chdir, (long)getpid());
                if (mkdir(name, 0755) < 0)
                        msg("mkdir(%s): %s", name, strerror(errno));
                if (chdir(name) < 0)
                        msg("chdir(%s): %s", name, strerror(errno));
        }
}
Illumos
