2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
74 #ifdef HAVE_SYS_SYSCTL_H
75 #include <sys/sysctl.h>
78 #ifdef HAVE_HTTPCONNECTENCRYPT
79 #include <cups/http.h>
84 extern userdom_struct current_user_info;
86 /* the special value for the include parameter
87 * to be interpreted not as a file name but to
88 * trigger loading of the global smb.conf options
90 #ifndef INCLUDE_REGISTRY_NAME
91 #define INCLUDE_REGISTRY_NAME "registry"
94 static bool in_client = false; /* Not in the client by default */
95 static struct smbconf_csn conf_last_csn;
97 static int config_backend = CONFIG_BACKEND_FILE;
99 /* some helpful bits */
100 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
101 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
106 static bool defaults_saved = false;
108 #include "lib/param/param_global.h"
110 static struct loadparm_global Globals;
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
118 .usershare_last_mod = {0, 0},
122 .invalid_users = NULL,
129 .root_preexec = NULL,
130 .root_postexec = NULL,
131 .cups_options = NULL,
132 .print_command = NULL,
134 .lprm_command = NULL,
135 .lppause_command = NULL,
136 .lpresume_command = NULL,
137 .queuepause_command = NULL,
138 .queueresume_command = NULL,
139 ._printername = NULL,
140 .printjob_username = NULL,
141 .dont_descend = NULL,
144 .magic_script = NULL,
145 .magic_output = NULL,
148 .veto_oplock_files = NULL,
158 .aio_write_behind = NULL,
159 .dfree_command = NULL,
160 .min_print_space = 0,
161 .iMaxPrintJobs = 1000,
162 .max_reported_print_jobs = 0,
163 .write_cache_size = 0,
165 .force_create_mode = 0,
166 .directory_mask = 0755,
167 .force_directory_mode = 0,
168 .max_connections = 0,
169 .default_case = CASE_LOWER,
170 .printing = DEFAULT_PRINTING,
171 .oplock_contention_limit = 2,
174 .dfree_cache_time = 0,
175 .preexec_close = false,
176 .root_preexec_close = false,
177 .case_sensitive = Auto,
178 .preserve_case = true,
179 .short_preserve_case = true,
180 .hide_dot_files = true,
181 .hide_special_files = false,
182 .hide_unreadable = false,
183 .hide_unwriteable_files = false,
185 .access_based_share_enum = false,
190 .administrative_share = false,
193 .print_notify_backchannel = false,
197 .store_dos_attributes = false,
198 .dmapi_support = false,
200 .strict_locking = Auto,
201 .posix_locking = true,
203 .kernel_oplocks = false,
204 .level2_oplocks = true,
206 .mangled_names = true,
208 .follow_symlinks = true,
209 .sync_always = false,
210 .strict_allocate = false,
211 .strict_rename = false,
212 .strict_sync = false,
213 .mangling_char = '~',
215 .delete_readonly = false,
216 .fake_oplocks = false,
217 .delete_veto_files = false,
218 .dos_filemode = false,
219 .dos_filetimes = true,
220 .dos_filetime_resolution = false,
221 .fake_directory_create_times = false,
222 .blocking_locks = true,
223 .inherit_permissions = false,
224 .inherit_acls = false,
225 .inherit_owner = false,
227 .msdfs_shuffle_referrals = false,
228 .use_client_driver = false,
229 .default_devmode = true,
230 .force_printername = false,
231 .nt_acl_support = true,
232 .force_unknown_acl_user = false,
233 ._use_sendfile = false,
234 .profile_acls = false,
235 .map_acl_inherit = false,
238 .acl_check_permissions = true,
239 .acl_map_full_control = true,
240 .acl_group_control = false,
241 .acl_allow_execute_always = false,
242 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
245 .map_readonly = MAP_READONLY_YES,
246 .directory_name_cache_size = 100,
247 .smb_encrypt = SMB_SIGNING_DEFAULT,
248 .kernel_share_modes = true,
249 .durable_handles = true,
254 /* local variables */
255 static struct loadparm_service **ServicePtrs = NULL;
256 static int iNumServices = 0;
257 static int iServiceIndex = 0;
258 static struct db_context *ServiceHash;
259 static bool bInGlobalSection = true;
260 static bool bGlobalOnly = false;
261 static struct file_lists *file_lists = NULL;
262 static unsigned int *flags_list = NULL;
264 static void set_allowed_client_auth(void);
266 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
267 static void free_param_opts(struct parmlist_entry **popts);
269 /* this is used to prevent lots of mallocs of size 1 */
270 static const char null_string[] = "";
276 static void string_free(char **s)
280 if (*s == null_string)
286 Set a string value, deallocating any existing space, and allocing the space
290 static bool string_set(TALLOC_CTX *mem_ctx, char **dest,const char *src)
298 (*dest) = talloc_strdup(mem_ctx, src);
299 if ((*dest) == NULL) {
300 DEBUG(0,("Out of memory in string_init\n"));
308 * Function to return the default value for the maximum number of open
309 * file descriptors permitted. This function tries to consult the
310 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
311 * the smaller of those.
313 static int max_open_files(void)
315 int sysctl_max = MAX_OPEN_FILES;
316 int rlimit_max = MAX_OPEN_FILES;
318 #ifdef HAVE_SYSCTLBYNAME
320 size_t size = sizeof(sysctl_max);
321 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
326 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
332 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
333 rlimit_max = rl.rlim_cur;
335 #if defined(RLIM_INFINITY)
336 if(rl.rlim_cur == RLIM_INFINITY)
337 rlimit_max = MAX_OPEN_FILES;
342 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
343 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
344 "minimum Windows limit (%d)\n",
346 MIN_OPEN_FILES_WINDOWS));
347 sysctl_max = MIN_OPEN_FILES_WINDOWS;
350 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
351 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
352 "minimum Windows limit (%d)\n",
354 MIN_OPEN_FILES_WINDOWS));
355 rlimit_max = MIN_OPEN_FILES_WINDOWS;
358 return MIN(sysctl_max, rlimit_max);
362 * Common part of freeing allocated data for one parameter.
364 static void free_one_parameter_common(void *parm_ptr,
365 struct parm_struct parm)
367 if ((parm.type == P_STRING) ||
368 (parm.type == P_USTRING))
370 string_free((char**)parm_ptr);
371 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
372 TALLOC_FREE(*((char***)parm_ptr));
377 * Free the allocated data for one parameter for a share
378 * given as a service struct.
380 static void free_one_parameter(struct loadparm_service *service,
381 struct parm_struct parm)
385 if (parm.p_class != P_LOCAL) {
389 parm_ptr = lp_parm_ptr(service, &parm);
391 free_one_parameter_common(parm_ptr, parm);
395 * Free the allocated parameter data of a share given
396 * as a service struct.
398 static void free_parameters(struct loadparm_service *service)
402 for (i=0; parm_table[i].label; i++) {
403 free_one_parameter(service, parm_table[i]);
408 * Free the allocated data for one parameter for a given share
409 * specified by an snum.
411 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
416 parm_ptr = lp_parm_ptr(NULL, &parm);
417 } else if (parm.p_class != P_LOCAL) {
420 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
423 free_one_parameter_common(parm_ptr, parm);
427 * Free the allocated parameter data for a share specified
430 static void free_parameters_by_snum(int snum)
434 for (i=0; parm_table[i].label; i++) {
435 free_one_parameter_by_snum(snum, parm_table[i]);
440 * Free the allocated global parameters.
442 static void free_global_parameters(void)
444 free_param_opts(&Globals.param_opt);
445 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
446 TALLOC_FREE(Globals.ctx);
449 struct lp_stored_option {
450 struct lp_stored_option *prev, *next;
455 static struct lp_stored_option *stored_options;
458 save options set by lp_set_cmdline() into a list. This list is
459 re-applied when we do a globals reset, so that cmdline set options
460 are sticky across reloads of smb.conf
462 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
464 struct lp_stored_option *entry, *entry_next;
465 for (entry = stored_options; entry != NULL; entry = entry_next) {
466 entry_next = entry->next;
467 if (strcmp(pszParmName, entry->label) == 0) {
468 DLIST_REMOVE(stored_options, entry);
474 entry = talloc(NULL, struct lp_stored_option);
479 entry->label = talloc_strdup(entry, pszParmName);
485 entry->value = talloc_strdup(entry, pszParmValue);
491 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
496 static bool apply_lp_set_cmdline(void)
498 struct lp_stored_option *entry = NULL;
499 for (entry = stored_options; entry != NULL; entry = entry->next) {
500 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
501 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
502 entry->label, entry->value));
509 /***************************************************************************
510 Initialise the global parameter structure.
511 ***************************************************************************/
513 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
515 static bool done_init = false;
519 /* If requested to initialize only once and we've already done it... */
520 if (!reinit_globals && done_init) {
521 /* ... then we have nothing more to do */
526 /* The logfile can be set before this is invoked. Free it if so. */
527 if (Globals.logfile != NULL) {
528 string_free(&Globals.logfile);
529 Globals.logfile = NULL;
533 free_global_parameters();
536 /* This memset and the free_global_parameters() above will
537 * wipe out smb.conf options set with lp_set_cmdline(). The
538 * apply_lp_set_cmdline() call puts these values back in the
539 * table once the defaults are set */
540 ZERO_STRUCT(Globals);
542 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
544 /* Initialize the flags list if necessary */
545 if (flags_list == NULL) {
549 for (i = 0; parm_table[i].label; i++) {
550 if ((parm_table[i].type == P_STRING ||
551 parm_table[i].type == P_USTRING))
553 string_set(Globals.ctx, (char **)lp_parm_ptr(NULL, &parm_table[i]), "");
558 string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
559 string_set(Globals.ctx, &sDefault.printjob_username, "%U");
561 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
563 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
565 DEBUG(3, ("Initialising global parameters\n"));
567 /* Must manually force to upper case here, as this does not go via the handler */
568 string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
570 string_set(Globals.ctx, &Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
571 string_set(Globals.ctx, &Globals.private_dir, get_dyn_PRIVATE_DIR());
573 /* use the new 'hash2' method by default, with a prefix of 1 */
574 string_set(Globals.ctx, &Globals.mangling_method, "hash2");
575 Globals.mangle_prefix = 1;
577 string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
579 /* using UTF8 by default allows us to support all chars */
580 string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
582 /* Use codepage 850 as a default for the dos character set */
583 string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
586 * Allow the default PASSWD_CHAT to be overridden in local.h.
