2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
73 #include "source4/lib/tls/tls.h"
75 #ifdef HAVE_SYS_SYSCTL_H
76 #include <sys/sysctl.h>
81 extern userdom_struct current_user_info;
83 /* the special value for the include parameter
84 * to be interpreted not as a file name but to
85 * trigger loading of the global smb.conf options
87 #ifndef INCLUDE_REGISTRY_NAME
88 #define INCLUDE_REGISTRY_NAME "registry"
91 static bool in_client = false; /* Not in the client by default */
92 static struct smbconf_csn conf_last_csn;
94 static int config_backend = CONFIG_BACKEND_FILE;
96 /* some helpful bits */
97 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && \
98 (ServicePtrs != NULL) && \
99 (ServicePtrs[(i)] != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) ((ServicePtrs != NULL) && (ServicePtrs[i]!= NULL) && \
101 ServicePtrs[i]->valid)
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
106 static bool defaults_saved = false;
108 #include "lib/param/param_global.h"
110 static struct loadparm_global Globals;
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
118 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .max_print_jobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
189 .administrative_share = false,
192 .print_notify_backchannel = false,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
199 .strict_locking = Auto,
200 .posix_locking = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
204 .mangled_names = MANGLED_NAMES_YES,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
211 .mangling_char = '~',
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
225 .msdfs_shuffle_referrals = false,
226 .use_client_driver = false,
227 .default_devmode = true,
228 .force_printername = false,
229 .nt_acl_support = true,
230 .force_unknown_acl_user = false,
231 ._use_sendfile = false,
232 .profile_acls = false,
233 .map_acl_inherit = false,
236 .acl_check_permissions = true,
237 .acl_map_full_control = true,
238 .acl_group_control = false,
239 .acl_allow_execute_always = false,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
260 static unsigned int *flags_list = NULL;
262 static void set_allowed_client_auth(void);
264 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
265 static void free_param_opts(struct parmlist_entry **popts);
268 * Function to return the default value for the maximum number of open
269 * file descriptors permitted. This function tries to consult the
270 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
271 * the smaller of those.
273 static int max_open_files(void)
275 int sysctl_max = MAX_OPEN_FILES;
276 int rlimit_max = MAX_OPEN_FILES;
278 #ifdef HAVE_SYSCTLBYNAME
280 size_t size = sizeof(sysctl_max);
281 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
286 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
292 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
293 rlimit_max = rl.rlim_cur;
295 #if defined(RLIM_INFINITY)
296 if(rl.rlim_cur == RLIM_INFINITY)
297 rlimit_max = MAX_OPEN_FILES;
302 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
303 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
304 "minimum Windows limit (%d)\n",
306 MIN_OPEN_FILES_WINDOWS));
307 sysctl_max = MIN_OPEN_FILES_WINDOWS;
310 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
311 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
312 "minimum Windows limit (%d)\n",
314 MIN_OPEN_FILES_WINDOWS));
315 rlimit_max = MIN_OPEN_FILES_WINDOWS;
318 return MIN(sysctl_max, rlimit_max);
322 * Common part of freeing allocated data for one parameter.
324 static void free_one_parameter_common(void *parm_ptr,
325 struct parm_struct parm)
327 if ((parm.type == P_STRING) ||
328 (parm.type == P_USTRING))
330 lpcfg_string_free((char**)parm_ptr);
331 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
332 TALLOC_FREE(*((char***)parm_ptr));
337 * Free the allocated data for one parameter for a share
338 * given as a service struct.
340 static void free_one_parameter(struct loadparm_service *service,
341 struct parm_struct parm)
345 if (parm.p_class != P_LOCAL) {
349 parm_ptr = lp_parm_ptr(service, &parm);
351 free_one_parameter_common(parm_ptr, parm);
355 * Free the allocated parameter data of a share given
356 * as a service struct.
358 static void free_parameters(struct loadparm_service *service)
362 for (i=0; parm_table[i].label; i++) {
363 free_one_parameter(service, parm_table[i]);
368 * Free the allocated data for one parameter for a given share
369 * specified by an snum.
371 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
376 parm_ptr = lp_parm_ptr(NULL, &parm);
377 } else if (parm.p_class != P_LOCAL) {
380 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
383 free_one_parameter_common(parm_ptr, parm);
387 * Free the allocated parameter data for a share specified
390 static void free_parameters_by_snum(int snum)
394 for (i=0; parm_table[i].label; i++) {
395 free_one_parameter_by_snum(snum, parm_table[i]);
400 * Free the allocated global parameters.
402 static void free_global_parameters(void)
405 struct parm_struct *parm;
407 free_param_opts(&Globals.param_opt);
408 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
410 /* Reset references in the defaults because the context is going to be freed */
411 for (i=0; parm_table[i].label; i++) {
412 parm = &parm_table[i];
413 if ((parm->type == P_STRING) ||
414 (parm->type == P_USTRING)) {
415 if ((parm->def.svalue != NULL) &&
416 (*(parm->def.svalue) != '\0')) {
417 if (talloc_parent(parm->def.svalue) == Globals.ctx) {
418 parm->def.svalue = NULL;
423 TALLOC_FREE(Globals.ctx);
426 struct lp_stored_option {
427 struct lp_stored_option *prev, *next;
432 static struct lp_stored_option *stored_options;
435 save options set by lp_set_cmdline() into a list. This list is
436 re-applied when we do a globals reset, so that cmdline set options
437 are sticky across reloads of smb.conf
439 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
441 struct lp_stored_option *entry, *entry_next;
442 for (entry = stored_options; entry != NULL; entry = entry_next) {
443 entry_next = entry->next;
444 if (strcmp(pszParmName, entry->label) == 0) {
445 DLIST_REMOVE(stored_options, entry);
451 entry = talloc(NULL, struct lp_stored_option);
456 entry->label = talloc_strdup(entry, pszParmName);
462 entry->value = talloc_strdup(entry, pszParmValue);
468 DLIST_ADD_END(stored_options, entry);
473 static bool apply_lp_set_cmdline(void)
475 struct lp_stored_option *entry = NULL;
476 for (entry = stored_options; entry != NULL; entry = entry->next) {
477 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
478 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
479 entry->label, entry->value));
486 /***************************************************************************
487 Initialise the global parameter structure.
488 ***************************************************************************/
490 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
492 static bool done_init = false;
496 /* If requested to initialize only once and we've already done it... */
497 if (!reinit_globals && done_init) {
498 /* ... then we have nothing more to do */
503 /* The logfile can be set before this is invoked. Free it if so. */
504 lpcfg_string_free(&Globals.logfile);
507 free_global_parameters();
510 /* This memset and the free_global_parameters() above will
511 * wipe out smb.conf options set with lp_set_cmdline(). The
512 * apply_lp_set_cmdline() call puts these values back in the
513 * table once the defaults are set */
514 ZERO_STRUCT(Globals);
516 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
518 /* Initialize the flags list if necessary */
519 if (flags_list == NULL) {
523 for (i = 0; parm_table[i].label; i++) {
524 if ((parm_table[i].type == P_STRING ||
525 parm_table[i].type == P_USTRING))
529 (char **)lp_parm_ptr(NULL, &parm_table[i]),
535 lpcfg_string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
536 lpcfg_string_set(Globals.ctx, &sDefault.printjob_username, "%U");
538 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
540 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
542 DEBUG(3, ("Initialising global parameters\n"));
544 /* Must manually force to upper case here, as this does not go via the handler */
545 lpcfg_string_set(Globals.ctx, &Globals.netbios_name,
548 lpcfg_string_set(Globals.ctx, &Globals.smb_passwd_file,
549 get_dyn_SMB_PASSWD_FILE());
550 lpcfg_string_set(Globals.ctx, &Globals.private_dir,
551 get_dyn_PRIVATE_DIR());
553 /* use the new 'hash2' method by default, with a prefix of 1 */
554 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, "hash2");
555 Globals.mangle_prefix = 1;
557 lpcfg_string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
559 /* using UTF8 by default allows us to support all chars */
560 lpcfg_string_set(Globals.ctx, &Globals.unix_charset,
561 DEFAULT_UNIX_CHARSET);
563 /* Use codepage 850 as a default for the dos character set */
564 lpcfg_string_set(Globals.ctx, &Globals.dos_charset,
565 DEFAULT_DOS_CHARSET);
568 * Allow the default PASSWD_CHAT to be overridden in local.h.
