2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
73 #ifdef HAVE_SYS_SYSCTL_H
74 #include <sys/sysctl.h>
77 #ifdef HAVE_HTTPCONNECTENCRYPT
78 #include <cups/http.h>
83 extern userdom_struct current_user_info;
85 /* the special value for the include parameter
86 * to be interpreted not as a file name but to
87 * trigger loading of the global smb.conf options
89 #ifndef INCLUDE_REGISTRY_NAME
90 #define INCLUDE_REGISTRY_NAME "registry"
93 static bool in_client = false; /* Not in the client by default */
94 static struct smbconf_csn conf_last_csn;
96 static int config_backend = CONFIG_BACKEND_FILE;
98 /* some helpful bits */
99 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
102 #define USERSHARE_VALID 1
103 #define USERSHARE_PENDING_DELETE 2
105 static bool defaults_saved = false;
107 #include "lib/param/param_global.h"
109 static struct loadparm_global Globals;
111 /* This is a default service used to prime a services structure */
112 static struct loadparm_service sDefault =
117 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .iMaxPrintJobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
188 .administrative_share = false,
191 .print_notify_backchannel = false,
195 .store_dos_attributes = false,
196 .dmapi_support = false,
198 .strict_locking = Auto,
199 .posix_locking = true,
201 .kernel_oplocks = false,
202 .level2_oplocks = true,
204 .mangled_names = true,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
210 .strict_sync = false,
211 .mangling_char = '~',
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
225 .use_client_driver = false,
226 .default_devmode = true,
227 .force_printername = false,
228 .nt_acl_support = true,
229 .force_unknown_acl_user = false,
230 ._use_sendfile = false,
231 .profile_acls = false,
232 .map_acl_inherit = false,
235 .acl_check_permissions = true,
236 .acl_map_full_control = true,
237 .acl_group_control = false,
238 .acl_allow_execute_always = false,
239 .change_notify = true,
240 .kernel_change_notify = true,
241 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
244 .map_readonly = MAP_READONLY_YES,
245 .directory_name_cache_size = 100,
246 .smb_encrypt = SMB_SIGNING_DEFAULT,
247 .kernel_share_modes = true,
248 .durable_handles = true,
253 /* local variables */
254 static struct loadparm_service **ServicePtrs = NULL;
255 static int iNumServices = 0;
256 static int iServiceIndex = 0;
257 static struct db_context *ServiceHash;
258 static bool bInGlobalSection = true;
259 static bool bGlobalOnly = false;
260 static struct file_lists *file_lists = NULL;
261 static unsigned int *flags_list = NULL;
263 static void set_allowed_client_auth(void);
265 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
266 static void free_param_opts(struct parmlist_entry **popts);
268 /* this is used to prevent lots of mallocs of size 1 */
269 static const char null_string[] = "";
275 static void string_free(char **s)
279 if (*s == null_string)
285 Set a string value, deallocating any existing space, and allocing the space
289 static bool string_set(TALLOC_CTX *mem_ctx, char **dest,const char *src)
297 (*dest) = talloc_strdup(mem_ctx, src);
298 if ((*dest) == NULL) {
299 DEBUG(0,("Out of memory in string_init\n"));
307 * Function to return the default value for the maximum number of open
308 * file descriptors permitted. This function tries to consult the
309 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
310 * the smaller of those.
312 static int max_open_files(void)
314 int sysctl_max = MAX_OPEN_FILES;
315 int rlimit_max = MAX_OPEN_FILES;
317 #ifdef HAVE_SYSCTLBYNAME
319 size_t size = sizeof(sysctl_max);
320 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
325 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
331 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
332 rlimit_max = rl.rlim_cur;
334 #if defined(RLIM_INFINITY)
335 if(rl.rlim_cur == RLIM_INFINITY)
336 rlimit_max = MAX_OPEN_FILES;
341 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
342 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
343 "minimum Windows limit (%d)\n",
345 MIN_OPEN_FILES_WINDOWS));
346 sysctl_max = MIN_OPEN_FILES_WINDOWS;
349 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
350 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
351 "minimum Windows limit (%d)\n",
353 MIN_OPEN_FILES_WINDOWS));
354 rlimit_max = MIN_OPEN_FILES_WINDOWS;
357 return MIN(sysctl_max, rlimit_max);
361 * Common part of freeing allocated data for one parameter.
363 static void free_one_parameter_common(void *parm_ptr,
364 struct parm_struct parm)
366 if ((parm.type == P_STRING) ||
367 (parm.type == P_USTRING))
369 string_free((char**)parm_ptr);
370 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
371 TALLOC_FREE(*((char***)parm_ptr));
376 * Free the allocated data for one parameter for a share
377 * given as a service struct.
379 static void free_one_parameter(struct loadparm_service *service,
380 struct parm_struct parm)
384 if (parm.p_class != P_LOCAL) {
388 parm_ptr = lp_parm_ptr(service, &parm);
390 free_one_parameter_common(parm_ptr, parm);
394 * Free the allocated parameter data of a share given
395 * as a service struct.
397 static void free_parameters(struct loadparm_service *service)
401 for (i=0; parm_table[i].label; i++) {
402 free_one_parameter(service, parm_table[i]);
407 * Free the allocated data for one parameter for a given share
408 * specified by an snum.
410 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
415 parm_ptr = lp_parm_ptr(NULL, &parm);
416 } else if (parm.p_class != P_LOCAL) {
419 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
422 free_one_parameter_common(parm_ptr, parm);
426 * Free the allocated parameter data for a share specified
429 static void free_parameters_by_snum(int snum)
433 for (i=0; parm_table[i].label; i++) {
434 free_one_parameter_by_snum(snum, parm_table[i]);
439 * Free the allocated global parameters.
441 static void free_global_parameters(void)
443 free_param_opts(&Globals.param_opt);
444 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
445 TALLOC_FREE(Globals.ctx);
448 struct lp_stored_option {
449 struct lp_stored_option *prev, *next;
454 static struct lp_stored_option *stored_options;
457 save options set by lp_set_cmdline() into a list. This list is
458 re-applied when we do a globals reset, so that cmdline set options
459 are sticky across reloads of smb.conf
461 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
463 struct lp_stored_option *entry, *entry_next;
464 for (entry = stored_options; entry != NULL; entry = entry_next) {
465 entry_next = entry->next;
466 if (strcmp(pszParmName, entry->label) == 0) {
467 DLIST_REMOVE(stored_options, entry);
473 entry = talloc(NULL, struct lp_stored_option);
478 entry->label = talloc_strdup(entry, pszParmName);
484 entry->value = talloc_strdup(entry, pszParmValue);
490 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
495 static bool apply_lp_set_cmdline(void)
497 struct lp_stored_option *entry = NULL;
498 for (entry = stored_options; entry != NULL; entry = entry->next) {
499 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
500 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
501 entry->label, entry->value));
508 /***************************************************************************
509 Initialise the global parameter structure.
510 ***************************************************************************/
512 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
514 static bool done_init = false;
518 /* If requested to initialize only once and we've already done it... */
519 if (!reinit_globals && done_init) {
520 /* ... then we have nothing more to do */
525 /* The logfile can be set before this is invoked. Free it if so. */
526 if (Globals.logfile != NULL) {
527 string_free(&Globals.logfile);
528 Globals.logfile = NULL;
532 free_global_parameters();
535 /* This memset and the free_global_parameters() above will
536 * wipe out smb.conf options set with lp_set_cmdline(). The
537 * apply_lp_set_cmdline() call puts these values back in the
538 * table once the defaults are set */
539 ZERO_STRUCT(Globals);
541 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
543 /* Initialize the flags list if necessary */
544 if (flags_list == NULL) {
548 for (i = 0; parm_table[i].label; i++) {
549 if ((parm_table[i].type == P_STRING ||
550 parm_table[i].type == P_USTRING))
552 string_set(Globals.ctx, (char **)lp_parm_ptr(NULL, &parm_table[i]), "");
557 string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
558 string_set(Globals.ctx, &sDefault.printjob_username, "%U");
560 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
562 sDefault.ntvfs_handler = (const char **)str_list_make_v3(NULL, "unixuid default", NULL);
564 DEBUG(3, ("Initialising global parameters\n"));
566 /* Must manually force to upper case here, as this does not go via the handler */
567 string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
569 string_set(Globals.ctx, &Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
570 string_set(Globals.ctx, &Globals.private_dir, get_dyn_PRIVATE_DIR());
572 /* use the new 'hash2' method by default, with a prefix of 1 */
573 string_set(Globals.ctx, &Globals.mangling_method, "hash2");
574 Globals.mangle_prefix = 1;
576 string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
578 /* using UTF8 by default allows us to support all chars */
579 string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
581 /* Use codepage 850 as a default for the dos character set */
582 string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
585 * Allow the default PASSWD_CHAT to be overridden in local.h.