588 string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
590 string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
592 string_set(Globals.ctx, &Globals.passwd_program, "");
593 string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
594 string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
595 string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
596 string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
597 string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
599 * By default support explicit binding to broadcast
602 Globals.nmbd_bind_explicit_broadcast = true;
604 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
606 smb_panic("init_globals: ENOMEM");
608 string_set(Globals.ctx, &Globals.server_string, s);
611 string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
614 string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
616 string_set(Globals.ctx, &Globals.logon_drive, "");
617 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
618 string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
619 string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
621 Globals.name_resolve_order = str_list_make_v3_const(NULL, "lmhosts wins host bcast", NULL);
622 string_set(Globals.ctx, &Globals.password_server, "*");
624 Globals.algorithmic_rid_base = BASE_RID;
626 Globals.load_printers = true;
627 Globals.printcap_cache_time = 750; /* 12.5 minutes */
629 Globals.config_backend = config_backend;
630 Globals._server_role = ROLE_AUTO;
632 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
633 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
634 Globals.max_xmit = 0x4104;
635 Globals.max_mux = 50; /* This is *needed* for profile support. */
636 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
637 Globals._disable_spoolss = false;
638 Globals.max_smbd_processes = 0;/* no limit specified */
639 Globals.username_level = 0;
640 Globals.deadtime = 0;
641 Globals.getwd_cache = true;
642 Globals.large_readwrite = true;
643 Globals.max_log_size = 5000;
644 Globals.max_open_files = max_open_files();
645 Globals.server_max_protocol = PROTOCOL_SMB3_11;
646 Globals.server_min_protocol = PROTOCOL_LANMAN1;
647 Globals._client_max_protocol = PROTOCOL_DEFAULT;
648 Globals.client_min_protocol = PROTOCOL_CORE;
649 Globals._security = SEC_AUTO;
650 Globals.encrypt_passwords = true;
651 Globals.client_schannel = Auto;
652 Globals.winbind_sealed_pipes = true;
653 Globals.require_strong_key = true;
654 Globals.server_schannel = Auto;
655 Globals.read_raw = true;
656 Globals.write_raw = true;
657 Globals.null_passwords = false;
658 Globals.old_password_allowed_period = 60;
659 Globals.obey_pam_restrictions = false;
661 Globals.syslog_only = false;
662 Globals.timestamp_logs = true;
663 string_set(Globals.ctx, &Globals.log_level, "0");
664 Globals.debug_prefix_timestamp = false;
665 Globals.debug_hires_timestamp = true;
666 Globals.debug_pid = false;
667 Globals.debug_uid = false;
668 Globals.debug_class = false;
669 Globals.enable_core_files = true;
670 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
671 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
672 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
673 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
674 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
675 Globals.lm_interval = 60;
676 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
677 Globals.nis_homedir = false;
678 #ifdef WITH_NISPLUS_HOME
679 string_set(Globals.ctx, &Globals.homedir_map, "auto_home.org_dir");
681 string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
684 Globals.time_server = false;
685 Globals.bind_interfaces_only = false;
686 Globals.unix_password_sync = false;
687 Globals.pam_password_change = false;
688 Globals.passwd_chat_debug = false;
689 Globals.passwd_chat_timeout = 2; /* 2 second default. */
690 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
691 Globals.nt_status_support = true; /* Use NT status by default. */
692 Globals.smbd_profiling_level = 0;
693 Globals.stat_cache = true; /* use stat cache by default */
694 Globals.max_stat_cache_size = 256; /* 256k by default */
695 Globals.restrict_anonymous = 0;
696 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
697 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
698 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
699 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
700 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
701 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
703 Globals.map_to_guest = 0; /* By Default, "Never" */
704 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
705 Globals.enhanced_browsing = true;
706 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
707 #ifdef MMAP_BLACKLIST
708 Globals.use_mmap = false;
710 Globals.use_mmap = true;
712 Globals.unicode = true;
713 Globals.unix_extensions = true;
714 Globals.reset_on_zero_vc = false;
715 Globals.log_writeable_files_on_exit = false;
716 Globals.create_krb5_conf = true;
717 Globals.winbindMaxDomainConnections = 1;
719 /* hostname lookups can be very expensive and are broken on
720 a large number of sites (tridge) */
721 Globals.hostname_lookups = false;
723 Globals.change_notify = true,
724 Globals.kernel_change_notify = true,
726 string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
727 string_set(Globals.ctx, &Globals.ldap_suffix, "");
728 string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
729 string_set(Globals.ctx, &Globals._ldap_user_suffix, "");
730 string_set(Globals.ctx, &Globals._ldap_group_suffix, "");
731 string_set(Globals.ctx, &Globals._ldap_idmap_suffix, "");
733 string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
734 Globals.ldap_ssl = LDAP_SSL_START_TLS;
735 Globals.ldap_ssl_ads = false;
736 Globals.ldap_deref = -1;
737 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
738 Globals.ldap_delete_dn = false;
739 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
740 Globals.ldap_follow_referral = Auto;
741 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
742 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
743 Globals.ldap_page_size = LDAP_PAGE_SIZE;
745 Globals.ldap_debug_level = 0;
746 Globals.ldap_debug_threshold = 10;
748 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
750 /* This is what we tell the afs client. in reality we set the token
751 * to never expire, though, when this runs out the afs client will
752 * forget the token. Set to 0 to get NEVERDATE.*/
753 Globals.afs_token_lifetime = 604800;
754 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
756 /* these parameters are set to defaults that are more appropriate
757 for the increasing samba install base:
759 as a member of the workgroup, that will possibly become a
760 _local_ master browser (lm = true). this is opposed to a forced
761 local master browser startup (pm = true).
763 doesn't provide WINS server service by default (wsupp = false),
764 and doesn't provide domain master browser services by default, either.
768 Globals.show_add_printer_wizard = true;
769 Globals.os_level = 20;
770 Globals.local_master = true;
771 Globals._domain_master = Auto; /* depending on _domain_logons */
772 Globals._domain_logons = false;
773 Globals.browse_list = true;
774 Globals.we_are_a_wins_server = false;
775 Globals.wins_proxy = false;
777 TALLOC_FREE(Globals.init_logon_delayed_hosts);
778 Globals.init_logon_delay = 100; /* 100 ms default delay */
780 Globals.wins_dns_proxy = true;
782 Globals.allow_trusted_domains = true;
783 string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
785 string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
786 string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
787 string_set(Globals.ctx, &Globals.winbind_separator, "\\");
788 string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
790 string_set(Globals.ctx, &Globals.cups_server, "");
791 string_set(Globals.ctx, &Globals.iprint_server, "");
793 string_set(Globals.ctx, &Globals._ctdbd_socket, "");
795 Globals.cluster_addresses = NULL;
796 Globals.clustering = false;
797 Globals.ctdb_timeout = 0;
798 Globals.ctdb_locktime_warn_threshold = 0;
800 Globals.winbind_cache_time = 300; /* 5 minutes */
801 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
802 Globals.winbind_request_timeout = 60; /* 60 seconds */
803 Globals.winbind_max_clients = 200;
804 Globals.winbind_enum_users = false;
805 Globals.winbind_enum_groups = false;
806 Globals.winbind_use_default_domain = false;
807 Globals.winbind_trusted_domains_only = false;
808 Globals.winbind_nested_groups = true;
809 Globals.winbind_expand_groups = 0;
810 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
811 Globals.winbind_refresh_tickets = false;
812 Globals.winbind_offline_logon = false;
814 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
815 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
817 Globals.passdb_expand_explicit = false;
819 Globals.name_cache_timeout = 660; /* In seconds */
821 Globals.use_spnego = true;
822 Globals.client_use_spnego = true;
824 Globals.client_signing = SMB_SIGNING_DEFAULT;
825 Globals.server_signing = SMB_SIGNING_DEFAULT;
827 Globals.defer_sharing_violations = true;
828 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
830 Globals.enable_privileges = true;
831 Globals.host_msdfs = true;
832 Globals.enable_asu_support = false;
834 /* User defined shares. */
835 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
837 smb_panic("init_globals: ENOMEM");
839 string_set(Globals.ctx, &Globals.usershare_path, s);
841 string_set(Globals.ctx, &Globals.usershare_template_share, "");
842 Globals.usershare_max_shares = 0;
843 /* By default disallow sharing of directories not owned by the sharer. */
844 Globals.usershare_owner_only = true;
845 /* By default disallow guest access to usershares. */
846 Globals.usershare_allow_guests = false;
848 Globals.keepalive = DEFAULT_KEEPALIVE;
850 /* By default no shares out of the registry */
851 Globals.registry_shares = false;
853 Globals.iminreceivefile = 0;
855 Globals.map_untrusted_to_domain = false;
856 Globals.multicast_dns_register = true;
858 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
859 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
860 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
861 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
862 Globals.smb2_leases = false;
864 string_set(Globals.ctx, &Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
866 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
868 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
870 Globals.tls_enabled = true;
872 string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
873 string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
874 string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
875 string_set(Globals.ctx, &Globals.tls_priority, "NORMAL:-VERS-SSL3.0");
877 string_set(Globals.ctx, &Globals.share_backend, "classic");
879 Globals.iPreferredMaster = Auto;
881 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
883 string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
885 string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
887 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
889 smb_panic("init_globals: ENOMEM");
891 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
894 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
896 smb_panic("init_globals: ENOMEM");
898 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
901 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
903 smb_panic("init_globals: ENOMEM");
905 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
908 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
910 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
912 Globals.cldap_port = 389;
914 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
916 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
918 Globals.krb5_port = 88;
920 Globals.kpasswd_port = 464;
922 Globals.web_port = 901;
924 /* Now put back the settings that were set with lp_set_cmdline() */
925 apply_lp_set_cmdline();
928 /* Convenience routine to setup an lp_context with additional s3 variables */
929 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
931 struct loadparm_context *lp_ctx;
933 lp_ctx = loadparm_init_s3(mem_ctx,
934 loadparm_s3_helpers());
935 if (lp_ctx == NULL) {
936 DEBUG(0, ("loadparm_init_s3 failed\n"));
940 lp_ctx->sDefault = &sDefault;
941 lp_ctx->services = NULL; /* We do not want to access this directly */
942 lp_ctx->bInGlobalSection = bInGlobalSection;
943 lp_ctx->flags = flags_list;
948 /*******************************************************************
949 Convenience routine to grab string parameters into talloced memory
950 and run standard_sub_basic on them. The buffers can be written to by
951 callers without affecting the source string.
