2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
73 #ifdef HAVE_SYS_SYSCTL_H
74 #include <sys/sysctl.h>
77 #ifdef HAVE_HTTPCONNECTENCRYPT
78 #include <cups/http.h>
83 extern userdom_struct current_user_info;
85 /* the special value for the include parameter
86 * to be interpreted not as a file name but to
87 * trigger loading of the global smb.conf options
89 #ifndef INCLUDE_REGISTRY_NAME
90 #define INCLUDE_REGISTRY_NAME "registry"
93 static bool in_client = false; /* Not in the client by default */
94 static struct smbconf_csn conf_last_csn;
96 static int config_backend = CONFIG_BACKEND_FILE;
98 /* some helpful bits */
99 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
102 #define USERSHARE_VALID 1
103 #define USERSHARE_PENDING_DELETE 2
105 static bool defaults_saved = false;
107 #include "lib/param/param_global.h"
109 static struct loadparm_global Globals;
111 /* This is a default service used to prime a services structure */
112 static struct loadparm_service sDefault =
117 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .iMaxPrintJobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
188 .administrative_share = false,
191 .print_notify_backchannel = false,
195 .store_dos_attributes = false,
196 .dmapi_support = false,
198 .strict_locking = Auto,
199 .posix_locking = true,
201 .kernel_oplocks = false,
202 .level2_oplocks = true,
204 .mangled_names = true,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
210 .strict_sync = false,
211 .mangling_char = '~',
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
225 .use_client_driver = false,
226 .default_devmode = true,
227 .force_printername = false,
228 .nt_acl_support = true,
229 .force_unknown_acl_user = false,
230 ._use_sendfile = false,
231 .profile_acls = false,
232 .map_acl_inherit = false,
235 .acl_check_permissions = true,
236 .acl_map_full_control = true,
237 .acl_group_control = false,
238 .acl_allow_execute_always = false,
239 .change_notify = true,
240 .kernel_change_notify = true,
241 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
244 .map_readonly = MAP_READONLY_YES,
245 .directory_name_cache_size = 100,
246 .smb_encrypt = SMB_SIGNING_DEFAULT,
247 .kernel_share_modes = true,
248 .durable_handles = true,
253 /* local variables */
254 static struct loadparm_service **ServicePtrs = NULL;
255 static int iNumServices = 0;
256 static int iServiceIndex = 0;
257 static struct db_context *ServiceHash;
258 static bool bInGlobalSection = true;
259 static bool bGlobalOnly = false;
260 static struct file_lists *file_lists = NULL;
261 static unsigned int *flags_list = NULL;
263 static void set_allowed_client_auth(void);
265 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
266 static void free_param_opts(struct parmlist_entry **popts);
268 /* this is used to prevent lots of mallocs of size 1 */
269 static const char null_string[] = "";
275 static void string_free(char **s)
279 if (*s == null_string)
285 Set a string value, deallocating any existing space, and allocing the space
289 static bool string_set(TALLOC_CTX *mem_ctx, char **dest,const char *src)
297 (*dest) = talloc_strdup(mem_ctx, src);
298 if ((*dest) == NULL) {
299 DEBUG(0,("Out of memory in string_init\n"));
307 * Function to return the default value for the maximum number of open
308 * file descriptors permitted. This function tries to consult the
309 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
310 * the smaller of those.
312 static int max_open_files(void)
314 int sysctl_max = MAX_OPEN_FILES;
315 int rlimit_max = MAX_OPEN_FILES;
317 #ifdef HAVE_SYSCTLBYNAME
319 size_t size = sizeof(sysctl_max);
320 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
325 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
331 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
332 rlimit_max = rl.rlim_cur;
334 #if defined(RLIM_INFINITY)
335 if(rl.rlim_cur == RLIM_INFINITY)
336 rlimit_max = MAX_OPEN_FILES;
341 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
342 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
343 "minimum Windows limit (%d)\n",
345 MIN_OPEN_FILES_WINDOWS));
346 sysctl_max = MIN_OPEN_FILES_WINDOWS;
349 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
350 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
351 "minimum Windows limit (%d)\n",
353 MIN_OPEN_FILES_WINDOWS));
354 rlimit_max = MIN_OPEN_FILES_WINDOWS;
357 return MIN(sysctl_max, rlimit_max);
361 * Common part of freeing allocated data for one parameter.
363 static void free_one_parameter_common(void *parm_ptr,
364 struct parm_struct parm)
366 if ((parm.type == P_STRING) ||
367 (parm.type == P_USTRING))
369 string_free((char**)parm_ptr);
370 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
371 TALLOC_FREE(*((char***)parm_ptr));
376 * Free the allocated data for one parameter for a share
377 * given as a service struct.
379 static void free_one_parameter(struct loadparm_service *service,
380 struct parm_struct parm)
384 if (parm.p_class != P_LOCAL) {
388 parm_ptr = lp_parm_ptr(service, &parm);
390 free_one_parameter_common(parm_ptr, parm);
394 * Free the allocated parameter data of a share given
395 * as a service struct.
397 static void free_parameters(struct loadparm_service *service)
401 for (i=0; parm_table[i].label; i++) {
402 free_one_parameter(service, parm_table[i]);
407 * Free the allocated data for one parameter for a given share
408 * specified by an snum.
410 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
415 parm_ptr = lp_parm_ptr(NULL, &parm);
416 } else if (parm.p_class != P_LOCAL) {
419 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
422 free_one_parameter_common(parm_ptr, parm);
426 * Free the allocated parameter data for a share specified
429 static void free_parameters_by_snum(int snum)
433 for (i=0; parm_table[i].label; i++) {
434 free_one_parameter_by_snum(snum, parm_table[i]);
439 * Free the allocated global parameters.
441 static void free_global_parameters(void)
443 free_param_opts(&Globals.param_opt);
444 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
445 TALLOC_FREE(Globals.ctx);
448 struct lp_stored_option {
449 struct lp_stored_option *prev, *next;
454 static struct lp_stored_option *stored_options;
457 save options set by lp_set_cmdline() into a list. This list is
458 re-applied when we do a globals reset, so that cmdline set options
459 are sticky across reloads of smb.conf
461 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
463 struct lp_stored_option *entry, *entry_next;
464 for (entry = stored_options; entry != NULL; entry = entry_next) {
465 entry_next = entry->next;
466 if (strcmp(pszParmName, entry->label) == 0) {
467 DLIST_REMOVE(stored_options, entry);
473 entry = talloc(NULL, struct lp_stored_option);
478 entry->label = talloc_strdup(entry, pszParmName);
484 entry->value = talloc_strdup(entry, pszParmValue);
490 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
495 static bool apply_lp_set_cmdline(void)
497 struct lp_stored_option *entry = NULL;
498 for (entry = stored_options; entry != NULL; entry = entry->next) {
499 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
500 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
501 entry->label, entry->value));
508 /***************************************************************************
509 Initialise the global parameter structure.
510 ***************************************************************************/
512 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
514 static bool done_init = false;
518 /* If requested to initialize only once and we've already done it... */
519 if (!reinit_globals && done_init) {
520 /* ... then we have nothing more to do */
525 /* The logfile can be set before this is invoked. Free it if so. */
526 if (Globals.logfile != NULL) {
527 string_free(&Globals.logfile);
528 Globals.logfile = NULL;
532 free_global_parameters();
535 /* This memset and the free_global_parameters() above will
536 * wipe out smb.conf options set with lp_set_cmdline(). The
537 * apply_lp_set_cmdline() call puts these values back in the
538 * table once the defaults are set */
539 ZERO_STRUCT(Globals);
541 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
543 /* Initialize the flags list if necessary */
544 if (flags_list == NULL) {
548 for (i = 0; parm_table[i].label; i++) {
549 if ((parm_table[i].type == P_STRING ||
550 parm_table[i].type == P_USTRING))
552 string_set(Globals.ctx, (char **)lp_parm_ptr(NULL, &parm_table[i]), "");
557 string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
558 string_set(Globals.ctx, &sDefault.printjob_username, "%U");
560 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
562 sDefault.ntvfs_handler = (const char **)str_list_make_v3(NULL, "unixuid default", NULL);
564 DEBUG(3, ("Initialising global parameters\n"));
566 /* Must manually force to upper case here, as this does not go via the handler */
567 string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
569 string_set(Globals.ctx, &Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
570 string_set(Globals.ctx, &Globals.private_dir, get_dyn_PRIVATE_DIR());
572 /* use the new 'hash2' method by default, with a prefix of 1 */
573 string_set(Globals.ctx, &Globals.mangling_method, "hash2");
574 Globals.mangle_prefix = 1;
576 string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
578 /* using UTF8 by default allows us to support all chars */
579 string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
581 /* Use codepage 850 as a default for the dos character set */
582 string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
585 * Allow the default PASSWD_CHAT to be overridden in local.h.
