2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
73 #include "source4/lib/tls/tls.h"
75 #ifdef HAVE_SYS_SYSCTL_H
76 #include <sys/sysctl.h>
81 extern userdom_struct current_user_info;
83 /* the special value for the include parameter
84 * to be interpreted not as a file name but to
85 * trigger loading of the global smb.conf options
87 #ifndef INCLUDE_REGISTRY_NAME
88 #define INCLUDE_REGISTRY_NAME "registry"
91 static bool in_client = false; /* Not in the client by default */
92 static struct smbconf_csn conf_last_csn;
94 static int config_backend = CONFIG_BACKEND_FILE;
96 /* some helpful bits */
97 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && \
98 (ServicePtrs != NULL) && \
99 (ServicePtrs[(i)] != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) ((ServicePtrs != NULL) && (ServicePtrs[i]!= NULL) && \
101 ServicePtrs[i]->valid)
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
106 static bool defaults_saved = false;
108 #include "lib/param/param_global.h"
110 static struct loadparm_global Globals;
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
118 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .max_print_jobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
189 .administrative_share = false,
192 .print_notify_backchannel = false,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
199 .strict_locking = Auto,
200 .posix_locking = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
204 .mangled_names = true,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
210 .strict_sync = false,
211 .mangling_char = '~',
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
225 .msdfs_shuffle_referrals = false,
226 .use_client_driver = false,
227 .default_devmode = true,
228 .force_printername = false,
229 .nt_acl_support = true,
230 .force_unknown_acl_user = false,
231 ._use_sendfile = false,
232 .profile_acls = false,
233 .map_acl_inherit = false,
236 .acl_check_permissions = true,
237 .acl_map_full_control = true,
238 .acl_group_control = false,
239 .acl_allow_execute_always = false,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
260 static unsigned int *flags_list = NULL;
262 static void set_allowed_client_auth(void);
264 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
265 static void free_param_opts(struct parmlist_entry **popts);
268 * Function to return the default value for the maximum number of open
269 * file descriptors permitted. This function tries to consult the
270 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
271 * the smaller of those.
273 static int max_open_files(void)
275 int sysctl_max = MAX_OPEN_FILES;
276 int rlimit_max = MAX_OPEN_FILES;
278 #ifdef HAVE_SYSCTLBYNAME
280 size_t size = sizeof(sysctl_max);
281 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
286 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
292 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
293 rlimit_max = rl.rlim_cur;
295 #if defined(RLIM_INFINITY)
296 if(rl.rlim_cur == RLIM_INFINITY)
297 rlimit_max = MAX_OPEN_FILES;
302 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
303 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
304 "minimum Windows limit (%d)\n",
306 MIN_OPEN_FILES_WINDOWS));
307 sysctl_max = MIN_OPEN_FILES_WINDOWS;
310 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
311 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
312 "minimum Windows limit (%d)\n",
314 MIN_OPEN_FILES_WINDOWS));
315 rlimit_max = MIN_OPEN_FILES_WINDOWS;
318 return MIN(sysctl_max, rlimit_max);
322 * Common part of freeing allocated data for one parameter.
324 static void free_one_parameter_common(void *parm_ptr,
325 struct parm_struct parm)
327 if ((parm.type == P_STRING) ||
328 (parm.type == P_USTRING))
330 lpcfg_string_free((char**)parm_ptr);
331 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
332 TALLOC_FREE(*((char***)parm_ptr));
337 * Free the allocated data for one parameter for a share
338 * given as a service struct.
340 static void free_one_parameter(struct loadparm_service *service,
341 struct parm_struct parm)
345 if (parm.p_class != P_LOCAL) {
349 parm_ptr = lp_parm_ptr(service, &parm);
351 free_one_parameter_common(parm_ptr, parm);
355 * Free the allocated parameter data of a share given
356 * as a service struct.
358 static void free_parameters(struct loadparm_service *service)
362 for (i=0; parm_table[i].label; i++) {
363 free_one_parameter(service, parm_table[i]);
368 * Free the allocated data for one parameter for a given share
369 * specified by an snum.
371 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
376 parm_ptr = lp_parm_ptr(NULL, &parm);
377 } else if (parm.p_class != P_LOCAL) {
380 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
383 free_one_parameter_common(parm_ptr, parm);
387 * Free the allocated parameter data for a share specified
390 static void free_parameters_by_snum(int snum)
394 for (i=0; parm_table[i].label; i++) {
395 free_one_parameter_by_snum(snum, parm_table[i]);
400 * Free the allocated global parameters.
402 static void free_global_parameters(void)
405 struct parm_struct *parm;
407 free_param_opts(&Globals.param_opt);
408 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
410 /* Reset references in the defaults because the context is going to be freed */
411 for (i=0; parm_table[i].label; i++) {
412 parm = &parm_table[i];
413 if ((parm->type == P_STRING) ||
414 (parm->type == P_USTRING)) {
415 if ((parm->def.svalue != NULL) &&
416 (*(parm->def.svalue) != '\0')) {
417 if (talloc_parent(parm->def.svalue) == Globals.ctx) {
418 parm->def.svalue = NULL;
423 TALLOC_FREE(Globals.ctx);
426 struct lp_stored_option {
427 struct lp_stored_option *prev, *next;
432 static struct lp_stored_option *stored_options;
435 save options set by lp_set_cmdline() into a list. This list is
436 re-applied when we do a globals reset, so that cmdline set options
437 are sticky across reloads of smb.conf
439 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
441 struct lp_stored_option *entry, *entry_next;
442 for (entry = stored_options; entry != NULL; entry = entry_next) {
443 entry_next = entry->next;
444 if (strcmp(pszParmName, entry->label) == 0) {
445 DLIST_REMOVE(stored_options, entry);
451 entry = talloc(NULL, struct lp_stored_option);
456 entry->label = talloc_strdup(entry, pszParmName);
462 entry->value = talloc_strdup(entry, pszParmValue);
468 DLIST_ADD_END(stored_options, entry);
473 static bool apply_lp_set_cmdline(void)
475 struct lp_stored_option *entry = NULL;
476 for (entry = stored_options; entry != NULL; entry = entry->next) {
477 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
478 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
479 entry->label, entry->value));
486 /***************************************************************************
487 Initialise the global parameter structure.
488 ***************************************************************************/
490 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
492 static bool done_init = false;
496 /* If requested to initialize only once and we've already done it... */
497 if (!reinit_globals && done_init) {
498 /* ... then we have nothing more to do */
503 /* The logfile can be set before this is invoked. Free it if so. */
504 lpcfg_string_free(&Globals.logfile);
507 free_global_parameters();
510 /* This memset and the free_global_parameters() above will
511 * wipe out smb.conf options set with lp_set_cmdline(). The
512 * apply_lp_set_cmdline() call puts these values back in the
513 * table once the defaults are set */
514 ZERO_STRUCT(Globals);
516 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
518 /* Initialize the flags list if necessary */
519 if (flags_list == NULL) {
523 for (i = 0; parm_table[i].label; i++) {
524 if ((parm_table[i].type == P_STRING ||
525 parm_table[i].type == P_USTRING))
529 (char **)lp_parm_ptr(NULL, &parm_table[i]),
535 lpcfg_string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
536 lpcfg_string_set(Globals.ctx, &sDefault.printjob_username, "%U");
538 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
540 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
542 DEBUG(3, ("Initialising global parameters\n"));
544 /* Must manually force to upper case here, as this does not go via the handler */
545 lpcfg_string_set(Globals.ctx, &Globals.netbios_name,
548 lpcfg_string_set(Globals.ctx, &Globals.smb_passwd_file,
549 get_dyn_SMB_PASSWD_FILE());
550 lpcfg_string_set(Globals.ctx, &Globals.private_dir,
551 get_dyn_PRIVATE_DIR());
553 /* use the new 'hash2' method by default, with a prefix of 1 */
554 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, "hash2");
555 Globals.mangle_prefix = 1;
557 lpcfg_string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
559 /* using UTF8 by default allows us to support all chars */
560 lpcfg_string_set(Globals.ctx, &Globals.unix_charset,
561 DEFAULT_UNIX_CHARSET);
563 /* Use codepage 850 as a default for the dos character set */
564 lpcfg_string_set(Globals.ctx, &Globals.dos_charset,
565 DEFAULT_DOS_CHARSET);
568 * Allow the default PASSWD_CHAT to be overridden in local.h.