570 lpcfg_string_set(Globals.ctx, &Globals.passwd_chat,
571 DEFAULT_PASSWD_CHAT);
573 lpcfg_string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
575 lpcfg_string_set(Globals.ctx, &Globals.passwd_program, "");
576 lpcfg_string_set(Globals.ctx, &Globals.lock_directory,
578 lpcfg_string_set(Globals.ctx, &Globals.state_directory,
580 lpcfg_string_set(Globals.ctx, &Globals.cache_directory,
582 lpcfg_string_set(Globals.ctx, &Globals.pid_directory,
584 lpcfg_string_set(Globals.ctx, &Globals.nbt_client_socket_address,
587 * By default support explicit binding to broadcast
590 Globals.nmbd_bind_explicit_broadcast = true;
592 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
594 smb_panic("init_globals: ENOMEM");
596 lpcfg_string_set(Globals.ctx, &Globals.server_string, s);
599 lpcfg_string_set(Globals.ctx, &Globals.panic_action,
600 "/bin/sleep 999999999");
603 lpcfg_string_set(Globals.ctx, &Globals.socket_options,
604 DEFAULT_SOCKET_OPTIONS);
606 lpcfg_string_set(Globals.ctx, &Globals.logon_drive, "");
607 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
608 lpcfg_string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
609 lpcfg_string_set(Globals.ctx, &Globals.logon_path,
610 "\\\\%N\\%U\\profile");
612 Globals.name_resolve_order =
613 str_list_make_v3_const(Globals.ctx,
614 DEFAULT_NAME_RESOLVE_ORDER,
616 lpcfg_string_set(Globals.ctx, &Globals.password_server, "*");
618 Globals.algorithmic_rid_base = BASE_RID;
620 Globals.load_printers = true;
621 Globals.printcap_cache_time = 750; /* 12.5 minutes */
623 Globals.config_backend = config_backend;
624 Globals._server_role = ROLE_AUTO;
626 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
627 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
628 Globals.max_xmit = 0x4104;
629 Globals.max_mux = 50; /* This is *needed* for profile support. */
630 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
631 Globals._disable_spoolss = false;
632 Globals.max_smbd_processes = 0;/* no limit specified */
633 Globals.username_level = 0;
634 Globals.deadtime = 0;
635 Globals.getwd_cache = true;
636 Globals.large_readwrite = true;
637 Globals.max_log_size = 5000;
638 Globals.max_open_files = max_open_files();
639 Globals.server_max_protocol = PROTOCOL_SMB3_11;
640 Globals.server_min_protocol = PROTOCOL_LANMAN1;
641 Globals._client_max_protocol = PROTOCOL_DEFAULT;
642 Globals.client_min_protocol = PROTOCOL_CORE;
643 Globals._client_ipc_max_protocol = PROTOCOL_DEFAULT;
644 Globals._client_ipc_min_protocol = PROTOCOL_DEFAULT;
645 Globals._security = SEC_AUTO;
646 Globals.encrypt_passwords = true;
647 Globals.client_schannel = Auto;
648 Globals.winbind_sealed_pipes = true;
649 Globals.require_strong_key = true;
650 Globals.server_schannel = Auto;
651 Globals.read_raw = true;
652 Globals.write_raw = true;
653 Globals.null_passwords = false;
654 Globals.old_password_allowed_period = 60;
655 Globals.obey_pam_restrictions = false;
657 Globals.syslog_only = false;
658 Globals.timestamp_logs = true;
659 lpcfg_string_set(Globals.ctx, &Globals.log_level, "0");
660 Globals.debug_prefix_timestamp = false;
661 Globals.debug_hires_timestamp = true;
662 Globals.debug_pid = false;
663 Globals.debug_uid = false;
664 Globals.debug_class = false;
665 Globals.enable_core_files = true;
666 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
667 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
668 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
669 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
670 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
671 Globals.lm_interval = 60;
672 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
673 Globals.nis_homedir = false;
674 #ifdef WITH_NISPLUS_HOME
675 lpcfg_string_set(Globals.ctx, &Globals.homedir_map,
676 "auto_home.org_dir");
678 lpcfg_string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
681 Globals.time_server = false;
682 Globals.bind_interfaces_only = false;
683 Globals.unix_password_sync = false;
684 Globals.pam_password_change = false;
685 Globals.passwd_chat_debug = false;
686 Globals.passwd_chat_timeout = 2; /* 2 second default. */
687 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
688 Globals.nt_status_support = true; /* Use NT status by default. */
689 Globals.smbd_profiling_level = 0;
690 Globals.stat_cache = true; /* use stat cache by default */
691 Globals.max_stat_cache_size = 256; /* 256k by default */
692 Globals.restrict_anonymous = 0;
693 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
694 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
695 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
696 Globals.ntlm_auth = false; /* Do NOT use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
697 Globals.raw_ntlmv2_auth = false; /* Reject NTLMv2 without NTLMSSP */
698 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
699 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
701 Globals.allow_dcerpc_auth_level_connect = false; /* we don't allow this by default */
703 Globals.map_to_guest = 0; /* By Default, "Never" */
704 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
705 Globals.enhanced_browsing = true;
706 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
707 #ifdef MMAP_BLACKLIST
708 Globals.use_mmap = false;
710 Globals.use_mmap = true;
712 Globals.unicode = true;
713 Globals.unix_extensions = true;
714 Globals.reset_on_zero_vc = false;
715 Globals.log_writeable_files_on_exit = false;
716 Globals.create_krb5_conf = true;
717 Globals.include_system_krb5_conf = true;
718 Globals._winbind_max_domain_connections = 1;
720 /* hostname lookups can be very expensive and are broken on
721 a large number of sites (tridge) */
722 Globals.hostname_lookups = false;
724 Globals.change_notify = true,
725 Globals.kernel_change_notify = true,
727 lpcfg_string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
728 lpcfg_string_set(Globals.ctx, &Globals.ldap_suffix, "");
729 lpcfg_string_set(Globals.ctx, &Globals._ldap_machine_suffix, "");
730 lpcfg_string_set(Globals.ctx, &Globals._ldap_user_suffix, "");
731 lpcfg_string_set(Globals.ctx, &Globals._ldap_group_suffix, "");
732 lpcfg_string_set(Globals.ctx, &Globals._ldap_idmap_suffix, "");
734 lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
735 Globals.ldap_ssl = LDAP_SSL_START_TLS;
736 Globals.ldap_ssl_ads = false;
737 Globals.ldap_deref = -1;
738 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
739 Globals.ldap_delete_dn = false;
740 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
741 Globals.ldap_follow_referral = Auto;
742 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
743 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
744 Globals.ldap_page_size = LDAP_PAGE_SIZE;
746 Globals.ldap_debug_level = 0;
747 Globals.ldap_debug_threshold = 10;
749 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
751 Globals.ldap_server_require_strong_auth =
752 LDAP_SERVER_REQUIRE_STRONG_AUTH_YES;
754 /* This is what we tell the afs client. in reality we set the token
755 * to never expire, though, when this runs out the afs client will
756 * forget the token. Set to 0 to get NEVERDATE.*/
757 Globals.afs_token_lifetime = 604800;
758 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
760 /* these parameters are set to defaults that are more appropriate
761 for the increasing samba install base:
763 as a member of the workgroup, that will possibly become a
764 _local_ master browser (lm = true). this is opposed to a forced
765 local master browser startup (pm = true).
767 doesn't provide WINS server service by default (wsupp = false),
768 and doesn't provide domain master browser services by default, either.
772 Globals.show_add_printer_wizard = true;
773 Globals.os_level = 20;
774 Globals.local_master = true;
775 Globals._domain_master = Auto; /* depending on _domain_logons */
776 Globals._domain_logons = false;
777 Globals.browse_list = true;
778 Globals.we_are_a_wins_server = false;
779 Globals.wins_proxy = false;
781 TALLOC_FREE(Globals.init_logon_delayed_hosts);
782 Globals.init_logon_delay = 100; /* 100 ms default delay */
784 Globals.wins_dns_proxy = true;
786 Globals.allow_trusted_domains = true;
787 lpcfg_string_set(Globals.ctx, &Globals.idmap_backend, "tdb");
789 lpcfg_string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
790 lpcfg_string_set(Globals.ctx, &Globals.template_homedir,
792 lpcfg_string_set(Globals.ctx, &Globals.winbind_separator, "\\");
793 lpcfg_string_set(Globals.ctx, &Globals.winbindd_socket_directory,
794 dyn_WINBINDD_SOCKET_DIR);
796 lpcfg_string_set(Globals.ctx, &Globals.cups_server, "");
797 lpcfg_string_set(Globals.ctx, &Globals.iprint_server, "");
799 lpcfg_string_set(Globals.ctx, &Globals._ctdbd_socket, "");
801 Globals.cluster_addresses = NULL;
802 Globals.clustering = false;
803 Globals.ctdb_timeout = 0;
804 Globals.ctdb_locktime_warn_threshold = 0;
806 Globals.winbind_cache_time = 300; /* 5 minutes */
807 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
808 Globals.winbind_request_timeout = 60; /* 60 seconds */
809 Globals.winbind_max_clients = 200;
810 Globals.winbind_enum_users = false;
811 Globals.winbind_enum_groups = false;
812 Globals.winbind_use_default_domain = false;
813 Globals.winbind_trusted_domains_only = false;
814 Globals.winbind_nested_groups = true;
815 Globals.winbind_expand_groups = 0;
816 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
817 Globals.winbind_refresh_tickets = false;
818 Globals.winbind_offline_logon = false;
820 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
821 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
823 Globals.passdb_expand_explicit = false;
825 Globals.name_cache_timeout = 660; /* In seconds */
827 Globals.use_spnego = true;
828 Globals.client_use_spnego = true;
830 Globals.client_signing = SMB_SIGNING_DEFAULT;
831 Globals._client_ipc_signing = SMB_SIGNING_DEFAULT;
832 Globals.server_signing = SMB_SIGNING_DEFAULT;
834 Globals.defer_sharing_violations = true;
835 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
837 Globals.enable_privileges = true;
838 Globals.host_msdfs = true;
839 Globals.enable_asu_support = false;
841 /* User defined shares. */
842 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
844 smb_panic("init_globals: ENOMEM");
846 lpcfg_string_set(Globals.ctx, &Globals.usershare_path, s);
848 lpcfg_string_set(Globals.ctx, &Globals.usershare_template_share, "");
849 Globals.usershare_max_shares = 0;
850 /* By default disallow sharing of directories not owned by the sharer. */
851 Globals.usershare_owner_only = true;
852 /* By default disallow guest access to usershares. */
853 Globals.usershare_allow_guests = false;
855 Globals.keepalive = DEFAULT_KEEPALIVE;
857 /* By default no shares out of the registry */
858 Globals.registry_shares = false;
860 Globals.min_receivefile_size = 0;
862 Globals.map_untrusted_to_domain = false;
863 Globals.multicast_dns_register = true;
865 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
866 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
867 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
868 Globals.smb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
869 Globals.smb2_leases = true;
871 lpcfg_string_set(Globals.ctx, &Globals.ncalrpc_dir,
872 get_dyn_NCALRPCDIR());
874 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
876 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
878 Globals.tls_enabled = true;
879 Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
881 lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
882 lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
883 lpcfg_string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
884 lpcfg_string_set(Globals.ctx, &Globals.tls_priority,
885 "NORMAL:-VERS-SSL3.0");
887 lpcfg_string_set(Globals.ctx, &Globals.share_backend, "classic");
889 Globals._preferred_master = Auto;
891 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
893 lpcfg_string_set(Globals.ctx, &Globals.ntp_signd_socket_directory,
894 get_dyn_NTP_SIGND_SOCKET_DIR());
896 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
898 smb_panic("init_globals: ENOMEM");
900 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
903 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
905 smb_panic("init_globals: ENOMEM");
907 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
910 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
912 smb_panic("init_globals: ENOMEM");
914 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
917 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
919 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
921 Globals.cldap_port = 389;
923 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
925 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
927 Globals.krb5_port = 88;
929 Globals.kpasswd_port = 464;
931 Globals.web_port = 901;
933 Globals.aio_max_threads = 100;
935 lpcfg_string_set(Globals.ctx,
936 &Globals.rpc_server_dynamic_port_range,
938 Globals.rpc_low_port = SERVER_TCP_LOW_PORT;
939 Globals.rpc_high_port = SERVER_TCP_HIGH_PORT;
941 /* Now put back the settings that were set with lp_set_cmdline() */
942 apply_lp_set_cmdline();
945 /* Convenience routine to setup an lp_context with additional s3 variables */
946 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
948 struct loadparm_context *lp_ctx;
950 lp_ctx = loadparm_init_s3(mem_ctx,
951 loadparm_s3_helpers());
952 if (lp_ctx == NULL) {
953 DEBUG(0, ("loadparm_init_s3 failed\n"));
957 lp_ctx->sDefault = &sDefault;
958 lp_ctx->services = NULL; /* We do not want to access this directly */
959 lp_ctx->bInGlobalSection = bInGlobalSection;
960 lp_ctx->flags = flags_list;
965 /*******************************************************************
966 Convenience routine to grab string parameters into talloced memory
967 and run standard_sub_basic on them. The buffers can be written to by
968 callers without affecting the source string.
969 ********************************************************************/
971 char *lp_string(TALLOC_CTX *ctx, const char *s)
975 /* The follow debug is useful for tracking down memory problems
976 especially if you have an inner loop that is calling a lp_*()
977 function that returns a string. Perhaps this debug should be
978 present all the time? */
981 DEBUG(10, ("lp_string(%s)\n", s));
987 ret = talloc_sub_basic(ctx,
988 get_current_username(),
989 current_user_info.domain,
991 if (trim_char(ret, '\"', '\"')) {
992 if (strchr(ret,'\"') != NULL) {
994 ret = talloc_sub_basic(ctx,
995 get_current_username(),
996 current_user_info.domain,
1004 In this section all the functions that are used to access the
1005 parameters from the rest of the program are defined
1008 #define FN_GLOBAL_STRING(fn_name,ptr) \
1009 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1010 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1011 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1012 #define FN_GLOBAL_LIST(fn_name,ptr) \
1013 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1014 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1015 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1016 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1017 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1018 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1019 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1021 #define FN_LOCAL_STRING(fn_name,val) \
1022 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1023 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1024 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1025 #define FN_LOCAL_LIST(fn_name,val) \
1026 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1027 #define FN_LOCAL_BOOL(fn_name,val) \
1028 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1029 #define FN_LOCAL_INTEGER(fn_name,val) \
1030 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1032 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1033 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1034 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1035 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1036 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1037 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1039 int lp_winbind_max_domain_connections(void)
1041 if (lp_winbind_offline_logon() &&
1042 lp__winbind_max_domain_connections() > 1) {
1043 DEBUG(1, ("offline logons active, restricting max domain "
1044 "connections to 1\n"));
1047 return MAX(1, lp__winbind_max_domain_connections());
1050 /* These functions remain in source3/param for now */
1052 #include "lib/param/param_functions.c"
1054 FN_LOCAL_STRING(servicename, szService)
1055 FN_LOCAL_CONST_STRING(const_servicename, szService)
1057 /* These functions cannot be auto-generated */
1058 FN_LOCAL_BOOL(autoloaded, autoloaded)
1059 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1061 /* local prototypes */
1063 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1064 static const char *get_boolean(bool bool_value);
1065 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1067 static bool hash_a_service(const char *name, int number);
1068 static void free_service_byindex(int iService);
1069 static void show_parameter(int parmIndex);
1070 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1071 static bool lp_parameter_value_is_valid(const char *parm_name, const char *val);
1074 * This is a helper function for parametrical options support. It returns a
1075 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1076 * parametrical functions are quite simple
1078 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1081 if (snum >= iNumServices) return NULL;
1084 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1086 return get_parametric_helper(ServicePtrs[snum],
1087 type, option, Globals.param_opt);
1091 static void discard_whitespace(char *str)
1093 size_t len = strlen(str);
1097 if (isspace(str[i])) {
1098 memmove(&str[i], &str[i+1], len-i);
1107 * @brief Go through all global parametric parameters
1109 * @param regex_str A regular expression to scan param for
1110 * @param max_matches Max number of submatches the regexp expects
1111 * @param cb Function to call on match. Should return true
1112 * when it wants wi_scan_global_parametrics to stop
1114 * @param private_data Anonymous pointer passed to cb
1116 * @return 0: success, regcomp/regexec return value on error.
