2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
73 #include "source4/lib/tls/tls.h"
75 #ifdef HAVE_SYS_SYSCTL_H
76 #include <sys/sysctl.h>
81 extern userdom_struct current_user_info;
83 /* the special value for the include parameter
84 * to be interpreted not as a file name but to
85 * trigger loading of the global smb.conf options
87 #ifndef INCLUDE_REGISTRY_NAME
88 #define INCLUDE_REGISTRY_NAME "registry"
91 static bool in_client = false; /* Not in the client by default */
92 static struct smbconf_csn conf_last_csn;
94 static int config_backend = CONFIG_BACKEND_FILE;
96 /* some helpful bits */
97 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && \
98 (ServicePtrs != NULL) && \
99 (ServicePtrs[(i)] != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) ((ServicePtrs != NULL) && (ServicePtrs[i]!= NULL) && \
101 ServicePtrs[i]->valid)
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
106 static bool defaults_saved = false;
108 #include "lib/param/param_global.h"
110 static struct loadparm_global Globals;
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
118 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .max_print_jobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
189 .administrative_share = false,
192 .print_notify_backchannel = false,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
199 .strict_locking = Auto,
200 .posix_locking = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
204 .mangled_names = MANGLED_NAMES_YES,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_rename = false,
210 .strict_sync = false,
211 .mangling_char = '~',
213 .delete_readonly = false,
214 .fake_oplocks = false,
215 .delete_veto_files = false,
216 .dos_filemode = false,
217 .dos_filetimes = true,
218 .dos_filetime_resolution = false,
219 .fake_directory_create_times = false,
220 .blocking_locks = true,
221 .inherit_permissions = false,
222 .inherit_acls = false,
223 .inherit_owner = false,
225 .msdfs_shuffle_referrals = false,
226 .use_client_driver = false,
227 .default_devmode = true,
228 .force_printername = false,
229 .nt_acl_support = true,
230 .force_unknown_acl_user = false,
231 ._use_sendfile = false,
232 .profile_acls = false,
233 .map_acl_inherit = false,
236 .acl_check_permissions = true,
237 .acl_map_full_control = true,
238 .acl_group_control = false,
239 .acl_allow_execute_always = false,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
260 static unsigned int *flags_list = NULL;
262 static void set_allowed_client_auth(void);
264 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
265 static void free_param_opts(struct parmlist_entry **popts);
268 * Function to return the default value for the maximum number of open
269 * file descriptors permitted. This function tries to consult the
270 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
271 * the smaller of those.
273 static int max_open_files(void)
275 int sysctl_max = MAX_OPEN_FILES;
276 int rlimit_max = MAX_OPEN_FILES;
278 #ifdef HAVE_SYSCTLBYNAME
280 size_t size = sizeof(sysctl_max);
281 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
286 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
292 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
293 rlimit_max = rl.rlim_cur;
295 #if defined(RLIM_INFINITY)
296 if(rl.rlim_cur == RLIM_INFINITY)
297 rlimit_max = MAX_OPEN_FILES;
302 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
303 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
304 "minimum Windows limit (%d)\n",
306 MIN_OPEN_FILES_WINDOWS));
307 sysctl_max = MIN_OPEN_FILES_WINDOWS;
310 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
311 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
312 "minimum Windows limit (%d)\n",
314 MIN_OPEN_FILES_WINDOWS));
315 rlimit_max = MIN_OPEN_FILES_WINDOWS;
318 return MIN(sysctl_max, rlimit_max);
322 * Common part of freeing allocated data for one parameter.
324 static void free_one_parameter_common(void *parm_ptr,
325 struct parm_struct parm)
327 if ((parm.type == P_STRING) ||
328 (parm.type == P_USTRING))
330 lpcfg_string_free((char**)parm_ptr);
331 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
332 TALLOC_FREE(*((char***)parm_ptr));
337 * Free the allocated data for one parameter for a share
338 * given as a service struct.
340 static void free_one_parameter(struct loadparm_service *service,
341 struct parm_struct parm)
345 if (parm.p_class != P_LOCAL) {
349 parm_ptr = lp_parm_ptr(service, &parm);
351 free_one_parameter_common(parm_ptr, parm);
355 * Free the allocated parameter data of a share given
356 * as a service struct.
358 static void free_parameters(struct loadparm_service *service)
362 for (i=0; parm_table[i].label; i++) {
363 free_one_parameter(service, parm_table[i]);
368 * Free the allocated data for one parameter for a given share
369 * specified by an snum.
371 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
376 parm_ptr = lp_parm_ptr(NULL, &parm);
377 } else if (parm.p_class != P_LOCAL) {
380 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
383 free_one_parameter_common(parm_ptr, parm);
387 * Free the allocated parameter data for a share specified
390 static void free_parameters_by_snum(int snum)
394 for (i=0; parm_table[i].label; i++) {
395 free_one_parameter_by_snum(snum, parm_table[i]);
400 * Free the allocated global parameters.
402 static void free_global_parameters(void)
405 struct parm_struct *parm;
407 free_param_opts(&Globals.param_opt);
408 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
410 /* Reset references in the defaults because the context is going to be freed */
411 for (i=0; parm_table[i].label; i++) {
412 parm = &parm_table[i];
413 if ((parm->type == P_STRING) ||
414 (parm->type == P_USTRING)) {
415 if ((parm->def.svalue != NULL) &&
416 (*(parm->def.svalue) != '\0')) {
417 if (talloc_parent(parm->def.svalue) == Globals.ctx) {
418 parm->def.svalue = NULL;
423 TALLOC_FREE(Globals.ctx);
426 struct lp_stored_option {
427 struct lp_stored_option *prev, *next;
432 static struct lp_stored_option *stored_options;
435 save options set by lp_set_cmdline() into a list. This list is
436 re-applied when we do a globals reset, so that cmdline set options
437 are sticky across reloads of smb.conf
439 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
441 struct lp_stored_option *entry, *entry_next;
442 for (entry = stored_options; entry != NULL; entry = entry_next) {
443 entry_next = entry->next;
444 if (strcmp(pszParmName, entry->label) == 0) {
445 DLIST_REMOVE(stored_options, entry);
451 entry = talloc(NULL, struct lp_stored_option);
456 entry->label = talloc_strdup(entry, pszParmName);
462 entry->value = talloc_strdup(entry, pszParmValue);
468 DLIST_ADD_END(stored_options, entry);
473 static bool apply_lp_set_cmdline(void)
475 struct lp_stored_option *entry = NULL;
476 for (entry = stored_options; entry != NULL; entry = entry->next) {
477 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
478 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
479 entry->label, entry->value));
486 /***************************************************************************
487 Initialise the global parameter structure.
488 ***************************************************************************/
490 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
492 static bool done_init = false;
496 /* If requested to initialize only once and we've already done it... */
497 if (!reinit_globals && done_init) {
498 /* ... then we have nothing more to do */
503 /* The logfile can be set before this is invoked. Free it if so. */
504 lpcfg_string_free(&Globals.logfile);
507 free_global_parameters();
510 /* This memset and the free_global_parameters() above will
511 * wipe out smb.conf options set with lp_set_cmdline(). The
512 * apply_lp_set_cmdline() call puts these values back in the
513 * table once the defaults are set */
514 ZERO_STRUCT(Globals);
516 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
518 /* Initialize the flags list if necessary */
519 if (flags_list == NULL) {
523 for (i = 0; parm_table[i].label; i++) {
524 if ((parm_table[i].type == P_STRING ||
525 parm_table[i].type == P_USTRING))
529 (char **)lp_parm_ptr(NULL, &parm_table[i]),
535 lpcfg_string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
536 lpcfg_string_set(Globals.ctx, &sDefault.printjob_username, "%U");
538 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
540 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
542 DEBUG(3, ("Initialising global parameters\n"));
544 /* Must manually force to upper case here, as this does not go via the handler */
545 lpcfg_string_set(Globals.ctx, &Globals.netbios_name,
548 lpcfg_string_set(Globals.ctx, &Globals.smb_passwd_file,
549 get_dyn_SMB_PASSWD_FILE());
550 lpcfg_string_set(Globals.ctx, &Globals.private_dir,
551 get_dyn_PRIVATE_DIR());
553 /* use the new 'hash2' method by default, with a prefix of 1 */
554 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, "hash2");
555 Globals.mangle_prefix = 1;
557 lpcfg_string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
559 /* using UTF8 by default allows us to support all chars */
560 lpcfg_string_set(Globals.ctx, &Globals.unix_charset,
561 DEFAULT_UNIX_CHARSET);
563 /* Use codepage 850 as a default for the dos character set */
564 lpcfg_string_set(Globals.ctx, &Globals.dos_charset,
565 DEFAULT_DOS_CHARSET);
568 * Allow the default PASSWD_CHAT to be overridden in local.h.