587 string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
589 string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
591 string_set(Globals.ctx, &Globals.passwd_program, "");
592 string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
593 string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
594 string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
595 string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
596 string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
598 * By default support explicit binding to broadcast
601 Globals.nmbd_bind_explicit_broadcast = true;
603 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
605 smb_panic("init_globals: ENOMEM");
607 string_set(Globals.ctx, &Globals.server_string, s);
610 string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
613 string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
615 string_set(Globals.ctx, &Globals.logon_drive, "");
616 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
617 string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
618 string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
620 Globals.name_resolve_order = (const char **)str_list_make_v3(NULL, "lmhosts wins host bcast", NULL);
621 string_set(Globals.ctx, &Globals.password_server, "*");
623 Globals.algorithmic_rid_base = BASE_RID;
625 Globals.load_printers = true;
626 Globals.printcap_cache_time = 750; /* 12.5 minutes */
628 Globals.config_backend = config_backend;
629 Globals._server_role = ROLE_AUTO;
631 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
632 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
633 Globals.max_xmit = 0x4104;
634 Globals.max_mux = 50; /* This is *needed* for profile support. */
635 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
636 Globals._disable_spoolss = false;
637 Globals.max_smbd_processes = 0;/* no limit specified */
638 Globals.username_level = 0;
639 Globals.deadtime = 0;
640 Globals.getwd_cache = true;
641 Globals.large_readwrite = true;
642 Globals.max_log_size = 5000;
643 Globals.max_open_files = max_open_files();
644 Globals.server_max_protocol = PROTOCOL_SMB3_00;
645 Globals.server_min_protocol = PROTOCOL_LANMAN1;
646 Globals._client_max_protocol = PROTOCOL_DEFAULT;
647 Globals.client_min_protocol = PROTOCOL_CORE;
648 Globals._security = SEC_AUTO;
649 Globals.encrypt_passwords = true;
650 Globals.client_schannel = Auto;
651 Globals.winbind_sealed_pipes = true;
652 Globals.require_strong_key = true;
653 Globals.server_schannel = Auto;
654 Globals.read_raw = true;
655 Globals.write_raw = true;
656 Globals.null_passwords = false;
657 Globals.old_password_allowed_period = 60;
658 Globals.obey_pam_restrictions = false;
660 Globals.syslog_only = false;
661 Globals.timestamp_logs = true;
662 string_set(Globals.ctx, &Globals.log_level, "0");
663 Globals.debug_prefix_timestamp = false;
664 Globals.debug_hires_timestamp = true;
665 Globals.debug_pid = false;
666 Globals.debug_uid = false;
667 Globals.debug_class = false;
668 Globals.enable_core_files = true;
669 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
670 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
671 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
672 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
673 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
674 Globals.lm_interval = 60;
675 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
676 Globals.nis_homedir = false;
677 #ifdef WITH_NISPLUS_HOME
678 string_set(Globals.ctx, &Globals.homedir_map, "auto_home.org_dir");
680 string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
683 Globals.time_server = false;
684 Globals.bind_interfaces_only = false;
685 Globals.unix_password_sync = false;
686 Globals.pam_password_change = false;
687 Globals.passwd_chat_debug = false;
688 Globals.passwd_chat_timeout = 2; /* 2 second default. */
689 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
690 Globals.nt_status_support = true; /* Use NT status by default. */
691 Globals.smbd_profiling_level = 0;
692 Globals.stat_cache = true; /* use stat cache by default */
693 Globals.max_stat_cache_size = 256; /* 256k by default */
694 Globals.restrict_anonymous = 0;
695 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
696 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
697 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
698 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
699 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
700 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
702 Globals.map_to_guest = 0; /* By Default, "Never" */
703 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
704 Globals.enhanced_browsing = true;
705 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
706 #ifdef MMAP_BLACKLIST
707 Globals.use_mmap = false;
709 Globals.use_mmap = true;
711 Globals.unicode = true;
712 Globals.unix_extensions = true;
713 Globals.reset_on_zero_vc = false;
714 Globals.log_writeable_files_on_exit = false;
715 Globals.create_krb5_conf = true;
716 Globals.winbindMaxDomainConnections = 1;
718 /* hostname lookups can be very expensive and are broken on
719 a large number of sites (tridge) */
720 Globals.hostname_lookups = false;
722 string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
723 string_set(Globals.ctx, &Globals.ldap_suffix, "");
724 string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
725 string_set(Globals.ctx, &Globals.szLdapUserSuffix, "");
726 string_set(Globals.ctx, &Globals.szLdapGroupSuffix, "");
727 string_set(Globals.ctx, &Globals.szLdapIdmapSuffix, "");
729 string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
730 Globals.ldap_ssl = LDAP_SSL_START_TLS;
731 Globals.ldap_ssl_ads = false;
732 Globals.ldap_deref = -1;
733 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
734 Globals.ldap_delete_dn = false;
735 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
736 Globals.ldap_follow_referral = Auto;
737 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
738 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
739 Globals.ldap_page_size = LDAP_PAGE_SIZE;
741 Globals.ldap_debug_level = 0;
742 Globals.ldap_debug_threshold = 10;
744 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
746 /* This is what we tell the afs client. in reality we set the token
747 * to never expire, though, when this runs out the afs client will
748 * forget the token. Set to 0 to get NEVERDATE.*/
749 Globals.afs_token_lifetime = 604800;
750 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
752 /* these parameters are set to defaults that are more appropriate
753 for the increasing samba install base:
755 as a member of the workgroup, that will possibly become a
756 _local_ master browser (lm = true). this is opposed to a forced
757 local master browser startup (pm = true).
759 doesn't provide WINS server service by default (wsupp = false),
760 and doesn't provide domain master browser services by default, either.
764 Globals.show_add_printer_wizard = true;
765 Globals.os_level = 20;
766 Globals.local_master = true;
767 Globals._domain_master = Auto; /* depending on _domain_logons */
768 Globals._domain_logons = false;
769 Globals.browse_list = true;
770 Globals.we_are_a_wins_server = false;
771 Globals.wins_proxy = false;
773 TALLOC_FREE(Globals.init_logon_delayed_hosts);
774 Globals.init_logon_delay = 100; /* 100 ms default delay */
776 Globals.wins_dns_proxy = true;
778 Globals.allow_trusted_domains = true;
779 string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
781 string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
782 string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
783 string_set(Globals.ctx, &Globals.winbind_separator, "\\");
784 string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
786 string_set(Globals.ctx, &Globals.cups_server, "");
787 string_set(Globals.ctx, &Globals.iprint_server, "");
789 string_set(Globals.ctx, &Globals._ctdbd_socket, "");
791 Globals.cluster_addresses = NULL;
792 Globals.clustering = false;
793 Globals.ctdb_timeout = 0;
794 Globals.ctdb_locktime_warn_threshold = 0;
796 Globals.winbind_cache_time = 300; /* 5 minutes */
797 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
798 Globals.winbind_request_timeout = 60; /* 60 seconds */
799 Globals.winbind_max_clients = 200;
800 Globals.winbind_enum_users = false;
801 Globals.winbind_enum_groups = false;
802 Globals.winbind_use_default_domain = false;
803 Globals.winbind_trusted_domains_only = false;
804 Globals.winbind_nested_groups = true;
805 Globals.winbind_expand_groups = 0;
806 Globals.winbind_nss_info = (const char **)str_list_make_v3(NULL, "template", NULL);
807 Globals.winbind_refresh_tickets = false;
808 Globals.winbind_offline_logon = false;
810 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
811 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
813 Globals.passdb_expand_explicit = false;
815 Globals.name_cache_timeout = 660; /* In seconds */
817 Globals.use_spnego = true;
818 Globals.client_use_spnego = true;
820 Globals.client_signing = SMB_SIGNING_DEFAULT;
821 Globals.server_signing = SMB_SIGNING_DEFAULT;
823 Globals.defer_sharing_violations = true;
824 Globals.smb_ports = (const char **)str_list_make_v3(NULL, SMB_PORTS, NULL);
826 Globals.enable_privileges = true;
827 Globals.host_msdfs = true;
828 Globals.enable_asu_support = false;
830 /* User defined shares. */
831 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
833 smb_panic("init_globals: ENOMEM");
835 string_set(Globals.ctx, &Globals.usershare_path, s);
837 string_set(Globals.ctx, &Globals.usershare_template_share, "");
838 Globals.usershare_max_shares = 0;
839 /* By default disallow sharing of directories not owned by the sharer. */
840 Globals.usershare_owner_only = true;
841 /* By default disallow guest access to usershares. */
842 Globals.usershare_allow_guests = false;
844 Globals.keepalive = DEFAULT_KEEPALIVE;
846 /* By default no shares out of the registry */
847 Globals.registry_shares = false;
849 Globals.iminreceivefile = 0;
851 Globals.map_untrusted_to_domain = false;
852 Globals.multicast_dns_register = true;
854 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
855 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
856 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
857 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
859 string_set(Globals.ctx, &Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
861 Globals.server_services = (const char **)str_list_make_v3(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
863 Globals.dcerpc_endpoint_servers = (const char **)str_list_make_v3(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
865 Globals.tls_enabled = true;
867 string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
868 string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
869 string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
871 string_set(Globals.ctx, &Globals.share_backend, "classic");
873 Globals.iPreferredMaster = Auto;
875 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
877 string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
879 string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
881 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
883 smb_panic("init_globals: ENOMEM");
885 Globals.samba_kcc_command = (const char **)str_list_make_v3(NULL, s, NULL);
888 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
890 smb_panic("init_globals: ENOMEM");
892 Globals.dns_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
895 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
897 smb_panic("init_globals: ENOMEM");
899 Globals.spn_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
902 Globals.nsupdate_command = (const char **)str_list_make_v3(NULL, "/usr/bin/nsupdate -g", NULL);
904 Globals.rndc_command = (const char **)str_list_make_v3(NULL, "/usr/sbin/rndc", NULL);
906 Globals.cldap_port = 389;
908 Globals.dgram_port = 138;
910 Globals.nbt_port = 137;
912 Globals.krb5_port = 88;
914 Globals.kpasswd_port = 464;
916 Globals.web_port = 901;
918 /* Now put back the settings that were set with lp_set_cmdline() */
919 apply_lp_set_cmdline();
922 /* Convenience routine to setup an lp_context with additional s3 variables */
923 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
925 struct loadparm_context *lp_ctx;
927 lp_ctx = loadparm_init_s3(mem_ctx,
928 loadparm_s3_helpers());
929 if (lp_ctx == NULL) {
930 DEBUG(0, ("loadparm_init_s3 failed\n"));
934 lp_ctx->sDefault = &sDefault;
935 lp_ctx->services = NULL; /* We do not want to access this directly */
936 lp_ctx->bInGlobalSection = bInGlobalSection;
937 lp_ctx->flags = flags_list;
942 /*******************************************************************
943 Convenience routine to grab string parameters into talloced memory
944 and run standard_sub_basic on them. The buffers can be written to by
945 callers without affecting the source string.
946 ********************************************************************/
948 char *lp_string(TALLOC_CTX *ctx, const char *s)
952 /* The follow debug is useful for tracking down memory problems
953 especially if you have an inner loop that is calling a lp_*()
954 function that returns a string. Perhaps this debug should be
955 present all the time? */
958 DEBUG(10, ("lp_string(%s)\n", s));
964 ret = talloc_sub_basic(ctx,
965 get_current_username(),
966 current_user_info.domain,
968 if (trim_char(ret, '\"', '\"')) {
969 if (strchr(ret,'\"') != NULL) {
971 ret = talloc_sub_basic(ctx,
972 get_current_username(),
973 current_user_info.domain,
981 In this section all the functions that are used to access the
982 parameters from the rest of the program are defined
985 #define FN_GLOBAL_STRING(fn_name,ptr) \
986 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
987 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
988 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
989 #define FN_GLOBAL_LIST(fn_name,ptr) \
990 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
991 #define FN_GLOBAL_BOOL(fn_name,ptr) \
992 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
993 #define FN_GLOBAL_CHAR(fn_name,ptr) \
994 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
995 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
996 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
998 #define FN_LOCAL_STRING(fn_name,val) \
999 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1000 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1001 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1002 #define FN_LOCAL_LIST(fn_name,val) \
1003 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1004 #define FN_LOCAL_BOOL(fn_name,val) \
1005 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1006 #define FN_LOCAL_INTEGER(fn_name,val) \
1007 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1009 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1010 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1011 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1012 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1013 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1014 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1016 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1017 winbindMaxDomainConnections)
1019 int lp_winbind_max_domain_connections(void)
1021 if (lp_winbind_offline_logon() &&
1022 lp_winbind_max_domain_connections_int() > 1) {
1023 DEBUG(1, ("offline logons active, restricting max domain "
1024 "connections to 1\n"));
1027 return MAX(1, lp_winbind_max_domain_connections_int());
1030 int lp_smb2_max_credits(void)
1032 if (Globals.ismb2_max_credits == 0) {
1033 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1035 return Globals.ismb2_max_credits;
1037 int lp_cups_encrypt(void)
1040 #ifdef HAVE_HTTPCONNECTENCRYPT
1041 switch (Globals.CupsEncrypt) {
1043 result = HTTP_ENCRYPT_REQUIRED;
1046 result = HTTP_ENCRYPT_ALWAYS;
1049 result = HTTP_ENCRYPT_NEVER;
1056 /* These functions remain in source3/param for now */
1058 #include "lib/param/param_functions.c"
1060 FN_LOCAL_STRING(servicename, szService)
1061 FN_LOCAL_CONST_STRING(const_servicename, szService)
1063 /* These functions cannot be auto-generated */
1064 FN_LOCAL_BOOL(autoloaded, autoloaded)
1065 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1067 /* local prototypes */
1069 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1070 static const char *get_boolean(bool bool_value);
1071 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1073 static bool hash_a_service(const char *name, int number);
1074 static void free_service_byindex(int iService);
1075 static void show_parameter(int parmIndex);
1076 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1079 * This is a helper function for parametrical options support. It returns a
1080 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1081 * parametrical functions are quite simple
1083 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1086 if (snum >= iNumServices) return NULL;
1089 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1091 return get_parametric_helper(ServicePtrs[snum],
1092 type, option, Globals.param_opt);
1097 #define MISSING_PARAMETER(name) \
1098 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1100 /*******************************************************************
1101 convenience routine to return enum parameters.