587 string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
589 string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
591 string_set(Globals.ctx, &Globals.passwd_program, "");
592 string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
593 string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
594 string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
595 string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
596 string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
598 * By default support explicit binding to broadcast
601 Globals.nmbd_bind_explicit_broadcast = true;
603 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
605 smb_panic("init_globals: ENOMEM");
607 string_set(Globals.ctx, &Globals.server_string, s);
610 string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
613 string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
615 string_set(Globals.ctx, &Globals.logon_drive, "");
616 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
617 string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
618 string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
620 Globals.name_resolve_order = (const char **)str_list_make_v3(NULL, "lmhosts wins host bcast", NULL);
621 string_set(Globals.ctx, &Globals.password_server, "*");
623 Globals.algorithmic_rid_base = BASE_RID;
625 Globals.load_printers = true;
626 Globals.printcap_cache_time = 750; /* 12.5 minutes */
628 Globals.config_backend = config_backend;
629 Globals._server_role = ROLE_AUTO;
631 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
632 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
633 Globals.max_xmit = 0x4104;
634 Globals.max_mux = 50; /* This is *needed* for profile support. */
635 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
636 Globals._disable_spoolss = false;
637 Globals.max_smbd_processes = 0;/* no limit specified */
638 Globals.username_level = 0;
639 Globals.deadtime = 0;
640 Globals.getwd_cache = true;
641 Globals.large_readwrite = true;
642 Globals.max_log_size = 5000;
643 Globals.max_open_files = max_open_files();
644 Globals.server_max_protocol = PROTOCOL_SMB3_00;
645 Globals.server_min_protocol = PROTOCOL_LANMAN1;
646 Globals._client_max_protocol = PROTOCOL_DEFAULT;
647 Globals.client_min_protocol = PROTOCOL_CORE;
648 Globals._security = SEC_AUTO;
649 Globals.encrypt_passwords = true;
650 Globals.client_schannel = Auto;
651 Globals.winbind_sealed_pipes = true;
652 Globals.require_strong_key = true;
653 Globals.server_schannel = Auto;
654 Globals.read_raw = true;
655 Globals.write_raw = true;
656 Globals.null_passwords = false;
657 Globals.old_password_allowed_period = 60;
658 Globals.obey_pam_restrictions = false;
660 Globals.syslog_only = false;
661 Globals.timestamp_logs = true;
662 string_set(Globals.ctx, &Globals.log_level, "0");
663 Globals.debug_prefix_timestamp = false;
664 Globals.debug_hires_timestamp = true;
665 Globals.debug_pid = false;
666 Globals.debug_uid = false;
667 Globals.debug_class = false;
668 Globals.enable_core_files = true;
669 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
670 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
671 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
672 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
673 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
674 Globals.lm_interval = 60;
675 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
676 Globals.nis_homedir = false;
677 #ifdef WITH_NISPLUS_HOME
678 string_set(Globals.ctx, &Globals.homedir_map, "auto_home.org_dir");
680 string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
683 Globals.time_server = false;
684 Globals.bind_interfaces_only = false;
685 Globals.unix_password_sync = false;
686 Globals.pam_password_change = false;
687 Globals.passwd_chat_debug = false;
688 Globals.passwd_chat_timeout = 2; /* 2 second default. */
689 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
690 Globals.nt_status_support = true; /* Use NT status by default. */
691 Globals.stat_cache = true; /* use stat cache by default */
692 Globals.max_stat_cache_size = 256; /* 256k by default */
693 Globals.restrict_anonymous = 0;
694 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
695 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
696 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
697 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
698 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
699 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
701 Globals.map_to_guest = 0; /* By Default, "Never" */
702 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
703 Globals.enhanced_browsing = true;
704 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
705 #ifdef MMAP_BLACKLIST
706 Globals.use_mmap = false;
708 Globals.use_mmap = true;
710 Globals.unicode = true;
711 Globals.unix_extensions = true;
712 Globals.reset_on_zero_vc = false;
713 Globals.log_writeable_files_on_exit = false;
714 Globals.create_krb5_conf = true;
715 Globals.winbindMaxDomainConnections = 1;
717 /* hostname lookups can be very expensive and are broken on
718 a large number of sites (tridge) */
719 Globals.hostname_lookups = false;
721 string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
722 string_set(Globals.ctx, &Globals.ldap_suffix, "");
723 string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
724 string_set(Globals.ctx, &Globals.szLdapUserSuffix, "");
725 string_set(Globals.ctx, &Globals.szLdapGroupSuffix, "");
726 string_set(Globals.ctx, &Globals.szLdapIdmapSuffix, "");
728 string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
729 Globals.ldap_ssl = LDAP_SSL_START_TLS;
730 Globals.ldap_ssl_ads = false;
731 Globals.ldap_deref = -1;
732 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
733 Globals.ldap_delete_dn = false;
734 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
735 Globals.ldap_follow_referral = Auto;
736 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
737 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
738 Globals.ldap_page_size = LDAP_PAGE_SIZE;
740 Globals.ldap_debug_level = 0;
741 Globals.ldap_debug_threshold = 10;
743 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
745 /* This is what we tell the afs client. in reality we set the token
746 * to never expire, though, when this runs out the afs client will
747 * forget the token. Set to 0 to get NEVERDATE.*/
748 Globals.afs_token_lifetime = 604800;
749 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
751 /* these parameters are set to defaults that are more appropriate
752 for the increasing samba install base:
754 as a member of the workgroup, that will possibly become a
755 _local_ master browser (lm = true). this is opposed to a forced
756 local master browser startup (pm = true).
758 doesn't provide WINS server service by default (wsupp = false),
759 and doesn't provide domain master browser services by default, either.
763 Globals.show_add_printer_wizard = true;
764 Globals.os_level = 20;
765 Globals.local_master = true;
766 Globals._domain_master = Auto; /* depending on _domain_logons */
767 Globals._domain_logons = false;
768 Globals.browse_list = true;
769 Globals.we_are_a_wins_server = false;
770 Globals.wins_proxy = false;
772 TALLOC_FREE(Globals.init_logon_delayed_hosts);
773 Globals.init_logon_delay = 100; /* 100 ms default delay */
775 Globals.wins_dns_proxy = true;
777 Globals.allow_trusted_domains = true;
778 string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
780 string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
781 string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
782 string_set(Globals.ctx, &Globals.winbind_separator, "\\");
783 string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
785 string_set(Globals.ctx, &Globals.cups_server, "");
786 string_set(Globals.ctx, &Globals.iprint_server, "");
788 string_set(Globals.ctx, &Globals._ctdbd_socket, "");
790 Globals.cluster_addresses = NULL;
791 Globals.clustering = false;
792 Globals.ctdb_timeout = 0;
793 Globals.ctdb_locktime_warn_threshold = 0;
795 Globals.winbind_cache_time = 300; /* 5 minutes */
796 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
797 Globals.winbind_request_timeout = 60; /* 60 seconds */
798 Globals.winbind_max_clients = 200;
799 Globals.winbind_enum_users = false;
800 Globals.winbind_enum_groups = false;
801 Globals.winbind_use_default_domain = false;
802 Globals.winbind_trusted_domains_only = false;
803 Globals.winbind_nested_groups = true;
804 Globals.winbind_expand_groups = 0;
805 Globals.winbind_nss_info = (const char **)str_list_make_v3(NULL, "template", NULL);
806 Globals.winbind_refresh_tickets = false;
807 Globals.winbind_offline_logon = false;
809 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
810 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
812 Globals.passdb_expand_explicit = false;
814 Globals.name_cache_timeout = 660; /* In seconds */
816 Globals.use_spnego = true;
817 Globals.client_use_spnego = true;
819 Globals.client_signing = SMB_SIGNING_DEFAULT;
820 Globals.server_signing = SMB_SIGNING_DEFAULT;
822 Globals.defer_sharing_violations = true;
823 Globals.smb_ports = (const char **)str_list_make_v3(NULL, SMB_PORTS, NULL);
825 Globals.enable_privileges = true;
826 Globals.host_msdfs = true;
827 Globals.enable_asu_support = false;
829 /* User defined shares. */
830 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
832 smb_panic("init_globals: ENOMEM");
834 string_set(Globals.ctx, &Globals.usershare_path, s);
836 string_set(Globals.ctx, &Globals.usershare_template_share, "");
837 Globals.usershare_max_shares = 0;
838 /* By default disallow sharing of directories not owned by the sharer. */
839 Globals.usershare_owner_only = true;
840 /* By default disallow guest access to usershares. */
841 Globals.usershare_allow_guests = false;
843 Globals.keepalive = DEFAULT_KEEPALIVE;
845 /* By default no shares out of the registry */
846 Globals.registry_shares = false;
848 Globals.iminreceivefile = 0;
850 Globals.map_untrusted_to_domain = false;
851 Globals.multicast_dns_register = true;
853 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
854 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
855 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
856 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
858 string_set(Globals.ctx, &Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
860 Globals.server_services = (const char **)str_list_make_v3(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
862 Globals.dcerpc_endpoint_servers = (const char **)str_list_make_v3(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
864 Globals.tls_enabled = true;
866 string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
867 string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
868 string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
870 string_set(Globals.ctx, &Globals.share_backend, "classic");
872 Globals.iPreferredMaster = Auto;
874 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
876 string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
878 string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
880 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
882 smb_panic("init_globals: ENOMEM");
884 Globals.samba_kcc_command = (const char **)str_list_make_v3(NULL, s, NULL);
887 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
889 smb_panic("init_globals: ENOMEM");
891 Globals.dns_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
894 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
896 smb_panic("init_globals: ENOMEM");
898 Globals.spn_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
901 Globals.nsupdate_command = (const char **)str_list_make_v3(NULL, "/usr/bin/nsupdate -g", NULL);
903 Globals.rndc_command = (const char **)str_list_make_v3(NULL, "/usr/sbin/rndc", NULL);
905 Globals.cldap_port = 389;
907 Globals.dgram_port = 138;
909 Globals.nbt_port = 137;
911 Globals.krb5_port = 88;
913 Globals.kpasswd_port = 464;
915 Globals.web_port = 901;
917 /* Now put back the settings that were set with lp_set_cmdline() */
918 apply_lp_set_cmdline();
921 /* Convenience routine to setup an lp_context with additional s3 variables */
922 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
924 struct loadparm_context *lp_ctx;
926 lp_ctx = loadparm_init_s3(mem_ctx,
927 loadparm_s3_helpers());
928 if (lp_ctx == NULL) {
929 DEBUG(0, ("loadparm_init_s3 failed\n"));
933 lp_ctx->sDefault = &sDefault;
934 lp_ctx->services = NULL; /* We do not want to access this directly */
935 lp_ctx->bInGlobalSection = bInGlobalSection;
936 lp_ctx->flags = flags_list;
941 /*******************************************************************
942 Convenience routine to grab string parameters into talloced memory
943 and run standard_sub_basic on them. The buffers can be written to by
944 callers without affecting the source string.
945 ********************************************************************/
947 char *lp_string(TALLOC_CTX *ctx, const char *s)
951 /* The follow debug is useful for tracking down memory problems
952 especially if you have an inner loop that is calling a lp_*()
953 function that returns a string. Perhaps this debug should be
954 present all the time? */
957 DEBUG(10, ("lp_string(%s)\n", s));
963 ret = talloc_sub_basic(ctx,
964 get_current_username(),
965 current_user_info.domain,
967 if (trim_char(ret, '\"', '\"')) {
968 if (strchr(ret,'\"') != NULL) {
970 ret = talloc_sub_basic(ctx,
971 get_current_username(),
972 current_user_info.domain,
980 In this section all the functions that are used to access the
981 parameters from the rest of the program are defined
984 #define FN_GLOBAL_STRING(fn_name,ptr) \
985 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
986 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
987 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
988 #define FN_GLOBAL_LIST(fn_name,ptr) \
989 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
990 #define FN_GLOBAL_BOOL(fn_name,ptr) \
991 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
992 #define FN_GLOBAL_CHAR(fn_name,ptr) \
993 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
994 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
995 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
997 #define FN_LOCAL_STRING(fn_name,val) \
998 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
999 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1000 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1001 #define FN_LOCAL_LIST(fn_name,val) \
1002 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1003 #define FN_LOCAL_BOOL(fn_name,val) \
1004 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1005 #define FN_LOCAL_INTEGER(fn_name,val) \
1006 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1008 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1009 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1010 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1011 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1012 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1013 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1015 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1016 winbindMaxDomainConnections)
1018 int lp_winbind_max_domain_connections(void)
1020 if (lp_winbind_offline_logon() &&
1021 lp_winbind_max_domain_connections_int() > 1) {
1022 DEBUG(1, ("offline logons active, restricting max domain "
1023 "connections to 1\n"));
1026 return MAX(1, lp_winbind_max_domain_connections_int());
1029 int lp_smb2_max_credits(void)
1031 if (Globals.ismb2_max_credits == 0) {
1032 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1034 return Globals.ismb2_max_credits;
1036 int lp_cups_encrypt(void)
1039 #ifdef HAVE_HTTPCONNECTENCRYPT
1040 switch (Globals.CupsEncrypt) {
1042 result = HTTP_ENCRYPT_REQUIRED;
1045 result = HTTP_ENCRYPT_ALWAYS;
1048 result = HTTP_ENCRYPT_NEVER;
1055 /* These functions remain in source3/param for now */
1057 #include "lib/param/param_functions.c"
1059 FN_LOCAL_STRING(servicename, szService)
1060 FN_LOCAL_CONST_STRING(const_servicename, szService)
1062 /* These functions cannot be auto-generated */
1063 FN_LOCAL_BOOL(autoloaded, autoloaded)
1064 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1066 /* local prototypes */
1068 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1069 static const char *get_boolean(bool bool_value);
1070 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1072 static bool hash_a_service(const char *name, int number);
1073 static void free_service_byindex(int iService);
1074 static void show_parameter(int parmIndex);
1075 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1078 * This is a helper function for parametrical options support. It returns a
1079 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1080 * parametrical functions are quite simple
1082 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1085 if (snum >= iNumServices) return NULL;
1088 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1090 return get_parametric_helper(ServicePtrs[snum],
1091 type, option, Globals.param_opt);
1096 #define MISSING_PARAMETER(name) \
1097 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1099 /*******************************************************************
1100 convenience routine to return enum parameters.
