2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
74 #ifdef HAVE_SYS_SYSCTL_H
75 #include <sys/sysctl.h>
80 extern userdom_struct current_user_info;
82 /* the special value for the include parameter
83 * to be interpreted not as a file name but to
84 * trigger loading of the global smb.conf options
86 #ifndef INCLUDE_REGISTRY_NAME
87 #define INCLUDE_REGISTRY_NAME "registry"
90 static bool in_client = false; /* Not in the client by default */
91 static struct smbconf_csn conf_last_csn;
93 static int config_backend = CONFIG_BACKEND_FILE;
95 /* some helpful bits */
96 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && \
97 (ServicePtrs != NULL) && \
98 (ServicePtrs[(i)] != NULL) && ServicePtrs[(i)]->valid)
99 #define VALID(i) ((ServicePtrs != NULL) && (ServicePtrs[i]!= NULL) && \
100 ServicePtrs[i]->valid)
102 #define USERSHARE_VALID 1
103 #define USERSHARE_PENDING_DELETE 2
105 static bool defaults_saved = false;
107 #include "lib/param/param_global.h"
109 static struct loadparm_global Globals;
111 /* This is a default service used to prime a services structure */
112 static struct loadparm_service sDefault =
117 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .max_print_jobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
189 .administrative_share = false,
192 .print_notify_backchannel = false,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
199 .strict_locking = Auto,
200 .posix_locking = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
205 .mangled_names = true,
207 .follow_symlinks = true,
208 .sync_always = false,
209 .strict_allocate = false,
210 .strict_rename = false,
211 .strict_sync = false,
212 .mangling_char = '~',
214 .delete_readonly = false,
215 .fake_oplocks = false,
216 .delete_veto_files = false,
217 .dos_filemode = false,
218 .dos_filetimes = true,
219 .dos_filetime_resolution = false,
220 .fake_directory_create_times = false,
221 .blocking_locks = true,
222 .inherit_permissions = false,
223 .inherit_acls = false,
224 .inherit_owner = false,
226 .msdfs_shuffle_referrals = false,
227 .use_client_driver = false,
228 .default_devmode = true,
229 .force_printername = false,
230 .nt_acl_support = true,
231 .force_unknown_acl_user = false,
232 ._use_sendfile = false,
233 .profile_acls = false,
234 .map_acl_inherit = false,
237 .acl_check_permissions = true,
238 .acl_map_full_control = true,
239 .acl_group_control = false,
240 .acl_allow_execute_always = false,
241 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
244 .map_readonly = MAP_READONLY_YES,
245 .directory_name_cache_size = 100,
246 .smb_encrypt = SMB_SIGNING_DEFAULT,
247 .kernel_share_modes = true,
248 .durable_handles = true,
253 /* local variables */
254 static struct loadparm_service **ServicePtrs = NULL;
255 static int iNumServices = 0;
256 static int iServiceIndex = 0;
257 static struct db_context *ServiceHash;
258 static bool bInGlobalSection = true;
259 static bool bGlobalOnly = false;
260 static struct file_lists *file_lists = NULL;
261 static unsigned int *flags_list = NULL;
263 static void set_allowed_client_auth(void);
265 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
266 static void free_param_opts(struct parmlist_entry **popts);
269 * Function to return the default value for the maximum number of open
270 * file descriptors permitted. This function tries to consult the
271 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
272 * the smaller of those.
274 static int max_open_files(void)
276 int sysctl_max = MAX_OPEN_FILES;
277 int rlimit_max = MAX_OPEN_FILES;
279 #ifdef HAVE_SYSCTLBYNAME
281 size_t size = sizeof(sysctl_max);
282 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
287 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
293 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
294 rlimit_max = rl.rlim_cur;
296 #if defined(RLIM_INFINITY)
297 if(rl.rlim_cur == RLIM_INFINITY)
298 rlimit_max = MAX_OPEN_FILES;
303 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
304 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
305 "minimum Windows limit (%d)\n",
307 MIN_OPEN_FILES_WINDOWS));
308 sysctl_max = MIN_OPEN_FILES_WINDOWS;
311 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
312 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
313 "minimum Windows limit (%d)\n",
315 MIN_OPEN_FILES_WINDOWS));
316 rlimit_max = MIN_OPEN_FILES_WINDOWS;
319 return MIN(sysctl_max, rlimit_max);
323 * Common part of freeing allocated data for one parameter.
325 static void free_one_parameter_common(void *parm_ptr,
326 struct parm_struct parm)
328 if ((parm.type == P_STRING) ||
329 (parm.type == P_USTRING))
331 lpcfg_string_free((char**)parm_ptr);
332 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
333 TALLOC_FREE(*((char***)parm_ptr));
338 * Free the allocated data for one parameter for a share
339 * given as a service struct.
341 static void free_one_parameter(struct loadparm_service *service,
342 struct parm_struct parm)
346 if (parm.p_class != P_LOCAL) {
350 parm_ptr = lp_parm_ptr(service, &parm);
352 free_one_parameter_common(parm_ptr, parm);
356 * Free the allocated parameter data of a share given
357 * as a service struct.
359 static void free_parameters(struct loadparm_service *service)
363 for (i=0; parm_table[i].label; i++) {
364 free_one_parameter(service, parm_table[i]);
369 * Free the allocated data for one parameter for a given share
370 * specified by an snum.
372 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
377 parm_ptr = lp_parm_ptr(NULL, &parm);
378 } else if (parm.p_class != P_LOCAL) {
381 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
384 free_one_parameter_common(parm_ptr, parm);
388 * Free the allocated parameter data for a share specified
391 static void free_parameters_by_snum(int snum)
395 for (i=0; parm_table[i].label; i++) {
396 free_one_parameter_by_snum(snum, parm_table[i]);
401 * Free the allocated global parameters.
403 static void free_global_parameters(void)
406 struct parm_struct *parm;
408 free_param_opts(&Globals.param_opt);
409 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
411 /* Reset references in the defaults because the context is going to be freed */
412 for (i=0; parm_table[i].label; i++) {
413 parm = &parm_table[i];
414 if ((parm->type == P_STRING) ||
415 (parm->type == P_USTRING)) {
416 if ((parm->def.svalue != NULL) &&
417 (*(parm->def.svalue) != '\0')) {
418 if (talloc_parent(parm->def.svalue) == Globals.ctx) {
419 parm->def.svalue = NULL;
424 TALLOC_FREE(Globals.ctx);
427 struct lp_stored_option {
428 struct lp_stored_option *prev, *next;
433 static struct lp_stored_option *stored_options;
436 save options set by lp_set_cmdline() into a list. This list is
437 re-applied when we do a globals reset, so that cmdline set options
438 are sticky across reloads of smb.conf
440 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
442 struct lp_stored_option *entry, *entry_next;
443 for (entry = stored_options; entry != NULL; entry = entry_next) {
444 entry_next = entry->next;
445 if (strcmp(pszParmName, entry->label) == 0) {
446 DLIST_REMOVE(stored_options, entry);
452 entry = talloc(NULL, struct lp_stored_option);
457 entry->label = talloc_strdup(entry, pszParmName);
463 entry->value = talloc_strdup(entry, pszParmValue);
469 DLIST_ADD_END(stored_options, entry);
474 static bool apply_lp_set_cmdline(void)
476 struct lp_stored_option *entry = NULL;
477 for (entry = stored_options; entry != NULL; entry = entry->next) {
478 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
479 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
480 entry->label, entry->value));
487 /***************************************************************************
488 Initialise the global parameter structure.
489 ***************************************************************************/
491 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
493 static bool done_init = false;
497 /* If requested to initialize only once and we've already done it... */
498 if (!reinit_globals && done_init) {
499 /* ... then we have nothing more to do */
504 /* The logfile can be set before this is invoked. Free it if so. */
505 lpcfg_string_free(&Globals.logfile);
508 free_global_parameters();
511 /* This memset and the free_global_parameters() above will
512 * wipe out smb.conf options set with lp_set_cmdline(). The
513 * apply_lp_set_cmdline() call puts these values back in the
514 * table once the defaults are set */
515 ZERO_STRUCT(Globals);
517 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
519 /* Initialize the flags list if necessary */
520 if (flags_list == NULL) {
524 for (i = 0; parm_table[i].label; i++) {
525 if ((parm_table[i].type == P_STRING ||
526 parm_table[i].type == P_USTRING))
530 (char **)lp_parm_ptr(NULL, &parm_table[i]),
536 lpcfg_string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
537 lpcfg_string_set(Globals.ctx, &sDefault.printjob_username, "%U");
539 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
541 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
543 DEBUG(3, ("Initialising global parameters\n"));
545 /* Must manually force to upper case here, as this does not go via the handler */
546 lpcfg_string_set(Globals.ctx, &Globals.netbios_name,
549 lpcfg_string_set(Globals.ctx, &Globals.smb_passwd_file,
550 get_dyn_SMB_PASSWD_FILE());
551 lpcfg_string_set(Globals.ctx, &Globals.private_dir,
552 get_dyn_PRIVATE_DIR());
554 /* use the new 'hash2' method by default, with a prefix of 1 */
555 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, "hash2");
556 Globals.mangle_prefix = 1;
558 lpcfg_string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
560 /* using UTF8 by default allows us to support all chars */
561 lpcfg_string_set(Globals.ctx, &Globals.unix_charset,
562 DEFAULT_UNIX_CHARSET);
564 /* Use codepage 850 as a default for the dos character set */
565 lpcfg_string_set(Globals.ctx, &Globals.dos_charset,
566 DEFAULT_DOS_CHARSET);
569 * Allow the default PASSWD_CHAT to be overridden in local.h.