1117 * See "man regexec" for possible errors
1120 int lp_wi_scan_global_parametrics(
1121 const char *regex_str, size_t max_matches,
1122 bool (*cb)(const char *string, regmatch_t matches[],
1123 void *private_data),
1126 struct parmlist_entry *data;
1130 ret = regcomp(®ex, regex_str, REG_ICASE);
1135 for (data = Globals.param_opt; data != NULL; data = data->next) {
1136 size_t keylen = strlen(data->key);
1138 regmatch_t matches[max_matches];
1141 memcpy(key, data->key, sizeof(key));
1142 discard_whitespace(key);
1144 ret = regexec(®ex, key, max_matches, matches, 0);
1145 if (ret == REG_NOMATCH) {
1152 stop = cb(key, matches, private_data);
1165 #define MISSING_PARAMETER(name) \
1166 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1168 /*******************************************************************
1169 convenience routine to return enum parameters.
1170 ********************************************************************/
1171 static int lp_enum(const char *s,const struct enum_list *_enum)
1175 if (!s || !*s || !_enum) {
1176 MISSING_PARAMETER(lp_enum);
1180 for (i=0; _enum[i].name; i++) {
1181 if (strequal(_enum[i].name,s))
1182 return _enum[i].value;
1185 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1189 #undef MISSING_PARAMETER
1191 /* Return parametric option from a given service. Type is a part of option before ':' */
1192 /* Parametric option has following syntax: 'Type: option = value' */
1193 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1195 struct parmlist_entry *data = get_parametrics(snum, type, option);
1197 if (data == NULL||data->value==NULL) {
1199 return lp_string(ctx, def);
1205 return lp_string(ctx, data->value);
1208 /* Return parametric option from a given service. Type is a part of option before ':' */
1209 /* Parametric option has following syntax: 'Type: option = value' */
1210 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1212 struct parmlist_entry *data = get_parametrics(snum, type, option);
1214 if (data == NULL||data->value==NULL)
1221 /* Return parametric option from a given service. Type is a part of option before ':' */
1222 /* Parametric option has following syntax: 'Type: option = value' */
1224 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1226 struct parmlist_entry *data = get_parametrics(snum, type, option);
1228 if (data == NULL||data->value==NULL)
1229 return (const char **)def;
1231 if (data->list==NULL) {
1232 data->list = str_list_make_v3(NULL, data->value, NULL);
1235 return discard_const_p(const char *, data->list);
1238 /* Return parametric option from a given service. Type is a part of option before ':' */
1239 /* Parametric option has following syntax: 'Type: option = value' */
1241 int lp_parm_int(int snum, const char *type, const char *option, int def)
1243 struct parmlist_entry *data = get_parametrics(snum, type, option);
1245 if (data && data->value && *data->value)
1246 return lp_int(data->value);
1251 /* Return parametric option from a given service. Type is a part of option before ':' */
1252 /* Parametric option has following syntax: 'Type: option = value' */
1254 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1256 struct parmlist_entry *data = get_parametrics(snum, type, option);
1258 if (data && data->value && *data->value)
1259 return lp_ulong(data->value);
1264 /* Return parametric option from a given service. Type is a part of option before ':' */
1265 /* Parametric option has following syntax: 'Type: option = value' */
1267 unsigned long long lp_parm_ulonglong(int snum, const char *type,
1268 const char *option, unsigned long long def)
1270 struct parmlist_entry *data = get_parametrics(snum, type, option);
1272 if (data && data->value && *data->value) {
1273 return lp_ulonglong(data->value);
1279 /* Return parametric option from a given service. Type is a part of option
1281 /* Parametric option has following syntax: 'Type: option = value' */
1283 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1285 struct parmlist_entry *data = get_parametrics(snum, type, option);
1287 if (data && data->value && *data->value)
1288 return lp_bool(data->value);
1293 /* Return parametric option from a given service. Type is a part of option before ':' */
1294 /* Parametric option has following syntax: 'Type: option = value' */
1296 int lp_parm_enum(int snum, const char *type, const char *option,
1297 const struct enum_list *_enum, int def)
1299 struct parmlist_entry *data = get_parametrics(snum, type, option);
1301 if (data && data->value && *data->value && _enum)
1302 return lp_enum(data->value, _enum);
1308 * free a param_opts structure.
1309 * param_opts handling should be moved to talloc;
1310 * then this whole functions reduces to a TALLOC_FREE().
1313 static void free_param_opts(struct parmlist_entry **popts)
1315 struct parmlist_entry *opt, *next_opt;
1317 if (*popts != NULL) {
1318 DEBUG(5, ("Freeing parametrics:\n"));
1321 while (opt != NULL) {
1322 lpcfg_string_free(&opt->key);
1323 lpcfg_string_free(&opt->value);
1324 TALLOC_FREE(opt->list);
1325 next_opt = opt->next;
1332 /***************************************************************************
1333 Free the dynamically allocated parts of a service struct.
1334 ***************************************************************************/
1336 static void free_service(struct loadparm_service *pservice)
1341 if (pservice->szService)
1342 DEBUG(5, ("free_service: Freeing service %s\n",
1343 pservice->szService));
1345 free_parameters(pservice);
1347 lpcfg_string_free(&pservice->szService);
1348 TALLOC_FREE(pservice->copymap);
1350 free_param_opts(&pservice->param_opt);
1352 ZERO_STRUCTP(pservice);
1356 /***************************************************************************
1357 remove a service indexed in the ServicePtrs array from the ServiceHash
1358 and free the dynamically allocated parts
1359 ***************************************************************************/
1361 static void free_service_byindex(int idx)
1363 if ( !LP_SNUM_OK(idx) )
1366 ServicePtrs[idx]->valid = false;
1368 /* we have to cleanup the hash record */
1370 if (ServicePtrs[idx]->szService) {
1371 char *canon_name = canonicalize_servicename(
1373 ServicePtrs[idx]->szService );
1375 dbwrap_delete_bystring(ServiceHash, canon_name );
1376 TALLOC_FREE(canon_name);
1379 free_service(ServicePtrs[idx]);
1380 TALLOC_FREE(ServicePtrs[idx]);
1383 /***************************************************************************
1384 Add a new service to the services array initialising it with the given
1386 ***************************************************************************/
1388 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1391 struct loadparm_service **tsp = NULL;
1393 /* it might already exist */
1395 i = getservicebyname(name, NULL);
1401 /* Re use empty slots if any before allocating new one.*/
1402 for (i=0; i < iNumServices; i++) {
1403 if (ServicePtrs[i] == NULL) {
1407 if (i == iNumServices) {
1408 /* if not, then create one */
1409 tsp = talloc_realloc(NULL, ServicePtrs,
1410 struct loadparm_service *,
1413 DEBUG(0, ("add_a_service: failed to enlarge "
1420 ServicePtrs[i] = talloc_zero(ServicePtrs, struct loadparm_service);
1421 if (!ServicePtrs[i]) {
1422 DEBUG(0,("add_a_service: out of memory!\n"));
1426 ServicePtrs[i]->valid = true;
1428 copy_service(ServicePtrs[i], pservice, NULL);
1430 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->szService,
1433 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1434 i, ServicePtrs[i]->szService));
1436 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1443 /***************************************************************************
1444 Convert a string to uppercase and remove whitespaces.
1445 ***************************************************************************/
1447 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1452 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1456 result = talloc_strdup(ctx, src);
1457 SMB_ASSERT(result != NULL);
1459 if (!strlower_m(result)) {
1460 TALLOC_FREE(result);
1466 /***************************************************************************
1467 Add a name/index pair for the services array to the hash table.
1468 ***************************************************************************/
1470 static bool hash_a_service(const char *name, int idx)
1474 if ( !ServiceHash ) {
1475 DEBUG(10,("hash_a_service: creating servicehash\n"));
1476 ServiceHash = db_open_rbt(NULL);
1477 if ( !ServiceHash ) {
1478 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1483 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1486 canon_name = canonicalize_servicename(talloc_tos(), name );
1488 dbwrap_store_bystring(ServiceHash, canon_name,
1489 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1492 TALLOC_FREE(canon_name);
1497 /***************************************************************************
1498 Add a new home service, with the specified home directory, defaults coming
1500 ***************************************************************************/
1502 bool lp_add_home(const char *pszHomename, int iDefaultService,
1503 const char *user, const char *pszHomedir)
1507 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1508 pszHomedir[0] == '\0') {
1512 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1517 if (!(*(ServicePtrs[iDefaultService]->path))
1518 || strequal(ServicePtrs[iDefaultService]->path,
1519 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1520 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
1524 if (!(*(ServicePtrs[i]->comment))) {
1525 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1526 if (comment == NULL) {
1529 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment,
1531 TALLOC_FREE(comment);
1534 /* set the browseable flag from the global default */
1536 ServicePtrs[i]->browseable = sDefault.browseable;
1537 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1539 ServicePtrs[i]->autoloaded = true;
1541 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1542 user, ServicePtrs[i]->path ));
1547 /***************************************************************************
1548 Add a new service, based on an old one.
1549 ***************************************************************************/
1551 int lp_add_service(const char *pszService, int iDefaultService)
1553 if (iDefaultService < 0) {
1554 return add_a_service(&sDefault, pszService);
1557 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1560 /***************************************************************************
1561 Add the IPC service.
1562 ***************************************************************************/
1564 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1566 char *comment = NULL;
1567 int i = add_a_service(&sDefault, ipc_name);
1572 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1573 Globals.server_string);
1574 if (comment == NULL) {
1578 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1579 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1580 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1581 ServicePtrs[i]->max_connections = 0;
1582 ServicePtrs[i]->available = true;
1583 ServicePtrs[i]->read_only = true;
1584 ServicePtrs[i]->guest_only = false;
1585 ServicePtrs[i]->administrative_share = true;
1586 ServicePtrs[i]->guest_ok = guest_ok;
1587 ServicePtrs[i]->printable = false;
1588 ServicePtrs[i]->browseable = sDefault.browseable;
1589 ServicePtrs[i]->autoloaded = true;
1591 DEBUG(3, ("adding IPC service\n"));
1593 TALLOC_FREE(comment);
1597 /***************************************************************************
1598 Add a new printer service, with defaults coming from service iFrom.
1599 ***************************************************************************/
1601 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1603 const char *comment = "From Printcap";
1604 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1609 /* note that we do NOT default the availability flag to true - */
1610 /* we take it from the default service passed. This allows all */
1611 /* dynamic printers to be disabled by disabling the [printers] */
1612 /* entry (if/when the 'available' keyword is implemented!). */
1614 /* the printer name is set to the service name. */
1615 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->_printername,
1617 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1619 /* set the browseable flag from the gloabl default */
1620 ServicePtrs[i]->browseable = sDefault.browseable;
1622 /* Printers cannot be read_only. */
1623 ServicePtrs[i]->read_only = false;
1624 /* No oplocks on printer services. */
1625 ServicePtrs[i]->oplocks = false;
1626 /* Printer services must be printable. */
1627 ServicePtrs[i]->printable = true;
1629 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1635 /***************************************************************************
1636 Check whether the given parameter name is valid.
1637 Parametric options (names containing a colon) are considered valid.
1638 ***************************************************************************/
1640 bool lp_parameter_is_valid(const char *pszParmName)
1642 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1643 (strchr(pszParmName, ':') != NULL));
1646 /***************************************************************************
1647 Check whether the given name is the name of a global parameter.
1648 Returns true for strings belonging to parameters of class
1649 P_GLOBAL, false for all other strings, also for parametric options
1650 and strings not belonging to any option.
