2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
73 #include "source4/lib/tls/tls.h"
75 #ifdef HAVE_SYS_SYSCTL_H
76 #include <sys/sysctl.h>
81 extern userdom_struct current_user_info;
83 /* the special value for the include parameter
84 * to be interpreted not as a file name but to
85 * trigger loading of the global smb.conf options
87 #ifndef INCLUDE_REGISTRY_NAME
88 #define INCLUDE_REGISTRY_NAME "registry"
91 static bool in_client = false; /* Not in the client by default */
92 static struct smbconf_csn conf_last_csn;
94 static int config_backend = CONFIG_BACKEND_FILE;
96 /* some helpful bits */
97 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && \
98 (ServicePtrs != NULL) && \
99 (ServicePtrs[(i)] != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) ((ServicePtrs != NULL) && (ServicePtrs[i]!= NULL) && \
101 ServicePtrs[i]->valid)
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
106 static bool defaults_saved = false;
108 #include "lib/param/param_global.h"
110 static struct loadparm_global Globals;
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
118 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .max_print_jobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
189 .administrative_share = false,
192 .print_notify_backchannel = false,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
199 .strict_locking = Auto,
200 .posix_locking = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
204 .mangled_names = true,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
210 .strict_sync = false,
211 .mangling_char = '~',
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
225 .msdfs_shuffle_referrals = false,
226 .use_client_driver = false,
227 .default_devmode = true,
228 .force_printername = false,
229 .nt_acl_support = true,
230 .force_unknown_acl_user = false,
231 ._use_sendfile = false,
232 .profile_acls = false,
233 .map_acl_inherit = false,
236 .acl_check_permissions = true,
237 .acl_map_full_control = true,
238 .acl_group_control = false,
239 .acl_allow_execute_always = false,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
260 static unsigned int *flags_list = NULL;
262 static void set_allowed_client_auth(void);
264 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
265 static void free_param_opts(struct parmlist_entry **popts);
268 * Function to return the default value for the maximum number of open
269 * file descriptors permitted. This function tries to consult the
270 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
271 * the smaller of those.
273 static int max_open_files(void)
275 int sysctl_max = MAX_OPEN_FILES;
276 int rlimit_max = MAX_OPEN_FILES;
278 #ifdef HAVE_SYSCTLBYNAME
280 size_t size = sizeof(sysctl_max);
281 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
286 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
292 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
293 rlimit_max = rl.rlim_cur;
295 #if defined(RLIM_INFINITY)
296 if(rl.rlim_cur == RLIM_INFINITY)
297 rlimit_max = MAX_OPEN_FILES;
302 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
303 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
304 "minimum Windows limit (%d)\n",
306 MIN_OPEN_FILES_WINDOWS));
307 sysctl_max = MIN_OPEN_FILES_WINDOWS;
310 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
311 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
312 "minimum Windows limit (%d)\n",
314 MIN_OPEN_FILES_WINDOWS));
315 rlimit_max = MIN_OPEN_FILES_WINDOWS;
318 return MIN(sysctl_max, rlimit_max);
322 * Common part of freeing allocated data for one parameter.
324 static void free_one_parameter_common(void *parm_ptr,
325 struct parm_struct parm)
327 if ((parm.type == P_STRING) ||
328 (parm.type == P_USTRING))
330 lpcfg_string_free((char**)parm_ptr);
331 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
332 TALLOC_FREE(*((char***)parm_ptr));
337 * Free the allocated data for one parameter for a share
338 * given as a service struct.
340 static void free_one_parameter(struct loadparm_service *service,
341 struct parm_struct parm)
345 if (parm.p_class != P_LOCAL) {
349 parm_ptr = lp_parm_ptr(service, &parm);
351 free_one_parameter_common(parm_ptr, parm);
355 * Free the allocated parameter data of a share given
356 * as a service struct.
358 static void free_parameters(struct loadparm_service *service)
362 for (i=0; parm_table[i].label; i++) {
363 free_one_parameter(service, parm_table[i]);
368 * Free the allocated data for one parameter for a given share
369 * specified by an snum.
371 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
376 parm_ptr = lp_parm_ptr(NULL, &parm);
377 } else if (parm.p_class != P_LOCAL) {
380 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
383 free_one_parameter_common(parm_ptr, parm);
387 * Free the allocated parameter data for a share specified
390 static void free_parameters_by_snum(int snum)
394 for (i=0; parm_table[i].label; i++) {
395 free_one_parameter_by_snum(snum, parm_table[i]);
400 * Free the allocated global parameters.
402 static void free_global_parameters(void)
405 struct parm_struct *parm;
407 free_param_opts(&Globals.param_opt);
408 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
410 /* Reset references in the defaults because the context is going to be freed */
411 for (i=0; parm_table[i].label; i++) {
412 parm = &parm_table[i];
413 if ((parm->type == P_STRING) ||
414 (parm->type == P_USTRING)) {
415 if ((parm->def.svalue != NULL) &&
416 (*(parm->def.svalue) != '\0')) {
417 if (talloc_parent(parm->def.svalue) == Globals.ctx) {
418 parm->def.svalue = NULL;
423 TALLOC_FREE(Globals.ctx);
426 struct lp_stored_option {
427 struct lp_stored_option *prev, *next;
432 static struct lp_stored_option *stored_options;
435 save options set by lp_set_cmdline() into a list. This list is
436 re-applied when we do a globals reset, so that cmdline set options
437 are sticky across reloads of smb.conf
439 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
441 struct lp_stored_option *entry, *entry_next;
442 for (entry = stored_options; entry != NULL; entry = entry_next) {
443 entry_next = entry->next;
444 if (strcmp(pszParmName, entry->label) == 0) {
445 DLIST_REMOVE(stored_options, entry);
451 entry = talloc(NULL, struct lp_stored_option);
456 entry->label = talloc_strdup(entry, pszParmName);
462 entry->value = talloc_strdup(entry, pszParmValue);
468 DLIST_ADD_END(stored_options, entry);
473 static bool apply_lp_set_cmdline(void)
475 struct lp_stored_option *entry = NULL;
476 for (entry = stored_options; entry != NULL; entry = entry->next) {
477 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
478 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
479 entry->label, entry->value));
486 /***************************************************************************
487 Initialise the global parameter structure.
488 ***************************************************************************/
490 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
492 static bool done_init = false;
496 /* If requested to initialize only once and we've already done it... */
497 if (!reinit_globals && done_init) {
498 /* ... then we have nothing more to do */
503 /* The logfile can be set before this is invoked. Free it if so. */
504 lpcfg_string_free(&Globals.logfile);
507 free_global_parameters();
510 /* This memset and the free_global_parameters() above will
511 * wipe out smb.conf options set with lp_set_cmdline(). The
512 * apply_lp_set_cmdline() call puts these values back in the
513 * table once the defaults are set */
514 ZERO_STRUCT(Globals);
516 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
518 /* Initialize the flags list if necessary */
519 if (flags_list == NULL) {
523 for (i = 0; parm_table[i].label; i++) {
524 if ((parm_table[i].type == P_STRING ||
525 parm_table[i].type == P_USTRING))
529 (char **)lp_parm_ptr(NULL, &parm_table[i]),
535 lpcfg_string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
536 lpcfg_string_set(Globals.ctx, &sDefault.printjob_username, "%U");
538 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
540 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
542 DEBUG(3, ("Initialising global parameters\n"));
544 /* Must manually force to upper case here, as this does not go via the handler */
545 lpcfg_string_set(Globals.ctx, &Globals.netbios_name,
548 lpcfg_string_set(Globals.ctx, &Globals.smb_passwd_file,
549 get_dyn_SMB_PASSWD_FILE());
550 lpcfg_string_set(Globals.ctx, &Globals.private_dir,
551 get_dyn_PRIVATE_DIR());
553 /* use the new 'hash2' method by default, with a prefix of 1 */
554 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, "hash2");
555 Globals.mangle_prefix = 1;
557 lpcfg_string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
559 /* using UTF8 by default allows us to support all chars */
560 lpcfg_string_set(Globals.ctx, &Globals.unix_charset,
561 DEFAULT_UNIX_CHARSET);
563 /* Use codepage 850 as a default for the dos character set */
564 lpcfg_string_set(Globals.ctx, &Globals.dos_charset,
565 DEFAULT_DOS_CHARSET);
568 * Allow the default PASSWD_CHAT to be overridden in local.h.