570 lpcfg_string_set(Globals.ctx, &Globals.passwd_chat,
571 DEFAULT_PASSWD_CHAT);
573 lpcfg_string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
575 lpcfg_string_set(Globals.ctx, &Globals.passwd_program, "");
576 lpcfg_string_set(Globals.ctx, &Globals.lock_directory,
578 lpcfg_string_set(Globals.ctx, &Globals.state_directory,
580 lpcfg_string_set(Globals.ctx, &Globals.cache_directory,
582 lpcfg_string_set(Globals.ctx, &Globals.pid_directory,
584 lpcfg_string_set(Globals.ctx, &Globals.nbt_client_socket_address,
587 * By default support explicit binding to broadcast
590 Globals.nmbd_bind_explicit_broadcast = true;
592 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
594 smb_panic("init_globals: ENOMEM");
596 lpcfg_string_set(Globals.ctx, &Globals.server_string, s);
599 lpcfg_string_set(Globals.ctx, &Globals.panic_action,
600 "/bin/sleep 999999999");
603 lpcfg_string_set(Globals.ctx, &Globals.socket_options,
604 DEFAULT_SOCKET_OPTIONS);
606 lpcfg_string_set(Globals.ctx, &Globals.logon_drive, "");
607 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
608 lpcfg_string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
609 lpcfg_string_set(Globals.ctx, &Globals.logon_path,
610 "\\\\%N\\%U\\profile");
612 Globals.name_resolve_order = str_list_make_v3_const(NULL, "lmhosts wins host bcast", NULL);
613 lpcfg_string_set(Globals.ctx, &Globals.password_server, "*");
615 Globals.algorithmic_rid_base = BASE_RID;
617 Globals.load_printers = true;
618 Globals.printcap_cache_time = 750; /* 12.5 minutes */
620 Globals.config_backend = config_backend;
621 Globals._server_role = ROLE_AUTO;
623 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
624 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
625 Globals.max_xmit = 0x4104;
626 Globals.max_mux = 50; /* This is *needed* for profile support. */
627 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
628 Globals._disable_spoolss = false;
629 Globals.max_smbd_processes = 0;/* no limit specified */
630 Globals.username_level = 0;
631 Globals.deadtime = 0;
632 Globals.getwd_cache = true;
633 Globals.large_readwrite = true;
634 Globals.max_log_size = 5000;
635 Globals.max_open_files = max_open_files();
636 Globals.server_max_protocol = PROTOCOL_SMB3_11;
637 Globals.server_min_protocol = PROTOCOL_LANMAN1;
638 Globals._client_max_protocol = PROTOCOL_DEFAULT;
639 Globals.client_min_protocol = PROTOCOL_CORE;
640 Globals._client_ipc_max_protocol = PROTOCOL_DEFAULT;
641 Globals._client_ipc_min_protocol = PROTOCOL_DEFAULT;
642 Globals._security = SEC_AUTO;
643 Globals.encrypt_passwords = true;
644 Globals.client_schannel = Auto;
645 Globals.winbind_sealed_pipes = true;
646 Globals.require_strong_key = true;
647 Globals.server_schannel = Auto;
648 Globals.read_raw = true;
649 Globals.write_raw = true;
650 Globals.null_passwords = false;
651 Globals.old_password_allowed_period = 60;
652 Globals.obey_pam_restrictions = false;
654 Globals.syslog_only = false;
655 Globals.timestamp_logs = true;
656 lpcfg_string_set(Globals.ctx, &Globals.log_level, "0");
657 Globals.debug_prefix_timestamp = false;
658 Globals.debug_hires_timestamp = true;
659 Globals.debug_pid = false;
660 Globals.debug_uid = false;
661 Globals.debug_class = false;
662 Globals.enable_core_files = true;
663 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
664 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
665 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
666 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
667 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
668 Globals.lm_interval = 60;
669 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
670 Globals.nis_homedir = false;
671 #ifdef WITH_NISPLUS_HOME
672 lpcfg_string_set(Globals.ctx, &Globals.homedir_map,
673 "auto_home.org_dir");
675 lpcfg_string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
678 Globals.time_server = false;
679 Globals.bind_interfaces_only = false;
680 Globals.unix_password_sync = false;
681 Globals.pam_password_change = false;
682 Globals.passwd_chat_debug = false;
683 Globals.passwd_chat_timeout = 2; /* 2 second default. */
684 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
685 Globals.nt_status_support = true; /* Use NT status by default. */
686 Globals.smbd_profiling_level = 0;
687 Globals.stat_cache = true; /* use stat cache by default */
688 Globals.max_stat_cache_size = 256; /* 256k by default */
689 Globals.restrict_anonymous = 0;
690 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
691 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
692 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
693 Globals.ntlm_auth = false; /* Do NOT use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
694 Globals.raw_ntlmv2_auth = false; /* Reject NTLMv2 without NTLMSSP */
695 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
696 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
698 Globals.allow_dcerpc_auth_level_connect = false; /* we don't allow this by default */
700 Globals.map_to_guest = 0; /* By Default, "Never" */
701 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
702 Globals.enhanced_browsing = true;
703 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
704 #ifdef MMAP_BLACKLIST
705 Globals.use_mmap = false;
707 Globals.use_mmap = true;
709 Globals.unicode = true;
710 Globals.unix_extensions = true;
711 Globals.reset_on_zero_vc = false;
712 Globals.log_writeable_files_on_exit = false;
713 Globals.create_krb5_conf = true;
714 Globals.include_system_krb5_conf = true;
715 Globals._winbind_max_domain_connections = 1;
717 /* hostname lookups can be very expensive and are broken on
718 a large number of sites (tridge) */
719 Globals.hostname_lookups = false;
721 Globals.change_notify = true,
722 Globals.kernel_change_notify = true,
724 lpcfg_string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
725 lpcfg_string_set(Globals.ctx, &Globals.ldap_suffix, "");
726 lpcfg_string_set(Globals.ctx, &Globals._ldap_machine_suffix, "");
727 lpcfg_string_set(Globals.ctx, &Globals._ldap_user_suffix, "");
728 lpcfg_string_set(Globals.ctx, &Globals._ldap_group_suffix, "");
729 lpcfg_string_set(Globals.ctx, &Globals._ldap_idmap_suffix, "");
731 lpcfg_string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
732 Globals.ldap_ssl = LDAP_SSL_START_TLS;
733 Globals.ldap_ssl_ads = false;
734 Globals.ldap_deref = -1;
735 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
736 Globals.ldap_delete_dn = false;
737 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
738 Globals.ldap_follow_referral = Auto;
739 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
740 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
741 Globals.ldap_page_size = LDAP_PAGE_SIZE;
743 Globals.ldap_debug_level = 0;
744 Globals.ldap_debug_threshold = 10;
746 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
748 Globals.ldap_server_require_strong_auth =
749 LDAP_SERVER_REQUIRE_STRONG_AUTH_YES;
751 /* This is what we tell the afs client. in reality we set the token
752 * to never expire, though, when this runs out the afs client will
753 * forget the token. Set to 0 to get NEVERDATE.*/
754 Globals.afs_token_lifetime = 604800;
755 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
757 /* these parameters are set to defaults that are more appropriate
758 for the increasing samba install base:
760 as a member of the workgroup, that will possibly become a
761 _local_ master browser (lm = true). this is opposed to a forced
762 local master browser startup (pm = true).
764 doesn't provide WINS server service by default (wsupp = false),
765 and doesn't provide domain master browser services by default, either.