952 ********************************************************************/
954 char *lp_string(TALLOC_CTX *ctx, const char *s)
958 /* The follow debug is useful for tracking down memory problems
959 especially if you have an inner loop that is calling a lp_*()
960 function that returns a string. Perhaps this debug should be
961 present all the time? */
964 DEBUG(10, ("lp_string(%s)\n", s));
970 ret = talloc_sub_basic(ctx,
971 get_current_username(),
972 current_user_info.domain,
974 if (trim_char(ret, '\"', '\"')) {
975 if (strchr(ret,'\"') != NULL) {
977 ret = talloc_sub_basic(ctx,
978 get_current_username(),
979 current_user_info.domain,
987 In this section all the functions that are used to access the
988 parameters from the rest of the program are defined
991 #define FN_GLOBAL_STRING(fn_name,ptr) \
992 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
993 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
994 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
995 #define FN_GLOBAL_LIST(fn_name,ptr) \
996 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
997 #define FN_GLOBAL_BOOL(fn_name,ptr) \
998 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
999 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1000 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1001 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1002 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1004 #define FN_LOCAL_STRING(fn_name,val) \
1005 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1006 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1007 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1008 #define FN_LOCAL_LIST(fn_name,val) \
1009 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1010 #define FN_LOCAL_BOOL(fn_name,val) \
1011 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1012 #define FN_LOCAL_INTEGER(fn_name,val) \
1013 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1015 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1016 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1017 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1018 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1019 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1020 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1022 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1023 winbindMaxDomainConnections)
1025 int lp_winbind_max_domain_connections(void)
1027 if (lp_winbind_offline_logon() &&
1028 lp_winbind_max_domain_connections_int() > 1) {
1029 DEBUG(1, ("offline logons active, restricting max domain "
1030 "connections to 1\n"));
1033 return MAX(1, lp_winbind_max_domain_connections_int());
1036 int lp_smb2_max_credits(void)
1038 if (Globals.ismb2_max_credits == 0) {
1039 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1041 return Globals.ismb2_max_credits;
1043 int lp_cups_encrypt(void)
1046 #ifdef HAVE_HTTPCONNECTENCRYPT
1047 switch (Globals.CupsEncrypt) {
1049 result = HTTP_ENCRYPT_REQUIRED;
1052 result = HTTP_ENCRYPT_ALWAYS;
1055 result = HTTP_ENCRYPT_NEVER;
1062 /* These functions remain in source3/param for now */
1064 #include "lib/param/param_functions.c"
1066 FN_LOCAL_STRING(servicename, szService)
1067 FN_LOCAL_CONST_STRING(const_servicename, szService)
1069 /* These functions cannot be auto-generated */
1070 FN_LOCAL_BOOL(autoloaded, autoloaded)
1071 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1073 /* local prototypes */
1075 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1076 static const char *get_boolean(bool bool_value);
1077 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1079 static bool hash_a_service(const char *name, int number);
1080 static void free_service_byindex(int iService);
1081 static void show_parameter(int parmIndex);
1082 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1085 * This is a helper function for parametrical options support. It returns a
1086 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1087 * parametrical functions are quite simple
1089 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1092 if (snum >= iNumServices) return NULL;
1095 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1097 return get_parametric_helper(ServicePtrs[snum],
1098 type, option, Globals.param_opt);
1103 #define MISSING_PARAMETER(name) \
1104 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1106 /*******************************************************************
1107 convenience routine to return enum parameters.
1108 ********************************************************************/
1109 static int lp_enum(const char *s,const struct enum_list *_enum)
1113 if (!s || !*s || !_enum) {
1114 MISSING_PARAMETER(lp_enum);
1118 for (i=0; _enum[i].name; i++) {
1119 if (strequal(_enum[i].name,s))
1120 return _enum[i].value;
1123 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1127 #undef MISSING_PARAMETER
1129 /* Return parametric option from a given service. Type is a part of option before ':' */
1130 /* Parametric option has following syntax: 'Type: option = value' */
1131 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1133 struct parmlist_entry *data = get_parametrics(snum, type, option);
1135 if (data == NULL||data->value==NULL) {
1137 return lp_string(ctx, def);
1143 return lp_string(ctx, data->value);
1146 /* Return parametric option from a given service. Type is a part of option before ':' */
1147 /* Parametric option has following syntax: 'Type: option = value' */
1148 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1150 struct parmlist_entry *data = get_parametrics(snum, type, option);
1152 if (data == NULL||data->value==NULL)
1159 /* Return parametric option from a given service. Type is a part of option before ':' */
1160 /* Parametric option has following syntax: 'Type: option = value' */
1162 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1164 struct parmlist_entry *data = get_parametrics(snum, type, option);
1166 if (data == NULL||data->value==NULL)
1167 return (const char **)def;
1169 if (data->list==NULL) {
1170 data->list = str_list_make_v3(NULL, data->value, NULL);
1173 return discard_const_p(const char *, data->list);
1176 /* Return parametric option from a given service. Type is a part of option before ':' */
1177 /* Parametric option has following syntax: 'Type: option = value' */
1179 int lp_parm_int(int snum, const char *type, const char *option, int def)
1181 struct parmlist_entry *data = get_parametrics(snum, type, option);
1183 if (data && data->value && *data->value)
1184 return lp_int(data->value);
1189 /* Return parametric option from a given service. Type is a part of option before ':' */
1190 /* Parametric option has following syntax: 'Type: option = value' */
1192 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1194 struct parmlist_entry *data = get_parametrics(snum, type, option);
1196 if (data && data->value && *data->value)
1197 return lp_ulong(data->value);
1202 /* Return parametric option from a given service. Type is a part of option before ':' */
1203 /* Parametric option has following syntax: 'Type: option = value' */
1205 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1207 struct parmlist_entry *data = get_parametrics(snum, type, option);
1209 if (data && data->value && *data->value)
1210 return lp_bool(data->value);
1215 /* Return parametric option from a given service. Type is a part of option before ':' */
1216 /* Parametric option has following syntax: 'Type: option = value' */
1218 int lp_parm_enum(int snum, const char *type, const char *option,
1219 const struct enum_list *_enum, int def)
1221 struct parmlist_entry *data = get_parametrics(snum, type, option);
1223 if (data && data->value && *data->value && _enum)
1224 return lp_enum(data->value, _enum);
1230 * free a param_opts structure.
1231 * param_opts handling should be moved to talloc;
1232 * then this whole functions reduces to a TALLOC_FREE().
1235 static void free_param_opts(struct parmlist_entry **popts)
1237 struct parmlist_entry *opt, *next_opt;
1239 if (*popts != NULL) {
1240 DEBUG(5, ("Freeing parametrics:\n"));
1243 while (opt != NULL) {
1244 string_free(&opt->key);
1245 string_free(&opt->value);
1246 TALLOC_FREE(opt->list);
1247 next_opt = opt->next;
1254 /***************************************************************************
1255 Free the dynamically allocated parts of a service struct.
1256 ***************************************************************************/
1258 static void free_service(struct loadparm_service *pservice)
1263 if (pservice->szService)
1264 DEBUG(5, ("free_service: Freeing service %s\n",
1265 pservice->szService));
1267 free_parameters(pservice);
1269 string_free(&pservice->szService);
1270 TALLOC_FREE(pservice->copymap);
1272 free_param_opts(&pservice->param_opt);
1274 ZERO_STRUCTP(pservice);
1278 /***************************************************************************
1279 remove a service indexed in the ServicePtrs array from the ServiceHash
1280 and free the dynamically allocated parts
1281 ***************************************************************************/
1283 static void free_service_byindex(int idx)
1285 if ( !LP_SNUM_OK(idx) )
1288 ServicePtrs[idx]->valid = false;
1290 /* we have to cleanup the hash record */
1292 if (ServicePtrs[idx]->szService) {
1293 char *canon_name = canonicalize_servicename(
1295 ServicePtrs[idx]->szService );
1297 dbwrap_delete_bystring(ServiceHash, canon_name );
1298 TALLOC_FREE(canon_name);
1301 free_service(ServicePtrs[idx]);
1302 talloc_free_children(ServicePtrs[idx]);
1305 /***************************************************************************
1306 Add a new service to the services array initialising it with the given
1308 ***************************************************************************/
1310 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1313 int num_to_alloc = iNumServices + 1;
1314 struct loadparm_service **tsp = NULL;
1316 /* it might already exist */
1318 i = getservicebyname(name, NULL);
1324 /* if not, then create one */
1326 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1328 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1332 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1333 if (!ServicePtrs[iNumServices]) {
1334 DEBUG(0,("add_a_service: out of memory!\n"));
1339 ServicePtrs[i]->valid = true;
1341 copy_service(ServicePtrs[i], pservice, NULL);
1343 string_set(ServicePtrs[i], &ServicePtrs[i]->szService, name);
1345 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1346 i, ServicePtrs[i]->szService));
1348 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1355 /***************************************************************************
1356 Convert a string to uppercase and remove whitespaces.
1357 ***************************************************************************/
1359 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1364 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1368 result = talloc_strdup(ctx, src);
1369 SMB_ASSERT(result != NULL);
1371 if (!strlower_m(result)) {
1372 TALLOC_FREE(result);
1378 /***************************************************************************
1379 Add a name/index pair for the services array to the hash table.
1380 ***************************************************************************/
1382 static bool hash_a_service(const char *name, int idx)
1386 if ( !ServiceHash ) {
1387 DEBUG(10,("hash_a_service: creating servicehash\n"));
1388 ServiceHash = db_open_rbt(NULL);
1389 if ( !ServiceHash ) {
1390 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1395 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1398 canon_name = canonicalize_servicename(talloc_tos(), name );
1400 dbwrap_store_bystring(ServiceHash, canon_name,
1401 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1404 TALLOC_FREE(canon_name);
1409 /***************************************************************************
1410 Add a new home service, with the specified home directory, defaults coming
1412 ***************************************************************************/
1414 bool lp_add_home(const char *pszHomename, int iDefaultService,
1415 const char *user, const char *pszHomedir)
1419 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1420 pszHomedir[0] == '\0') {
1424 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1429 if (!(*(ServicePtrs[iDefaultService]->path))
1430 || strequal(ServicePtrs[iDefaultService]->path,
1431 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1432 string_set(ServicePtrs[i], &ServicePtrs[i]->path, pszHomedir);
1435 if (!(*(ServicePtrs[i]->comment))) {
1436 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1437 if (comment == NULL) {
1440 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1441 TALLOC_FREE(comment);
1444 /* set the browseable flag from the global default */
1446 ServicePtrs[i]->browseable = sDefault.browseable;
1447 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1449 ServicePtrs[i]->autoloaded = true;
1451 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1452 user, ServicePtrs[i]->path ));
1457 /***************************************************************************
1458 Add a new service, based on an old one.
1459 ***************************************************************************/
1461 int lp_add_service(const char *pszService, int iDefaultService)
1463 if (iDefaultService < 0) {
1464 return add_a_service(&sDefault, pszService);
1467 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1470 /***************************************************************************
1471 Add the IPC service.
1472 ***************************************************************************/
1474 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1476 char *comment = NULL;
1477 int i = add_a_service(&sDefault, ipc_name);
1482 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1483 Globals.server_string);
1484 if (comment == NULL) {
1488 string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1489 string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1490 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1491 string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1492 ServicePtrs[i]->max_connections = 0;
1493 ServicePtrs[i]->bAvailable = true;
1494 ServicePtrs[i]->read_only = true;
1495 ServicePtrs[i]->guest_only = false;
1496 ServicePtrs[i]->administrative_share = true;
1497 ServicePtrs[i]->guest_ok = guest_ok;
1498 ServicePtrs[i]->printable = false;
1499 ServicePtrs[i]->browseable = sDefault.browseable;
1501 DEBUG(3, ("adding IPC service\n"));
1503 TALLOC_FREE(comment);
1507 /***************************************************************************
1508 Add a new printer service, with defaults coming from service iFrom.
1509 ***************************************************************************/
1511 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1513 const char *comment = "From Printcap";
1514 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1519 /* note that we do NOT default the availability flag to true - */
1520 /* we take it from the default service passed. This allows all */
1521 /* dynamic printers to be disabled by disabling the [printers] */
1522 /* entry (if/when the 'available' keyword is implemented!). */
1524 /* the printer name is set to the service name. */
1525 string_set(ServicePtrs[i], &ServicePtrs[i]->_printername, pszPrintername);
1526 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1528 /* set the browseable flag from the gloabl default */
1529 ServicePtrs[i]->browseable = sDefault.browseable;
1531 /* Printers cannot be read_only. */
1532 ServicePtrs[i]->read_only = false;
1533 /* No oplocks on printer services. */
1534 ServicePtrs[i]->oplocks = false;
1535 /* Printer services must be printable. */
1536 ServicePtrs[i]->printable = true;
1538 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1544 /***************************************************************************
1545 Check whether the given parameter name is valid.
1546 Parametric options (names containing a colon) are considered valid.
1547 ***************************************************************************/
1549 bool lp_parameter_is_valid(const char *pszParmName)
1551 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1552 (strchr(pszParmName, ':') != NULL));
1555 /***************************************************************************
1556 Check whether the given name is the name of a global parameter.
1557 Returns true for strings belonging to parameters of class
1558 P_GLOBAL, false for all other strings, also for parametric options
1559 and strings not belonging to any option.