570 lpcfg_string_set(Globals.ctx, &Globals.passwd_chat,
571 DEFAULT_PASSWD_CHAT);
573 lpcfg_string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
575 lpcfg_string_set(Globals.ctx, &Globals.passwd_program, "");
576 lpcfg_string_set(Globals.ctx, &Globals.lock_directory,
578 lpcfg_string_set(Globals.ctx, &Globals.state_directory,
580 lpcfg_string_set(Globals.ctx, &Globals.cache_directory,
582 lpcfg_string_set(Globals.ctx, &Globals.pid_directory,
584 lpcfg_string_set(Globals.ctx, &Globals.nbt_client_socket_address,
587 * By default support explicit binding to broadcast
590 Globals.nmbd_bind_explicit_broadcast = true;
592 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
594 smb_panic("init_globals: ENOMEM");
596 lpcfg_string_set(Globals.ctx, &Globals.server_string, s);
599 lpcfg_string_set(Globals.ctx, &Globals.panic_action,
600 "/bin/sleep 999999999");
603 lpcfg_string_set(Globals.ctx, &Globals.socket_options,
604 DEFAULT_SOCKET_OPTIONS);
606 lpcfg_string_set(Globals.ctx, &Globals.logon_drive, "");
607 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
608 lpcfg_string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
609 lpcfg_string_set(Globals.ctx, &Globals.logon_path,
610 "\\\\%N\\%U\\profile");
612 Globals.name_resolve_order = str_list_make_v3_const(NULL, "lmhosts wins host bcast", NULL);
613 lpcfg_string_set(Globals.ctx, &Globals.password_server, "*");
615 Globals.algorithmic_rid_base = BASE_RID;
617 Globals.load_printers = true;
618 Globals.printcap_cache_time = 750; /* 12.5 minutes */
620 Globals.config_backend = config_backend;
621 Globals._server_role = ROLE_AUTO;
623 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
624 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
625 Globals.max_xmit = 0x4104;
626 Globals.max_mux = 50; /* This is *needed* for profile support. */
627 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
628 Globals._disable_spoolss = false;
629 Globals.max_smbd_processes = 0;/* no limit specified */
630 Globals.username_level = 0;
631 Globals.deadtime = 0;
632 Globals.getwd_cache = true;
633 Globals.large_readwrite = true;
634 Globals.max_log_size = 5000;
635 Globals.max_open_files = max_open_files();
636 Globals.server_max_protocol = PROTOCOL_SMB3_11;
637 Globals.server_min_protocol = PROTOCOL_LANMAN1;
638 Globals._client_max_protocol = PROTOCOL_DEFAULT;
639 Globals.client_min_protocol = PROTOCOL_CORE;
640 Globals._client_ipc_max_protocol = PROTOCOL_DEFAULT;
641 Globals._client_ipc_min_protocol = PROTOCOL_DEFAULT;
642 Globals._security = SEC_AUTO;
643 Globals.encrypt_passwords = true;
644 Globals.client_schannel = Auto;
645 Globals.winbind_sealed_pipes = true;
646 Globals.require_strong_key = true;
647 Globals.server_schannel = Auto;
648 Globals.read_raw = true;
649 Globals.write_raw = true;
650 Globals.null_passwords = false;
651 Globals.old_password_allowed_period = 60;
652 Globals.obey_pam_restrictions = false;
654 Globals.syslog_only = false;
655 Globals.timestamp_logs = true;
656 lpcfg_string_set(Globals.ctx, &Globals.log_level, "0");
657 Globals.debug_prefix_timestamp = false;
658 Globals.debug_hires_timestamp = true;
659 Globals.debug_pid = false;
660 Globals.debug_uid = false;
661 Globals.debug_class = false;
662 Globals.enable_core_files = true;
663 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
664 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
665 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
666 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
667 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
668 Globals.lm_interval = 60;
669 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
670 Globals.nis_homedir = false;
671 #ifdef WITH_NISPLUS_HOME
672 lpcfg_string_set(Globals.ctx, &Globals.homedir_map,
673 "auto_home.org_dir");
675 lpcfg_string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
678 Globals.time_server = false;
679 Globals.bind_interfaces_only = false;
680 Globals.unix_password_sync = false;
681 Globals.pam_password_change = false;
682 Globals.passwd_chat_debug = false;
683 Globals.passwd_chat_timeout = 2; /* 2 second default. */
684 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
685 Globals.nt_status_support = true; /* Use NT status by default. */
686 Globals.smbd_profiling_level = 0;
687 Globals.stat_cache = true; /* use stat cache by default */
688 Globals.max_stat_cache_size = 256; /* 256k by default */
689 Globals.restrict_anonymous = 0;
690 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
691 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
692 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
693 Globals.ntlm_auth = false; /* Do NOT use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
694 Globals.raw_ntlmv2_auth = false; /* Reject NTLMv2 without NTLMSSP */
695 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
696 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
698 Globals.allow_dcerpc_auth_level_connect = false; /* we don't allow this by default */
700 Globals.map_to_guest = 0; /* By Default, "Never" */
701 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
702 Globals.enhanced_browsing = true;
703 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
704 #ifdef MMAP_BLACKLIST
705 Globals.use_mmap = false;
707 Globals.use_mmap = true;
709 Globals.unicode = true;
710 Globals.unix_extensions = true;
711 Globals.reset_on_zero_vc = false;
712 Globals.log_writeable_files_on_exit = false;
713 Globals.create_krb5_conf = true;
714 Globals._winbind_max_domain_connections = 1;
716 /* hostname lookups can be very expensive and are broken on
717 a large number of sites (tridge) */
718 Globals.hostname_lookups = false;
720 Globals.change_notify = true,
721 Globals.kernel_change_notify = true,
723 lpcfg_string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
724 lpcfg_string_set(Globals.ctx, &Globals.ldap_suffix, "");
725 lpcfg_string_set(Globals.ctx, &Globals._ldap_machine_suffix, "");
726 lpcfg_string_set(Globals.ctx, &Globals._ldap_user_suffix, "");
727 lpcfg_string_set(Globals.ctx, &Globals._ldap_group_suffix, "");
728 lpcfg_string_set(Globals.ctx, &Globals._ldap_idmap_suffix, "");
730 lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
731 Globals.ldap_ssl = LDAP_SSL_START_TLS;
732 Globals.ldap_ssl_ads = false;
733 Globals.ldap_deref = -1;
734 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
735 Globals.ldap_delete_dn = false;
736 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
737 Globals.ldap_follow_referral = Auto;
738 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
739 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
740 Globals.ldap_page_size = LDAP_PAGE_SIZE;
742 Globals.ldap_debug_level = 0;
743 Globals.ldap_debug_threshold = 10;
745 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
747 Globals.ldap_server_require_strong_auth =
748 LDAP_SERVER_REQUIRE_STRONG_AUTH_YES;
750 /* This is what we tell the afs client. in reality we set the token
751 * to never expire, though, when this runs out the afs client will
752 * forget the token. Set to 0 to get NEVERDATE.*/
753 Globals.afs_token_lifetime = 604800;
754 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
756 /* these parameters are set to defaults that are more appropriate
757 for the increasing samba install base:
759 as a member of the workgroup, that will possibly become a
760 _local_ master browser (lm = true). this is opposed to a forced
761 local master browser startup (pm = true).
763 doesn't provide WINS server service by default (wsupp = false),
764 and doesn't provide domain master browser services by default, either.
768 Globals.show_add_printer_wizard = true;
769 Globals.os_level = 20;
770 Globals.local_master = true;
771 Globals._domain_master = Auto; /* depending on _domain_logons */
772 Globals._domain_logons = false;
773 Globals.browse_list = true;
774 Globals.we_are_a_wins_server = false;
775 Globals.wins_proxy = false;
777 TALLOC_FREE(Globals.init_logon_delayed_hosts);
778 Globals.init_logon_delay = 100; /* 100 ms default delay */
780 Globals.wins_dns_proxy = true;
782 Globals.allow_trusted_domains = true;
783 lpcfg_string_set(Globals.ctx, &Globals.idmap_backend, "tdb");
785 lpcfg_string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
786 lpcfg_string_set(Globals.ctx, &Globals.template_homedir,
788 lpcfg_string_set(Globals.ctx, &Globals.winbind_separator, "\\");
789 lpcfg_string_set(Globals.ctx, &Globals.winbindd_socket_directory,
790 dyn_WINBINDD_SOCKET_DIR);
792 lpcfg_string_set(Globals.ctx, &Globals.cups_server, "");
793 lpcfg_string_set(Globals.ctx, &Globals.iprint_server, "");
795 lpcfg_string_set(Globals.ctx, &Globals._ctdbd_socket, "");
797 Globals.cluster_addresses = NULL;
798 Globals.clustering = false;
799 Globals.ctdb_timeout = 0;
800 Globals.ctdb_locktime_warn_threshold = 0;
802 Globals.winbind_cache_time = 300; /* 5 minutes */
803 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
804 Globals.winbind_request_timeout = 60; /* 60 seconds */
805 Globals.winbind_max_clients = 200;
806 Globals.winbind_enum_users = false;
807 Globals.winbind_enum_groups = false;
808 Globals.winbind_use_default_domain = false;
809 Globals.winbind_trusted_domains_only = false;
810 Globals.winbind_nested_groups = true;
811 Globals.winbind_expand_groups = 0;
812 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
813 Globals.winbind_refresh_tickets = false;
814 Globals.winbind_offline_logon = false;
816 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
817 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
819 Globals.passdb_expand_explicit = false;
821 Globals.name_cache_timeout = 660; /* In seconds */
823 Globals.use_spnego = true;
824 Globals.client_use_spnego = true;
826 Globals.client_signing = SMB_SIGNING_DEFAULT;
827 Globals._client_ipc_signing = SMB_SIGNING_DEFAULT;
828 Globals.server_signing = SMB_SIGNING_DEFAULT;
830 Globals.defer_sharing_violations = true;
831 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
833 Globals.enable_privileges = true;
834 Globals.host_msdfs = true;
835 Globals.enable_asu_support = false;
837 /* User defined shares. */
838 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
840 smb_panic("init_globals: ENOMEM");
842 lpcfg_string_set(Globals.ctx, &Globals.usershare_path, s);
844 lpcfg_string_set(Globals.ctx, &Globals.usershare_template_share, "");
845 Globals.usershare_max_shares = 0;
846 /* By default disallow sharing of directories not owned by the sharer. */
847 Globals.usershare_owner_only = true;
848 /* By default disallow guest access to usershares. */
849 Globals.usershare_allow_guests = false;
851 Globals.keepalive = DEFAULT_KEEPALIVE;
853 /* By default no shares out of the registry */
854 Globals.registry_shares = false;
856 Globals.min_receivefile_size = 0;
858 Globals.map_untrusted_to_domain = false;
859 Globals.multicast_dns_register = true;
861 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
862 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
863 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
864 Globals.smb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
865 Globals.smb2_leases = true;
867 lpcfg_string_set(Globals.ctx, &Globals.ncalrpc_dir,
868 get_dyn_NCALRPCDIR());
870 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
872 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
874 Globals.tls_enabled = true;
875 Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
877 lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
878 lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
879 lpcfg_string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
880 lpcfg_string_set(Globals.ctx, &Globals.tls_priority,
881 "NORMAL:-VERS-SSL3.0");
883 lpcfg_string_set(Globals.ctx, &Globals.share_backend, "classic");
885 Globals._preferred_master = Auto;
887 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
889 lpcfg_string_set(Globals.ctx, &Globals.ntp_signd_socket_directory,
890 get_dyn_NTP_SIGND_SOCKET_DIR());
892 lpcfg_string_set(Globals.ctx,
893 &Globals.winbindd_privileged_socket_directory,
894 get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
896 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
898 smb_panic("init_globals: ENOMEM");
900 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
903 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
905 smb_panic("init_globals: ENOMEM");
907 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
910 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
912 smb_panic("init_globals: ENOMEM");
914 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
917 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
919 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
921 Globals.cldap_port = 389;
923 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
925 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
927 Globals.krb5_port = 88;
929 Globals.kpasswd_port = 464;
931 Globals.web_port = 901;
933 Globals.aio_max_threads = 100;
935 /* Now put back the settings that were set with lp_set_cmdline() */
936 apply_lp_set_cmdline();
939 /* Convenience routine to setup an lp_context with additional s3 variables */
940 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
942 struct loadparm_context *lp_ctx;
944 lp_ctx = loadparm_init_s3(mem_ctx,
945 loadparm_s3_helpers());
946 if (lp_ctx == NULL) {
947 DEBUG(0, ("loadparm_init_s3 failed\n"));
951 lp_ctx->sDefault = &sDefault;
952 lp_ctx->services = NULL; /* We do not want to access this directly */
953 lp_ctx->bInGlobalSection = bInGlobalSection;
954 lp_ctx->flags = flags_list;
959 /*******************************************************************
960 Convenience routine to grab string parameters into talloced memory
961 and run standard_sub_basic on them. The buffers can be written to by
962 callers without affecting the source string.
963 ********************************************************************/
965 char *lp_string(TALLOC_CTX *ctx, const char *s)
969 /* The follow debug is useful for tracking down memory problems
970 especially if you have an inner loop that is calling a lp_*()
971 function that returns a string. Perhaps this debug should be
972 present all the time? */
975 DEBUG(10, ("lp_string(%s)\n", s));
981 ret = talloc_sub_basic(ctx,
982 get_current_username(),
983 current_user_info.domain,
985 if (trim_char(ret, '\"', '\"')) {
986 if (strchr(ret,'\"') != NULL) {
988 ret = talloc_sub_basic(ctx,
989 get_current_username(),
990 current_user_info.domain,
998 In this section all the functions that are used to access the
999 parameters from the rest of the program are defined
1002 #define FN_GLOBAL_STRING(fn_name,ptr) \
1003 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1004 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1005 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1006 #define FN_GLOBAL_LIST(fn_name,ptr) \
1007 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1008 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1009 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1010 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1011 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1012 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1013 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1015 #define FN_LOCAL_STRING(fn_name,val) \
1016 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1017 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1018 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1019 #define FN_LOCAL_LIST(fn_name,val) \
1020 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1021 #define FN_LOCAL_BOOL(fn_name,val) \
1022 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1023 #define FN_LOCAL_INTEGER(fn_name,val) \
1024 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1026 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1027 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1028 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1029 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1030 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1031 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1033 int lp_winbind_max_domain_connections(void)
1035 if (lp_winbind_offline_logon() &&
1036 lp__winbind_max_domain_connections() > 1) {
1037 DEBUG(1, ("offline logons active, restricting max domain "
1038 "connections to 1\n"));
1041 return MAX(1, lp__winbind_max_domain_connections());
1044 /* These functions remain in source3/param for now */
1046 #include "lib/param/param_functions.c"
1048 FN_LOCAL_STRING(servicename, szService)
1049 FN_LOCAL_CONST_STRING(const_servicename, szService)
1051 /* These functions cannot be auto-generated */
1052 FN_LOCAL_BOOL(autoloaded, autoloaded)
1053 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1055 /* local prototypes */
1057 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1058 static const char *get_boolean(bool bool_value);
1059 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1061 static bool hash_a_service(const char *name, int number);
1062 static void free_service_byindex(int iService);
1063 static void show_parameter(int parmIndex);
1064 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1065 static bool lp_parameter_value_is_valid(const char *parm_name, const char *val);
1068 * This is a helper function for parametrical options support. It returns a
1069 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1070 * parametrical functions are quite simple
1072 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1075 if (snum >= iNumServices) return NULL;
1078 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1080 return get_parametric_helper(ServicePtrs[snum],
1081 type, option, Globals.param_opt);
1085 static void discard_whitespace(char *str)
1087 size_t len = strlen(str);
1091 if (isspace(str[i])) {
1092 memmove(&str[i], &str[i+1], len-i);
1101 * @brief Go through all global parametric parameters
1103 * @param regex_str A regular expression to scan param for
1104 * @param max_matches Max number of submatches the regexp expects
1105 * @param cb Function to call on match. Should return true
1106 * when it wants wi_scan_global_parametrics to stop
1108 * @param private_data Anonymous pointer passed to cb
1110 * @return 0: success, regcomp/regexec return value on error.