1102 ********************************************************************/
1103 static int lp_enum(const char *s,const struct enum_list *_enum)
1107 if (!s || !*s || !_enum) {
1108 MISSING_PARAMETER(lp_enum);
1112 for (i=0; _enum[i].name; i++) {
1113 if (strequal(_enum[i].name,s))
1114 return _enum[i].value;
1117 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1121 #undef MISSING_PARAMETER
1123 /* Return parametric option from a given service. Type is a part of option before ':' */
1124 /* Parametric option has following syntax: 'Type: option = value' */
1125 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1127 struct parmlist_entry *data = get_parametrics(snum, type, option);
1129 if (data == NULL||data->value==NULL) {
1131 return lp_string(ctx, def);
1137 return lp_string(ctx, data->value);
1140 /* Return parametric option from a given service. Type is a part of option before ':' */
1141 /* Parametric option has following syntax: 'Type: option = value' */
1142 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1144 struct parmlist_entry *data = get_parametrics(snum, type, option);
1146 if (data == NULL||data->value==NULL)
1153 /* Return parametric option from a given service. Type is a part of option before ':' */
1154 /* Parametric option has following syntax: 'Type: option = value' */
1156 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1158 struct parmlist_entry *data = get_parametrics(snum, type, option);
1160 if (data == NULL||data->value==NULL)
1161 return (const char **)def;
1163 if (data->list==NULL) {
1164 data->list = str_list_make_v3(NULL, data->value, NULL);
1167 return (const char **)data->list;
1170 /* Return parametric option from a given service. Type is a part of option before ':' */
1171 /* Parametric option has following syntax: 'Type: option = value' */
1173 int lp_parm_int(int snum, const char *type, const char *option, int def)
1175 struct parmlist_entry *data = get_parametrics(snum, type, option);
1177 if (data && data->value && *data->value)
1178 return lp_int(data->value);
1183 /* Return parametric option from a given service. Type is a part of option before ':' */
1184 /* Parametric option has following syntax: 'Type: option = value' */
1186 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1188 struct parmlist_entry *data = get_parametrics(snum, type, option);
1190 if (data && data->value && *data->value)
1191 return lp_ulong(data->value);
1196 /* Return parametric option from a given service. Type is a part of option before ':' */
1197 /* Parametric option has following syntax: 'Type: option = value' */
1199 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1201 struct parmlist_entry *data = get_parametrics(snum, type, option);
1203 if (data && data->value && *data->value)
1204 return lp_bool(data->value);
1209 /* Return parametric option from a given service. Type is a part of option before ':' */
1210 /* Parametric option has following syntax: 'Type: option = value' */
1212 int lp_parm_enum(int snum, const char *type, const char *option,
1213 const struct enum_list *_enum, int def)
1215 struct parmlist_entry *data = get_parametrics(snum, type, option);
1217 if (data && data->value && *data->value && _enum)
1218 return lp_enum(data->value, _enum);
1224 * free a param_opts structure.
1225 * param_opts handling should be moved to talloc;
1226 * then this whole functions reduces to a TALLOC_FREE().
1229 static void free_param_opts(struct parmlist_entry **popts)
1231 struct parmlist_entry *opt, *next_opt;
1233 if (*popts != NULL) {
1234 DEBUG(5, ("Freeing parametrics:\n"));
1237 while (opt != NULL) {
1238 string_free(&opt->key);
1239 string_free(&opt->value);
1240 TALLOC_FREE(opt->list);
1241 next_opt = opt->next;
1248 /***************************************************************************
1249 Free the dynamically allocated parts of a service struct.
1250 ***************************************************************************/
1252 static void free_service(struct loadparm_service *pservice)
1257 if (pservice->szService)
1258 DEBUG(5, ("free_service: Freeing service %s\n",
1259 pservice->szService));
1261 free_parameters(pservice);
1263 string_free(&pservice->szService);
1264 TALLOC_FREE(pservice->copymap);
1266 free_param_opts(&pservice->param_opt);
1268 ZERO_STRUCTP(pservice);
1272 /***************************************************************************
1273 remove a service indexed in the ServicePtrs array from the ServiceHash
1274 and free the dynamically allocated parts
1275 ***************************************************************************/
1277 static void free_service_byindex(int idx)
1279 if ( !LP_SNUM_OK(idx) )
1282 ServicePtrs[idx]->valid = false;
1284 /* we have to cleanup the hash record */
1286 if (ServicePtrs[idx]->szService) {
1287 char *canon_name = canonicalize_servicename(
1289 ServicePtrs[idx]->szService );
1291 dbwrap_delete_bystring(ServiceHash, canon_name );
1292 TALLOC_FREE(canon_name);
1295 free_service(ServicePtrs[idx]);
1296 talloc_free_children(ServicePtrs[idx]);
1299 /***************************************************************************
1300 Add a new service to the services array initialising it with the given
1302 ***************************************************************************/
1304 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1307 int num_to_alloc = iNumServices + 1;
1308 struct loadparm_service **tsp = NULL;
1310 /* it might already exist */
1312 i = getservicebyname(name, NULL);
1318 /* if not, then create one */
1320 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1322 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1326 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1327 if (!ServicePtrs[iNumServices]) {
1328 DEBUG(0,("add_a_service: out of memory!\n"));
1333 ServicePtrs[i]->valid = true;
1335 copy_service(ServicePtrs[i], pservice, NULL);
1337 string_set(ServicePtrs[i], &ServicePtrs[i]->szService, name);
1339 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1340 i, ServicePtrs[i]->szService));
1342 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1349 /***************************************************************************
1350 Convert a string to uppercase and remove whitespaces.
1351 ***************************************************************************/
1353 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1358 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1362 result = talloc_strdup(ctx, src);
1363 SMB_ASSERT(result != NULL);
1365 if (!strlower_m(result)) {
1366 TALLOC_FREE(result);
1372 /***************************************************************************
1373 Add a name/index pair for the services array to the hash table.
1374 ***************************************************************************/
1376 static bool hash_a_service(const char *name, int idx)
1380 if ( !ServiceHash ) {
1381 DEBUG(10,("hash_a_service: creating servicehash\n"));
1382 ServiceHash = db_open_rbt(NULL);
1383 if ( !ServiceHash ) {
1384 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1389 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1392 canon_name = canonicalize_servicename(talloc_tos(), name );
1394 dbwrap_store_bystring(ServiceHash, canon_name,
1395 make_tdb_data((uint8 *)&idx, sizeof(idx)),
1398 TALLOC_FREE(canon_name);
1403 /***************************************************************************
1404 Add a new home service, with the specified home directory, defaults coming
1406 ***************************************************************************/
1408 bool lp_add_home(const char *pszHomename, int iDefaultService,
1409 const char *user, const char *pszHomedir)
1413 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1414 pszHomedir[0] == '\0') {
1418 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1423 if (!(*(ServicePtrs[iDefaultService]->path))
1424 || strequal(ServicePtrs[iDefaultService]->path,
1425 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1426 string_set(ServicePtrs[i], &ServicePtrs[i]->path, pszHomedir);
1429 if (!(*(ServicePtrs[i]->comment))) {
1430 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1431 if (comment == NULL) {
1434 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1435 TALLOC_FREE(comment);
1438 /* set the browseable flag from the global default */
1440 ServicePtrs[i]->browseable = sDefault.browseable;
1441 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1443 ServicePtrs[i]->autoloaded = true;
1445 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1446 user, ServicePtrs[i]->path ));
1451 /***************************************************************************
1452 Add a new service, based on an old one.
1453 ***************************************************************************/
1455 int lp_add_service(const char *pszService, int iDefaultService)
1457 if (iDefaultService < 0) {
1458 return add_a_service(&sDefault, pszService);
1461 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1464 /***************************************************************************
1465 Add the IPC service.
1466 ***************************************************************************/
1468 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1470 char *comment = NULL;
1471 int i = add_a_service(&sDefault, ipc_name);
1476 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1477 Globals.server_string);
1478 if (comment == NULL) {
1482 string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1483 string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1484 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1485 string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1486 ServicePtrs[i]->max_connections = 0;
1487 ServicePtrs[i]->bAvailable = true;
1488 ServicePtrs[i]->read_only = true;
1489 ServicePtrs[i]->guest_only = false;
1490 ServicePtrs[i]->administrative_share = true;
1491 ServicePtrs[i]->guest_ok = guest_ok;
1492 ServicePtrs[i]->printable = false;
1493 ServicePtrs[i]->browseable = sDefault.browseable;
1495 DEBUG(3, ("adding IPC service\n"));
1497 TALLOC_FREE(comment);
1501 /***************************************************************************
1502 Add a new printer service, with defaults coming from service iFrom.
1503 ***************************************************************************/
1505 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1507 const char *comment = "From Printcap";
1508 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1513 /* note that we do NOT default the availability flag to true - */
1514 /* we take it from the default service passed. This allows all */
1515 /* dynamic printers to be disabled by disabling the [printers] */
1516 /* entry (if/when the 'available' keyword is implemented!). */
1518 /* the printer name is set to the service name. */
1519 string_set(ServicePtrs[i], &ServicePtrs[i]->_printername, pszPrintername);
1520 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1522 /* set the browseable flag from the gloabl default */
1523 ServicePtrs[i]->browseable = sDefault.browseable;
1525 /* Printers cannot be read_only. */
1526 ServicePtrs[i]->read_only = false;
1527 /* No oplocks on printer services. */
1528 ServicePtrs[i]->oplocks = false;
1529 /* Printer services must be printable. */
1530 ServicePtrs[i]->printable = true;
1532 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1538 /***************************************************************************
1539 Check whether the given parameter name is valid.
1540 Parametric options (names containing a colon) are considered valid.
1541 ***************************************************************************/
1543 bool lp_parameter_is_valid(const char *pszParmName)
1545 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1546 (strchr(pszParmName, ':') != NULL));
1549 /***************************************************************************
1550 Check whether the given name is the name of a global parameter.
1551 Returns true for strings belonging to parameters of class
1552 P_GLOBAL, false for all other strings, also for parametric options
1553 and strings not belonging to any option.