570 lpcfg_string_set(Globals.ctx, &Globals.passwd_chat,
571 DEFAULT_PASSWD_CHAT);
573 lpcfg_string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
575 lpcfg_string_set(Globals.ctx, &Globals.passwd_program, "");
576 lpcfg_string_set(Globals.ctx, &Globals.lock_directory,
578 lpcfg_string_set(Globals.ctx, &Globals.state_directory,
580 lpcfg_string_set(Globals.ctx, &Globals.cache_directory,
582 lpcfg_string_set(Globals.ctx, &Globals.pid_directory,
584 lpcfg_string_set(Globals.ctx, &Globals.nbt_client_socket_address,
587 * By default support explicit binding to broadcast
590 Globals.nmbd_bind_explicit_broadcast = true;
592 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
594 smb_panic("init_globals: ENOMEM");
596 lpcfg_string_set(Globals.ctx, &Globals.server_string, s);
599 lpcfg_string_set(Globals.ctx, &Globals.panic_action,
600 "/bin/sleep 999999999");
603 lpcfg_string_set(Globals.ctx, &Globals.socket_options,
604 DEFAULT_SOCKET_OPTIONS);
606 lpcfg_string_set(Globals.ctx, &Globals.logon_drive, "");
607 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
608 lpcfg_string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
609 lpcfg_string_set(Globals.ctx, &Globals.logon_path,
610 "\\\\%N\\%U\\profile");
612 Globals.name_resolve_order = str_list_make_v3_const(NULL, "lmhosts wins host bcast", NULL);
613 lpcfg_string_set(Globals.ctx, &Globals.password_server, "*");
615 Globals.algorithmic_rid_base = BASE_RID;
617 Globals.load_printers = true;
618 Globals.printcap_cache_time = 750; /* 12.5 minutes */
620 Globals.config_backend = config_backend;
621 Globals._server_role = ROLE_AUTO;
623 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
624 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
625 Globals.max_xmit = 0x4104;
626 Globals.max_mux = 50; /* This is *needed* for profile support. */
627 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
628 Globals._disable_spoolss = false;
629 Globals.max_smbd_processes = 0;/* no limit specified */
630 Globals.username_level = 0;
631 Globals.deadtime = 0;
632 Globals.getwd_cache = true;
633 Globals.large_readwrite = true;
634 Globals.max_log_size = 5000;
635 Globals.max_open_files = max_open_files();
636 Globals.server_max_protocol = PROTOCOL_SMB3_11;
637 Globals.server_min_protocol = PROTOCOL_LANMAN1;
638 Globals._client_max_protocol = PROTOCOL_DEFAULT;
639 Globals.client_min_protocol = PROTOCOL_CORE;
640 Globals._client_ipc_max_protocol = PROTOCOL_DEFAULT;
641 Globals._client_ipc_min_protocol = PROTOCOL_DEFAULT;
642 Globals._security = SEC_AUTO;
643 Globals.encrypt_passwords = true;
644 Globals.client_schannel = Auto;
645 Globals.winbind_sealed_pipes = true;
646 Globals.require_strong_key = true;
647 Globals.server_schannel = Auto;
648 Globals.read_raw = true;
649 Globals.write_raw = true;
650 Globals.null_passwords = false;
651 Globals.old_password_allowed_period = 60;
652 Globals.obey_pam_restrictions = false;
654 Globals.syslog_only = false;
655 Globals.timestamp_logs = true;
656 lpcfg_string_set(Globals.ctx, &Globals.log_level, "0");
657 Globals.debug_prefix_timestamp = false;
658 Globals.debug_hires_timestamp = true;
659 Globals.debug_pid = false;
660 Globals.debug_uid = false;
661 Globals.debug_class = false;
662 Globals.enable_core_files = true;
663 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
664 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
665 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
666 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
667 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
668 Globals.lm_interval = 60;
669 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
670 Globals.nis_homedir = false;
671 #ifdef WITH_NISPLUS_HOME
672 lpcfg_string_set(Globals.ctx, &Globals.homedir_map,
673 "auto_home.org_dir");
675 lpcfg_string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
678 Globals.time_server = false;
679 Globals.bind_interfaces_only = false;
680 Globals.unix_password_sync = false;
681 Globals.pam_password_change = false;
682 Globals.passwd_chat_debug = false;
683 Globals.passwd_chat_timeout = 2; /* 2 second default. */
684 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
685 Globals.nt_status_support = true; /* Use NT status by default. */
686 Globals.smbd_profiling_level = 0;
687 Globals.stat_cache = true; /* use stat cache by default */
688 Globals.max_stat_cache_size = 256; /* 256k by default */
689 Globals.restrict_anonymous = 0;
690 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
691 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
692 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
693 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
694 Globals.raw_ntlmv2_auth = false; /* Reject NTLMv2 without NTLMSSP */
695 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
696 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
698 Globals.allow_dcerpc_auth_level_connect = false; /* we don't allow this by default */
700 Globals.map_to_guest = 0; /* By Default, "Never" */
701 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
702 Globals.enhanced_browsing = true;
703 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
704 #ifdef MMAP_BLACKLIST
705 Globals.use_mmap = false;
707 Globals.use_mmap = true;
709 Globals.unicode = true;
710 Globals.unix_extensions = true;
711 Globals.reset_on_zero_vc = false;
712 Globals.log_writeable_files_on_exit = false;
713 Globals.create_krb5_conf = true;
714 Globals._winbind_max_domain_connections = 1;
716 /* hostname lookups can be very expensive and are broken on
717 a large number of sites (tridge) */
718 Globals.hostname_lookups = false;
720 Globals.change_notify = true,
721 Globals.kernel_change_notify = true,
723 lpcfg_string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
724 lpcfg_string_set(Globals.ctx, &Globals.ldap_suffix, "");
725 lpcfg_string_set(Globals.ctx, &Globals._ldap_machine_suffix, "");
726 lpcfg_string_set(Globals.ctx, &Globals._ldap_user_suffix, "");
727 lpcfg_string_set(Globals.ctx, &Globals._ldap_group_suffix, "");
728 lpcfg_string_set(Globals.ctx, &Globals._ldap_idmap_suffix, "");
730 lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
731 Globals.ldap_ssl = LDAP_SSL_START_TLS;
732 Globals.ldap_ssl_ads = false;
733 Globals.ldap_deref = -1;
734 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
735 Globals.ldap_delete_dn = false;
736 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
737 Globals.ldap_follow_referral = Auto;
738 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
739 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
740 Globals.ldap_page_size = LDAP_PAGE_SIZE;
742 Globals.ldap_debug_level = 0;
743 Globals.ldap_debug_threshold = 10;
745 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
747 Globals.ldap_server_require_strong_auth =
748 LDAP_SERVER_REQUIRE_STRONG_AUTH_YES;
750 /* This is what we tell the afs client. in reality we set the token
751 * to never expire, though, when this runs out the afs client will
752 * forget the token. Set to 0 to get NEVERDATE.*/
753 Globals.afs_token_lifetime = 604800;
754 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
756 /* these parameters are set to defaults that are more appropriate
757 for the increasing samba install base:
759 as a member of the workgroup, that will possibly become a
760 _local_ master browser (lm = true). this is opposed to a forced
761 local master browser startup (pm = true).
763 doesn't provide WINS server service by default (wsupp = false),
764 and doesn't provide domain master browser services by default, either.
768 Globals.show_add_printer_wizard = true;
769 Globals.os_level = 20;
770 Globals.local_master = true;
771 Globals._domain_master = Auto; /* depending on _domain_logons */
772 Globals._domain_logons = false;
773 Globals.browse_list = true;
774 Globals.we_are_a_wins_server = false;
775 Globals.wins_proxy = false;
777 TALLOC_FREE(Globals.init_logon_delayed_hosts);
778 Globals.init_logon_delay = 100; /* 100 ms default delay */
780 Globals.wins_dns_proxy = true;
782 Globals.allow_trusted_domains = true;
783 lpcfg_string_set(Globals.ctx, &Globals.idmap_backend, "tdb");
785 lpcfg_string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
786 lpcfg_string_set(Globals.ctx, &Globals.template_homedir,
788 lpcfg_string_set(Globals.ctx, &Globals.winbind_separator, "\\");
789 lpcfg_string_set(Globals.ctx, &Globals.winbindd_socket_directory,
790 dyn_WINBINDD_SOCKET_DIR);
792 lpcfg_string_set(Globals.ctx, &Globals.cups_server, "");
793 lpcfg_string_set(Globals.ctx, &Globals.iprint_server, "");
795 lpcfg_string_set(Globals.ctx, &Globals._ctdbd_socket, "");
797 Globals.cluster_addresses = NULL;
798 Globals.clustering = false;
799 Globals.ctdb_timeout = 0;
800 Globals.ctdb_locktime_warn_threshold = 0;
802 Globals.winbind_cache_time = 300; /* 5 minutes */
803 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
804 Globals.winbind_request_timeout = 60; /* 60 seconds */
805 Globals.winbind_max_clients = 200;
806 Globals.winbind_enum_users = false;
807 Globals.winbind_enum_groups = false;
808 Globals.winbind_use_default_domain = false;
809 Globals.winbind_trusted_domains_only = false;
810 Globals.winbind_nested_groups = true;
811 Globals.winbind_expand_groups = 0;
812 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
813 Globals.winbind_refresh_tickets = false;
814 Globals.winbind_offline_logon = false;
816 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
817 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
819 Globals.passdb_expand_explicit = false;
821 Globals.name_cache_timeout = 660; /* In seconds */
823 Globals.use_spnego = true;
824 Globals.client_use_spnego = true;
826 Globals.client_signing = SMB_SIGNING_DEFAULT;
827 Globals._client_ipc_signing = SMB_SIGNING_DEFAULT;
828 Globals.server_signing = SMB_SIGNING_DEFAULT;
830 Globals.defer_sharing_violations = true;
831 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
833 Globals.enable_privileges = true;
834 Globals.host_msdfs = true;
835 Globals.enable_asu_support = false;
837 /* User defined shares. */
838 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
840 smb_panic("init_globals: ENOMEM");
842 lpcfg_string_set(Globals.ctx, &Globals.usershare_path, s);
844 lpcfg_string_set(Globals.ctx, &Globals.usershare_template_share, "");
845 Globals.usershare_max_shares = 0;
846 /* By default disallow sharing of directories not owned by the sharer. */
847 Globals.usershare_owner_only = true;
848 /* By default disallow guest access to usershares. */
849 Globals.usershare_allow_guests = false;
851 Globals.keepalive = DEFAULT_KEEPALIVE;
853 /* By default no shares out of the registry */
854 Globals.registry_shares = false;
856 Globals.min_receivefile_size = 0;
858 Globals.map_untrusted_to_domain = false;
859 Globals.multicast_dns_register = true;
861 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
862 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
863 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
864 Globals.smb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
865 Globals.smb2_leases = false;
867 lpcfg_string_set(Globals.ctx, &Globals.ncalrpc_dir,
868 get_dyn_NCALRPCDIR());
870 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
872 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
874 Globals.tls_enabled = true;
875 Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
877 lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
878 lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
879 lpcfg_string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
880 lpcfg_string_set(Globals.ctx, &Globals.tls_priority,
881 "NORMAL:-VERS-SSL3.0");
883 lpcfg_string_set(Globals.ctx, &Globals.share_backend, "classic");
885 Globals._preferred_master = Auto;
887 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
889 lpcfg_string_set(Globals.ctx, &Globals.ntp_signd_socket_directory,
890 get_dyn_NTP_SIGND_SOCKET_DIR());
892 lpcfg_string_set(Globals.ctx,
893 &Globals.winbindd_privileged_socket_directory,
894 get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
896 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
898 smb_panic("init_globals: ENOMEM");
900 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
903 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
905 smb_panic("init_globals: ENOMEM");
907 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
910 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
912 smb_panic("init_globals: ENOMEM");
914 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
917 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
919 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
921 Globals.cldap_port = 389;
923 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
925 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
927 Globals.krb5_port = 88;
929 Globals.kpasswd_port = 464;
931 Globals.web_port = 901;
933 Globals.aio_max_threads = 100;
935 /* Now put back the settings that were set with lp_set_cmdline() */
936 apply_lp_set_cmdline();
939 /* Convenience routine to setup an lp_context with additional s3 variables */
940 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
942 struct loadparm_context *lp_ctx;
944 lp_ctx = loadparm_init_s3(mem_ctx,
945 loadparm_s3_helpers());
946 if (lp_ctx == NULL) {
947 DEBUG(0, ("loadparm_init_s3 failed\n"));
951 lp_ctx->sDefault = &sDefault;
952 lp_ctx->services = NULL; /* We do not want to access this directly */
953 lp_ctx->bInGlobalSection = bInGlobalSection;
954 lp_ctx->flags = flags_list;
959 /*******************************************************************
960 Convenience routine to grab string parameters into talloced memory
961 and run standard_sub_basic on them. The buffers can be written to by
962 callers without affecting the source string.
963 ********************************************************************/
965 char *lp_string(TALLOC_CTX *ctx, const char *s)
969 /* The follow debug is useful for tracking down memory problems
970 especially if you have an inner loop that is calling a lp_*()
971 function that returns a string. Perhaps this debug should be
972 present all the time? */
975 DEBUG(10, ("lp_string(%s)\n", s));
981 ret = talloc_sub_basic(ctx,
982 get_current_username(),
983 current_user_info.domain,
985 if (trim_char(ret, '\"', '\"')) {
986 if (strchr(ret,'\"') != NULL) {
988 ret = talloc_sub_basic(ctx,
989 get_current_username(),
990 current_user_info.domain,
998 In this section all the functions that are used to access the
999 parameters from the rest of the program are defined
1002 #define FN_GLOBAL_STRING(fn_name,ptr) \
1003 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1004 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1005 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1006 #define FN_GLOBAL_LIST(fn_name,ptr) \
1007 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1008 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1009 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1010 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1011 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1012 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1013 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1015 #define FN_LOCAL_STRING(fn_name,val) \
1016 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1017 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1018 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1019 #define FN_LOCAL_LIST(fn_name,val) \
1020 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1021 #define FN_LOCAL_BOOL(fn_name,val) \
1022 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1023 #define FN_LOCAL_INTEGER(fn_name,val) \
1024 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1026 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1027 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1028 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1029 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1030 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1031 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1033 int lp_winbind_max_domain_connections(void)
1035 if (lp_winbind_offline_logon() &&
1036 lp__winbind_max_domain_connections() > 1) {
1037 DEBUG(1, ("offline logons active, restricting max domain "
1038 "connections to 1\n"));
1041 return MAX(1, lp__winbind_max_domain_connections());
1044 /* These functions remain in source3/param for now */
1046 #include "lib/param/param_functions.c"
1048 FN_LOCAL_STRING(servicename, szService)
1049 FN_LOCAL_CONST_STRING(const_servicename, szService)
1051 /* These functions cannot be auto-generated */
1052 FN_LOCAL_BOOL(autoloaded, autoloaded)
1053 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1055 /* local prototypes */
1057 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1058 static const char *get_boolean(bool bool_value);
1059 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1061 static bool hash_a_service(const char *name, int number);
1062 static void free_service_byindex(int iService);
1063 static void show_parameter(int parmIndex);
1064 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1067 * This is a helper function for parametrical options support. It returns a
1068 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1069 * parametrical functions are quite simple
1071 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1074 if (snum >= iNumServices) return NULL;
1077 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1079 return get_parametric_helper(ServicePtrs[snum],
1080 type, option, Globals.param_opt);
1084 static void discard_whitespace(char *str)
1086 size_t len = strlen(str);
1090 if (isspace(str[i])) {
1091 memmove(&str[i], &str[i+1], len-i);
1100 * @brief Go through all global parametric parameters
1102 * @param regex_str A regular expression to scan param for
1103 * @param max_matches Max number of submatches the regexp expects
1104 * @param cb Function to call on match. Should return true
1105 * when it wants wi_scan_global_parametrics to stop
1107 * @param private_data Anonymous pointer passed to cb
1109 * @return 0: success, regcomp/regexec return value on error.