1111 * See "man regexec" for possible errors
1114 int lp_wi_scan_global_parametrics(
1115 const char *regex_str, size_t max_matches,
1116 bool (*cb)(const char *string, regmatch_t matches[],
1117 void *private_data),
1120 struct parmlist_entry *data;
1124 ret = regcomp(®ex, regex_str, REG_ICASE);
1129 for (data = Globals.param_opt; data != NULL; data = data->next) {
1130 size_t keylen = strlen(data->key);
1132 regmatch_t matches[max_matches];
1135 memcpy(key, data->key, sizeof(key));
1136 discard_whitespace(key);
1138 ret = regexec(®ex, key, max_matches, matches, 0);
1139 if (ret == REG_NOMATCH) {
1146 stop = cb(key, matches, private_data);
1159 #define MISSING_PARAMETER(name) \
1160 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1162 /*******************************************************************
1163 convenience routine to return enum parameters.
1164 ********************************************************************/
1165 static int lp_enum(const char *s,const struct enum_list *_enum)
1169 if (!s || !*s || !_enum) {
1170 MISSING_PARAMETER(lp_enum);
1174 for (i=0; _enum[i].name; i++) {
1175 if (strequal(_enum[i].name,s))
1176 return _enum[i].value;
1179 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1183 #undef MISSING_PARAMETER
1185 /* Return parametric option from a given service. Type is a part of option before ':' */
1186 /* Parametric option has following syntax: 'Type: option = value' */
1187 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1189 struct parmlist_entry *data = get_parametrics(snum, type, option);
1191 if (data == NULL||data->value==NULL) {
1193 return lp_string(ctx, def);
1199 return lp_string(ctx, data->value);
1202 /* Return parametric option from a given service. Type is a part of option before ':' */
1203 /* Parametric option has following syntax: 'Type: option = value' */
1204 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1206 struct parmlist_entry *data = get_parametrics(snum, type, option);
1208 if (data == NULL||data->value==NULL)
1215 /* Return parametric option from a given service. Type is a part of option before ':' */
1216 /* Parametric option has following syntax: 'Type: option = value' */
1218 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1220 struct parmlist_entry *data = get_parametrics(snum, type, option);
1222 if (data == NULL||data->value==NULL)
1223 return (const char **)def;
1225 if (data->list==NULL) {
1226 data->list = str_list_make_v3(NULL, data->value, NULL);
1229 return discard_const_p(const char *, data->list);
1232 /* Return parametric option from a given service. Type is a part of option before ':' */
1233 /* Parametric option has following syntax: 'Type: option = value' */
1235 int lp_parm_int(int snum, const char *type, const char *option, int def)
1237 struct parmlist_entry *data = get_parametrics(snum, type, option);
1239 if (data && data->value && *data->value)
1240 return lp_int(data->value);
1245 /* Return parametric option from a given service. Type is a part of option before ':' */
1246 /* Parametric option has following syntax: 'Type: option = value' */
1248 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1250 struct parmlist_entry *data = get_parametrics(snum, type, option);
1252 if (data && data->value && *data->value)
1253 return lp_ulong(data->value);
1258 /* Return parametric option from a given service. Type is a part of option before ':' */
1259 /* Parametric option has following syntax: 'Type: option = value' */
1261 unsigned long long lp_parm_ulonglong(int snum, const char *type,
1262 const char *option, unsigned long long def)
1264 struct parmlist_entry *data = get_parametrics(snum, type, option);
1266 if (data && data->value && *data->value) {
1267 return lp_ulonglong(data->value);
1273 /* Return parametric option from a given service. Type is a part of option
1275 /* Parametric option has following syntax: 'Type: option = value' */
1277 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1279 struct parmlist_entry *data = get_parametrics(snum, type, option);
1281 if (data && data->value && *data->value)
1282 return lp_bool(data->value);
1287 /* Return parametric option from a given service. Type is a part of option before ':' */
1288 /* Parametric option has following syntax: 'Type: option = value' */
1290 int lp_parm_enum(int snum, const char *type, const char *option,
1291 const struct enum_list *_enum, int def)
1293 struct parmlist_entry *data = get_parametrics(snum, type, option);
1295 if (data && data->value && *data->value && _enum)
1296 return lp_enum(data->value, _enum);
1302 * free a param_opts structure.
1303 * param_opts handling should be moved to talloc;
1304 * then this whole functions reduces to a TALLOC_FREE().
1307 static void free_param_opts(struct parmlist_entry **popts)
1309 struct parmlist_entry *opt, *next_opt;
1311 if (*popts != NULL) {
1312 DEBUG(5, ("Freeing parametrics:\n"));
1315 while (opt != NULL) {
1316 lpcfg_string_free(&opt->key);
1317 lpcfg_string_free(&opt->value);
1318 TALLOC_FREE(opt->list);
1319 next_opt = opt->next;
1326 /***************************************************************************
1327 Free the dynamically allocated parts of a service struct.
1328 ***************************************************************************/
1330 static void free_service(struct loadparm_service *pservice)
1335 if (pservice->szService)
1336 DEBUG(5, ("free_service: Freeing service %s\n",
1337 pservice->szService));
1339 free_parameters(pservice);
1341 lpcfg_string_free(&pservice->szService);
1342 TALLOC_FREE(pservice->copymap);
1344 free_param_opts(&pservice->param_opt);
1346 ZERO_STRUCTP(pservice);
1350 /***************************************************************************
1351 remove a service indexed in the ServicePtrs array from the ServiceHash
1352 and free the dynamically allocated parts
1353 ***************************************************************************/
1355 static void free_service_byindex(int idx)
1357 if ( !LP_SNUM_OK(idx) )
1360 ServicePtrs[idx]->valid = false;
1362 /* we have to cleanup the hash record */
1364 if (ServicePtrs[idx]->szService) {
1365 char *canon_name = canonicalize_servicename(
1367 ServicePtrs[idx]->szService );
1369 dbwrap_delete_bystring(ServiceHash, canon_name );
1370 TALLOC_FREE(canon_name);
1373 free_service(ServicePtrs[idx]);
1374 TALLOC_FREE(ServicePtrs[idx]);
1377 /***************************************************************************
1378 Add a new service to the services array initialising it with the given
1380 ***************************************************************************/
1382 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1385 struct loadparm_service **tsp = NULL;
1387 /* it might already exist */
1389 i = getservicebyname(name, NULL);
1395 /* Re use empty slots if any before allocating new one.*/
1396 for (i=0; i < iNumServices; i++) {
1397 if (ServicePtrs[i] == NULL) {
1401 if (i == iNumServices) {
1402 /* if not, then create one */
1403 tsp = talloc_realloc(NULL, ServicePtrs,
1404 struct loadparm_service *,
1407 DEBUG(0, ("add_a_service: failed to enlarge "
1414 ServicePtrs[i] = talloc_zero(ServicePtrs, struct loadparm_service);
1415 if (!ServicePtrs[i]) {
1416 DEBUG(0,("add_a_service: out of memory!\n"));
1420 ServicePtrs[i]->valid = true;
1422 copy_service(ServicePtrs[i], pservice, NULL);
1424 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->szService,
1427 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1428 i, ServicePtrs[i]->szService));
1430 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1437 /***************************************************************************
1438 Convert a string to uppercase and remove whitespaces.
1439 ***************************************************************************/
1441 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1446 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1450 result = talloc_strdup(ctx, src);
1451 SMB_ASSERT(result != NULL);
1453 if (!strlower_m(result)) {
1454 TALLOC_FREE(result);
1460 /***************************************************************************
1461 Add a name/index pair for the services array to the hash table.
1462 ***************************************************************************/
1464 static bool hash_a_service(const char *name, int idx)
1468 if ( !ServiceHash ) {
1469 DEBUG(10,("hash_a_service: creating servicehash\n"));
1470 ServiceHash = db_open_rbt(NULL);
1471 if ( !ServiceHash ) {
1472 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1477 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1480 canon_name = canonicalize_servicename(talloc_tos(), name );
1482 dbwrap_store_bystring(ServiceHash, canon_name,
1483 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1486 TALLOC_FREE(canon_name);
1491 /***************************************************************************
1492 Add a new home service, with the specified home directory, defaults coming
1494 ***************************************************************************/
1496 bool lp_add_home(const char *pszHomename, int iDefaultService,
1497 const char *user, const char *pszHomedir)
1501 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1502 pszHomedir[0] == '\0') {
1506 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1511 if (!(*(ServicePtrs[iDefaultService]->path))
1512 || strequal(ServicePtrs[iDefaultService]->path,
1513 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1514 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
1518 if (!(*(ServicePtrs[i]->comment))) {
1519 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1520 if (comment == NULL) {
1523 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment,
1525 TALLOC_FREE(comment);
1528 /* set the browseable flag from the global default */
1530 ServicePtrs[i]->browseable = sDefault.browseable;
1531 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1533 ServicePtrs[i]->autoloaded = true;
1535 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1536 user, ServicePtrs[i]->path ));
1541 /***************************************************************************
1542 Add a new service, based on an old one.
1543 ***************************************************************************/
1545 int lp_add_service(const char *pszService, int iDefaultService)
1547 if (iDefaultService < 0) {
1548 return add_a_service(&sDefault, pszService);
1551 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1554 /***************************************************************************
1555 Add the IPC service.
1556 ***************************************************************************/
1558 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1560 char *comment = NULL;
1561 int i = add_a_service(&sDefault, ipc_name);
1566 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1567 Globals.server_string);
1568 if (comment == NULL) {
1572 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1573 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1574 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1575 ServicePtrs[i]->max_connections = 0;
1576 ServicePtrs[i]->available = true;
1577 ServicePtrs[i]->read_only = true;
1578 ServicePtrs[i]->guest_only = false;
1579 ServicePtrs[i]->administrative_share = true;
1580 ServicePtrs[i]->guest_ok = guest_ok;
1581 ServicePtrs[i]->printable = false;
1582 ServicePtrs[i]->browseable = sDefault.browseable;
1583 ServicePtrs[i]->autoloaded = true;
1585 DEBUG(3, ("adding IPC service\n"));
1587 TALLOC_FREE(comment);
1591 /***************************************************************************
1592 Add a new printer service, with defaults coming from service iFrom.
1593 ***************************************************************************/
1595 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1597 const char *comment = "From Printcap";
1598 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1603 /* note that we do NOT default the availability flag to true - */
1604 /* we take it from the default service passed. This allows all */
1605 /* dynamic printers to be disabled by disabling the [printers] */
1606 /* entry (if/when the 'available' keyword is implemented!). */
1608 /* the printer name is set to the service name. */
1609 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->_printername,
1611 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1613 /* set the browseable flag from the gloabl default */
1614 ServicePtrs[i]->browseable = sDefault.browseable;
1616 /* Printers cannot be read_only. */
1617 ServicePtrs[i]->read_only = false;
1618 /* No oplocks on printer services. */
1619 ServicePtrs[i]->oplocks = false;
1620 /* Printer services must be printable. */
1621 ServicePtrs[i]->printable = true;
1623 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1629 /***************************************************************************
1630 Check whether the given parameter name is valid.
1631 Parametric options (names containing a colon) are considered valid.
1632 ***************************************************************************/
1634 bool lp_parameter_is_valid(const char *pszParmName)
1636 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1637 (strchr(pszParmName, ':') != NULL));
1640 /***************************************************************************
1641 Check whether the given name is the name of a global parameter.
1642 Returns true for strings belonging to parameters of class
1643 P_GLOBAL, false for all other strings, also for parametric options
1644 and strings not belonging to any option.