1101 ********************************************************************/
1102 static int lp_enum(const char *s,const struct enum_list *_enum)
1106 if (!s || !*s || !_enum) {
1107 MISSING_PARAMETER(lp_enum);
1111 for (i=0; _enum[i].name; i++) {
1112 if (strequal(_enum[i].name,s))
1113 return _enum[i].value;
1116 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1120 #undef MISSING_PARAMETER
1122 /* Return parametric option from a given service. Type is a part of option before ':' */
1123 /* Parametric option has following syntax: 'Type: option = value' */
1124 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1126 struct parmlist_entry *data = get_parametrics(snum, type, option);
1128 if (data == NULL||data->value==NULL) {
1130 return lp_string(ctx, def);
1136 return lp_string(ctx, data->value);
1139 /* Return parametric option from a given service. Type is a part of option before ':' */
1140 /* Parametric option has following syntax: 'Type: option = value' */
1141 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1143 struct parmlist_entry *data = get_parametrics(snum, type, option);
1145 if (data == NULL||data->value==NULL)
1152 /* Return parametric option from a given service. Type is a part of option before ':' */
1153 /* Parametric option has following syntax: 'Type: option = value' */
1155 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1157 struct parmlist_entry *data = get_parametrics(snum, type, option);
1159 if (data == NULL||data->value==NULL)
1160 return (const char **)def;
1162 if (data->list==NULL) {
1163 data->list = str_list_make_v3(NULL, data->value, NULL);
1166 return (const char **)data->list;
1169 /* Return parametric option from a given service. Type is a part of option before ':' */
1170 /* Parametric option has following syntax: 'Type: option = value' */
1172 int lp_parm_int(int snum, const char *type, const char *option, int def)
1174 struct parmlist_entry *data = get_parametrics(snum, type, option);
1176 if (data && data->value && *data->value)
1177 return lp_int(data->value);
1182 /* Return parametric option from a given service. Type is a part of option before ':' */
1183 /* Parametric option has following syntax: 'Type: option = value' */
1185 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1187 struct parmlist_entry *data = get_parametrics(snum, type, option);
1189 if (data && data->value && *data->value)
1190 return lp_ulong(data->value);
1195 /* Return parametric option from a given service. Type is a part of option before ':' */
1196 /* Parametric option has following syntax: 'Type: option = value' */
1198 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1200 struct parmlist_entry *data = get_parametrics(snum, type, option);
1202 if (data && data->value && *data->value)
1203 return lp_bool(data->value);
1208 /* Return parametric option from a given service. Type is a part of option before ':' */
1209 /* Parametric option has following syntax: 'Type: option = value' */
1211 int lp_parm_enum(int snum, const char *type, const char *option,
1212 const struct enum_list *_enum, int def)
1214 struct parmlist_entry *data = get_parametrics(snum, type, option);
1216 if (data && data->value && *data->value && _enum)
1217 return lp_enum(data->value, _enum);
1223 * free a param_opts structure.
1224 * param_opts handling should be moved to talloc;
1225 * then this whole functions reduces to a TALLOC_FREE().
1228 static void free_param_opts(struct parmlist_entry **popts)
1230 struct parmlist_entry *opt, *next_opt;
1232 if (*popts != NULL) {
1233 DEBUG(5, ("Freeing parametrics:\n"));
1236 while (opt != NULL) {
1237 string_free(&opt->key);
1238 string_free(&opt->value);
1239 TALLOC_FREE(opt->list);
1240 next_opt = opt->next;
1247 /***************************************************************************
1248 Free the dynamically allocated parts of a service struct.
1249 ***************************************************************************/
1251 static void free_service(struct loadparm_service *pservice)
1256 if (pservice->szService)
1257 DEBUG(5, ("free_service: Freeing service %s\n",
1258 pservice->szService));
1260 free_parameters(pservice);
1262 string_free(&pservice->szService);
1263 TALLOC_FREE(pservice->copymap);
1265 free_param_opts(&pservice->param_opt);
1267 ZERO_STRUCTP(pservice);
1271 /***************************************************************************
1272 remove a service indexed in the ServicePtrs array from the ServiceHash
1273 and free the dynamically allocated parts
1274 ***************************************************************************/
1276 static void free_service_byindex(int idx)
1278 if ( !LP_SNUM_OK(idx) )
1281 ServicePtrs[idx]->valid = false;
1283 /* we have to cleanup the hash record */
1285 if (ServicePtrs[idx]->szService) {
1286 char *canon_name = canonicalize_servicename(
1288 ServicePtrs[idx]->szService );
1290 dbwrap_delete_bystring(ServiceHash, canon_name );
1291 TALLOC_FREE(canon_name);
1294 free_service(ServicePtrs[idx]);
1295 talloc_free_children(ServicePtrs[idx]);
1298 /***************************************************************************
1299 Add a new service to the services array initialising it with the given
1301 ***************************************************************************/
1303 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1306 int num_to_alloc = iNumServices + 1;
1307 struct loadparm_service **tsp = NULL;
1309 /* it might already exist */
1311 i = getservicebyname(name, NULL);
1317 /* if not, then create one */
1319 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1321 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1325 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1326 if (!ServicePtrs[iNumServices]) {
1327 DEBUG(0,("add_a_service: out of memory!\n"));
1332 ServicePtrs[i]->valid = true;
1334 copy_service(ServicePtrs[i], pservice, NULL);
1336 string_set(ServicePtrs[i], &ServicePtrs[i]->szService, name);
1338 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1339 i, ServicePtrs[i]->szService));
1341 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1348 /***************************************************************************
1349 Convert a string to uppercase and remove whitespaces.
1350 ***************************************************************************/
1352 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1357 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1361 result = talloc_strdup(ctx, src);
1362 SMB_ASSERT(result != NULL);
1364 if (!strlower_m(result)) {
1365 TALLOC_FREE(result);
1371 /***************************************************************************
1372 Add a name/index pair for the services array to the hash table.
1373 ***************************************************************************/
1375 static bool hash_a_service(const char *name, int idx)
1379 if ( !ServiceHash ) {
1380 DEBUG(10,("hash_a_service: creating servicehash\n"));
1381 ServiceHash = db_open_rbt(NULL);
1382 if ( !ServiceHash ) {
1383 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1388 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1391 canon_name = canonicalize_servicename(talloc_tos(), name );
1393 dbwrap_store_bystring(ServiceHash, canon_name,
1394 make_tdb_data((uint8 *)&idx, sizeof(idx)),
1397 TALLOC_FREE(canon_name);
1402 /***************************************************************************
1403 Add a new home service, with the specified home directory, defaults coming
1405 ***************************************************************************/
1407 bool lp_add_home(const char *pszHomename, int iDefaultService,
1408 const char *user, const char *pszHomedir)
1412 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1413 pszHomedir[0] == '\0') {
1417 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1422 if (!(*(ServicePtrs[iDefaultService]->path))
1423 || strequal(ServicePtrs[iDefaultService]->path,
1424 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1425 string_set(ServicePtrs[i], &ServicePtrs[i]->path, pszHomedir);
1428 if (!(*(ServicePtrs[i]->comment))) {
1429 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1430 if (comment == NULL) {
1433 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1434 TALLOC_FREE(comment);
1437 /* set the browseable flag from the global default */
1439 ServicePtrs[i]->browseable = sDefault.browseable;
1440 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1442 ServicePtrs[i]->autoloaded = true;
1444 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1445 user, ServicePtrs[i]->path ));
1450 /***************************************************************************
1451 Add a new service, based on an old one.
1452 ***************************************************************************/
1454 int lp_add_service(const char *pszService, int iDefaultService)
1456 if (iDefaultService < 0) {
1457 return add_a_service(&sDefault, pszService);
1460 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1463 /***************************************************************************
1464 Add the IPC service.
1465 ***************************************************************************/
1467 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1469 char *comment = NULL;
1470 int i = add_a_service(&sDefault, ipc_name);
1475 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1476 Globals.server_string);
1477 if (comment == NULL) {
1481 string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1482 string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1483 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1484 string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1485 ServicePtrs[i]->max_connections = 0;
1486 ServicePtrs[i]->bAvailable = true;
1487 ServicePtrs[i]->read_only = true;
1488 ServicePtrs[i]->guest_only = false;
1489 ServicePtrs[i]->administrative_share = true;
1490 ServicePtrs[i]->guest_ok = guest_ok;
1491 ServicePtrs[i]->printable = false;
1492 ServicePtrs[i]->browseable = sDefault.browseable;
1494 DEBUG(3, ("adding IPC service\n"));
1496 TALLOC_FREE(comment);
1500 /***************************************************************************
1501 Add a new printer service, with defaults coming from service iFrom.
1502 ***************************************************************************/
1504 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1506 const char *comment = "From Printcap";
1507 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1512 /* note that we do NOT default the availability flag to true - */
1513 /* we take it from the default service passed. This allows all */
1514 /* dynamic printers to be disabled by disabling the [printers] */
1515 /* entry (if/when the 'available' keyword is implemented!). */
1517 /* the printer name is set to the service name. */
1518 string_set(ServicePtrs[i], &ServicePtrs[i]->_printername, pszPrintername);
1519 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1521 /* set the browseable flag from the gloabl default */
1522 ServicePtrs[i]->browseable = sDefault.browseable;
1524 /* Printers cannot be read_only. */
1525 ServicePtrs[i]->read_only = false;
1526 /* No oplocks on printer services. */
1527 ServicePtrs[i]->oplocks = false;
1528 /* Printer services must be printable. */
1529 ServicePtrs[i]->printable = true;
1531 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1537 /***************************************************************************
1538 Check whether the given parameter name is valid.
1539 Parametric options (names containing a colon) are considered valid.
1540 ***************************************************************************/
1542 bool lp_parameter_is_valid(const char *pszParmName)
1544 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1545 (strchr(pszParmName, ':') != NULL));
1548 /***************************************************************************
1549 Check whether the given name is the name of a global parameter.
1550 Returns true for strings belonging to parameters of class
1551 P_GLOBAL, false for all other strings, also for parametric options
1552 and strings not belonging to any option.