1110 * See "man regexec" for possible errors
1113 int lp_wi_scan_global_parametrics(
1114 const char *regex_str, size_t max_matches,
1115 bool (*cb)(const char *string, regmatch_t matches[],
1116 void *private_data),
1119 struct parmlist_entry *data;
1123 ret = regcomp(®ex, regex_str, REG_ICASE);
1128 for (data = Globals.param_opt; data != NULL; data = data->next) {
1129 size_t keylen = strlen(data->key);
1131 regmatch_t matches[max_matches];
1134 memcpy(key, data->key, sizeof(key));
1135 discard_whitespace(key);
1137 ret = regexec(®ex, key, max_matches, matches, 0);
1138 if (ret == REG_NOMATCH) {
1145 stop = cb(key, matches, private_data);
1158 #define MISSING_PARAMETER(name) \
1159 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1161 /*******************************************************************
1162 convenience routine to return enum parameters.
1163 ********************************************************************/
1164 static int lp_enum(const char *s,const struct enum_list *_enum)
1168 if (!s || !*s || !_enum) {
1169 MISSING_PARAMETER(lp_enum);
1173 for (i=0; _enum[i].name; i++) {
1174 if (strequal(_enum[i].name,s))
1175 return _enum[i].value;
1178 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1182 #undef MISSING_PARAMETER
1184 /* Return parametric option from a given service. Type is a part of option before ':' */
1185 /* Parametric option has following syntax: 'Type: option = value' */
1186 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1188 struct parmlist_entry *data = get_parametrics(snum, type, option);
1190 if (data == NULL||data->value==NULL) {
1192 return lp_string(ctx, def);
1198 return lp_string(ctx, data->value);
1201 /* Return parametric option from a given service. Type is a part of option before ':' */
1202 /* Parametric option has following syntax: 'Type: option = value' */
1203 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1205 struct parmlist_entry *data = get_parametrics(snum, type, option);
1207 if (data == NULL||data->value==NULL)
1214 /* Return parametric option from a given service. Type is a part of option before ':' */
1215 /* Parametric option has following syntax: 'Type: option = value' */
1217 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1219 struct parmlist_entry *data = get_parametrics(snum, type, option);
1221 if (data == NULL||data->value==NULL)
1222 return (const char **)def;
1224 if (data->list==NULL) {
1225 data->list = str_list_make_v3(NULL, data->value, NULL);
1228 return discard_const_p(const char *, data->list);
1231 /* Return parametric option from a given service. Type is a part of option before ':' */
1232 /* Parametric option has following syntax: 'Type: option = value' */
1234 int lp_parm_int(int snum, const char *type, const char *option, int def)
1236 struct parmlist_entry *data = get_parametrics(snum, type, option);
1238 if (data && data->value && *data->value)
1239 return lp_int(data->value);
1244 /* Return parametric option from a given service. Type is a part of option before ':' */
1245 /* Parametric option has following syntax: 'Type: option = value' */
1247 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1249 struct parmlist_entry *data = get_parametrics(snum, type, option);
1251 if (data && data->value && *data->value)
1252 return lp_ulong(data->value);
1257 /* Return parametric option from a given service. Type is a part of option before ':' */
1258 /* Parametric option has following syntax: 'Type: option = value' */
1260 unsigned long long lp_parm_ulonglong(int snum, const char *type,
1261 const char *option, unsigned long long def)
1263 struct parmlist_entry *data = get_parametrics(snum, type, option);
1265 if (data && data->value && *data->value) {
1266 return lp_ulonglong(data->value);
1272 /* Return parametric option from a given service. Type is a part of option
1274 /* Parametric option has following syntax: 'Type: option = value' */
1276 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1278 struct parmlist_entry *data = get_parametrics(snum, type, option);
1280 if (data && data->value && *data->value)
1281 return lp_bool(data->value);
1286 /* Return parametric option from a given service. Type is a part of option before ':' */
1287 /* Parametric option has following syntax: 'Type: option = value' */
1289 int lp_parm_enum(int snum, const char *type, const char *option,
1290 const struct enum_list *_enum, int def)
1292 struct parmlist_entry *data = get_parametrics(snum, type, option);
1294 if (data && data->value && *data->value && _enum)
1295 return lp_enum(data->value, _enum);
1301 * free a param_opts structure.
1302 * param_opts handling should be moved to talloc;
1303 * then this whole functions reduces to a TALLOC_FREE().
1306 static void free_param_opts(struct parmlist_entry **popts)
1308 struct parmlist_entry *opt, *next_opt;
1310 if (*popts != NULL) {
1311 DEBUG(5, ("Freeing parametrics:\n"));
1314 while (opt != NULL) {
1315 lpcfg_string_free(&opt->key);
1316 lpcfg_string_free(&opt->value);
1317 TALLOC_FREE(opt->list);
1318 next_opt = opt->next;
1325 /***************************************************************************
1326 Free the dynamically allocated parts of a service struct.
1327 ***************************************************************************/
1329 static void free_service(struct loadparm_service *pservice)
1334 if (pservice->szService)
1335 DEBUG(5, ("free_service: Freeing service %s\n",
1336 pservice->szService));
1338 free_parameters(pservice);
1340 lpcfg_string_free(&pservice->szService);
1341 TALLOC_FREE(pservice->copymap);
1343 free_param_opts(&pservice->param_opt);
1345 ZERO_STRUCTP(pservice);
1349 /***************************************************************************
1350 remove a service indexed in the ServicePtrs array from the ServiceHash
1351 and free the dynamically allocated parts
1352 ***************************************************************************/
1354 static void free_service_byindex(int idx)
1356 if ( !LP_SNUM_OK(idx) )
1359 ServicePtrs[idx]->valid = false;
1361 /* we have to cleanup the hash record */
1363 if (ServicePtrs[idx]->szService) {
1364 char *canon_name = canonicalize_servicename(
1366 ServicePtrs[idx]->szService );
1368 dbwrap_delete_bystring(ServiceHash, canon_name );
1369 TALLOC_FREE(canon_name);
1372 free_service(ServicePtrs[idx]);
1373 TALLOC_FREE(ServicePtrs[idx]);
1376 /***************************************************************************
1377 Add a new service to the services array initialising it with the given
1379 ***************************************************************************/
1381 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1384 struct loadparm_service **tsp = NULL;
1386 /* it might already exist */
1388 i = getservicebyname(name, NULL);
1394 /* Re use empty slots if any before allocating new one.*/
1395 for (i=0; i < iNumServices; i++) {
1396 if (ServicePtrs[i] == NULL) {
1400 if (i == iNumServices) {
1401 /* if not, then create one */
1402 tsp = talloc_realloc(NULL, ServicePtrs,
1403 struct loadparm_service *,
1406 DEBUG(0, ("add_a_service: failed to enlarge "
1413 ServicePtrs[i] = talloc_zero(ServicePtrs, struct loadparm_service);
1414 if (!ServicePtrs[i]) {
1415 DEBUG(0,("add_a_service: out of memory!\n"));
1419 ServicePtrs[i]->valid = true;
1421 copy_service(ServicePtrs[i], pservice, NULL);
1423 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->szService,
1426 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1427 i, ServicePtrs[i]->szService));
1429 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1436 /***************************************************************************
1437 Convert a string to uppercase and remove whitespaces.
1438 ***************************************************************************/
1440 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1445 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1449 result = talloc_strdup(ctx, src);
1450 SMB_ASSERT(result != NULL);
1452 if (!strlower_m(result)) {
1453 TALLOC_FREE(result);
1459 /***************************************************************************
1460 Add a name/index pair for the services array to the hash table.
1461 ***************************************************************************/
1463 static bool hash_a_service(const char *name, int idx)
1467 if ( !ServiceHash ) {
1468 DEBUG(10,("hash_a_service: creating servicehash\n"));
1469 ServiceHash = db_open_rbt(NULL);
1470 if ( !ServiceHash ) {
1471 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1476 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1479 canon_name = canonicalize_servicename(talloc_tos(), name );
1481 dbwrap_store_bystring(ServiceHash, canon_name,
1482 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1485 TALLOC_FREE(canon_name);
1490 /***************************************************************************
1491 Add a new home service, with the specified home directory, defaults coming
1493 ***************************************************************************/
1495 bool lp_add_home(const char *pszHomename, int iDefaultService,
1496 const char *user, const char *pszHomedir)
1500 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1501 pszHomedir[0] == '\0') {
1505 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1510 if (!(*(ServicePtrs[iDefaultService]->path))
1511 || strequal(ServicePtrs[iDefaultService]->path,
1512 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1513 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
1517 if (!(*(ServicePtrs[i]->comment))) {
1518 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1519 if (comment == NULL) {
1522 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment,
1524 TALLOC_FREE(comment);
1527 /* set the browseable flag from the global default */
1529 ServicePtrs[i]->browseable = sDefault.browseable;
1530 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1532 ServicePtrs[i]->autoloaded = true;
1534 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1535 user, ServicePtrs[i]->path ));
1540 /***************************************************************************
1541 Add a new service, based on an old one.
1542 ***************************************************************************/
1544 int lp_add_service(const char *pszService, int iDefaultService)
1546 if (iDefaultService < 0) {
1547 return add_a_service(&sDefault, pszService);
1550 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1553 /***************************************************************************
1554 Add the IPC service.
1555 ***************************************************************************/
1557 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1559 char *comment = NULL;
1560 int i = add_a_service(&sDefault, ipc_name);
1565 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1566 Globals.server_string);
1567 if (comment == NULL) {
1571 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1572 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1573 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1574 ServicePtrs[i]->max_connections = 0;
1575 ServicePtrs[i]->available = true;
1576 ServicePtrs[i]->read_only = true;
1577 ServicePtrs[i]->guest_only = false;
1578 ServicePtrs[i]->administrative_share = true;
1579 ServicePtrs[i]->guest_ok = guest_ok;
1580 ServicePtrs[i]->printable = false;
1581 ServicePtrs[i]->browseable = sDefault.browseable;
1582 ServicePtrs[i]->autoloaded = true;
1584 DEBUG(3, ("adding IPC service\n"));
1586 TALLOC_FREE(comment);
1590 /***************************************************************************
1591 Add a new printer service, with defaults coming from service iFrom.
1592 ***************************************************************************/
1594 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1596 const char *comment = "From Printcap";
1597 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1602 /* note that we do NOT default the availability flag to true - */
1603 /* we take it from the default service passed. This allows all */
1604 /* dynamic printers to be disabled by disabling the [printers] */
1605 /* entry (if/when the 'available' keyword is implemented!). */
1607 /* the printer name is set to the service name. */
1608 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->_printername,
1610 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1612 /* set the browseable flag from the gloabl default */
1613 ServicePtrs[i]->browseable = sDefault.browseable;
1615 /* Printers cannot be read_only. */
1616 ServicePtrs[i]->read_only = false;
1617 /* No oplocks on printer services. */
1618 ServicePtrs[i]->oplocks = false;
1619 /* Printer services must be printable. */
1620 ServicePtrs[i]->printable = true;
1622 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1628 /***************************************************************************
1629 Check whether the given parameter name is valid.
1630 Parametric options (names containing a colon) are considered valid.
1631 ***************************************************************************/
1633 bool lp_parameter_is_valid(const char *pszParmName)
1635 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1636 (strchr(pszParmName, ':') != NULL));
1639 /***************************************************************************
1640 Check whether the given name is the name of a global parameter.
1641 Returns true for strings belonging to parameters of class
1642 P_GLOBAL, false for all other strings, also for parametric options
1643 and strings not belonging to any option.