1560 ***************************************************************************/
1562 bool lp_parameter_is_global(const char *pszParmName)
1564 int num = lpcfg_map_parameter(pszParmName);
1567 return (parm_table[num].p_class == P_GLOBAL);
1573 /**************************************************************************
1574 Determine the canonical name for a parameter.
1575 Indicate when it is an inverse (boolean) synonym instead of a
1577 **************************************************************************/
1579 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1584 if (!lp_parameter_is_valid(parm_name)) {
1589 num = map_parameter_canonical(parm_name, inverse);
1591 /* parametric option */
1592 *canon_parm = parm_name;
1594 *canon_parm = parm_table[num].label;
1601 /**************************************************************************
1602 Determine the canonical name for a parameter.
1603 Turn the value given into the inverse boolean expression when
1604 the synonym is an invers boolean synonym.
1606 Return true if parm_name is a valid parameter name and
1607 in case it is an invers boolean synonym, if the val string could
1608 successfully be converted to the reverse bool.
1609 Return false in all other cases.
1610 **************************************************************************/
1612 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1614 const char **canon_parm,
1615 const char **canon_val)
1620 if (!lp_parameter_is_valid(parm_name)) {
1626 num = map_parameter_canonical(parm_name, &inverse);
1628 /* parametric option */
1629 *canon_parm = parm_name;
1632 *canon_parm = parm_table[num].label;
1634 if (!lp_invert_boolean(val, canon_val)) {
1646 /***************************************************************************
1647 Map a parameter's string representation to the index of the canonical
1648 form of the parameter (it might be a synonym).
1649 Returns -1 if the parameter string is not recognised.
1650 ***************************************************************************/
1652 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1654 int parm_num, canon_num;
1655 bool loc_inverse = false;
1657 parm_num = lpcfg_map_parameter(pszParmName);
1658 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1659 /* invalid, parametric or no canidate for synonyms ... */
1663 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1664 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1665 parm_num = canon_num;
1671 if (inverse != NULL) {
1672 *inverse = loc_inverse;
1677 /***************************************************************************
1678 return true if parameter number parm1 is a synonym of parameter
1679 number parm2 (parm2 being the principal name).
1680 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1682 ***************************************************************************/
1684 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1686 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1687 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1688 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1689 !(parm_table[parm2].flags & FLAG_SYNONYM))
1691 if (inverse != NULL) {
1692 if ((parm_table[parm1].type == P_BOOLREV) &&
1693 (parm_table[parm2].type == P_BOOL))
1705 /***************************************************************************
1706 Show one parameter's name, type, [values,] and flags.
1707 (helper functions for show_parameter_list)
1708 ***************************************************************************/
1710 static void show_parameter(int parmIndex)
1712 int enumIndex, flagIndex;
1717 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1718 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1719 "P_ENUM", "P_BYTES", "P_CMDLIST" };
1720 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1721 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1723 printf("%s=%s", parm_table[parmIndex].label,
1724 type[parm_table[parmIndex].type]);
1725 if (parm_table[parmIndex].type == P_ENUM) {
1728 parm_table[parmIndex].enum_list[enumIndex].name;
1732 enumIndex ? "|" : "",
1733 parm_table[parmIndex].enum_list[enumIndex].name);
1738 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1739 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1742 flag_names[flagIndex]);
1747 /* output synonyms */
1749 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1750 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1751 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1752 parm_table[parmIndex2].label);
1753 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1755 printf(" (synonyms: ");
1760 printf("%s%s", parm_table[parmIndex2].label,
1761 inverse ? "[i]" : "");
1771 /***************************************************************************
1772 Show all parameter's name, type, [values,] and flags.
1773 ***************************************************************************/
1775 void show_parameter_list(void)
1777 int classIndex, parmIndex;
1778 const char *section_names[] = { "local", "global", NULL};
1780 for (classIndex=0; section_names[classIndex]; classIndex++) {
1781 printf("[%s]\n", section_names[classIndex]);
1782 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1783 if (parm_table[parmIndex].p_class == classIndex) {
1784 show_parameter(parmIndex);
1790 /***************************************************************************
1791 Get the standard string representation of a boolean value ("yes" or "no")
1792 ***************************************************************************/
1794 static const char *get_boolean(bool bool_value)
1796 static const char *yes_str = "yes";
1797 static const char *no_str = "no";
1799 return (bool_value ? yes_str : no_str);
1802 /***************************************************************************
1803 Provide the string of the negated boolean value associated to the boolean
1804 given as a string. Returns false if the passed string does not correctly
1805 represent a boolean.
1806 ***************************************************************************/
1808 bool lp_invert_boolean(const char *str, const char **inverse_str)
1812 if (!set_boolean(str, &val)) {
1816 *inverse_str = get_boolean(!val);
1820 /***************************************************************************
1821 Provide the canonical string representation of a boolean value given
1822 as a string. Return true on success, false if the string given does
1823 not correctly represent a boolean.
1824 ***************************************************************************/
1826 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1830 if (!set_boolean(str, &val)) {
1834 *canon_str = get_boolean(val);
1838 /***************************************************************************
1839 Find a service by name. Otherwise works like get_service.
1840 ***************************************************************************/
1842 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1849 if (ServiceHash == NULL) {
1853 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1855 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1858 if (NT_STATUS_IS_OK(status) &&
1859 (data.dptr != NULL) &&
1860 (data.dsize == sizeof(iService)))
1862 iService = *(int *)data.dptr;
1865 TALLOC_FREE(canon_name);
1867 if ((iService != -1) && (LP_SNUM_OK(iService))
1868 && (pserviceDest != NULL)) {
1869 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1875 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1876 struct loadparm_service *lp_service(const char *pszServiceName)
1878 int iService = getservicebyname(pszServiceName, NULL);
1879 if (iService == -1 || !LP_SNUM_OK(iService)) {
1882 return ServicePtrs[iService];
1885 struct loadparm_service *lp_servicebynum(int snum)
1887 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1890 return ServicePtrs[snum];
1893 struct loadparm_service *lp_default_loadparm_service()
1898 static struct smbconf_ctx *lp_smbconf_ctx(void)
1901 static struct smbconf_ctx *conf_ctx = NULL;
1903 if (conf_ctx == NULL) {
1904 err = smbconf_init(NULL, &conf_ctx, "registry:");
1905 if (!SBC_ERROR_IS_OK(err)) {
1906 DEBUG(1, ("error initializing registry configuration: "
1907 "%s\n", sbcErrorString(err)));
1915 static bool process_smbconf_service(struct smbconf_service *service)
1920 if (service == NULL) {
1924 ret = lp_do_section(service->name, NULL);
1928 for (count = 0; count < service->num_params; count++) {
1930 if (!bInGlobalSection && bGlobalOnly) {
1933 const char *pszParmName = service->param_names[count];
1934 const char *pszParmValue = service->param_values[count];
1936 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
1938 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
1939 pszParmName, pszParmValue);
1946 if (iServiceIndex >= 0) {
1947 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
1953 * load a service from registry and activate it
1955 bool process_registry_service(const char *service_name)
1958 struct smbconf_service *service = NULL;
1959 TALLOC_CTX *mem_ctx = talloc_stackframe();
1960 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
1963 if (conf_ctx == NULL) {
1967 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
1969 if (!smbconf_share_exists(conf_ctx, service_name)) {
1971 * Registry does not contain data for this service (yet),
1972 * but make sure lp_load doesn't return false.
1978 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
1979 if (!SBC_ERROR_IS_OK(err)) {
1983 ret = process_smbconf_service(service);
1989 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
1992 TALLOC_FREE(mem_ctx);
1997 * process_registry_globals
1999 static bool process_registry_globals(void)
2003 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2005 if (!bInGlobalSection && bGlobalOnly) {
2008 const char *pszParmName = "registry shares";
2009 const char *pszParmValue = "yes";
2011 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2013 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2014 pszParmName, pszParmValue);
2021 return process_registry_service(GLOBAL_NAME);
2024 bool process_registry_shares(void)
2028 struct smbconf_service **service = NULL;
2029 uint32_t num_shares = 0;
2030 TALLOC_CTX *mem_ctx = talloc_stackframe();
2031 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2034 if (conf_ctx == NULL) {
2038 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2039 if (!SBC_ERROR_IS_OK(err)) {
2045 for (count = 0; count < num_shares; count++) {
2046 if (strequal(service[count]->name, GLOBAL_NAME)) {
2049 ret = process_smbconf_service(service[count]);
2056 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2059 TALLOC_FREE(mem_ctx);
2064 * reload those shares from registry that are already
2065 * activated in the services array.
2067 static bool reload_registry_shares(void)
2072 for (i = 0; i < iNumServices; i++) {
2077 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2081 ret = process_registry_service(ServicePtrs[i]->szService);
2092 #define MAX_INCLUDE_DEPTH 100
2094 static uint8_t include_depth;
2097 * Free the file lists
2099 static void free_file_list(void)
2101 struct file_lists *f;
2102 struct file_lists *next;
2115 * Utility function for outsiders to check if we're running on registry.
2117 bool lp_config_backend_is_registry(void)
2119 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2123 * Utility function to check if the config backend is FILE.
2125 bool lp_config_backend_is_file(void)
2127 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2130 /*******************************************************************
2131 Check if a config file has changed date.
2132 ********************************************************************/
2134 bool lp_file_list_changed(void)
2136 struct file_lists *f = file_lists;
2138 DEBUG(6, ("lp_file_list_changed()\n"));
2141 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2142 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2144 if (conf_ctx == NULL) {
2147 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2150 DEBUGADD(6, ("registry config changed\n"));
2157 n2 = talloc_sub_basic(talloc_tos(),
2158 get_current_username(),
2159 current_user_info.domain,
2164 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2165 f->name, n2, ctime(&f->modtime)));
2167 mod_time = file_modtime(n2);
2170 ((f->modtime != mod_time) ||
2171 (f->subfname == NULL) ||
2172 (strcmp(n2, f->subfname) != 0)))
2175 ("file %s modified: %s\n", n2,
2177 f->modtime = mod_time;
2178 TALLOC_FREE(f->subfname);
2179 f->subfname = talloc_strdup(f, n2);
2180 if (f->subfname == NULL) {
2181 smb_panic("talloc_strdup failed");
2195 * Initialize iconv conversion descriptors.
2197 * This is called the first time it is needed, and also called again
2198 * every time the configuration is reloaded, because the charset or
2199 * codepage might have changed.