571 lpcfg_string_set(Globals.ctx, &Globals.passwd_chat,
572 DEFAULT_PASSWD_CHAT);
574 lpcfg_string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
576 lpcfg_string_set(Globals.ctx, &Globals.passwd_program, "");
577 lpcfg_string_set(Globals.ctx, &Globals.lock_directory,
579 lpcfg_string_set(Globals.ctx, &Globals.state_directory,
581 lpcfg_string_set(Globals.ctx, &Globals.cache_directory,
583 lpcfg_string_set(Globals.ctx, &Globals.pid_directory,
585 lpcfg_string_set(Globals.ctx, &Globals.nbt_client_socket_address,
588 * By default support explicit binding to broadcast
591 Globals.nmbd_bind_explicit_broadcast = true;
593 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
595 smb_panic("init_globals: ENOMEM");
597 lpcfg_string_set(Globals.ctx, &Globals.server_string, s);
600 lpcfg_string_set(Globals.ctx, &Globals.panic_action,
601 "/bin/sleep 999999999");
604 lpcfg_string_set(Globals.ctx, &Globals.socket_options,
605 DEFAULT_SOCKET_OPTIONS);
607 lpcfg_string_set(Globals.ctx, &Globals.logon_drive, "");
608 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
609 lpcfg_string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
610 lpcfg_string_set(Globals.ctx, &Globals.logon_path,
611 "\\\\%N\\%U\\profile");
613 Globals.name_resolve_order = str_list_make_v3_const(NULL, "lmhosts wins host bcast", NULL);
614 lpcfg_string_set(Globals.ctx, &Globals.password_server, "*");
616 Globals.algorithmic_rid_base = BASE_RID;
618 Globals.load_printers = true;
619 Globals.printcap_cache_time = 750; /* 12.5 minutes */
621 Globals.config_backend = config_backend;
622 Globals._server_role = ROLE_AUTO;
624 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
625 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
626 Globals.max_xmit = 0x4104;
627 Globals.max_mux = 50; /* This is *needed* for profile support. */
628 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
629 Globals._disable_spoolss = false;
630 Globals.max_smbd_processes = 0;/* no limit specified */
631 Globals.username_level = 0;
632 Globals.deadtime = 0;
633 Globals.getwd_cache = true;
634 Globals.large_readwrite = true;
635 Globals.max_log_size = 5000;
636 Globals.max_open_files = max_open_files();
637 Globals.server_max_protocol = PROTOCOL_SMB3_11;
638 Globals.server_min_protocol = PROTOCOL_LANMAN1;
639 Globals._client_max_protocol = PROTOCOL_DEFAULT;
640 Globals.client_min_protocol = PROTOCOL_CORE;
641 Globals._security = SEC_AUTO;
642 Globals.encrypt_passwords = true;
643 Globals.client_schannel = Auto;
644 Globals.winbind_sealed_pipes = true;
645 Globals.require_strong_key = true;
646 Globals.server_schannel = Auto;
647 Globals.read_raw = true;
648 Globals.write_raw = true;
649 Globals.null_passwords = false;
650 Globals.old_password_allowed_period = 60;
651 Globals.obey_pam_restrictions = false;
653 Globals.syslog_only = false;
654 Globals.timestamp_logs = true;
655 lpcfg_string_set(Globals.ctx, &Globals.log_level, "0");
656 Globals.debug_prefix_timestamp = false;
657 Globals.debug_hires_timestamp = true;
658 Globals.debug_pid = false;
659 Globals.debug_uid = false;
660 Globals.debug_class = false;
661 Globals.enable_core_files = true;
662 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
663 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
664 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
665 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
666 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
667 Globals.lm_interval = 60;
668 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
669 Globals.nis_homedir = false;
670 #ifdef WITH_NISPLUS_HOME
671 lpcfg_string_set(Globals.ctx, &Globals.homedir_map,
672 "auto_home.org_dir");
674 lpcfg_string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
677 Globals.time_server = false;
678 Globals.bind_interfaces_only = false;
679 Globals.unix_password_sync = false;
680 Globals.pam_password_change = false;
681 Globals.passwd_chat_debug = false;
682 Globals.passwd_chat_timeout = 2; /* 2 second default. */
683 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
684 Globals.nt_status_support = true; /* Use NT status by default. */
685 Globals.smbd_profiling_level = 0;
686 Globals.stat_cache = true; /* use stat cache by default */
687 Globals.max_stat_cache_size = 256; /* 256k by default */
688 Globals.restrict_anonymous = 0;
689 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
690 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
691 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
692 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
693 Globals.raw_ntlmv2_auth = false; /* Reject NTLMv2 without NTLMSSP */
694 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
695 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
697 Globals.map_to_guest = 0; /* By Default, "Never" */
698 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
699 Globals.enhanced_browsing = true;
700 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
701 #ifdef MMAP_BLACKLIST
702 Globals.use_mmap = false;
704 Globals.use_mmap = true;
706 Globals.unicode = true;
707 Globals.unix_extensions = true;
708 Globals.reset_on_zero_vc = false;
709 Globals.log_writeable_files_on_exit = false;
710 Globals.create_krb5_conf = true;
711 Globals._winbind_max_domain_connections = 1;
713 /* hostname lookups can be very expensive and are broken on
714 a large number of sites (tridge) */
715 Globals.hostname_lookups = false;
717 Globals.change_notify = true,
718 Globals.kernel_change_notify = true,
720 lpcfg_string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
721 lpcfg_string_set(Globals.ctx, &Globals.ldap_suffix, "");
722 lpcfg_string_set(Globals.ctx, &Globals._ldap_machine_suffix, "");
723 lpcfg_string_set(Globals.ctx, &Globals._ldap_user_suffix, "");
724 lpcfg_string_set(Globals.ctx, &Globals._ldap_group_suffix, "");
725 lpcfg_string_set(Globals.ctx, &Globals._ldap_idmap_suffix, "");
727 lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
728 Globals.ldap_ssl = LDAP_SSL_START_TLS;
729 Globals.ldap_ssl_ads = false;
730 Globals.ldap_deref = -1;
731 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
732 Globals.ldap_delete_dn = false;
733 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
734 Globals.ldap_follow_referral = Auto;
735 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
736 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
737 Globals.ldap_page_size = LDAP_PAGE_SIZE;
739 Globals.ldap_debug_level = 0;
740 Globals.ldap_debug_threshold = 10;
742 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
744 Globals.ldap_server_require_strong_auth =
745 LDAP_SERVER_REQUIRE_STRONG_AUTH_YES;
747 /* This is what we tell the afs client. in reality we set the token
748 * to never expire, though, when this runs out the afs client will
749 * forget the token. Set to 0 to get NEVERDATE.*/
750 Globals.afs_token_lifetime = 604800;
751 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
753 /* these parameters are set to defaults that are more appropriate
754 for the increasing samba install base:
756 as a member of the workgroup, that will possibly become a
757 _local_ master browser (lm = true). this is opposed to a forced
758 local master browser startup (pm = true).
760 doesn't provide WINS server service by default (wsupp = false),
761 and doesn't provide domain master browser services by default, either.
765 Globals.show_add_printer_wizard = true;
766 Globals.os_level = 20;
767 Globals.local_master = true;
768 Globals._domain_master = Auto; /* depending on _domain_logons */
769 Globals._domain_logons = false;
770 Globals.browse_list = true;
771 Globals.we_are_a_wins_server = false;
772 Globals.wins_proxy = false;
774 TALLOC_FREE(Globals.init_logon_delayed_hosts);
775 Globals.init_logon_delay = 100; /* 100 ms default delay */
777 Globals.wins_dns_proxy = true;
779 Globals.allow_trusted_domains = true;
780 lpcfg_string_set(Globals.ctx, &Globals.idmap_backend, "tdb");
782 lpcfg_string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
783 lpcfg_string_set(Globals.ctx, &Globals.template_homedir,
785 lpcfg_string_set(Globals.ctx, &Globals.winbind_separator, "\\");
786 lpcfg_string_set(Globals.ctx, &Globals.winbindd_socket_directory,
787 dyn_WINBINDD_SOCKET_DIR);
789 lpcfg_string_set(Globals.ctx, &Globals.cups_server, "");
790 lpcfg_string_set(Globals.ctx, &Globals.iprint_server, "");
792 lpcfg_string_set(Globals.ctx, &Globals._ctdbd_socket, "");
794 Globals.cluster_addresses = NULL;
795 Globals.clustering = false;
796 Globals.ctdb_timeout = 0;
797 Globals.ctdb_locktime_warn_threshold = 0;
799 Globals.winbind_cache_time = 300; /* 5 minutes */
800 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
801 Globals.winbind_request_timeout = 60; /* 60 seconds */
802 Globals.winbind_max_clients = 200;
803 Globals.winbind_enum_users = false;
804 Globals.winbind_enum_groups = false;
805 Globals.winbind_use_default_domain = false;
806 Globals.winbind_trusted_domains_only = false;
807 Globals.winbind_nested_groups = true;
808 Globals.winbind_expand_groups = 0;
809 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
810 Globals.winbind_refresh_tickets = false;
811 Globals.winbind_offline_logon = false;
813 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
814 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
816 Globals.passdb_expand_explicit = false;
818 Globals.name_cache_timeout = 660; /* In seconds */
820 Globals.use_spnego = true;
821 Globals.client_use_spnego = true;
823 Globals.client_signing = SMB_SIGNING_DEFAULT;
824 Globals.server_signing = SMB_SIGNING_DEFAULT;
826 Globals.defer_sharing_violations = true;
827 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
829 Globals.enable_privileges = true;
830 Globals.host_msdfs = true;
831 Globals.enable_asu_support = false;
833 /* User defined shares. */
834 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
836 smb_panic("init_globals: ENOMEM");
838 lpcfg_string_set(Globals.ctx, &Globals.usershare_path, s);
840 lpcfg_string_set(Globals.ctx, &Globals.usershare_template_share, "");
841 Globals.usershare_max_shares = 0;
842 /* By default disallow sharing of directories not owned by the sharer. */
843 Globals.usershare_owner_only = true;
844 /* By default disallow guest access to usershares. */
845 Globals.usershare_allow_guests = false;
847 Globals.keepalive = DEFAULT_KEEPALIVE;
849 /* By default no shares out of the registry */
850 Globals.registry_shares = false;
852 Globals.min_receivefile_size = 0;
854 Globals.map_untrusted_to_domain = false;
855 Globals.multicast_dns_register = true;
857 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
858 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
859 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
860 Globals.smb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
861 Globals.smb2_leases = false;
863 lpcfg_string_set(Globals.ctx, &Globals.ncalrpc_dir,
864 get_dyn_NCALRPCDIR());
866 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
868 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
870 Globals.tls_enabled = true;
872 lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
873 lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
874 lpcfg_string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
875 lpcfg_string_set(Globals.ctx, &Globals.tls_priority,
876 "NORMAL:-VERS-SSL3.0");
878 lpcfg_string_set(Globals.ctx, &Globals.share_backend, "classic");
880 Globals._preferred_master = Auto;
882 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
884 lpcfg_string_set(Globals.ctx, &Globals.ntp_signd_socket_directory,
885 get_dyn_NTP_SIGND_SOCKET_DIR());
887 lpcfg_string_set(Globals.ctx,
888 &Globals.winbindd_privileged_socket_directory,
889 get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
891 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
893 smb_panic("init_globals: ENOMEM");
895 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
898 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
900 smb_panic("init_globals: ENOMEM");
902 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
905 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
907 smb_panic("init_globals: ENOMEM");
909 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
912 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
914 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
916 Globals.cldap_port = 389;
918 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
920 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
922 Globals.krb5_port = 88;
924 Globals.kpasswd_port = 464;
926 Globals.web_port = 901;
928 Globals.aio_max_threads = 100;
930 /* Now put back the settings that were set with lp_set_cmdline() */
931 apply_lp_set_cmdline();
934 /* Convenience routine to setup an lp_context with additional s3 variables */
935 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
937 struct loadparm_context *lp_ctx;
939 lp_ctx = loadparm_init_s3(mem_ctx,
940 loadparm_s3_helpers());
941 if (lp_ctx == NULL) {
942 DEBUG(0, ("loadparm_init_s3 failed\n"));
946 lp_ctx->sDefault = &sDefault;
947 lp_ctx->services = NULL; /* We do not want to access this directly */
948 lp_ctx->bInGlobalSection = bInGlobalSection;
949 lp_ctx->flags = flags_list;
954 /*******************************************************************
955 Convenience routine to grab string parameters into talloced memory
956 and run standard_sub_basic on them. The buffers can be written to by
957 callers without affecting the source string.