1644 ***************************************************************************/
1646 bool lp_parameter_is_global(const char *pszParmName)
1648 int num = lpcfg_map_parameter(pszParmName);
1651 return (parm_table[num].p_class == P_GLOBAL);
1657 /**************************************************************************
1658 Determine the canonical name for a parameter.
1659 Indicate when it is an inverse (boolean) synonym instead of a
1661 **************************************************************************/
1663 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1668 if (!lp_parameter_is_valid(parm_name)) {
1673 num = map_parameter_canonical(parm_name, inverse);
1675 /* parametric option */
1676 *canon_parm = parm_name;
1678 *canon_parm = parm_table[num].label;
1685 /**************************************************************************
1686 Determine the canonical name for a parameter.
1687 Turn the value given into the inverse boolean expression when
1688 the synonym is an invers boolean synonym.
1690 Return true if parm_name is a valid parameter name and
1691 in case it is an invers boolean synonym, if the val string could
1692 successfully be converted to the reverse bool.
1693 Return false in all other cases.
1694 **************************************************************************/
1696 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1698 const char **canon_parm,
1699 const char **canon_val)
1704 if (!lp_parameter_is_valid(parm_name)) {
1710 num = map_parameter_canonical(parm_name, &inverse);
1712 /* parametric option */
1713 *canon_parm = parm_name;
1716 *canon_parm = parm_table[num].label;
1718 if (!lp_invert_boolean(val, canon_val)) {
1730 /***************************************************************************
1731 Map a parameter's string representation to the index of the canonical
1732 form of the parameter (it might be a synonym).
1733 Returns -1 if the parameter string is not recognised.
1734 ***************************************************************************/
1736 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1738 int parm_num, canon_num;
1739 bool loc_inverse = false;
1741 parm_num = lpcfg_map_parameter(pszParmName);
1742 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1743 /* invalid, parametric or no canidate for synonyms ... */
1747 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1748 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1749 parm_num = canon_num;
1755 if (inverse != NULL) {
1756 *inverse = loc_inverse;
1761 /***************************************************************************
1762 return true if parameter number parm1 is a synonym of parameter
1763 number parm2 (parm2 being the principal name).
1764 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1766 ***************************************************************************/
1768 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1770 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1771 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1772 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1773 !(parm_table[parm2].flags & FLAG_SYNONYM))
1775 if (inverse != NULL) {
1776 if ((parm_table[parm1].type == P_BOOLREV) &&
1777 (parm_table[parm2].type == P_BOOL))
1789 /***************************************************************************
1790 Show one parameter's name, type, [values,] and flags.
1791 (helper functions for show_parameter_list)
1792 ***************************************************************************/
1794 static void show_parameter(int parmIndex)
1796 int enumIndex, flagIndex;
1801 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1802 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1803 "P_ENUM", "P_BYTES", "P_CMDLIST" };
1804 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1805 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1807 printf("%s=%s", parm_table[parmIndex].label,
1808 type[parm_table[parmIndex].type]);
1809 if (parm_table[parmIndex].type == P_ENUM) {
1812 parm_table[parmIndex].enum_list[enumIndex].name;
1816 enumIndex ? "|" : "",
1817 parm_table[parmIndex].enum_list[enumIndex].name);
1822 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1823 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1826 flag_names[flagIndex]);
1831 /* output synonyms */
1833 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1834 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1835 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1836 parm_table[parmIndex2].label);
1837 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1839 printf(" (synonyms: ");
1844 printf("%s%s", parm_table[parmIndex2].label,
1845 inverse ? "[i]" : "");
1855 /***************************************************************************
1856 Show all parameter's name, type, [values,] and flags.
1857 ***************************************************************************/
1859 void show_parameter_list(void)
1861 int classIndex, parmIndex;
1862 const char *section_names[] = { "local", "global", NULL};
1864 for (classIndex=0; section_names[classIndex]; classIndex++) {
1865 printf("[%s]\n", section_names[classIndex]);
1866 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1867 if (parm_table[parmIndex].p_class == classIndex) {
1868 show_parameter(parmIndex);
1874 /***************************************************************************
1875 Get the standard string representation of a boolean value ("yes" or "no")
1876 ***************************************************************************/
1878 static const char *get_boolean(bool bool_value)
1880 static const char *yes_str = "yes";
1881 static const char *no_str = "no";
1883 return (bool_value ? yes_str : no_str);
1886 /***************************************************************************
1887 Provide the string of the negated boolean value associated to the boolean
1888 given as a string. Returns false if the passed string does not correctly
1889 represent a boolean.
1890 ***************************************************************************/
1892 bool lp_invert_boolean(const char *str, const char **inverse_str)
1896 if (!set_boolean(str, &val)) {
1900 *inverse_str = get_boolean(!val);
1904 /***************************************************************************
1905 Provide the canonical string representation of a boolean value given
1906 as a string. Return true on success, false if the string given does
1907 not correctly represent a boolean.
1908 ***************************************************************************/
1910 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1914 if (!set_boolean(str, &val)) {
1918 *canon_str = get_boolean(val);
1922 /***************************************************************************
1923 Find a service by name. Otherwise works like get_service.
1924 ***************************************************************************/
1926 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1933 if (ServiceHash == NULL) {
1937 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1939 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1942 if (NT_STATUS_IS_OK(status) &&
1943 (data.dptr != NULL) &&
1944 (data.dsize == sizeof(iService)))
1946 iService = *(int *)data.dptr;
1949 TALLOC_FREE(canon_name);
1951 if ((iService != -1) && (LP_SNUM_OK(iService))
1952 && (pserviceDest != NULL)) {
1953 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1959 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1960 struct loadparm_service *lp_service(const char *pszServiceName)
1962 int iService = getservicebyname(pszServiceName, NULL);
1963 if (iService == -1 || !LP_SNUM_OK(iService)) {
1966 return ServicePtrs[iService];
1969 struct loadparm_service *lp_servicebynum(int snum)
1971 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1974 return ServicePtrs[snum];
1977 struct loadparm_service *lp_default_loadparm_service()
1982 static struct smbconf_ctx *lp_smbconf_ctx(void)
1985 static struct smbconf_ctx *conf_ctx = NULL;
1987 if (conf_ctx == NULL) {
1988 err = smbconf_init(NULL, &conf_ctx, "registry:");
1989 if (!SBC_ERROR_IS_OK(err)) {
1990 DEBUG(1, ("error initializing registry configuration: "
1991 "%s\n", sbcErrorString(err)));
1999 static bool process_smbconf_service(struct smbconf_service *service)
2004 if (service == NULL) {
2008 ret = lp_do_section(service->name, NULL);
2012 for (count = 0; count < service->num_params; count++) {
2014 if (!bInGlobalSection && bGlobalOnly) {
2017 const char *pszParmName = service->param_names[count];
2018 const char *pszParmValue = service->param_values[count];
2020 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2022 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2023 pszParmName, pszParmValue);
2030 if (iServiceIndex >= 0) {
2031 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2037 * load a service from registry and activate it
2039 bool process_registry_service(const char *service_name)
2042 struct smbconf_service *service = NULL;
2043 TALLOC_CTX *mem_ctx = talloc_stackframe();
2044 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2047 if (conf_ctx == NULL) {
2051 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2053 if (!smbconf_share_exists(conf_ctx, service_name)) {
2055 * Registry does not contain data for this service (yet),
2056 * but make sure lp_load doesn't return false.
2062 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2063 if (!SBC_ERROR_IS_OK(err)) {
2067 ret = process_smbconf_service(service);
2073 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2076 TALLOC_FREE(mem_ctx);
2081 * process_registry_globals
2083 static bool process_registry_globals(void)
2087 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2089 if (!bInGlobalSection && bGlobalOnly) {
2092 const char *pszParmName = "registry shares";
2093 const char *pszParmValue = "yes";
2095 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2097 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2098 pszParmName, pszParmValue);
2105 return process_registry_service(GLOBAL_NAME);
2108 bool process_registry_shares(void)
2112 struct smbconf_service **service = NULL;
2113 uint32_t num_shares = 0;
2114 TALLOC_CTX *mem_ctx = talloc_stackframe();
2115 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2118 if (conf_ctx == NULL) {
2122 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2123 if (!SBC_ERROR_IS_OK(err)) {
2129 for (count = 0; count < num_shares; count++) {
2130 if (strequal(service[count]->name, GLOBAL_NAME)) {
2133 ret = process_smbconf_service(service[count]);
2140 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2143 TALLOC_FREE(mem_ctx);
2148 * reload those shares from registry that are already
2149 * activated in the services array.
2151 static bool reload_registry_shares(void)
2156 for (i = 0; i < iNumServices; i++) {
2161 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2165 ret = process_registry_service(ServicePtrs[i]->szService);
2176 #define MAX_INCLUDE_DEPTH 100
2178 static uint8_t include_depth;
2181 * Free the file lists
2183 static void free_file_list(void)
2185 struct file_lists *f;
2186 struct file_lists *next;
2199 * Utility function for outsiders to check if we're running on registry.
2201 bool lp_config_backend_is_registry(void)
2203 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2207 * Utility function to check if the config backend is FILE.
2209 bool lp_config_backend_is_file(void)
2211 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2214 /*******************************************************************
2215 Check if a config file has changed date.
2216 ********************************************************************/
2218 bool lp_file_list_changed(void)
2220 struct file_lists *f = file_lists;
2222 DEBUG(6, ("lp_file_list_changed()\n"));
2225 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2226 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2228 if (conf_ctx == NULL) {
2231 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2234 DEBUGADD(6, ("registry config changed\n"));
2241 n2 = talloc_sub_basic(talloc_tos(),
2242 get_current_username(),
2243 current_user_info.domain,
2248 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2249 f->name, n2, ctime(&f->modtime)));
2251 mod_time = file_modtime(n2);
2254 ((f->modtime != mod_time) ||
2255 (f->subfname == NULL) ||
2256 (strcmp(n2, f->subfname) != 0)))
2259 ("file %s modified: %s\n", n2,
2261 f->modtime = mod_time;
2262 TALLOC_FREE(f->subfname);
2263 f->subfname = talloc_strdup(f, n2);
2264 if (f->subfname == NULL) {
2265 smb_panic("talloc_strdup failed");
2279 * Initialize iconv conversion descriptors.