2201 static void init_iconv(void)
2203 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2205 true, global_iconv_handle);
2208 /***************************************************************************
2209 Handle the include operation.
2210 ***************************************************************************/
2211 static bool bAllowIncludeRegistry = true;
2213 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2214 const char *pszParmValue, char **ptr)
2218 if (include_depth >= MAX_INCLUDE_DEPTH) {
2219 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2224 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2225 if (!bAllowIncludeRegistry) {
2228 if (lp_ctx->bInGlobalSection) {
2231 ret = process_registry_globals();
2235 DEBUG(1, ("\"include = registry\" only effective "
2236 "in %s section\n", GLOBAL_NAME));
2241 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2242 current_user_info.domain,
2245 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2247 if (service == NULL) {
2248 string_set(Globals.ctx, ptr, fname);
2250 string_set(service, ptr, fname);
2253 if (file_exist(fname)) {
2256 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2262 DEBUG(2, ("Can't find include file %s\n", fname));
2267 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2269 char *config_option = NULL;
2270 const char *range = NULL;
2273 SMB_ASSERT(low != NULL);
2274 SMB_ASSERT(high != NULL);
2276 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2280 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2282 if (config_option == NULL) {
2283 DEBUG(0, ("out of memory\n"));
2287 range = lp_parm_const_string(-1, config_option, "range", NULL);
2288 if (range == NULL) {
2289 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2293 if (sscanf(range, "%u - %u", low, high) != 2) {
2294 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2295 range, domain_name));
2302 talloc_free(config_option);
2307 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2309 return lp_idmap_range("*", low, high);
2312 const char *lp_idmap_backend(const char *domain_name)
2314 char *config_option = NULL;
2315 const char *backend = NULL;
2317 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2321 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2323 if (config_option == NULL) {
2324 DEBUG(0, ("out of memory\n"));
2328 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2329 if (backend == NULL) {
2330 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2335 talloc_free(config_option);
2339 const char *lp_idmap_default_backend(void)
2341 return lp_idmap_backend("*");
2344 /***************************************************************************
2345 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2346 ***************************************************************************/
2348 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2350 const char *suffix_string;
2352 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2353 Globals.ldap_suffix );
2354 if ( !suffix_string ) {
2355 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2359 return suffix_string;
2362 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2364 if (Globals.szLdapMachineSuffix[0])
2365 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2367 return lp_string(ctx, Globals.ldap_suffix);
2370 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2372 if (Globals._ldap_user_suffix[0])
2373 return append_ldap_suffix(ctx, Globals._ldap_user_suffix);
2375 return lp_string(ctx, Globals.ldap_suffix);
2378 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2380 if (Globals._ldap_group_suffix[0])
2381 return append_ldap_suffix(ctx, Globals._ldap_group_suffix);
2383 return lp_string(ctx, Globals.ldap_suffix);
2386 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2388 if (Globals._ldap_idmap_suffix[0])
2389 return append_ldap_suffix(ctx, Globals._ldap_idmap_suffix);
2391 return lp_string(ctx, Globals.ldap_suffix);
2395 return the parameter pointer for a parameter
2397 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2399 if (service == NULL) {
2400 if (parm->p_class == P_LOCAL)
2401 return (void *)(((char *)&sDefault)+parm->offset);
2402 else if (parm->p_class == P_GLOBAL)
2403 return (void *)(((char *)&Globals)+parm->offset);
2406 return (void *)(((char *)service) + parm->offset);
2410 /***************************************************************************
2411 Process a parameter for a particular service number. If snum < 0
2412 then assume we are in the globals.
2413 ***************************************************************************/
2415 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2417 TALLOC_CTX *frame = talloc_stackframe();
2418 struct loadparm_context *lp_ctx;
2421 lp_ctx = setup_lp_context(frame);
2422 if (lp_ctx == NULL) {
2428 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2430 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2431 pszParmName, pszParmValue);
2439 /***************************************************************************
2440 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2441 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2442 ***************************************************************************/
2444 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2447 parmnum = lpcfg_map_parameter(pszParmName);
2449 flags_list[parmnum] &= ~FLAG_CMDLINE;
2450 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2453 flags_list[parmnum] |= FLAG_CMDLINE;
2455 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2456 * be grouped in the table, so we don't have to search the
2459 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2460 && parm_table[i].p_class == parm_table[parmnum].p_class;
2462 flags_list[i] |= FLAG_CMDLINE;
2464 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2465 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2466 flags_list[i] |= FLAG_CMDLINE;
2472 /* it might be parametric */
2473 if (strchr(pszParmName, ':') != NULL) {
2474 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2478 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2482 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2485 TALLOC_CTX *frame = talloc_stackframe();
2486 struct loadparm_context *lp_ctx;
2488 lp_ctx = setup_lp_context(frame);
2489 if (lp_ctx == NULL) {
2494 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2500 /***************************************************************************
2501 Process a parameter.
2502 ***************************************************************************/
2504 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2507 if (!bInGlobalSection && bGlobalOnly)
2510 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2512 if (bInGlobalSection) {
2513 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2515 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2516 pszParmName, pszParmValue);
2520 /***************************************************************************
2521 Initialize any local variables in the sDefault table, after parsing a
2523 ***************************************************************************/
2525 static void init_locals(void)
2528 * We run this check once the [globals] is parsed, to force
2529 * the VFS objects and other per-share settings we need for
2530 * the standard way a AD DC is operated. We may change these
2531 * as our code evolves, which is why we force these settings.
2533 * We can't do this at the end of lp_load_ex(), as by that
2534 * point the services have been loaded and they will already
2535 * have "" as their vfs objects.
2537 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2538 const char **vfs_objects = lp_vfs_objects(-1);
2539 if (!vfs_objects || !vfs_objects[0]) {
2540 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2541 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2542 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2543 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2545 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2549 lp_do_parameter(-1, "map hidden", "no");
2550 lp_do_parameter(-1, "map system", "no");
2551 lp_do_parameter(-1, "map readonly", "no");
2552 lp_do_parameter(-1, "map archive", "no");
2553 lp_do_parameter(-1, "store dos attributes", "yes");
2557 /***************************************************************************
2558 Process a new section (service). At this stage all sections are services.
2559 Later we'll have special sections that permit server parameters to be set.
2560 Returns true on success, false on failure.
2561 ***************************************************************************/
2563 bool lp_do_section(const char *pszSectionName, void *userdata)
2565 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2567 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2568 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2571 /* if we were in a global section then do the local inits */
2572 if (bInGlobalSection && !isglobal)
2575 /* if we've just struck a global section, note the fact. */
2576 bInGlobalSection = isglobal;
2577 if (lp_ctx != NULL) {
2578 lp_ctx->bInGlobalSection = isglobal;
2581 /* check for multiple global sections */
2582 if (bInGlobalSection) {
2583 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2587 if (!bInGlobalSection && bGlobalOnly)
2590 /* if we have a current service, tidy it up before moving on */
2593 if (iServiceIndex >= 0)
2594 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2596 /* if all is still well, move to the next record in the services array */
2598 /* We put this here to avoid an odd message order if messages are */
2599 /* issued by the post-processing of a previous section. */
2600 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2602 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2603 if (iServiceIndex < 0) {
2604 DEBUG(0, ("Failed to add a new service\n"));
2607 /* Clean all parametric options for service */
2608 /* They will be added during parsing again */
2609 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2615 /***************************************************************************
2616 Display the contents of a parameter of a single services record.
2617 ***************************************************************************/
2619 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2621 bool result = false;
2622 struct loadparm_context *lp_ctx;
2624 lp_ctx = setup_lp_context(talloc_tos());
2625 if (lp_ctx == NULL) {
2630 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2632 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2634 TALLOC_FREE(lp_ctx);
2639 /***************************************************************************
2640 Display the contents of a single copy structure.
2641 ***************************************************************************/
2642 static void dump_copy_map(bool *pcopymap)
2648 printf("\n\tNon-Copied parameters:\n");
2650 for (i = 0; parm_table[i].label; i++)
2651 if (parm_table[i].p_class == P_LOCAL &&
2652 parm_table[i].ptr && !pcopymap[i] &&
2653 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2655 printf("\t\t%s\n", parm_table[i].label);
2660 /***************************************************************************
2661 Return TRUE if the passed service number is within range.
2662 ***************************************************************************/
2664 bool lp_snum_ok(int iService)
2666 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
2669 /***************************************************************************
2670 Auto-load some home services.
2671 ***************************************************************************/
2673 static void lp_add_auto_services(char *str)
2683 s = talloc_strdup(talloc_tos(), str);
2685 smb_panic("talloc_strdup failed");
2689 homes = lp_servicenumber(HOMES_NAME);
2691 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2692 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2695 if (lp_servicenumber(p) >= 0)
2698 home = get_user_home_dir(talloc_tos(), p);
2700 if (home && home[0] && homes >= 0)
2701 lp_add_home(p, homes, p, home);
2708 /***************************************************************************
2709 Auto-load one printer.
2710 ***************************************************************************/
2712 void lp_add_one_printer(const char *name, const char *comment,
2713 const char *location, void *pdata)
2715 int printers = lp_servicenumber(PRINTERS_NAME);
2718 if (lp_servicenumber(name) < 0) {
2719 lp_add_printer(name, printers);
2720 if ((i = lp_servicenumber(name)) >= 0) {
2721 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
2722 ServicePtrs[i]->autoloaded = true;
2727 /***************************************************************************
2728 Have we loaded a services file yet?
2729 ***************************************************************************/
2731 bool lp_loaded(void)
2736 /***************************************************************************
2737 Unload unused services.
2738 ***************************************************************************/
2740 void lp_killunused(struct smbd_server_connection *sconn,
2741 bool (*snumused) (struct smbd_server_connection *, int))
2744 for (i = 0; i < iNumServices; i++) {
2748 /* don't kill autoloaded or usershare services */
2749 if ( ServicePtrs[i]->autoloaded ||
2750 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2754 if (!snumused || !snumused(sconn, i)) {
2755 free_service_byindex(i);
2761 * Kill all except autoloaded and usershare services - convenience wrapper
2763 void lp_kill_all_services(void)
2765 lp_killunused(NULL, NULL);
2768 /***************************************************************************
2770 ***************************************************************************/
2772 void lp_killservice(int iServiceIn)
2774 if (VALID(iServiceIn)) {
2775 free_service_byindex(iServiceIn);
2779 /***************************************************************************
2780 Save the curent values of all global and sDefault parameters into the
2781 defaults union. This allows testparm to show only the
2782 changed (ie. non-default) parameters.
2783 ***************************************************************************/
2785 static void lp_save_defaults(void)
2788 struct parmlist_entry * parm;
2789 for (i = 0; parm_table[i].label; i++) {
2790 if (!(flags_list[i] & FLAG_CMDLINE)) {
2791 flags_list[i] |= FLAG_DEFAULT;
2794 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2795 && parm_table[i].p_class == parm_table[i - 1].p_class)
2797 switch (parm_table[i].type) {
2800 parm_table[i].def.lvalue = str_list_copy(
2801 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2805 parm_table[i].def.svalue = talloc_strdup(Globals.ctx, *(char **)lp_parm_ptr(NULL, &parm_table[i]));
2806 if (parm_table[i].def.svalue == NULL) {
2807 smb_panic("talloc_strdup failed");
2812 parm_table[i].def.bvalue =
2813 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2816 parm_table[i].def.cvalue =
2817 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2823 parm_table[i].def.ivalue =
2824 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2829 for (parm=Globals.param_opt; parm; parm=parm->next) {
2830 if (!(parm->priority & FLAG_CMDLINE)) {
2831 parm->priority |= FLAG_DEFAULT;
2835 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2836 if (!(parm->priority & FLAG_CMDLINE)) {
2837 parm->priority |= FLAG_DEFAULT;
2841 defaults_saved = true;
2844 /***********************************************************
2845 If we should send plaintext/LANMAN passwords in the clinet
2846 ************************************************************/
2848 static void set_allowed_client_auth(void)
2850 if (Globals.client_ntlmv2_auth) {
2851 Globals.client_lanman_auth = false;
2853 if (!Globals.client_lanman_auth) {
2854 Globals.client_plaintext_auth = false;
2858 /***************************************************************************
2860 The following code allows smbd to read a user defined share file.
2861 Yes, this is my intent. Yes, I'm comfortable with that...
2863 THE FOLLOWING IS SECURITY CRITICAL CODE.
2865 It washes your clothes, it cleans your house, it guards you while you sleep...
2866 Do not f%^k with it....
2867 ***************************************************************************/
2869 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2871 /***************************************************************************
2872 Check allowed stat state of a usershare file.
2873 Ensure we print out who is dicking with us so the admin can
2874 get their sorry ass fired.