1554 ***************************************************************************/
1556 bool lp_parameter_is_global(const char *pszParmName)
1558 int num = lpcfg_map_parameter(pszParmName);
1561 return (parm_table[num].p_class == P_GLOBAL);
1567 /**************************************************************************
1568 Check whether the given name is the canonical name of a parameter.
1569 Returns false if it is not a valid parameter Name.
1570 For parametric options, true is returned.
1571 **************************************************************************/
1573 bool lp_parameter_is_canonical(const char *parm_name)
1575 if (!lp_parameter_is_valid(parm_name)) {
1579 return (lpcfg_map_parameter(parm_name) ==
1580 map_parameter_canonical(parm_name, NULL));
1583 /**************************************************************************
1584 Determine the canonical name for a parameter.
1585 Indicate when it is an inverse (boolean) synonym instead of a
1587 **************************************************************************/
1589 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1594 if (!lp_parameter_is_valid(parm_name)) {
1599 num = map_parameter_canonical(parm_name, inverse);
1601 /* parametric option */
1602 *canon_parm = parm_name;
1604 *canon_parm = parm_table[num].label;
1611 /**************************************************************************
1612 Determine the canonical name for a parameter.
1613 Turn the value given into the inverse boolean expression when
1614 the synonym is an invers boolean synonym.
1616 Return true if parm_name is a valid parameter name and
1617 in case it is an invers boolean synonym, if the val string could
1618 successfully be converted to the reverse bool.
1619 Return false in all other cases.
1620 **************************************************************************/
1622 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1624 const char **canon_parm,
1625 const char **canon_val)
1630 if (!lp_parameter_is_valid(parm_name)) {
1636 num = map_parameter_canonical(parm_name, &inverse);
1638 /* parametric option */
1639 *canon_parm = parm_name;
1642 *canon_parm = parm_table[num].label;
1644 if (!lp_invert_boolean(val, canon_val)) {
1656 /***************************************************************************
1657 Map a parameter's string representation to the index of the canonical
1658 form of the parameter (it might be a synonym).
1659 Returns -1 if the parameter string is not recognised.
1660 ***************************************************************************/
1662 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1664 int parm_num, canon_num;
1665 bool loc_inverse = false;
1667 parm_num = lpcfg_map_parameter(pszParmName);
1668 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
1669 /* invalid, parametric or no canidate for synonyms ... */
1673 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1674 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1675 parm_num = canon_num;
1681 if (inverse != NULL) {
1682 *inverse = loc_inverse;
1687 /***************************************************************************
1688 return true if parameter number parm1 is a synonym of parameter
1689 number parm2 (parm2 being the principal name).
1690 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1692 ***************************************************************************/
1694 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1696 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1697 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1698 (parm_table[parm1].flags & FLAG_HIDE) &&
1699 !(parm_table[parm2].flags & FLAG_HIDE))
1701 if (inverse != NULL) {
1702 if ((parm_table[parm1].type == P_BOOLREV) &&
1703 (parm_table[parm2].type == P_BOOL))
1715 /***************************************************************************
1716 Show one parameter's name, type, [values,] and flags.
1717 (helper functions for show_parameter_list)
1718 ***************************************************************************/
1720 static void show_parameter(int parmIndex)
1722 int enumIndex, flagIndex;
1727 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1728 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1730 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
1731 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
1733 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
1734 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
1735 "FLAG_DEPRECATED", "FLAG_HIDE", NULL};
1737 printf("%s=%s", parm_table[parmIndex].label,
1738 type[parm_table[parmIndex].type]);
1739 if (parm_table[parmIndex].type == P_ENUM) {
1742 parm_table[parmIndex].enum_list[enumIndex].name;
1746 enumIndex ? "|" : "",
1747 parm_table[parmIndex].enum_list[enumIndex].name);
1752 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1753 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1756 flag_names[flagIndex]);
1761 /* output synonyms */
1763 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1764 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1765 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1766 parm_table[parmIndex2].label);
1767 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1769 printf(" (synonyms: ");
1774 printf("%s%s", parm_table[parmIndex2].label,
1775 inverse ? "[i]" : "");
1785 /***************************************************************************
1786 Show all parameter's name, type, [values,] and flags.
1787 ***************************************************************************/
1789 void show_parameter_list(void)
1791 int classIndex, parmIndex;
1792 const char *section_names[] = { "local", "global", NULL};
1794 for (classIndex=0; section_names[classIndex]; classIndex++) {
1795 printf("[%s]\n", section_names[classIndex]);
1796 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1797 if (parm_table[parmIndex].p_class == classIndex) {
1798 show_parameter(parmIndex);
1804 /***************************************************************************
1805 Get the standard string representation of a boolean value ("yes" or "no")
1806 ***************************************************************************/
1808 static const char *get_boolean(bool bool_value)
1810 static const char *yes_str = "yes";
1811 static const char *no_str = "no";
1813 return (bool_value ? yes_str : no_str);
1816 /***************************************************************************
1817 Provide the string of the negated boolean value associated to the boolean
1818 given as a string. Returns false if the passed string does not correctly
1819 represent a boolean.
1820 ***************************************************************************/
1822 bool lp_invert_boolean(const char *str, const char **inverse_str)
1826 if (!set_boolean(str, &val)) {
1830 *inverse_str = get_boolean(!val);
1834 /***************************************************************************
1835 Provide the canonical string representation of a boolean value given
1836 as a string. Return true on success, false if the string given does
1837 not correctly represent a boolean.
1838 ***************************************************************************/
1840 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1844 if (!set_boolean(str, &val)) {
1848 *canon_str = get_boolean(val);
1852 /***************************************************************************
1853 Find a service by name. Otherwise works like get_service.
1854 ***************************************************************************/
1856 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1863 if (ServiceHash == NULL) {
1867 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1869 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1872 if (NT_STATUS_IS_OK(status) &&
1873 (data.dptr != NULL) &&
1874 (data.dsize == sizeof(iService)))
1876 iService = *(int *)data.dptr;
1879 TALLOC_FREE(canon_name);
1881 if ((iService != -1) && (LP_SNUM_OK(iService))
1882 && (pserviceDest != NULL)) {
1883 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1889 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1890 struct loadparm_service *lp_service(const char *pszServiceName)
1892 int iService = getservicebyname(pszServiceName, NULL);
1893 if (iService == -1 || !LP_SNUM_OK(iService)) {
1896 return ServicePtrs[iService];
1899 struct loadparm_service *lp_servicebynum(int snum)
1901 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1904 return ServicePtrs[snum];
1907 struct loadparm_service *lp_default_loadparm_service()
1912 static struct smbconf_ctx *lp_smbconf_ctx(void)
1915 static struct smbconf_ctx *conf_ctx = NULL;
1917 if (conf_ctx == NULL) {
1918 err = smbconf_init(NULL, &conf_ctx, "registry:");
1919 if (!SBC_ERROR_IS_OK(err)) {
1920 DEBUG(1, ("error initializing registry configuration: "
1921 "%s\n", sbcErrorString(err)));
1929 static bool process_smbconf_service(struct smbconf_service *service)
1934 if (service == NULL) {
1938 ret = lp_do_section(service->name, NULL);
1942 for (count = 0; count < service->num_params; count++) {
1944 if (!bInGlobalSection && bGlobalOnly) {
1947 const char *pszParmName = service->param_names[count];
1948 const char *pszParmValue = service->param_values[count];
1950 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
1952 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
1953 pszParmName, pszParmValue);
1960 if (iServiceIndex >= 0) {
1961 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
1967 * load a service from registry and activate it
1969 bool process_registry_service(const char *service_name)
1972 struct smbconf_service *service = NULL;
1973 TALLOC_CTX *mem_ctx = talloc_stackframe();
1974 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
1977 if (conf_ctx == NULL) {
1981 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
1983 if (!smbconf_share_exists(conf_ctx, service_name)) {
1985 * Registry does not contain data for this service (yet),
1986 * but make sure lp_load doesn't return false.
1992 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
1993 if (!SBC_ERROR_IS_OK(err)) {
1997 ret = process_smbconf_service(service);
2003 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2006 TALLOC_FREE(mem_ctx);
2011 * process_registry_globals
2013 static bool process_registry_globals(void)
2017 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2019 if (!bInGlobalSection && bGlobalOnly) {
2022 const char *pszParmName = "registry shares";
2023 const char *pszParmValue = "yes";
2025 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2027 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2028 pszParmName, pszParmValue);
2035 return process_registry_service(GLOBAL_NAME);
2038 bool process_registry_shares(void)
2042 struct smbconf_service **service = NULL;
2043 uint32_t num_shares = 0;
2044 TALLOC_CTX *mem_ctx = talloc_stackframe();
2045 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2048 if (conf_ctx == NULL) {
2052 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2053 if (!SBC_ERROR_IS_OK(err)) {
2059 for (count = 0; count < num_shares; count++) {
2060 if (strequal(service[count]->name, GLOBAL_NAME)) {
2063 ret = process_smbconf_service(service[count]);
2070 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2073 TALLOC_FREE(mem_ctx);
2078 * reload those shares from registry that are already
2079 * activated in the services array.
2081 static bool reload_registry_shares(void)
2086 for (i = 0; i < iNumServices; i++) {
2091 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2095 ret = process_registry_service(ServicePtrs[i]->szService);
2106 #define MAX_INCLUDE_DEPTH 100
2108 static uint8_t include_depth;
2111 * Free the file lists
2113 static void free_file_list(void)
2115 struct file_lists *f;
2116 struct file_lists *next;
2129 * Utility function for outsiders to check if we're running on registry.
2131 bool lp_config_backend_is_registry(void)
2133 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2137 * Utility function to check if the config backend is FILE.
2139 bool lp_config_backend_is_file(void)
2141 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2144 /*******************************************************************
2145 Check if a config file has changed date.
2146 ********************************************************************/
2148 bool lp_file_list_changed(void)
2150 struct file_lists *f = file_lists;
2152 DEBUG(6, ("lp_file_list_changed()\n"));
2155 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2156 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2158 if (conf_ctx == NULL) {
2161 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2164 DEBUGADD(6, ("registry config changed\n"));
2171 n2 = talloc_sub_basic(talloc_tos(),
2172 get_current_username(),
2173 current_user_info.domain,
2178 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2179 f->name, n2, ctime(&f->modtime)));
2181 mod_time = file_modtime(n2);
2184 ((f->modtime != mod_time) ||
2185 (f->subfname == NULL) ||
2186 (strcmp(n2, f->subfname) != 0)))
2189 ("file %s modified: %s\n", n2,
2191 f->modtime = mod_time;
2192 TALLOC_FREE(f->subfname);
2193 f->subfname = talloc_strdup(f, n2);
2194 if (f->subfname == NULL) {
2195 smb_panic("talloc_strdup failed");
2209 * Initialize iconv conversion descriptors.
2211 * This is called the first time it is needed, and also called again
2212 * every time the configuration is reloaded, because the charset or
2213 * codepage might have changed.