769 Globals.show_add_printer_wizard = true;
770 Globals.os_level = 20;
771 Globals.local_master = true;
772 Globals._domain_master = Auto; /* depending on _domain_logons */
773 Globals._domain_logons = false;
774 Globals.browse_list = true;
775 Globals.we_are_a_wins_server = false;
776 Globals.wins_proxy = false;
778 TALLOC_FREE(Globals.init_logon_delayed_hosts);
779 Globals.init_logon_delay = 100; /* 100 ms default delay */
781 Globals.wins_dns_proxy = true;
783 Globals.allow_trusted_domains = true;
784 lpcfg_string_set(Globals.ctx, &Globals.idmap_backend, "tdb");
786 lpcfg_string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
787 lpcfg_string_set(Globals.ctx, &Globals.template_homedir,
789 lpcfg_string_set(Globals.ctx, &Globals.winbind_separator, "\\");
790 lpcfg_string_set(Globals.ctx, &Globals.winbindd_socket_directory,
791 dyn_WINBINDD_SOCKET_DIR);
793 lpcfg_string_set(Globals.ctx, &Globals.cups_server, "");
794 lpcfg_string_set(Globals.ctx, &Globals.iprint_server, "");
796 lpcfg_string_set(Globals.ctx, &Globals._ctdbd_socket, "");
798 Globals.cluster_addresses = NULL;
799 Globals.clustering = false;
800 Globals.ctdb_timeout = 0;
801 Globals.ctdb_locktime_warn_threshold = 0;
803 Globals.winbind_cache_time = 300; /* 5 minutes */
804 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
805 Globals.winbind_request_timeout = 60; /* 60 seconds */
806 Globals.winbind_max_clients = 200;
807 Globals.winbind_enum_users = false;
808 Globals.winbind_enum_groups = false;
809 Globals.winbind_use_default_domain = false;
810 Globals.winbind_trusted_domains_only = false;
811 Globals.winbind_nested_groups = true;
812 Globals.winbind_expand_groups = 0;
813 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
814 Globals.winbind_refresh_tickets = false;
815 Globals.winbind_offline_logon = false;
817 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
818 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
820 Globals.passdb_expand_explicit = false;
822 Globals.name_cache_timeout = 660; /* In seconds */
824 Globals.use_spnego = true;
825 Globals.client_use_spnego = true;
827 Globals.client_signing = SMB_SIGNING_DEFAULT;
828 Globals._client_ipc_signing = SMB_SIGNING_DEFAULT;
829 Globals.server_signing = SMB_SIGNING_DEFAULT;
831 Globals.defer_sharing_violations = true;
832 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
834 Globals.enable_privileges = true;
835 Globals.host_msdfs = true;
836 Globals.enable_asu_support = false;
838 /* User defined shares. */
839 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
841 smb_panic("init_globals: ENOMEM");
843 lpcfg_string_set(Globals.ctx, &Globals.usershare_path, s);
845 lpcfg_string_set(Globals.ctx, &Globals.usershare_template_share, "");
846 Globals.usershare_max_shares = 0;
847 /* By default disallow sharing of directories not owned by the sharer. */
848 Globals.usershare_owner_only = true;
849 /* By default disallow guest access to usershares. */
850 Globals.usershare_allow_guests = false;
852 Globals.keepalive = DEFAULT_KEEPALIVE;
854 /* By default no shares out of the registry */
855 Globals.registry_shares = false;
857 Globals.min_receivefile_size = 0;
859 Globals.map_untrusted_to_domain = false;
860 Globals.multicast_dns_register = true;
862 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
863 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
864 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
865 Globals.smb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
866 Globals.smb2_leases = true;
868 lpcfg_string_set(Globals.ctx, &Globals.ncalrpc_dir,
869 get_dyn_NCALRPCDIR());
871 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
873 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
875 Globals.tls_enabled = true;
876 Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE;
878 lpcfg_string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
879 lpcfg_string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
880 lpcfg_string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
881 lpcfg_string_set(Globals.ctx, &Globals.tls_priority,
882 "NORMAL:-VERS-SSL3.0");
884 lpcfg_string_set(Globals.ctx, &Globals.share_backend, "classic");
886 Globals._preferred_master = Auto;
888 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
890 lpcfg_string_set(Globals.ctx, &Globals.ntp_signd_socket_directory,
891 get_dyn_NTP_SIGND_SOCKET_DIR());
893 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
895 smb_panic("init_globals: ENOMEM");
897 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
900 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
902 smb_panic("init_globals: ENOMEM");
904 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
907 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
909 smb_panic("init_globals: ENOMEM");
911 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
914 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
916 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
918 Globals.cldap_port = 389;
920 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
922 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
924 Globals.krb5_port = 88;
926 Globals.kpasswd_port = 464;
928 Globals.web_port = 901;
930 Globals.aio_max_threads = 100;
932 /* Now put back the settings that were set with lp_set_cmdline() */
933 apply_lp_set_cmdline();
936 /* Convenience routine to setup an lp_context with additional s3 variables */
937 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
939 struct loadparm_context *lp_ctx;
941 lp_ctx = loadparm_init_s3(mem_ctx,
942 loadparm_s3_helpers());
943 if (lp_ctx == NULL) {
944 DEBUG(0, ("loadparm_init_s3 failed\n"));
948 lp_ctx->sDefault = &sDefault;
949 lp_ctx->services = NULL; /* We do not want to access this directly */
950 lp_ctx->bInGlobalSection = bInGlobalSection;
951 lp_ctx->flags = flags_list;
956 /*******************************************************************
957 Convenience routine to grab string parameters into talloced memory
958 and run standard_sub_basic on them. The buffers can be written to by
959 callers without affecting the source string.
960 ********************************************************************/
962 char *lp_string(TALLOC_CTX *ctx, const char *s)
966 /* The follow debug is useful for tracking down memory problems
967 especially if you have an inner loop that is calling a lp_*()
968 function that returns a string. Perhaps this debug should be
969 present all the time? */
972 DEBUG(10, ("lp_string(%s)\n", s));
978 ret = talloc_sub_basic(ctx,
979 get_current_username(),
980 current_user_info.domain,
982 if (trim_char(ret, '\"', '\"')) {
983 if (strchr(ret,'\"') != NULL) {
985 ret = talloc_sub_basic(ctx,
986 get_current_username(),
987 current_user_info.domain,
995 In this section all the functions that are used to access the
996 parameters from the rest of the program are defined
999 #define FN_GLOBAL_STRING(fn_name,ptr) \
1000 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1001 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1002 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1003 #define FN_GLOBAL_LIST(fn_name,ptr) \
1004 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1005 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1006 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1007 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1008 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1009 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1010 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1012 #define FN_LOCAL_STRING(fn_name,val) \
1013 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1014 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1015 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1016 #define FN_LOCAL_LIST(fn_name,val) \
1017 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1018 #define FN_LOCAL_BOOL(fn_name,val) \
1019 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1020 #define FN_LOCAL_INTEGER(fn_name,val) \
1021 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1023 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1024 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1025 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1026 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1027 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1028 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1030 int lp_winbind_max_domain_connections(void)
1032 if (lp_winbind_offline_logon() &&
1033 lp__winbind_max_domain_connections() > 1) {
1034 DEBUG(1, ("offline logons active, restricting max domain "
1035 "connections to 1\n"));
1038 return MAX(1, lp__winbind_max_domain_connections());
1041 /* These functions remain in source3/param for now */
1043 #include "lib/param/param_functions.c"
1045 FN_LOCAL_STRING(servicename, szService)
1046 FN_LOCAL_CONST_STRING(const_servicename, szService)
1048 /* These functions cannot be auto-generated */
1049 FN_LOCAL_BOOL(autoloaded, autoloaded)
1050 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1052 /* local prototypes */
1054 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1055 static const char *get_boolean(bool bool_value);
1056 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1058 static bool hash_a_service(const char *name, int number);
1059 static void free_service_byindex(int iService);
1060 static void show_parameter(int parmIndex);
1061 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1062 static bool lp_parameter_value_is_valid(const char *parm_name, const char *val);
1065 * This is a helper function for parametrical options support. It returns a
1066 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1067 * parametrical functions are quite simple
1069 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1072 if (snum >= iNumServices) return NULL;
1075 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1077 return get_parametric_helper(ServicePtrs[snum],
1078 type, option, Globals.param_opt);
1082 static void discard_whitespace(char *str)
1084 size_t len = strlen(str);
1088 if (isspace(str[i])) {
1089 memmove(&str[i], &str[i+1], len-i);
1098 * @brief Go through all global parametric parameters
1100 * @param regex_str A regular expression to scan param for
1101 * @param max_matches Max number of submatches the regexp expects
1102 * @param cb Function to call on match. Should return true
1103 * when it wants wi_scan_global_parametrics to stop
1105 * @param private_data Anonymous pointer passed to cb
1107 * @return 0: success, regcomp/regexec return value on error.
1108 * See "man regexec" for possible errors
1111 int lp_wi_scan_global_parametrics(
1112 const char *regex_str, size_t max_matches,
1113 bool (*cb)(const char *string, regmatch_t matches[],
1114 void *private_data),
1117 struct parmlist_entry *data;
1121 ret = regcomp(®ex, regex_str, REG_ICASE);
1126 for (data = Globals.param_opt; data != NULL; data = data->next) {
1127 size_t keylen = strlen(data->key);
1129 regmatch_t matches[max_matches];
1132 memcpy(key, data->key, sizeof(key));
1133 discard_whitespace(key);
1135 ret = regexec(®ex, key, max_matches, matches, 0);
1136 if (ret == REG_NOMATCH) {
1143 stop = cb(key, matches, private_data);
1156 #define MISSING_PARAMETER(name) \
1157 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1159 /*******************************************************************
1160 convenience routine to return enum parameters.