2875 ***************************************************************************/
2877 static bool check_usershare_stat(const char *fname,
2878 const SMB_STRUCT_STAT *psbuf)
2880 if (!S_ISREG(psbuf->st_ex_mode)) {
2881 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2882 "not a regular file\n",
2883 fname, (unsigned int)psbuf->st_ex_uid ));
2887 /* Ensure this doesn't have the other write bit set. */
2888 if (psbuf->st_ex_mode & S_IWOTH) {
2889 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2890 "public write. Refusing to allow as a usershare file.\n",
2891 fname, (unsigned int)psbuf->st_ex_uid ));
2895 /* Should be 10k or less. */
2896 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2897 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2898 "too large (%u) to be a user share file.\n",
2899 fname, (unsigned int)psbuf->st_ex_uid,
2900 (unsigned int)psbuf->st_ex_size ));
2907 /***************************************************************************
2908 Parse the contents of a usershare file.
2909 ***************************************************************************/
2911 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
2912 SMB_STRUCT_STAT *psbuf,
2913 const char *servicename,
2917 char **pp_sharepath,
2919 char **pp_cp_servicename,
2920 struct security_descriptor **ppsd,
2923 const char **prefixallowlist = lp_usershare_prefix_allow_list();
2924 const char **prefixdenylist = lp_usershare_prefix_deny_list();
2927 SMB_STRUCT_STAT sbuf;
2928 char *sharepath = NULL;
2929 char *comment = NULL;
2931 *pp_sharepath = NULL;
2934 *pallow_guest = false;
2937 return USERSHARE_MALFORMED_FILE;
2940 if (strcmp(lines[0], "#VERSION 1") == 0) {
2942 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
2945 return USERSHARE_MALFORMED_FILE;
2948 return USERSHARE_BAD_VERSION;
2951 if (strncmp(lines[1], "path=", 5) != 0) {
2952 return USERSHARE_MALFORMED_PATH;
2955 sharepath = talloc_strdup(ctx, &lines[1][5]);
2957 return USERSHARE_POSIX_ERR;
2959 trim_string(sharepath, " ", " ");
2961 if (strncmp(lines[2], "comment=", 8) != 0) {
2962 return USERSHARE_MALFORMED_COMMENT_DEF;
2965 comment = talloc_strdup(ctx, &lines[2][8]);
2967 return USERSHARE_POSIX_ERR;
2969 trim_string(comment, " ", " ");
2970 trim_char(comment, '"', '"');
2972 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
2973 return USERSHARE_MALFORMED_ACL_DEF;
2976 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
2977 return USERSHARE_ACL_ERR;
2981 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
2982 return USERSHARE_MALFORMED_ACL_DEF;
2984 if (lines[4][9] == 'y') {
2985 *pallow_guest = true;
2988 /* Backwards compatible extension to file version #2. */
2990 if (strncmp(lines[5], "sharename=", 10) != 0) {
2991 return USERSHARE_MALFORMED_SHARENAME_DEF;
2993 if (!strequal(&lines[5][10], servicename)) {
2994 return USERSHARE_BAD_SHARENAME;
2996 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
2997 if (!*pp_cp_servicename) {
2998 return USERSHARE_POSIX_ERR;
3003 if (*pp_cp_servicename == NULL) {
3004 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3005 if (!*pp_cp_servicename) {
3006 return USERSHARE_POSIX_ERR;
3010 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3011 /* Path didn't change, no checks needed. */
3012 *pp_sharepath = sharepath;
3013 *pp_comment = comment;
3014 return USERSHARE_OK;
3017 /* The path *must* be absolute. */
3018 if (sharepath[0] != '/') {
3019 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3020 servicename, sharepath));
3021 return USERSHARE_PATH_NOT_ABSOLUTE;
3024 /* If there is a usershare prefix deny list ensure one of these paths
3025 doesn't match the start of the user given path. */
3026 if (prefixdenylist) {
3028 for ( i=0; prefixdenylist[i]; i++ ) {
3029 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3030 servicename, i, prefixdenylist[i], sharepath ));
3031 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3032 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3033 "usershare prefix deny list entries.\n",
3034 servicename, sharepath));
3035 return USERSHARE_PATH_IS_DENIED;
3040 /* If there is a usershare prefix allow list ensure one of these paths
3041 does match the start of the user given path. */
3043 if (prefixallowlist) {
3045 for ( i=0; prefixallowlist[i]; i++ ) {
3046 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3047 servicename, i, prefixallowlist[i], sharepath ));
3048 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3052 if (prefixallowlist[i] == NULL) {
3053 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3054 "usershare prefix allow list entries.\n",
3055 servicename, sharepath));
3056 return USERSHARE_PATH_NOT_ALLOWED;
3060 /* Ensure this is pointing to a directory. */
3061 dp = opendir(sharepath);
3064 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3065 servicename, sharepath));
3066 return USERSHARE_PATH_NOT_DIRECTORY;
3069 /* Ensure the owner of the usershare file has permission to share
3072 if (sys_stat(sharepath, &sbuf, false) == -1) {
3073 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3074 servicename, sharepath, strerror(errno) ));
3076 return USERSHARE_POSIX_ERR;
3081 if (!S_ISDIR(sbuf.st_ex_mode)) {
3082 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3083 servicename, sharepath ));
3084 return USERSHARE_PATH_NOT_DIRECTORY;
3087 /* Check if sharing is restricted to owner-only. */
3088 /* psbuf is the stat of the usershare definition file,
3089 sbuf is the stat of the target directory to be shared. */
3091 if (lp_usershare_owner_only()) {
3092 /* root can share anything. */
3093 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3094 return USERSHARE_PATH_NOT_ALLOWED;
3098 *pp_sharepath = sharepath;
3099 *pp_comment = comment;
3100 return USERSHARE_OK;
3103 /***************************************************************************
3104 Deal with a usershare file.
3107 -1 - Bad name, invalid contents.
3108 - service name already existed and not a usershare, problem
3109 with permissions to share directory etc.
3110 ***************************************************************************/
3112 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3114 SMB_STRUCT_STAT sbuf;
3115 SMB_STRUCT_STAT lsbuf;
3117 char *sharepath = NULL;
3118 char *comment = NULL;
3119 char *cp_service_name = NULL;
3120 char **lines = NULL;
3124 TALLOC_CTX *ctx = talloc_stackframe();
3125 struct security_descriptor *psd = NULL;
3126 bool guest_ok = false;
3127 char *canon_name = NULL;
3128 bool added_service = false;
3131 /* Ensure share name doesn't contain invalid characters. */
3132 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3133 DEBUG(0,("process_usershare_file: share name %s contains "
3134 "invalid characters (any of %s)\n",
3135 file_name, INVALID_SHARENAME_CHARS ));
3139 canon_name = canonicalize_servicename(ctx, file_name);
3144 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3149 /* Minimize the race condition by doing an lstat before we
3150 open and fstat. Ensure this isn't a symlink link. */
3152 if (sys_lstat(fname, &lsbuf, false) != 0) {
3153 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3154 fname, strerror(errno) ));
3158 /* This must be a regular file, not a symlink, directory or
3159 other strange filetype. */
3160 if (!check_usershare_stat(fname, &lsbuf)) {
3168 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3173 if (NT_STATUS_IS_OK(status) &&
3174 (data.dptr != NULL) &&
3175 (data.dsize == sizeof(iService))) {
3176 memcpy(&iService, data.dptr, sizeof(iService));
3180 if (iService != -1 &&
3181 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3182 &lsbuf.st_ex_mtime) == 0) {
3183 /* Nothing changed - Mark valid and return. */
3184 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3186 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3191 /* Try and open the file read only - no symlinks allowed. */
3193 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3195 fd = open(fname, O_RDONLY, 0);
3199 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3200 fname, strerror(errno) ));
3204 /* Now fstat to be *SURE* it's a regular file. */
3205 if (sys_fstat(fd, &sbuf, false) != 0) {
3207 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3208 fname, strerror(errno) ));
3212 /* Is it the same dev/inode as was lstated ? */
3213 if (!check_same_stat(&lsbuf, &sbuf)) {
3215 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3216 "Symlink spoofing going on ?\n", fname ));
3220 /* This must be a regular file, not a symlink, directory or
3221 other strange filetype. */
3222 if (!check_usershare_stat(fname, &sbuf)) {
3227 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3230 if (lines == NULL) {
3231 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3232 fname, (unsigned int)sbuf.st_ex_uid ));
3236 if (parse_usershare_file(ctx, &sbuf, file_name,
3237 iService, lines, numlines, &sharepath,
3238 &comment, &cp_service_name,
3239 &psd, &guest_ok) != USERSHARE_OK) {
3243 /* Everything ok - add the service possibly using a template. */
3245 const struct loadparm_service *sp = &sDefault;
3246 if (snum_template != -1) {
3247 sp = ServicePtrs[snum_template];
3250 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3251 DEBUG(0, ("process_usershare_file: Failed to add "
3252 "new service %s\n", cp_service_name));
3256 added_service = true;
3258 /* Read only is controlled by usershare ACL below. */
3259 ServicePtrs[iService]->read_only = false;
3262 /* Write the ACL of the new/modified share. */
3263 if (!set_share_security(canon_name, psd)) {
3264 DEBUG(0, ("process_usershare_file: Failed to set share "
3265 "security for user share %s\n",
3270 /* If from a template it may be marked invalid. */
3271 ServicePtrs[iService]->valid = true;
3273 /* Set the service as a valid usershare. */
3274 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3276 /* Set guest access. */
3277 if (lp_usershare_allow_guests()) {
3278 ServicePtrs[iService]->guest_ok = guest_ok;
3281 /* And note when it was loaded. */
3282 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3283 string_set(ServicePtrs[iService], &ServicePtrs[iService]->path, sharepath);
3284 string_set(ServicePtrs[iService], &ServicePtrs[iService]->comment, comment);
3290 if (ret == -1 && iService != -1 && added_service) {
3291 lp_remove_service(iService);
3299 /***************************************************************************
3300 Checks if a usershare entry has been modified since last load.
3301 ***************************************************************************/
3303 static bool usershare_exists(int iService, struct timespec *last_mod)
3305 SMB_STRUCT_STAT lsbuf;
3306 const char *usersharepath = Globals.usershare_path;
3309 fname = talloc_asprintf(talloc_tos(),
3312 ServicePtrs[iService]->szService);
3313 if (fname == NULL) {
3317 if (sys_lstat(fname, &lsbuf, false) != 0) {
3322 if (!S_ISREG(lsbuf.st_ex_mode)) {
3328 *last_mod = lsbuf.st_ex_mtime;
3332 /***************************************************************************
3333 Load a usershare service by name. Returns a valid servicenumber or -1.
3334 ***************************************************************************/
3336 int load_usershare_service(const char *servicename)
3338 SMB_STRUCT_STAT sbuf;
3339 const char *usersharepath = Globals.usershare_path;
3340 int max_user_shares = Globals.usershare_max_shares;
3341 int snum_template = -1;
3343 if (*usersharepath == 0 || max_user_shares == 0) {
3347 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3348 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3349 usersharepath, strerror(errno) ));
3353 if (!S_ISDIR(sbuf.st_ex_mode)) {
3354 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3360 * This directory must be owned by root, and have the 't' bit set.