2215 static void init_iconv(void)
2217 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2219 true, global_iconv_handle);
2222 /***************************************************************************
2223 Handle the include operation.
2224 ***************************************************************************/
2225 static bool bAllowIncludeRegistry = true;
2227 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2228 const char *pszParmValue, char **ptr)
2232 if (include_depth >= MAX_INCLUDE_DEPTH) {
2233 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2238 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2239 if (!bAllowIncludeRegistry) {
2242 if (lp_ctx->bInGlobalSection) {
2245 ret = process_registry_globals();
2249 DEBUG(1, ("\"include = registry\" only effective "
2250 "in %s section\n", GLOBAL_NAME));
2255 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2256 current_user_info.domain,
2259 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2261 if (service == NULL) {
2262 string_set(Globals.ctx, ptr, fname);
2264 string_set(service, ptr, fname);
2267 if (file_exist(fname)) {
2270 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2276 DEBUG(2, ("Can't find include file %s\n", fname));
2281 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2283 char *config_option = NULL;
2284 const char *range = NULL;
2287 SMB_ASSERT(low != NULL);
2288 SMB_ASSERT(high != NULL);
2290 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2294 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2296 if (config_option == NULL) {
2297 DEBUG(0, ("out of memory\n"));
2301 range = lp_parm_const_string(-1, config_option, "range", NULL);
2302 if (range == NULL) {
2303 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2307 if (sscanf(range, "%u - %u", low, high) != 2) {
2308 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2309 range, domain_name));
2316 talloc_free(config_option);
2321 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2323 return lp_idmap_range("*", low, high);
2326 const char *lp_idmap_backend(const char *domain_name)
2328 char *config_option = NULL;
2329 const char *backend = NULL;
2331 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2335 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2337 if (config_option == NULL) {
2338 DEBUG(0, ("out of memory\n"));
2342 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2343 if (backend == NULL) {
2344 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2349 talloc_free(config_option);
2353 const char *lp_idmap_default_backend(void)
2355 return lp_idmap_backend("*");
2358 /***************************************************************************
2359 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2360 ***************************************************************************/
2362 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2364 const char *suffix_string;
2366 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2367 Globals.ldap_suffix );
2368 if ( !suffix_string ) {
2369 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2373 return suffix_string;
2376 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2378 if (Globals.szLdapMachineSuffix[0])
2379 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2381 return lp_string(ctx, Globals.ldap_suffix);
2384 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2386 if (Globals.szLdapUserSuffix[0])
2387 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
2389 return lp_string(ctx, Globals.ldap_suffix);
2392 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2394 if (Globals.szLdapGroupSuffix[0])
2395 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
2397 return lp_string(ctx, Globals.ldap_suffix);
2400 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2402 if (Globals.szLdapIdmapSuffix[0])
2403 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
2405 return lp_string(ctx, Globals.ldap_suffix);
2409 return the parameter pointer for a parameter
2411 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2413 if (service == NULL) {
2414 if (parm->p_class == P_LOCAL)
2415 return (void *)(((char *)&sDefault)+parm->offset);
2416 else if (parm->p_class == P_GLOBAL)
2417 return (void *)(((char *)&Globals)+parm->offset);
2420 return (void *)(((char *)service) + parm->offset);
2424 /***************************************************************************
2425 Process a parameter for a particular service number. If snum < 0
2426 then assume we are in the globals.
2427 ***************************************************************************/
2429 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2431 TALLOC_CTX *frame = talloc_stackframe();
2432 struct loadparm_context *lp_ctx;
2435 lp_ctx = setup_lp_context(frame);
2436 if (lp_ctx == NULL) {
2442 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2444 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2445 pszParmName, pszParmValue);
2453 /***************************************************************************
2454 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2455 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2456 ***************************************************************************/
2458 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2461 parmnum = lpcfg_map_parameter(pszParmName);
2463 flags_list[parmnum] &= ~FLAG_CMDLINE;
2464 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2467 flags_list[parmnum] |= FLAG_CMDLINE;
2469 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2470 * be grouped in the table, so we don't have to search the
2473 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2474 && parm_table[i].p_class == parm_table[parmnum].p_class;
2476 flags_list[i] |= FLAG_CMDLINE;
2478 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2479 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2480 flags_list[i] |= FLAG_CMDLINE;
2486 /* it might be parametric */
2487 if (strchr(pszParmName, ':') != NULL) {
2488 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2492 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2496 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2499 TALLOC_CTX *frame = talloc_stackframe();
2500 struct loadparm_context *lp_ctx;
2502 lp_ctx = setup_lp_context(frame);
2503 if (lp_ctx == NULL) {
2508 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2514 /***************************************************************************
2515 Process a parameter.
2516 ***************************************************************************/
2518 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2521 if (!bInGlobalSection && bGlobalOnly)
2524 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2526 if (bInGlobalSection) {
2527 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2529 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2530 pszParmName, pszParmValue);
2534 /***************************************************************************
2535 Initialize any local variables in the sDefault table, after parsing a
2537 ***************************************************************************/
2539 static void init_locals(void)
2542 * We run this check once the [globals] is parsed, to force
2543 * the VFS objects and other per-share settings we need for
2544 * the standard way a AD DC is operated. We may change these
2545 * as our code evolves, which is why we force these settings.
2547 * We can't do this at the end of lp_load_ex(), as by that
2548 * point the services have been loaded and they will already
2549 * have "" as their vfs objects.
2551 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2552 const char **vfs_objects = lp_vfs_objects(-1);
2553 if (!vfs_objects || !vfs_objects[0]) {
2554 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2555 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2556 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2557 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2559 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2563 lp_do_parameter(-1, "map hidden", "no");
2564 lp_do_parameter(-1, "map system", "no");
2565 lp_do_parameter(-1, "map readonly", "no");
2566 lp_do_parameter(-1, "map archive", "no");
2567 lp_do_parameter(-1, "store dos attributes", "yes");
2571 /***************************************************************************
2572 Process a new section (service). At this stage all sections are services.
2573 Later we'll have special sections that permit server parameters to be set.
2574 Returns true on success, false on failure.
2575 ***************************************************************************/
2577 bool lp_do_section(const char *pszSectionName, void *userdata)
2579 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2581 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2582 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2585 /* if we were in a global section then do the local inits */
2586 if (bInGlobalSection && !isglobal)
2589 /* if we've just struck a global section, note the fact. */
2590 bInGlobalSection = isglobal;
2591 if (lp_ctx != NULL) {
2592 lp_ctx->bInGlobalSection = isglobal;
2595 /* check for multiple global sections */
2596 if (bInGlobalSection) {
2597 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2601 if (!bInGlobalSection && bGlobalOnly)
2604 /* if we have a current service, tidy it up before moving on */
2607 if (iServiceIndex >= 0)
2608 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2610 /* if all is still well, move to the next record in the services array */
2612 /* We put this here to avoid an odd message order if messages are */
2613 /* issued by the post-processing of a previous section. */
2614 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2616 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2617 if (iServiceIndex < 0) {
2618 DEBUG(0, ("Failed to add a new service\n"));
2621 /* Clean all parametric options for service */
2622 /* They will be added during parsing again */
2623 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2629 /***************************************************************************
2630 Display the contents of a parameter of a single services record.
2631 ***************************************************************************/
2633 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2635 bool result = false;
2636 struct loadparm_context *lp_ctx;
2638 lp_ctx = setup_lp_context(talloc_tos());
2639 if (lp_ctx == NULL) {
2644 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2646 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2648 TALLOC_FREE(lp_ctx);
2653 /***************************************************************************
2654 Display the contents of a single copy structure.
2655 ***************************************************************************/
2656 static void dump_copy_map(bool *pcopymap)
2662 printf("\n\tNon-Copied parameters:\n");
2664 for (i = 0; parm_table[i].label; i++)
2665 if (parm_table[i].p_class == P_LOCAL &&
2666 parm_table[i].ptr && !pcopymap[i] &&
2667 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2669 printf("\t\t%s\n", parm_table[i].label);
2674 /***************************************************************************
2675 Return TRUE if the passed service number is within range.
2676 ***************************************************************************/
2678 bool lp_snum_ok(int iService)
2680 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
2683 /***************************************************************************
2684 Auto-load some home services.
2685 ***************************************************************************/
2687 static void lp_add_auto_services(char *str)
2697 s = talloc_strdup(talloc_tos(), str);
2699 smb_panic("talloc_strdup failed");
2703 homes = lp_servicenumber(HOMES_NAME);
2705 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2706 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2709 if (lp_servicenumber(p) >= 0)
2712 home = get_user_home_dir(talloc_tos(), p);
2714 if (home && home[0] && homes >= 0)
2715 lp_add_home(p, homes, p, home);
2722 /***************************************************************************
2723 Auto-load one printer.
2724 ***************************************************************************/
2726 void lp_add_one_printer(const char *name, const char *comment,
2727 const char *location, void *pdata)
2729 int printers = lp_servicenumber(PRINTERS_NAME);
2732 if (lp_servicenumber(name) < 0) {
2733 lp_add_printer(name, printers);
2734 if ((i = lp_servicenumber(name)) >= 0) {
2735 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
2736 ServicePtrs[i]->autoloaded = true;
2741 /***************************************************************************
2742 Have we loaded a services file yet?
2743 ***************************************************************************/
2745 bool lp_loaded(void)
2750 /***************************************************************************
2751 Unload unused services.
2752 ***************************************************************************/
2754 void lp_killunused(struct smbd_server_connection *sconn,
2755 bool (*snumused) (struct smbd_server_connection *, int))
2758 for (i = 0; i < iNumServices; i++) {
2762 /* don't kill autoloaded or usershare services */
2763 if ( ServicePtrs[i]->autoloaded ||
2764 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2768 if (!snumused || !snumused(sconn, i)) {
2769 free_service_byindex(i);
2775 * Kill all except autoloaded and usershare services - convenience wrapper
2777 void lp_kill_all_services(void)
2779 lp_killunused(NULL, NULL);
2782 /***************************************************************************
2784 ***************************************************************************/
2786 void lp_killservice(int iServiceIn)
2788 if (VALID(iServiceIn)) {
2789 free_service_byindex(iServiceIn);
2793 /***************************************************************************
2794 Save the curent values of all global and sDefault parameters into the
2795 defaults union. This allows testparm to show only the
2796 changed (ie. non-default) parameters.