1645 ***************************************************************************/
1647 bool lp_parameter_is_global(const char *pszParmName)
1649 int num = lpcfg_map_parameter(pszParmName);
1652 return (parm_table[num].p_class == P_GLOBAL);
1658 /**************************************************************************
1659 Determine the canonical name for a parameter.
1660 Indicate when it is an inverse (boolean) synonym instead of a
1662 **************************************************************************/
1664 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1669 if (!lp_parameter_is_valid(parm_name)) {
1674 num = map_parameter_canonical(parm_name, inverse);
1676 /* parametric option */
1677 *canon_parm = parm_name;
1679 *canon_parm = parm_table[num].label;
1686 /**************************************************************************
1687 Determine the canonical name for a parameter.
1688 Turn the value given into the inverse boolean expression when
1689 the synonym is an invers boolean synonym.
1692 - parm_name is a valid parameter name and
1693 - val is a valid value for this parameter and
1694 - in case the parameter is an inverse boolean synonym, if the val
1695 string could successfully be converted to the reverse bool.
1696 Return false in all other cases.
1697 **************************************************************************/
1699 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1701 const char **canon_parm,
1702 const char **canon_val)
1708 if (!lp_parameter_is_valid(parm_name)) {
1714 num = map_parameter_canonical(parm_name, &inverse);
1716 /* parametric option */
1717 *canon_parm = parm_name;
1722 *canon_parm = parm_table[num].label;
1724 if (!lp_invert_boolean(val, canon_val)) {
1732 ret = lp_parameter_value_is_valid(*canon_parm, *canon_val);
1737 /***************************************************************************
1738 Map a parameter's string representation to the index of the canonical
1739 form of the parameter (it might be a synonym).
1740 Returns -1 if the parameter string is not recognised.
1741 ***************************************************************************/
1743 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1745 int parm_num, canon_num;
1746 bool loc_inverse = false;
1748 parm_num = lpcfg_map_parameter(pszParmName);
1749 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1750 /* invalid, parametric or no canidate for synonyms ... */
1754 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1755 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1756 parm_num = canon_num;
1762 if (inverse != NULL) {
1763 *inverse = loc_inverse;
1768 /***************************************************************************
1769 return true if parameter number parm1 is a synonym of parameter
1770 number parm2 (parm2 being the principal name).
1771 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1773 ***************************************************************************/
1775 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1777 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1778 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1779 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1780 !(parm_table[parm2].flags & FLAG_SYNONYM))
1782 if (inverse != NULL) {
1783 if ((parm_table[parm1].type == P_BOOLREV) &&
1784 (parm_table[parm2].type == P_BOOL))
1796 /***************************************************************************
1797 Show one parameter's name, type, [values,] and flags.
1798 (helper functions for show_parameter_list)
1799 ***************************************************************************/
1801 static void show_parameter(int parmIndex)
1803 int enumIndex, flagIndex;
1808 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1809 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1810 "P_ENUM", "P_BYTES", "P_CMDLIST" };
1811 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1812 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1814 printf("%s=%s", parm_table[parmIndex].label,
1815 type[parm_table[parmIndex].type]);
1816 if (parm_table[parmIndex].type == P_ENUM) {
1819 parm_table[parmIndex].enum_list[enumIndex].name;
1823 enumIndex ? "|" : "",
1824 parm_table[parmIndex].enum_list[enumIndex].name);
1829 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1830 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1833 flag_names[flagIndex]);
1838 /* output synonyms */
1840 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1841 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1842 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1843 parm_table[parmIndex2].label);
1844 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1846 printf(" (synonyms: ");
1851 printf("%s%s", parm_table[parmIndex2].label,
1852 inverse ? "[i]" : "");
1863 * Check the value for a P_ENUM
1865 static bool check_enum_parameter(struct parm_struct *parm, const char *value)
1869 for (i = 0; parm->enum_list[i].name; i++) {
1870 if (strwicmp(value, parm->enum_list[i].name) == 0) {
1877 /**************************************************************************
1878 Check whether the given value is valid for the given parameter name.
1879 **************************************************************************/
1881 static bool lp_parameter_value_is_valid(const char *parm_name, const char *val)
1883 bool ret = false, tmp_bool;
1884 int num = lpcfg_map_parameter(parm_name), tmp_int;
1885 uint64_t tmp_int64 = 0;
1886 struct parm_struct *parm;
1888 /* parametric options (parameter names containing a colon) cannot
1889 be checked and are therefore considered valid. */
1890 if (strchr(parm_name, ':') != NULL) {
1895 parm = &parm_table[num];
1896 switch (parm->type) {
1899 ret = set_boolean(val, &tmp_bool);
1903 ret = (sscanf(val, "%d", &tmp_int) == 1);
1907 ret = (sscanf(val, "%o", &tmp_int) == 1);
1911 ret = check_enum_parameter(parm, val);
1915 if (conv_str_size_error(val, &tmp_int64) &&
1916 tmp_int64 <= INT_MAX) {
1933 /***************************************************************************
1934 Show all parameter's name, type, [values,] and flags.
1935 ***************************************************************************/
1937 void show_parameter_list(void)
1939 int classIndex, parmIndex;
1940 const char *section_names[] = { "local", "global", NULL};
1942 for (classIndex=0; section_names[classIndex]; classIndex++) {
1943 printf("[%s]\n", section_names[classIndex]);
1944 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1945 if (parm_table[parmIndex].p_class == classIndex) {
1946 show_parameter(parmIndex);
1952 /***************************************************************************
1953 Get the standard string representation of a boolean value ("yes" or "no")
1954 ***************************************************************************/
1956 static const char *get_boolean(bool bool_value)
1958 static const char *yes_str = "yes";
1959 static const char *no_str = "no";
1961 return (bool_value ? yes_str : no_str);
1964 /***************************************************************************
1965 Provide the string of the negated boolean value associated to the boolean
1966 given as a string. Returns false if the passed string does not correctly
1967 represent a boolean.
1968 ***************************************************************************/
1970 bool lp_invert_boolean(const char *str, const char **inverse_str)
1974 if (!set_boolean(str, &val)) {
1978 *inverse_str = get_boolean(!val);
1982 /***************************************************************************
1983 Provide the canonical string representation of a boolean value given
1984 as a string. Return true on success, false if the string given does
1985 not correctly represent a boolean.
1986 ***************************************************************************/
1988 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1992 if (!set_boolean(str, &val)) {
1996 *canon_str = get_boolean(val);
2000 /***************************************************************************
2001 Find a service by name. Otherwise works like get_service.
2002 ***************************************************************************/
2004 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
2011 if (ServiceHash == NULL) {
2015 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
2017 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
2020 if (NT_STATUS_IS_OK(status) &&
2021 (data.dptr != NULL) &&
2022 (data.dsize == sizeof(iService)))
2024 memcpy(&iService, data.dptr, sizeof(iService));
2027 TALLOC_FREE(canon_name);
2029 if ((iService != -1) && (LP_SNUM_OK(iService))
2030 && (pserviceDest != NULL)) {
2031 copy_service(pserviceDest, ServicePtrs[iService], NULL);
2037 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
2038 struct loadparm_service *lp_service(const char *pszServiceName)
2040 int iService = getservicebyname(pszServiceName, NULL);
2041 if (iService == -1 || !LP_SNUM_OK(iService)) {
2044 return ServicePtrs[iService];
2047 struct loadparm_service *lp_servicebynum(int snum)
2049 if ((snum == -1) || !LP_SNUM_OK(snum)) {
2052 return ServicePtrs[snum];
2055 struct loadparm_service *lp_default_loadparm_service()
2060 static struct smbconf_ctx *lp_smbconf_ctx(void)
2063 static struct smbconf_ctx *conf_ctx = NULL;
2065 if (conf_ctx == NULL) {
2066 err = smbconf_init(NULL, &conf_ctx, "registry:");
2067 if (!SBC_ERROR_IS_OK(err)) {
2068 DEBUG(1, ("error initializing registry configuration: "
2069 "%s\n", sbcErrorString(err)));
2077 static bool process_smbconf_service(struct smbconf_service *service)
2082 if (service == NULL) {
2086 ret = lp_do_section(service->name, NULL);
2090 for (count = 0; count < service->num_params; count++) {
2092 if (!bInGlobalSection && bGlobalOnly) {
2095 const char *pszParmName = service->param_names[count];
2096 const char *pszParmValue = service->param_values[count];
2098 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2100 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2101 pszParmName, pszParmValue);
2108 if (iServiceIndex >= 0) {
2109 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2115 * load a service from registry and activate it
2117 bool process_registry_service(const char *service_name)
2120 struct smbconf_service *service = NULL;
2121 TALLOC_CTX *mem_ctx = talloc_stackframe();
2122 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2125 if (conf_ctx == NULL) {
2129 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2131 if (!smbconf_share_exists(conf_ctx, service_name)) {
2133 * Registry does not contain data for this service (yet),
2134 * but make sure lp_load doesn't return false.
2140 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2141 if (!SBC_ERROR_IS_OK(err)) {
2145 ret = process_smbconf_service(service);
2151 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2154 TALLOC_FREE(mem_ctx);
2159 * process_registry_globals
2161 static bool process_registry_globals(void)
2165 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2167 if (!bInGlobalSection && bGlobalOnly) {
2170 const char *pszParmName = "registry shares";
2171 const char *pszParmValue = "yes";
2173 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2175 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2176 pszParmName, pszParmValue);
2183 return process_registry_service(GLOBAL_NAME);
2186 bool process_registry_shares(void)
2190 struct smbconf_service **service = NULL;
2191 uint32_t num_shares = 0;
2192 TALLOC_CTX *mem_ctx = talloc_stackframe();
2193 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2196 if (conf_ctx == NULL) {
2200 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2201 if (!SBC_ERROR_IS_OK(err)) {
2207 for (count = 0; count < num_shares; count++) {
2208 if (strequal(service[count]->name, GLOBAL_NAME)) {
2211 ret = process_smbconf_service(service[count]);
2218 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2221 TALLOC_FREE(mem_ctx);
2226 * reload those shares from registry that are already
2227 * activated in the services array.
2229 static bool reload_registry_shares(void)
2234 for (i = 0; i < iNumServices; i++) {
2239 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2243 ret = process_registry_service(ServicePtrs[i]->szService);
2254 #define MAX_INCLUDE_DEPTH 100
2256 static uint8_t include_depth;
2259 * Free the file lists
2261 static void free_file_list(void)
2263 struct file_lists *f;
2264 struct file_lists *next;
2277 * Utility function for outsiders to check if we're running on registry.
2279 bool lp_config_backend_is_registry(void)
2281 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2285 * Utility function to check if the config backend is FILE.