1651 ***************************************************************************/
1653 bool lp_parameter_is_global(const char *pszParmName)
1655 int num = lpcfg_map_parameter(pszParmName);
1658 return (parm_table[num].p_class == P_GLOBAL);
1664 /**************************************************************************
1665 Determine the canonical name for a parameter.
1666 Indicate when it is an inverse (boolean) synonym instead of a
1668 **************************************************************************/
1670 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1675 if (!lp_parameter_is_valid(parm_name)) {
1680 num = map_parameter_canonical(parm_name, inverse);
1682 /* parametric option */
1683 *canon_parm = parm_name;
1685 *canon_parm = parm_table[num].label;
1692 /**************************************************************************
1693 Determine the canonical name for a parameter.
1694 Turn the value given into the inverse boolean expression when
1695 the synonym is an invers boolean synonym.
1698 - parm_name is a valid parameter name and
1699 - val is a valid value for this parameter and
1700 - in case the parameter is an inverse boolean synonym, if the val
1701 string could successfully be converted to the reverse bool.
1702 Return false in all other cases.
1703 **************************************************************************/
1705 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1707 const char **canon_parm,
1708 const char **canon_val)
1714 if (!lp_parameter_is_valid(parm_name)) {
1720 num = map_parameter_canonical(parm_name, &inverse);
1722 /* parametric option */
1723 *canon_parm = parm_name;
1728 *canon_parm = parm_table[num].label;
1730 if (!lp_invert_boolean(val, canon_val)) {
1738 ret = lp_parameter_value_is_valid(*canon_parm, *canon_val);
1743 /***************************************************************************
1744 Map a parameter's string representation to the index of the canonical
1745 form of the parameter (it might be a synonym).
1746 Returns -1 if the parameter string is not recognised.
1747 ***************************************************************************/
1749 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1751 int parm_num, canon_num;
1752 bool loc_inverse = false;
1754 parm_num = lpcfg_map_parameter(pszParmName);
1755 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1756 /* invalid, parametric or no canidate for synonyms ... */
1760 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1761 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1762 parm_num = canon_num;
1768 if (inverse != NULL) {
1769 *inverse = loc_inverse;
1774 /***************************************************************************
1775 return true if parameter number parm1 is a synonym of parameter
1776 number parm2 (parm2 being the principal name).
1777 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1779 ***************************************************************************/
1781 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1783 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1784 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1785 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1786 !(parm_table[parm2].flags & FLAG_SYNONYM))
1788 if (inverse != NULL) {
1789 if ((parm_table[parm1].type == P_BOOLREV) &&
1790 (parm_table[parm2].type == P_BOOL))
1802 /***************************************************************************
1803 Show one parameter's name, type, [values,] and flags.
1804 (helper functions for show_parameter_list)
1805 ***************************************************************************/
1807 static void show_parameter(int parmIndex)
1809 int enumIndex, flagIndex;
1814 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1815 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1816 "P_ENUM", "P_BYTES", "P_CMDLIST" };
1817 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1818 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1820 printf("%s=%s", parm_table[parmIndex].label,
1821 type[parm_table[parmIndex].type]);
1822 if (parm_table[parmIndex].type == P_ENUM) {
1825 parm_table[parmIndex].enum_list[enumIndex].name;
1829 enumIndex ? "|" : "",
1830 parm_table[parmIndex].enum_list[enumIndex].name);
1835 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1836 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1839 flag_names[flagIndex]);
1844 /* output synonyms */
1846 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1847 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1848 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1849 parm_table[parmIndex2].label);
1850 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1852 printf(" (synonyms: ");
1857 printf("%s%s", parm_table[parmIndex2].label,
1858 inverse ? "[i]" : "");
1869 * Check the value for a P_ENUM
1871 static bool check_enum_parameter(struct parm_struct *parm, const char *value)
1875 for (i = 0; parm->enum_list[i].name; i++) {
1876 if (strwicmp(value, parm->enum_list[i].name) == 0) {
1883 /**************************************************************************
1884 Check whether the given value is valid for the given parameter name.
1885 **************************************************************************/
1887 static bool lp_parameter_value_is_valid(const char *parm_name, const char *val)
1889 bool ret = false, tmp_bool;
1890 int num = lpcfg_map_parameter(parm_name), tmp_int;
1891 uint64_t tmp_int64 = 0;
1892 struct parm_struct *parm;
1894 /* parametric options (parameter names containing a colon) cannot
1895 be checked and are therefore considered valid. */
1896 if (strchr(parm_name, ':') != NULL) {
1901 parm = &parm_table[num];
1902 switch (parm->type) {
1905 ret = set_boolean(val, &tmp_bool);
1909 ret = (sscanf(val, "%d", &tmp_int) == 1);
1913 ret = (sscanf(val, "%o", &tmp_int) == 1);
1917 ret = check_enum_parameter(parm, val);
1921 if (conv_str_size_error(val, &tmp_int64) &&
1922 tmp_int64 <= INT_MAX) {
1939 /***************************************************************************
1940 Show all parameter's name, type, [values,] and flags.
1941 ***************************************************************************/
1943 void show_parameter_list(void)
1945 int classIndex, parmIndex;
1946 const char *section_names[] = { "local", "global", NULL};
1948 for (classIndex=0; section_names[classIndex]; classIndex++) {
1949 printf("[%s]\n", section_names[classIndex]);
1950 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1951 if (parm_table[parmIndex].p_class == classIndex) {
1952 show_parameter(parmIndex);
1958 /***************************************************************************
1959 Get the standard string representation of a boolean value ("yes" or "no")
1960 ***************************************************************************/
1962 static const char *get_boolean(bool bool_value)
1964 static const char *yes_str = "yes";
1965 static const char *no_str = "no";
1967 return (bool_value ? yes_str : no_str);
1970 /***************************************************************************
1971 Provide the string of the negated boolean value associated to the boolean
1972 given as a string. Returns false if the passed string does not correctly
1973 represent a boolean.
1974 ***************************************************************************/
1976 bool lp_invert_boolean(const char *str, const char **inverse_str)
1980 if (!set_boolean(str, &val)) {
1984 *inverse_str = get_boolean(!val);
1988 /***************************************************************************
1989 Provide the canonical string representation of a boolean value given
1990 as a string. Return true on success, false if the string given does
1991 not correctly represent a boolean.
1992 ***************************************************************************/
1994 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1998 if (!set_boolean(str, &val)) {
2002 *canon_str = get_boolean(val);
2006 /***************************************************************************
2007 Find a service by name. Otherwise works like get_service.
2008 ***************************************************************************/
2010 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
2017 if (ServiceHash == NULL) {
2021 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
2023 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
2026 if (NT_STATUS_IS_OK(status) &&
2027 (data.dptr != NULL) &&
2028 (data.dsize == sizeof(iService)))
2030 memcpy(&iService, data.dptr, sizeof(iService));
2033 TALLOC_FREE(canon_name);
2035 if ((iService != -1) && (LP_SNUM_OK(iService))
2036 && (pserviceDest != NULL)) {
2037 copy_service(pserviceDest, ServicePtrs[iService], NULL);
2043 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
2044 struct loadparm_service *lp_service(const char *pszServiceName)
2046 int iService = getservicebyname(pszServiceName, NULL);
2047 if (iService == -1 || !LP_SNUM_OK(iService)) {
2050 return ServicePtrs[iService];
2053 struct loadparm_service *lp_servicebynum(int snum)
2055 if ((snum == -1) || !LP_SNUM_OK(snum)) {
2058 return ServicePtrs[snum];
2061 struct loadparm_service *lp_default_loadparm_service()
2066 static struct smbconf_ctx *lp_smbconf_ctx(void)
2069 static struct smbconf_ctx *conf_ctx = NULL;
2071 if (conf_ctx == NULL) {
2072 err = smbconf_init(NULL, &conf_ctx, "registry:");
2073 if (!SBC_ERROR_IS_OK(err)) {
2074 DEBUG(1, ("error initializing registry configuration: "
2075 "%s\n", sbcErrorString(err)));
2083 static bool process_smbconf_service(struct smbconf_service *service)
2088 if (service == NULL) {
2092 ret = lp_do_section(service->name, NULL);
2096 for (count = 0; count < service->num_params; count++) {
2098 if (!bInGlobalSection && bGlobalOnly) {
2101 const char *pszParmName = service->param_names[count];
2102 const char *pszParmValue = service->param_values[count];
2104 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2106 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2107 pszParmName, pszParmValue);
2114 if (iServiceIndex >= 0) {
2115 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2121 * load a service from registry and activate it
2123 bool process_registry_service(const char *service_name)
2126 struct smbconf_service *service = NULL;
2127 TALLOC_CTX *mem_ctx = talloc_stackframe();
2128 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2131 if (conf_ctx == NULL) {
2135 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2137 if (!smbconf_share_exists(conf_ctx, service_name)) {
2139 * Registry does not contain data for this service (yet),
2140 * but make sure lp_load doesn't return false.
2146 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2147 if (!SBC_ERROR_IS_OK(err)) {
2151 ret = process_smbconf_service(service);
2157 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2160 TALLOC_FREE(mem_ctx);
2165 * process_registry_globals
2167 static bool process_registry_globals(void)
2171 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2173 if (!bInGlobalSection && bGlobalOnly) {
2176 const char *pszParmName = "registry shares";
2177 const char *pszParmValue = "yes";
2179 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2181 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2182 pszParmName, pszParmValue);
2189 return process_registry_service(GLOBAL_NAME);
2192 bool process_registry_shares(void)
2196 struct smbconf_service **service = NULL;
2197 uint32_t num_shares = 0;
2198 TALLOC_CTX *mem_ctx = talloc_stackframe();
2199 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2202 if (conf_ctx == NULL) {
2206 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2207 if (!SBC_ERROR_IS_OK(err)) {
2213 for (count = 0; count < num_shares; count++) {
2214 if (strequal(service[count]->name, GLOBAL_NAME)) {
2217 ret = process_smbconf_service(service[count]);
2224 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2227 TALLOC_FREE(mem_ctx);
2232 * reload those shares from registry that are already
2233 * activated in the services array.
2235 static bool reload_registry_shares(void)
2240 for (i = 0; i < iNumServices; i++) {
2245 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2249 ret = process_registry_service(ServicePtrs[i]->szService);
2260 #define MAX_INCLUDE_DEPTH 100
2262 static uint8_t include_depth;
2265 * Free the file lists
2267 static void free_file_list(void)
2269 struct file_lists *f;
2270 struct file_lists *next;
2283 * Utility function for outsiders to check if we're running on registry.
2285 bool lp_config_backend_is_registry(void)
2287 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2291 * Utility function to check if the config backend is FILE.