1553 ***************************************************************************/
1555 bool lp_parameter_is_global(const char *pszParmName)
1557 int num = lpcfg_map_parameter(pszParmName);
1560 return (parm_table[num].p_class == P_GLOBAL);
1566 /**************************************************************************
1567 Check whether the given name is the canonical name of a parameter.
1568 Returns false if it is not a valid parameter Name.
1569 For parametric options, true is returned.
1570 **************************************************************************/
1572 bool lp_parameter_is_canonical(const char *parm_name)
1574 if (!lp_parameter_is_valid(parm_name)) {
1578 return (lpcfg_map_parameter(parm_name) ==
1579 map_parameter_canonical(parm_name, NULL));
1582 /**************************************************************************
1583 Determine the canonical name for a parameter.
1584 Indicate when it is an inverse (boolean) synonym instead of a
1586 **************************************************************************/
1588 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1593 if (!lp_parameter_is_valid(parm_name)) {
1598 num = map_parameter_canonical(parm_name, inverse);
1600 /* parametric option */
1601 *canon_parm = parm_name;
1603 *canon_parm = parm_table[num].label;
1610 /**************************************************************************
1611 Determine the canonical name for a parameter.
1612 Turn the value given into the inverse boolean expression when
1613 the synonym is an invers boolean synonym.
1615 Return true if parm_name is a valid parameter name and
1616 in case it is an invers boolean synonym, if the val string could
1617 successfully be converted to the reverse bool.
1618 Return false in all other cases.
1619 **************************************************************************/
1621 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1623 const char **canon_parm,
1624 const char **canon_val)
1629 if (!lp_parameter_is_valid(parm_name)) {
1635 num = map_parameter_canonical(parm_name, &inverse);
1637 /* parametric option */
1638 *canon_parm = parm_name;
1641 *canon_parm = parm_table[num].label;
1643 if (!lp_invert_boolean(val, canon_val)) {
1655 /***************************************************************************
1656 Map a parameter's string representation to the index of the canonical
1657 form of the parameter (it might be a synonym).
1658 Returns -1 if the parameter string is not recognised.
1659 ***************************************************************************/
1661 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1663 int parm_num, canon_num;
1664 bool loc_inverse = false;
1666 parm_num = lpcfg_map_parameter(pszParmName);
1667 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
1668 /* invalid, parametric or no canidate for synonyms ... */
1672 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1673 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1674 parm_num = canon_num;
1680 if (inverse != NULL) {
1681 *inverse = loc_inverse;
1686 /***************************************************************************
1687 return true if parameter number parm1 is a synonym of parameter
1688 number parm2 (parm2 being the principal name).
1689 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1691 ***************************************************************************/
1693 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1695 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1696 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1697 (parm_table[parm1].flags & FLAG_HIDE) &&
1698 !(parm_table[parm2].flags & FLAG_HIDE))
1700 if (inverse != NULL) {
1701 if ((parm_table[parm1].type == P_BOOLREV) &&
1702 (parm_table[parm2].type == P_BOOL))
1714 /***************************************************************************
1715 Show one parameter's name, type, [values,] and flags.
1716 (helper functions for show_parameter_list)
1717 ***************************************************************************/
1719 static void show_parameter(int parmIndex)
1721 int enumIndex, flagIndex;
1726 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1727 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1729 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
1730 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
1732 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
1733 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
1734 "FLAG_DEPRECATED", "FLAG_HIDE", NULL};
1736 printf("%s=%s", parm_table[parmIndex].label,
1737 type[parm_table[parmIndex].type]);
1738 if (parm_table[parmIndex].type == P_ENUM) {
1741 parm_table[parmIndex].enum_list[enumIndex].name;
1745 enumIndex ? "|" : "",
1746 parm_table[parmIndex].enum_list[enumIndex].name);
1751 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1752 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1755 flag_names[flagIndex]);
1760 /* output synonyms */
1762 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1763 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1764 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1765 parm_table[parmIndex2].label);
1766 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1768 printf(" (synonyms: ");
1773 printf("%s%s", parm_table[parmIndex2].label,
1774 inverse ? "[i]" : "");
1784 /***************************************************************************
1785 Show all parameter's name, type, [values,] and flags.
1786 ***************************************************************************/
1788 void show_parameter_list(void)
1790 int classIndex, parmIndex;
1791 const char *section_names[] = { "local", "global", NULL};
1793 for (classIndex=0; section_names[classIndex]; classIndex++) {
1794 printf("[%s]\n", section_names[classIndex]);
1795 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1796 if (parm_table[parmIndex].p_class == classIndex) {
1797 show_parameter(parmIndex);
1803 /***************************************************************************
1804 Get the standard string representation of a boolean value ("yes" or "no")
1805 ***************************************************************************/
1807 static const char *get_boolean(bool bool_value)
1809 static const char *yes_str = "yes";
1810 static const char *no_str = "no";
1812 return (bool_value ? yes_str : no_str);
1815 /***************************************************************************
1816 Provide the string of the negated boolean value associated to the boolean
1817 given as a string. Returns false if the passed string does not correctly
1818 represent a boolean.
1819 ***************************************************************************/
1821 bool lp_invert_boolean(const char *str, const char **inverse_str)
1825 if (!set_boolean(str, &val)) {
1829 *inverse_str = get_boolean(!val);
1833 /***************************************************************************
1834 Provide the canonical string representation of a boolean value given
1835 as a string. Return true on success, false if the string given does
1836 not correctly represent a boolean.
1837 ***************************************************************************/
1839 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1843 if (!set_boolean(str, &val)) {
1847 *canon_str = get_boolean(val);
1851 /***************************************************************************
1852 Find a service by name. Otherwise works like get_service.
1853 ***************************************************************************/
1855 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1862 if (ServiceHash == NULL) {
1866 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1868 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1871 if (NT_STATUS_IS_OK(status) &&
1872 (data.dptr != NULL) &&
1873 (data.dsize == sizeof(iService)))
1875 iService = *(int *)data.dptr;
1878 TALLOC_FREE(canon_name);
1880 if ((iService != -1) && (LP_SNUM_OK(iService))
1881 && (pserviceDest != NULL)) {
1882 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1888 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1889 struct loadparm_service *lp_service(const char *pszServiceName)
1891 int iService = getservicebyname(pszServiceName, NULL);
1892 if (iService == -1 || !LP_SNUM_OK(iService)) {
1895 return ServicePtrs[iService];
1898 struct loadparm_service *lp_servicebynum(int snum)
1900 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1903 return ServicePtrs[snum];
1906 struct loadparm_service *lp_default_loadparm_service()
1911 static struct smbconf_ctx *lp_smbconf_ctx(void)
1914 static struct smbconf_ctx *conf_ctx = NULL;
1916 if (conf_ctx == NULL) {
1917 err = smbconf_init(NULL, &conf_ctx, "registry:");
1918 if (!SBC_ERROR_IS_OK(err)) {
1919 DEBUG(1, ("error initializing registry configuration: "
1920 "%s\n", sbcErrorString(err)));
1928 static bool process_smbconf_service(struct smbconf_service *service)
1933 if (service == NULL) {
1937 ret = lp_do_section(service->name, NULL);
1941 for (count = 0; count < service->num_params; count++) {
1943 if (!bInGlobalSection && bGlobalOnly) {
1946 const char *pszParmName = service->param_names[count];
1947 const char *pszParmValue = service->param_values[count];
1949 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
1951 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
1952 pszParmName, pszParmValue);
1959 if (iServiceIndex >= 0) {
1960 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
1966 * load a service from registry and activate it
1968 bool process_registry_service(const char *service_name)
1971 struct smbconf_service *service = NULL;
1972 TALLOC_CTX *mem_ctx = talloc_stackframe();
1973 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
1976 if (conf_ctx == NULL) {
1980 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
1982 if (!smbconf_share_exists(conf_ctx, service_name)) {
1984 * Registry does not contain data for this service (yet),
1985 * but make sure lp_load doesn't return false.
1991 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
1992 if (!SBC_ERROR_IS_OK(err)) {
1996 ret = process_smbconf_service(service);
2002 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2005 TALLOC_FREE(mem_ctx);
2010 * process_registry_globals
2012 static bool process_registry_globals(void)
2016 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2018 if (!bInGlobalSection && bGlobalOnly) {
2021 const char *pszParmName = "registry shares";
2022 const char *pszParmValue = "yes";
2024 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2026 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2027 pszParmName, pszParmValue);
2034 return process_registry_service(GLOBAL_NAME);
2037 bool process_registry_shares(void)
2041 struct smbconf_service **service = NULL;
2042 uint32_t num_shares = 0;
2043 TALLOC_CTX *mem_ctx = talloc_stackframe();
2044 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2047 if (conf_ctx == NULL) {
2051 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2052 if (!SBC_ERROR_IS_OK(err)) {
2058 for (count = 0; count < num_shares; count++) {
2059 if (strequal(service[count]->name, GLOBAL_NAME)) {
2062 ret = process_smbconf_service(service[count]);
2069 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2072 TALLOC_FREE(mem_ctx);
2077 * reload those shares from registry that are already
2078 * activated in the services array.
2080 static bool reload_registry_shares(void)
2085 for (i = 0; i < iNumServices; i++) {
2090 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2094 ret = process_registry_service(ServicePtrs[i]->szService);
2105 #define MAX_INCLUDE_DEPTH 100
2107 static uint8_t include_depth;
2110 * Free the file lists
2112 static void free_file_list(void)
2114 struct file_lists *f;
2115 struct file_lists *next;
2128 * Utility function for outsiders to check if we're running on registry.
2130 bool lp_config_backend_is_registry(void)
2132 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2136 * Utility function to check if the config backend is FILE.
2138 bool lp_config_backend_is_file(void)
2140 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2143 /*******************************************************************
2144 Check if a config file has changed date.
2145 ********************************************************************/
2147 bool lp_file_list_changed(void)
2149 struct file_lists *f = file_lists;
2151 DEBUG(6, ("lp_file_list_changed()\n"));
2154 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2155 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2157 if (conf_ctx == NULL) {
2160 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2163 DEBUGADD(6, ("registry config changed\n"));
2170 n2 = talloc_sub_basic(talloc_tos(),
2171 get_current_username(),
2172 current_user_info.domain,
2177 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2178 f->name, n2, ctime(&f->modtime)));
2180 mod_time = file_modtime(n2);
2183 ((f->modtime != mod_time) ||
2184 (f->subfname == NULL) ||
2185 (strcmp(n2, f->subfname) != 0)))
2188 ("file %s modified: %s\n", n2,
2190 f->modtime = mod_time;
2191 TALLOC_FREE(f->subfname);
2192 f->subfname = talloc_strdup(f, n2);
2193 if (f->subfname == NULL) {
2194 smb_panic("talloc_strdup failed");
2208 * Initialize iconv conversion descriptors.
2210 * This is called the first time it is needed, and also called again
2211 * every time the configuration is reloaded, because the charset or
2212 * codepage might have changed.