1161 ********************************************************************/
1162 static int lp_enum(const char *s,const struct enum_list *_enum)
1166 if (!s || !*s || !_enum) {
1167 MISSING_PARAMETER(lp_enum);
1171 for (i=0; _enum[i].name; i++) {
1172 if (strequal(_enum[i].name,s))
1173 return _enum[i].value;
1176 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1180 #undef MISSING_PARAMETER
1182 /* Return parametric option from a given service. Type is a part of option before ':' */
1183 /* Parametric option has following syntax: 'Type: option = value' */
1184 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1186 struct parmlist_entry *data = get_parametrics(snum, type, option);
1188 if (data == NULL||data->value==NULL) {
1190 return lp_string(ctx, def);
1196 return lp_string(ctx, data->value);
1199 /* Return parametric option from a given service. Type is a part of option before ':' */
1200 /* Parametric option has following syntax: 'Type: option = value' */
1201 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1203 struct parmlist_entry *data = get_parametrics(snum, type, option);
1205 if (data == NULL||data->value==NULL)
1212 /* Return parametric option from a given service. Type is a part of option before ':' */
1213 /* Parametric option has following syntax: 'Type: option = value' */
1215 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1217 struct parmlist_entry *data = get_parametrics(snum, type, option);
1219 if (data == NULL||data->value==NULL)
1220 return (const char **)def;
1222 if (data->list==NULL) {
1223 data->list = str_list_make_v3(NULL, data->value, NULL);
1226 return discard_const_p(const char *, data->list);
1229 /* Return parametric option from a given service. Type is a part of option before ':' */
1230 /* Parametric option has following syntax: 'Type: option = value' */
1232 int lp_parm_int(int snum, const char *type, const char *option, int def)
1234 struct parmlist_entry *data = get_parametrics(snum, type, option);
1236 if (data && data->value && *data->value)
1237 return lp_int(data->value);
1242 /* Return parametric option from a given service. Type is a part of option before ':' */
1243 /* Parametric option has following syntax: 'Type: option = value' */
1245 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1247 struct parmlist_entry *data = get_parametrics(snum, type, option);
1249 if (data && data->value && *data->value)
1250 return lp_ulong(data->value);
1255 /* Return parametric option from a given service. Type is a part of option before ':' */
1256 /* Parametric option has following syntax: 'Type: option = value' */
1258 unsigned long long lp_parm_ulonglong(int snum, const char *type,
1259 const char *option, unsigned long long def)
1261 struct parmlist_entry *data = get_parametrics(snum, type, option);
1263 if (data && data->value && *data->value) {
1264 return lp_ulonglong(data->value);
1270 /* Return parametric option from a given service. Type is a part of option
1272 /* Parametric option has following syntax: 'Type: option = value' */
1274 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1276 struct parmlist_entry *data = get_parametrics(snum, type, option);
1278 if (data && data->value && *data->value)
1279 return lp_bool(data->value);
1284 /* Return parametric option from a given service. Type is a part of option before ':' */
1285 /* Parametric option has following syntax: 'Type: option = value' */
1287 int lp_parm_enum(int snum, const char *type, const char *option,
1288 const struct enum_list *_enum, int def)
1290 struct parmlist_entry *data = get_parametrics(snum, type, option);
1292 if (data && data->value && *data->value && _enum)
1293 return lp_enum(data->value, _enum);
1299 * free a param_opts structure.
1300 * param_opts handling should be moved to talloc;
1301 * then this whole functions reduces to a TALLOC_FREE().
1304 static void free_param_opts(struct parmlist_entry **popts)
1306 struct parmlist_entry *opt, *next_opt;
1308 if (*popts != NULL) {
1309 DEBUG(5, ("Freeing parametrics:\n"));
1312 while (opt != NULL) {
1313 lpcfg_string_free(&opt->key);
1314 lpcfg_string_free(&opt->value);
1315 TALLOC_FREE(opt->list);
1316 next_opt = opt->next;
1323 /***************************************************************************
1324 Free the dynamically allocated parts of a service struct.
1325 ***************************************************************************/
1327 static void free_service(struct loadparm_service *pservice)
1332 if (pservice->szService)
1333 DEBUG(5, ("free_service: Freeing service %s\n",
1334 pservice->szService));
1336 free_parameters(pservice);
1338 lpcfg_string_free(&pservice->szService);
1339 TALLOC_FREE(pservice->copymap);
1341 free_param_opts(&pservice->param_opt);
1343 ZERO_STRUCTP(pservice);
1347 /***************************************************************************
1348 remove a service indexed in the ServicePtrs array from the ServiceHash
1349 and free the dynamically allocated parts
1350 ***************************************************************************/
1352 static void free_service_byindex(int idx)
1354 if ( !LP_SNUM_OK(idx) )
1357 ServicePtrs[idx]->valid = false;
1359 /* we have to cleanup the hash record */
1361 if (ServicePtrs[idx]->szService) {
1362 char *canon_name = canonicalize_servicename(
1364 ServicePtrs[idx]->szService );
1366 dbwrap_delete_bystring(ServiceHash, canon_name );
1367 TALLOC_FREE(canon_name);
1370 free_service(ServicePtrs[idx]);
1371 TALLOC_FREE(ServicePtrs[idx]);
1374 /***************************************************************************
1375 Add a new service to the services array initialising it with the given
1377 ***************************************************************************/
1379 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1382 struct loadparm_service **tsp = NULL;
1384 /* it might already exist */
1386 i = getservicebyname(name, NULL);
1392 /* Re use empty slots if any before allocating new one.*/
1393 for (i=0; i < iNumServices; i++) {
1394 if (ServicePtrs[i] == NULL) {
1398 if (i == iNumServices) {
1399 /* if not, then create one */
1400 tsp = talloc_realloc(NULL, ServicePtrs,
1401 struct loadparm_service *,
1404 DEBUG(0, ("add_a_service: failed to enlarge "
1411 ServicePtrs[i] = talloc_zero(ServicePtrs, struct loadparm_service);
1412 if (!ServicePtrs[i]) {
1413 DEBUG(0,("add_a_service: out of memory!\n"));
1417 ServicePtrs[i]->valid = true;
1419 copy_service(ServicePtrs[i], pservice, NULL);
1421 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->szService,
1424 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1425 i, ServicePtrs[i]->szService));
1427 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1434 /***************************************************************************
1435 Convert a string to uppercase and remove whitespaces.
1436 ***************************************************************************/
1438 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1443 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1447 result = talloc_strdup(ctx, src);
1448 SMB_ASSERT(result != NULL);
1450 if (!strlower_m(result)) {
1451 TALLOC_FREE(result);
1457 /***************************************************************************
1458 Add a name/index pair for the services array to the hash table.
1459 ***************************************************************************/
1461 static bool hash_a_service(const char *name, int idx)
1465 if ( !ServiceHash ) {
1466 DEBUG(10,("hash_a_service: creating servicehash\n"));
1467 ServiceHash = db_open_rbt(NULL);
1468 if ( !ServiceHash ) {
1469 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1474 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1477 canon_name = canonicalize_servicename(talloc_tos(), name );
1479 dbwrap_store_bystring(ServiceHash, canon_name,
1480 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1483 TALLOC_FREE(canon_name);
1488 /***************************************************************************
1489 Add a new home service, with the specified home directory, defaults coming
1491 ***************************************************************************/
1493 bool lp_add_home(const char *pszHomename, int iDefaultService,
1494 const char *user, const char *pszHomedir)
1498 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1499 pszHomedir[0] == '\0') {
1503 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1508 if (!(*(ServicePtrs[iDefaultService]->path))
1509 || strequal(ServicePtrs[iDefaultService]->path,
1510 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1511 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path,
1515 if (!(*(ServicePtrs[i]->comment))) {
1516 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1517 if (comment == NULL) {
1520 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment,
1522 TALLOC_FREE(comment);
1525 /* set the browseable flag from the global default */
1527 ServicePtrs[i]->browseable = sDefault.browseable;
1528 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1530 ServicePtrs[i]->autoloaded = true;
1532 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1533 user, ServicePtrs[i]->path ));
1538 /***************************************************************************
1539 Add a new service, based on an old one.
1540 ***************************************************************************/
1542 int lp_add_service(const char *pszService, int iDefaultService)
1544 if (iDefaultService < 0) {
1545 return add_a_service(&sDefault, pszService);
1548 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1551 /***************************************************************************
1552 Add the IPC service.
1553 ***************************************************************************/
1555 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1557 char *comment = NULL;
1558 int i = add_a_service(&sDefault, ipc_name);
1563 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1564 Globals.server_string);
1565 if (comment == NULL) {
1569 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1570 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1571 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1572 ServicePtrs[i]->max_connections = 0;
1573 ServicePtrs[i]->available = true;
1574 ServicePtrs[i]->read_only = true;
1575 ServicePtrs[i]->guest_only = false;
1576 ServicePtrs[i]->administrative_share = true;
1577 ServicePtrs[i]->guest_ok = guest_ok;
1578 ServicePtrs[i]->printable = false;
1579 ServicePtrs[i]->browseable = sDefault.browseable;
1580 ServicePtrs[i]->autoloaded = true;
1582 DEBUG(3, ("adding IPC service\n"));
1584 TALLOC_FREE(comment);
1588 /***************************************************************************
1589 Add a new printer service, with defaults coming from service iFrom.
1590 ***************************************************************************/
1592 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1594 const char *comment = "From Printcap";
1595 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1600 /* note that we do NOT default the availability flag to true - */
1601 /* we take it from the default service passed. This allows all */
1602 /* dynamic printers to be disabled by disabling the [printers] */
1603 /* entry (if/when the 'available' keyword is implemented!). */
1605 /* the printer name is set to the service name. */
1606 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->_printername,
1608 lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1610 /* set the browseable flag from the gloabl default */
1611 ServicePtrs[i]->browseable = sDefault.browseable;
1613 /* Printers cannot be read_only. */
1614 ServicePtrs[i]->read_only = false;
1615 /* No oplocks on printer services. */
1616 ServicePtrs[i]->oplocks = false;
1617 /* Printer services must be printable. */
1618 ServicePtrs[i]->printable = true;
1620 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1626 /***************************************************************************
1627 Check whether the given parameter name is valid.
1628 Parametric options (names containing a colon) are considered valid.
1629 ***************************************************************************/
1631 bool lp_parameter_is_valid(const char *pszParmName)
1633 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1634 (strchr(pszParmName, ':') != NULL));
1637 /***************************************************************************
1638 Check whether the given name is the name of a global parameter.
1639 Returns true for strings belonging to parameters of class
1640 P_GLOBAL, false for all other strings, also for parametric options
1641 and strings not belonging to any option.