2293 bool lp_config_backend_is_file(void)
2295 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2298 /*******************************************************************
2299 Check if a config file has changed date.
2300 ********************************************************************/
2302 bool lp_file_list_changed(void)
2304 struct file_lists *f = file_lists;
2306 DEBUG(6, ("lp_file_list_changed()\n"));
2309 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2310 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2312 if (conf_ctx == NULL) {
2315 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2318 DEBUGADD(6, ("registry config changed\n"));
2325 n2 = talloc_sub_basic(talloc_tos(),
2326 get_current_username(),
2327 current_user_info.domain,
2332 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2333 f->name, n2, ctime(&f->modtime)));
2335 mod_time = file_modtime(n2);
2338 ((f->modtime != mod_time) ||
2339 (f->subfname == NULL) ||
2340 (strcmp(n2, f->subfname) != 0)))
2343 ("file %s modified: %s\n", n2,
2345 f->modtime = mod_time;
2346 TALLOC_FREE(f->subfname);
2347 f->subfname = talloc_strdup(f, n2);
2348 if (f->subfname == NULL) {
2349 smb_panic("talloc_strdup failed");
2363 * Initialize iconv conversion descriptors.
2365 * This is called the first time it is needed, and also called again
2366 * every time the configuration is reloaded, because the charset or
2367 * codepage might have changed.
2369 static void init_iconv(void)
2371 struct smb_iconv_handle *ret = NULL;
2373 ret = reinit_iconv_handle(NULL,
2377 smb_panic("reinit_iconv_handle failed");
2381 /***************************************************************************
2382 Handle the include operation.
2383 ***************************************************************************/
2384 static bool bAllowIncludeRegistry = true;
2386 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2387 const char *pszParmValue, char **ptr)
2391 if (include_depth >= MAX_INCLUDE_DEPTH) {
2392 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2397 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2398 if (!bAllowIncludeRegistry) {
2401 if (lp_ctx->bInGlobalSection) {
2404 ret = process_registry_globals();
2408 DEBUG(1, ("\"include = registry\" only effective "
2409 "in %s section\n", GLOBAL_NAME));
2414 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2415 current_user_info.domain,
2418 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2420 if (service == NULL) {
2421 lpcfg_string_set(Globals.ctx, ptr, fname);
2423 lpcfg_string_set(service, ptr, fname);
2426 if (file_exist(fname)) {
2429 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2435 DEBUG(2, ("Can't find include file %s\n", fname));
2440 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2442 char *config_option = NULL;
2443 const char *range = NULL;
2446 SMB_ASSERT(low != NULL);
2447 SMB_ASSERT(high != NULL);
2449 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2453 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2455 if (config_option == NULL) {
2456 DEBUG(0, ("out of memory\n"));
2460 range = lp_parm_const_string(-1, config_option, "range", NULL);
2461 if (range == NULL) {
2462 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2466 if (sscanf(range, "%u - %u", low, high) != 2) {
2467 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2468 range, domain_name));
2475 talloc_free(config_option);
2480 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2482 return lp_idmap_range("*", low, high);
2485 const char *lp_idmap_backend(const char *domain_name)
2487 char *config_option = NULL;
2488 const char *backend = NULL;
2490 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2494 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2496 if (config_option == NULL) {
2497 DEBUG(0, ("out of memory\n"));
2501 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2502 if (backend == NULL) {
2503 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2508 talloc_free(config_option);
2512 const char *lp_idmap_default_backend(void)
2514 return lp_idmap_backend("*");
2517 /***************************************************************************
2518 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2519 ***************************************************************************/
2521 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2523 const char *suffix_string;
2525 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2526 Globals.ldap_suffix );
2527 if ( !suffix_string ) {
2528 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2532 return suffix_string;
2535 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2537 if (Globals._ldap_machine_suffix[0])
2538 return append_ldap_suffix(ctx, Globals._ldap_machine_suffix);
2540 return lp_string(ctx, Globals.ldap_suffix);
2543 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2545 if (Globals._ldap_user_suffix[0])
2546 return append_ldap_suffix(ctx, Globals._ldap_user_suffix);
2548 return lp_string(ctx, Globals.ldap_suffix);
2551 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2553 if (Globals._ldap_group_suffix[0])
2554 return append_ldap_suffix(ctx, Globals._ldap_group_suffix);
2556 return lp_string(ctx, Globals.ldap_suffix);
2559 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2561 if (Globals._ldap_idmap_suffix[0])
2562 return append_ldap_suffix(ctx, Globals._ldap_idmap_suffix);
2564 return lp_string(ctx, Globals.ldap_suffix);
2568 return the parameter pointer for a parameter
2570 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2572 if (service == NULL) {
2573 if (parm->p_class == P_LOCAL)
2574 return (void *)(((char *)&sDefault)+parm->offset);
2575 else if (parm->p_class == P_GLOBAL)
2576 return (void *)(((char *)&Globals)+parm->offset);
2579 return (void *)(((char *)service) + parm->offset);
2583 /***************************************************************************
2584 Process a parameter for a particular service number. If snum < 0
2585 then assume we are in the globals.
2586 ***************************************************************************/
2588 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2590 TALLOC_CTX *frame = talloc_stackframe();
2591 struct loadparm_context *lp_ctx;
2594 lp_ctx = setup_lp_context(frame);
2595 if (lp_ctx == NULL) {
2601 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2603 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2604 pszParmName, pszParmValue);
2612 /***************************************************************************
2613 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2614 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2615 ***************************************************************************/
2617 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2620 parmnum = lpcfg_map_parameter(pszParmName);
2622 flags_list[parmnum] &= ~FLAG_CMDLINE;
2623 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2626 flags_list[parmnum] |= FLAG_CMDLINE;
2628 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2629 * be grouped in the table, so we don't have to search the
2632 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2633 && parm_table[i].p_class == parm_table[parmnum].p_class;
2635 flags_list[i] |= FLAG_CMDLINE;
2637 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2638 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2639 flags_list[i] |= FLAG_CMDLINE;
2645 /* it might be parametric */
2646 if (strchr(pszParmName, ':') != NULL) {
2647 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2651 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2655 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2658 TALLOC_CTX *frame = talloc_stackframe();
2659 struct loadparm_context *lp_ctx;
2661 lp_ctx = setup_lp_context(frame);
2662 if (lp_ctx == NULL) {
2667 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2673 /***************************************************************************
2674 Process a parameter.
2675 ***************************************************************************/
2677 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2680 if (!bInGlobalSection && bGlobalOnly)
2683 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2685 if (bInGlobalSection) {
2686 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2688 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2689 pszParmName, pszParmValue);
2693 /***************************************************************************
2694 Initialize any local variables in the sDefault table, after parsing a
2696 ***************************************************************************/
2698 static void init_locals(void)
2701 * We run this check once the [globals] is parsed, to force
2702 * the VFS objects and other per-share settings we need for
2703 * the standard way a AD DC is operated. We may change these
2704 * as our code evolves, which is why we force these settings.
2706 * We can't do this at the end of lp_load_ex(), as by that
2707 * point the services have been loaded and they will already
2708 * have "" as their vfs objects.
2710 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2711 const char **vfs_objects = lp_vfs_objects(-1);
2712 if (!vfs_objects || !vfs_objects[0]) {
2713 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2714 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2715 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2716 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2718 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2722 lp_do_parameter(-1, "map hidden", "no");
2723 lp_do_parameter(-1, "map system", "no");
2724 lp_do_parameter(-1, "map readonly", "no");
2725 lp_do_parameter(-1, "map archive", "no");
2726 lp_do_parameter(-1, "store dos attributes", "yes");
2730 /***************************************************************************
2731 Process a new section (service). At this stage all sections are services.
2732 Later we'll have special sections that permit server parameters to be set.
2733 Returns true on success, false on failure.
2734 ***************************************************************************/
2736 bool lp_do_section(const char *pszSectionName, void *userdata)
2738 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2740 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2741 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2744 /* if we were in a global section then do the local inits */
2745 if (bInGlobalSection && !isglobal)
2748 /* if we've just struck a global section, note the fact. */
2749 bInGlobalSection = isglobal;
2750 if (lp_ctx != NULL) {
2751 lp_ctx->bInGlobalSection = isglobal;
2754 /* check for multiple global sections */
2755 if (bInGlobalSection) {
2756 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2760 if (!bInGlobalSection && bGlobalOnly)
2763 /* if we have a current service, tidy it up before moving on */
2766 if (iServiceIndex >= 0)
2767 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2769 /* if all is still well, move to the next record in the services array */
2771 /* We put this here to avoid an odd message order if messages are */
2772 /* issued by the post-processing of a previous section. */
2773 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2775 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2776 if (iServiceIndex < 0) {
2777 DEBUG(0, ("Failed to add a new service\n"));
2780 /* Clean all parametric options for service */
2781 /* They will be added during parsing again */
2782 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2788 /***************************************************************************
2789 Display the contents of a parameter of a single services record.
2790 ***************************************************************************/
2792 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2794 bool result = false;
2795 struct loadparm_context *lp_ctx;
2797 lp_ctx = setup_lp_context(talloc_tos());
2798 if (lp_ctx == NULL) {
2803 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2805 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2807 TALLOC_FREE(lp_ctx);
2812 /***************************************************************************
2813 Display the contents of a single copy structure.
2814 ***************************************************************************/
2815 static void dump_copy_map(bool *pcopymap)
2821 printf("\n\tNon-Copied parameters:\n");
2823 for (i = 0; parm_table[i].label; i++)
2824 if (parm_table[i].p_class == P_LOCAL &&
2825 parm_table[i].ptr && !pcopymap[i] &&
2826 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2828 printf("\t\t%s\n", parm_table[i].label);
2833 /***************************************************************************
2834 Return TRUE if the passed service number is within range.
2835 ***************************************************************************/
2837 bool lp_snum_ok(int iService)
2839 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->available);
2842 /***************************************************************************
2843 Auto-load some home services.
2844 ***************************************************************************/
2846 static void lp_add_auto_services(char *str)
2856 s = talloc_strdup(talloc_tos(), str);
2858 smb_panic("talloc_strdup failed");
2862 homes = lp_servicenumber(HOMES_NAME);
2864 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2865 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2868 if (lp_servicenumber(p) >= 0)
2871 home = get_user_home_dir(talloc_tos(), p);
2873 if (home && home[0] && homes >= 0)
2874 lp_add_home(p, homes, p, home);
2881 /***************************************************************************
2882 Auto-load one printer.
2883 ***************************************************************************/
2885 void lp_add_one_printer(const char *name, const char *comment,
2886 const char *location, void *pdata)
2888 int printers = lp_servicenumber(PRINTERS_NAME);
2891 if (lp_servicenumber(name) < 0) {
2892 lp_add_printer(name, printers);
2893 if ((i = lp_servicenumber(name)) >= 0) {
2894 lpcfg_string_set(ServicePtrs[i],
2895 &ServicePtrs[i]->comment, comment);
2896 ServicePtrs[i]->autoloaded = true;
2901 /***************************************************************************
2902 Have we loaded a services file yet?
2903 ***************************************************************************/
2905 bool lp_loaded(void)
2910 /***************************************************************************
2911 Unload unused services.
2912 ***************************************************************************/
2914 void lp_killunused(struct smbd_server_connection *sconn,
2915 bool (*snumused) (struct smbd_server_connection *, int))
2918 for (i = 0; i < iNumServices; i++) {
2922 /* don't kill autoloaded or usershare services */
2923 if ( ServicePtrs[i]->autoloaded ||
2924 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2928 if (!snumused || !snumused(sconn, i)) {
2929 free_service_byindex(i);
2935 * Kill all except autoloaded and usershare services - convenience wrapper
2937 void lp_kill_all_services(void)
2939 lp_killunused(NULL, NULL);
2942 /***************************************************************************
2944 ***************************************************************************/
2946 void lp_killservice(int iServiceIn)
2948 if (VALID(iServiceIn)) {
2949 free_service_byindex(iServiceIn);
2953 /***************************************************************************
2954 Save the curent values of all global and sDefault parameters into the
2955 defaults union. This allows testparm to show only the
2956 changed (ie. non-default) parameters.