958 ********************************************************************/
960 char *lp_string(TALLOC_CTX *ctx, const char *s)
964 /* The follow debug is useful for tracking down memory problems
965 especially if you have an inner loop that is calling a lp_*()
966 function that returns a string. Perhaps this debug should be
967 present all the time? */
970 DEBUG(10, ("lp_string(%s)\n", s));
976 ret = talloc_sub_basic(ctx,
977 get_current_username(),
978 current_user_info.domain,
980 if (trim_char(ret, '\"', '\"')) {
981 if (strchr(ret,'\"') != NULL) {
983 ret = talloc_sub_basic(ctx,
984 get_current_username(),
985 current_user_info.domain,
993 In this section all the functions that are used to access the
994 parameters from the rest of the program are defined
997 #define FN_GLOBAL_STRING(fn_name,ptr) \
998 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
999 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1000 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1001 #define FN_GLOBAL_LIST(fn_name,ptr) \
1002 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1003 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1004 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1005 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1006 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1007 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1008 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1010 #define FN_LOCAL_STRING(fn_name,val) \
1011 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1012 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1013 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1014 #define FN_LOCAL_LIST(fn_name,val) \
1015 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1016 #define FN_LOCAL_BOOL(fn_name,val) \
1017 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1018 #define FN_LOCAL_INTEGER(fn_name,val) \
1019 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1021 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1022 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1023 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1024 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1025 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1026 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1028 int lp_winbind_max_domain_connections(void)
1030 if (lp_winbind_offline_logon() &&
1031 lp__winbind_max_domain_connections() > 1) {
1032 DEBUG(1, ("offline logons active, restricting max domain "
1033 "connections to 1\n"));
1036 return MAX(1, lp__winbind_max_domain_connections());
1039 /* These functions remain in source3/param for now */
1041 #include "lib/param/param_functions.c"
1043 FN_LOCAL_STRING(servicename, szService)
1044 FN_LOCAL_CONST_STRING(const_servicename, szService)
1046 /* These functions cannot be auto-generated */
1047 FN_LOCAL_BOOL(autoloaded, autoloaded)
1048 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1050 /* local prototypes */
1052 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1053 static const char *get_boolean(bool bool_value);
1054 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1056 static bool hash_a_service(const char *name, int number);
1057 static void free_service_byindex(int iService);
1058 static void show_parameter(int parmIndex);
1059 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1062 * This is a helper function for parametrical options support. It returns a
1063 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1064 * parametrical functions are quite simple
1066 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1069 if (snum >= iNumServices) return NULL;
1072 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1074 return get_parametric_helper(ServicePtrs[snum],
1075 type, option, Globals.param_opt);
1079 static void discard_whitespace(char *str)
1081 size_t len = strlen(str);
1085 if (isspace(str[i])) {
1086 memmove(&str[i], &str[i+1], len-i);
1095 * @brief Go through all global parametric parameters
1097 * @param regex_str A regular expression to scan param for
1098 * @param max_matches Max number of submatches the regexp expects
1099 * @param cb Function to call on match. Should return true
1100 * when it wants wi_scan_global_parametrics to stop
1102 * @param private_data Anonymous pointer passed to cb
1104 * @return 0: success, regcomp/regexec return value on error.
1105 * See "man regexec" for possible errors
1108 int lp_wi_scan_global_parametrics(
1109 const char *regex_str, size_t max_matches,
1110 bool (*cb)(const char *string, regmatch_t matches[],
1111 void *private_data),
1114 struct parmlist_entry *data;
1118 ret = regcomp(®ex, regex_str, REG_ICASE);
1123 for (data = Globals.param_opt; data != NULL; data = data->next) {
1124 size_t keylen = strlen(data->key);
1126 regmatch_t matches[max_matches];
1129 memcpy(key, data->key, sizeof(key));
1130 discard_whitespace(key);
1132 ret = regexec(®ex, key, max_matches, matches, 0);
1133 if (ret == REG_NOMATCH) {
1140 stop = cb(key, matches, private_data);
1153 #define MISSING_PARAMETER(name) \
1154 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1156 /*******************************************************************
1157 convenience routine to return enum parameters.
1158 ********************************************************************/
1159 static int lp_enum(const char *s,const struct enum_list *_enum)
1163 if (!s || !*s || !_enum) {
1164 MISSING_PARAMETER(lp_enum);
1168 for (i=0; _enum[i].name; i++) {
1169 if (strequal(_enum[i].name,s))
1170 return _enum[i].value;
1173 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1177 #undef MISSING_PARAMETER
1179 /* Return parametric option from a given service. Type is a part of option before ':' */
1180 /* Parametric option has following syntax: 'Type: option = value' */
1181 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1183 struct parmlist_entry *data = get_parametrics(snum, type, option);
1185 if (data == NULL||data->value==NULL) {
1187 return lp_string(ctx, def);
1193 return lp_string(ctx, data->value);
1196 /* Return parametric option from a given service. Type is a part of option before ':' */
1197 /* Parametric option has following syntax: 'Type: option = value' */
1198 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1200 struct parmlist_entry *data = get_parametrics(snum, type, option);
1202 if (data == NULL||data->value==NULL)
1209 /* Return parametric option from a given service. Type is a part of option before ':' */
1210 /* Parametric option has following syntax: 'Type: option = value' */
1212 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1214 struct parmlist_entry *data = get_parametrics(snum, type, option);
1216 if (data == NULL||data->value==NULL)
1217 return (const char **)def;
1219 if (data->list==NULL) {
1220 data->list = str_list_make_v3(NULL, data->value, NULL);
1223 return discard_const_p(const char *, data->list);
1226 /* Return parametric option from a given service. Type is a part of option before ':' */
1227 /* Parametric option has following syntax: 'Type: option = value' */
1229 int lp_parm_int(int snum, const char *type, const char *option, int def)
1231 struct parmlist_entry *data = get_parametrics(snum, type, option);
1233 if (data && data->value && *data->value)
1234 return lp_int(data->value);
1239 /* Return parametric option from a given service. Type is a part of option before ':' */
1240 /* Parametric option has following syntax: 'Type: option = value' */
1242 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1244 struct parmlist_entry *data = get_parametrics(snum, type, option);
1246 if (data && data->value && *data->value)
1247 return lp_ulong(data->value);
1252 /* Return parametric option from a given service. Type is a part of option before ':' */
1253 /* Parametric option has following syntax: 'Type: option = value' */
1255 unsigned long long lp_parm_ulonglong(int snum, const char *type,
1256 const char *option, unsigned long long def)
1258 struct parmlist_entry *data = get_parametrics(snum, type, option);
1260 if (data && data->value && *data->value) {
1261 return lp_ulonglong(data->value);
1267 /* Return parametric option from a given service. Type is a part of option
1269 /* Parametric option has following syntax: 'Type: option = value' */
1271 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1273 struct parmlist_entry *data = get_parametrics(snum, type, option);
1275 if (data && data->value && *data->value)
1276 return lp_bool(data->value);
1281 /* Return parametric option from a given service. Type is a part of option before ':' */
1282 /* Parametric option has following syntax: 'Type: option = value' */
1284 int lp_parm_enum(int snum, const char *type, const char *option,
1285 const struct enum_list *_enum, int def)
1287 struct parmlist_entry *data = get_parametrics(snum, type, option);
1289 if (data && data->value && *data->value && _enum)
1290 return lp_enum(data->value, _enum);
1296 * free a param_opts structure.
1297 * param_opts handling should be moved to talloc;
1298 * then this whole functions reduces to a TALLOC_FREE().
1301 static void free_param_opts(struct parmlist_entry **popts)
1303 struct parmlist_entry *opt, *next_opt;
1305 if (*popts != NULL) {
1306 DEBUG(5, ("Freeing parametrics:\n"));
1309 while (opt != NULL) {
1310 lpcfg_string_free(&opt->key);
1311 lpcfg_string_free(&opt->value);
1312 TALLOC_FREE(opt->list);
1313 next_opt = opt->next;
1320 /***************************************************************************
1321 Free the dynamically allocated parts of a service struct.
1322 ***************************************************************************/
1324 static void free_service(struct loadparm_service *pservice)
1329 if (pservice->szService)
1330 DEBUG(5, ("free_service: Freeing service %s\n",
1331 pservice->szService));
1333 free_parameters(pservice);
1335 lpcfg_string_free(&pservice->szService);
1336 TALLOC_FREE(pservice->copymap);
1338 free_param_opts(&pservice->param_opt);
1340 ZERO_STRUCTP(pservice);
1344 /***************************************************************************
1345 remove a service indexed in the ServicePtrs array from the ServiceHash
1346 and free the dynamically allocated parts
1347 ***************************************************************************/
1349 static void free_service_byindex(int idx)
1351 if ( !LP_SNUM_OK(idx) )
1354 ServicePtrs[idx]->valid = false;
1356 /* we have to cleanup the hash record */
1358 if (ServicePtrs[idx]->szService) {
1359 char *canon_name = canonicalize_servicename(
1361 ServicePtrs[idx]->szService );
1363 dbwrap_delete_bystring(ServiceHash, canon_name );
1364 TALLOC_FREE(canon_name);
1367 free_service(ServicePtrs[idx]);
1368 TALLOC_FREE(ServicePtrs[idx]);
1371 /***************************************************************************
1372 Add a new service to the services array initialising it with the given
1374 ***************************************************************************/
1376 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1379 struct loadparm_service **tsp = NULL;
1381 /* it might already exist */
1383 i = getservicebyname(name, NULL);
1389 /* Re use empty slots if any before allocating new one.*/
1390 for (i=0; i < iNumServices; i++) {
1391 if (ServicePtrs[i] == NULL) {
1395 if (i == iNumServices) {
1396 /* if not, then create one */
1397 tsp = talloc_realloc(NULL, ServicePtrs,
1398 struct loadparm_service *,
1401 DEBUG(0, ("add_a_service: failed to enlarge "
1408 ServicePtrs[i] = talloc_zero(ServicePtrs, struct loadparm_service);
1409 if (!ServicePtrs[i]) {
1410 DEBUG(0,("add_a_service: out of memory!\n"));
1414 ServicePtrs[i]->valid = true;
1416 copy_service(ServicePtrs[i], pservice, NULL);
1418 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->szService,
1421 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1422 i, ServicePtrs[i]->szService));
1424 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1431 /***************************************************************************
1432 Convert a string to uppercase and remove whitespaces.
1433 ***************************************************************************/
1435 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1440 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1444 result = talloc_strdup(ctx, src);
1445 SMB_ASSERT(result != NULL);
1447 if (!strlower_m(result)) {
1448 TALLOC_FREE(result);
1454 /***************************************************************************
1455 Add a name/index pair for the services array to the hash table.
1456 ***************************************************************************/
1458 static bool hash_a_service(const char *name, int idx)
1462 if ( !ServiceHash ) {
1463 DEBUG(10,("hash_a_service: creating servicehash\n"));
1464 ServiceHash = db_open_rbt(NULL);
1465 if ( !ServiceHash ) {
1466 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1471 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1474 canon_name = canonicalize_servicename(talloc_tos(), name );
1476 dbwrap_store_bystring(ServiceHash, canon_name,
1477 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1480 TALLOC_FREE(canon_name);
1485 /***************************************************************************
1486 Add a new home service, with the specified home directory, defaults coming
1488 ***************************************************************************/
1490 bool lp_add_home(const char *pszHomename, int iDefaultService,
1491 const char *user, const char *pszHomedir)
1495 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1496 pszHomedir[0] == '\0') {
1500 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1505 if (!(*(ServicePtrs[iDefaultService]->path))
1506 || strequal(ServicePtrs[iDefaultService]->path,
1507 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1508 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
1512 if (!(*(ServicePtrs[i]->comment))) {
1513 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1514 if (comment == NULL) {
1517 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment,
1519 TALLOC_FREE(comment);
1522 /* set the browseable flag from the global default */
1524 ServicePtrs[i]->browseable = sDefault.browseable;
1525 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1527 ServicePtrs[i]->autoloaded = true;
1529 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1530 user, ServicePtrs[i]->path ));
1535 /***************************************************************************
1536 Add a new service, based on an old one.
1537 ***************************************************************************/
1539 int lp_add_service(const char *pszService, int iDefaultService)
1541 if (iDefaultService < 0) {
1542 return add_a_service(&sDefault, pszService);
1545 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1548 /***************************************************************************