2281 * This is called the first time it is needed, and also called again
2282 * every time the configuration is reloaded, because the charset or
2283 * codepage might have changed.
2285 static void init_iconv(void)
2287 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2289 true, global_iconv_handle);
2292 /***************************************************************************
2293 Handle the include operation.
2294 ***************************************************************************/
2295 static bool bAllowIncludeRegistry = true;
2297 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2298 const char *pszParmValue, char **ptr)
2302 if (include_depth >= MAX_INCLUDE_DEPTH) {
2303 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2308 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2309 if (!bAllowIncludeRegistry) {
2312 if (lp_ctx->bInGlobalSection) {
2315 ret = process_registry_globals();
2319 DEBUG(1, ("\"include = registry\" only effective "
2320 "in %s section\n", GLOBAL_NAME));
2325 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2326 current_user_info.domain,
2329 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2331 if (service == NULL) {
2332 lpcfg_string_set(Globals.ctx, ptr, fname);
2334 lpcfg_string_set(service, ptr, fname);
2337 if (file_exist(fname)) {
2340 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2346 DEBUG(2, ("Can't find include file %s\n", fname));
2351 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2353 char *config_option = NULL;
2354 const char *range = NULL;
2357 SMB_ASSERT(low != NULL);
2358 SMB_ASSERT(high != NULL);
2360 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2364 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2366 if (config_option == NULL) {
2367 DEBUG(0, ("out of memory\n"));
2371 range = lp_parm_const_string(-1, config_option, "range", NULL);
2372 if (range == NULL) {
2373 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2377 if (sscanf(range, "%u - %u", low, high) != 2) {
2378 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2379 range, domain_name));
2386 talloc_free(config_option);
2391 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2393 return lp_idmap_range("*", low, high);
2396 const char *lp_idmap_backend(const char *domain_name)
2398 char *config_option = NULL;
2399 const char *backend = NULL;
2401 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2405 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2407 if (config_option == NULL) {
2408 DEBUG(0, ("out of memory\n"));
2412 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2413 if (backend == NULL) {
2414 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2419 talloc_free(config_option);
2423 const char *lp_idmap_default_backend(void)
2425 return lp_idmap_backend("*");
2428 /***************************************************************************
2429 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2430 ***************************************************************************/
2432 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2434 const char *suffix_string;
2436 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2437 Globals.ldap_suffix );
2438 if ( !suffix_string ) {
2439 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2443 return suffix_string;
2446 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2448 if (Globals._ldap_machine_suffix[0])
2449 return append_ldap_suffix(ctx, Globals._ldap_machine_suffix);
2451 return lp_string(ctx, Globals.ldap_suffix);
2454 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2456 if (Globals._ldap_user_suffix[0])
2457 return append_ldap_suffix(ctx, Globals._ldap_user_suffix);
2459 return lp_string(ctx, Globals.ldap_suffix);
2462 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2464 if (Globals._ldap_group_suffix[0])
2465 return append_ldap_suffix(ctx, Globals._ldap_group_suffix);
2467 return lp_string(ctx, Globals.ldap_suffix);
2470 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2472 if (Globals._ldap_idmap_suffix[0])
2473 return append_ldap_suffix(ctx, Globals._ldap_idmap_suffix);
2475 return lp_string(ctx, Globals.ldap_suffix);
2479 return the parameter pointer for a parameter
2481 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2483 if (service == NULL) {
2484 if (parm->p_class == P_LOCAL)
2485 return (void *)(((char *)&sDefault)+parm->offset);
2486 else if (parm->p_class == P_GLOBAL)
2487 return (void *)(((char *)&Globals)+parm->offset);
2490 return (void *)(((char *)service) + parm->offset);
2494 /***************************************************************************
2495 Process a parameter for a particular service number. If snum < 0
2496 then assume we are in the globals.
2497 ***************************************************************************/
2499 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2501 TALLOC_CTX *frame = talloc_stackframe();
2502 struct loadparm_context *lp_ctx;
2505 lp_ctx = setup_lp_context(frame);
2506 if (lp_ctx == NULL) {
2512 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2514 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2515 pszParmName, pszParmValue);
2523 /***************************************************************************
2524 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2525 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2526 ***************************************************************************/
2528 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2531 parmnum = lpcfg_map_parameter(pszParmName);
2533 flags_list[parmnum] &= ~FLAG_CMDLINE;
2534 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2537 flags_list[parmnum] |= FLAG_CMDLINE;
2539 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2540 * be grouped in the table, so we don't have to search the
2543 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2544 && parm_table[i].p_class == parm_table[parmnum].p_class;
2546 flags_list[i] |= FLAG_CMDLINE;
2548 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2549 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2550 flags_list[i] |= FLAG_CMDLINE;
2556 /* it might be parametric */
2557 if (strchr(pszParmName, ':') != NULL) {
2558 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2562 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2566 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2569 TALLOC_CTX *frame = talloc_stackframe();
2570 struct loadparm_context *lp_ctx;
2572 lp_ctx = setup_lp_context(frame);
2573 if (lp_ctx == NULL) {
2578 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2584 /***************************************************************************
2585 Process a parameter.
2586 ***************************************************************************/
2588 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2591 if (!bInGlobalSection && bGlobalOnly)
2594 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2596 if (bInGlobalSection) {
2597 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2599 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2600 pszParmName, pszParmValue);
2604 /***************************************************************************
2605 Initialize any local variables in the sDefault table, after parsing a
2607 ***************************************************************************/
2609 static void init_locals(void)
2612 * We run this check once the [globals] is parsed, to force
2613 * the VFS objects and other per-share settings we need for
2614 * the standard way a AD DC is operated. We may change these
2615 * as our code evolves, which is why we force these settings.
2617 * We can't do this at the end of lp_load_ex(), as by that
2618 * point the services have been loaded and they will already
2619 * have "" as their vfs objects.
2621 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2622 const char **vfs_objects = lp_vfs_objects(-1);
2623 if (!vfs_objects || !vfs_objects[0]) {
2624 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2625 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2626 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2627 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2629 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2633 lp_do_parameter(-1, "map hidden", "no");
2634 lp_do_parameter(-1, "map system", "no");
2635 lp_do_parameter(-1, "map readonly", "no");
2636 lp_do_parameter(-1, "map archive", "no");
2637 lp_do_parameter(-1, "store dos attributes", "yes");
2641 /***************************************************************************
2642 Process a new section (service). At this stage all sections are services.
2643 Later we'll have special sections that permit server parameters to be set.
2644 Returns true on success, false on failure.
2645 ***************************************************************************/
2647 bool lp_do_section(const char *pszSectionName, void *userdata)
2649 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2651 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2652 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2655 /* if we were in a global section then do the local inits */
2656 if (bInGlobalSection && !isglobal)
2659 /* if we've just struck a global section, note the fact. */
2660 bInGlobalSection = isglobal;
2661 if (lp_ctx != NULL) {
2662 lp_ctx->bInGlobalSection = isglobal;
2665 /* check for multiple global sections */
2666 if (bInGlobalSection) {
2667 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2671 if (!bInGlobalSection && bGlobalOnly)
2674 /* if we have a current service, tidy it up before moving on */
2677 if (iServiceIndex >= 0)
2678 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2680 /* if all is still well, move to the next record in the services array */
2682 /* We put this here to avoid an odd message order if messages are */
2683 /* issued by the post-processing of a previous section. */
2684 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2686 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2687 if (iServiceIndex < 0) {
2688 DEBUG(0, ("Failed to add a new service\n"));
2691 /* Clean all parametric options for service */
2692 /* They will be added during parsing again */
2693 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2699 /***************************************************************************
2700 Display the contents of a parameter of a single services record.
2701 ***************************************************************************/
2703 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2705 bool result = false;
2706 struct loadparm_context *lp_ctx;
2708 lp_ctx = setup_lp_context(talloc_tos());
2709 if (lp_ctx == NULL) {
2714 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2716 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2718 TALLOC_FREE(lp_ctx);
2723 /***************************************************************************
2724 Display the contents of a single copy structure.
2725 ***************************************************************************/
2726 static void dump_copy_map(bool *pcopymap)
2732 printf("\n\tNon-Copied parameters:\n");
2734 for (i = 0; parm_table[i].label; i++)
2735 if (parm_table[i].p_class == P_LOCAL &&
2736 parm_table[i].ptr && !pcopymap[i] &&
2737 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2739 printf("\t\t%s\n", parm_table[i].label);
2744 /***************************************************************************
2745 Return TRUE if the passed service number is within range.
2746 ***************************************************************************/
2748 bool lp_snum_ok(int iService)
2750 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->available);
2753 /***************************************************************************
2754 Auto-load some home services.
2755 ***************************************************************************/
2757 static void lp_add_auto_services(char *str)
2767 s = talloc_strdup(talloc_tos(), str);
2769 smb_panic("talloc_strdup failed");
2773 homes = lp_servicenumber(HOMES_NAME);
2775 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2776 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2779 if (lp_servicenumber(p) >= 0)
2782 home = get_user_home_dir(talloc_tos(), p);
2784 if (home && home[0] && homes >= 0)
2785 lp_add_home(p, homes, p, home);
2792 /***************************************************************************
2793 Auto-load one printer.
2794 ***************************************************************************/
2796 void lp_add_one_printer(const char *name, const char *comment,
2797 const char *location, void *pdata)
2799 int printers = lp_servicenumber(PRINTERS_NAME);
2802 if (lp_servicenumber(name) < 0) {
2803 lp_add_printer(name, printers);
2804 if ((i = lp_servicenumber(name)) >= 0) {
2805 lpcfg_string_set(ServicePtrs[i],
2806 &ServicePtrs[i]->comment, comment);
2807 ServicePtrs[i]->autoloaded = true;
2812 /***************************************************************************
2813 Have we loaded a services file yet?
2814 ***************************************************************************/
2816 bool lp_loaded(void)
2821 /***************************************************************************
2822 Unload unused services.
2823 ***************************************************************************/
2825 void lp_killunused(struct smbd_server_connection *sconn,
2826 bool (*snumused) (struct smbd_server_connection *, int))
2829 for (i = 0; i < iNumServices; i++) {
2833 /* don't kill autoloaded or usershare services */
2834 if ( ServicePtrs[i]->autoloaded ||
2835 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2839 if (!snumused || !snumused(sconn, i)) {
2840 free_service_byindex(i);
2846 * Kill all except autoloaded and usershare services - convenience wrapper
2848 void lp_kill_all_services(void)
2850 lp_killunused(NULL, NULL);
2853 /***************************************************************************
2855 ***************************************************************************/
2857 void lp_killservice(int iServiceIn)
2859 if (VALID(iServiceIn)) {
2860 free_service_byindex(iServiceIn);
2864 /***************************************************************************
2865 Save the curent values of all global and sDefault parameters into the
2866 defaults union. This allows testparm to show only the
2867 changed (ie. non-default) parameters.