2287 bool lp_config_backend_is_file(void)
2289 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2292 /*******************************************************************
2293 Check if a config file has changed date.
2294 ********************************************************************/
2296 bool lp_file_list_changed(void)
2298 struct file_lists *f = file_lists;
2300 DEBUG(6, ("lp_file_list_changed()\n"));
2303 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2304 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2306 if (conf_ctx == NULL) {
2309 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2312 DEBUGADD(6, ("registry config changed\n"));
2319 n2 = talloc_sub_basic(talloc_tos(),
2320 get_current_username(),
2321 current_user_info.domain,
2326 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2327 f->name, n2, ctime(&f->modtime)));
2329 mod_time = file_modtime(n2);
2332 ((f->modtime != mod_time) ||
2333 (f->subfname == NULL) ||
2334 (strcmp(n2, f->subfname) != 0)))
2337 ("file %s modified: %s\n", n2,
2339 f->modtime = mod_time;
2340 TALLOC_FREE(f->subfname);
2341 f->subfname = talloc_strdup(f, n2);
2342 if (f->subfname == NULL) {
2343 smb_panic("talloc_strdup failed");
2357 * Initialize iconv conversion descriptors.
2359 * This is called the first time it is needed, and also called again
2360 * every time the configuration is reloaded, because the charset or
2361 * codepage might have changed.
2363 static void init_iconv(void)
2365 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2367 true, global_iconv_handle);
2370 /***************************************************************************
2371 Handle the include operation.
2372 ***************************************************************************/
2373 static bool bAllowIncludeRegistry = true;
2375 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2376 const char *pszParmValue, char **ptr)
2380 if (include_depth >= MAX_INCLUDE_DEPTH) {
2381 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2386 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2387 if (!bAllowIncludeRegistry) {
2390 if (lp_ctx->bInGlobalSection) {
2393 ret = process_registry_globals();
2397 DEBUG(1, ("\"include = registry\" only effective "
2398 "in %s section\n", GLOBAL_NAME));
2403 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2404 current_user_info.domain,
2407 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2409 if (service == NULL) {
2410 lpcfg_string_set(Globals.ctx, ptr, fname);
2412 lpcfg_string_set(service, ptr, fname);
2415 if (file_exist(fname)) {
2418 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2424 DEBUG(2, ("Can't find include file %s\n", fname));
2429 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2431 char *config_option = NULL;
2432 const char *range = NULL;
2435 SMB_ASSERT(low != NULL);
2436 SMB_ASSERT(high != NULL);
2438 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2442 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2444 if (config_option == NULL) {
2445 DEBUG(0, ("out of memory\n"));
2449 range = lp_parm_const_string(-1, config_option, "range", NULL);
2450 if (range == NULL) {
2451 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2455 if (sscanf(range, "%u - %u", low, high) != 2) {
2456 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2457 range, domain_name));
2464 talloc_free(config_option);
2469 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2471 return lp_idmap_range("*", low, high);
2474 const char *lp_idmap_backend(const char *domain_name)
2476 char *config_option = NULL;
2477 const char *backend = NULL;
2479 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2483 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2485 if (config_option == NULL) {
2486 DEBUG(0, ("out of memory\n"));
2490 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2491 if (backend == NULL) {
2492 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2497 talloc_free(config_option);
2501 const char *lp_idmap_default_backend(void)
2503 return lp_idmap_backend("*");
2506 /***************************************************************************
2507 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2508 ***************************************************************************/
2510 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2512 const char *suffix_string;
2514 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2515 Globals.ldap_suffix );
2516 if ( !suffix_string ) {
2517 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2521 return suffix_string;
2524 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2526 if (Globals._ldap_machine_suffix[0])
2527 return append_ldap_suffix(ctx, Globals._ldap_machine_suffix);
2529 return lp_string(ctx, Globals.ldap_suffix);
2532 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2534 if (Globals._ldap_user_suffix[0])
2535 return append_ldap_suffix(ctx, Globals._ldap_user_suffix);
2537 return lp_string(ctx, Globals.ldap_suffix);
2540 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2542 if (Globals._ldap_group_suffix[0])
2543 return append_ldap_suffix(ctx, Globals._ldap_group_suffix);
2545 return lp_string(ctx, Globals.ldap_suffix);
2548 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2550 if (Globals._ldap_idmap_suffix[0])
2551 return append_ldap_suffix(ctx, Globals._ldap_idmap_suffix);
2553 return lp_string(ctx, Globals.ldap_suffix);
2557 return the parameter pointer for a parameter
2559 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2561 if (service == NULL) {
2562 if (parm->p_class == P_LOCAL)
2563 return (void *)(((char *)&sDefault)+parm->offset);
2564 else if (parm->p_class == P_GLOBAL)
2565 return (void *)(((char *)&Globals)+parm->offset);
2568 return (void *)(((char *)service) + parm->offset);
2572 /***************************************************************************
2573 Process a parameter for a particular service number. If snum < 0
2574 then assume we are in the globals.
2575 ***************************************************************************/
2577 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2579 TALLOC_CTX *frame = talloc_stackframe();
2580 struct loadparm_context *lp_ctx;
2583 lp_ctx = setup_lp_context(frame);
2584 if (lp_ctx == NULL) {
2590 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2592 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2593 pszParmName, pszParmValue);
2601 /***************************************************************************
2602 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2603 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2604 ***************************************************************************/
2606 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2609 parmnum = lpcfg_map_parameter(pszParmName);
2611 flags_list[parmnum] &= ~FLAG_CMDLINE;
2612 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2615 flags_list[parmnum] |= FLAG_CMDLINE;
2617 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2618 * be grouped in the table, so we don't have to search the
2621 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2622 && parm_table[i].p_class == parm_table[parmnum].p_class;
2624 flags_list[i] |= FLAG_CMDLINE;
2626 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2627 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2628 flags_list[i] |= FLAG_CMDLINE;
2634 /* it might be parametric */
2635 if (strchr(pszParmName, ':') != NULL) {
2636 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2640 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2644 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2647 TALLOC_CTX *frame = talloc_stackframe();
2648 struct loadparm_context *lp_ctx;
2650 lp_ctx = setup_lp_context(frame);
2651 if (lp_ctx == NULL) {
2656 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2662 /***************************************************************************
2663 Process a parameter.
2664 ***************************************************************************/
2666 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2669 if (!bInGlobalSection && bGlobalOnly)
2672 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2674 if (bInGlobalSection) {
2675 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2677 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2678 pszParmName, pszParmValue);
2682 /***************************************************************************
2683 Initialize any local variables in the sDefault table, after parsing a
2685 ***************************************************************************/
2687 static void init_locals(void)
2690 * We run this check once the [globals] is parsed, to force
2691 * the VFS objects and other per-share settings we need for
2692 * the standard way a AD DC is operated. We may change these
2693 * as our code evolves, which is why we force these settings.
2695 * We can't do this at the end of lp_load_ex(), as by that
2696 * point the services have been loaded and they will already
2697 * have "" as their vfs objects.
2699 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2700 const char **vfs_objects = lp_vfs_objects(-1);
2701 if (!vfs_objects || !vfs_objects[0]) {
2702 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2703 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2704 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2705 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2707 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2711 lp_do_parameter(-1, "map hidden", "no");
2712 lp_do_parameter(-1, "map system", "no");
2713 lp_do_parameter(-1, "map readonly", "no");
2714 lp_do_parameter(-1, "map archive", "no");
2715 lp_do_parameter(-1, "store dos attributes", "yes");
2719 /***************************************************************************
2720 Process a new section (service). At this stage all sections are services.
2721 Later we'll have special sections that permit server parameters to be set.
2722 Returns true on success, false on failure.
2723 ***************************************************************************/
2725 bool lp_do_section(const char *pszSectionName, void *userdata)
2727 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2729 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2730 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2733 /* if we were in a global section then do the local inits */
2734 if (bInGlobalSection && !isglobal)
2737 /* if we've just struck a global section, note the fact. */
2738 bInGlobalSection = isglobal;
2739 if (lp_ctx != NULL) {
2740 lp_ctx->bInGlobalSection = isglobal;
2743 /* check for multiple global sections */
2744 if (bInGlobalSection) {
2745 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2749 if (!bInGlobalSection && bGlobalOnly)
2752 /* if we have a current service, tidy it up before moving on */
2755 if (iServiceIndex >= 0)
2756 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2758 /* if all is still well, move to the next record in the services array */
2760 /* We put this here to avoid an odd message order if messages are */
2761 /* issued by the post-processing of a previous section. */
2762 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2764 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2765 if (iServiceIndex < 0) {
2766 DEBUG(0, ("Failed to add a new service\n"));
2769 /* Clean all parametric options for service */
2770 /* They will be added during parsing again */
2771 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2777 /***************************************************************************
2778 Display the contents of a parameter of a single services record.
2779 ***************************************************************************/
2781 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2783 bool result = false;
2784 struct loadparm_context *lp_ctx;
2786 lp_ctx = setup_lp_context(talloc_tos());
2787 if (lp_ctx == NULL) {
2792 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2794 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2796 TALLOC_FREE(lp_ctx);
2801 /***************************************************************************
2802 Display the contents of a single copy structure.
2803 ***************************************************************************/
2804 static void dump_copy_map(bool *pcopymap)
2810 printf("\n\tNon-Copied parameters:\n");
2812 for (i = 0; parm_table[i].label; i++)
2813 if (parm_table[i].p_class == P_LOCAL &&
2814 parm_table[i].ptr && !pcopymap[i] &&
2815 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2817 printf("\t\t%s\n", parm_table[i].label);
2822 /***************************************************************************
2823 Return TRUE if the passed service number is within range.
2824 ***************************************************************************/
2826 bool lp_snum_ok(int iService)
2828 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->available);
2831 /***************************************************************************
2832 Auto-load some home services.
2833 ***************************************************************************/
2835 static void lp_add_auto_services(char *str)
2845 s = talloc_strdup(talloc_tos(), str);
2847 smb_panic("talloc_strdup failed");
2851 homes = lp_servicenumber(HOMES_NAME);
2853 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2854 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2857 if (lp_servicenumber(p) >= 0)
2860 home = get_user_home_dir(talloc_tos(), p);
2862 if (home && home[0] && homes >= 0)
2863 lp_add_home(p, homes, p, home);
2870 /***************************************************************************
2871 Auto-load one printer.
2872 ***************************************************************************/
2874 void lp_add_one_printer(const char *name, const char *comment,
2875 const char *location, void *pdata)
2877 int printers = lp_servicenumber(PRINTERS_NAME);
2880 if (lp_servicenumber(name) < 0) {
2881 lp_add_printer(name, printers);
2882 if ((i = lp_servicenumber(name)) >= 0) {
2883 lpcfg_string_set(ServicePtrs[i],
2884 &ServicePtrs[i]->comment, comment);
2885 ServicePtrs[i]->autoloaded = true;
2890 /***************************************************************************
2891 Have we loaded a services file yet?
2892 ***************************************************************************/
2894 bool lp_loaded(void)
2899 /***************************************************************************
2900 Unload unused services.
2901 ***************************************************************************/
2903 void lp_killunused(struct smbd_server_connection *sconn,
2904 bool (*snumused) (struct smbd_server_connection *, int))
2907 for (i = 0; i < iNumServices; i++) {
2911 /* don't kill autoloaded or usershare services */
2912 if ( ServicePtrs[i]->autoloaded ||
2913 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2917 if (!snumused || !snumused(sconn, i)) {
2918 free_service_byindex(i);
2924 * Kill all except autoloaded and usershare services - convenience wrapper
2926 void lp_kill_all_services(void)
2928 lp_killunused(NULL, NULL);
2931 /***************************************************************************
2933 ***************************************************************************/
2935 void lp_killservice(int iServiceIn)
2937 if (VALID(iServiceIn)) {
2938 free_service_byindex(iServiceIn);
2942 /***************************************************************************
2943 Save the curent values of all global and sDefault parameters into the
2944 defaults union. This allows testparm to show only the
2945 changed (ie. non-default) parameters.