2957 ***************************************************************************/
2959 static void lp_save_defaults(void)
2962 struct parmlist_entry * parm;
2963 for (i = 0; parm_table[i].label; i++) {
2964 if (!(flags_list[i] & FLAG_CMDLINE)) {
2965 flags_list[i] |= FLAG_DEFAULT;
2968 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2969 && parm_table[i].p_class == parm_table[i - 1].p_class)
2971 switch (parm_table[i].type) {
2974 parm_table[i].def.lvalue = str_list_copy(
2975 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2981 &parm_table[i].def.svalue,
2982 *(char **)lp_parm_ptr(
2983 NULL, &parm_table[i]));
2984 if (parm_table[i].def.svalue == NULL) {
2985 smb_panic("lpcfg_string_set() failed");
2990 parm_table[i].def.bvalue =
2991 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2994 parm_table[i].def.cvalue =
2995 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
3001 parm_table[i].def.ivalue =
3002 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
3007 for (parm=Globals.param_opt; parm; parm=parm->next) {
3008 if (!(parm->priority & FLAG_CMDLINE)) {
3009 parm->priority |= FLAG_DEFAULT;
3013 for (parm=sDefault.param_opt; parm; parm=parm->next) {
3014 if (!(parm->priority & FLAG_CMDLINE)) {
3015 parm->priority |= FLAG_DEFAULT;
3019 defaults_saved = true;
3022 /***********************************************************
3023 If we should send plaintext/LANMAN passwords in the clinet
3024 ************************************************************/
3026 static void set_allowed_client_auth(void)
3028 if (Globals.client_ntlmv2_auth) {
3029 Globals.client_lanman_auth = false;
3031 if (!Globals.client_lanman_auth) {
3032 Globals.client_plaintext_auth = false;
3036 /***************************************************************************
3038 The following code allows smbd to read a user defined share file.
3039 Yes, this is my intent. Yes, I'm comfortable with that...
3041 THE FOLLOWING IS SECURITY CRITICAL CODE.
3043 It washes your clothes, it cleans your house, it guards you while you sleep...
3044 Do not f%^k with it....
3045 ***************************************************************************/
3047 #define MAX_USERSHARE_FILE_SIZE (10*1024)
3049 /***************************************************************************
3050 Check allowed stat state of a usershare file.
3051 Ensure we print out who is dicking with us so the admin can
3052 get their sorry ass fired.
3053 ***************************************************************************/
3055 static bool check_usershare_stat(const char *fname,
3056 const SMB_STRUCT_STAT *psbuf)
3058 if (!S_ISREG(psbuf->st_ex_mode)) {
3059 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3060 "not a regular file\n",
3061 fname, (unsigned int)psbuf->st_ex_uid ));
3065 /* Ensure this doesn't have the other write bit set. */
3066 if (psbuf->st_ex_mode & S_IWOTH) {
3067 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
3068 "public write. Refusing to allow as a usershare file.\n",
3069 fname, (unsigned int)psbuf->st_ex_uid ));
3073 /* Should be 10k or less. */
3074 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
3075 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3076 "too large (%u) to be a user share file.\n",
3077 fname, (unsigned int)psbuf->st_ex_uid,
3078 (unsigned int)psbuf->st_ex_size ));
3085 /***************************************************************************
3086 Parse the contents of a usershare file.
3087 ***************************************************************************/
3089 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3090 SMB_STRUCT_STAT *psbuf,
3091 const char *servicename,
3095 char **pp_sharepath,
3097 char **pp_cp_servicename,
3098 struct security_descriptor **ppsd,
3101 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3102 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3105 SMB_STRUCT_STAT sbuf;
3106 char *sharepath = NULL;
3107 char *comment = NULL;
3109 *pp_sharepath = NULL;
3112 *pallow_guest = false;
3115 return USERSHARE_MALFORMED_FILE;
3118 if (strcmp(lines[0], "#VERSION 1") == 0) {
3120 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3123 return USERSHARE_MALFORMED_FILE;
3126 return USERSHARE_BAD_VERSION;
3129 if (strncmp(lines[1], "path=", 5) != 0) {
3130 return USERSHARE_MALFORMED_PATH;
3133 sharepath = talloc_strdup(ctx, &lines[1][5]);
3135 return USERSHARE_POSIX_ERR;
3137 trim_string(sharepath, " ", " ");
3139 if (strncmp(lines[2], "comment=", 8) != 0) {
3140 return USERSHARE_MALFORMED_COMMENT_DEF;
3143 comment = talloc_strdup(ctx, &lines[2][8]);
3145 return USERSHARE_POSIX_ERR;
3147 trim_string(comment, " ", " ");
3148 trim_char(comment, '"', '"');
3150 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3151 return USERSHARE_MALFORMED_ACL_DEF;
3154 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3155 return USERSHARE_ACL_ERR;
3159 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3160 return USERSHARE_MALFORMED_ACL_DEF;
3162 if (lines[4][9] == 'y') {
3163 *pallow_guest = true;
3166 /* Backwards compatible extension to file version #2. */
3168 if (strncmp(lines[5], "sharename=", 10) != 0) {
3169 return USERSHARE_MALFORMED_SHARENAME_DEF;
3171 if (!strequal(&lines[5][10], servicename)) {
3172 return USERSHARE_BAD_SHARENAME;
3174 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3175 if (!*pp_cp_servicename) {
3176 return USERSHARE_POSIX_ERR;
3181 if (*pp_cp_servicename == NULL) {
3182 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3183 if (!*pp_cp_servicename) {
3184 return USERSHARE_POSIX_ERR;
3188 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3189 /* Path didn't change, no checks needed. */
3190 *pp_sharepath = sharepath;
3191 *pp_comment = comment;
3192 return USERSHARE_OK;
3195 /* The path *must* be absolute. */
3196 if (sharepath[0] != '/') {
3197 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3198 servicename, sharepath));
3199 return USERSHARE_PATH_NOT_ABSOLUTE;
3202 /* If there is a usershare prefix deny list ensure one of these paths
3203 doesn't match the start of the user given path. */
3204 if (prefixdenylist) {
3206 for ( i=0; prefixdenylist[i]; i++ ) {
3207 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3208 servicename, i, prefixdenylist[i], sharepath ));
3209 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3210 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3211 "usershare prefix deny list entries.\n",
3212 servicename, sharepath));
3213 return USERSHARE_PATH_IS_DENIED;
3218 /* If there is a usershare prefix allow list ensure one of these paths
3219 does match the start of the user given path. */
3221 if (prefixallowlist) {
3223 for ( i=0; prefixallowlist[i]; i++ ) {
3224 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3225 servicename, i, prefixallowlist[i], sharepath ));
3226 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3230 if (prefixallowlist[i] == NULL) {
3231 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3232 "usershare prefix allow list entries.\n",
3233 servicename, sharepath));
3234 return USERSHARE_PATH_NOT_ALLOWED;
3238 /* Ensure this is pointing to a directory. */
3239 dp = opendir(sharepath);
3242 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3243 servicename, sharepath));
3244 return USERSHARE_PATH_NOT_DIRECTORY;
3247 /* Ensure the owner of the usershare file has permission to share
3250 if (sys_stat(sharepath, &sbuf, false) == -1) {
3251 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3252 servicename, sharepath, strerror(errno) ));
3254 return USERSHARE_POSIX_ERR;
3259 if (!S_ISDIR(sbuf.st_ex_mode)) {
3260 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3261 servicename, sharepath ));
3262 return USERSHARE_PATH_NOT_DIRECTORY;
3265 /* Check if sharing is restricted to owner-only. */
3266 /* psbuf is the stat of the usershare definition file,
3267 sbuf is the stat of the target directory to be shared. */
3269 if (lp_usershare_owner_only()) {
3270 /* root can share anything. */
3271 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3272 return USERSHARE_PATH_NOT_ALLOWED;
3276 *pp_sharepath = sharepath;
3277 *pp_comment = comment;
3278 return USERSHARE_OK;
3281 /***************************************************************************
3282 Deal with a usershare file.
3285 -1 - Bad name, invalid contents.
3286 - service name already existed and not a usershare, problem
3287 with permissions to share directory etc.
3288 ***************************************************************************/
3290 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3292 SMB_STRUCT_STAT sbuf;
3293 SMB_STRUCT_STAT lsbuf;
3295 char *sharepath = NULL;
3296 char *comment = NULL;
3297 char *cp_service_name = NULL;
3298 char **lines = NULL;
3302 TALLOC_CTX *ctx = talloc_stackframe();
3303 struct security_descriptor *psd = NULL;
3304 bool guest_ok = false;
3305 char *canon_name = NULL;
3306 bool added_service = false;
3309 /* Ensure share name doesn't contain invalid characters. */
3310 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3311 DEBUG(0,("process_usershare_file: share name %s contains "
3312 "invalid characters (any of %s)\n",
3313 file_name, INVALID_SHARENAME_CHARS ));
3317 canon_name = canonicalize_servicename(ctx, file_name);
3322 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3327 /* Minimize the race condition by doing an lstat before we
3328 open and fstat. Ensure this isn't a symlink link. */
3330 if (sys_lstat(fname, &lsbuf, false) != 0) {
3331 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3332 fname, strerror(errno) ));
3336 /* This must be a regular file, not a symlink, directory or
3337 other strange filetype. */
3338 if (!check_usershare_stat(fname, &lsbuf)) {
3346 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3351 if (NT_STATUS_IS_OK(status) &&
3352 (data.dptr != NULL) &&
3353 (data.dsize == sizeof(iService))) {
3354 memcpy(&iService, data.dptr, sizeof(iService));
3358 if (iService != -1 &&
3359 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3360 &lsbuf.st_ex_mtime) == 0) {
3361 /* Nothing changed - Mark valid and return. */
3362 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3364 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3369 /* Try and open the file read only - no symlinks allowed. */
3371 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3373 fd = open(fname, O_RDONLY, 0);
3377 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3378 fname, strerror(errno) ));
3382 /* Now fstat to be *SURE* it's a regular file. */
3383 if (sys_fstat(fd, &sbuf, false) != 0) {
3385 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3386 fname, strerror(errno) ));
3390 /* Is it the same dev/inode as was lstated ? */
3391 if (!check_same_stat(&lsbuf, &sbuf)) {
3393 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3394 "Symlink spoofing going on ?\n", fname ));
3398 /* This must be a regular file, not a symlink, directory or
3399 other strange filetype. */
3400 if (!check_usershare_stat(fname, &sbuf)) {
3405 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3408 if (lines == NULL) {
3409 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3410 fname, (unsigned int)sbuf.st_ex_uid ));
3414 if (parse_usershare_file(ctx, &sbuf, file_name,
3415 iService, lines, numlines, &sharepath,
3416 &comment, &cp_service_name,
3417 &psd, &guest_ok) != USERSHARE_OK) {
3421 /* Everything ok - add the service possibly using a template. */
3423 const struct loadparm_service *sp = &sDefault;
3424 if (snum_template != -1) {
3425 sp = ServicePtrs[snum_template];
3428 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3429 DEBUG(0, ("process_usershare_file: Failed to add "
3430 "new service %s\n", cp_service_name));
3434 added_service = true;
3436 /* Read only is controlled by usershare ACL below. */
3437 ServicePtrs[iService]->read_only = false;
3440 /* Write the ACL of the new/modified share. */
3441 if (!set_share_security(canon_name, psd)) {
3442 DEBUG(0, ("process_usershare_file: Failed to set share "
3443 "security for user share %s\n",
3448 /* If from a template it may be marked invalid. */
3449 ServicePtrs[iService]->valid = true;
3451 /* Set the service as a valid usershare. */
3452 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3454 /* Set guest access. */
3455 if (lp_usershare_allow_guests()) {
3456 ServicePtrs[iService]->guest_ok = guest_ok;
3459 /* And note when it was loaded. */
3460 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3461 lpcfg_string_set(ServicePtrs[iService], &ServicePtrs[iService]->path,
3463 lpcfg_string_set(ServicePtrs[iService],
3464 &ServicePtrs[iService]->comment, comment);
3470 if (ret == -1 && iService != -1 && added_service) {
3471 lp_remove_service(iService);
3479 /***************************************************************************
3480 Checks if a usershare entry has been modified since last load.
3481 ***************************************************************************/
3483 static bool usershare_exists(int iService, struct timespec *last_mod)
3485 SMB_STRUCT_STAT lsbuf;
3486 const char *usersharepath = Globals.usershare_path;
3489 fname = talloc_asprintf(talloc_tos(),
3492 ServicePtrs[iService]->szService);
3493 if (fname == NULL) {
3497 if (sys_lstat(fname, &lsbuf, false) != 0) {
3502 if (!S_ISREG(lsbuf.st_ex_mode)) {
3508 *last_mod = lsbuf.st_ex_mtime;
3512 /***************************************************************************
3513 Load a usershare service by name. Returns a valid servicenumber or -1.
3514 ***************************************************************************/
3516 int load_usershare_service(const char *servicename)
3518 SMB_STRUCT_STAT sbuf;
3519 const char *usersharepath = Globals.usershare_path;
3520 int max_user_shares = Globals.usershare_max_shares;
3521 int snum_template = -1;
3523 if (*usersharepath == 0 || max_user_shares == 0) {
3527 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3528 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3529 usersharepath, strerror(errno) ));
3533 if (!S_ISDIR(sbuf.st_ex_mode)) {
3534 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3540 * This directory must be owned by root, and have the 't' bit set.