2797 ***************************************************************************/
2799 static void lp_save_defaults(void)
2802 struct parmlist_entry * parm;
2803 for (i = 0; parm_table[i].label; i++) {
2804 if (!(flags_list[i] & FLAG_CMDLINE)) {
2805 flags_list[i] |= FLAG_DEFAULT;
2808 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2809 && parm_table[i].p_class == parm_table[i - 1].p_class)
2811 switch (parm_table[i].type) {
2814 parm_table[i].def.lvalue = str_list_copy(
2815 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2819 parm_table[i].def.svalue = talloc_strdup(Globals.ctx, *(char **)lp_parm_ptr(NULL, &parm_table[i]));
2820 if (parm_table[i].def.svalue == NULL) {
2821 smb_panic("talloc_strdup failed");
2826 parm_table[i].def.bvalue =
2827 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2830 parm_table[i].def.cvalue =
2831 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2837 parm_table[i].def.ivalue =
2838 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2845 for (parm=Globals.param_opt; parm; parm=parm->next) {
2846 if (!(parm->priority & FLAG_CMDLINE)) {
2847 parm->priority |= FLAG_DEFAULT;
2851 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2852 if (!(parm->priority & FLAG_CMDLINE)) {
2853 parm->priority |= FLAG_DEFAULT;
2857 defaults_saved = true;
2860 /***********************************************************
2861 If we should send plaintext/LANMAN passwords in the clinet
2862 ************************************************************/
2864 static void set_allowed_client_auth(void)
2866 if (Globals.client_ntlmv2_auth) {
2867 Globals.client_lanman_auth = false;
2869 if (!Globals.client_lanman_auth) {
2870 Globals.client_plaintext_auth = false;
2874 /***************************************************************************
2876 The following code allows smbd to read a user defined share file.
2877 Yes, this is my intent. Yes, I'm comfortable with that...
2879 THE FOLLOWING IS SECURITY CRITICAL CODE.
2881 It washes your clothes, it cleans your house, it guards you while you sleep...
2882 Do not f%^k with it....
2883 ***************************************************************************/
2885 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2887 /***************************************************************************
2888 Check allowed stat state of a usershare file.
2889 Ensure we print out who is dicking with us so the admin can
2890 get their sorry ass fired.
2891 ***************************************************************************/
2893 static bool check_usershare_stat(const char *fname,
2894 const SMB_STRUCT_STAT *psbuf)
2896 if (!S_ISREG(psbuf->st_ex_mode)) {
2897 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2898 "not a regular file\n",
2899 fname, (unsigned int)psbuf->st_ex_uid ));
2903 /* Ensure this doesn't have the other write bit set. */
2904 if (psbuf->st_ex_mode & S_IWOTH) {
2905 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2906 "public write. Refusing to allow as a usershare file.\n",
2907 fname, (unsigned int)psbuf->st_ex_uid ));
2911 /* Should be 10k or less. */
2912 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2913 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2914 "too large (%u) to be a user share file.\n",
2915 fname, (unsigned int)psbuf->st_ex_uid,
2916 (unsigned int)psbuf->st_ex_size ));
2923 /***************************************************************************
2924 Parse the contents of a usershare file.
2925 ***************************************************************************/
2927 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
2928 SMB_STRUCT_STAT *psbuf,
2929 const char *servicename,
2933 char **pp_sharepath,
2935 char **pp_cp_servicename,
2936 struct security_descriptor **ppsd,
2939 const char **prefixallowlist = lp_usershare_prefix_allow_list();
2940 const char **prefixdenylist = lp_usershare_prefix_deny_list();
2943 SMB_STRUCT_STAT sbuf;
2944 char *sharepath = NULL;
2945 char *comment = NULL;
2947 *pp_sharepath = NULL;
2950 *pallow_guest = false;
2953 return USERSHARE_MALFORMED_FILE;
2956 if (strcmp(lines[0], "#VERSION 1") == 0) {
2958 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
2961 return USERSHARE_MALFORMED_FILE;
2964 return USERSHARE_BAD_VERSION;
2967 if (strncmp(lines[1], "path=", 5) != 0) {
2968 return USERSHARE_MALFORMED_PATH;
2971 sharepath = talloc_strdup(ctx, &lines[1][5]);
2973 return USERSHARE_POSIX_ERR;
2975 trim_string(sharepath, " ", " ");
2977 if (strncmp(lines[2], "comment=", 8) != 0) {
2978 return USERSHARE_MALFORMED_COMMENT_DEF;
2981 comment = talloc_strdup(ctx, &lines[2][8]);
2983 return USERSHARE_POSIX_ERR;
2985 trim_string(comment, " ", " ");
2986 trim_char(comment, '"', '"');
2988 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
2989 return USERSHARE_MALFORMED_ACL_DEF;
2992 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
2993 return USERSHARE_ACL_ERR;
2997 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
2998 return USERSHARE_MALFORMED_ACL_DEF;
3000 if (lines[4][9] == 'y') {
3001 *pallow_guest = true;
3004 /* Backwards compatible extension to file version #2. */
3006 if (strncmp(lines[5], "sharename=", 10) != 0) {
3007 return USERSHARE_MALFORMED_SHARENAME_DEF;
3009 if (!strequal(&lines[5][10], servicename)) {
3010 return USERSHARE_BAD_SHARENAME;
3012 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3013 if (!*pp_cp_servicename) {
3014 return USERSHARE_POSIX_ERR;
3019 if (*pp_cp_servicename == NULL) {
3020 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3021 if (!*pp_cp_servicename) {
3022 return USERSHARE_POSIX_ERR;
3026 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3027 /* Path didn't change, no checks needed. */
3028 *pp_sharepath = sharepath;
3029 *pp_comment = comment;
3030 return USERSHARE_OK;
3033 /* The path *must* be absolute. */
3034 if (sharepath[0] != '/') {
3035 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3036 servicename, sharepath));
3037 return USERSHARE_PATH_NOT_ABSOLUTE;
3040 /* If there is a usershare prefix deny list ensure one of these paths
3041 doesn't match the start of the user given path. */
3042 if (prefixdenylist) {
3044 for ( i=0; prefixdenylist[i]; i++ ) {
3045 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3046 servicename, i, prefixdenylist[i], sharepath ));
3047 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3048 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3049 "usershare prefix deny list entries.\n",
3050 servicename, sharepath));
3051 return USERSHARE_PATH_IS_DENIED;
3056 /* If there is a usershare prefix allow list ensure one of these paths
3057 does match the start of the user given path. */
3059 if (prefixallowlist) {
3061 for ( i=0; prefixallowlist[i]; i++ ) {
3062 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3063 servicename, i, prefixallowlist[i], sharepath ));
3064 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3068 if (prefixallowlist[i] == NULL) {
3069 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3070 "usershare prefix allow list entries.\n",
3071 servicename, sharepath));
3072 return USERSHARE_PATH_NOT_ALLOWED;
3076 /* Ensure this is pointing to a directory. */
3077 dp = opendir(sharepath);
3080 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3081 servicename, sharepath));
3082 return USERSHARE_PATH_NOT_DIRECTORY;
3085 /* Ensure the owner of the usershare file has permission to share
3088 if (sys_stat(sharepath, &sbuf, false) == -1) {
3089 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3090 servicename, sharepath, strerror(errno) ));
3092 return USERSHARE_POSIX_ERR;
3097 if (!S_ISDIR(sbuf.st_ex_mode)) {
3098 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3099 servicename, sharepath ));
3100 return USERSHARE_PATH_NOT_DIRECTORY;
3103 /* Check if sharing is restricted to owner-only. */
3104 /* psbuf is the stat of the usershare definition file,
3105 sbuf is the stat of the target directory to be shared. */
3107 if (lp_usershare_owner_only()) {
3108 /* root can share anything. */
3109 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3110 return USERSHARE_PATH_NOT_ALLOWED;
3114 *pp_sharepath = sharepath;
3115 *pp_comment = comment;
3116 return USERSHARE_OK;
3119 /***************************************************************************
3120 Deal with a usershare file.
3123 -1 - Bad name, invalid contents.
3124 - service name already existed and not a usershare, problem
3125 with permissions to share directory etc.
3126 ***************************************************************************/
3128 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3130 SMB_STRUCT_STAT sbuf;
3131 SMB_STRUCT_STAT lsbuf;
3133 char *sharepath = NULL;
3134 char *comment = NULL;
3135 char *cp_service_name = NULL;
3136 char **lines = NULL;
3140 TALLOC_CTX *ctx = talloc_stackframe();
3141 struct security_descriptor *psd = NULL;
3142 bool guest_ok = false;
3143 char *canon_name = NULL;
3144 bool added_service = false;
3147 /* Ensure share name doesn't contain invalid characters. */
3148 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3149 DEBUG(0,("process_usershare_file: share name %s contains "
3150 "invalid characters (any of %s)\n",
3151 file_name, INVALID_SHARENAME_CHARS ));
3155 canon_name = canonicalize_servicename(ctx, file_name);
3160 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3165 /* Minimize the race condition by doing an lstat before we
3166 open and fstat. Ensure this isn't a symlink link. */
3168 if (sys_lstat(fname, &lsbuf, false) != 0) {
3169 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3170 fname, strerror(errno) ));
3174 /* This must be a regular file, not a symlink, directory or
3175 other strange filetype. */
3176 if (!check_usershare_stat(fname, &lsbuf)) {
3184 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3189 if (NT_STATUS_IS_OK(status) &&
3190 (data.dptr != NULL) &&
3191 (data.dsize == sizeof(iService))) {
3192 memcpy(&iService, data.dptr, sizeof(iService));
3196 if (iService != -1 &&
3197 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3198 &lsbuf.st_ex_mtime) == 0) {
3199 /* Nothing changed - Mark valid and return. */
3200 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3202 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3207 /* Try and open the file read only - no symlinks allowed. */
3209 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3211 fd = open(fname, O_RDONLY, 0);
3215 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3216 fname, strerror(errno) ));
3220 /* Now fstat to be *SURE* it's a regular file. */
3221 if (sys_fstat(fd, &sbuf, false) != 0) {
3223 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3224 fname, strerror(errno) ));
3228 /* Is it the same dev/inode as was lstated ? */
3229 if (!check_same_stat(&lsbuf, &sbuf)) {
3231 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3232 "Symlink spoofing going on ?\n", fname ));
3236 /* This must be a regular file, not a symlink, directory or
3237 other strange filetype. */
3238 if (!check_usershare_stat(fname, &sbuf)) {
3243 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3246 if (lines == NULL) {
3247 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3248 fname, (unsigned int)sbuf.st_ex_uid ));
3252 if (parse_usershare_file(ctx, &sbuf, file_name,
3253 iService, lines, numlines, &sharepath,
3254 &comment, &cp_service_name,
3255 &psd, &guest_ok) != USERSHARE_OK) {
3259 /* Everything ok - add the service possibly using a template. */
3261 const struct loadparm_service *sp = &sDefault;
3262 if (snum_template != -1) {
3263 sp = ServicePtrs[snum_template];
3266 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3267 DEBUG(0, ("process_usershare_file: Failed to add "
3268 "new service %s\n", cp_service_name));
3272 added_service = true;
3274 /* Read only is controlled by usershare ACL below. */
3275 ServicePtrs[iService]->read_only = false;
3278 /* Write the ACL of the new/modified share. */
3279 if (!set_share_security(canon_name, psd)) {
3280 DEBUG(0, ("process_usershare_file: Failed to set share "
3281 "security for user share %s\n",
3286 /* If from a template it may be marked invalid. */
3287 ServicePtrs[iService]->valid = true;
3289 /* Set the service as a valid usershare. */
3290 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3292 /* Set guest access. */
3293 if (lp_usershare_allow_guests()) {
3294 ServicePtrs[iService]->guest_ok = guest_ok;
3297 /* And note when it was loaded. */
3298 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3299 string_set(ServicePtrs[iService], &ServicePtrs[iService]->path, sharepath);
3300 string_set(ServicePtrs[iService], &ServicePtrs[iService]->comment, comment);
3306 if (ret == -1 && iService != -1 && added_service) {
3307 lp_remove_service(iService);
3315 /***************************************************************************
3316 Checks if a usershare entry has been modified since last load.
3317 ***************************************************************************/
3319 static bool usershare_exists(int iService, struct timespec *last_mod)
3321 SMB_STRUCT_STAT lsbuf;
3322 const char *usersharepath = Globals.usershare_path;
3325 fname = talloc_asprintf(talloc_tos(),
3328 ServicePtrs[iService]->szService);
3329 if (fname == NULL) {
3333 if (sys_lstat(fname, &lsbuf, false) != 0) {
3338 if (!S_ISREG(lsbuf.st_ex_mode)) {
3344 *last_mod = lsbuf.st_ex_mtime;
3348 /***************************************************************************
3349 Load a usershare service by name. Returns a valid servicenumber or -1.
3350 ***************************************************************************/
3352 int load_usershare_service(const char *servicename)
3354 SMB_STRUCT_STAT sbuf;
3355 const char *usersharepath = Globals.usershare_path;
3356 int max_user_shares = Globals.usershare_max_shares;
3357 int snum_template = -1;
3359 if (*usersharepath == 0 || max_user_shares == 0) {
3363 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3364 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3365 usersharepath, strerror(errno) ));
3369 if (!S_ISDIR(sbuf.st_ex_mode)) {
3370 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3376 * This directory must be owned by root, and have the 't' bit set.