2946 ***************************************************************************/
2948 static void lp_save_defaults(void)
2951 struct parmlist_entry * parm;
2952 for (i = 0; parm_table[i].label; i++) {
2953 if (!(flags_list[i] & FLAG_CMDLINE)) {
2954 flags_list[i] |= FLAG_DEFAULT;
2957 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2958 && parm_table[i].p_class == parm_table[i - 1].p_class)
2960 switch (parm_table[i].type) {
2963 parm_table[i].def.lvalue = str_list_copy(
2964 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2970 &parm_table[i].def.svalue,
2971 *(char **)lp_parm_ptr(
2972 NULL, &parm_table[i]));
2973 if (parm_table[i].def.svalue == NULL) {
2974 smb_panic("lpcfg_string_set() failed");
2979 parm_table[i].def.bvalue =
2980 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2983 parm_table[i].def.cvalue =
2984 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2990 parm_table[i].def.ivalue =
2991 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2996 for (parm=Globals.param_opt; parm; parm=parm->next) {
2997 if (!(parm->priority & FLAG_CMDLINE)) {
2998 parm->priority |= FLAG_DEFAULT;
3002 for (parm=sDefault.param_opt; parm; parm=parm->next) {
3003 if (!(parm->priority & FLAG_CMDLINE)) {
3004 parm->priority |= FLAG_DEFAULT;
3008 defaults_saved = true;
3011 /***********************************************************
3012 If we should send plaintext/LANMAN passwords in the clinet
3013 ************************************************************/
3015 static void set_allowed_client_auth(void)
3017 if (Globals.client_ntlmv2_auth) {
3018 Globals.client_lanman_auth = false;
3020 if (!Globals.client_lanman_auth) {
3021 Globals.client_plaintext_auth = false;
3025 /***************************************************************************
3027 The following code allows smbd to read a user defined share file.
3028 Yes, this is my intent. Yes, I'm comfortable with that...
3030 THE FOLLOWING IS SECURITY CRITICAL CODE.
3032 It washes your clothes, it cleans your house, it guards you while you sleep...
3033 Do not f%^k with it....
3034 ***************************************************************************/
3036 #define MAX_USERSHARE_FILE_SIZE (10*1024)
3038 /***************************************************************************
3039 Check allowed stat state of a usershare file.
3040 Ensure we print out who is dicking with us so the admin can
3041 get their sorry ass fired.
3042 ***************************************************************************/
3044 static bool check_usershare_stat(const char *fname,
3045 const SMB_STRUCT_STAT *psbuf)
3047 if (!S_ISREG(psbuf->st_ex_mode)) {
3048 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3049 "not a regular file\n",
3050 fname, (unsigned int)psbuf->st_ex_uid ));
3054 /* Ensure this doesn't have the other write bit set. */
3055 if (psbuf->st_ex_mode & S_IWOTH) {
3056 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
3057 "public write. Refusing to allow as a usershare file.\n",
3058 fname, (unsigned int)psbuf->st_ex_uid ));
3062 /* Should be 10k or less. */
3063 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
3064 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3065 "too large (%u) to be a user share file.\n",
3066 fname, (unsigned int)psbuf->st_ex_uid,
3067 (unsigned int)psbuf->st_ex_size ));
3074 /***************************************************************************
3075 Parse the contents of a usershare file.
3076 ***************************************************************************/
3078 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3079 SMB_STRUCT_STAT *psbuf,
3080 const char *servicename,
3084 char **pp_sharepath,
3086 char **pp_cp_servicename,
3087 struct security_descriptor **ppsd,
3090 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3091 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3094 SMB_STRUCT_STAT sbuf;
3095 char *sharepath = NULL;
3096 char *comment = NULL;
3098 *pp_sharepath = NULL;
3101 *pallow_guest = false;
3104 return USERSHARE_MALFORMED_FILE;
3107 if (strcmp(lines[0], "#VERSION 1") == 0) {
3109 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3112 return USERSHARE_MALFORMED_FILE;
3115 return USERSHARE_BAD_VERSION;
3118 if (strncmp(lines[1], "path=", 5) != 0) {
3119 return USERSHARE_MALFORMED_PATH;
3122 sharepath = talloc_strdup(ctx, &lines[1][5]);
3124 return USERSHARE_POSIX_ERR;
3126 trim_string(sharepath, " ", " ");
3128 if (strncmp(lines[2], "comment=", 8) != 0) {
3129 return USERSHARE_MALFORMED_COMMENT_DEF;
3132 comment = talloc_strdup(ctx, &lines[2][8]);
3134 return USERSHARE_POSIX_ERR;
3136 trim_string(comment, " ", " ");
3137 trim_char(comment, '"', '"');
3139 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3140 return USERSHARE_MALFORMED_ACL_DEF;
3143 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3144 return USERSHARE_ACL_ERR;
3148 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3149 return USERSHARE_MALFORMED_ACL_DEF;
3151 if (lines[4][9] == 'y') {
3152 *pallow_guest = true;
3155 /* Backwards compatible extension to file version #2. */
3157 if (strncmp(lines[5], "sharename=", 10) != 0) {
3158 return USERSHARE_MALFORMED_SHARENAME_DEF;
3160 if (!strequal(&lines[5][10], servicename)) {
3161 return USERSHARE_BAD_SHARENAME;
3163 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3164 if (!*pp_cp_servicename) {
3165 return USERSHARE_POSIX_ERR;
3170 if (*pp_cp_servicename == NULL) {
3171 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3172 if (!*pp_cp_servicename) {
3173 return USERSHARE_POSIX_ERR;
3177 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3178 /* Path didn't change, no checks needed. */
3179 *pp_sharepath = sharepath;
3180 *pp_comment = comment;
3181 return USERSHARE_OK;
3184 /* The path *must* be absolute. */
3185 if (sharepath[0] != '/') {
3186 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3187 servicename, sharepath));
3188 return USERSHARE_PATH_NOT_ABSOLUTE;
3191 /* If there is a usershare prefix deny list ensure one of these paths
3192 doesn't match the start of the user given path. */
3193 if (prefixdenylist) {
3195 for ( i=0; prefixdenylist[i]; i++ ) {
3196 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3197 servicename, i, prefixdenylist[i], sharepath ));
3198 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3199 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3200 "usershare prefix deny list entries.\n",
3201 servicename, sharepath));
3202 return USERSHARE_PATH_IS_DENIED;
3207 /* If there is a usershare prefix allow list ensure one of these paths
3208 does match the start of the user given path. */
3210 if (prefixallowlist) {
3212 for ( i=0; prefixallowlist[i]; i++ ) {
3213 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3214 servicename, i, prefixallowlist[i], sharepath ));
3215 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3219 if (prefixallowlist[i] == NULL) {
3220 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3221 "usershare prefix allow list entries.\n",
3222 servicename, sharepath));
3223 return USERSHARE_PATH_NOT_ALLOWED;
3227 /* Ensure this is pointing to a directory. */
3228 dp = opendir(sharepath);
3231 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3232 servicename, sharepath));
3233 return USERSHARE_PATH_NOT_DIRECTORY;
3236 /* Ensure the owner of the usershare file has permission to share
3239 if (sys_stat(sharepath, &sbuf, false) == -1) {
3240 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3241 servicename, sharepath, strerror(errno) ));
3243 return USERSHARE_POSIX_ERR;
3248 if (!S_ISDIR(sbuf.st_ex_mode)) {
3249 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3250 servicename, sharepath ));
3251 return USERSHARE_PATH_NOT_DIRECTORY;
3254 /* Check if sharing is restricted to owner-only. */
3255 /* psbuf is the stat of the usershare definition file,
3256 sbuf is the stat of the target directory to be shared. */
3258 if (lp_usershare_owner_only()) {
3259 /* root can share anything. */
3260 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3261 return USERSHARE_PATH_NOT_ALLOWED;
3265 *pp_sharepath = sharepath;
3266 *pp_comment = comment;
3267 return USERSHARE_OK;
3270 /***************************************************************************
3271 Deal with a usershare file.
3274 -1 - Bad name, invalid contents.
3275 - service name already existed and not a usershare, problem
3276 with permissions to share directory etc.
3277 ***************************************************************************/
3279 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3281 SMB_STRUCT_STAT sbuf;
3282 SMB_STRUCT_STAT lsbuf;
3284 char *sharepath = NULL;
3285 char *comment = NULL;
3286 char *cp_service_name = NULL;
3287 char **lines = NULL;
3291 TALLOC_CTX *ctx = talloc_stackframe();
3292 struct security_descriptor *psd = NULL;
3293 bool guest_ok = false;
3294 char *canon_name = NULL;
3295 bool added_service = false;
3298 /* Ensure share name doesn't contain invalid characters. */
3299 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3300 DEBUG(0,("process_usershare_file: share name %s contains "
3301 "invalid characters (any of %s)\n",
3302 file_name, INVALID_SHARENAME_CHARS ));
3306 canon_name = canonicalize_servicename(ctx, file_name);
3311 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3316 /* Minimize the race condition by doing an lstat before we
3317 open and fstat. Ensure this isn't a symlink link. */
3319 if (sys_lstat(fname, &lsbuf, false) != 0) {
3320 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3321 fname, strerror(errno) ));
3325 /* This must be a regular file, not a symlink, directory or
3326 other strange filetype. */
3327 if (!check_usershare_stat(fname, &lsbuf)) {
3335 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3340 if (NT_STATUS_IS_OK(status) &&
3341 (data.dptr != NULL) &&
3342 (data.dsize == sizeof(iService))) {
3343 memcpy(&iService, data.dptr, sizeof(iService));
3347 if (iService != -1 &&
3348 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3349 &lsbuf.st_ex_mtime) == 0) {
3350 /* Nothing changed - Mark valid and return. */
3351 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3353 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3358 /* Try and open the file read only - no symlinks allowed. */
3360 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3362 fd = open(fname, O_RDONLY, 0);
3366 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3367 fname, strerror(errno) ));
3371 /* Now fstat to be *SURE* it's a regular file. */
3372 if (sys_fstat(fd, &sbuf, false) != 0) {
3374 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3375 fname, strerror(errno) ));
3379 /* Is it the same dev/inode as was lstated ? */
3380 if (!check_same_stat(&lsbuf, &sbuf)) {
3382 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3383 "Symlink spoofing going on ?\n", fname ));
3387 /* This must be a regular file, not a symlink, directory or
3388 other strange filetype. */
3389 if (!check_usershare_stat(fname, &sbuf)) {
3394 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3397 if (lines == NULL) {
3398 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3399 fname, (unsigned int)sbuf.st_ex_uid ));
3403 if (parse_usershare_file(ctx, &sbuf, file_name,
3404 iService, lines, numlines, &sharepath,
3405 &comment, &cp_service_name,
3406 &psd, &guest_ok) != USERSHARE_OK) {
3410 /* Everything ok - add the service possibly using a template. */
3412 const struct loadparm_service *sp = &sDefault;
3413 if (snum_template != -1) {
3414 sp = ServicePtrs[snum_template];
3417 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3418 DEBUG(0, ("process_usershare_file: Failed to add "
3419 "new service %s\n", cp_service_name));
3423 added_service = true;
3425 /* Read only is controlled by usershare ACL below. */
3426 ServicePtrs[iService]->read_only = false;
3429 /* Write the ACL of the new/modified share. */
3430 if (!set_share_security(canon_name, psd)) {
3431 DEBUG(0, ("process_usershare_file: Failed to set share "
3432 "security for user share %s\n",
3437 /* If from a template it may be marked invalid. */
3438 ServicePtrs[iService]->valid = true;
3440 /* Set the service as a valid usershare. */
3441 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3443 /* Set guest access. */
3444 if (lp_usershare_allow_guests()) {
3445 ServicePtrs[iService]->guest_ok = guest_ok;
3448 /* And note when it was loaded. */
3449 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3450 lpcfg_string_set(ServicePtrs[iService], &ServicePtrs[iService]->path,
3452 lpcfg_string_set(ServicePtrs[iService],
3453 &ServicePtrs[iService]->comment, comment);
3459 if (ret == -1 && iService != -1 && added_service) {
3460 lp_remove_service(iService);
3468 /***************************************************************************
3469 Checks if a usershare entry has been modified since last load.
3470 ***************************************************************************/
3472 static bool usershare_exists(int iService, struct timespec *last_mod)
3474 SMB_STRUCT_STAT lsbuf;
3475 const char *usersharepath = Globals.usershare_path;
3478 fname = talloc_asprintf(talloc_tos(),
3481 ServicePtrs[iService]->szService);
3482 if (fname == NULL) {
3486 if (sys_lstat(fname, &lsbuf, false) != 0) {
3491 if (!S_ISREG(lsbuf.st_ex_mode)) {
3497 *last_mod = lsbuf.st_ex_mtime;
3501 /***************************************************************************
3502 Load a usershare service by name. Returns a valid servicenumber or -1.
3503 ***************************************************************************/
3505 int load_usershare_service(const char *servicename)
3507 SMB_STRUCT_STAT sbuf;
3508 const char *usersharepath = Globals.usershare_path;
3509 int max_user_shares = Globals.usershare_max_shares;
3510 int snum_template = -1;
3512 if (*usersharepath == 0 || max_user_shares == 0) {
3516 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3517 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3518 usersharepath, strerror(errno) ));
3522 if (!S_ISDIR(sbuf.st_ex_mode)) {
3523 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3529 * This directory must be owned by root, and have the 't' bit set.