1549 Add the IPC service.
1550 ***************************************************************************/
1552 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1554 char *comment = NULL;
1555 int i = add_a_service(&sDefault, ipc_name);
1560 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1561 Globals.server_string);
1562 if (comment == NULL) {
1566 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1567 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1568 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1569 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1570 ServicePtrs[i]->max_connections = 0;
1571 ServicePtrs[i]->available = true;
1572 ServicePtrs[i]->read_only = true;
1573 ServicePtrs[i]->guest_only = false;
1574 ServicePtrs[i]->administrative_share = true;
1575 ServicePtrs[i]->guest_ok = guest_ok;
1576 ServicePtrs[i]->printable = false;
1577 ServicePtrs[i]->browseable = sDefault.browseable;
1578 ServicePtrs[i]->autoloaded = true;
1580 DEBUG(3, ("adding IPC service\n"));
1582 TALLOC_FREE(comment);
1586 /***************************************************************************
1587 Add a new printer service, with defaults coming from service iFrom.
1588 ***************************************************************************/
1590 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1592 const char *comment = "From Printcap";
1593 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1598 /* note that we do NOT default the availability flag to true - */
1599 /* we take it from the default service passed. This allows all */
1600 /* dynamic printers to be disabled by disabling the [printers] */
1601 /* entry (if/when the 'available' keyword is implemented!). */
1603 /* the printer name is set to the service name. */
1604 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->_printername,
1606 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1608 /* set the browseable flag from the gloabl default */
1609 ServicePtrs[i]->browseable = sDefault.browseable;
1611 /* Printers cannot be read_only. */
1612 ServicePtrs[i]->read_only = false;
1613 /* No oplocks on printer services. */
1614 ServicePtrs[i]->oplocks = false;
1615 /* Printer services must be printable. */
1616 ServicePtrs[i]->printable = true;
1618 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1624 /***************************************************************************
1625 Check whether the given parameter name is valid.
1626 Parametric options (names containing a colon) are considered valid.
1627 ***************************************************************************/
1629 bool lp_parameter_is_valid(const char *pszParmName)
1631 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1632 (strchr(pszParmName, ':') != NULL));
1635 /***************************************************************************
1636 Check whether the given name is the name of a global parameter.
1637 Returns true for strings belonging to parameters of class
1638 P_GLOBAL, false for all other strings, also for parametric options
1639 and strings not belonging to any option.
1640 ***************************************************************************/
1642 bool lp_parameter_is_global(const char *pszParmName)
1644 int num = lpcfg_map_parameter(pszParmName);
1647 return (parm_table[num].p_class == P_GLOBAL);
1653 /**************************************************************************
1654 Determine the canonical name for a parameter.
1655 Indicate when it is an inverse (boolean) synonym instead of a
1657 **************************************************************************/
1659 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1664 if (!lp_parameter_is_valid(parm_name)) {
1669 num = map_parameter_canonical(parm_name, inverse);
1671 /* parametric option */
1672 *canon_parm = parm_name;
1674 *canon_parm = parm_table[num].label;
1681 /**************************************************************************
1682 Determine the canonical name for a parameter.
1683 Turn the value given into the inverse boolean expression when
1684 the synonym is an invers boolean synonym.
1686 Return true if parm_name is a valid parameter name and
1687 in case it is an invers boolean synonym, if the val string could
1688 successfully be converted to the reverse bool.
1689 Return false in all other cases.
1690 **************************************************************************/
1692 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1694 const char **canon_parm,
1695 const char **canon_val)
1700 if (!lp_parameter_is_valid(parm_name)) {
1706 num = map_parameter_canonical(parm_name, &inverse);
1708 /* parametric option */
1709 *canon_parm = parm_name;
1712 *canon_parm = parm_table[num].label;
1714 if (!lp_invert_boolean(val, canon_val)) {
1726 /***************************************************************************
1727 Map a parameter's string representation to the index of the canonical
1728 form of the parameter (it might be a synonym).
1729 Returns -1 if the parameter string is not recognised.
1730 ***************************************************************************/
1732 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1734 int parm_num, canon_num;
1735 bool loc_inverse = false;
1737 parm_num = lpcfg_map_parameter(pszParmName);
1738 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1739 /* invalid, parametric or no canidate for synonyms ... */
1743 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1744 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1745 parm_num = canon_num;
1751 if (inverse != NULL) {
1752 *inverse = loc_inverse;
1757 /***************************************************************************
1758 return true if parameter number parm1 is a synonym of parameter
1759 number parm2 (parm2 being the principal name).
1760 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1762 ***************************************************************************/
1764 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1766 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1767 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1768 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1769 !(parm_table[parm2].flags & FLAG_SYNONYM))
1771 if (inverse != NULL) {
1772 if ((parm_table[parm1].type == P_BOOLREV) &&
1773 (parm_table[parm2].type == P_BOOL))
1785 /***************************************************************************
1786 Show one parameter's name, type, [values,] and flags.
1787 (helper functions for show_parameter_list)
1788 ***************************************************************************/
1790 static void show_parameter(int parmIndex)
1792 int enumIndex, flagIndex;
1797 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1798 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1799 "P_ENUM", "P_BYTES", "P_CMDLIST" };
1800 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1801 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1803 printf("%s=%s", parm_table[parmIndex].label,
1804 type[parm_table[parmIndex].type]);
1805 if (parm_table[parmIndex].type == P_ENUM) {
1808 parm_table[parmIndex].enum_list[enumIndex].name;
1812 enumIndex ? "|" : "",
1813 parm_table[parmIndex].enum_list[enumIndex].name);
1818 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1819 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1822 flag_names[flagIndex]);
1827 /* output synonyms */
1829 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1830 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1831 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1832 parm_table[parmIndex2].label);
1833 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1835 printf(" (synonyms: ");
1840 printf("%s%s", parm_table[parmIndex2].label,
1841 inverse ? "[i]" : "");
1851 /***************************************************************************
1852 Show all parameter's name, type, [values,] and flags.
1853 ***************************************************************************/
1855 void show_parameter_list(void)
1857 int classIndex, parmIndex;
1858 const char *section_names[] = { "local", "global", NULL};
1860 for (classIndex=0; section_names[classIndex]; classIndex++) {
1861 printf("[%s]\n", section_names[classIndex]);
1862 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1863 if (parm_table[parmIndex].p_class == classIndex) {
1864 show_parameter(parmIndex);
1870 /***************************************************************************
1871 Get the standard string representation of a boolean value ("yes" or "no")
1872 ***************************************************************************/
1874 static const char *get_boolean(bool bool_value)
1876 static const char *yes_str = "yes";
1877 static const char *no_str = "no";
1879 return (bool_value ? yes_str : no_str);
1882 /***************************************************************************
1883 Provide the string of the negated boolean value associated to the boolean
1884 given as a string. Returns false if the passed string does not correctly
1885 represent a boolean.
1886 ***************************************************************************/
1888 bool lp_invert_boolean(const char *str, const char **inverse_str)
1892 if (!set_boolean(str, &val)) {
1896 *inverse_str = get_boolean(!val);
1900 /***************************************************************************
1901 Provide the canonical string representation of a boolean value given
1902 as a string. Return true on success, false if the string given does
1903 not correctly represent a boolean.
1904 ***************************************************************************/
1906 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1910 if (!set_boolean(str, &val)) {
1914 *canon_str = get_boolean(val);
1918 /***************************************************************************
1919 Find a service by name. Otherwise works like get_service.
1920 ***************************************************************************/
1922 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1929 if (ServiceHash == NULL) {
1933 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1935 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1938 if (NT_STATUS_IS_OK(status) &&
1939 (data.dptr != NULL) &&
1940 (data.dsize == sizeof(iService)))
1942 iService = *(int *)data.dptr;
1945 TALLOC_FREE(canon_name);
1947 if ((iService != -1) && (LP_SNUM_OK(iService))
1948 && (pserviceDest != NULL)) {
1949 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1955 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1956 struct loadparm_service *lp_service(const char *pszServiceName)
1958 int iService = getservicebyname(pszServiceName, NULL);
1959 if (iService == -1 || !LP_SNUM_OK(iService)) {
1962 return ServicePtrs[iService];
1965 struct loadparm_service *lp_servicebynum(int snum)
1967 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1970 return ServicePtrs[snum];
1973 struct loadparm_service *lp_default_loadparm_service()
1978 static struct smbconf_ctx *lp_smbconf_ctx(void)
1981 static struct smbconf_ctx *conf_ctx = NULL;
1983 if (conf_ctx == NULL) {
1984 err = smbconf_init(NULL, &conf_ctx, "registry:");
1985 if (!SBC_ERROR_IS_OK(err)) {
1986 DEBUG(1, ("error initializing registry configuration: "
1987 "%s\n", sbcErrorString(err)));
1995 static bool process_smbconf_service(struct smbconf_service *service)
2000 if (service == NULL) {
2004 ret = lp_do_section(service->name, NULL);
2008 for (count = 0; count < service->num_params; count++) {
2010 if (!bInGlobalSection && bGlobalOnly) {
2013 const char *pszParmName = service->param_names[count];
2014 const char *pszParmValue = service->param_values[count];
2016 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2018 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2019 pszParmName, pszParmValue);
2026 if (iServiceIndex >= 0) {
2027 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2033 * load a service from registry and activate it
2035 bool process_registry_service(const char *service_name)
2038 struct smbconf_service *service = NULL;
2039 TALLOC_CTX *mem_ctx = talloc_stackframe();
2040 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2043 if (conf_ctx == NULL) {
2047 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2049 if (!smbconf_share_exists(conf_ctx, service_name)) {
2051 * Registry does not contain data for this service (yet),
2052 * but make sure lp_load doesn't return false.
2058 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2059 if (!SBC_ERROR_IS_OK(err)) {
2063 ret = process_smbconf_service(service);
2069 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2072 TALLOC_FREE(mem_ctx);
2077 * process_registry_globals
2079 static bool process_registry_globals(void)
2083 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2085 if (!bInGlobalSection && bGlobalOnly) {
2088 const char *pszParmName = "registry shares";
2089 const char *pszParmValue = "yes";
2091 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2093 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2094 pszParmName, pszParmValue);
2101 return process_registry_service(GLOBAL_NAME);
2104 bool process_registry_shares(void)
2108 struct smbconf_service **service = NULL;
2109 uint32_t num_shares = 0;
2110 TALLOC_CTX *mem_ctx = talloc_stackframe();
2111 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2114 if (conf_ctx == NULL) {
2118 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2119 if (!SBC_ERROR_IS_OK(err)) {
2125 for (count = 0; count < num_shares; count++) {
2126 if (strequal(service[count]->name, GLOBAL_NAME)) {
2129 ret = process_smbconf_service(service[count]);
2136 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2139 TALLOC_FREE(mem_ctx);
2144 * reload those shares from registry that are already
2145 * activated in the services array.
2147 static bool reload_registry_shares(void)
2152 for (i = 0; i < iNumServices; i++) {
2157 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2161 ret = process_registry_service(ServicePtrs[i]->szService);
2172 #define MAX_INCLUDE_DEPTH 100
2174 static uint8_t include_depth;
2177 * Free the file lists
2179 static void free_file_list(void)
2181 struct file_lists *f;
2182 struct file_lists *next;
2195 * Utility function for outsiders to check if we're running on registry.
2197 bool lp_config_backend_is_registry(void)
2199 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2203 * Utility function to check if the config backend is FILE.