3377 * It also must not be writable by "other".
3381 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3383 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3385 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3386 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3391 /* Ensure the template share exists if it's set. */
3392 if (Globals.usershare_template_share[0]) {
3393 /* We can't use lp_servicenumber here as we are recommending that
3394 template shares have -valid=false set. */
3395 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3396 if (ServicePtrs[snum_template]->szService &&
3397 strequal(ServicePtrs[snum_template]->szService,
3398 Globals.usershare_template_share)) {
3403 if (snum_template == -1) {
3404 DEBUG(0,("load_usershare_service: usershare template share %s "
3405 "does not exist.\n",
3406 Globals.usershare_template_share ));
3411 return process_usershare_file(usersharepath, servicename, snum_template);
3414 /***************************************************************************
3415 Load all user defined shares from the user share directory.
3416 We only do this if we're enumerating the share list.
3417 This is the function that can delete usershares that have
3419 ***************************************************************************/
3421 int load_usershare_shares(struct smbd_server_connection *sconn,
3422 bool (*snumused) (struct smbd_server_connection *, int))
3425 SMB_STRUCT_STAT sbuf;
3427 int num_usershares = 0;
3428 int max_user_shares = Globals.usershare_max_shares;
3429 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3430 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3431 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3433 int snum_template = -1;
3434 const char *usersharepath = Globals.usershare_path;
3435 int ret = lp_numservices();
3436 TALLOC_CTX *tmp_ctx;
3438 if (max_user_shares == 0 || *usersharepath == '\0') {
3439 return lp_numservices();
3442 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3443 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3444 usersharepath, strerror(errno) ));
3449 * This directory must be owned by root, and have the 't' bit set.
3450 * It also must not be writable by "other".
3454 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3456 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3458 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3459 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3464 /* Ensure the template share exists if it's set. */
3465 if (Globals.usershare_template_share[0]) {
3466 /* We can't use lp_servicenumber here as we are recommending that
3467 template shares have -valid=false set. */
3468 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3469 if (ServicePtrs[snum_template]->szService &&
3470 strequal(ServicePtrs[snum_template]->szService,
3471 Globals.usershare_template_share)) {
3476 if (snum_template == -1) {
3477 DEBUG(0,("load_usershare_shares: usershare template share %s "
3478 "does not exist.\n",
3479 Globals.usershare_template_share ));
3484 /* Mark all existing usershares as pending delete. */
3485 for (iService = iNumServices - 1; iService >= 0; iService--) {
3486 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3487 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3491 dp = opendir(usersharepath);
3493 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3494 usersharepath, strerror(errno) ));
3498 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3500 num_dir_entries++ ) {
3502 const char *n = de->d_name;
3504 /* Ignore . and .. */
3506 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3512 /* Temporary file used when creating a share. */
3513 num_tmp_dir_entries++;
3516 /* Allow 20% tmp entries. */
3517 if (num_tmp_dir_entries > allowed_tmp_entries) {
3518 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3519 "in directory %s\n",
3520 num_tmp_dir_entries, usersharepath));
3524 r = process_usershare_file(usersharepath, n, snum_template);
3526 /* Update the services count. */
3528 if (num_usershares >= max_user_shares) {
3529 DEBUG(0,("load_usershare_shares: max user shares reached "
3530 "on file %s in directory %s\n",
3531 n, usersharepath ));
3534 } else if (r == -1) {
3535 num_bad_dir_entries++;
3538 /* Allow 20% bad entries. */
3539 if (num_bad_dir_entries > allowed_bad_entries) {
3540 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3541 "in directory %s\n",
3542 num_bad_dir_entries, usersharepath));
3546 /* Allow 20% bad entries. */
3547 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3548 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3549 "in directory %s\n",
3550 num_dir_entries, usersharepath));
3557 /* Sweep through and delete any non-refreshed usershares that are
3558 not currently in use. */
3559 tmp_ctx = talloc_stackframe();
3560 for (iService = iNumServices - 1; iService >= 0; iService--) {
3561 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3564 if (snumused && snumused(sconn, iService)) {
3568 servname = lp_servicename(tmp_ctx, iService);
3570 /* Remove from the share ACL db. */
3571 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3573 delete_share_security(servname);
3574 free_service_byindex(iService);
3577 talloc_free(tmp_ctx);
3579 return lp_numservices();
3582 /********************************************************
3583 Destroy global resources allocated in this file
3584 ********************************************************/
3586 void gfree_loadparm(void)
3592 /* Free resources allocated to services */
3594 for ( i = 0; i < iNumServices; i++ ) {
3596 free_service_byindex(i);
3600 TALLOC_FREE( ServicePtrs );
3603 /* Now release all resources allocated to global
3604 parameters and the default service */
3606 free_global_parameters();
3610 /***************************************************************************
3611 Allow client apps to specify that they are a client
3612 ***************************************************************************/
3613 static void lp_set_in_client(bool b)
3619 /***************************************************************************
3620 Determine if we're running in a client app
3621 ***************************************************************************/
3622 static bool lp_is_in_client(void)
3627 /***************************************************************************
3628 Load the services array from the services file. Return true on success,
3630 ***************************************************************************/
3632 static bool lp_load_ex(const char *pszFname,
3636 bool initialize_globals,
3637 bool allow_include_registry,
3638 bool load_all_shares)
3642 TALLOC_CTX *frame = talloc_stackframe();
3643 struct loadparm_context *lp_ctx;
3647 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3649 bInGlobalSection = true;
3650 bGlobalOnly = global_only;
3651 bAllowIncludeRegistry = allow_include_registry;
3653 lp_ctx = setup_lp_context(talloc_tos());
3655 init_globals(lp_ctx, initialize_globals);
3659 if (save_defaults) {
3664 if (!initialize_globals) {
3665 free_param_opts(&Globals.param_opt);
3666 apply_lp_set_cmdline();
3669 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
3671 /* We get sections first, so have to start 'behind' to make up */
3674 if (lp_config_backend_is_file()) {
3675 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3676 current_user_info.domain,
3679 smb_panic("lp_load_ex: out of memory");
3682 add_to_file_list(NULL, &file_lists, pszFname, n2);
3684 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3687 /* finish up the last section */
3688 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3690 if (iServiceIndex >= 0) {
3691 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3695 if (lp_config_backend_is_registry()) {
3697 /* config backend changed to registry in config file */
3699 * We need to use this extra global variable here to
3700 * survive restart: init_globals uses this as a default
3701 * for config_backend. Otherwise, init_globals would
3702 * send us into an endless loop here.
3705 config_backend = CONFIG_BACKEND_REGISTRY;
3707 DEBUG(1, ("lp_load_ex: changing to config backend "
3709 init_globals(lp_ctx, true);
3711 TALLOC_FREE(lp_ctx);
3713 lp_kill_all_services();
3714 ok = lp_load_ex(pszFname, global_only, save_defaults,
3715 add_ipc, initialize_globals,
3716 allow_include_registry,
3721 } else if (lp_config_backend_is_registry()) {
3722 bRetval = process_registry_globals();
3724 DEBUG(0, ("Illegal config backend given: %d\n",
3725 lp_config_backend()));
3729 if (bRetval && lp_registry_shares()) {
3730 if (load_all_shares) {
3731 bRetval = process_registry_shares();
3733 bRetval = reload_registry_shares();
3738 char *serv = lp_auto_services(talloc_tos());
3739 lp_add_auto_services(serv);
3744 /* When 'restrict anonymous = 2' guest connections to ipc$
3746 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3747 if ( lp_enable_asu_support() ) {
3748 lp_add_ipc("ADMIN$", false);
3752 set_allowed_client_auth();
3754 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3755 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3756 lp_password_server()));
3761 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3762 /* if we_are_a_wins_server is true and we are in the client */
3763 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3764 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3769 fault_configure(smb_panic_s3);
3772 * We run this check once the whole smb.conf is parsed, to
3773 * force some settings for the standard way a AD DC is
3774 * operated. We may changed these as our code evolves, which
3775 * is why we force these settings.
3777 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3778 lp_do_parameter(-1, "passdb backend", "samba_dsdb");
3780 lp_do_parameter(-1, "winbindd:use external pipes", "true");
3782 lp_do_parameter(-1, "rpc_server:default", "external");
3783 lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
3784 lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
3785 lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
3786 lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
3787 lp_do_parameter(-1, "rpc_server:winreg", "embedded");
3788 lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
3789 lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
3790 lp_do_parameter(-1, "rpc_server:tcpip", "no");
3793 bAllowIncludeRegistry = true;
3799 bool lp_load(const char *pszFname,
3803 bool initialize_globals)
3805 return lp_load_ex(pszFname,
3810 true, /* allow_include_registry */
3811 false); /* load_all_shares*/
3814 bool lp_load_initial_only(const char *pszFname)
3816 return lp_load_ex(pszFname,
3817 true, /* global only */
3818 false, /* save_defaults */
3819 false, /* add_ipc */
3820 true, /* initialize_globals */
3821 false, /* allow_include_registry */
3822 false); /* load_all_shares*/
3826 * most common lp_load wrapper, loading only the globals
3828 bool lp_load_global(const char *file_name)
3830 return lp_load_ex(file_name,
3831 true, /* global_only */
3832 false, /* save_defaults */
3833 false, /* add_ipc */
3834 true, /* initialize_globals */
3835 true, /* allow_include_registry */
3836 false); /* load_all_shares*/
3840 * lp_load wrapper, especially for clients
3842 bool lp_load_client(const char *file_name)
3844 lp_set_in_client(true);
3846 return lp_load_global(file_name);
3850 * lp_load wrapper, loading only globals, but intended
3851 * for subsequent calls, not reinitializing the globals
3854 bool lp_load_global_no_reinit(const char *file_name)
3856 return lp_load_ex(file_name,
3857 true, /* global_only */
3858 false, /* save_defaults */
3859 false, /* add_ipc */
3860 false, /* initialize_globals */
3861 true, /* allow_include_registry */
3862 false); /* load_all_shares*/
3866 * lp_load wrapper, especially for clients, no reinitialization
3868 bool lp_load_client_no_reinit(const char *file_name)
3870 lp_set_in_client(true);
3872 return lp_load_global_no_reinit(file_name);
3875 bool lp_load_with_registry_shares(const char *pszFname,
3879 bool initialize_globals)
3881 return lp_load_ex(pszFname,
3886 true, /* allow_include_registry */
3887 true); /* load_all_shares*/
3890 /***************************************************************************