3541 * It also must not be writable by "other".
3545 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3547 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3549 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3550 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3555 /* Ensure the template share exists if it's set. */
3556 if (Globals.usershare_template_share[0]) {
3557 /* We can't use lp_servicenumber here as we are recommending that
3558 template shares have -valid=false set. */
3559 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3560 if (ServicePtrs[snum_template]->szService &&
3561 strequal(ServicePtrs[snum_template]->szService,
3562 Globals.usershare_template_share)) {
3567 if (snum_template == -1) {
3568 DEBUG(0,("load_usershare_service: usershare template share %s "
3569 "does not exist.\n",
3570 Globals.usershare_template_share ));
3575 return process_usershare_file(usersharepath, servicename, snum_template);
3578 /***************************************************************************
3579 Load all user defined shares from the user share directory.
3580 We only do this if we're enumerating the share list.
3581 This is the function that can delete usershares that have
3583 ***************************************************************************/
3585 int load_usershare_shares(struct smbd_server_connection *sconn,
3586 bool (*snumused) (struct smbd_server_connection *, int))
3589 SMB_STRUCT_STAT sbuf;
3591 int num_usershares = 0;
3592 int max_user_shares = Globals.usershare_max_shares;
3593 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3594 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3595 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3597 int snum_template = -1;
3598 const char *usersharepath = Globals.usershare_path;
3599 int ret = lp_numservices();
3600 TALLOC_CTX *tmp_ctx;
3602 if (max_user_shares == 0 || *usersharepath == '\0') {
3603 return lp_numservices();
3606 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3607 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3608 usersharepath, strerror(errno) ));
3613 * This directory must be owned by root, and have the 't' bit set.
3614 * It also must not be writable by "other".
3618 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3620 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3622 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3623 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3628 /* Ensure the template share exists if it's set. */
3629 if (Globals.usershare_template_share[0]) {
3630 /* We can't use lp_servicenumber here as we are recommending that
3631 template shares have -valid=false set. */
3632 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3633 if (ServicePtrs[snum_template]->szService &&
3634 strequal(ServicePtrs[snum_template]->szService,
3635 Globals.usershare_template_share)) {
3640 if (snum_template == -1) {
3641 DEBUG(0,("load_usershare_shares: usershare template share %s "
3642 "does not exist.\n",
3643 Globals.usershare_template_share ));
3648 /* Mark all existing usershares as pending delete. */
3649 for (iService = iNumServices - 1; iService >= 0; iService--) {
3650 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3651 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3655 dp = opendir(usersharepath);
3657 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3658 usersharepath, strerror(errno) ));
3662 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3664 num_dir_entries++ ) {
3666 const char *n = de->d_name;
3668 /* Ignore . and .. */
3670 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3676 /* Temporary file used when creating a share. */
3677 num_tmp_dir_entries++;
3680 /* Allow 20% tmp entries. */
3681 if (num_tmp_dir_entries > allowed_tmp_entries) {
3682 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3683 "in directory %s\n",
3684 num_tmp_dir_entries, usersharepath));
3688 r = process_usershare_file(usersharepath, n, snum_template);
3690 /* Update the services count. */
3692 if (num_usershares >= max_user_shares) {
3693 DEBUG(0,("load_usershare_shares: max user shares reached "
3694 "on file %s in directory %s\n",
3695 n, usersharepath ));
3698 } else if (r == -1) {
3699 num_bad_dir_entries++;
3702 /* Allow 20% bad entries. */
3703 if (num_bad_dir_entries > allowed_bad_entries) {
3704 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3705 "in directory %s\n",
3706 num_bad_dir_entries, usersharepath));
3710 /* Allow 20% bad entries. */
3711 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3712 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3713 "in directory %s\n",
3714 num_dir_entries, usersharepath));
3721 /* Sweep through and delete any non-refreshed usershares that are
3722 not currently in use. */
3723 tmp_ctx = talloc_stackframe();
3724 for (iService = iNumServices - 1; iService >= 0; iService--) {
3725 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3728 if (snumused && snumused(sconn, iService)) {
3732 servname = lp_servicename(tmp_ctx, iService);
3734 /* Remove from the share ACL db. */
3735 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3737 delete_share_security(servname);
3738 free_service_byindex(iService);
3741 talloc_free(tmp_ctx);
3743 return lp_numservices();
3746 /********************************************************
3747 Destroy global resources allocated in this file
3748 ********************************************************/
3750 void gfree_loadparm(void)
3756 /* Free resources allocated to services */
3758 for ( i = 0; i < iNumServices; i++ ) {
3760 free_service_byindex(i);
3764 TALLOC_FREE( ServicePtrs );
3767 /* Now release all resources allocated to global
3768 parameters and the default service */
3770 free_global_parameters();
3774 /***************************************************************************
3775 Allow client apps to specify that they are a client
3776 ***************************************************************************/
3777 static void lp_set_in_client(bool b)
3783 /***************************************************************************
3784 Determine if we're running in a client app
3785 ***************************************************************************/
3786 static bool lp_is_in_client(void)
3791 static void lp_enforce_ad_dc_settings(void)
3793 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3794 lp_do_parameter(GLOBAL_SECTION_SNUM,
3795 "winbindd:use external pipes", "true");
3796 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3797 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3798 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3799 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3800 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3801 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3802 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3803 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3804 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3807 /***************************************************************************
3808 Load the services array from the services file. Return true on success,
3810 ***************************************************************************/
3812 static bool lp_load_ex(const char *pszFname,
3816 bool reinit_globals,
3817 bool allow_include_registry,
3818 bool load_all_shares)
3822 TALLOC_CTX *frame = talloc_stackframe();
3823 struct loadparm_context *lp_ctx;
3827 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3829 bInGlobalSection = true;
3830 bGlobalOnly = global_only;
3831 bAllowIncludeRegistry = allow_include_registry;
3833 lp_ctx = setup_lp_context(talloc_tos());
3835 init_globals(lp_ctx, reinit_globals);
3839 if (save_defaults) {
3844 if (!reinit_globals) {
3845 free_param_opts(&Globals.param_opt);
3846 apply_lp_set_cmdline();
3849 lp_do_parameter(-1, "idmap config * : backend", Globals.idmap_backend);
3851 /* We get sections first, so have to start 'behind' to make up */
3854 if (lp_config_backend_is_file()) {
3855 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3856 current_user_info.domain,
3859 smb_panic("lp_load_ex: out of memory");
3862 add_to_file_list(NULL, &file_lists, pszFname, n2);
3864 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3867 /* finish up the last section */
3868 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3870 if (iServiceIndex >= 0) {
3871 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3875 if (lp_config_backend_is_registry()) {
3877 /* config backend changed to registry in config file */
3879 * We need to use this extra global variable here to
3880 * survive restart: init_globals uses this as a default
3881 * for config_backend. Otherwise, init_globals would
3882 * send us into an endless loop here.
3885 config_backend = CONFIG_BACKEND_REGISTRY;
3887 DEBUG(1, ("lp_load_ex: changing to config backend "
3889 init_globals(lp_ctx, true);
3891 TALLOC_FREE(lp_ctx);
3893 lp_kill_all_services();
3894 ok = lp_load_ex(pszFname, global_only, save_defaults,
3895 add_ipc, reinit_globals,
3896 allow_include_registry,
3901 } else if (lp_config_backend_is_registry()) {
3902 bRetval = process_registry_globals();
3904 DEBUG(0, ("Illegal config backend given: %d\n",
3905 lp_config_backend()));
3909 if (bRetval && lp_registry_shares()) {
3910 if (load_all_shares) {
3911 bRetval = process_registry_shares();
3913 bRetval = reload_registry_shares();
3918 char *serv = lp_auto_services(talloc_tos());
3919 lp_add_auto_services(serv);
3924 /* When 'restrict anonymous = 2' guest connections to ipc$
3926 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3927 if ( lp_enable_asu_support() ) {
3928 lp_add_ipc("ADMIN$", false);
3932 set_allowed_client_auth();
3934 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3935 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3936 lp_password_server()));
3941 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3942 /* if we_are_a_wins_server is true and we are in the client */
3943 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3944 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3949 fault_configure(smb_panic_s3);
3952 * We run this check once the whole smb.conf is parsed, to
3953 * force some settings for the standard way a AD DC is
3954 * operated. We may change these as our code evolves, which
3955 * is why we force these settings.
3957 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3958 lp_enforce_ad_dc_settings();
3961 bAllowIncludeRegistry = true;
3967 static bool lp_load(const char *pszFname,
3971 bool reinit_globals)
3973 return lp_load_ex(pszFname,
3978 true, /* allow_include_registry */
3979 false); /* load_all_shares*/
3982 bool lp_load_initial_only(const char *pszFname)
3984 return lp_load_ex(pszFname,
3985 true, /* global only */
3986 true, /* save_defaults */
3987 false, /* add_ipc */
3988 true, /* reinit_globals */
3989 false, /* allow_include_registry */
3990 false); /* load_all_shares*/
3994 * most common lp_load wrapper, loading only the globals
3996 * If this is used in a daemon or client utility it should be called
3997 * after processing popt.
3999 bool lp_load_global(const char *file_name)
4001 return lp_load(file_name,
4002 true, /* global_only */
4003 false, /* save_defaults */
4004 false, /* add_ipc */
4005 true); /* reinit_globals */
4009 * The typical lp_load wrapper with shares, loads global and
4010 * shares, including IPC, but does not force immediate
4011 * loading of all shares from registry.
4013 bool lp_load_with_shares(const char *file_name)
4015 return lp_load(file_name,
4016 false, /* global_only */
4017 false, /* save_defaults */
4019 true); /* reinit_globals */
4023 * lp_load wrapper, especially for clients
4025 bool lp_load_client(const char *file_name)
4027 lp_set_in_client(true);
4029 return lp_load_global(file_name);
4033 * lp_load wrapper, loading only globals, but intended
4034 * for subsequent calls, not reinitializing the globals
4037 bool lp_load_global_no_reinit(const char *file_name)
4039 return lp_load(file_name,
4040 true, /* global_only */
4041 false, /* save_defaults */
4042 false, /* add_ipc */
4043 false); /* reinit_globals */
4047 * lp_load wrapper, loading globals and shares,
4048 * intended for subsequent calls, i.e. not reinitializing
4049 * the globals to default values.