3530 * It also must not be writable by "other".
3534 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3536 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3538 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3539 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3544 /* Ensure the template share exists if it's set. */
3545 if (Globals.usershare_template_share[0]) {
3546 /* We can't use lp_servicenumber here as we are recommending that
3547 template shares have -valid=false set. */
3548 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3549 if (ServicePtrs[snum_template]->szService &&
3550 strequal(ServicePtrs[snum_template]->szService,
3551 Globals.usershare_template_share)) {
3556 if (snum_template == -1) {
3557 DEBUG(0,("load_usershare_service: usershare template share %s "
3558 "does not exist.\n",
3559 Globals.usershare_template_share ));
3564 return process_usershare_file(usersharepath, servicename, snum_template);
3567 /***************************************************************************
3568 Load all user defined shares from the user share directory.
3569 We only do this if we're enumerating the share list.
3570 This is the function that can delete usershares that have
3572 ***************************************************************************/
3574 int load_usershare_shares(struct smbd_server_connection *sconn,
3575 bool (*snumused) (struct smbd_server_connection *, int))
3578 SMB_STRUCT_STAT sbuf;
3580 int num_usershares = 0;
3581 int max_user_shares = Globals.usershare_max_shares;
3582 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3583 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3584 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3586 int snum_template = -1;
3587 const char *usersharepath = Globals.usershare_path;
3588 int ret = lp_numservices();
3589 TALLOC_CTX *tmp_ctx;
3591 if (max_user_shares == 0 || *usersharepath == '\0') {
3592 return lp_numservices();
3595 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3596 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3597 usersharepath, strerror(errno) ));
3602 * This directory must be owned by root, and have the 't' bit set.
3603 * It also must not be writable by "other".
3607 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3609 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3611 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3612 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3617 /* Ensure the template share exists if it's set. */
3618 if (Globals.usershare_template_share[0]) {
3619 /* We can't use lp_servicenumber here as we are recommending that
3620 template shares have -valid=false set. */
3621 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3622 if (ServicePtrs[snum_template]->szService &&
3623 strequal(ServicePtrs[snum_template]->szService,
3624 Globals.usershare_template_share)) {
3629 if (snum_template == -1) {
3630 DEBUG(0,("load_usershare_shares: usershare template share %s "
3631 "does not exist.\n",
3632 Globals.usershare_template_share ));
3637 /* Mark all existing usershares as pending delete. */
3638 for (iService = iNumServices - 1; iService >= 0; iService--) {
3639 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3640 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3644 dp = opendir(usersharepath);
3646 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3647 usersharepath, strerror(errno) ));
3651 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3653 num_dir_entries++ ) {
3655 const char *n = de->d_name;
3657 /* Ignore . and .. */
3659 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3665 /* Temporary file used when creating a share. */
3666 num_tmp_dir_entries++;
3669 /* Allow 20% tmp entries. */
3670 if (num_tmp_dir_entries > allowed_tmp_entries) {
3671 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3672 "in directory %s\n",
3673 num_tmp_dir_entries, usersharepath));
3677 r = process_usershare_file(usersharepath, n, snum_template);
3679 /* Update the services count. */
3681 if (num_usershares >= max_user_shares) {
3682 DEBUG(0,("load_usershare_shares: max user shares reached "
3683 "on file %s in directory %s\n",
3684 n, usersharepath ));
3687 } else if (r == -1) {
3688 num_bad_dir_entries++;
3691 /* Allow 20% bad entries. */
3692 if (num_bad_dir_entries > allowed_bad_entries) {
3693 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3694 "in directory %s\n",
3695 num_bad_dir_entries, usersharepath));
3699 /* Allow 20% bad entries. */
3700 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3701 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3702 "in directory %s\n",
3703 num_dir_entries, usersharepath));
3710 /* Sweep through and delete any non-refreshed usershares that are
3711 not currently in use. */
3712 tmp_ctx = talloc_stackframe();
3713 for (iService = iNumServices - 1; iService >= 0; iService--) {
3714 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3717 if (snumused && snumused(sconn, iService)) {
3721 servname = lp_servicename(tmp_ctx, iService);
3723 /* Remove from the share ACL db. */
3724 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3726 delete_share_security(servname);
3727 free_service_byindex(iService);
3730 talloc_free(tmp_ctx);
3732 return lp_numservices();
3735 /********************************************************
3736 Destroy global resources allocated in this file
3737 ********************************************************/
3739 void gfree_loadparm(void)
3745 /* Free resources allocated to services */
3747 for ( i = 0; i < iNumServices; i++ ) {
3749 free_service_byindex(i);
3753 TALLOC_FREE( ServicePtrs );
3756 /* Now release all resources allocated to global
3757 parameters and the default service */
3759 free_global_parameters();
3763 /***************************************************************************
3764 Allow client apps to specify that they are a client
3765 ***************************************************************************/
3766 static void lp_set_in_client(bool b)
3772 /***************************************************************************
3773 Determine if we're running in a client app
3774 ***************************************************************************/
3775 static bool lp_is_in_client(void)
3780 static void lp_enforce_ad_dc_settings(void)
3782 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3783 lp_do_parameter(GLOBAL_SECTION_SNUM,
3784 "winbindd:use external pipes", "true");
3785 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3786 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3787 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3788 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3789 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3790 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3791 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3792 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3793 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3796 /***************************************************************************
3797 Load the services array from the services file. Return true on success,
3799 ***************************************************************************/
3801 static bool lp_load_ex(const char *pszFname,
3805 bool reinit_globals,
3806 bool allow_include_registry,
3807 bool load_all_shares)
3811 TALLOC_CTX *frame = talloc_stackframe();
3812 struct loadparm_context *lp_ctx;
3816 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3818 bInGlobalSection = true;
3819 bGlobalOnly = global_only;
3820 bAllowIncludeRegistry = allow_include_registry;
3822 lp_ctx = setup_lp_context(talloc_tos());
3824 init_globals(lp_ctx, reinit_globals);
3828 if (save_defaults) {
3833 if (!reinit_globals) {
3834 free_param_opts(&Globals.param_opt);
3835 apply_lp_set_cmdline();
3838 lp_do_parameter(-1, "idmap config * : backend", Globals.idmap_backend);
3840 /* We get sections first, so have to start 'behind' to make up */
3843 if (lp_config_backend_is_file()) {
3844 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3845 current_user_info.domain,
3848 smb_panic("lp_load_ex: out of memory");
3851 add_to_file_list(NULL, &file_lists, pszFname, n2);
3853 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3856 /* finish up the last section */
3857 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3859 if (iServiceIndex >= 0) {
3860 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3864 if (lp_config_backend_is_registry()) {
3866 /* config backend changed to registry in config file */
3868 * We need to use this extra global variable here to
3869 * survive restart: init_globals uses this as a default
3870 * for config_backend. Otherwise, init_globals would
3871 * send us into an endless loop here.
3874 config_backend = CONFIG_BACKEND_REGISTRY;
3876 DEBUG(1, ("lp_load_ex: changing to config backend "
3878 init_globals(lp_ctx, true);
3880 TALLOC_FREE(lp_ctx);
3882 lp_kill_all_services();
3883 ok = lp_load_ex(pszFname, global_only, save_defaults,
3884 add_ipc, reinit_globals,
3885 allow_include_registry,
3890 } else if (lp_config_backend_is_registry()) {
3891 bRetval = process_registry_globals();
3893 DEBUG(0, ("Illegal config backend given: %d\n",
3894 lp_config_backend()));
3898 if (bRetval && lp_registry_shares()) {
3899 if (load_all_shares) {
3900 bRetval = process_registry_shares();
3902 bRetval = reload_registry_shares();
3907 char *serv = lp_auto_services(talloc_tos());
3908 lp_add_auto_services(serv);
3913 /* When 'restrict anonymous = 2' guest connections to ipc$
3915 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3916 if ( lp_enable_asu_support() ) {
3917 lp_add_ipc("ADMIN$", false);
3921 set_allowed_client_auth();
3923 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3924 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3925 lp_password_server()));
3930 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3931 /* if we_are_a_wins_server is true and we are in the client */
3932 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3933 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3938 fault_configure(smb_panic_s3);
3941 * We run this check once the whole smb.conf is parsed, to
3942 * force some settings for the standard way a AD DC is
3943 * operated. We may change these as our code evolves, which
3944 * is why we force these settings.
3946 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3947 lp_enforce_ad_dc_settings();
3950 bAllowIncludeRegistry = true;
3956 static bool lp_load(const char *pszFname,
3960 bool reinit_globals)
3962 return lp_load_ex(pszFname,
3967 true, /* allow_include_registry */
3968 false); /* load_all_shares*/
3971 bool lp_load_initial_only(const char *pszFname)
3973 return lp_load_ex(pszFname,
3974 true, /* global only */
3975 true, /* save_defaults */
3976 false, /* add_ipc */
3977 true, /* reinit_globals */
3978 false, /* allow_include_registry */
3979 false); /* load_all_shares*/
3983 * most common lp_load wrapper, loading only the globals
3985 * If this is used in a daemon or client utility it should be called
3986 * after processing popt.
3988 bool lp_load_global(const char *file_name)
3990 return lp_load(file_name,
3991 true, /* global_only */
3992 false, /* save_defaults */
3993 false, /* add_ipc */
3994 true); /* reinit_globals */
3998 * The typical lp_load wrapper with shares, loads global and
3999 * shares, including IPC, but does not force immediate
4000 * loading of all shares from registry.
4002 bool lp_load_with_shares(const char *file_name)
4004 return lp_load(file_name,
4005 false, /* global_only */
4006 false, /* save_defaults */
4008 true); /* reinit_globals */
4012 * lp_load wrapper, especially for clients
4014 bool lp_load_client(const char *file_name)
4016 lp_set_in_client(true);
4018 return lp_load_global(file_name);
4022 * lp_load wrapper, loading only globals, but intended
4023 * for subsequent calls, not reinitializing the globals
4026 bool lp_load_global_no_reinit(const char *file_name)
4028 return lp_load(file_name,
4029 true, /* global_only */
4030 false, /* save_defaults */
4031 false, /* add_ipc */
4032 false); /* reinit_globals */
4036 * lp_load wrapper, loading globals and shares,
4037 * intended for subsequent calls, i.e. not reinitializing
4038 * the globals to default values.
