char *szUsershareTemplateShare; \
char *szIdmapUID; \
char *szIdmapGID; \
+ char *szIdmapBackend; \
int winbindMaxDomainConnections; \
int ismb2_max_credits; \
char *tls_keyfile; \
char *tls_cafile; \
char *tls_crlfile; \
char *tls_dhpfile; \
- char *panic_action; \
int bPreferredMaster;
#include "param/param_global.h"
.iWriteCacheSize = 0,
.iCreate_mask = 0744,
.iCreate_force_mode = 0,
- .iSecurity_mask = 0777,
- .iSecurity_force_mode = 0,
.iDir_mask = 0755,
.iDir_force_mode = 0,
- .iDir_Security_mask = 0777,
- .iDir_Security_force_mode = 0,
.iMaxConnections = 0,
.iDefaultCase = CASE_LOWER,
.iPrinting = DEFAULT_PRINTING,
.bAccessBasedShareEnum = false,
.bAvailable = true,
.bRead_only = true,
- .bNo_set_dir = true,
.bGuest_only = false,
.bAdministrative_share = false,
.bGuest_ok = false,
.bLocking = true,
.iStrictLocking = Auto,
.bPosixLocking = true,
- .bShareModes = true,
.bOpLocks = true,
.bKernelOplocks = false,
.bLevel2OpLocks = true,
.iDirectoryNameCacheSize = 100,
#endif
.ismb_encrypt = SMB_SIGNING_DEFAULT,
+ .bKernelShareModes = true,
+ .bDurableHandles = true,
.param_opt = NULL,
.dummy = ""
};
case PRINT_CUPS:
case PRINT_IPRINT:
-#ifdef HAVE_CUPS
/* set the lpq command to contain the destination printer
name only. This is used by cups_queue_get() */
string_set(&pService->szLpqcommand, "%p");
string_set(&pService->szLpresumecommand, "");
string_set(&pService->szQueuepausecommand, "");
string_set(&pService->szQueueresumecommand, "");
-#else
- string_set(&pService->szLpqcommand, "lpq -P'%p'");
- string_set(&pService->szLprmcommand, "lprm -P'%p' %j");
- string_set(&pService->szPrintcommand, "lpr -P'%p' %s; rm %s");
- string_set(&pService->szLppausecommand, "lp -i '%p-%j' -H hold");
- string_set(&pService->szLpresumecommand, "lp -i '%p-%j' -H resume");
- string_set(&pService->szQueuepausecommand, "disable '%p'");
- string_set(&pService->szQueueresumecommand, "enable '%p'");
-#endif /* HAVE_CUPS */
break;
case PRINT_SYSV:
Globals.max_log_size = 5000;
Globals.max_open_files = max_open_files();
Globals.open_files_db_hash_size = SMB_OPEN_DATABASE_TDB_HASH_SIZE;
- Globals.srv_maxprotocol = PROTOCOL_SMB2_10;
+ Globals.srv_maxprotocol = PROTOCOL_SMB3_00;
Globals.srv_minprotocol = PROTOCOL_LANMAN1;
Globals.security = SEC_USER;
Globals.bEncryptPasswords = true;
/* Printers cannot be read_only. */
ServicePtrs[i]->bRead_only = false;
- /* No share modes on printer services. */
- ServicePtrs[i]->bShareModes = false;
/* No oplocks on printer services. */
ServicePtrs[i]->bOpLocks = false;
/* Printer services must be printable. */
return true;
}
-/***************************************************************************
- Handle idmap/non unix account uid and gid allocation parameters. The format of these
- parameters is:
+/*
+ * idmap related parameters
+ */
- [global]
+static bool handle_idmap_backend(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
+{
+ lp_do_parameter(snum, "idmap config * : backend", pszParmValue);
- idmap uid = 1000-1999
- idmap gid = 700-899
+ return true;
+}
- We only do simple parsing checks here. The strings are parsed into useful
- structures in the idmap daemon code.