2868 ***************************************************************************/
2870 static void lp_save_defaults(void)
2873 struct parmlist_entry * parm;
2874 for (i = 0; parm_table[i].label; i++) {
2875 if (!(flags_list[i] & FLAG_CMDLINE)) {
2876 flags_list[i] |= FLAG_DEFAULT;
2879 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2880 && parm_table[i].p_class == parm_table[i - 1].p_class)
2882 switch (parm_table[i].type) {
2885 parm_table[i].def.lvalue = str_list_copy(
2886 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2892 &parm_table[i].def.svalue,
2893 *(char **)lp_parm_ptr(
2894 NULL, &parm_table[i]));
2895 if (parm_table[i].def.svalue == NULL) {
2896 smb_panic("lpcfg_string_set() failed");
2901 parm_table[i].def.bvalue =
2902 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2905 parm_table[i].def.cvalue =
2906 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2912 parm_table[i].def.ivalue =
2913 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2918 for (parm=Globals.param_opt; parm; parm=parm->next) {
2919 if (!(parm->priority & FLAG_CMDLINE)) {
2920 parm->priority |= FLAG_DEFAULT;
2924 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2925 if (!(parm->priority & FLAG_CMDLINE)) {
2926 parm->priority |= FLAG_DEFAULT;
2930 defaults_saved = true;
2933 /***********************************************************
2934 If we should send plaintext/LANMAN passwords in the clinet
2935 ************************************************************/
2937 static void set_allowed_client_auth(void)
2939 if (Globals.client_ntlmv2_auth) {
2940 Globals.client_lanman_auth = false;
2942 if (!Globals.client_lanman_auth) {
2943 Globals.client_plaintext_auth = false;
2947 /***************************************************************************
2949 The following code allows smbd to read a user defined share file.
2950 Yes, this is my intent. Yes, I'm comfortable with that...
2952 THE FOLLOWING IS SECURITY CRITICAL CODE.
2954 It washes your clothes, it cleans your house, it guards you while you sleep...
2955 Do not f%^k with it....
2956 ***************************************************************************/
2958 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2960 /***************************************************************************
2961 Check allowed stat state of a usershare file.
2962 Ensure we print out who is dicking with us so the admin can
2963 get their sorry ass fired.
2964 ***************************************************************************/
2966 static bool check_usershare_stat(const char *fname,
2967 const SMB_STRUCT_STAT *psbuf)
2969 if (!S_ISREG(psbuf->st_ex_mode)) {
2970 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2971 "not a regular file\n",
2972 fname, (unsigned int)psbuf->st_ex_uid ));
2976 /* Ensure this doesn't have the other write bit set. */
2977 if (psbuf->st_ex_mode & S_IWOTH) {
2978 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2979 "public write. Refusing to allow as a usershare file.\n",
2980 fname, (unsigned int)psbuf->st_ex_uid ));
2984 /* Should be 10k or less. */
2985 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2986 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2987 "too large (%u) to be a user share file.\n",
2988 fname, (unsigned int)psbuf->st_ex_uid,
2989 (unsigned int)psbuf->st_ex_size ));
2996 /***************************************************************************
2997 Parse the contents of a usershare file.
2998 ***************************************************************************/
3000 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3001 SMB_STRUCT_STAT *psbuf,
3002 const char *servicename,
3006 char **pp_sharepath,
3008 char **pp_cp_servicename,
3009 struct security_descriptor **ppsd,
3012 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3013 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3016 SMB_STRUCT_STAT sbuf;
3017 char *sharepath = NULL;
3018 char *comment = NULL;
3020 *pp_sharepath = NULL;
3023 *pallow_guest = false;
3026 return USERSHARE_MALFORMED_FILE;
3029 if (strcmp(lines[0], "#VERSION 1") == 0) {
3031 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3034 return USERSHARE_MALFORMED_FILE;
3037 return USERSHARE_BAD_VERSION;
3040 if (strncmp(lines[1], "path=", 5) != 0) {
3041 return USERSHARE_MALFORMED_PATH;
3044 sharepath = talloc_strdup(ctx, &lines[1][5]);
3046 return USERSHARE_POSIX_ERR;
3048 trim_string(sharepath, " ", " ");
3050 if (strncmp(lines[2], "comment=", 8) != 0) {
3051 return USERSHARE_MALFORMED_COMMENT_DEF;
3054 comment = talloc_strdup(ctx, &lines[2][8]);
3056 return USERSHARE_POSIX_ERR;
3058 trim_string(comment, " ", " ");
3059 trim_char(comment, '"', '"');
3061 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3062 return USERSHARE_MALFORMED_ACL_DEF;
3065 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3066 return USERSHARE_ACL_ERR;
3070 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3071 return USERSHARE_MALFORMED_ACL_DEF;
3073 if (lines[4][9] == 'y') {
3074 *pallow_guest = true;
3077 /* Backwards compatible extension to file version #2. */
3079 if (strncmp(lines[5], "sharename=", 10) != 0) {
3080 return USERSHARE_MALFORMED_SHARENAME_DEF;
3082 if (!strequal(&lines[5][10], servicename)) {
3083 return USERSHARE_BAD_SHARENAME;
3085 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3086 if (!*pp_cp_servicename) {
3087 return USERSHARE_POSIX_ERR;
3092 if (*pp_cp_servicename == NULL) {
3093 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3094 if (!*pp_cp_servicename) {
3095 return USERSHARE_POSIX_ERR;
3099 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3100 /* Path didn't change, no checks needed. */
3101 *pp_sharepath = sharepath;
3102 *pp_comment = comment;
3103 return USERSHARE_OK;
3106 /* The path *must* be absolute. */
3107 if (sharepath[0] != '/') {
3108 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3109 servicename, sharepath));
3110 return USERSHARE_PATH_NOT_ABSOLUTE;
3113 /* If there is a usershare prefix deny list ensure one of these paths
3114 doesn't match the start of the user given path. */
3115 if (prefixdenylist) {
3117 for ( i=0; prefixdenylist[i]; i++ ) {
3118 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3119 servicename, i, prefixdenylist[i], sharepath ));
3120 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3121 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3122 "usershare prefix deny list entries.\n",
3123 servicename, sharepath));
3124 return USERSHARE_PATH_IS_DENIED;
3129 /* If there is a usershare prefix allow list ensure one of these paths
3130 does match the start of the user given path. */
3132 if (prefixallowlist) {
3134 for ( i=0; prefixallowlist[i]; i++ ) {
3135 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3136 servicename, i, prefixallowlist[i], sharepath ));
3137 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3141 if (prefixallowlist[i] == NULL) {
3142 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3143 "usershare prefix allow list entries.\n",
3144 servicename, sharepath));
3145 return USERSHARE_PATH_NOT_ALLOWED;
3149 /* Ensure this is pointing to a directory. */
3150 dp = opendir(sharepath);
3153 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3154 servicename, sharepath));
3155 return USERSHARE_PATH_NOT_DIRECTORY;
3158 /* Ensure the owner of the usershare file has permission to share
3161 if (sys_stat(sharepath, &sbuf, false) == -1) {
3162 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3163 servicename, sharepath, strerror(errno) ));
3165 return USERSHARE_POSIX_ERR;
3170 if (!S_ISDIR(sbuf.st_ex_mode)) {
3171 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3172 servicename, sharepath ));
3173 return USERSHARE_PATH_NOT_DIRECTORY;
3176 /* Check if sharing is restricted to owner-only. */
3177 /* psbuf is the stat of the usershare definition file,
3178 sbuf is the stat of the target directory to be shared. */
3180 if (lp_usershare_owner_only()) {
3181 /* root can share anything. */
3182 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3183 return USERSHARE_PATH_NOT_ALLOWED;
3187 *pp_sharepath = sharepath;
3188 *pp_comment = comment;
3189 return USERSHARE_OK;
3192 /***************************************************************************
3193 Deal with a usershare file.
3196 -1 - Bad name, invalid contents.
3197 - service name already existed and not a usershare, problem
3198 with permissions to share directory etc.
3199 ***************************************************************************/
3201 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3203 SMB_STRUCT_STAT sbuf;
3204 SMB_STRUCT_STAT lsbuf;
3206 char *sharepath = NULL;
3207 char *comment = NULL;
3208 char *cp_service_name = NULL;
3209 char **lines = NULL;
3213 TALLOC_CTX *ctx = talloc_stackframe();
3214 struct security_descriptor *psd = NULL;
3215 bool guest_ok = false;
3216 char *canon_name = NULL;
3217 bool added_service = false;
3220 /* Ensure share name doesn't contain invalid characters. */
3221 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3222 DEBUG(0,("process_usershare_file: share name %s contains "
3223 "invalid characters (any of %s)\n",
3224 file_name, INVALID_SHARENAME_CHARS ));
3228 canon_name = canonicalize_servicename(ctx, file_name);
3233 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3238 /* Minimize the race condition by doing an lstat before we
3239 open and fstat. Ensure this isn't a symlink link. */
3241 if (sys_lstat(fname, &lsbuf, false) != 0) {
3242 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3243 fname, strerror(errno) ));
3247 /* This must be a regular file, not a symlink, directory or
3248 other strange filetype. */
3249 if (!check_usershare_stat(fname, &lsbuf)) {
3257 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3262 if (NT_STATUS_IS_OK(status) &&
3263 (data.dptr != NULL) &&
3264 (data.dsize == sizeof(iService))) {
3265 memcpy(&iService, data.dptr, sizeof(iService));
3269 if (iService != -1 &&
3270 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3271 &lsbuf.st_ex_mtime) == 0) {
3272 /* Nothing changed - Mark valid and return. */
3273 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3275 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3280 /* Try and open the file read only - no symlinks allowed. */
3282 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3284 fd = open(fname, O_RDONLY, 0);
3288 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3289 fname, strerror(errno) ));
3293 /* Now fstat to be *SURE* it's a regular file. */
3294 if (sys_fstat(fd, &sbuf, false) != 0) {
3296 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3297 fname, strerror(errno) ));
3301 /* Is it the same dev/inode as was lstated ? */
3302 if (!check_same_stat(&lsbuf, &sbuf)) {
3304 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3305 "Symlink spoofing going on ?\n", fname ));
3309 /* This must be a regular file, not a symlink, directory or
3310 other strange filetype. */
3311 if (!check_usershare_stat(fname, &sbuf)) {
3316 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3319 if (lines == NULL) {
3320 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3321 fname, (unsigned int)sbuf.st_ex_uid ));
3325 if (parse_usershare_file(ctx, &sbuf, file_name,
3326 iService, lines, numlines, &sharepath,
3327 &comment, &cp_service_name,
3328 &psd, &guest_ok) != USERSHARE_OK) {
3332 /* Everything ok - add the service possibly using a template. */
3334 const struct loadparm_service *sp = &sDefault;
3335 if (snum_template != -1) {
3336 sp = ServicePtrs[snum_template];
3339 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3340 DEBUG(0, ("process_usershare_file: Failed to add "
3341 "new service %s\n", cp_service_name));
3345 added_service = true;
3347 /* Read only is controlled by usershare ACL below. */
3348 ServicePtrs[iService]->read_only = false;
3351 /* Write the ACL of the new/modified share. */
3352 if (!set_share_security(canon_name, psd)) {
3353 DEBUG(0, ("process_usershare_file: Failed to set share "
3354 "security for user share %s\n",
3359 /* If from a template it may be marked invalid. */
3360 ServicePtrs[iService]->valid = true;
3362 /* Set the service as a valid usershare. */
3363 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3365 /* Set guest access. */
3366 if (lp_usershare_allow_guests()) {
3367 ServicePtrs[iService]->guest_ok = guest_ok;
3370 /* And note when it was loaded. */
3371 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3372 lpcfg_string_set(ServicePtrs[iService], &ServicePtrs[iService]->path,
3374 lpcfg_string_set(ServicePtrs[iService],
3375 &ServicePtrs[iService]->comment, comment);
3381 if (ret == -1 && iService != -1 && added_service) {
3382 lp_remove_service(iService);
3390 /***************************************************************************
3391 Checks if a usershare entry has been modified since last load.
3392 ***************************************************************************/
3394 static bool usershare_exists(int iService, struct timespec *last_mod)
3396 SMB_STRUCT_STAT lsbuf;
3397 const char *usersharepath = Globals.usershare_path;
3400 fname = talloc_asprintf(talloc_tos(),
3403 ServicePtrs[iService]->szService);
3404 if (fname == NULL) {
3408 if (sys_lstat(fname, &lsbuf, false) != 0) {
3413 if (!S_ISREG(lsbuf.st_ex_mode)) {
3419 *last_mod = lsbuf.st_ex_mtime;
3423 /***************************************************************************
3424 Load a usershare service by name. Returns a valid servicenumber or -1.
3425 ***************************************************************************/
3427 int load_usershare_service(const char *servicename)
3429 SMB_STRUCT_STAT sbuf;
3430 const char *usersharepath = Globals.usershare_path;
3431 int max_user_shares = Globals.usershare_max_shares;
3432 int snum_template = -1;
3434 if (*usersharepath == 0 || max_user_shares == 0) {
3438 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3439 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3440 usersharepath, strerror(errno) ));
3444 if (!S_ISDIR(sbuf.st_ex_mode)) {
3445 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3451 * This directory must be owned by root, and have the 't' bit set.