1642 ***************************************************************************/
1644 bool lp_parameter_is_global(const char *pszParmName)
1646 int num = lpcfg_map_parameter(pszParmName);
1649 return (parm_table[num].p_class == P_GLOBAL);
1655 /**************************************************************************
1656 Determine the canonical name for a parameter.
1657 Indicate when it is an inverse (boolean) synonym instead of a
1659 **************************************************************************/
1661 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1666 if (!lp_parameter_is_valid(parm_name)) {
1671 num = map_parameter_canonical(parm_name, inverse);
1673 /* parametric option */
1674 *canon_parm = parm_name;
1676 *canon_parm = parm_table[num].label;
1683 /**************************************************************************
1684 Determine the canonical name for a parameter.
1685 Turn the value given into the inverse boolean expression when
1686 the synonym is an invers boolean synonym.
1689 - parm_name is a valid parameter name and
1690 - val is a valid value for this parameter and
1691 - in case the parameter is an inverse boolean synonym, if the val
1692 string could successfully be converted to the reverse bool.
1693 Return false in all other cases.
1694 **************************************************************************/
1696 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1698 const char **canon_parm,
1699 const char **canon_val)
1705 if (!lp_parameter_is_valid(parm_name)) {
1711 num = map_parameter_canonical(parm_name, &inverse);
1713 /* parametric option */
1714 *canon_parm = parm_name;
1719 *canon_parm = parm_table[num].label;
1721 if (!lp_invert_boolean(val, canon_val)) {
1729 ret = lp_parameter_value_is_valid(*canon_parm, *canon_val);
1734 /***************************************************************************
1735 Map a parameter's string representation to the index of the canonical
1736 form of the parameter (it might be a synonym).
1737 Returns -1 if the parameter string is not recognised.
1738 ***************************************************************************/
1740 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1742 int parm_num, canon_num;
1743 bool loc_inverse = false;
1745 parm_num = lpcfg_map_parameter(pszParmName);
1746 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1747 /* invalid, parametric or no canidate for synonyms ... */
1751 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1752 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1753 parm_num = canon_num;
1759 if (inverse != NULL) {
1760 *inverse = loc_inverse;
1765 /***************************************************************************
1766 return true if parameter number parm1 is a synonym of parameter
1767 number parm2 (parm2 being the principal name).
1768 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1770 ***************************************************************************/
1772 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1774 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1775 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1776 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1777 !(parm_table[parm2].flags & FLAG_SYNONYM))
1779 if (inverse != NULL) {
1780 if ((parm_table[parm1].type == P_BOOLREV) &&
1781 (parm_table[parm2].type == P_BOOL))
1793 /***************************************************************************
1794 Show one parameter's name, type, [values,] and flags.
1795 (helper functions for show_parameter_list)
1796 ***************************************************************************/
1798 static void show_parameter(int parmIndex)
1800 int enumIndex, flagIndex;
1805 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1806 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1807 "P_ENUM", "P_BYTES", "P_CMDLIST" };
1808 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1809 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1811 printf("%s=%s", parm_table[parmIndex].label,
1812 type[parm_table[parmIndex].type]);
1813 if (parm_table[parmIndex].type == P_ENUM) {
1816 parm_table[parmIndex].enum_list[enumIndex].name;
1820 enumIndex ? "|" : "",
1821 parm_table[parmIndex].enum_list[enumIndex].name);
1826 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1827 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1830 flag_names[flagIndex]);
1835 /* output synonyms */
1837 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1838 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1839 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1840 parm_table[parmIndex2].label);
1841 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1843 printf(" (synonyms: ");
1848 printf("%s%s", parm_table[parmIndex2].label,
1849 inverse ? "[i]" : "");
1860 * Check the value for a P_ENUM
1862 static bool check_enum_parameter(struct parm_struct *parm, const char *value)
1866 for (i = 0; parm->enum_list[i].name; i++) {
1867 if (strwicmp(value, parm->enum_list[i].name) == 0) {
1874 /**************************************************************************
1875 Check whether the given value is valid for the given parameter name.
1876 **************************************************************************/
1878 static bool lp_parameter_value_is_valid(const char *parm_name, const char *val)
1880 bool ret = false, tmp_bool;
1881 int num = lpcfg_map_parameter(parm_name), tmp_int;
1882 uint64_t tmp_int64 = 0;
1883 struct parm_struct *parm;
1885 /* parametric options (parameter names containing a colon) cannot
1886 be checked and are therefore considered valid. */
1887 if (strchr(parm_name, ':') != NULL) {
1892 parm = &parm_table[num];
1893 switch (parm->type) {
1896 ret = set_boolean(val, &tmp_bool);
1900 ret = (sscanf(val, "%d", &tmp_int) == 1);
1904 ret = (sscanf(val, "%o", &tmp_int) == 1);
1908 ret = check_enum_parameter(parm, val);
1912 if (conv_str_size_error(val, &tmp_int64) &&
1913 tmp_int64 <= INT_MAX) {
1930 /***************************************************************************
1931 Show all parameter's name, type, [values,] and flags.
1932 ***************************************************************************/
1934 void show_parameter_list(void)
1936 int classIndex, parmIndex;
1937 const char *section_names[] = { "local", "global", NULL};
1939 for (classIndex=0; section_names[classIndex]; classIndex++) {
1940 printf("[%s]\n", section_names[classIndex]);
1941 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1942 if (parm_table[parmIndex].p_class == classIndex) {
1943 show_parameter(parmIndex);
1949 /***************************************************************************
1950 Get the standard string representation of a boolean value ("yes" or "no")
1951 ***************************************************************************/
1953 static const char *get_boolean(bool bool_value)
1955 static const char *yes_str = "yes";
1956 static const char *no_str = "no";
1958 return (bool_value ? yes_str : no_str);
1961 /***************************************************************************
1962 Provide the string of the negated boolean value associated to the boolean
1963 given as a string. Returns false if the passed string does not correctly
1964 represent a boolean.
1965 ***************************************************************************/
1967 bool lp_invert_boolean(const char *str, const char **inverse_str)
1971 if (!set_boolean(str, &val)) {
1975 *inverse_str = get_boolean(!val);
1979 /***************************************************************************
1980 Provide the canonical string representation of a boolean value given
1981 as a string. Return true on success, false if the string given does
1982 not correctly represent a boolean.
1983 ***************************************************************************/
1985 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1989 if (!set_boolean(str, &val)) {
1993 *canon_str = get_boolean(val);
1997 /***************************************************************************
1998 Find a service by name. Otherwise works like get_service.
1999 ***************************************************************************/
2001 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
2008 if (ServiceHash == NULL) {
2012 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
2014 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
2017 if (NT_STATUS_IS_OK(status) &&
2018 (data.dptr != NULL) &&
2019 (data.dsize == sizeof(iService)))
2021 memcpy(&iService, data.dptr, sizeof(iService));
2024 TALLOC_FREE(canon_name);
2026 if ((iService != -1) && (LP_SNUM_OK(iService))
2027 && (pserviceDest != NULL)) {
2028 copy_service(pserviceDest, ServicePtrs[iService], NULL);
2034 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
2035 struct loadparm_service *lp_service(const char *pszServiceName)
2037 int iService = getservicebyname(pszServiceName, NULL);
2038 if (iService == -1 || !LP_SNUM_OK(iService)) {
2041 return ServicePtrs[iService];
2044 struct loadparm_service *lp_servicebynum(int snum)
2046 if ((snum == -1) || !LP_SNUM_OK(snum)) {
2049 return ServicePtrs[snum];
2052 struct loadparm_service *lp_default_loadparm_service()
2057 static struct smbconf_ctx *lp_smbconf_ctx(void)
2060 static struct smbconf_ctx *conf_ctx = NULL;
2062 if (conf_ctx == NULL) {
2063 err = smbconf_init(NULL, &conf_ctx, "registry:");
2064 if (!SBC_ERROR_IS_OK(err)) {
2065 DEBUG(1, ("error initializing registry configuration: "
2066 "%s\n", sbcErrorString(err)));
2074 static bool process_smbconf_service(struct smbconf_service *service)
2079 if (service == NULL) {
2083 ret = lp_do_section(service->name, NULL);
2087 for (count = 0; count < service->num_params; count++) {
2089 if (!bInGlobalSection && bGlobalOnly) {
2092 const char *pszParmName = service->param_names[count];
2093 const char *pszParmValue = service->param_values[count];
2095 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2097 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2098 pszParmName, pszParmValue);
2105 if (iServiceIndex >= 0) {
2106 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2112 * load a service from registry and activate it
2114 bool process_registry_service(const char *service_name)
2117 struct smbconf_service *service = NULL;
2118 TALLOC_CTX *mem_ctx = talloc_stackframe();
2119 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2122 if (conf_ctx == NULL) {
2126 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2128 if (!smbconf_share_exists(conf_ctx, service_name)) {
2130 * Registry does not contain data for this service (yet),
2131 * but make sure lp_load doesn't return false.