2214 static void init_iconv(void)
2216 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2218 true, global_iconv_handle);
2221 /***************************************************************************
2222 Handle the include operation.
2223 ***************************************************************************/
2224 static bool bAllowIncludeRegistry = true;
2226 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2227 const char *pszParmValue, char **ptr)
2231 if (include_depth >= MAX_INCLUDE_DEPTH) {
2232 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2237 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2238 if (!bAllowIncludeRegistry) {
2241 if (lp_ctx->bInGlobalSection) {
2244 ret = process_registry_globals();
2248 DEBUG(1, ("\"include = registry\" only effective "
2249 "in %s section\n", GLOBAL_NAME));
2254 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2255 current_user_info.domain,
2258 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2260 if (service == NULL) {
2261 string_set(Globals.ctx, ptr, fname);
2263 string_set(service, ptr, fname);
2266 if (file_exist(fname)) {
2269 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2275 DEBUG(2, ("Can't find include file %s\n", fname));
2280 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2282 char *config_option = NULL;
2283 const char *range = NULL;
2286 SMB_ASSERT(low != NULL);
2287 SMB_ASSERT(high != NULL);
2289 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2293 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2295 if (config_option == NULL) {
2296 DEBUG(0, ("out of memory\n"));
2300 range = lp_parm_const_string(-1, config_option, "range", NULL);
2301 if (range == NULL) {
2302 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2306 if (sscanf(range, "%u - %u", low, high) != 2) {
2307 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2308 range, domain_name));
2315 talloc_free(config_option);
2320 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2322 return lp_idmap_range("*", low, high);
2325 const char *lp_idmap_backend(const char *domain_name)
2327 char *config_option = NULL;
2328 const char *backend = NULL;
2330 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2334 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2336 if (config_option == NULL) {
2337 DEBUG(0, ("out of memory\n"));
2341 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2342 if (backend == NULL) {
2343 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2348 talloc_free(config_option);
2352 const char *lp_idmap_default_backend(void)
2354 return lp_idmap_backend("*");
2357 /***************************************************************************
2358 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2359 ***************************************************************************/
2361 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2363 const char *suffix_string;
2365 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2366 Globals.ldap_suffix );
2367 if ( !suffix_string ) {
2368 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2372 return suffix_string;
2375 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2377 if (Globals.szLdapMachineSuffix[0])
2378 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2380 return lp_string(ctx, Globals.ldap_suffix);
2383 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2385 if (Globals.szLdapUserSuffix[0])
2386 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
2388 return lp_string(ctx, Globals.ldap_suffix);
2391 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2393 if (Globals.szLdapGroupSuffix[0])
2394 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
2396 return lp_string(ctx, Globals.ldap_suffix);
2399 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2401 if (Globals.szLdapIdmapSuffix[0])
2402 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
2404 return lp_string(ctx, Globals.ldap_suffix);
2408 return the parameter pointer for a parameter
2410 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2412 if (service == NULL) {
2413 if (parm->p_class == P_LOCAL)
2414 return (void *)(((char *)&sDefault)+parm->offset);
2415 else if (parm->p_class == P_GLOBAL)
2416 return (void *)(((char *)&Globals)+parm->offset);
2419 return (void *)(((char *)service) + parm->offset);
2423 /***************************************************************************
2424 Process a parameter for a particular service number. If snum < 0
2425 then assume we are in the globals.
2426 ***************************************************************************/
2428 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2430 TALLOC_CTX *frame = talloc_stackframe();
2431 struct loadparm_context *lp_ctx;
2434 lp_ctx = setup_lp_context(frame);
2435 if (lp_ctx == NULL) {
2441 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2443 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2444 pszParmName, pszParmValue);
2452 /***************************************************************************
2453 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2454 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2455 ***************************************************************************/
2457 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2460 parmnum = lpcfg_map_parameter(pszParmName);
2462 flags_list[parmnum] &= ~FLAG_CMDLINE;
2463 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2466 flags_list[parmnum] |= FLAG_CMDLINE;
2468 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2469 * be grouped in the table, so we don't have to search the
2472 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2473 && parm_table[i].p_class == parm_table[parmnum].p_class;
2475 flags_list[i] |= FLAG_CMDLINE;
2477 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2478 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2479 flags_list[i] |= FLAG_CMDLINE;
2485 /* it might be parametric */
2486 if (strchr(pszParmName, ':') != NULL) {
2487 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2491 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2495 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2498 TALLOC_CTX *frame = talloc_stackframe();
2499 struct loadparm_context *lp_ctx;
2501 lp_ctx = setup_lp_context(frame);
2502 if (lp_ctx == NULL) {
2507 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2513 /***************************************************************************
2514 Process a parameter.
2515 ***************************************************************************/
2517 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2520 if (!bInGlobalSection && bGlobalOnly)
2523 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2525 if (bInGlobalSection) {
2526 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2528 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2529 pszParmName, pszParmValue);
2533 /***************************************************************************
2534 Initialize any local variables in the sDefault table, after parsing a
2536 ***************************************************************************/
2538 static void init_locals(void)
2541 * We run this check once the [globals] is parsed, to force
2542 * the VFS objects and other per-share settings we need for
2543 * the standard way a AD DC is operated. We may change these
2544 * as our code evolves, which is why we force these settings.
2546 * We can't do this at the end of lp_load_ex(), as by that
2547 * point the services have been loaded and they will already
2548 * have "" as their vfs objects.
2550 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2551 const char **vfs_objects = lp_vfs_objects(-1);
2552 if (!vfs_objects || !vfs_objects[0]) {
2553 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2554 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2555 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2556 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2558 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2562 lp_do_parameter(-1, "map hidden", "no");
2563 lp_do_parameter(-1, "map system", "no");
2564 lp_do_parameter(-1, "map readonly", "no");
2565 lp_do_parameter(-1, "map archive", "no");
2566 lp_do_parameter(-1, "store dos attributes", "yes");
2570 /***************************************************************************
2571 Process a new section (service). At this stage all sections are services.
2572 Later we'll have special sections that permit server parameters to be set.
2573 Returns true on success, false on failure.
2574 ***************************************************************************/
2576 bool lp_do_section(const char *pszSectionName, void *userdata)
2578 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2580 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2581 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2584 /* if we were in a global section then do the local inits */
2585 if (bInGlobalSection && !isglobal)
2588 /* if we've just struck a global section, note the fact. */
2589 bInGlobalSection = isglobal;
2590 if (lp_ctx != NULL) {
2591 lp_ctx->bInGlobalSection = isglobal;
2594 /* check for multiple global sections */
2595 if (bInGlobalSection) {
2596 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2600 if (!bInGlobalSection && bGlobalOnly)
2603 /* if we have a current service, tidy it up before moving on */
2606 if (iServiceIndex >= 0)
2607 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2609 /* if all is still well, move to the next record in the services array */
2611 /* We put this here to avoid an odd message order if messages are */
2612 /* issued by the post-processing of a previous section. */
2613 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2615 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2616 if (iServiceIndex < 0) {
2617 DEBUG(0, ("Failed to add a new service\n"));
2620 /* Clean all parametric options for service */
2621 /* They will be added during parsing again */
2622 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2628 /***************************************************************************
2629 Display the contents of a parameter of a single services record.
2630 ***************************************************************************/
2632 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2634 bool result = false;
2635 struct loadparm_context *lp_ctx;
2637 lp_ctx = setup_lp_context(talloc_tos());
2638 if (lp_ctx == NULL) {
2643 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2645 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2647 TALLOC_FREE(lp_ctx);
2652 /***************************************************************************
2653 Display the contents of a single copy structure.
2654 ***************************************************************************/
2655 static void dump_copy_map(bool *pcopymap)
2661 printf("\n\tNon-Copied parameters:\n");
2663 for (i = 0; parm_table[i].label; i++)
2664 if (parm_table[i].p_class == P_LOCAL &&
2665 parm_table[i].ptr && !pcopymap[i] &&
2666 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2668 printf("\t\t%s\n", parm_table[i].label);
2673 /***************************************************************************
2674 Return TRUE if the passed service number is within range.
2675 ***************************************************************************/
2677 bool lp_snum_ok(int iService)
2679 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
2682 /***************************************************************************
2683 Auto-load some home services.
2684 ***************************************************************************/
2686 static void lp_add_auto_services(char *str)
2696 s = talloc_strdup(talloc_tos(), str);
2698 smb_panic("talloc_strdup failed");
2702 homes = lp_servicenumber(HOMES_NAME);
2704 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2705 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2708 if (lp_servicenumber(p) >= 0)
2711 home = get_user_home_dir(talloc_tos(), p);
2713 if (home && home[0] && homes >= 0)
2714 lp_add_home(p, homes, p, home);
2721 /***************************************************************************
2722 Auto-load one printer.
2723 ***************************************************************************/
2725 void lp_add_one_printer(const char *name, const char *comment,
2726 const char *location, void *pdata)
2728 int printers = lp_servicenumber(PRINTERS_NAME);
2731 if (lp_servicenumber(name) < 0) {
2732 lp_add_printer(name, printers);
2733 if ((i = lp_servicenumber(name)) >= 0) {
2734 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
2735 ServicePtrs[i]->autoloaded = true;
2740 /***************************************************************************
2741 Have we loaded a services file yet?
2742 ***************************************************************************/
2744 bool lp_loaded(void)
2749 /***************************************************************************
2750 Unload unused services.
2751 ***************************************************************************/
2753 void lp_killunused(struct smbd_server_connection *sconn,
2754 bool (*snumused) (struct smbd_server_connection *, int))
2757 for (i = 0; i < iNumServices; i++) {
2761 /* don't kill autoloaded or usershare services */
2762 if ( ServicePtrs[i]->autoloaded ||
2763 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2767 if (!snumused || !snumused(sconn, i)) {
2768 free_service_byindex(i);
2774 * Kill all except autoloaded and usershare services - convenience wrapper
2776 void lp_kill_all_services(void)
2778 lp_killunused(NULL, NULL);
2781 /***************************************************************************
2783 ***************************************************************************/
2785 void lp_killservice(int iServiceIn)
2787 if (VALID(iServiceIn)) {
2788 free_service_byindex(iServiceIn);
2792 /***************************************************************************
2793 Save the curent values of all global and sDefault parameters into the
2794 defaults union. This allows testparm to show only the
2795 changed (ie. non-default) parameters.