3452 * It also must not be writable by "other".
3456 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3458 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3460 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3461 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3466 /* Ensure the template share exists if it's set. */
3467 if (Globals.usershare_template_share[0]) {
3468 /* We can't use lp_servicenumber here as we are recommending that
3469 template shares have -valid=false set. */
3470 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3471 if (ServicePtrs[snum_template]->szService &&
3472 strequal(ServicePtrs[snum_template]->szService,
3473 Globals.usershare_template_share)) {
3478 if (snum_template == -1) {
3479 DEBUG(0,("load_usershare_service: usershare template share %s "
3480 "does not exist.\n",
3481 Globals.usershare_template_share ));
3486 return process_usershare_file(usersharepath, servicename, snum_template);
3489 /***************************************************************************
3490 Load all user defined shares from the user share directory.
3491 We only do this if we're enumerating the share list.
3492 This is the function that can delete usershares that have
3494 ***************************************************************************/
3496 int load_usershare_shares(struct smbd_server_connection *sconn,
3497 bool (*snumused) (struct smbd_server_connection *, int))
3500 SMB_STRUCT_STAT sbuf;
3502 int num_usershares = 0;
3503 int max_user_shares = Globals.usershare_max_shares;
3504 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3505 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3506 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3508 int snum_template = -1;
3509 const char *usersharepath = Globals.usershare_path;
3510 int ret = lp_numservices();
3511 TALLOC_CTX *tmp_ctx;
3513 if (max_user_shares == 0 || *usersharepath == '\0') {
3514 return lp_numservices();
3517 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3518 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3519 usersharepath, strerror(errno) ));
3524 * This directory must be owned by root, and have the 't' bit set.
3525 * It also must not be writable by "other".
3529 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3531 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3533 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3534 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3539 /* Ensure the template share exists if it's set. */
3540 if (Globals.usershare_template_share[0]) {
3541 /* We can't use lp_servicenumber here as we are recommending that
3542 template shares have -valid=false set. */
3543 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3544 if (ServicePtrs[snum_template]->szService &&
3545 strequal(ServicePtrs[snum_template]->szService,
3546 Globals.usershare_template_share)) {
3551 if (snum_template == -1) {
3552 DEBUG(0,("load_usershare_shares: usershare template share %s "
3553 "does not exist.\n",
3554 Globals.usershare_template_share ));
3559 /* Mark all existing usershares as pending delete. */
3560 for (iService = iNumServices - 1; iService >= 0; iService--) {
3561 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3562 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3566 dp = opendir(usersharepath);
3568 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3569 usersharepath, strerror(errno) ));
3573 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3575 num_dir_entries++ ) {
3577 const char *n = de->d_name;
3579 /* Ignore . and .. */
3581 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3587 /* Temporary file used when creating a share. */
3588 num_tmp_dir_entries++;
3591 /* Allow 20% tmp entries. */
3592 if (num_tmp_dir_entries > allowed_tmp_entries) {
3593 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3594 "in directory %s\n",
3595 num_tmp_dir_entries, usersharepath));
3599 r = process_usershare_file(usersharepath, n, snum_template);
3601 /* Update the services count. */
3603 if (num_usershares >= max_user_shares) {
3604 DEBUG(0,("load_usershare_shares: max user shares reached "
3605 "on file %s in directory %s\n",
3606 n, usersharepath ));
3609 } else if (r == -1) {
3610 num_bad_dir_entries++;
3613 /* Allow 20% bad entries. */
3614 if (num_bad_dir_entries > allowed_bad_entries) {
3615 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3616 "in directory %s\n",
3617 num_bad_dir_entries, usersharepath));
3621 /* Allow 20% bad entries. */
3622 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3623 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3624 "in directory %s\n",
3625 num_dir_entries, usersharepath));
3632 /* Sweep through and delete any non-refreshed usershares that are
3633 not currently in use. */
3634 tmp_ctx = talloc_stackframe();
3635 for (iService = iNumServices - 1; iService >= 0; iService--) {
3636 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3639 if (snumused && snumused(sconn, iService)) {
3643 servname = lp_servicename(tmp_ctx, iService);
3645 /* Remove from the share ACL db. */
3646 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3648 delete_share_security(servname);
3649 free_service_byindex(iService);
3652 talloc_free(tmp_ctx);
3654 return lp_numservices();
3657 /********************************************************
3658 Destroy global resources allocated in this file
3659 ********************************************************/
3661 void gfree_loadparm(void)
3667 /* Free resources allocated to services */
3669 for ( i = 0; i < iNumServices; i++ ) {
3671 free_service_byindex(i);
3675 TALLOC_FREE( ServicePtrs );
3678 /* Now release all resources allocated to global
3679 parameters and the default service */
3681 free_global_parameters();
3685 /***************************************************************************
3686 Allow client apps to specify that they are a client
3687 ***************************************************************************/
3688 static void lp_set_in_client(bool b)
3694 /***************************************************************************
3695 Determine if we're running in a client app
3696 ***************************************************************************/
3697 static bool lp_is_in_client(void)
3702 static void lp_enforce_ad_dc_settings(void)
3704 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3705 lp_do_parameter(GLOBAL_SECTION_SNUM,
3706 "winbindd:use external pipes", "true");
3707 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3708 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3709 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3710 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3711 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3712 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3713 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3714 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3715 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3718 /***************************************************************************
3719 Load the services array from the services file. Return true on success,
3721 ***************************************************************************/
3723 static bool lp_load_ex(const char *pszFname,
3727 bool reinit_globals,
3728 bool allow_include_registry,
3729 bool load_all_shares)
3733 TALLOC_CTX *frame = talloc_stackframe();
3734 struct loadparm_context *lp_ctx;
3738 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3740 bInGlobalSection = true;
3741 bGlobalOnly = global_only;
3742 bAllowIncludeRegistry = allow_include_registry;
3744 lp_ctx = setup_lp_context(talloc_tos());
3746 init_globals(lp_ctx, reinit_globals);
3750 if (save_defaults) {
3755 if (!reinit_globals) {
3756 free_param_opts(&Globals.param_opt);
3757 apply_lp_set_cmdline();
3760 lp_do_parameter(-1, "idmap config * : backend", Globals.idmap_backend);
3762 /* We get sections first, so have to start 'behind' to make up */
3765 if (lp_config_backend_is_file()) {
3766 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3767 current_user_info.domain,
3770 smb_panic("lp_load_ex: out of memory");
3773 add_to_file_list(NULL, &file_lists, pszFname, n2);
3775 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3778 /* finish up the last section */
3779 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3781 if (iServiceIndex >= 0) {
3782 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3786 if (lp_config_backend_is_registry()) {
3788 /* config backend changed to registry in config file */
3790 * We need to use this extra global variable here to
3791 * survive restart: init_globals uses this as a default
3792 * for config_backend. Otherwise, init_globals would
3793 * send us into an endless loop here.
3796 config_backend = CONFIG_BACKEND_REGISTRY;
3798 DEBUG(1, ("lp_load_ex: changing to config backend "
3800 init_globals(lp_ctx, true);
3802 TALLOC_FREE(lp_ctx);
3804 lp_kill_all_services();
3805 ok = lp_load_ex(pszFname, global_only, save_defaults,
3806 add_ipc, reinit_globals,
3807 allow_include_registry,
3812 } else if (lp_config_backend_is_registry()) {
3813 bRetval = process_registry_globals();
3815 DEBUG(0, ("Illegal config backend given: %d\n",
3816 lp_config_backend()));
3820 if (bRetval && lp_registry_shares()) {
3821 if (load_all_shares) {
3822 bRetval = process_registry_shares();
3824 bRetval = reload_registry_shares();
3829 char *serv = lp_auto_services(talloc_tos());
3830 lp_add_auto_services(serv);
3835 /* When 'restrict anonymous = 2' guest connections to ipc$
3837 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3838 if ( lp_enable_asu_support() ) {
3839 lp_add_ipc("ADMIN$", false);
3843 set_allowed_client_auth();
3845 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3846 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3847 lp_password_server()));
3852 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3853 /* if we_are_a_wins_server is true and we are in the client */
3854 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3855 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3860 fault_configure(smb_panic_s3);
3863 * We run this check once the whole smb.conf is parsed, to
3864 * force some settings for the standard way a AD DC is
3865 * operated. We may change these as our code evolves, which
3866 * is why we force these settings.
3868 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3869 lp_enforce_ad_dc_settings();
3872 bAllowIncludeRegistry = true;
3878 static bool lp_load(const char *pszFname,
3882 bool reinit_globals)
3884 return lp_load_ex(pszFname,
3889 true, /* allow_include_registry */
3890 false); /* load_all_shares*/
3893 bool lp_load_initial_only(const char *pszFname)
3895 return lp_load_ex(pszFname,
3896 true, /* global only */
3897 true, /* save_defaults */
3898 false, /* add_ipc */
3899 true, /* reinit_globals */
3900 false, /* allow_include_registry */
3901 false); /* load_all_shares*/
3905 * most common lp_load wrapper, loading only the globals
3907 bool lp_load_global(const char *file_name)
3909 return lp_load(file_name,
3910 true, /* global_only */
3911 false, /* save_defaults */
3912 false, /* add_ipc */
3913 true); /* reinit_globals */
3917 * The typical lp_load wrapper with shares, loads global and
3918 * shares, including IPC, but does not force immediate
3919 * loading of all shares from registry.
3921 bool lp_load_with_shares(const char *file_name)
3923 return lp_load(file_name,
3924 false, /* global_only */
3925 false, /* save_defaults */
3927 true); /* reinit_globals */
3931 * lp_load wrapper, especially for clients
3933 bool lp_load_client(const char *file_name)
3935 lp_set_in_client(true);
3937 return lp_load_global(file_name);
3941 * lp_load wrapper, loading only globals, but intended
3942 * for subsequent calls, not reinitializing the globals
3945 bool lp_load_global_no_reinit(const char *file_name)
3947 return lp_load(file_name,
3948 true, /* global_only */
3949 false, /* save_defaults */
3950 false, /* add_ipc */
3951 false); /* reinit_globals */
3955 * lp_load wrapper, loading globals and shares,
3956 * intended for subsequent calls, i.e. not reinitializing
3957 * the globals to default values.