2137 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2138 if (!SBC_ERROR_IS_OK(err)) {
2142 ret = process_smbconf_service(service);
2148 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2151 TALLOC_FREE(mem_ctx);
2156 * process_registry_globals
2158 static bool process_registry_globals(void)
2162 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2164 if (!bInGlobalSection && bGlobalOnly) {
2167 const char *pszParmName = "registry shares";
2168 const char *pszParmValue = "yes";
2170 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2172 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2173 pszParmName, pszParmValue);
2180 return process_registry_service(GLOBAL_NAME);
2183 bool process_registry_shares(void)
2187 struct smbconf_service **service = NULL;
2188 uint32_t num_shares = 0;
2189 TALLOC_CTX *mem_ctx = talloc_stackframe();
2190 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2193 if (conf_ctx == NULL) {
2197 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2198 if (!SBC_ERROR_IS_OK(err)) {
2204 for (count = 0; count < num_shares; count++) {
2205 if (strequal(service[count]->name, GLOBAL_NAME)) {
2208 ret = process_smbconf_service(service[count]);
2215 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2218 TALLOC_FREE(mem_ctx);
2223 * reload those shares from registry that are already
2224 * activated in the services array.
2226 static bool reload_registry_shares(void)
2231 for (i = 0; i < iNumServices; i++) {
2236 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2240 ret = process_registry_service(ServicePtrs[i]->szService);
2251 #define MAX_INCLUDE_DEPTH 100
2253 static uint8_t include_depth;
2256 * Free the file lists
2258 static void free_file_list(void)
2260 struct file_lists *f;
2261 struct file_lists *next;
2274 * Utility function for outsiders to check if we're running on registry.
2276 bool lp_config_backend_is_registry(void)
2278 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2282 * Utility function to check if the config backend is FILE.
2284 bool lp_config_backend_is_file(void)
2286 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2289 /*******************************************************************
2290 Check if a config file has changed date.
2291 ********************************************************************/
2293 bool lp_file_list_changed(void)
2295 struct file_lists *f = file_lists;
2297 DEBUG(6, ("lp_file_list_changed()\n"));
2300 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2301 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2303 if (conf_ctx == NULL) {
2306 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2309 DEBUGADD(6, ("registry config changed\n"));
2316 n2 = talloc_sub_basic(talloc_tos(),
2317 get_current_username(),
2318 current_user_info.domain,
2323 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2324 f->name, n2, ctime(&f->modtime)));
2326 mod_time = file_modtime(n2);
2329 ((f->modtime != mod_time) ||
2330 (f->subfname == NULL) ||
2331 (strcmp(n2, f->subfname) != 0)))
2334 ("file %s modified: %s\n", n2,
2336 f->modtime = mod_time;
2337 TALLOC_FREE(f->subfname);
2338 f->subfname = talloc_strdup(f, n2);
2339 if (f->subfname == NULL) {
2340 smb_panic("talloc_strdup failed");
2354 * Initialize iconv conversion descriptors.
2356 * This is called the first time it is needed, and also called again
2357 * every time the configuration is reloaded, because the charset or
2358 * codepage might have changed.
2360 static void init_iconv(void)
2362 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2364 true, global_iconv_handle);
2367 /***************************************************************************
2368 Handle the include operation.
2369 ***************************************************************************/
2370 static bool bAllowIncludeRegistry = true;
2372 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2373 const char *pszParmValue, char **ptr)
2377 if (include_depth >= MAX_INCLUDE_DEPTH) {
2378 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2383 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2384 if (!bAllowIncludeRegistry) {
2387 if (lp_ctx->bInGlobalSection) {
2390 ret = process_registry_globals();
2394 DEBUG(1, ("\"include = registry\" only effective "
2395 "in %s section\n", GLOBAL_NAME));
2400 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2401 current_user_info.domain,
2404 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2406 if (service == NULL) {
2407 lpcfg_string_set(Globals.ctx, ptr, fname);
2409 lpcfg_string_set(service, ptr, fname);
2412 if (file_exist(fname)) {
2415 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2421 DEBUG(2, ("Can't find include file %s\n", fname));
2426 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2428 char *config_option = NULL;
2429 const char *range = NULL;
2432 SMB_ASSERT(low != NULL);
2433 SMB_ASSERT(high != NULL);
2435 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2439 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2441 if (config_option == NULL) {
2442 DEBUG(0, ("out of memory\n"));
2446 range = lp_parm_const_string(-1, config_option, "range", NULL);
2447 if (range == NULL) {
2448 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2452 if (sscanf(range, "%u - %u", low, high) != 2) {
2453 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2454 range, domain_name));
2461 talloc_free(config_option);
2466 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2468 return lp_idmap_range("*", low, high);
2471 const char *lp_idmap_backend(const char *domain_name)
2473 char *config_option = NULL;
2474 const char *backend = NULL;
2476 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2480 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2482 if (config_option == NULL) {
2483 DEBUG(0, ("out of memory\n"));
2487 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2488 if (backend == NULL) {
2489 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2494 talloc_free(config_option);
2498 const char *lp_idmap_default_backend(void)
2500 return lp_idmap_backend("*");
2503 /***************************************************************************
2504 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2505 ***************************************************************************/
2507 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2509 const char *suffix_string;
2511 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2512 Globals.ldap_suffix );
2513 if ( !suffix_string ) {
2514 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2518 return suffix_string;
2521 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2523 if (Globals._ldap_machine_suffix[0])
2524 return append_ldap_suffix(ctx, Globals._ldap_machine_suffix);
2526 return lp_string(ctx, Globals.ldap_suffix);
2529 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2531 if (Globals._ldap_user_suffix[0])
2532 return append_ldap_suffix(ctx, Globals._ldap_user_suffix);
2534 return lp_string(ctx, Globals.ldap_suffix);
2537 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2539 if (Globals._ldap_group_suffix[0])
2540 return append_ldap_suffix(ctx, Globals._ldap_group_suffix);
2542 return lp_string(ctx, Globals.ldap_suffix);
2545 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2547 if (Globals._ldap_idmap_suffix[0])
2548 return append_ldap_suffix(ctx, Globals._ldap_idmap_suffix);
2550 return lp_string(ctx, Globals.ldap_suffix);
2554 return the parameter pointer for a parameter
2556 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2558 if (service == NULL) {
2559 if (parm->p_class == P_LOCAL)
2560 return (void *)(((char *)&sDefault)+parm->offset);
2561 else if (parm->p_class == P_GLOBAL)
2562 return (void *)(((char *)&Globals)+parm->offset);
2565 return (void *)(((char *)service) + parm->offset);
2569 /***************************************************************************
2570 Process a parameter for a particular service number. If snum < 0
2571 then assume we are in the globals.
2572 ***************************************************************************/
2574 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2576 TALLOC_CTX *frame = talloc_stackframe();
2577 struct loadparm_context *lp_ctx;
2580 lp_ctx = setup_lp_context(frame);
2581 if (lp_ctx == NULL) {
2587 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2589 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2590 pszParmName, pszParmValue);
2598 /***************************************************************************
2599 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2600 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2601 ***************************************************************************/
2603 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2606 parmnum = lpcfg_map_parameter(pszParmName);
2608 flags_list[parmnum] &= ~FLAG_CMDLINE;
2609 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2612 flags_list[parmnum] |= FLAG_CMDLINE;
2614 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2615 * be grouped in the table, so we don't have to search the
2618 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2619 && parm_table[i].p_class == parm_table[parmnum].p_class;
2621 flags_list[i] |= FLAG_CMDLINE;
2623 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2624 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2625 flags_list[i] |= FLAG_CMDLINE;
2631 /* it might be parametric */
2632 if (strchr(pszParmName, ':') != NULL) {
2633 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2637 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2641 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2644 TALLOC_CTX *frame = talloc_stackframe();
2645 struct loadparm_context *lp_ctx;
2647 lp_ctx = setup_lp_context(frame);
2648 if (lp_ctx == NULL) {
2653 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2659 /***************************************************************************
2660 Process a parameter.
2661 ***************************************************************************/
2663 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2666 if (!bInGlobalSection && bGlobalOnly)
2669 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2671 if (bInGlobalSection) {
2672 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2674 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2675 pszParmName, pszParmValue);
2679 /***************************************************************************
2680 Initialize any local variables in the sDefault table, after parsing a
2682 ***************************************************************************/
2684 static void init_locals(void)
2687 * We run this check once the [globals] is parsed, to force
2688 * the VFS objects and other per-share settings we need for
2689 * the standard way a AD DC is operated. We may change these
2690 * as our code evolves, which is why we force these settings.