2205 bool lp_config_backend_is_file(void)
2207 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2210 /*******************************************************************
2211 Check if a config file has changed date.
2212 ********************************************************************/
2214 bool lp_file_list_changed(void)
2216 struct file_lists *f = file_lists;
2218 DEBUG(6, ("lp_file_list_changed()\n"));
2221 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2222 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2224 if (conf_ctx == NULL) {
2227 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2230 DEBUGADD(6, ("registry config changed\n"));
2237 n2 = talloc_sub_basic(talloc_tos(),
2238 get_current_username(),
2239 current_user_info.domain,
2244 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2245 f->name, n2, ctime(&f->modtime)));
2247 mod_time = file_modtime(n2);
2250 ((f->modtime != mod_time) ||
2251 (f->subfname == NULL) ||
2252 (strcmp(n2, f->subfname) != 0)))
2255 ("file %s modified: %s\n", n2,
2257 f->modtime = mod_time;
2258 TALLOC_FREE(f->subfname);
2259 f->subfname = talloc_strdup(f, n2);
2260 if (f->subfname == NULL) {
2261 smb_panic("talloc_strdup failed");
2275 * Initialize iconv conversion descriptors.
2277 * This is called the first time it is needed, and also called again
2278 * every time the configuration is reloaded, because the charset or
2279 * codepage might have changed.
2281 static void init_iconv(void)
2283 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2285 true, global_iconv_handle);
2288 /***************************************************************************
2289 Handle the include operation.
2290 ***************************************************************************/
2291 static bool bAllowIncludeRegistry = true;
2293 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2294 const char *pszParmValue, char **ptr)
2298 if (include_depth >= MAX_INCLUDE_DEPTH) {
2299 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2304 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2305 if (!bAllowIncludeRegistry) {
2308 if (lp_ctx->bInGlobalSection) {
2311 ret = process_registry_globals();
2315 DEBUG(1, ("\"include = registry\" only effective "
2316 "in %s section\n", GLOBAL_NAME));
2321 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2322 current_user_info.domain,
2325 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2327 if (service == NULL) {
2328 lpcfg_string_set(Globals.ctx, ptr, fname);
2330 lpcfg_string_set(service, ptr, fname);
2333 if (file_exist(fname)) {
2336 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2342 DEBUG(2, ("Can't find include file %s\n", fname));
2347 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2349 char *config_option = NULL;
2350 const char *range = NULL;
2353 SMB_ASSERT(low != NULL);
2354 SMB_ASSERT(high != NULL);
2356 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2360 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2362 if (config_option == NULL) {
2363 DEBUG(0, ("out of memory\n"));
2367 range = lp_parm_const_string(-1, config_option, "range", NULL);
2368 if (range == NULL) {
2369 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2373 if (sscanf(range, "%u - %u", low, high) != 2) {
2374 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2375 range, domain_name));
2382 talloc_free(config_option);
2387 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2389 return lp_idmap_range("*", low, high);
2392 const char *lp_idmap_backend(const char *domain_name)
2394 char *config_option = NULL;
2395 const char *backend = NULL;
2397 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2401 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2403 if (config_option == NULL) {
2404 DEBUG(0, ("out of memory\n"));
2408 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2409 if (backend == NULL) {
2410 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2415 talloc_free(config_option);
2419 const char *lp_idmap_default_backend(void)
2421 return lp_idmap_backend("*");
2424 /***************************************************************************
2425 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2426 ***************************************************************************/
2428 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2430 const char *suffix_string;
2432 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2433 Globals.ldap_suffix );
2434 if ( !suffix_string ) {
2435 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2439 return suffix_string;
2442 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2444 if (Globals._ldap_machine_suffix[0])
2445 return append_ldap_suffix(ctx, Globals._ldap_machine_suffix);
2447 return lp_string(ctx, Globals.ldap_suffix);
2450 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2452 if (Globals._ldap_user_suffix[0])
2453 return append_ldap_suffix(ctx, Globals._ldap_user_suffix);
2455 return lp_string(ctx, Globals.ldap_suffix);
2458 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2460 if (Globals._ldap_group_suffix[0])
2461 return append_ldap_suffix(ctx, Globals._ldap_group_suffix);
2463 return lp_string(ctx, Globals.ldap_suffix);
2466 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2468 if (Globals._ldap_idmap_suffix[0])
2469 return append_ldap_suffix(ctx, Globals._ldap_idmap_suffix);
2471 return lp_string(ctx, Globals.ldap_suffix);
2475 return the parameter pointer for a parameter
2477 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2479 if (service == NULL) {
2480 if (parm->p_class == P_LOCAL)
2481 return (void *)(((char *)&sDefault)+parm->offset);
2482 else if (parm->p_class == P_GLOBAL)
2483 return (void *)(((char *)&Globals)+parm->offset);
2486 return (void *)(((char *)service) + parm->offset);
2490 /***************************************************************************
2491 Process a parameter for a particular service number. If snum < 0
2492 then assume we are in the globals.
2493 ***************************************************************************/
2495 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2497 TALLOC_CTX *frame = talloc_stackframe();
2498 struct loadparm_context *lp_ctx;
2501 lp_ctx = setup_lp_context(frame);
2502 if (lp_ctx == NULL) {
2508 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2510 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2511 pszParmName, pszParmValue);
2519 /***************************************************************************
2520 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2521 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2522 ***************************************************************************/
2524 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2527 parmnum = lpcfg_map_parameter(pszParmName);
2529 flags_list[parmnum] &= ~FLAG_CMDLINE;
2530 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2533 flags_list[parmnum] |= FLAG_CMDLINE;
2535 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2536 * be grouped in the table, so we don't have to search the
2539 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2540 && parm_table[i].p_class == parm_table[parmnum].p_class;
2542 flags_list[i] |= FLAG_CMDLINE;
2544 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2545 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2546 flags_list[i] |= FLAG_CMDLINE;
2552 /* it might be parametric */
2553 if (strchr(pszParmName, ':') != NULL) {
2554 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2558 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2562 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2565 TALLOC_CTX *frame = talloc_stackframe();
2566 struct loadparm_context *lp_ctx;
2568 lp_ctx = setup_lp_context(frame);
2569 if (lp_ctx == NULL) {
2574 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2580 /***************************************************************************
2581 Process a parameter.
2582 ***************************************************************************/
2584 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2587 if (!bInGlobalSection && bGlobalOnly)
2590 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2592 if (bInGlobalSection) {
2593 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2595 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2596 pszParmName, pszParmValue);
2600 /***************************************************************************
2601 Initialize any local variables in the sDefault table, after parsing a
2603 ***************************************************************************/
2605 static void init_locals(void)
2608 * We run this check once the [globals] is parsed, to force
2609 * the VFS objects and other per-share settings we need for
2610 * the standard way a AD DC is operated. We may change these
2611 * as our code evolves, which is why we force these settings.
2613 * We can't do this at the end of lp_load_ex(), as by that
2614 * point the services have been loaded and they will already
2615 * have "" as their vfs objects.
2617 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2618 const char **vfs_objects = lp_vfs_objects(-1);
2619 if (!vfs_objects || !vfs_objects[0]) {
2620 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2621 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2622 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2623 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2625 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2629 lp_do_parameter(-1, "map hidden", "no");
2630 lp_do_parameter(-1, "map system", "no");
2631 lp_do_parameter(-1, "map readonly", "no");
2632 lp_do_parameter(-1, "map archive", "no");
2633 lp_do_parameter(-1, "store dos attributes", "yes");
2637 /***************************************************************************
2638 Process a new section (service). At this stage all sections are services.
2639 Later we'll have special sections that permit server parameters to be set.
2640 Returns true on success, false on failure.
2641 ***************************************************************************/
2643 bool lp_do_section(const char *pszSectionName, void *userdata)
2645 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2647 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2648 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2651 /* if we were in a global section then do the local inits */
2652 if (bInGlobalSection && !isglobal)
2655 /* if we've just struck a global section, note the fact. */
2656 bInGlobalSection = isglobal;
2657 if (lp_ctx != NULL) {
2658 lp_ctx->bInGlobalSection = isglobal;
2661 /* check for multiple global sections */
2662 if (bInGlobalSection) {
2663 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2667 if (!bInGlobalSection && bGlobalOnly)
2670 /* if we have a current service, tidy it up before moving on */
2673 if (iServiceIndex >= 0)
2674 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2676 /* if all is still well, move to the next record in the services array */
2678 /* We put this here to avoid an odd message order if messages are */
2679 /* issued by the post-processing of a previous section. */
2680 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2682 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2683 if (iServiceIndex < 0) {
2684 DEBUG(0, ("Failed to add a new service\n"));
2687 /* Clean all parametric options for service */
2688 /* They will be added during parsing again */
2689 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2695 /***************************************************************************
2696 Display the contents of a parameter of a single services record.
2697 ***************************************************************************/
2699 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2701 bool result = false;
2702 struct loadparm_context *lp_ctx;
2704 lp_ctx = setup_lp_context(talloc_tos());
2705 if (lp_ctx == NULL) {
2710 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2712 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2714 TALLOC_FREE(lp_ctx);
2719 /***************************************************************************
2720 Display the contents of a single copy structure.
2721 ***************************************************************************/
2722 static void dump_copy_map(bool *pcopymap)
2728 printf("\n\tNon-Copied parameters:\n");
2730 for (i = 0; parm_table[i].label; i++)
2731 if (parm_table[i].p_class == P_LOCAL &&
2732 parm_table[i].ptr && !pcopymap[i] &&
2733 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2735 printf("\t\t%s\n", parm_table[i].label);
2740 /***************************************************************************
2741 Return TRUE if the passed service number is within range.
2742 ***************************************************************************/
2744 bool lp_snum_ok(int iService)
2746 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->available);
2749 /***************************************************************************
2750 Auto-load some home services.
2751 ***************************************************************************/
2753 static void lp_add_auto_services(char *str)
2763 s = talloc_strdup(talloc_tos(), str);
2765 smb_panic("talloc_strdup failed");
2769 homes = lp_servicenumber(HOMES_NAME);
2771 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2772 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2775 if (lp_servicenumber(p) >= 0)
2778 home = get_user_home_dir(talloc_tos(), p);
2780 if (home && home[0] && homes >= 0)
2781 lp_add_home(p, homes, p, home);
2788 /***************************************************************************
2789 Auto-load one printer.
2790 ***************************************************************************/
2792 void lp_add_one_printer(const char *name, const char *comment,
2793 const char *location, void *pdata)
2795 int printers = lp_servicenumber(PRINTERS_NAME);
2798 if (lp_servicenumber(name) < 0) {
2799 lp_add_printer(name, printers);
2800 if ((i = lp_servicenumber(name)) >= 0) {
2801 lpcfg_string_set(ServicePtrs[i],
2802 &ServicePtrs[i]->comment, comment);
2803 ServicePtrs[i]->autoloaded = true;
2808 /***************************************************************************
2809 Have we loaded a services file yet?
2810 ***************************************************************************/
2812 bool lp_loaded(void)
2817 /***************************************************************************
2818 Unload unused services.
2819 ***************************************************************************/
2821 void lp_killunused(struct smbd_server_connection *sconn,
2822 bool (*snumused) (struct smbd_server_connection *, int))
2825 for (i = 0; i < iNumServices; i++) {
2829 /* don't kill autoloaded or usershare services */
2830 if ( ServicePtrs[i]->autoloaded ||
2831 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2835 if (!snumused || !snumused(sconn, i)) {
2836 free_service_byindex(i);
2842 * Kill all except autoloaded and usershare services - convenience wrapper
2844 void lp_kill_all_services(void)
2846 lp_killunused(NULL, NULL);
2849 /***************************************************************************
2851 ***************************************************************************/
2853 void lp_killservice(int iServiceIn)
2855 if (VALID(iServiceIn)) {
2856 free_service_byindex(iServiceIn);
2860 /***************************************************************************
2861 Save the curent values of all global and sDefault parameters into the
2862 defaults union. This allows testparm to show only the
2863 changed (ie. non-default) parameters.