3959 bool lp_load_no_reinit(const char *file_name)
3961 return lp_load(file_name,
3962 false, /* global_only */
3963 false, /* save_defaults */
3964 false, /* add_ipc */
3965 false); /* reinit_globals */
3970 * lp_load wrapper, especially for clients, no reinitialization
3972 bool lp_load_client_no_reinit(const char *file_name)
3974 lp_set_in_client(true);
3976 return lp_load_global_no_reinit(file_name);
3979 bool lp_load_with_registry_shares(const char *pszFname)
3981 return lp_load_ex(pszFname,
3982 false, /* global_only */
3983 true, /* save_defaults */
3984 false, /* add_ipc */
3985 false, /* reinit_globals */
3986 true, /* allow_include_registry */
3987 true); /* load_all_shares*/
3990 /***************************************************************************
3991 Return the max number of services.
3992 ***************************************************************************/
3994 int lp_numservices(void)
3996 return (iNumServices);
3999 /***************************************************************************
4000 Display the contents of the services array in human-readable form.
4001 ***************************************************************************/
4003 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4006 struct loadparm_context *lp_ctx;
4009 defaults_saved = false;
4011 lp_ctx = setup_lp_context(talloc_tos());
4012 if (lp_ctx == NULL) {
4016 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
4018 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
4020 for (iService = 0; iService < maxtoprint; iService++) {
4022 lp_dump_one(f, show_defaults, iService);
4026 /***************************************************************************
4027 Display the contents of one service in human-readable form.
4028 ***************************************************************************/
4030 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4033 if (ServicePtrs[snum]->szService[0] == '\0')
4035 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
4036 flags_list, show_defaults);
4040 /***************************************************************************
4041 Return the number of the service with the given name, or -1 if it doesn't
4042 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4043 getservicebyname()! This works ONLY if all services have been loaded, and
4044 does not copy the found service.
4045 ***************************************************************************/
4047 int lp_servicenumber(const char *pszServiceName)
4050 fstring serviceName;
4052 if (!pszServiceName) {
4053 return GLOBAL_SECTION_SNUM;
4056 for (iService = iNumServices - 1; iService >= 0; iService--) {
4057 if (VALID(iService) && ServicePtrs[iService]->szService) {
4059 * The substitution here is used to support %U in
4062 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4063 standard_sub_basic(get_current_username(),
4064 current_user_info.domain,
4065 serviceName,sizeof(serviceName));
4066 if (strequal(serviceName, pszServiceName)) {
4072 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4073 struct timespec last_mod;
4075 if (!usershare_exists(iService, &last_mod)) {
4076 /* Remove the share security tdb entry for it. */
4077 delete_share_security(lp_servicename(talloc_tos(), iService));
4078 /* Remove it from the array. */
4079 free_service_byindex(iService);
4080 /* Doesn't exist anymore. */
4081 return GLOBAL_SECTION_SNUM;
4084 /* Has it been modified ? If so delete and reload. */
4085 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4087 /* Remove it from the array. */
4088 free_service_byindex(iService);
4089 /* and now reload it. */
4090 iService = load_usershare_service(pszServiceName);
4095 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4096 return GLOBAL_SECTION_SNUM;
4102 /*******************************************************************
4103 A useful volume label function.
4104 ********************************************************************/
4106 const char *volume_label(TALLOC_CTX *ctx, int snum)
4109 const char *label = lp_volume(ctx, snum);
4111 label = lp_servicename(ctx, snum);
4114 /* This returns a 33 byte guarenteed null terminated string. */
4115 ret = talloc_strndup(ctx, label, 32);
4122 /*******************************************************************
4123 Get the default server type we will announce as via nmbd.
4124 ********************************************************************/
4126 int lp_default_server_announce(void)
4128 int default_server_announce = 0;
4129 default_server_announce |= SV_TYPE_WORKSTATION;
4130 default_server_announce |= SV_TYPE_SERVER;
4131 default_server_announce |= SV_TYPE_SERVER_UNIX;
4133 /* note that the flag should be set only if we have a
4134 printer service but nmbd doesn't actually load the
4135 services so we can't tell --jerry */
4137 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4139 default_server_announce |= SV_TYPE_SERVER_NT;
4140 default_server_announce |= SV_TYPE_NT;
4142 switch (lp_server_role()) {
4143 case ROLE_DOMAIN_MEMBER:
4144 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4146 case ROLE_DOMAIN_PDC:
4147 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4149 case ROLE_DOMAIN_BDC:
4150 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4152 case ROLE_STANDALONE:
4156 if (lp_time_server())
4157 default_server_announce |= SV_TYPE_TIME_SOURCE;
4159 if (lp_host_msdfs())
4160 default_server_announce |= SV_TYPE_DFS_SERVER;
4162 return default_server_announce;
4165 /***********************************************************
4166 If we are PDC then prefer us as DMB
4167 ************************************************************/
4169 bool lp_domain_master(void)
4171 if (Globals._domain_master == Auto)
4172 return (lp_server_role() == ROLE_DOMAIN_PDC);
4174 return (bool)Globals._domain_master;
4177 /***********************************************************
4178 If we are PDC then prefer us as DMB
4179 ************************************************************/
4181 static bool lp_domain_master_true_or_auto(void)
4183 if (Globals._domain_master) /* auto or yes */
4189 /***********************************************************
4190 If we are DMB then prefer us as LMB
4191 ************************************************************/
4193 bool lp_preferred_master(void)
4195 int preferred_master = lp__preferred_master();
4197 if (preferred_master == Auto)
4198 return (lp_local_master() && lp_domain_master());
4200 return (bool)preferred_master;
4203 /*******************************************************************
4205 ********************************************************************/
4207 void lp_remove_service(int snum)
4209 ServicePtrs[snum]->valid = false;
4212 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4214 const char *ret = lp__printername(ctx, snum);
4215 if (ret == NULL || *ret == '\0') {
4216 ret = lp_const_servicename(snum);
4223 /***********************************************************
4224 Allow daemons such as winbindd to fix their logfile name.
4225 ************************************************************/
4227 void lp_set_logfile(const char *name)
4229 lpcfg_string_set(Globals.ctx, &Globals.logfile, name);
4230 debug_set_logfile(name);
4233 /*******************************************************************
4234 Return the max print jobs per queue.
4235 ********************************************************************/
4237 int lp_maxprintjobs(int snum)
4239 int maxjobs = lp_max_print_jobs(snum);
4241 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4242 maxjobs = PRINT_MAX_JOBID - 1;
4247 const char *lp_printcapname(void)
4249 const char *printcap_name = lp_printcap_name();
4251 if ((printcap_name != NULL) &&
4252 (printcap_name[0] != '\0'))
4253 return printcap_name;
4255 if (sDefault.printing == PRINT_CUPS) {
4259 if (sDefault.printing == PRINT_BSD)
4260 return "/etc/printcap";
4262 return PRINTCAP_NAME;
4265 static uint32_t spoolss_state;
4267 bool lp_disable_spoolss( void )
4269 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4270 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4272 return spoolss_state == SVCCTL_STOPPED ? true : false;
4275 void lp_set_spoolss_state( uint32_t state )
4277 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4279 spoolss_state = state;
4282 uint32_t lp_get_spoolss_state( void )
4284 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4287 /*******************************************************************
4288 Ensure we don't use sendfile if server smb signing is active.
4289 ********************************************************************/
4291 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4293 bool sign_active = false;
4295 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4296 if (get_Protocol() < PROTOCOL_NT1) {
4299 if (signing_state) {
4300 sign_active = smb_signing_is_active(signing_state);
4302 return (lp__use_sendfile(snum) &&
4303 (get_remote_arch() != RA_WIN95) &&
4307 /*******************************************************************
4308 Turn off sendfile if we find the underlying OS doesn't support it.
4309 ********************************************************************/
4311 void set_use_sendfile(int snum, bool val)
4313 if (LP_SNUM_OK(snum))
4314 ServicePtrs[snum]->_use_sendfile = val;
4316 sDefault._use_sendfile = val;
4319 void lp_set_mangling_method(const char *new_method)
4321 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, new_method);
4324 /*******************************************************************
4325 Global state for POSIX pathname processing.
4326 ********************************************************************/
4328 static bool posix_pathnames;
4330 bool lp_posix_pathnames(void)
4332 return posix_pathnames;
4335 /*******************************************************************
4336 Change everything needed to ensure POSIX pathname processing (currently
4338 ********************************************************************/
4340 void lp_set_posix_pathnames(void)
4342 posix_pathnames = true;
4345 /*******************************************************************
4346 Global state for POSIX lock processing - CIFS unix extensions.
4347 ********************************************************************/
4349 bool posix_default_lock_was_set;
4350 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4352 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4354 if (posix_default_lock_was_set) {
4355 return posix_cifsx_locktype;
4357 return (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) ?
4358 POSIX_LOCK : WINDOWS_LOCK;
4362 /*******************************************************************
4363 ********************************************************************/
4365 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4367 posix_default_lock_was_set = true;
4368 posix_cifsx_locktype = val;
4371 int lp_min_receive_file_size(void)
4373 int min_receivefile_size = lp_min_receivefile_size();
4375 if (min_receivefile_size < 0) {
4378 return min_receivefile_size;
4381 /*******************************************************************
4382 Safe wide links checks.
4383 This helper function always verify the validity of wide links,
4384 even after a configuration file reload.
4385 ********************************************************************/
4387 void widelinks_warning(int snum)
4389 if (lp_allow_insecure_wide_links()) {
4393 if (lp_unix_extensions() && lp_wide_links(snum)) {
4394 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4395 "These parameters are incompatible. "
4396 "Wide links will be disabled for this share.\n",
4397 lp_servicename(talloc_tos(), snum) ));
4401 bool lp_widelinks(int snum)
4403 /* wide links is always incompatible with unix extensions */
4404 if (lp_unix_extensions()) {
4406 * Unless we have "allow insecure widelinks"
4409 if (!lp_allow_insecure_wide_links()) {
4414 return lp_wide_links(snum);
4417 int lp_server_role(void)
4419 return lp_find_server_role(lp__server_role(),
4421 lp__domain_logons(),
4422 lp_domain_master_true_or_auto());
4425 int lp_security(void)
4427 return lp_find_security(lp__server_role(),
4431 int lp_client_max_protocol(void)
4433 int client_max_protocol = lp__client_max_protocol();
4434 if (client_max_protocol == PROTOCOL_DEFAULT) {
4435 return PROTOCOL_NT1;
4437 return client_max_protocol;
4440 int lp_client_ipc_min_protocol(void)
4442 int client_ipc_min_protocol = lp__client_ipc_min_protocol();
4443 if (client_ipc_min_protocol == PROTOCOL_DEFAULT) {
4444 client_ipc_min_protocol = lp_client_min_protocol();
4446 if (client_ipc_min_protocol < PROTOCOL_NT1) {
4447 return PROTOCOL_NT1;
4449 return client_ipc_min_protocol;
4452 int lp_client_ipc_max_protocol(void)
4454 int client_ipc_max_protocol = lp__client_ipc_max_protocol();
4455 if (client_ipc_max_protocol == PROTOCOL_DEFAULT) {
4456 return PROTOCOL_LATEST;
4458 if (client_ipc_max_protocol < PROTOCOL_NT1) {
4459 return PROTOCOL_NT1;
4461 return client_ipc_max_protocol;
4464 int lp_client_ipc_signing(void)
4466 int client_ipc_signing = lp__client_ipc_signing();
4467 if (client_ipc_signing == SMB_SIGNING_DEFAULT) {
4468 return SMB_SIGNING_REQUIRED;
4470 return client_ipc_signing;
4473 struct loadparm_global * get_globals(void)
4478 unsigned int * get_flags(void)
4480 if (flags_list == NULL) {
4481 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());
git.samba.org / kai / samba-autobuild / .git / blob