3891 Return the max number of services.
3892 ***************************************************************************/
3894 int lp_numservices(void)
3896 return (iNumServices);
3899 /***************************************************************************
3900 Display the contents of the services array in human-readable form.
3901 ***************************************************************************/
3903 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
3906 struct loadparm_context *lp_ctx;
3909 defaults_saved = false;
3911 lp_ctx = setup_lp_context(talloc_tos());
3912 if (lp_ctx == NULL) {
3916 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
3918 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
3920 for (iService = 0; iService < maxtoprint; iService++) {
3922 lp_dump_one(f, show_defaults, iService);
3926 /***************************************************************************
3927 Display the contents of one service in human-readable form.
3928 ***************************************************************************/
3930 void lp_dump_one(FILE * f, bool show_defaults, int snum)
3933 if (ServicePtrs[snum]->szService[0] == '\0')
3935 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
3936 flags_list, show_defaults);
3940 /***************************************************************************
3941 Return the number of the service with the given name, or -1 if it doesn't
3942 exist. Note that this is a DIFFERENT ANIMAL from the internal function
3943 getservicebyname()! This works ONLY if all services have been loaded, and
3944 does not copy the found service.
3945 ***************************************************************************/
3947 int lp_servicenumber(const char *pszServiceName)
3950 fstring serviceName;
3952 if (!pszServiceName) {
3953 return GLOBAL_SECTION_SNUM;
3956 for (iService = iNumServices - 1; iService >= 0; iService--) {
3957 if (VALID(iService) && ServicePtrs[iService]->szService) {
3959 * The substitution here is used to support %U in
3962 fstrcpy(serviceName, ServicePtrs[iService]->szService);
3963 standard_sub_basic(get_current_username(),
3964 current_user_info.domain,
3965 serviceName,sizeof(serviceName));
3966 if (strequal(serviceName, pszServiceName)) {
3972 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
3973 struct timespec last_mod;
3975 if (!usershare_exists(iService, &last_mod)) {
3976 /* Remove the share security tdb entry for it. */
3977 delete_share_security(lp_servicename(talloc_tos(), iService));
3978 /* Remove it from the array. */
3979 free_service_byindex(iService);
3980 /* Doesn't exist anymore. */
3981 return GLOBAL_SECTION_SNUM;
3984 /* Has it been modified ? If so delete and reload. */
3985 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3987 /* Remove it from the array. */
3988 free_service_byindex(iService);
3989 /* and now reload it. */
3990 iService = load_usershare_service(pszServiceName);
3995 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
3996 return GLOBAL_SECTION_SNUM;
4002 /*******************************************************************
4003 A useful volume label function.
4004 ********************************************************************/
4006 const char *volume_label(TALLOC_CTX *ctx, int snum)
4009 const char *label = lp_volume(ctx, snum);
4011 label = lp_servicename(ctx, snum);
4014 /* This returns a 33 byte guarenteed null terminated string. */
4015 ret = talloc_strndup(ctx, label, 32);
4022 /*******************************************************************
4023 Get the default server type we will announce as via nmbd.
4024 ********************************************************************/
4026 int lp_default_server_announce(void)
4028 int default_server_announce = 0;
4029 default_server_announce |= SV_TYPE_WORKSTATION;
4030 default_server_announce |= SV_TYPE_SERVER;
4031 default_server_announce |= SV_TYPE_SERVER_UNIX;
4033 /* note that the flag should be set only if we have a
4034 printer service but nmbd doesn't actually load the
4035 services so we can't tell --jerry */
4037 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4039 default_server_announce |= SV_TYPE_SERVER_NT;
4040 default_server_announce |= SV_TYPE_NT;
4042 switch (lp_server_role()) {
4043 case ROLE_DOMAIN_MEMBER:
4044 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4046 case ROLE_DOMAIN_PDC:
4047 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4049 case ROLE_DOMAIN_BDC:
4050 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4052 case ROLE_STANDALONE:
4056 if (lp_time_server())
4057 default_server_announce |= SV_TYPE_TIME_SOURCE;
4059 if (lp_host_msdfs())
4060 default_server_announce |= SV_TYPE_DFS_SERVER;
4062 return default_server_announce;
4065 /***********************************************************
4066 If we are PDC then prefer us as DMB
4067 ************************************************************/
4069 bool lp_domain_master(void)
4071 if (Globals._domain_master == Auto)
4072 return (lp_server_role() == ROLE_DOMAIN_PDC);
4074 return (bool)Globals._domain_master;
4077 /***********************************************************
4078 If we are PDC then prefer us as DMB
4079 ************************************************************/
4081 static bool lp_domain_master_true_or_auto(void)
4083 if (Globals._domain_master) /* auto or yes */
4089 /***********************************************************
4090 If we are DMB then prefer us as LMB
4091 ************************************************************/
4093 bool lp_preferred_master(void)
4095 if (Globals.iPreferredMaster == Auto)
4096 return (lp_local_master() && lp_domain_master());
4098 return (bool)Globals.iPreferredMaster;
4101 /*******************************************************************
4103 ********************************************************************/
4105 void lp_remove_service(int snum)
4107 ServicePtrs[snum]->valid = false;
4110 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4112 const char *ret = lp__printername(ctx, snum);
4113 if (ret == NULL || *ret == '\0') {
4114 ret = lp_const_servicename(snum);
4121 /***********************************************************
4122 Allow daemons such as winbindd to fix their logfile name.
4123 ************************************************************/
4125 void lp_set_logfile(const char *name)
4127 string_set(Globals.ctx, &Globals.logfile, name);
4128 debug_set_logfile(name);
4131 /*******************************************************************
4132 Return the max print jobs per queue.
4133 ********************************************************************/
4135 int lp_maxprintjobs(int snum)
4137 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4138 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4139 maxjobs = PRINT_MAX_JOBID - 1;
4144 const char *lp_printcapname(void)
4146 if ((Globals.szPrintcapname != NULL) &&
4147 (Globals.szPrintcapname[0] != '\0'))
4148 return Globals.szPrintcapname;
4150 if (sDefault.printing == PRINT_CUPS) {
4154 if (sDefault.printing == PRINT_BSD)
4155 return "/etc/printcap";
4157 return PRINTCAP_NAME;
4160 static uint32 spoolss_state;
4162 bool lp_disable_spoolss( void )
4164 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4165 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4167 return spoolss_state == SVCCTL_STOPPED ? true : false;
4170 void lp_set_spoolss_state( uint32 state )
4172 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4174 spoolss_state = state;
4177 uint32 lp_get_spoolss_state( void )
4179 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4182 /*******************************************************************
4183 Ensure we don't use sendfile if server smb signing is active.
4184 ********************************************************************/
4186 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4188 bool sign_active = false;
4190 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4191 if (get_Protocol() < PROTOCOL_NT1) {
4194 if (signing_state) {
4195 sign_active = smb_signing_is_active(signing_state);
4197 return (lp__use_sendfile(snum) &&
4198 (get_remote_arch() != RA_WIN95) &&
4202 /*******************************************************************
4203 Turn off sendfile if we find the underlying OS doesn't support it.
4204 ********************************************************************/
4206 void set_use_sendfile(int snum, bool val)
4208 if (LP_SNUM_OK(snum))
4209 ServicePtrs[snum]->_use_sendfile = val;
4211 sDefault._use_sendfile = val;
4214 /*******************************************************************
4215 Turn off storing DOS attributes if this share doesn't support it.
4216 ********************************************************************/
4218 void set_store_dos_attributes(int snum, bool val)
4220 if (!LP_SNUM_OK(snum))
4222 ServicePtrs[(snum)]->store_dos_attributes = val;
4225 void lp_set_mangling_method(const char *new_method)
4227 string_set(Globals.ctx, &Globals.mangling_method, new_method);
4230 /*******************************************************************
4231 Global state for POSIX pathname processing.
4232 ********************************************************************/
4234 static bool posix_pathnames;
4236 bool lp_posix_pathnames(void)
4238 return posix_pathnames;
4241 /*******************************************************************
4242 Change everything needed to ensure POSIX pathname processing (currently
4244 ********************************************************************/
4246 void lp_set_posix_pathnames(void)
4248 posix_pathnames = true;
4251 /*******************************************************************
4252 Global state for POSIX lock processing - CIFS unix extensions.
4253 ********************************************************************/
4255 bool posix_default_lock_was_set;
4256 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4258 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4260 if (posix_default_lock_was_set) {
4261 return posix_cifsx_locktype;
4263 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
4267 /*******************************************************************
4268 ********************************************************************/
4270 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4272 posix_default_lock_was_set = true;
4273 posix_cifsx_locktype = val;
4276 int lp_min_receive_file_size(void)
4278 if (Globals.iminreceivefile < 0) {
4281 return Globals.iminreceivefile;
4284 /*******************************************************************
4285 Safe wide links checks.
4286 This helper function always verify the validity of wide links,
4287 even after a configuration file reload.
4288 ********************************************************************/
4290 static bool lp_widelinks_internal(int snum)
4292 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4293 sDefault.bWidelinks);
4296 void widelinks_warning(int snum)
4298 if (lp_allow_insecure_wide_links()) {
4302 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4303 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4304 "These parameters are incompatible. "
4305 "Wide links will be disabled for this share.\n",
4306 lp_servicename(talloc_tos(), snum) ));
4310 bool lp_widelinks(int snum)
4312 /* wide links is always incompatible with unix extensions */
4313 if (lp_unix_extensions()) {
4315 * Unless we have "allow insecure widelinks"
4318 if (!lp_allow_insecure_wide_links()) {
4323 return lp_widelinks_internal(snum);
4326 int lp_server_role(void)
4328 return lp_find_server_role(lp__server_role(),
4330 lp__domain_logons(),
4331 lp_domain_master_true_or_auto());
4334 int lp_security(void)
4336 return lp_find_security(lp__server_role(),
4340 int lp_client_max_protocol(void)
4342 int client_max_protocol = lp__client_max_protocol();
4343 if (client_max_protocol == PROTOCOL_DEFAULT) {
4344 return PROTOCOL_NT1;
4346 return client_max_protocol;
4349 int lp_winbindd_max_protocol(void)
4351 int client_max_protocol = lp__client_max_protocol();
4352 if (client_max_protocol == PROTOCOL_DEFAULT) {
4353 return PROTOCOL_LATEST;
4355 return client_max_protocol;
4358 struct loadparm_global * get_globals(void)
4363 unsigned int * get_flags(void)
4365 if (flags_list == NULL) {
4366 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());
git.samba.org / samba.git / blob