2864 ***************************************************************************/
2866 static void lp_save_defaults(void)
2869 struct parmlist_entry * parm;
2870 for (i = 0; parm_table[i].label; i++) {
2871 if (!(flags_list[i] & FLAG_CMDLINE)) {
2872 flags_list[i] |= FLAG_DEFAULT;
2875 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2876 && parm_table[i].p_class == parm_table[i - 1].p_class)
2878 switch (parm_table[i].type) {
2881 parm_table[i].def.lvalue = str_list_copy(
2882 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2888 &parm_table[i].def.svalue,
2889 *(char **)lp_parm_ptr(
2890 NULL, &parm_table[i]));
2891 if (parm_table[i].def.svalue == NULL) {
2892 smb_panic("lpcfg_string_set() failed");
2897 parm_table[i].def.bvalue =
2898 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2901 parm_table[i].def.cvalue =
2902 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2908 parm_table[i].def.ivalue =
2909 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2914 for (parm=Globals.param_opt; parm; parm=parm->next) {
2915 if (!(parm->priority & FLAG_CMDLINE)) {
2916 parm->priority |= FLAG_DEFAULT;
2920 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2921 if (!(parm->priority & FLAG_CMDLINE)) {
2922 parm->priority |= FLAG_DEFAULT;
2926 defaults_saved = true;
2929 /***********************************************************
2930 If we should send plaintext/LANMAN passwords in the clinet
2931 ************************************************************/
2933 static void set_allowed_client_auth(void)
2935 if (Globals.client_ntlmv2_auth) {
2936 Globals.client_lanman_auth = false;
2938 if (!Globals.client_lanman_auth) {
2939 Globals.client_plaintext_auth = false;
2943 /***************************************************************************
2945 The following code allows smbd to read a user defined share file.
2946 Yes, this is my intent. Yes, I'm comfortable with that...
2948 THE FOLLOWING IS SECURITY CRITICAL CODE.
2950 It washes your clothes, it cleans your house, it guards you while you sleep...
2951 Do not f%^k with it....
2952 ***************************************************************************/
2954 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2956 /***************************************************************************
2957 Check allowed stat state of a usershare file.
2958 Ensure we print out who is dicking with us so the admin can
2959 get their sorry ass fired.
2960 ***************************************************************************/
2962 static bool check_usershare_stat(const char *fname,
2963 const SMB_STRUCT_STAT *psbuf)
2965 if (!S_ISREG(psbuf->st_ex_mode)) {
2966 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2967 "not a regular file\n",
2968 fname, (unsigned int)psbuf->st_ex_uid ));
2972 /* Ensure this doesn't have the other write bit set. */
2973 if (psbuf->st_ex_mode & S_IWOTH) {
2974 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2975 "public write. Refusing to allow as a usershare file.\n",
2976 fname, (unsigned int)psbuf->st_ex_uid ));
2980 /* Should be 10k or less. */
2981 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2982 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2983 "too large (%u) to be a user share file.\n",
2984 fname, (unsigned int)psbuf->st_ex_uid,
2985 (unsigned int)psbuf->st_ex_size ));
2992 /***************************************************************************
2993 Parse the contents of a usershare file.
2994 ***************************************************************************/
2996 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
2997 SMB_STRUCT_STAT *psbuf,
2998 const char *servicename,
3002 char **pp_sharepath,
3004 char **pp_cp_servicename,
3005 struct security_descriptor **ppsd,
3008 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3009 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3012 SMB_STRUCT_STAT sbuf;
3013 char *sharepath = NULL;
3014 char *comment = NULL;
3016 *pp_sharepath = NULL;
3019 *pallow_guest = false;
3022 return USERSHARE_MALFORMED_FILE;
3025 if (strcmp(lines[0], "#VERSION 1") == 0) {
3027 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3030 return USERSHARE_MALFORMED_FILE;
3033 return USERSHARE_BAD_VERSION;
3036 if (strncmp(lines[1], "path=", 5) != 0) {
3037 return USERSHARE_MALFORMED_PATH;
3040 sharepath = talloc_strdup(ctx, &lines[1][5]);
3042 return USERSHARE_POSIX_ERR;
3044 trim_string(sharepath, " ", " ");
3046 if (strncmp(lines[2], "comment=", 8) != 0) {
3047 return USERSHARE_MALFORMED_COMMENT_DEF;
3050 comment = talloc_strdup(ctx, &lines[2][8]);
3052 return USERSHARE_POSIX_ERR;
3054 trim_string(comment, " ", " ");
3055 trim_char(comment, '"', '"');
3057 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3058 return USERSHARE_MALFORMED_ACL_DEF;
3061 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3062 return USERSHARE_ACL_ERR;
3066 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3067 return USERSHARE_MALFORMED_ACL_DEF;
3069 if (lines[4][9] == 'y') {
3070 *pallow_guest = true;
3073 /* Backwards compatible extension to file version #2. */
3075 if (strncmp(lines[5], "sharename=", 10) != 0) {
3076 return USERSHARE_MALFORMED_SHARENAME_DEF;
3078 if (!strequal(&lines[5][10], servicename)) {
3079 return USERSHARE_BAD_SHARENAME;
3081 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3082 if (!*pp_cp_servicename) {
3083 return USERSHARE_POSIX_ERR;
3088 if (*pp_cp_servicename == NULL) {
3089 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3090 if (!*pp_cp_servicename) {
3091 return USERSHARE_POSIX_ERR;
3095 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3096 /* Path didn't change, no checks needed. */
3097 *pp_sharepath = sharepath;
3098 *pp_comment = comment;
3099 return USERSHARE_OK;
3102 /* The path *must* be absolute. */
3103 if (sharepath[0] != '/') {
3104 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3105 servicename, sharepath));
3106 return USERSHARE_PATH_NOT_ABSOLUTE;
3109 /* If there is a usershare prefix deny list ensure one of these paths
3110 doesn't match the start of the user given path. */
3111 if (prefixdenylist) {
3113 for ( i=0; prefixdenylist[i]; i++ ) {
3114 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3115 servicename, i, prefixdenylist[i], sharepath ));
3116 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3117 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3118 "usershare prefix deny list entries.\n",
3119 servicename, sharepath));
3120 return USERSHARE_PATH_IS_DENIED;
3125 /* If there is a usershare prefix allow list ensure one of these paths
3126 does match the start of the user given path. */
3128 if (prefixallowlist) {
3130 for ( i=0; prefixallowlist[i]; i++ ) {
3131 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3132 servicename, i, prefixallowlist[i], sharepath ));
3133 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3137 if (prefixallowlist[i] == NULL) {
3138 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3139 "usershare prefix allow list entries.\n",
3140 servicename, sharepath));
3141 return USERSHARE_PATH_NOT_ALLOWED;
3145 /* Ensure this is pointing to a directory. */
3146 dp = opendir(sharepath);
3149 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3150 servicename, sharepath));
3151 return USERSHARE_PATH_NOT_DIRECTORY;
3154 /* Ensure the owner of the usershare file has permission to share
3157 if (sys_stat(sharepath, &sbuf, false) == -1) {
3158 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3159 servicename, sharepath, strerror(errno) ));
3161 return USERSHARE_POSIX_ERR;
3166 if (!S_ISDIR(sbuf.st_ex_mode)) {
3167 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3168 servicename, sharepath ));
3169 return USERSHARE_PATH_NOT_DIRECTORY;
3172 /* Check if sharing is restricted to owner-only. */
3173 /* psbuf is the stat of the usershare definition file,
3174 sbuf is the stat of the target directory to be shared. */
3176 if (lp_usershare_owner_only()) {
3177 /* root can share anything. */
3178 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3179 return USERSHARE_PATH_NOT_ALLOWED;
3183 *pp_sharepath = sharepath;
3184 *pp_comment = comment;
3185 return USERSHARE_OK;
3188 /***************************************************************************
3189 Deal with a usershare file.
3192 -1 - Bad name, invalid contents.
3193 - service name already existed and not a usershare, problem
3194 with permissions to share directory etc.
3195 ***************************************************************************/
3197 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3199 SMB_STRUCT_STAT sbuf;
3200 SMB_STRUCT_STAT lsbuf;
3202 char *sharepath = NULL;
3203 char *comment = NULL;
3204 char *cp_service_name = NULL;
3205 char **lines = NULL;
3209 TALLOC_CTX *ctx = talloc_stackframe();
3210 struct security_descriptor *psd = NULL;
3211 bool guest_ok = false;
3212 char *canon_name = NULL;
3213 bool added_service = false;
3216 /* Ensure share name doesn't contain invalid characters. */
3217 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3218 DEBUG(0,("process_usershare_file: share name %s contains "
3219 "invalid characters (any of %s)\n",
3220 file_name, INVALID_SHARENAME_CHARS ));
3224 canon_name = canonicalize_servicename(ctx, file_name);
3229 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3234 /* Minimize the race condition by doing an lstat before we
3235 open and fstat. Ensure this isn't a symlink link. */
3237 if (sys_lstat(fname, &lsbuf, false) != 0) {
3238 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3239 fname, strerror(errno) ));
3243 /* This must be a regular file, not a symlink, directory or
3244 other strange filetype. */
3245 if (!check_usershare_stat(fname, &lsbuf)) {
3253 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3258 if (NT_STATUS_IS_OK(status) &&
3259 (data.dptr != NULL) &&
3260 (data.dsize == sizeof(iService))) {
3261 memcpy(&iService, data.dptr, sizeof(iService));
3265 if (iService != -1 &&
3266 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3267 &lsbuf.st_ex_mtime) == 0) {
3268 /* Nothing changed - Mark valid and return. */
3269 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3271 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3276 /* Try and open the file read only - no symlinks allowed. */
3278 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3280 fd = open(fname, O_RDONLY, 0);
3284 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3285 fname, strerror(errno) ));
3289 /* Now fstat to be *SURE* it's a regular file. */
3290 if (sys_fstat(fd, &sbuf, false) != 0) {
3292 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3293 fname, strerror(errno) ));
3297 /* Is it the same dev/inode as was lstated ? */
3298 if (!check_same_stat(&lsbuf, &sbuf)) {
3300 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3301 "Symlink spoofing going on ?\n", fname ));
3305 /* This must be a regular file, not a symlink, directory or
3306 other strange filetype. */
3307 if (!check_usershare_stat(fname, &sbuf)) {
3312 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3315 if (lines == NULL) {
3316 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3317 fname, (unsigned int)sbuf.st_ex_uid ));
3321 if (parse_usershare_file(ctx, &sbuf, file_name,
3322 iService, lines, numlines, &sharepath,
3323 &comment, &cp_service_name,
3324 &psd, &guest_ok) != USERSHARE_OK) {
3328 /* Everything ok - add the service possibly using a template. */
3330 const struct loadparm_service *sp = &sDefault;
3331 if (snum_template != -1) {
3332 sp = ServicePtrs[snum_template];
3335 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3336 DEBUG(0, ("process_usershare_file: Failed to add "
3337 "new service %s\n", cp_service_name));
3341 added_service = true;
3343 /* Read only is controlled by usershare ACL below. */
3344 ServicePtrs[iService]->read_only = false;
3347 /* Write the ACL of the new/modified share. */
3348 if (!set_share_security(canon_name, psd)) {
3349 DEBUG(0, ("process_usershare_file: Failed to set share "
3350 "security for user share %s\n",
3355 /* If from a template it may be marked invalid. */
3356 ServicePtrs[iService]->valid = true;
3358 /* Set the service as a valid usershare. */
3359 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3361 /* Set guest access. */
3362 if (lp_usershare_allow_guests()) {
3363 ServicePtrs[iService]->guest_ok = guest_ok;
3366 /* And note when it was loaded. */
3367 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3368 lpcfg_string_set(ServicePtrs[iService], &ServicePtrs[iService]->path,
3370 lpcfg_string_set(ServicePtrs[iService],
3371 &ServicePtrs[iService]->comment, comment);
3377 if (ret == -1 && iService != -1 && added_service) {
3378 lp_remove_service(iService);
3386 /***************************************************************************