2796 ***************************************************************************/
2798 static void lp_save_defaults(void)
2801 struct parmlist_entry * parm;
2802 for (i = 0; parm_table[i].label; i++) {
2803 if (!(flags_list[i] & FLAG_CMDLINE)) {
2804 flags_list[i] |= FLAG_DEFAULT;
2807 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2808 && parm_table[i].p_class == parm_table[i - 1].p_class)
2810 switch (parm_table[i].type) {
2813 parm_table[i].def.lvalue = str_list_copy(
2814 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2818 parm_table[i].def.svalue = talloc_strdup(Globals.ctx, *(char **)lp_parm_ptr(NULL, &parm_table[i]));
2819 if (parm_table[i].def.svalue == NULL) {
2820 smb_panic("talloc_strdup failed");
2825 parm_table[i].def.bvalue =
2826 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2829 parm_table[i].def.cvalue =
2830 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2836 parm_table[i].def.ivalue =
2837 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2844 for (parm=Globals.param_opt; parm; parm=parm->next) {
2845 if (!(parm->priority & FLAG_CMDLINE)) {
2846 parm->priority |= FLAG_DEFAULT;
2850 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2851 if (!(parm->priority & FLAG_CMDLINE)) {
2852 parm->priority |= FLAG_DEFAULT;
2856 defaults_saved = true;
2859 /***********************************************************
2860 If we should send plaintext/LANMAN passwords in the clinet
2861 ************************************************************/
2863 static void set_allowed_client_auth(void)
2865 if (Globals.client_ntlmv2_auth) {
2866 Globals.client_lanman_auth = false;
2868 if (!Globals.client_lanman_auth) {
2869 Globals.client_plaintext_auth = false;
2873 /***************************************************************************
2875 The following code allows smbd to read a user defined share file.
2876 Yes, this is my intent. Yes, I'm comfortable with that...
2878 THE FOLLOWING IS SECURITY CRITICAL CODE.
2880 It washes your clothes, it cleans your house, it guards you while you sleep...
2881 Do not f%^k with it....
2882 ***************************************************************************/
2884 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2886 /***************************************************************************
2887 Check allowed stat state of a usershare file.
2888 Ensure we print out who is dicking with us so the admin can
2889 get their sorry ass fired.
2890 ***************************************************************************/
2892 static bool check_usershare_stat(const char *fname,
2893 const SMB_STRUCT_STAT *psbuf)
2895 if (!S_ISREG(psbuf->st_ex_mode)) {
2896 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2897 "not a regular file\n",
2898 fname, (unsigned int)psbuf->st_ex_uid ));
2902 /* Ensure this doesn't have the other write bit set. */
2903 if (psbuf->st_ex_mode & S_IWOTH) {
2904 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2905 "public write. Refusing to allow as a usershare file.\n",
2906 fname, (unsigned int)psbuf->st_ex_uid ));
2910 /* Should be 10k or less. */
2911 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2912 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2913 "too large (%u) to be a user share file.\n",
2914 fname, (unsigned int)psbuf->st_ex_uid,
2915 (unsigned int)psbuf->st_ex_size ));
2922 /***************************************************************************
2923 Parse the contents of a usershare file.
2924 ***************************************************************************/
2926 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
2927 SMB_STRUCT_STAT *psbuf,
2928 const char *servicename,
2932 char **pp_sharepath,
2934 char **pp_cp_servicename,
2935 struct security_descriptor **ppsd,
2938 const char **prefixallowlist = lp_usershare_prefix_allow_list();
2939 const char **prefixdenylist = lp_usershare_prefix_deny_list();
2942 SMB_STRUCT_STAT sbuf;
2943 char *sharepath = NULL;
2944 char *comment = NULL;
2946 *pp_sharepath = NULL;
2949 *pallow_guest = false;
2952 return USERSHARE_MALFORMED_FILE;
2955 if (strcmp(lines[0], "#VERSION 1") == 0) {
2957 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
2960 return USERSHARE_MALFORMED_FILE;
2963 return USERSHARE_BAD_VERSION;
2966 if (strncmp(lines[1], "path=", 5) != 0) {
2967 return USERSHARE_MALFORMED_PATH;
2970 sharepath = talloc_strdup(ctx, &lines[1][5]);
2972 return USERSHARE_POSIX_ERR;
2974 trim_string(sharepath, " ", " ");
2976 if (strncmp(lines[2], "comment=", 8) != 0) {
2977 return USERSHARE_MALFORMED_COMMENT_DEF;
2980 comment = talloc_strdup(ctx, &lines[2][8]);
2982 return USERSHARE_POSIX_ERR;
2984 trim_string(comment, " ", " ");
2985 trim_char(comment, '"', '"');
2987 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
2988 return USERSHARE_MALFORMED_ACL_DEF;
2991 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
2992 return USERSHARE_ACL_ERR;
2996 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
2997 return USERSHARE_MALFORMED_ACL_DEF;
2999 if (lines[4][9] == 'y') {
3000 *pallow_guest = true;
3003 /* Backwards compatible extension to file version #2. */
3005 if (strncmp(lines[5], "sharename=", 10) != 0) {
3006 return USERSHARE_MALFORMED_SHARENAME_DEF;
3008 if (!strequal(&lines[5][10], servicename)) {
3009 return USERSHARE_BAD_SHARENAME;
3011 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3012 if (!*pp_cp_servicename) {
3013 return USERSHARE_POSIX_ERR;
3018 if (*pp_cp_servicename == NULL) {
3019 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3020 if (!*pp_cp_servicename) {
3021 return USERSHARE_POSIX_ERR;
3025 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3026 /* Path didn't change, no checks needed. */
3027 *pp_sharepath = sharepath;
3028 *pp_comment = comment;
3029 return USERSHARE_OK;
3032 /* The path *must* be absolute. */
3033 if (sharepath[0] != '/') {
3034 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3035 servicename, sharepath));
3036 return USERSHARE_PATH_NOT_ABSOLUTE;
3039 /* If there is a usershare prefix deny list ensure one of these paths
3040 doesn't match the start of the user given path. */
3041 if (prefixdenylist) {
3043 for ( i=0; prefixdenylist[i]; i++ ) {
3044 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3045 servicename, i, prefixdenylist[i], sharepath ));
3046 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3047 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3048 "usershare prefix deny list entries.\n",
3049 servicename, sharepath));
3050 return USERSHARE_PATH_IS_DENIED;
3055 /* If there is a usershare prefix allow list ensure one of these paths
3056 does match the start of the user given path. */
3058 if (prefixallowlist) {
3060 for ( i=0; prefixallowlist[i]; i++ ) {
3061 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3062 servicename, i, prefixallowlist[i], sharepath ));
3063 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3067 if (prefixallowlist[i] == NULL) {
3068 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3069 "usershare prefix allow list entries.\n",
3070 servicename, sharepath));
3071 return USERSHARE_PATH_NOT_ALLOWED;
3075 /* Ensure this is pointing to a directory. */
3076 dp = opendir(sharepath);
3079 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3080 servicename, sharepath));
3081 return USERSHARE_PATH_NOT_DIRECTORY;
3084 /* Ensure the owner of the usershare file has permission to share
3087 if (sys_stat(sharepath, &sbuf, false) == -1) {
3088 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3089 servicename, sharepath, strerror(errno) ));
3091 return USERSHARE_POSIX_ERR;
3096 if (!S_ISDIR(sbuf.st_ex_mode)) {
3097 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3098 servicename, sharepath ));
3099 return USERSHARE_PATH_NOT_DIRECTORY;
3102 /* Check if sharing is restricted to owner-only. */
3103 /* psbuf is the stat of the usershare definition file,
3104 sbuf is the stat of the target directory to be shared. */
3106 if (lp_usershare_owner_only()) {
3107 /* root can share anything. */
3108 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3109 return USERSHARE_PATH_NOT_ALLOWED;
3113 *pp_sharepath = sharepath;
3114 *pp_comment = comment;
3115 return USERSHARE_OK;
3118 /***************************************************************************
3119 Deal with a usershare file.
3122 -1 - Bad name, invalid contents.
3123 - service name already existed and not a usershare, problem
3124 with permissions to share directory etc.
3125 ***************************************************************************/
3127 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3129 SMB_STRUCT_STAT sbuf;
3130 SMB_STRUCT_STAT lsbuf;
3132 char *sharepath = NULL;
3133 char *comment = NULL;
3134 char *cp_service_name = NULL;
3135 char **lines = NULL;
3139 TALLOC_CTX *ctx = talloc_stackframe();
3140 struct security_descriptor *psd = NULL;
3141 bool guest_ok = false;
3142 char *canon_name = NULL;
3143 bool added_service = false;
3146 /* Ensure share name doesn't contain invalid characters. */
3147 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3148 DEBUG(0,("process_usershare_file: share name %s contains "
3149 "invalid characters (any of %s)\n",
3150 file_name, INVALID_SHARENAME_CHARS ));
3154 canon_name = canonicalize_servicename(ctx, file_name);
3159 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3164 /* Minimize the race condition by doing an lstat before we
3165 open and fstat. Ensure this isn't a symlink link. */
3167 if (sys_lstat(fname, &lsbuf, false) != 0) {
3168 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3169 fname, strerror(errno) ));
3173 /* This must be a regular file, not a symlink, directory or
3174 other strange filetype. */
3175 if (!check_usershare_stat(fname, &lsbuf)) {
3183 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3188 if (NT_STATUS_IS_OK(status) &&
3189 (data.dptr != NULL) &&
3190 (data.dsize == sizeof(iService))) {
3191 memcpy(&iService, data.dptr, sizeof(iService));
3195 if (iService != -1 &&
3196 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3197 &lsbuf.st_ex_mtime) == 0) {
3198 /* Nothing changed - Mark valid and return. */
3199 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3201 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3206 /* Try and open the file read only - no symlinks allowed. */
3208 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3210 fd = open(fname, O_RDONLY, 0);
3214 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3215 fname, strerror(errno) ));
3219 /* Now fstat to be *SURE* it's a regular file. */
3220 if (sys_fstat(fd, &sbuf, false) != 0) {
3222 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3223 fname, strerror(errno) ));
3227 /* Is it the same dev/inode as was lstated ? */
3228 if (!check_same_stat(&lsbuf, &sbuf)) {
3230 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3231 "Symlink spoofing going on ?\n", fname ));
3235 /* This must be a regular file, not a symlink, directory or
3236 other strange filetype. */
3237 if (!check_usershare_stat(fname, &sbuf)) {
3242 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3245 if (lines == NULL) {
3246 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3247 fname, (unsigned int)sbuf.st_ex_uid ));
3251 if (parse_usershare_file(ctx, &sbuf, file_name,
3252 iService, lines, numlines, &sharepath,
3253 &comment, &cp_service_name,
3254 &psd, &guest_ok) != USERSHARE_OK) {
3258 /* Everything ok - add the service possibly using a template. */
3260 const struct loadparm_service *sp = &sDefault;
3261 if (snum_template != -1) {
3262 sp = ServicePtrs[snum_template];
3265 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3266 DEBUG(0, ("process_usershare_file: Failed to add "
3267 "new service %s\n", cp_service_name));
3271 added_service = true;
3273 /* Read only is controlled by usershare ACL below. */
3274 ServicePtrs[iService]->read_only = false;
3277 /* Write the ACL of the new/modified share. */
3278 if (!set_share_security(canon_name, psd)) {
3279 DEBUG(0, ("process_usershare_file: Failed to set share "
3280 "security for user share %s\n",
3285 /* If from a template it may be marked invalid. */
3286 ServicePtrs[iService]->valid = true;
3288 /* Set the service as a valid usershare. */
3289 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3291 /* Set guest access. */
3292 if (lp_usershare_allow_guests()) {
3293 ServicePtrs[iService]->guest_ok = guest_ok;
3296 /* And note when it was loaded. */
3297 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3298 string_set(ServicePtrs[iService], &ServicePtrs[iService]->path, sharepath);
3299 string_set(ServicePtrs[iService], &ServicePtrs[iService]->comment, comment);
3305 if (ret == -1 && iService != -1 && added_service) {
3306 lp_remove_service(iService);
3314 /***************************************************************************
3315 Checks if a usershare entry has been modified since last load.
3316 ***************************************************************************/
3318 static bool usershare_exists(int iService, struct timespec *last_mod)
3320 SMB_STRUCT_STAT lsbuf;
3321 const char *usersharepath = Globals.usershare_path;
3324 fname = talloc_asprintf(talloc_tos(),
3327 ServicePtrs[iService]->szService);
3328 if (fname == NULL) {
3332 if (sys_lstat(fname, &lsbuf, false) != 0) {
3337 if (!S_ISREG(lsbuf.st_ex_mode)) {
3343 *last_mod = lsbuf.st_ex_mtime;
3347 /***************************************************************************
3348 Load a usershare service by name. Returns a valid servicenumber or -1.
3349 ***************************************************************************/
3351 int load_usershare_service(const char *servicename)
3353 SMB_STRUCT_STAT sbuf;
3354 const char *usersharepath = Globals.usershare_path;
3355 int max_user_shares = Globals.usershare_max_shares;
3356 int snum_template = -1;
3358 if (*usersharepath == 0 || max_user_shares == 0) {
3362 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3363 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3364 usersharepath, strerror(errno) ));
3368 if (!S_ISDIR(sbuf.st_ex_mode)) {
3369 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3375 * This directory must be owned by root, and have the 't' bit set.