3361 * It also must not be writable by "other".
3365 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3367 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3369 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3370 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3375 /* Ensure the template share exists if it's set. */
3376 if (Globals.usershare_template_share[0]) {
3377 /* We can't use lp_servicenumber here as we are recommending that
3378 template shares have -valid=false set. */
3379 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3380 if (ServicePtrs[snum_template]->szService &&
3381 strequal(ServicePtrs[snum_template]->szService,
3382 Globals.usershare_template_share)) {
3387 if (snum_template == -1) {
3388 DEBUG(0,("load_usershare_service: usershare template share %s "
3389 "does not exist.\n",
3390 Globals.usershare_template_share ));
3395 return process_usershare_file(usersharepath, servicename, snum_template);
3398 /***************************************************************************
3399 Load all user defined shares from the user share directory.
3400 We only do this if we're enumerating the share list.
3401 This is the function that can delete usershares that have
3403 ***************************************************************************/
3405 int load_usershare_shares(struct smbd_server_connection *sconn,
3406 bool (*snumused) (struct smbd_server_connection *, int))
3409 SMB_STRUCT_STAT sbuf;
3411 int num_usershares = 0;
3412 int max_user_shares = Globals.usershare_max_shares;
3413 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3414 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3415 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3417 int snum_template = -1;
3418 const char *usersharepath = Globals.usershare_path;
3419 int ret = lp_numservices();
3420 TALLOC_CTX *tmp_ctx;
3422 if (max_user_shares == 0 || *usersharepath == '\0') {
3423 return lp_numservices();
3426 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3427 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3428 usersharepath, strerror(errno) ));
3433 * This directory must be owned by root, and have the 't' bit set.
3434 * It also must not be writable by "other".
3438 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3440 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3442 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3443 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3448 /* Ensure the template share exists if it's set. */
3449 if (Globals.usershare_template_share[0]) {
3450 /* We can't use lp_servicenumber here as we are recommending that
3451 template shares have -valid=false set. */
3452 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3453 if (ServicePtrs[snum_template]->szService &&
3454 strequal(ServicePtrs[snum_template]->szService,
3455 Globals.usershare_template_share)) {
3460 if (snum_template == -1) {
3461 DEBUG(0,("load_usershare_shares: usershare template share %s "
3462 "does not exist.\n",
3463 Globals.usershare_template_share ));
3468 /* Mark all existing usershares as pending delete. */
3469 for (iService = iNumServices - 1; iService >= 0; iService--) {
3470 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3471 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3475 dp = opendir(usersharepath);
3477 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3478 usersharepath, strerror(errno) ));
3482 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3484 num_dir_entries++ ) {
3486 const char *n = de->d_name;
3488 /* Ignore . and .. */
3490 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3496 /* Temporary file used when creating a share. */
3497 num_tmp_dir_entries++;
3500 /* Allow 20% tmp entries. */
3501 if (num_tmp_dir_entries > allowed_tmp_entries) {
3502 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3503 "in directory %s\n",
3504 num_tmp_dir_entries, usersharepath));
3508 r = process_usershare_file(usersharepath, n, snum_template);
3510 /* Update the services count. */
3512 if (num_usershares >= max_user_shares) {
3513 DEBUG(0,("load_usershare_shares: max user shares reached "
3514 "on file %s in directory %s\n",
3515 n, usersharepath ));
3518 } else if (r == -1) {
3519 num_bad_dir_entries++;
3522 /* Allow 20% bad entries. */
3523 if (num_bad_dir_entries > allowed_bad_entries) {
3524 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3525 "in directory %s\n",
3526 num_bad_dir_entries, usersharepath));
3530 /* Allow 20% bad entries. */
3531 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3532 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3533 "in directory %s\n",
3534 num_dir_entries, usersharepath));
3541 /* Sweep through and delete any non-refreshed usershares that are
3542 not currently in use. */
3543 tmp_ctx = talloc_stackframe();
3544 for (iService = iNumServices - 1; iService >= 0; iService--) {
3545 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3548 if (snumused && snumused(sconn, iService)) {
3552 servname = lp_servicename(tmp_ctx, iService);
3554 /* Remove from the share ACL db. */
3555 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3557 delete_share_security(servname);
3558 free_service_byindex(iService);
3561 talloc_free(tmp_ctx);
3563 return lp_numservices();
3566 /********************************************************
3567 Destroy global resources allocated in this file
3568 ********************************************************/
3570 void gfree_loadparm(void)
3576 /* Free resources allocated to services */
3578 for ( i = 0; i < iNumServices; i++ ) {
3580 free_service_byindex(i);
3584 TALLOC_FREE( ServicePtrs );
3587 /* Now release all resources allocated to global
3588 parameters and the default service */
3590 free_global_parameters();
3594 /***************************************************************************
3595 Allow client apps to specify that they are a client
3596 ***************************************************************************/
3597 static void lp_set_in_client(bool b)
3603 /***************************************************************************
3604 Determine if we're running in a client app
3605 ***************************************************************************/
3606 static bool lp_is_in_client(void)
3611 static void lp_enforce_ad_dc_settings(void)
3613 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3614 lp_do_parameter(GLOBAL_SECTION_SNUM,
3615 "winbindd:use external pipes", "true");
3616 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3617 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3618 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3619 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3620 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3621 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3622 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3623 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3624 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3627 /***************************************************************************
3628 Load the services array from the services file. Return true on success,
3630 ***************************************************************************/
3632 static bool lp_load_ex(const char *pszFname,
3636 bool reinit_globals,
3637 bool allow_include_registry,
3638 bool load_all_shares)
3642 TALLOC_CTX *frame = talloc_stackframe();
3643 struct loadparm_context *lp_ctx;
3647 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3649 bInGlobalSection = true;
3650 bGlobalOnly = global_only;
3651 bAllowIncludeRegistry = allow_include_registry;
3653 lp_ctx = setup_lp_context(talloc_tos());
3655 init_globals(lp_ctx, reinit_globals);
3659 if (save_defaults) {
3664 if (!reinit_globals) {
3665 free_param_opts(&Globals.param_opt);
3666 apply_lp_set_cmdline();
3669 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
3671 /* We get sections first, so have to start 'behind' to make up */
3674 if (lp_config_backend_is_file()) {
3675 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3676 current_user_info.domain,
3679 smb_panic("lp_load_ex: out of memory");
3682 add_to_file_list(NULL, &file_lists, pszFname, n2);
3684 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3687 /* finish up the last section */
3688 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3690 if (iServiceIndex >= 0) {
3691 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3695 if (lp_config_backend_is_registry()) {
3697 /* config backend changed to registry in config file */
3699 * We need to use this extra global variable here to
3700 * survive restart: init_globals uses this as a default
3701 * for config_backend. Otherwise, init_globals would
3702 * send us into an endless loop here.
3705 config_backend = CONFIG_BACKEND_REGISTRY;
3707 DEBUG(1, ("lp_load_ex: changing to config backend "
3709 init_globals(lp_ctx, true);
3711 TALLOC_FREE(lp_ctx);
3713 lp_kill_all_services();
3714 ok = lp_load_ex(pszFname, global_only, save_defaults,
3715 add_ipc, reinit_globals,
3716 allow_include_registry,
3721 } else if (lp_config_backend_is_registry()) {
3722 bRetval = process_registry_globals();
3724 DEBUG(0, ("Illegal config backend given: %d\n",
3725 lp_config_backend()));
3729 if (bRetval && lp_registry_shares()) {
3730 if (load_all_shares) {
3731 bRetval = process_registry_shares();
3733 bRetval = reload_registry_shares();
3738 char *serv = lp_auto_services(talloc_tos());
3739 lp_add_auto_services(serv);
3744 /* When 'restrict anonymous = 2' guest connections to ipc$
3746 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3747 if ( lp_enable_asu_support() ) {
3748 lp_add_ipc("ADMIN$", false);
3752 set_allowed_client_auth();
3754 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3755 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3756 lp_password_server()));
3761 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3762 /* if we_are_a_wins_server is true and we are in the client */
3763 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3764 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3769 fault_configure(smb_panic_s3);
3772 * We run this check once the whole smb.conf is parsed, to
3773 * force some settings for the standard way a AD DC is
3774 * operated. We may change these as our code evolves, which
3775 * is why we force these settings.
3777 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3778 lp_enforce_ad_dc_settings();
3781 bAllowIncludeRegistry = true;
3787 static bool lp_load(const char *pszFname,
3791 bool reinit_globals)
3793 return lp_load_ex(pszFname,
3798 true, /* allow_include_registry */
3799 false); /* load_all_shares*/
3802 bool lp_load_initial_only(const char *pszFname)
3804 return lp_load_ex(pszFname,
3805 true, /* global only */
3806 true, /* save_defaults */
3807 false, /* add_ipc */
3808 true, /* reinit_globals */
3809 false, /* allow_include_registry */
3810 false); /* load_all_shares*/
3814 * most common lp_load wrapper, loading only the globals
3816 bool lp_load_global(const char *file_name)
3818 return lp_load(file_name,
3819 true, /* global_only */
3820 false, /* save_defaults */
3821 false, /* add_ipc */
3822 true); /* reinit_globals */
3826 * The typical lp_load wrapper with shares, loads global and
3827 * shares, including IPC, but does not force immediate
3828 * loading of all shares from registry.
3830 bool lp_load_with_shares(const char *file_name)
3832 return lp_load(file_name,
3833 false, /* global_only */
3834 false, /* save_defaults */
3836 true); /* reinit_globals */
3840 * lp_load wrapper, especially for clients
3842 bool lp_load_client(const char *file_name)
3844 lp_set_in_client(true);
3846 return lp_load_global(file_name);
3850 * lp_load wrapper, loading only globals, but intended
3851 * for subsequent calls, not reinitializing the globals
3854 bool lp_load_global_no_reinit(const char *file_name)
3856 return lp_load(file_name,
3857 true, /* global_only */
3858 false, /* save_defaults */
3859 false, /* add_ipc */
3860 false); /* reinit_globals */
3864 * lp_load wrapper, loading globals and shares,
3865 * intended for subsequent calls, i.e. not reinitializing
3866 * the globals to default values.