3387 Checks if a usershare entry has been modified since last load.
3388 ***************************************************************************/
3390 static bool usershare_exists(int iService, struct timespec *last_mod)
3392 SMB_STRUCT_STAT lsbuf;
3393 const char *usersharepath = Globals.usershare_path;
3396 fname = talloc_asprintf(talloc_tos(),
3399 ServicePtrs[iService]->szService);
3400 if (fname == NULL) {
3404 if (sys_lstat(fname, &lsbuf, false) != 0) {
3409 if (!S_ISREG(lsbuf.st_ex_mode)) {
3415 *last_mod = lsbuf.st_ex_mtime;
3419 /***************************************************************************
3420 Load a usershare service by name. Returns a valid servicenumber or -1.
3421 ***************************************************************************/
3423 int load_usershare_service(const char *servicename)
3425 SMB_STRUCT_STAT sbuf;
3426 const char *usersharepath = Globals.usershare_path;
3427 int max_user_shares = Globals.usershare_max_shares;
3428 int snum_template = -1;
3430 if (*usersharepath == 0 || max_user_shares == 0) {
3434 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3435 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3436 usersharepath, strerror(errno) ));
3440 if (!S_ISDIR(sbuf.st_ex_mode)) {
3441 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3447 * This directory must be owned by root, and have the 't' bit set.
3448 * It also must not be writable by "other".
3452 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3454 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3456 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3457 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3462 /* Ensure the template share exists if it's set. */
3463 if (Globals.usershare_template_share[0]) {
3464 /* We can't use lp_servicenumber here as we are recommending that
3465 template shares have -valid=false set. */
3466 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3467 if (ServicePtrs[snum_template]->szService &&
3468 strequal(ServicePtrs[snum_template]->szService,
3469 Globals.usershare_template_share)) {
3474 if (snum_template == -1) {
3475 DEBUG(0,("load_usershare_service: usershare template share %s "
3476 "does not exist.\n",
3477 Globals.usershare_template_share ));
3482 return process_usershare_file(usersharepath, servicename, snum_template);
3485 /***************************************************************************
3486 Load all user defined shares from the user share directory.
3487 We only do this if we're enumerating the share list.
3488 This is the function that can delete usershares that have
3490 ***************************************************************************/
3492 int load_usershare_shares(struct smbd_server_connection *sconn,
3493 bool (*snumused) (struct smbd_server_connection *, int))
3496 SMB_STRUCT_STAT sbuf;
3498 int num_usershares = 0;
3499 int max_user_shares = Globals.usershare_max_shares;
3500 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3501 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3502 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3504 int snum_template = -1;
3505 const char *usersharepath = Globals.usershare_path;
3506 int ret = lp_numservices();
3507 TALLOC_CTX *tmp_ctx;
3509 if (max_user_shares == 0 || *usersharepath == '\0') {
3510 return lp_numservices();
3513 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3514 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3515 usersharepath, strerror(errno) ));
3520 * This directory must be owned by root, and have the 't' bit set.
3521 * It also must not be writable by "other".
3525 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3527 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3529 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3530 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3535 /* Ensure the template share exists if it's set. */
3536 if (Globals.usershare_template_share[0]) {
3537 /* We can't use lp_servicenumber here as we are recommending that
3538 template shares have -valid=false set. */
3539 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3540 if (ServicePtrs[snum_template]->szService &&
3541 strequal(ServicePtrs[snum_template]->szService,
3542 Globals.usershare_template_share)) {
3547 if (snum_template == -1) {
3548 DEBUG(0,("load_usershare_shares: usershare template share %s "
3549 "does not exist.\n",
3550 Globals.usershare_template_share ));
3555 /* Mark all existing usershares as pending delete. */
3556 for (iService = iNumServices - 1; iService >= 0; iService--) {
3557 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3558 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3562 dp = opendir(usersharepath);
3564 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3565 usersharepath, strerror(errno) ));
3569 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3571 num_dir_entries++ ) {
3573 const char *n = de->d_name;
3575 /* Ignore . and .. */
3577 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3583 /* Temporary file used when creating a share. */
3584 num_tmp_dir_entries++;
3587 /* Allow 20% tmp entries. */
3588 if (num_tmp_dir_entries > allowed_tmp_entries) {
3589 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3590 "in directory %s\n",
3591 num_tmp_dir_entries, usersharepath));
3595 r = process_usershare_file(usersharepath, n, snum_template);
3597 /* Update the services count. */
3599 if (num_usershares >= max_user_shares) {
3600 DEBUG(0,("load_usershare_shares: max user shares reached "
3601 "on file %s in directory %s\n",
3602 n, usersharepath ));
3605 } else if (r == -1) {
3606 num_bad_dir_entries++;
3609 /* Allow 20% bad entries. */
3610 if (num_bad_dir_entries > allowed_bad_entries) {
3611 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3612 "in directory %s\n",
3613 num_bad_dir_entries, usersharepath));
3617 /* Allow 20% bad entries. */
3618 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3619 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3620 "in directory %s\n",
3621 num_dir_entries, usersharepath));
3628 /* Sweep through and delete any non-refreshed usershares that are
3629 not currently in use. */
3630 tmp_ctx = talloc_stackframe();
3631 for (iService = iNumServices - 1; iService >= 0; iService--) {
3632 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3635 if (snumused && snumused(sconn, iService)) {
3639 servname = lp_servicename(tmp_ctx, iService);
3641 /* Remove from the share ACL db. */
3642 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3644 delete_share_security(servname);
3645 free_service_byindex(iService);
3648 talloc_free(tmp_ctx);
3650 return lp_numservices();
3653 /********************************************************
3654 Destroy global resources allocated in this file
3655 ********************************************************/
3657 void gfree_loadparm(void)
3663 /* Free resources allocated to services */
3665 for ( i = 0; i < iNumServices; i++ ) {
3667 free_service_byindex(i);
3671 TALLOC_FREE( ServicePtrs );
3674 /* Now release all resources allocated to global
3675 parameters and the default service */
3677 free_global_parameters();
3681 /***************************************************************************
3682 Allow client apps to specify that they are a client
3683 ***************************************************************************/
3684 static void lp_set_in_client(bool b)
3690 /***************************************************************************
3691 Determine if we're running in a client app
3692 ***************************************************************************/
3693 static bool lp_is_in_client(void)
3698 static void lp_enforce_ad_dc_settings(void)
3700 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3701 lp_do_parameter(GLOBAL_SECTION_SNUM,
3702 "winbindd:use external pipes", "true");
3703 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3704 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3705 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3706 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3707 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3708 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3709 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3710 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3711 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3714 /***************************************************************************
3715 Load the services array from the services file. Return true on success,
3717 ***************************************************************************/
3719 static bool lp_load_ex(const char *pszFname,
3723 bool reinit_globals,
3724 bool allow_include_registry,
3725 bool load_all_shares)
3729 TALLOC_CTX *frame = talloc_stackframe();
3730 struct loadparm_context *lp_ctx;
3734 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3736 bInGlobalSection = true;
3737 bGlobalOnly = global_only;
3738 bAllowIncludeRegistry = allow_include_registry;
3740 lp_ctx = setup_lp_context(talloc_tos());
3742 init_globals(lp_ctx, reinit_globals);
3746 if (save_defaults) {
3751 if (!reinit_globals) {
3752 free_param_opts(&Globals.param_opt);
3753 apply_lp_set_cmdline();
3756 lp_do_parameter(-1, "idmap config * : backend", Globals.idmap_backend);
3758 /* We get sections first, so have to start 'behind' to make up */
3761 if (lp_config_backend_is_file()) {
3762 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3763 current_user_info.domain,
3766 smb_panic("lp_load_ex: out of memory");
3769 add_to_file_list(NULL, &file_lists, pszFname, n2);
3771 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3774 /* finish up the last section */
3775 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3777 if (iServiceIndex >= 0) {
3778 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3782 if (lp_config_backend_is_registry()) {
3784 /* config backend changed to registry in config file */
3786 * We need to use this extra global variable here to
3787 * survive restart: init_globals uses this as a default
3788 * for config_backend. Otherwise, init_globals would
3789 * send us into an endless loop here.
3792 config_backend = CONFIG_BACKEND_REGISTRY;
3794 DEBUG(1, ("lp_load_ex: changing to config backend "
3796 init_globals(lp_ctx, true);
3798 TALLOC_FREE(lp_ctx);
3800 lp_kill_all_services();
3801 ok = lp_load_ex(pszFname, global_only, save_defaults,
3802 add_ipc, reinit_globals,
3803 allow_include_registry,
3808 } else if (lp_config_backend_is_registry()) {
3809 bRetval = process_registry_globals();
3811 DEBUG(0, ("Illegal config backend given: %d\n",
3812 lp_config_backend()));
3816 if (bRetval && lp_registry_shares()) {
3817 if (load_all_shares) {
3818 bRetval = process_registry_shares();
3820 bRetval = reload_registry_shares();
3825 char *serv = lp_auto_services(talloc_tos());
3826 lp_add_auto_services(serv);
3831 /* When 'restrict anonymous = 2' guest connections to ipc$
3833 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3834 if ( lp_enable_asu_support() ) {
3835 lp_add_ipc("ADMIN$", false);
3839 set_allowed_client_auth();
3841 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3842 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3843 lp_password_server()));
3848 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3849 /* if we_are_a_wins_server is true and we are in the client */
3850 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3851 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3856 fault_configure(smb_panic_s3);
3859 * We run this check once the whole smb.conf is parsed, to
3860 * force some settings for the standard way a AD DC is
3861 * operated. We may change these as our code evolves, which
3862 * is why we force these settings.
3864 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3865 lp_enforce_ad_dc_settings();
3868 bAllowIncludeRegistry = true;
3874 static bool lp_load(const char *pszFname,
3878 bool reinit_globals)
3880 return lp_load_ex(pszFname,
3885 true, /* allow_include_registry */
3886 false); /* load_all_shares*/
3889 bool lp_load_initial_only(const char *pszFname)
3891 return lp_load_ex(pszFname,
3892 true, /* global only */
3893 true, /* save_defaults */
3894 false, /* add_ipc */
3895 true, /* reinit_globals */
3896 false, /* allow_include_registry */
3897 false); /* load_all_shares*/
3901 * most common lp_load wrapper, loading only the globals
3903 bool lp_load_global(const char *file_name)
3905 return lp_load(file_name,
3906 true, /* global_only */
3907 false, /* save_defaults */
3908 false, /* add_ipc */
3909 true); /* reinit_globals */
3913 * The typical lp_load wrapper with shares, loads global and
3914 * shares, including IPC, but does not force immediate
3915 * loading of all shares from registry.