2692 * We can't do this at the end of lp_load_ex(), as by that
2693 * point the services have been loaded and they will already
2694 * have "" as their vfs objects.
2696 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2697 const char **vfs_objects = lp_vfs_objects(-1);
2698 if (!vfs_objects || !vfs_objects[0]) {
2699 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2700 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2701 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2702 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2704 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2708 lp_do_parameter(-1, "map hidden", "no");
2709 lp_do_parameter(-1, "map system", "no");
2710 lp_do_parameter(-1, "map readonly", "no");
2711 lp_do_parameter(-1, "map archive", "no");
2712 lp_do_parameter(-1, "store dos attributes", "yes");
2716 /***************************************************************************
2717 Process a new section (service). At this stage all sections are services.
2718 Later we'll have special sections that permit server parameters to be set.
2719 Returns true on success, false on failure.
2720 ***************************************************************************/
2722 bool lp_do_section(const char *pszSectionName, void *userdata)
2724 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2726 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2727 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2730 /* if we were in a global section then do the local inits */
2731 if (bInGlobalSection && !isglobal)
2734 /* if we've just struck a global section, note the fact. */
2735 bInGlobalSection = isglobal;
2736 if (lp_ctx != NULL) {
2737 lp_ctx->bInGlobalSection = isglobal;
2740 /* check for multiple global sections */
2741 if (bInGlobalSection) {
2742 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2746 if (!bInGlobalSection && bGlobalOnly)
2749 /* if we have a current service, tidy it up before moving on */
2752 if (iServiceIndex >= 0)
2753 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2755 /* if all is still well, move to the next record in the services array */
2757 /* We put this here to avoid an odd message order if messages are */
2758 /* issued by the post-processing of a previous section. */
2759 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2761 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2762 if (iServiceIndex < 0) {
2763 DEBUG(0, ("Failed to add a new service\n"));
2766 /* Clean all parametric options for service */
2767 /* They will be added during parsing again */
2768 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2774 /***************************************************************************
2775 Display the contents of a parameter of a single services record.
2776 ***************************************************************************/
2778 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2780 bool result = false;
2781 struct loadparm_context *lp_ctx;
2783 lp_ctx = setup_lp_context(talloc_tos());
2784 if (lp_ctx == NULL) {
2789 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2791 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2793 TALLOC_FREE(lp_ctx);
2798 /***************************************************************************
2799 Display the contents of a single copy structure.
2800 ***************************************************************************/
2801 static void dump_copy_map(bool *pcopymap)
2807 printf("\n\tNon-Copied parameters:\n");
2809 for (i = 0; parm_table[i].label; i++)
2810 if (parm_table[i].p_class == P_LOCAL &&
2811 parm_table[i].ptr && !pcopymap[i] &&
2812 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2814 printf("\t\t%s\n", parm_table[i].label);
2819 /***************************************************************************
2820 Return TRUE if the passed service number is within range.
2821 ***************************************************************************/
2823 bool lp_snum_ok(int iService)
2825 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->available);
2828 /***************************************************************************
2829 Auto-load some home services.
2830 ***************************************************************************/
2832 static void lp_add_auto_services(char *str)
2842 s = talloc_strdup(talloc_tos(), str);
2844 smb_panic("talloc_strdup failed");
2848 homes = lp_servicenumber(HOMES_NAME);
2850 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2851 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2854 if (lp_servicenumber(p) >= 0)
2857 home = get_user_home_dir(talloc_tos(), p);
2859 if (home && home[0] && homes >= 0)
2860 lp_add_home(p, homes, p, home);
2867 /***************************************************************************
2868 Auto-load one printer.
2869 ***************************************************************************/
2871 void lp_add_one_printer(const char *name, const char *comment,
2872 const char *location, void *pdata)
2874 int printers = lp_servicenumber(PRINTERS_NAME);
2877 if (lp_servicenumber(name) < 0) {
2878 lp_add_printer(name, printers);
2879 if ((i = lp_servicenumber(name)) >= 0) {
2880 lpcfg_string_set(ServicePtrs[i],
2881 &ServicePtrs[i]->comment, comment);
2882 ServicePtrs[i]->autoloaded = true;
2887 /***************************************************************************
2888 Have we loaded a services file yet?
2889 ***************************************************************************/
2891 bool lp_loaded(void)
2896 /***************************************************************************
2897 Unload unused services.
2898 ***************************************************************************/
2900 void lp_killunused(struct smbd_server_connection *sconn,
2901 bool (*snumused) (struct smbd_server_connection *, int))
2904 for (i = 0; i < iNumServices; i++) {
2908 /* don't kill autoloaded or usershare services */
2909 if ( ServicePtrs[i]->autoloaded ||
2910 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2914 if (!snumused || !snumused(sconn, i)) {
2915 free_service_byindex(i);
2921 * Kill all except autoloaded and usershare services - convenience wrapper
2923 void lp_kill_all_services(void)
2925 lp_killunused(NULL, NULL);
2928 /***************************************************************************
2930 ***************************************************************************/
2932 void lp_killservice(int iServiceIn)
2934 if (VALID(iServiceIn)) {
2935 free_service_byindex(iServiceIn);
2939 /***************************************************************************
2940 Save the curent values of all global and sDefault parameters into the
2941 defaults union. This allows testparm to show only the
2942 changed (ie. non-default) parameters.
2943 ***************************************************************************/
2945 static void lp_save_defaults(void)
2948 struct parmlist_entry * parm;
2949 for (i = 0; parm_table[i].label; i++) {
2950 if (!(flags_list[i] & FLAG_CMDLINE)) {
2951 flags_list[i] |= FLAG_DEFAULT;
2954 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2955 && parm_table[i].p_class == parm_table[i - 1].p_class)
2957 switch (parm_table[i].type) {
2960 parm_table[i].def.lvalue = str_list_copy(
2961 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2967 &parm_table[i].def.svalue,
2968 *(char **)lp_parm_ptr(
2969 NULL, &parm_table[i]));
2970 if (parm_table[i].def.svalue == NULL) {
2971 smb_panic("lpcfg_string_set() failed");
2976 parm_table[i].def.bvalue =
2977 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2980 parm_table[i].def.cvalue =
2981 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2987 parm_table[i].def.ivalue =
2988 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2993 for (parm=Globals.param_opt; parm; parm=parm->next) {
2994 if (!(parm->priority & FLAG_CMDLINE)) {
2995 parm->priority |= FLAG_DEFAULT;
2999 for (parm=sDefault.param_opt; parm; parm=parm->next) {
3000 if (!(parm->priority & FLAG_CMDLINE)) {
3001 parm->priority |= FLAG_DEFAULT;
3005 defaults_saved = true;
3008 /***********************************************************
3009 If we should send plaintext/LANMAN passwords in the clinet
3010 ************************************************************/
3012 static void set_allowed_client_auth(void)
3014 if (Globals.client_ntlmv2_auth) {
3015 Globals.client_lanman_auth = false;
3017 if (!Globals.client_lanman_auth) {
3018 Globals.client_plaintext_auth = false;
3022 /***************************************************************************
3024 The following code allows smbd to read a user defined share file.
3025 Yes, this is my intent. Yes, I'm comfortable with that...
3027 THE FOLLOWING IS SECURITY CRITICAL CODE.
3029 It washes your clothes, it cleans your house, it guards you while you sleep...
3030 Do not f%^k with it....
3031 ***************************************************************************/
3033 #define MAX_USERSHARE_FILE_SIZE (10*1024)
3035 /***************************************************************************
3036 Check allowed stat state of a usershare file.
3037 Ensure we print out who is dicking with us so the admin can
3038 get their sorry ass fired.