3868 bool lp_load_no_reinit(const char *file_name)
3870 return lp_load(file_name,
3871 false, /* global_only */
3872 false, /* save_defaults */
3873 false, /* add_ipc */
3874 false); /* reinit_globals */
3879 * lp_load wrapper, especially for clients, no reinitialization
3881 bool lp_load_client_no_reinit(const char *file_name)
3883 lp_set_in_client(true);
3885 return lp_load_global_no_reinit(file_name);
3888 bool lp_load_with_registry_shares(const char *pszFname)
3890 return lp_load_ex(pszFname,
3891 false, /* global_only */
3892 true, /* save_defaults */
3893 false, /* add_ipc */
3894 false, /* reinit_globals */
3895 true, /* allow_include_registry */
3896 true); /* load_all_shares*/
3899 /***************************************************************************
3900 Return the max number of services.
3901 ***************************************************************************/
3903 int lp_numservices(void)
3905 return (iNumServices);
3908 /***************************************************************************
3909 Display the contents of the services array in human-readable form.
3910 ***************************************************************************/
3912 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
3915 struct loadparm_context *lp_ctx;
3918 defaults_saved = false;
3920 lp_ctx = setup_lp_context(talloc_tos());
3921 if (lp_ctx == NULL) {
3925 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
3927 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
3929 for (iService = 0; iService < maxtoprint; iService++) {
3931 lp_dump_one(f, show_defaults, iService);
3935 /***************************************************************************
3936 Display the contents of one service in human-readable form.
3937 ***************************************************************************/
3939 void lp_dump_one(FILE * f, bool show_defaults, int snum)
3942 if (ServicePtrs[snum]->szService[0] == '\0')
3944 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
3945 flags_list, show_defaults);
3949 /***************************************************************************
3950 Return the number of the service with the given name, or -1 if it doesn't
3951 exist. Note that this is a DIFFERENT ANIMAL from the internal function
3952 getservicebyname()! This works ONLY if all services have been loaded, and
3953 does not copy the found service.
3954 ***************************************************************************/
3956 int lp_servicenumber(const char *pszServiceName)
3959 fstring serviceName;
3961 if (!pszServiceName) {
3962 return GLOBAL_SECTION_SNUM;
3965 for (iService = iNumServices - 1; iService >= 0; iService--) {
3966 if (VALID(iService) && ServicePtrs[iService]->szService) {
3968 * The substitution here is used to support %U in
3971 fstrcpy(serviceName, ServicePtrs[iService]->szService);
3972 standard_sub_basic(get_current_username(),
3973 current_user_info.domain,
3974 serviceName,sizeof(serviceName));
3975 if (strequal(serviceName, pszServiceName)) {
3981 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
3982 struct timespec last_mod;
3984 if (!usershare_exists(iService, &last_mod)) {
3985 /* Remove the share security tdb entry for it. */
3986 delete_share_security(lp_servicename(talloc_tos(), iService));
3987 /* Remove it from the array. */
3988 free_service_byindex(iService);
3989 /* Doesn't exist anymore. */
3990 return GLOBAL_SECTION_SNUM;
3993 /* Has it been modified ? If so delete and reload. */
3994 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3996 /* Remove it from the array. */
3997 free_service_byindex(iService);
3998 /* and now reload it. */
3999 iService = load_usershare_service(pszServiceName);
4004 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4005 return GLOBAL_SECTION_SNUM;
4011 /*******************************************************************
4012 A useful volume label function.
4013 ********************************************************************/
4015 const char *volume_label(TALLOC_CTX *ctx, int snum)
4018 const char *label = lp_volume(ctx, snum);
4020 label = lp_servicename(ctx, snum);
4023 /* This returns a 33 byte guarenteed null terminated string. */
4024 ret = talloc_strndup(ctx, label, 32);
4031 /*******************************************************************
4032 Get the default server type we will announce as via nmbd.
4033 ********************************************************************/
4035 int lp_default_server_announce(void)
4037 int default_server_announce = 0;
4038 default_server_announce |= SV_TYPE_WORKSTATION;
4039 default_server_announce |= SV_TYPE_SERVER;
4040 default_server_announce |= SV_TYPE_SERVER_UNIX;
4042 /* note that the flag should be set only if we have a
4043 printer service but nmbd doesn't actually load the
4044 services so we can't tell --jerry */
4046 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4048 default_server_announce |= SV_TYPE_SERVER_NT;
4049 default_server_announce |= SV_TYPE_NT;
4051 switch (lp_server_role()) {
4052 case ROLE_DOMAIN_MEMBER:
4053 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4055 case ROLE_DOMAIN_PDC:
4056 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4058 case ROLE_DOMAIN_BDC:
4059 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4061 case ROLE_STANDALONE:
4065 if (lp_time_server())
4066 default_server_announce |= SV_TYPE_TIME_SOURCE;
4068 if (lp_host_msdfs())
4069 default_server_announce |= SV_TYPE_DFS_SERVER;
4071 return default_server_announce;
4074 /***********************************************************
4075 If we are PDC then prefer us as DMB
4076 ************************************************************/
4078 bool lp_domain_master(void)
4080 if (Globals._domain_master == Auto)
4081 return (lp_server_role() == ROLE_DOMAIN_PDC);
4083 return (bool)Globals._domain_master;
4086 /***********************************************************
4087 If we are PDC then prefer us as DMB
4088 ************************************************************/
4090 static bool lp_domain_master_true_or_auto(void)
4092 if (Globals._domain_master) /* auto or yes */
4098 /***********************************************************
4099 If we are DMB then prefer us as LMB
4100 ************************************************************/
4102 bool lp_preferred_master(void)
4104 if (Globals.iPreferredMaster == Auto)
4105 return (lp_local_master() && lp_domain_master());
4107 return (bool)Globals.iPreferredMaster;
4110 /*******************************************************************
4112 ********************************************************************/
4114 void lp_remove_service(int snum)
4116 ServicePtrs[snum]->valid = false;
4119 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4121 const char *ret = lp__printername(ctx, snum);
4122 if (ret == NULL || *ret == '\0') {
4123 ret = lp_const_servicename(snum);
4130 /***********************************************************
4131 Allow daemons such as winbindd to fix their logfile name.
4132 ************************************************************/
4134 void lp_set_logfile(const char *name)
4136 string_set(Globals.ctx, &Globals.logfile, name);
4137 debug_set_logfile(name);
4140 /*******************************************************************
4141 Return the max print jobs per queue.
4142 ********************************************************************/
4144 int lp_maxprintjobs(int snum)
4146 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4147 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4148 maxjobs = PRINT_MAX_JOBID - 1;
4153 const char *lp_printcapname(void)
4155 if ((Globals.szPrintcapname != NULL) &&
4156 (Globals.szPrintcapname[0] != '\0'))
4157 return Globals.szPrintcapname;
4159 if (sDefault.printing == PRINT_CUPS) {
4163 if (sDefault.printing == PRINT_BSD)
4164 return "/etc/printcap";
4166 return PRINTCAP_NAME;
4169 static uint32_t spoolss_state;
4171 bool lp_disable_spoolss( void )
4173 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4174 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4176 return spoolss_state == SVCCTL_STOPPED ? true : false;
4179 void lp_set_spoolss_state( uint32_t state )
4181 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4183 spoolss_state = state;
4186 uint32_t lp_get_spoolss_state( void )
4188 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4191 /*******************************************************************
4192 Ensure we don't use sendfile if server smb signing is active.
4193 ********************************************************************/
4195 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4197 bool sign_active = false;
4199 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4200 if (get_Protocol() < PROTOCOL_NT1) {
4203 if (signing_state) {
4204 sign_active = smb_signing_is_active(signing_state);
4206 return (lp__use_sendfile(snum) &&
4207 (get_remote_arch() != RA_WIN95) &&
4211 /*******************************************************************
4212 Turn off sendfile if we find the underlying OS doesn't support it.
4213 ********************************************************************/
4215 void set_use_sendfile(int snum, bool val)
4217 if (LP_SNUM_OK(snum))
4218 ServicePtrs[snum]->_use_sendfile = val;
4220 sDefault._use_sendfile = val;
4223 /*******************************************************************
4224 Turn off storing DOS attributes if this share doesn't support it.
4225 ********************************************************************/
4227 void set_store_dos_attributes(int snum, bool val)
4229 if (!LP_SNUM_OK(snum))
4231 ServicePtrs[(snum)]->store_dos_attributes = val;
4234 void lp_set_mangling_method(const char *new_method)
4236 string_set(Globals.ctx, &Globals.mangling_method, new_method);
4239 /*******************************************************************
4240 Global state for POSIX pathname processing.
4241 ********************************************************************/
4243 static bool posix_pathnames;
4245 bool lp_posix_pathnames(void)
4247 return posix_pathnames;
4250 /*******************************************************************
4251 Change everything needed to ensure POSIX pathname processing (currently
4253 ********************************************************************/
4255 void lp_set_posix_pathnames(void)
4257 posix_pathnames = true;
4260 /*******************************************************************
4261 Global state for POSIX lock processing - CIFS unix extensions.
4262 ********************************************************************/
4264 bool posix_default_lock_was_set;
4265 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4267 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4269 if (posix_default_lock_was_set) {
4270 return posix_cifsx_locktype;
4272 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
4276 /*******************************************************************
4277 ********************************************************************/
4279 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4281 posix_default_lock_was_set = true;
4282 posix_cifsx_locktype = val;
4285 int lp_min_receive_file_size(void)
4287 if (Globals.iminreceivefile < 0) {
4290 return Globals.iminreceivefile;
4293 /*******************************************************************
4294 Safe wide links checks.
4295 This helper function always verify the validity of wide links,
4296 even after a configuration file reload.
4297 ********************************************************************/
4299 static bool lp_widelinks_internal(int snum)
4301 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4302 sDefault.bWidelinks);
4305 void widelinks_warning(int snum)
4307 if (lp_allow_insecure_wide_links()) {
4311 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4312 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4313 "These parameters are incompatible. "
4314 "Wide links will be disabled for this share.\n",
4315 lp_servicename(talloc_tos(), snum) ));
4319 bool lp_widelinks(int snum)
4321 /* wide links is always incompatible with unix extensions */
4322 if (lp_unix_extensions()) {
4324 * Unless we have "allow insecure widelinks"
4327 if (!lp_allow_insecure_wide_links()) {
4332 return lp_widelinks_internal(snum);
4335 int lp_server_role(void)
4337 return lp_find_server_role(lp__server_role(),
4339 lp__domain_logons(),
4340 lp_domain_master_true_or_auto());
4343 int lp_security(void)
4345 return lp_find_security(lp__server_role(),
4349 int lp_client_max_protocol(void)
4351 int client_max_protocol = lp__client_max_protocol();
4352 if (client_max_protocol == PROTOCOL_DEFAULT) {
4353 return PROTOCOL_NT1;
4355 return client_max_protocol;
4358 int lp_winbindd_max_protocol(void)
4360 int client_max_protocol = lp__client_max_protocol();
4361 if (client_max_protocol == PROTOCOL_DEFAULT) {
4362 return PROTOCOL_LATEST;
4364 return client_max_protocol;
4367 struct loadparm_global * get_globals(void)
4372 unsigned int * get_flags(void)
4374 if (flags_list == NULL) {
4375 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());
git.samba.org / gd / samba-autobuild / .git / blob