4051 bool lp_load_no_reinit(const char *file_name)
4053 return lp_load(file_name,
4054 false, /* global_only */
4055 false, /* save_defaults */
4056 false, /* add_ipc */
4057 false); /* reinit_globals */
4062 * lp_load wrapper, especially for clients, no reinitialization
4064 bool lp_load_client_no_reinit(const char *file_name)
4066 lp_set_in_client(true);
4068 return lp_load_global_no_reinit(file_name);
4071 bool lp_load_with_registry_shares(const char *pszFname)
4073 return lp_load_ex(pszFname,
4074 false, /* global_only */
4075 true, /* save_defaults */
4076 false, /* add_ipc */
4077 false, /* reinit_globals */
4078 true, /* allow_include_registry */
4079 true); /* load_all_shares*/
4082 /***************************************************************************
4083 Return the max number of services.
4084 ***************************************************************************/
4086 int lp_numservices(void)
4088 return (iNumServices);
4091 /***************************************************************************
4092 Display the contents of the services array in human-readable form.
4093 ***************************************************************************/
4095 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4098 struct loadparm_context *lp_ctx;
4101 defaults_saved = false;
4103 lp_ctx = setup_lp_context(talloc_tos());
4104 if (lp_ctx == NULL) {
4108 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
4110 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
4112 for (iService = 0; iService < maxtoprint; iService++) {
4114 lp_dump_one(f, show_defaults, iService);
4118 /***************************************************************************
4119 Display the contents of one service in human-readable form.
4120 ***************************************************************************/
4122 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4125 if (ServicePtrs[snum]->szService[0] == '\0')
4127 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
4128 flags_list, show_defaults);
4132 /***************************************************************************
4133 Return the number of the service with the given name, or -1 if it doesn't
4134 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4135 getservicebyname()! This works ONLY if all services have been loaded, and
4136 does not copy the found service.
4137 ***************************************************************************/
4139 int lp_servicenumber(const char *pszServiceName)
4142 fstring serviceName;
4144 if (!pszServiceName) {
4145 return GLOBAL_SECTION_SNUM;
4148 for (iService = iNumServices - 1; iService >= 0; iService--) {
4149 if (VALID(iService) && ServicePtrs[iService]->szService) {
4151 * The substitution here is used to support %U in
4154 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4155 standard_sub_basic(get_current_username(),
4156 current_user_info.domain,
4157 serviceName,sizeof(serviceName));
4158 if (strequal(serviceName, pszServiceName)) {
4164 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4165 struct timespec last_mod;
4167 if (!usershare_exists(iService, &last_mod)) {
4168 /* Remove the share security tdb entry for it. */
4169 delete_share_security(lp_servicename(talloc_tos(), iService));
4170 /* Remove it from the array. */
4171 free_service_byindex(iService);
4172 /* Doesn't exist anymore. */
4173 return GLOBAL_SECTION_SNUM;
4176 /* Has it been modified ? If so delete and reload. */
4177 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4179 /* Remove it from the array. */
4180 free_service_byindex(iService);
4181 /* and now reload it. */
4182 iService = load_usershare_service(pszServiceName);
4187 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4188 return GLOBAL_SECTION_SNUM;
4194 /*******************************************************************
4195 A useful volume label function.
4196 ********************************************************************/
4198 const char *volume_label(TALLOC_CTX *ctx, int snum)
4201 const char *label = lp_volume(ctx, snum);
4203 label = lp_servicename(ctx, snum);
4206 /* This returns a 33 byte guarenteed null terminated string. */
4207 ret = talloc_strndup(ctx, label, 32);
4214 /*******************************************************************
4215 Get the default server type we will announce as via nmbd.
4216 ********************************************************************/
4218 int lp_default_server_announce(void)
4220 int default_server_announce = 0;
4221 default_server_announce |= SV_TYPE_WORKSTATION;
4222 default_server_announce |= SV_TYPE_SERVER;
4223 default_server_announce |= SV_TYPE_SERVER_UNIX;
4225 /* note that the flag should be set only if we have a
4226 printer service but nmbd doesn't actually load the
4227 services so we can't tell --jerry */
4229 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4231 default_server_announce |= SV_TYPE_SERVER_NT;
4232 default_server_announce |= SV_TYPE_NT;
4234 switch (lp_server_role()) {
4235 case ROLE_DOMAIN_MEMBER:
4236 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4238 case ROLE_DOMAIN_PDC:
4239 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4241 case ROLE_DOMAIN_BDC:
4242 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4244 case ROLE_STANDALONE:
4248 if (lp_time_server())
4249 default_server_announce |= SV_TYPE_TIME_SOURCE;
4251 if (lp_host_msdfs())
4252 default_server_announce |= SV_TYPE_DFS_SERVER;
4254 return default_server_announce;
4257 /***********************************************************
4258 If we are PDC then prefer us as DMB
4259 ************************************************************/
4261 bool lp_domain_master(void)
4263 if (Globals._domain_master == Auto)
4264 return (lp_server_role() == ROLE_DOMAIN_PDC);
4266 return (bool)Globals._domain_master;
4269 /***********************************************************
4270 If we are PDC then prefer us as DMB
4271 ************************************************************/
4273 static bool lp_domain_master_true_or_auto(void)
4275 if (Globals._domain_master) /* auto or yes */
4281 /***********************************************************
4282 If we are DMB then prefer us as LMB
4283 ************************************************************/
4285 bool lp_preferred_master(void)
4287 int preferred_master = lp__preferred_master();
4289 if (preferred_master == Auto)
4290 return (lp_local_master() && lp_domain_master());
4292 return (bool)preferred_master;
4295 /*******************************************************************
4297 ********************************************************************/
4299 void lp_remove_service(int snum)
4301 ServicePtrs[snum]->valid = false;
4304 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4306 const char *ret = lp__printername(ctx, snum);
4307 if (ret == NULL || *ret == '\0') {
4308 ret = lp_const_servicename(snum);
4315 /***********************************************************
4316 Allow daemons such as winbindd to fix their logfile name.
4317 ************************************************************/
4319 void lp_set_logfile(const char *name)
4321 lpcfg_string_set(Globals.ctx, &Globals.logfile, name);
4322 debug_set_logfile(name);
4325 /*******************************************************************
4326 Return the max print jobs per queue.
4327 ********************************************************************/
4329 int lp_maxprintjobs(int snum)
4331 int maxjobs = lp_max_print_jobs(snum);
4333 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4334 maxjobs = PRINT_MAX_JOBID - 1;
4339 const char *lp_printcapname(void)
4341 const char *printcap_name = lp_printcap_name();
4343 if ((printcap_name != NULL) &&
4344 (printcap_name[0] != '\0'))
4345 return printcap_name;
4347 if (sDefault.printing == PRINT_CUPS) {
4351 if (sDefault.printing == PRINT_BSD)
4352 return "/etc/printcap";
4354 return PRINTCAP_NAME;
4357 static uint32_t spoolss_state;
4359 bool lp_disable_spoolss( void )
4361 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4362 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4364 return spoolss_state == SVCCTL_STOPPED ? true : false;
4367 void lp_set_spoolss_state( uint32_t state )
4369 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4371 spoolss_state = state;
4374 uint32_t lp_get_spoolss_state( void )
4376 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4379 /*******************************************************************
4380 Ensure we don't use sendfile if server smb signing is active.
4381 ********************************************************************/
4383 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4385 bool sign_active = false;
4387 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4388 if (get_Protocol() < PROTOCOL_NT1) {
4391 if (signing_state) {
4392 sign_active = smb_signing_is_active(signing_state);
4394 return (lp__use_sendfile(snum) &&
4395 (get_remote_arch() != RA_WIN95) &&
4399 /*******************************************************************
4400 Turn off sendfile if we find the underlying OS doesn't support it.
4401 ********************************************************************/
4403 void set_use_sendfile(int snum, bool val)
4405 if (LP_SNUM_OK(snum))
4406 ServicePtrs[snum]->_use_sendfile = val;
4408 sDefault._use_sendfile = val;
4411 void lp_set_mangling_method(const char *new_method)
4413 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, new_method);
4416 /*******************************************************************
4417 Global state for POSIX pathname processing.
4418 ********************************************************************/
4420 static bool posix_pathnames;
4422 bool lp_posix_pathnames(void)
4424 return posix_pathnames;
4427 /*******************************************************************
4428 Change everything needed to ensure POSIX pathname processing (currently
4430 ********************************************************************/
4432 void lp_set_posix_pathnames(void)
4434 posix_pathnames = true;
4437 /*******************************************************************
4438 Global state for POSIX lock processing - CIFS unix extensions.
4439 ********************************************************************/
4441 bool posix_default_lock_was_set;
4442 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4444 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4446 if (posix_default_lock_was_set) {
4447 return posix_cifsx_locktype;
4449 return (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) ?
4450 POSIX_LOCK : WINDOWS_LOCK;
4454 /*******************************************************************
4455 ********************************************************************/
4457 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4459 posix_default_lock_was_set = true;
4460 posix_cifsx_locktype = val;
4463 int lp_min_receive_file_size(void)
4465 int min_receivefile_size = lp_min_receivefile_size();
4467 if (min_receivefile_size < 0) {
4470 return min_receivefile_size;
4473 /*******************************************************************
4474 Safe wide links checks.
4475 This helper function always verify the validity of wide links,
4476 even after a configuration file reload.
4477 ********************************************************************/
4479 void widelinks_warning(int snum)
4481 if (lp_allow_insecure_wide_links()) {
4485 if (lp_unix_extensions() && lp_wide_links(snum)) {
4486 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4487 "These parameters are incompatible. "
4488 "Wide links will be disabled for this share.\n",
4489 lp_servicename(talloc_tos(), snum) ));
4493 bool lp_widelinks(int snum)
4495 /* wide links is always incompatible with unix extensions */
4496 if (lp_unix_extensions()) {
4498 * Unless we have "allow insecure widelinks"
4501 if (!lp_allow_insecure_wide_links()) {
4506 return lp_wide_links(snum);
4509 int lp_server_role(void)
4511 return lp_find_server_role(lp__server_role(),
4513 lp__domain_logons(),
4514 lp_domain_master_true_or_auto());
4517 int lp_security(void)
4519 return lp_find_security(lp__server_role(),
4523 int lp_client_max_protocol(void)
4525 int client_max_protocol = lp__client_max_protocol();
4526 if (client_max_protocol == PROTOCOL_DEFAULT) {
4527 return PROTOCOL_NT1;
4529 return client_max_protocol;
4532 int lp_client_ipc_min_protocol(void)
4534 int client_ipc_min_protocol = lp__client_ipc_min_protocol();
4535 if (client_ipc_min_protocol == PROTOCOL_DEFAULT) {
4536 client_ipc_min_protocol = lp_client_min_protocol();
4538 if (client_ipc_min_protocol < PROTOCOL_NT1) {
4539 return PROTOCOL_NT1;
4541 return client_ipc_min_protocol;
4544 int lp_client_ipc_max_protocol(void)
4546 int client_ipc_max_protocol = lp__client_ipc_max_protocol();
4547 if (client_ipc_max_protocol == PROTOCOL_DEFAULT) {
4548 return PROTOCOL_LATEST;
4550 if (client_ipc_max_protocol < PROTOCOL_NT1) {
4551 return PROTOCOL_NT1;
4553 return client_ipc_max_protocol;
4556 int lp_client_ipc_signing(void)
4558 int client_ipc_signing = lp__client_ipc_signing();
4559 if (client_ipc_signing == SMB_SIGNING_DEFAULT) {
4560 return SMB_SIGNING_REQUIRED;
4562 return client_ipc_signing;
4565 int lp_rpc_low_port(void)
4567 return Globals.rpc_low_port;
4570 int lp_rpc_high_port(void)
4572 return Globals.rpc_high_port;
4575 struct loadparm_global * get_globals(void)
4580 unsigned int * get_flags(void)
4582 if (flags_list == NULL) {
4583 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());