3376 * It also must not be writable by "other".
3380 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3382 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3384 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3385 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3390 /* Ensure the template share exists if it's set. */
3391 if (Globals.usershare_template_share[0]) {
3392 /* We can't use lp_servicenumber here as we are recommending that
3393 template shares have -valid=false set. */
3394 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3395 if (ServicePtrs[snum_template]->szService &&
3396 strequal(ServicePtrs[snum_template]->szService,
3397 Globals.usershare_template_share)) {
3402 if (snum_template == -1) {
3403 DEBUG(0,("load_usershare_service: usershare template share %s "
3404 "does not exist.\n",
3405 Globals.usershare_template_share ));
3410 return process_usershare_file(usersharepath, servicename, snum_template);
3413 /***************************************************************************
3414 Load all user defined shares from the user share directory.
3415 We only do this if we're enumerating the share list.
3416 This is the function that can delete usershares that have
3418 ***************************************************************************/
3420 int load_usershare_shares(struct smbd_server_connection *sconn,
3421 bool (*snumused) (struct smbd_server_connection *, int))
3424 SMB_STRUCT_STAT sbuf;
3426 int num_usershares = 0;
3427 int max_user_shares = Globals.usershare_max_shares;
3428 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3429 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3430 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3432 int snum_template = -1;
3433 const char *usersharepath = Globals.usershare_path;
3434 int ret = lp_numservices();
3435 TALLOC_CTX *tmp_ctx;
3437 if (max_user_shares == 0 || *usersharepath == '\0') {
3438 return lp_numservices();
3441 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3442 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3443 usersharepath, strerror(errno) ));
3448 * This directory must be owned by root, and have the 't' bit set.
3449 * It also must not be writable by "other".
3453 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3455 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3457 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3458 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3463 /* Ensure the template share exists if it's set. */
3464 if (Globals.usershare_template_share[0]) {
3465 /* We can't use lp_servicenumber here as we are recommending that
3466 template shares have -valid=false set. */
3467 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3468 if (ServicePtrs[snum_template]->szService &&
3469 strequal(ServicePtrs[snum_template]->szService,
3470 Globals.usershare_template_share)) {
3475 if (snum_template == -1) {
3476 DEBUG(0,("load_usershare_shares: usershare template share %s "
3477 "does not exist.\n",
3478 Globals.usershare_template_share ));
3483 /* Mark all existing usershares as pending delete. */
3484 for (iService = iNumServices - 1; iService >= 0; iService--) {
3485 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3486 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3490 dp = opendir(usersharepath);
3492 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3493 usersharepath, strerror(errno) ));
3497 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3499 num_dir_entries++ ) {
3501 const char *n = de->d_name;
3503 /* Ignore . and .. */
3505 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3511 /* Temporary file used when creating a share. */
3512 num_tmp_dir_entries++;
3515 /* Allow 20% tmp entries. */
3516 if (num_tmp_dir_entries > allowed_tmp_entries) {
3517 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3518 "in directory %s\n",
3519 num_tmp_dir_entries, usersharepath));
3523 r = process_usershare_file(usersharepath, n, snum_template);
3525 /* Update the services count. */
3527 if (num_usershares >= max_user_shares) {
3528 DEBUG(0,("load_usershare_shares: max user shares reached "
3529 "on file %s in directory %s\n",
3530 n, usersharepath ));
3533 } else if (r == -1) {
3534 num_bad_dir_entries++;
3537 /* Allow 20% bad entries. */
3538 if (num_bad_dir_entries > allowed_bad_entries) {
3539 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3540 "in directory %s\n",
3541 num_bad_dir_entries, usersharepath));
3545 /* Allow 20% bad entries. */
3546 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3547 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3548 "in directory %s\n",
3549 num_dir_entries, usersharepath));
3556 /* Sweep through and delete any non-refreshed usershares that are
3557 not currently in use. */
3558 tmp_ctx = talloc_stackframe();
3559 for (iService = iNumServices - 1; iService >= 0; iService--) {
3560 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3563 if (snumused && snumused(sconn, iService)) {
3567 servname = lp_servicename(tmp_ctx, iService);
3569 /* Remove from the share ACL db. */
3570 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3572 delete_share_security(servname);
3573 free_service_byindex(iService);
3576 talloc_free(tmp_ctx);
3578 return lp_numservices();
3581 /********************************************************
3582 Destroy global resources allocated in this file
3583 ********************************************************/
3585 void gfree_loadparm(void)
3591 /* Free resources allocated to services */
3593 for ( i = 0; i < iNumServices; i++ ) {
3595 free_service_byindex(i);
3599 TALLOC_FREE( ServicePtrs );
3602 /* Now release all resources allocated to global
3603 parameters and the default service */
3605 free_global_parameters();
3609 /***************************************************************************
3610 Allow client apps to specify that they are a client
3611 ***************************************************************************/
3612 static void lp_set_in_client(bool b)
3618 /***************************************************************************
3619 Determine if we're running in a client app
3620 ***************************************************************************/
3621 static bool lp_is_in_client(void)
3626 /***************************************************************************
3627 Load the services array from the services file. Return true on success,
3629 ***************************************************************************/
3631 static bool lp_load_ex(const char *pszFname,
3635 bool initialize_globals,
3636 bool allow_include_registry,
3637 bool load_all_shares)
3641 TALLOC_CTX *frame = talloc_stackframe();
3642 struct loadparm_context *lp_ctx;
3646 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3648 bInGlobalSection = true;
3649 bGlobalOnly = global_only;
3650 bAllowIncludeRegistry = allow_include_registry;
3652 lp_ctx = setup_lp_context(talloc_tos());
3654 init_globals(lp_ctx, initialize_globals);
3658 if (save_defaults) {
3663 if (!initialize_globals) {
3664 free_param_opts(&Globals.param_opt);
3665 apply_lp_set_cmdline();
3668 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
3670 /* We get sections first, so have to start 'behind' to make up */
3673 if (lp_config_backend_is_file()) {
3674 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3675 current_user_info.domain,
3678 smb_panic("lp_load_ex: out of memory");
3681 add_to_file_list(NULL, &file_lists, pszFname, n2);
3683 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3686 /* finish up the last section */
3687 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3689 if (iServiceIndex >= 0) {
3690 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3694 if (lp_config_backend_is_registry()) {
3696 /* config backend changed to registry in config file */
3698 * We need to use this extra global variable here to
3699 * survive restart: init_globals uses this as a default
3700 * for config_backend. Otherwise, init_globals would
3701 * send us into an endless loop here.
3704 config_backend = CONFIG_BACKEND_REGISTRY;
3706 DEBUG(1, ("lp_load_ex: changing to config backend "
3708 init_globals(lp_ctx, true);
3710 TALLOC_FREE(lp_ctx);
3712 lp_kill_all_services();
3713 ok = lp_load_ex(pszFname, global_only, save_defaults,
3714 add_ipc, initialize_globals,
3715 allow_include_registry,
3720 } else if (lp_config_backend_is_registry()) {
3721 bRetval = process_registry_globals();
3723 DEBUG(0, ("Illegal config backend given: %d\n",
3724 lp_config_backend()));
3728 if (bRetval && lp_registry_shares()) {
3729 if (load_all_shares) {
3730 bRetval = process_registry_shares();
3732 bRetval = reload_registry_shares();
3737 char *serv = lp_auto_services(talloc_tos());
3738 lp_add_auto_services(serv);
3743 /* When 'restrict anonymous = 2' guest connections to ipc$
3745 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3746 if ( lp_enable_asu_support() ) {
3747 lp_add_ipc("ADMIN$", false);
3751 set_allowed_client_auth();
3753 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3754 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3755 lp_password_server()));
3760 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3761 /* if we_are_a_wins_server is true and we are in the client */
3762 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3763 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3768 fault_configure(smb_panic_s3);
3771 * We run this check once the whole smb.conf is parsed, to
3772 * force some settings for the standard way a AD DC is
3773 * operated. We may changed these as our code evolves, which
3774 * is why we force these settings.
3776 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3777 lp_do_parameter(-1, "passdb backend", "samba_dsdb");
3779 lp_do_parameter(-1, "winbindd:use external pipes", "true");
3781 lp_do_parameter(-1, "rpc_server:default", "external");
3782 lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
3783 lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
3784 lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
3785 lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
3786 lp_do_parameter(-1, "rpc_server:winreg", "embedded");
3787 lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
3788 lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
3789 lp_do_parameter(-1, "rpc_server:tcpip", "no");
3792 bAllowIncludeRegistry = true;
3798 bool lp_load(const char *pszFname,
3802 bool initialize_globals)
3804 return lp_load_ex(pszFname,
3809 true, /* allow_include_registry */
3810 false); /* load_all_shares*/
3813 bool lp_load_initial_only(const char *pszFname)
3815 return lp_load_ex(pszFname,
3816 true, /* global only */
3817 false, /* save_defaults */
3818 false, /* add_ipc */
3819 true, /* initialize_globals */
3820 false, /* allow_include_registry */
3821 false); /* load_all_shares*/
3825 * most common lp_load wrapper, loading only the globals
3827 bool lp_load_global(const char *file_name)
3829 return lp_load_ex(file_name,
3830 true, /* global_only */
3831 false, /* save_defaults */
3832 false, /* add_ipc */
3833 true, /* initialize_globals */
3834 true, /* allow_include_registry */
3835 false); /* load_all_shares*/
3839 * lp_load wrapper, especially for clients
3841 bool lp_load_client(const char *file_name)
3843 lp_set_in_client(true);
3845 return lp_load_global(file_name);
3849 * lp_load wrapper, loading only globals, but intended
3850 * for subsequent calls, not reinitializing the globals
3853 bool lp_load_global_no_reinit(const char *file_name)
3855 return lp_load_ex(file_name,
3856 true, /* global_only */
3857 false, /* save_defaults */
3858 false, /* add_ipc */
3859 false, /* initialize_globals */
3860 true, /* allow_include_registry */
3861 false); /* load_all_shares*/
3865 * lp_load wrapper, especially for clients, no reinitialization
3867 bool lp_load_client_no_reinit(const char *file_name)
3869 lp_set_in_client(true);
3871 return lp_load_global_no_reinit(file_name);
3874 bool lp_load_with_registry_shares(const char *pszFname,
3878 bool initialize_globals)
3880 return lp_load_ex(pszFname,
3885 true, /* allow_include_registry */
3886 true); /* load_all_shares*/
3889 /***************************************************************************