3917 bool lp_load_with_shares(const char *file_name)
3919 return lp_load(file_name,
3920 false, /* global_only */
3921 false, /* save_defaults */
3923 true); /* reinit_globals */
3927 * lp_load wrapper, especially for clients
3929 bool lp_load_client(const char *file_name)
3931 lp_set_in_client(true);
3933 return lp_load_global(file_name);
3937 * lp_load wrapper, loading only globals, but intended
3938 * for subsequent calls, not reinitializing the globals
3941 bool lp_load_global_no_reinit(const char *file_name)
3943 return lp_load(file_name,
3944 true, /* global_only */
3945 false, /* save_defaults */
3946 false, /* add_ipc */
3947 false); /* reinit_globals */
3951 * lp_load wrapper, loading globals and shares,
3952 * intended for subsequent calls, i.e. not reinitializing
3953 * the globals to default values.
3955 bool lp_load_no_reinit(const char *file_name)
3957 return lp_load(file_name,
3958 false, /* global_only */
3959 false, /* save_defaults */
3960 false, /* add_ipc */
3961 false); /* reinit_globals */
3966 * lp_load wrapper, especially for clients, no reinitialization
3968 bool lp_load_client_no_reinit(const char *file_name)
3970 lp_set_in_client(true);
3972 return lp_load_global_no_reinit(file_name);
3975 bool lp_load_with_registry_shares(const char *pszFname)
3977 return lp_load_ex(pszFname,
3978 false, /* global_only */
3979 true, /* save_defaults */
3980 false, /* add_ipc */
3981 false, /* reinit_globals */
3982 true, /* allow_include_registry */
3983 true); /* load_all_shares*/
3986 /***************************************************************************
3987 Return the max number of services.
3988 ***************************************************************************/
3990 int lp_numservices(void)
3992 return (iNumServices);
3995 /***************************************************************************
3996 Display the contents of the services array in human-readable form.
3997 ***************************************************************************/
3999 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4002 struct loadparm_context *lp_ctx;
4005 defaults_saved = false;
4007 lp_ctx = setup_lp_context(talloc_tos());
4008 if (lp_ctx == NULL) {
4012 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
4014 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
4016 for (iService = 0; iService < maxtoprint; iService++) {
4018 lp_dump_one(f, show_defaults, iService);
4022 /***************************************************************************
4023 Display the contents of one service in human-readable form.
4024 ***************************************************************************/
4026 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4029 if (ServicePtrs[snum]->szService[0] == '\0')
4031 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
4032 flags_list, show_defaults);
4036 /***************************************************************************
4037 Return the number of the service with the given name, or -1 if it doesn't
4038 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4039 getservicebyname()! This works ONLY if all services have been loaded, and
4040 does not copy the found service.
4041 ***************************************************************************/
4043 int lp_servicenumber(const char *pszServiceName)
4046 fstring serviceName;
4048 if (!pszServiceName) {
4049 return GLOBAL_SECTION_SNUM;
4052 for (iService = iNumServices - 1; iService >= 0; iService--) {
4053 if (VALID(iService) && ServicePtrs[iService]->szService) {
4055 * The substitution here is used to support %U in
4058 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4059 standard_sub_basic(get_current_username(),
4060 current_user_info.domain,
4061 serviceName,sizeof(serviceName));
4062 if (strequal(serviceName, pszServiceName)) {
4068 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4069 struct timespec last_mod;
4071 if (!usershare_exists(iService, &last_mod)) {
4072 /* Remove the share security tdb entry for it. */
4073 delete_share_security(lp_servicename(talloc_tos(), iService));
4074 /* Remove it from the array. */
4075 free_service_byindex(iService);
4076 /* Doesn't exist anymore. */
4077 return GLOBAL_SECTION_SNUM;
4080 /* Has it been modified ? If so delete and reload. */
4081 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4083 /* Remove it from the array. */
4084 free_service_byindex(iService);
4085 /* and now reload it. */
4086 iService = load_usershare_service(pszServiceName);
4091 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4092 return GLOBAL_SECTION_SNUM;
4098 /*******************************************************************
4099 A useful volume label function.
4100 ********************************************************************/
4102 const char *volume_label(TALLOC_CTX *ctx, int snum)
4105 const char *label = lp_volume(ctx, snum);
4107 label = lp_servicename(ctx, snum);
4110 /* This returns a 33 byte guarenteed null terminated string. */
4111 ret = talloc_strndup(ctx, label, 32);
4118 /*******************************************************************
4119 Get the default server type we will announce as via nmbd.
4120 ********************************************************************/
4122 int lp_default_server_announce(void)
4124 int default_server_announce = 0;
4125 default_server_announce |= SV_TYPE_WORKSTATION;
4126 default_server_announce |= SV_TYPE_SERVER;
4127 default_server_announce |= SV_TYPE_SERVER_UNIX;
4129 /* note that the flag should be set only if we have a
4130 printer service but nmbd doesn't actually load the
4131 services so we can't tell --jerry */
4133 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4135 default_server_announce |= SV_TYPE_SERVER_NT;
4136 default_server_announce |= SV_TYPE_NT;
4138 switch (lp_server_role()) {
4139 case ROLE_DOMAIN_MEMBER:
4140 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4142 case ROLE_DOMAIN_PDC:
4143 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4145 case ROLE_DOMAIN_BDC:
4146 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4148 case ROLE_STANDALONE:
4152 if (lp_time_server())
4153 default_server_announce |= SV_TYPE_TIME_SOURCE;
4155 if (lp_host_msdfs())
4156 default_server_announce |= SV_TYPE_DFS_SERVER;
4158 return default_server_announce;
4161 /***********************************************************
4162 If we are PDC then prefer us as DMB
4163 ************************************************************/
4165 bool lp_domain_master(void)
4167 if (Globals._domain_master == Auto)
4168 return (lp_server_role() == ROLE_DOMAIN_PDC);
4170 return (bool)Globals._domain_master;
4173 /***********************************************************
4174 If we are PDC then prefer us as DMB
4175 ************************************************************/
4177 static bool lp_domain_master_true_or_auto(void)
4179 if (Globals._domain_master) /* auto or yes */
4185 /***********************************************************
4186 If we are DMB then prefer us as LMB
4187 ************************************************************/
4189 bool lp_preferred_master(void)
4191 int preferred_master = lp__preferred_master();
4193 if (preferred_master == Auto)
4194 return (lp_local_master() && lp_domain_master());
4196 return (bool)preferred_master;
4199 /*******************************************************************
4201 ********************************************************************/
4203 void lp_remove_service(int snum)
4205 ServicePtrs[snum]->valid = false;
4208 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4210 const char *ret = lp__printername(ctx, snum);
4211 if (ret == NULL || *ret == '\0') {
4212 ret = lp_const_servicename(snum);
4219 /***********************************************************
4220 Allow daemons such as winbindd to fix their logfile name.
4221 ************************************************************/
4223 void lp_set_logfile(const char *name)
4225 lpcfg_string_set(Globals.ctx, &Globals.logfile, name);
4226 debug_set_logfile(name);
4229 /*******************************************************************
4230 Return the max print jobs per queue.
4231 ********************************************************************/
4233 int lp_maxprintjobs(int snum)
4235 int maxjobs = lp_max_print_jobs(snum);
4237 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4238 maxjobs = PRINT_MAX_JOBID - 1;
4243 const char *lp_printcapname(void)
4245 const char *printcap_name = lp_printcap_name();
4247 if ((printcap_name != NULL) &&
4248 (printcap_name[0] != '\0'))
4249 return printcap_name;
4251 if (sDefault.printing == PRINT_CUPS) {
4255 if (sDefault.printing == PRINT_BSD)
4256 return "/etc/printcap";
4258 return PRINTCAP_NAME;
4261 static uint32_t spoolss_state;
4263 bool lp_disable_spoolss( void )
4265 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4266 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4268 return spoolss_state == SVCCTL_STOPPED ? true : false;
4271 void lp_set_spoolss_state( uint32_t state )
4273 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4275 spoolss_state = state;
4278 uint32_t lp_get_spoolss_state( void )
4280 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4283 /*******************************************************************
4284 Ensure we don't use sendfile if server smb signing is active.
4285 ********************************************************************/
4287 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4289 bool sign_active = false;
4291 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4292 if (get_Protocol() < PROTOCOL_NT1) {
4295 if (signing_state) {
4296 sign_active = smb_signing_is_active(signing_state);
4298 return (lp__use_sendfile(snum) &&
4299 (get_remote_arch() != RA_WIN95) &&
4303 /*******************************************************************
4304 Turn off sendfile if we find the underlying OS doesn't support it.
4305 ********************************************************************/
4307 void set_use_sendfile(int snum, bool val)
4309 if (LP_SNUM_OK(snum))
4310 ServicePtrs[snum]->_use_sendfile = val;
4312 sDefault._use_sendfile = val;
4315 void lp_set_mangling_method(const char *new_method)
4317 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, new_method);
4320 /*******************************************************************
4321 Global state for POSIX pathname processing.
4322 ********************************************************************/
4324 static bool posix_pathnames;
4326 bool lp_posix_pathnames(void)
4328 return posix_pathnames;
4331 /*******************************************************************
4332 Change everything needed to ensure POSIX pathname processing (currently
4334 ********************************************************************/
4336 void lp_set_posix_pathnames(void)
4338 posix_pathnames = true;
4341 /*******************************************************************
4342 Global state for POSIX lock processing - CIFS unix extensions.
4343 ********************************************************************/
4345 bool posix_default_lock_was_set;
4346 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4348 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4350 if (posix_default_lock_was_set) {
4351 return posix_cifsx_locktype;
4353 return (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) ?
4354 POSIX_LOCK : WINDOWS_LOCK;
4358 /*******************************************************************
4359 ********************************************************************/
4361 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4363 posix_default_lock_was_set = true;
4364 posix_cifsx_locktype = val;
4367 int lp_min_receive_file_size(void)
4369 int min_receivefile_size = lp_min_receivefile_size();
4371 if (min_receivefile_size < 0) {
4374 return min_receivefile_size;
4377 /*******************************************************************
4378 Safe wide links checks.
4379 This helper function always verify the validity of wide links,
4380 even after a configuration file reload.
4381 ********************************************************************/
4383 void widelinks_warning(int snum)
4385 if (lp_allow_insecure_wide_links()) {
4389 if (lp_unix_extensions() && lp_wide_links(snum)) {
4390 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4391 "These parameters are incompatible. "
4392 "Wide links will be disabled for this share.\n",
4393 lp_servicename(talloc_tos(), snum) ));
4397 bool lp_widelinks(int snum)
4399 /* wide links is always incompatible with unix extensions */
4400 if (lp_unix_extensions()) {
4402 * Unless we have "allow insecure widelinks"
4405 if (!lp_allow_insecure_wide_links()) {
4410 return lp_wide_links(snum);
4413 int lp_server_role(void)
4415 return lp_find_server_role(lp__server_role(),
4417 lp__domain_logons(),
4418 lp_domain_master_true_or_auto());
4421 int lp_security(void)
4423 return lp_find_security(lp__server_role(),
4427 int lp_client_max_protocol(void)
4429 int client_max_protocol = lp__client_max_protocol();
4430 if (client_max_protocol == PROTOCOL_DEFAULT) {
4431 return PROTOCOL_NT1;
4433 return client_max_protocol;
4436 int lp_winbindd_max_protocol(void)
4438 int client_max_protocol = lp__client_max_protocol();
4439 if (client_max_protocol == PROTOCOL_DEFAULT) {
4440 return PROTOCOL_LATEST;
4442 return client_max_protocol;
4445 struct loadparm_global * get_globals(void)
4450 unsigned int * get_flags(void)
4452 if (flags_list == NULL) {
4453 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());