4040 bool lp_load_no_reinit(const char *file_name)
4042 return lp_load(file_name,
4043 false, /* global_only */
4044 false, /* save_defaults */
4045 false, /* add_ipc */
4046 false); /* reinit_globals */
4051 * lp_load wrapper, especially for clients, no reinitialization
4053 bool lp_load_client_no_reinit(const char *file_name)
4055 lp_set_in_client(true);
4057 return lp_load_global_no_reinit(file_name);
4060 bool lp_load_with_registry_shares(const char *pszFname)
4062 return lp_load_ex(pszFname,
4063 false, /* global_only */
4064 true, /* save_defaults */
4065 false, /* add_ipc */
4066 false, /* reinit_globals */
4067 true, /* allow_include_registry */
4068 true); /* load_all_shares*/
4071 /***************************************************************************
4072 Return the max number of services.
4073 ***************************************************************************/
4075 int lp_numservices(void)
4077 return (iNumServices);
4080 /***************************************************************************
4081 Display the contents of the services array in human-readable form.
4082 ***************************************************************************/
4084 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4087 struct loadparm_context *lp_ctx;
4090 defaults_saved = false;
4092 lp_ctx = setup_lp_context(talloc_tos());
4093 if (lp_ctx == NULL) {
4097 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
4099 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
4101 for (iService = 0; iService < maxtoprint; iService++) {
4103 lp_dump_one(f, show_defaults, iService);
4107 /***************************************************************************
4108 Display the contents of one service in human-readable form.
4109 ***************************************************************************/
4111 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4114 if (ServicePtrs[snum]->szService[0] == '\0')
4116 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
4117 flags_list, show_defaults);
4121 /***************************************************************************
4122 Return the number of the service with the given name, or -1 if it doesn't
4123 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4124 getservicebyname()! This works ONLY if all services have been loaded, and
4125 does not copy the found service.
4126 ***************************************************************************/
4128 int lp_servicenumber(const char *pszServiceName)
4131 fstring serviceName;
4133 if (!pszServiceName) {
4134 return GLOBAL_SECTION_SNUM;
4137 for (iService = iNumServices - 1; iService >= 0; iService--) {
4138 if (VALID(iService) && ServicePtrs[iService]->szService) {
4140 * The substitution here is used to support %U in
4143 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4144 standard_sub_basic(get_current_username(),
4145 current_user_info.domain,
4146 serviceName,sizeof(serviceName));
4147 if (strequal(serviceName, pszServiceName)) {
4153 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4154 struct timespec last_mod;
4156 if (!usershare_exists(iService, &last_mod)) {
4157 /* Remove the share security tdb entry for it. */
4158 delete_share_security(lp_servicename(talloc_tos(), iService));
4159 /* Remove it from the array. */
4160 free_service_byindex(iService);
4161 /* Doesn't exist anymore. */
4162 return GLOBAL_SECTION_SNUM;
4165 /* Has it been modified ? If so delete and reload. */
4166 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4168 /* Remove it from the array. */
4169 free_service_byindex(iService);
4170 /* and now reload it. */
4171 iService = load_usershare_service(pszServiceName);
4176 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4177 return GLOBAL_SECTION_SNUM;
4183 /*******************************************************************
4184 A useful volume label function.
4185 ********************************************************************/
4187 const char *volume_label(TALLOC_CTX *ctx, int snum)
4190 const char *label = lp_volume(ctx, snum);
4192 label = lp_servicename(ctx, snum);
4195 /* This returns a 33 byte guarenteed null terminated string. */
4196 ret = talloc_strndup(ctx, label, 32);
4203 /*******************************************************************
4204 Get the default server type we will announce as via nmbd.
4205 ********************************************************************/
4207 int lp_default_server_announce(void)
4209 int default_server_announce = 0;
4210 default_server_announce |= SV_TYPE_WORKSTATION;
4211 default_server_announce |= SV_TYPE_SERVER;
4212 default_server_announce |= SV_TYPE_SERVER_UNIX;
4214 /* note that the flag should be set only if we have a
4215 printer service but nmbd doesn't actually load the
4216 services so we can't tell --jerry */
4218 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4220 default_server_announce |= SV_TYPE_SERVER_NT;
4221 default_server_announce |= SV_TYPE_NT;
4223 switch (lp_server_role()) {
4224 case ROLE_DOMAIN_MEMBER:
4225 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4227 case ROLE_DOMAIN_PDC:
4228 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4230 case ROLE_DOMAIN_BDC:
4231 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4233 case ROLE_STANDALONE:
4237 if (lp_time_server())
4238 default_server_announce |= SV_TYPE_TIME_SOURCE;
4240 if (lp_host_msdfs())
4241 default_server_announce |= SV_TYPE_DFS_SERVER;
4243 return default_server_announce;
4246 /***********************************************************
4247 If we are PDC then prefer us as DMB
4248 ************************************************************/
4250 bool lp_domain_master(void)
4252 if (Globals._domain_master == Auto)
4253 return (lp_server_role() == ROLE_DOMAIN_PDC);
4255 return (bool)Globals._domain_master;
4258 /***********************************************************
4259 If we are PDC then prefer us as DMB
4260 ************************************************************/
4262 static bool lp_domain_master_true_or_auto(void)
4264 if (Globals._domain_master) /* auto or yes */
4270 /***********************************************************
4271 If we are DMB then prefer us as LMB
4272 ************************************************************/
4274 bool lp_preferred_master(void)
4276 int preferred_master = lp__preferred_master();
4278 if (preferred_master == Auto)
4279 return (lp_local_master() && lp_domain_master());
4281 return (bool)preferred_master;
4284 /*******************************************************************
4286 ********************************************************************/
4288 void lp_remove_service(int snum)
4290 ServicePtrs[snum]->valid = false;
4293 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4295 const char *ret = lp__printername(ctx, snum);
4296 if (ret == NULL || *ret == '\0') {
4297 ret = lp_const_servicename(snum);
4304 /***********************************************************
4305 Allow daemons such as winbindd to fix their logfile name.
4306 ************************************************************/
4308 void lp_set_logfile(const char *name)
4310 lpcfg_string_set(Globals.ctx, &Globals.logfile, name);
4311 debug_set_logfile(name);
4314 /*******************************************************************
4315 Return the max print jobs per queue.
4316 ********************************************************************/
4318 int lp_maxprintjobs(int snum)
4320 int maxjobs = lp_max_print_jobs(snum);
4322 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4323 maxjobs = PRINT_MAX_JOBID - 1;
4328 const char *lp_printcapname(void)
4330 const char *printcap_name = lp_printcap_name();
4332 if ((printcap_name != NULL) &&
4333 (printcap_name[0] != '\0'))
4334 return printcap_name;
4336 if (sDefault.printing == PRINT_CUPS) {
4340 if (sDefault.printing == PRINT_BSD)
4341 return "/etc/printcap";
4343 return PRINTCAP_NAME;
4346 static uint32_t spoolss_state;
4348 bool lp_disable_spoolss( void )
4350 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4351 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4353 return spoolss_state == SVCCTL_STOPPED ? true : false;
4356 void lp_set_spoolss_state( uint32_t state )
4358 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4360 spoolss_state = state;
4363 uint32_t lp_get_spoolss_state( void )
4365 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4368 /*******************************************************************
4369 Ensure we don't use sendfile if server smb signing is active.
4370 ********************************************************************/
4372 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4374 bool sign_active = false;
4376 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4377 if (get_Protocol() < PROTOCOL_NT1) {
4380 if (signing_state) {
4381 sign_active = smb_signing_is_active(signing_state);
4383 return (lp__use_sendfile(snum) &&
4384 (get_remote_arch() != RA_WIN95) &&
4388 /*******************************************************************
4389 Turn off sendfile if we find the underlying OS doesn't support it.
4390 ********************************************************************/
4392 void set_use_sendfile(int snum, bool val)
4394 if (LP_SNUM_OK(snum))
4395 ServicePtrs[snum]->_use_sendfile = val;
4397 sDefault._use_sendfile = val;
4400 void lp_set_mangling_method(const char *new_method)
4402 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, new_method);
4405 /*******************************************************************
4406 Global state for POSIX pathname processing.
4407 ********************************************************************/
4409 static bool posix_pathnames;
4411 bool lp_posix_pathnames(void)
4413 return posix_pathnames;
4416 /*******************************************************************
4417 Change everything needed to ensure POSIX pathname processing (currently
4419 ********************************************************************/
4421 void lp_set_posix_pathnames(void)
4423 posix_pathnames = true;
4426 /*******************************************************************
4427 Global state for POSIX lock processing - CIFS unix extensions.
4428 ********************************************************************/
4430 bool posix_default_lock_was_set;
4431 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4433 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4435 if (posix_default_lock_was_set) {
4436 return posix_cifsx_locktype;
4438 return (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) ?
4439 POSIX_LOCK : WINDOWS_LOCK;
4443 /*******************************************************************
4444 ********************************************************************/
4446 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4448 posix_default_lock_was_set = true;
4449 posix_cifsx_locktype = val;
4452 int lp_min_receive_file_size(void)
4454 int min_receivefile_size = lp_min_receivefile_size();
4456 if (min_receivefile_size < 0) {
4459 return min_receivefile_size;
4462 /*******************************************************************
4463 Safe wide links checks.
4464 This helper function always verify the validity of wide links,
4465 even after a configuration file reload.
4466 ********************************************************************/
4468 void widelinks_warning(int snum)
4470 if (lp_allow_insecure_wide_links()) {
4474 if (lp_unix_extensions() && lp_wide_links(snum)) {
4475 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4476 "These parameters are incompatible. "
4477 "Wide links will be disabled for this share.\n",
4478 lp_servicename(talloc_tos(), snum) ));
4482 bool lp_widelinks(int snum)
4484 /* wide links is always incompatible with unix extensions */
4485 if (lp_unix_extensions()) {
4487 * Unless we have "allow insecure widelinks"
4490 if (!lp_allow_insecure_wide_links()) {
4495 return lp_wide_links(snum);
4498 int lp_server_role(void)
4500 return lp_find_server_role(lp__server_role(),
4502 lp__domain_logons(),
4503 lp_domain_master_true_or_auto());
4506 int lp_security(void)
4508 return lp_find_security(lp__server_role(),
4512 int lp_client_max_protocol(void)
4514 int client_max_protocol = lp__client_max_protocol();
4515 if (client_max_protocol == PROTOCOL_DEFAULT) {
4516 return PROTOCOL_NT1;
4518 return client_max_protocol;
4521 int lp_client_ipc_min_protocol(void)
4523 int client_ipc_min_protocol = lp__client_ipc_min_protocol();
4524 if (client_ipc_min_protocol == PROTOCOL_DEFAULT) {
4525 client_ipc_min_protocol = lp_client_min_protocol();
4527 if (client_ipc_min_protocol < PROTOCOL_NT1) {
4528 return PROTOCOL_NT1;
4530 return client_ipc_min_protocol;
4533 int lp_client_ipc_max_protocol(void)
4535 int client_ipc_max_protocol = lp__client_ipc_max_protocol();
4536 if (client_ipc_max_protocol == PROTOCOL_DEFAULT) {
4537 return PROTOCOL_LATEST;
4539 if (client_ipc_max_protocol < PROTOCOL_NT1) {
4540 return PROTOCOL_NT1;
4542 return client_ipc_max_protocol;
4545 int lp_client_ipc_signing(void)
4547 int client_ipc_signing = lp__client_ipc_signing();
4548 if (client_ipc_signing == SMB_SIGNING_DEFAULT) {
4549 return SMB_SIGNING_REQUIRED;
4551 return client_ipc_signing;
4554 struct loadparm_global * get_globals(void)
4559 unsigned int * get_flags(void)
4561 if (flags_list == NULL) {
4562 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());