3890 Return the max number of services.
3891 ***************************************************************************/
3893 int lp_numservices(void)
3895 return (iNumServices);
3898 /***************************************************************************
3899 Display the contents of the services array in human-readable form.
3900 ***************************************************************************/
3902 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
3905 struct loadparm_context *lp_ctx;
3908 defaults_saved = false;
3910 lp_ctx = setup_lp_context(talloc_tos());
3911 if (lp_ctx == NULL) {
3915 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
3917 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
3919 for (iService = 0; iService < maxtoprint; iService++) {
3921 lp_dump_one(f, show_defaults, iService);
3925 /***************************************************************************
3926 Display the contents of one service in human-readable form.
3927 ***************************************************************************/
3929 void lp_dump_one(FILE * f, bool show_defaults, int snum)
3932 if (ServicePtrs[snum]->szService[0] == '\0')
3934 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
3935 flags_list, show_defaults);
3939 /***************************************************************************
3940 Return the number of the service with the given name, or -1 if it doesn't
3941 exist. Note that this is a DIFFERENT ANIMAL from the internal function
3942 getservicebyname()! This works ONLY if all services have been loaded, and
3943 does not copy the found service.
3944 ***************************************************************************/
3946 int lp_servicenumber(const char *pszServiceName)
3949 fstring serviceName;
3951 if (!pszServiceName) {
3952 return GLOBAL_SECTION_SNUM;
3955 for (iService = iNumServices - 1; iService >= 0; iService--) {
3956 if (VALID(iService) && ServicePtrs[iService]->szService) {
3958 * The substitution here is used to support %U in
3961 fstrcpy(serviceName, ServicePtrs[iService]->szService);
3962 standard_sub_basic(get_current_username(),
3963 current_user_info.domain,
3964 serviceName,sizeof(serviceName));
3965 if (strequal(serviceName, pszServiceName)) {
3971 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
3972 struct timespec last_mod;
3974 if (!usershare_exists(iService, &last_mod)) {
3975 /* Remove the share security tdb entry for it. */
3976 delete_share_security(lp_servicename(talloc_tos(), iService));
3977 /* Remove it from the array. */
3978 free_service_byindex(iService);
3979 /* Doesn't exist anymore. */
3980 return GLOBAL_SECTION_SNUM;
3983 /* Has it been modified ? If so delete and reload. */
3984 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3986 /* Remove it from the array. */
3987 free_service_byindex(iService);
3988 /* and now reload it. */
3989 iService = load_usershare_service(pszServiceName);
3994 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
3995 return GLOBAL_SECTION_SNUM;
4001 /*******************************************************************
4002 A useful volume label function.
4003 ********************************************************************/
4005 const char *volume_label(TALLOC_CTX *ctx, int snum)
4008 const char *label = lp_volume(ctx, snum);
4010 label = lp_servicename(ctx, snum);
4013 /* This returns a 33 byte guarenteed null terminated string. */
4014 ret = talloc_strndup(ctx, label, 32);
4021 /*******************************************************************
4022 Get the default server type we will announce as via nmbd.
4023 ********************************************************************/
4025 int lp_default_server_announce(void)
4027 int default_server_announce = 0;
4028 default_server_announce |= SV_TYPE_WORKSTATION;
4029 default_server_announce |= SV_TYPE_SERVER;
4030 default_server_announce |= SV_TYPE_SERVER_UNIX;
4032 /* note that the flag should be set only if we have a
4033 printer service but nmbd doesn't actually load the
4034 services so we can't tell --jerry */
4036 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4038 default_server_announce |= SV_TYPE_SERVER_NT;
4039 default_server_announce |= SV_TYPE_NT;
4041 switch (lp_server_role()) {
4042 case ROLE_DOMAIN_MEMBER:
4043 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4045 case ROLE_DOMAIN_PDC:
4046 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4048 case ROLE_DOMAIN_BDC:
4049 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4051 case ROLE_STANDALONE:
4055 if (lp_time_server())
4056 default_server_announce |= SV_TYPE_TIME_SOURCE;
4058 if (lp_host_msdfs())
4059 default_server_announce |= SV_TYPE_DFS_SERVER;
4061 return default_server_announce;
4064 /***********************************************************
4065 If we are PDC then prefer us as DMB
4066 ************************************************************/
4068 bool lp_domain_master(void)
4070 if (Globals._domain_master == Auto)
4071 return (lp_server_role() == ROLE_DOMAIN_PDC);
4073 return (bool)Globals._domain_master;
4076 /***********************************************************
4077 If we are PDC then prefer us as DMB
4078 ************************************************************/
4080 static bool lp_domain_master_true_or_auto(void)
4082 if (Globals._domain_master) /* auto or yes */
4088 /***********************************************************
4089 If we are DMB then prefer us as LMB
4090 ************************************************************/
4092 bool lp_preferred_master(void)
4094 if (Globals.iPreferredMaster == Auto)
4095 return (lp_local_master() && lp_domain_master());
4097 return (bool)Globals.iPreferredMaster;
4100 /*******************************************************************
4102 ********************************************************************/
4104 void lp_remove_service(int snum)
4106 ServicePtrs[snum]->valid = false;
4109 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4111 const char *ret = lp__printername(ctx, snum);
4112 if (ret == NULL || *ret == '\0') {
4113 ret = lp_const_servicename(snum);
4120 /***********************************************************
4121 Allow daemons such as winbindd to fix their logfile name.
4122 ************************************************************/
4124 void lp_set_logfile(const char *name)
4126 string_set(Globals.ctx, &Globals.logfile, name);
4127 debug_set_logfile(name);
4130 /*******************************************************************
4131 Return the max print jobs per queue.
4132 ********************************************************************/
4134 int lp_maxprintjobs(int snum)
4136 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4137 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4138 maxjobs = PRINT_MAX_JOBID - 1;
4143 const char *lp_printcapname(void)
4145 if ((Globals.szPrintcapname != NULL) &&
4146 (Globals.szPrintcapname[0] != '\0'))
4147 return Globals.szPrintcapname;
4149 if (sDefault.printing == PRINT_CUPS) {
4153 if (sDefault.printing == PRINT_BSD)
4154 return "/etc/printcap";
4156 return PRINTCAP_NAME;
4159 static uint32 spoolss_state;
4161 bool lp_disable_spoolss( void )
4163 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4164 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4166 return spoolss_state == SVCCTL_STOPPED ? true : false;
4169 void lp_set_spoolss_state( uint32 state )
4171 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4173 spoolss_state = state;
4176 uint32 lp_get_spoolss_state( void )
4178 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4181 /*******************************************************************
4182 Ensure we don't use sendfile if server smb signing is active.
4183 ********************************************************************/
4185 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4187 bool sign_active = false;
4189 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4190 if (get_Protocol() < PROTOCOL_NT1) {
4193 if (signing_state) {
4194 sign_active = smb_signing_is_active(signing_state);
4196 return (lp__use_sendfile(snum) &&
4197 (get_remote_arch() != RA_WIN95) &&
4201 /*******************************************************************
4202 Turn off sendfile if we find the underlying OS doesn't support it.
4203 ********************************************************************/
4205 void set_use_sendfile(int snum, bool val)
4207 if (LP_SNUM_OK(snum))
4208 ServicePtrs[snum]->_use_sendfile = val;
4210 sDefault._use_sendfile = val;
4213 /*******************************************************************
4214 Turn off storing DOS attributes if this share doesn't support it.
4215 ********************************************************************/
4217 void set_store_dos_attributes(int snum, bool val)
4219 if (!LP_SNUM_OK(snum))
4221 ServicePtrs[(snum)]->store_dos_attributes = val;
4224 void lp_set_mangling_method(const char *new_method)
4226 string_set(Globals.ctx, &Globals.mangling_method, new_method);
4229 /*******************************************************************
4230 Global state for POSIX pathname processing.
4231 ********************************************************************/
4233 static bool posix_pathnames;
4235 bool lp_posix_pathnames(void)
4237 return posix_pathnames;
4240 /*******************************************************************
4241 Change everything needed to ensure POSIX pathname processing (currently
4243 ********************************************************************/
4245 void lp_set_posix_pathnames(void)
4247 posix_pathnames = true;
4250 /*******************************************************************
4251 Global state for POSIX lock processing - CIFS unix extensions.
4252 ********************************************************************/
4254 bool posix_default_lock_was_set;
4255 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4257 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4259 if (posix_default_lock_was_set) {
4260 return posix_cifsx_locktype;
4262 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
4266 /*******************************************************************
4267 ********************************************************************/
4269 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4271 posix_default_lock_was_set = true;
4272 posix_cifsx_locktype = val;
4275 int lp_min_receive_file_size(void)
4277 if (Globals.iminreceivefile < 0) {
4280 return Globals.iminreceivefile;
4283 /*******************************************************************
4284 Safe wide links checks.
4285 This helper function always verify the validity of wide links,
4286 even after a configuration file reload.
4287 ********************************************************************/
4289 static bool lp_widelinks_internal(int snum)
4291 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4292 sDefault.bWidelinks);
4295 void widelinks_warning(int snum)
4297 if (lp_allow_insecure_wide_links()) {
4301 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4302 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4303 "These parameters are incompatible. "
4304 "Wide links will be disabled for this share.\n",
4305 lp_servicename(talloc_tos(), snum) ));
4309 bool lp_widelinks(int snum)
4311 /* wide links is always incompatible with unix extensions */
4312 if (lp_unix_extensions()) {
4314 * Unless we have "allow insecure widelinks"
4317 if (!lp_allow_insecure_wide_links()) {
4322 return lp_widelinks_internal(snum);
4325 int lp_server_role(void)
4327 return lp_find_server_role(lp__server_role(),
4329 lp__domain_logons(),
4330 lp_domain_master_true_or_auto());
4333 int lp_security(void)
4335 return lp_find_security(lp__server_role(),
4339 int lp_client_max_protocol(void)
4341 int client_max_protocol = lp__client_max_protocol();
4342 if (client_max_protocol == PROTOCOL_DEFAULT) {
4343 return PROTOCOL_NT1;
4345 return client_max_protocol;
4348 int lp_winbindd_max_protocol(void)
4350 int client_max_protocol = lp__client_max_protocol();
4351 if (client_max_protocol == PROTOCOL_DEFAULT) {
4352 return PROTOCOL_LATEST;
4354 return client_max_protocol;
4357 struct loadparm_global * get_globals(void)
4362 unsigned int * get_flags(void)
4364 if (flags_list == NULL) {
4365 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());
git.samba.org / bbaumbach / samba-autobuild / .git / blob