+static bool handle_idmap_uid(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
+{
+ lp_do_parameter(snum, "idmap config * : range", pszParmValue);
-***************************************************************************/
+ return true;
+}
-/* Some lp_ routines to return idmap [ug]id information */
+static bool handle_idmap_gid(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
+{
+ lp_do_parameter(snum, "idmap config * : range", pszParmValue);
-static uid_t idmap_uid_low, idmap_uid_high;
-static gid_t idmap_gid_low, idmap_gid_high;
+ return true;
+}
-bool lp_idmap_uid(uid_t *low, uid_t *high)
+bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
{
- if (idmap_uid_low == 0 || idmap_uid_high == 0)
- return false;
+ char *config_option = NULL;
+ const char *range = NULL;
+ bool ret = false;
- if (low)
- *low = idmap_uid_low;
+ SMB_ASSERT(low != NULL);
+ SMB_ASSERT(high != NULL);
- if (high)
- *high = idmap_uid_high;
+ if ((domain_name == NULL) || (domain_name[0] == '\0')) {
+ domain_name = "*";
+ }
- return true;
-}
+ config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
+ domain_name);
+ if (config_option == NULL) {
+ DEBUG(0, ("out of memory\n"));
+ return false;
+ }
-bool lp_idmap_gid(gid_t *low, gid_t *high)
-{
- if (idmap_gid_low == 0 || idmap_gid_high == 0)
- return false;
+ range = lp_parm_const_string(-1, config_option, "range", NULL);
+ if (range == NULL) {
+ DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
+ goto done;
+ }
+
+ if (sscanf(range, "%u - %u", low, high) != 2) {
+ DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
+ range, domain_name));
+ goto done;
+ }
- if (low)
- *low = idmap_gid_low;
+ ret = true;
- if (high)
- *high = idmap_gid_high;
+done:
+ talloc_free(config_option);
+ return ret;
- return true;
}
-static bool handle_idmap_backend(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
+bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
{
- lp_do_parameter(snum, "idmap config * : backend", pszParmValue);
-
- return true;
+ return lp_idmap_range("*", low, high);
}
-/* Do some simple checks on "idmap [ug]id" parameter values */
-
-static bool handle_idmap_uid(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
+const char *lp_idmap_backend(const char *domain_name)
{
- lp_do_parameter(snum, "idmap config * : range", pszParmValue);
+ char *config_option = NULL;
+ const char *backend = NULL;
- return true;
+ if ((domain_name == NULL) || (domain_name[0] == '\0')) {
+ domain_name = "*";
+ }
+
+ config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
+ domain_name);
+ if (config_option == NULL) {
+ DEBUG(0, ("out of memory\n"));
+ return false;
+ }
+
+ backend = lp_parm_const_string(-1, config_option, "backend", NULL);
+ if (backend == NULL) {
+ DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
+ goto done;
+ }
+
+done:
+ talloc_free(config_option);
+ return backend;
}
-static bool handle_idmap_gid(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
+const char *lp_idmap_default_backend(void)
{
- lp_do_parameter(snum, "idmap config * : range", pszParmValue);
-
- return true;
+ return lp_idmap_backend("*");
}
/***************************************************************************
}
/***************************************************************************
- Initialize any local varients in the sDefault table.
+ Initialize any local variables in the sDefault table, after parsing a
+ [globals] section.
***************************************************************************/
-void init_locals(void)
+static void init_locals(void)
{
- /* None as yet. */
+ /*
+ * We run this check once the [globals] is parsed, to force
+ * the VFS objects and other per-share settings we need for
+ * the standard way a AD DC is operated. We may change these
+ * as our code evolves, which is why we force these settings.
+ *
+ * We can't do this at the end of lp_load_ex(), as by that
+ * point the services have been loaded and they will already
+ * have "" as their vfs objects.
+ */
+ if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
+ const char **vfs_objects = lp_vfs_objects(-1);
+ if (!vfs_objects || !vfs_objects[0]) {
+ if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
+ lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
+ } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
+ lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
+ } else {
+ lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
+ }
+ }
+
+ lp_do_parameter(-1, "map hidden", "no");
+ lp_do_parameter(-1, "map system", "no");
+ lp_do_parameter(-1, "map readonly", "no");
+ lp_do_parameter(-1, "map archive", "no");
+ lp_do_parameter(-1, "store dos attributes", "yes");
+ }
}
/***************************************************************************
/***************************************************************************
Save the curent values of all global and sDefault parameters into the
- defaults union. This allows swat and testparm to show only the
+ defaults union. This allows testparm to show only the
changed (ie. non-default) parameters.
***************************************************************************/
/* This must be a regular file, not a symlink, directory or
other strange filetype. */
if (!check_usershare_stat(fname, &sbuf)) {
+ close(fd);
goto out;
}
fault_configure(smb_panic_s3);
+ /*
+ * We run this check once the whole smb.conf is parsed, to
+ * force some settings for the standard way a AD DC is
+ * operated. We may changed these as our code evolves, which
+ * is why we force these settings.
+ */
if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
- const char **vfs_objects = lp_vfs_objects(-1);
- if (!vfs_objects || !vfs_objects[0]) {
- if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
- lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
- } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
- lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
- } else {
- lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
- }
- }
lp_do_parameter(-1, "passdb backend", "samba_dsdb");
+
+ lp_do_parameter(-1, "rpc_server:default", "external");
+ lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
+ lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
+ lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
+ lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
+ lp_do_parameter(-1, "rpc_server:winreg", "embedded");
+ lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
+ lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
+ lp_do_parameter(-1, "rpc_server:tcpip", "no");
}
bAllowIncludeRegistry = true;
return Globals.szPrintcapname;
if (sDefault.iPrinting == PRINT_CUPS) {
-#ifdef HAVE_CUPS
return "cups";
-#else
- return "lpstat";
-#endif
}
if (sDefault.iPrinting == PRINT_BSD)