3039 ***************************************************************************/
3041 static bool check_usershare_stat(const char *fname,
3042 const SMB_STRUCT_STAT *psbuf)
3044 if (!S_ISREG(psbuf->st_ex_mode)) {
3045 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3046 "not a regular file\n",
3047 fname, (unsigned int)psbuf->st_ex_uid ));
3051 /* Ensure this doesn't have the other write bit set. */
3052 if (psbuf->st_ex_mode & S_IWOTH) {
3053 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
3054 "public write. Refusing to allow as a usershare file.\n",
3055 fname, (unsigned int)psbuf->st_ex_uid ));
3059 /* Should be 10k or less. */
3060 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
3061 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3062 "too large (%u) to be a user share file.\n",
3063 fname, (unsigned int)psbuf->st_ex_uid,
3064 (unsigned int)psbuf->st_ex_size ));
3071 /***************************************************************************
3072 Parse the contents of a usershare file.
3073 ***************************************************************************/
3075 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3076 SMB_STRUCT_STAT *psbuf,
3077 const char *servicename,
3081 char **pp_sharepath,
3083 char **pp_cp_servicename,
3084 struct security_descriptor **ppsd,
3087 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3088 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3091 SMB_STRUCT_STAT sbuf;
3092 char *sharepath = NULL;
3093 char *comment = NULL;
3095 *pp_sharepath = NULL;
3098 *pallow_guest = false;
3101 return USERSHARE_MALFORMED_FILE;
3104 if (strcmp(lines[0], "#VERSION 1") == 0) {
3106 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3109 return USERSHARE_MALFORMED_FILE;
3112 return USERSHARE_BAD_VERSION;
3115 if (strncmp(lines[1], "path=", 5) != 0) {
3116 return USERSHARE_MALFORMED_PATH;
3119 sharepath = talloc_strdup(ctx, &lines[1][5]);
3121 return USERSHARE_POSIX_ERR;
3123 trim_string(sharepath, " ", " ");
3125 if (strncmp(lines[2], "comment=", 8) != 0) {
3126 return USERSHARE_MALFORMED_COMMENT_DEF;
3129 comment = talloc_strdup(ctx, &lines[2][8]);
3131 return USERSHARE_POSIX_ERR;
3133 trim_string(comment, " ", " ");
3134 trim_char(comment, '"', '"');
3136 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3137 return USERSHARE_MALFORMED_ACL_DEF;
3140 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3141 return USERSHARE_ACL_ERR;
3145 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3146 return USERSHARE_MALFORMED_ACL_DEF;
3148 if (lines[4][9] == 'y') {
3149 *pallow_guest = true;
3152 /* Backwards compatible extension to file version #2. */
3154 if (strncmp(lines[5], "sharename=", 10) != 0) {
3155 return USERSHARE_MALFORMED_SHARENAME_DEF;
3157 if (!strequal(&lines[5][10], servicename)) {
3158 return USERSHARE_BAD_SHARENAME;
3160 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3161 if (!*pp_cp_servicename) {
3162 return USERSHARE_POSIX_ERR;
3167 if (*pp_cp_servicename == NULL) {
3168 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3169 if (!*pp_cp_servicename) {
3170 return USERSHARE_POSIX_ERR;
3174 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3175 /* Path didn't change, no checks needed. */
3176 *pp_sharepath = sharepath;
3177 *pp_comment = comment;
3178 return USERSHARE_OK;
3181 /* The path *must* be absolute. */
3182 if (sharepath[0] != '/') {
3183 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3184 servicename, sharepath));
3185 return USERSHARE_PATH_NOT_ABSOLUTE;
3188 /* If there is a usershare prefix deny list ensure one of these paths
3189 doesn't match the start of the user given path. */
3190 if (prefixdenylist) {
3192 for ( i=0; prefixdenylist[i]; i++ ) {
3193 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3194 servicename, i, prefixdenylist[i], sharepath ));
3195 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3196 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3197 "usershare prefix deny list entries.\n",
3198 servicename, sharepath));
3199 return USERSHARE_PATH_IS_DENIED;
3204 /* If there is a usershare prefix allow list ensure one of these paths
3205 does match the start of the user given path. */
3207 if (prefixallowlist) {
3209 for ( i=0; prefixallowlist[i]; i++ ) {
3210 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3211 servicename, i, prefixallowlist[i], sharepath ));
3212 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3216 if (prefixallowlist[i] == NULL) {
3217 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3218 "usershare prefix allow list entries.\n",
3219 servicename, sharepath));
3220 return USERSHARE_PATH_NOT_ALLOWED;
3224 /* Ensure this is pointing to a directory. */
3225 dp = opendir(sharepath);
3228 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3229 servicename, sharepath));
3230 return USERSHARE_PATH_NOT_DIRECTORY;
3233 /* Ensure the owner of the usershare file has permission to share
3236 if (sys_stat(sharepath, &sbuf, false) == -1) {
3237 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3238 servicename, sharepath, strerror(errno) ));
3240 return USERSHARE_POSIX_ERR;
3245 if (!S_ISDIR(sbuf.st_ex_mode)) {
3246 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3247 servicename, sharepath ));
3248 return USERSHARE_PATH_NOT_DIRECTORY;
3251 /* Check if sharing is restricted to owner-only. */
3252 /* psbuf is the stat of the usershare definition file,
3253 sbuf is the stat of the target directory to be shared. */
3255 if (lp_usershare_owner_only()) {
3256 /* root can share anything. */
3257 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3258 return USERSHARE_PATH_NOT_ALLOWED;
3262 *pp_sharepath = sharepath;
3263 *pp_comment = comment;
3264 return USERSHARE_OK;
3267 /***************************************************************************
3268 Deal with a usershare file.
3271 -1 - Bad name, invalid contents.
3272 - service name already existed and not a usershare, problem
3273 with permissions to share directory etc.
3274 ***************************************************************************/
3276 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3278 SMB_STRUCT_STAT sbuf;
3279 SMB_STRUCT_STAT lsbuf;
3281 char *sharepath = NULL;
3282 char *comment = NULL;
3283 char *cp_service_name = NULL;
3284 char **lines = NULL;
3288 TALLOC_CTX *ctx = talloc_stackframe();
3289 struct security_descriptor *psd = NULL;
3290 bool guest_ok = false;
3291 char *canon_name = NULL;
3292 bool added_service = false;
3295 /* Ensure share name doesn't contain invalid characters. */
3296 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3297 DEBUG(0,("process_usershare_file: share name %s contains "
3298 "invalid characters (any of %s)\n",
3299 file_name, INVALID_SHARENAME_CHARS ));
3303 canon_name = canonicalize_servicename(ctx, file_name);
3308 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3313 /* Minimize the race condition by doing an lstat before we
3314 open and fstat. Ensure this isn't a symlink link. */
3316 if (sys_lstat(fname, &lsbuf, false) != 0) {
3317 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3318 fname, strerror(errno) ));
3322 /* This must be a regular file, not a symlink, directory or
3323 other strange filetype. */
3324 if (!check_usershare_stat(fname, &lsbuf)) {
3332 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3337 if (NT_STATUS_IS_OK(status) &&
3338 (data.dptr != NULL) &&
3339 (data.dsize == sizeof(iService))) {
3340 memcpy(&iService, data.dptr, sizeof(iService));
3344 if (iService != -1 &&
3345 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3346 &lsbuf.st_ex_mtime) == 0) {
3347 /* Nothing changed - Mark valid and return. */
3348 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3350 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3355 /* Try and open the file read only - no symlinks allowed. */
3357 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3359 fd = open(fname, O_RDONLY, 0);
3363 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3364 fname, strerror(errno) ));
3368 /* Now fstat to be *SURE* it's a regular file. */
3369 if (sys_fstat(fd, &sbuf, false) != 0) {
3371 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3372 fname, strerror(errno) ));
3376 /* Is it the same dev/inode as was lstated ? */
3377 if (!check_same_stat(&lsbuf, &sbuf)) {
3379 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3380 "Symlink spoofing going on ?\n", fname ));
3384 /* This must be a regular file, not a symlink, directory or
3385 other strange filetype. */
3386 if (!check_usershare_stat(fname, &sbuf)) {
3391 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3394 if (lines == NULL) {
3395 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3396 fname, (unsigned int)sbuf.st_ex_uid ));
3400 if (parse_usershare_file(ctx, &sbuf, file_name,
3401 iService, lines, numlines, &sharepath,
3402 &comment, &cp_service_name,
3403 &psd, &guest_ok) != USERSHARE_OK) {
3407 /* Everything ok - add the service possibly using a template. */
3409 const struct loadparm_service *sp = &sDefault;
3410 if (snum_template != -1) {
3411 sp = ServicePtrs[snum_template];
3414 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3415 DEBUG(0, ("process_usershare_file: Failed to add "
3416 "new service %s\n", cp_service_name));
3420 added_service = true;
3422 /* Read only is controlled by usershare ACL below. */
3423 ServicePtrs[iService]->read_only = false;
3426 /* Write the ACL of the new/modified share. */
3427 if (!set_share_security(canon_name, psd)) {
3428 DEBUG(0, ("process_usershare_file: Failed to set share "
3429 "security for user share %s\n",
3434 /* If from a template it may be marked invalid. */
3435 ServicePtrs[iService]->valid = true;
3437 /* Set the service as a valid usershare. */
3438 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3440 /* Set guest access. */
3441 if (lp_usershare_allow_guests()) {
3442 ServicePtrs[iService]->guest_ok = guest_ok;
3445 /* And note when it was loaded. */
3446 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3447 lpcfg_string_set(ServicePtrs[iService], &ServicePtrs[iService]->path,
3449 lpcfg_string_set(ServicePtrs[iService],
3450 &ServicePtrs[iService]->comment, comment);
3456 if (ret == -1 && iService != -1 && added_service) {
3457 lp_remove_service(iService);
3465 /***************************************************************************
3466 Checks if a usershare entry has been modified since last load.
3467 ***************************************************************************/
3469 static bool usershare_exists(int iService, struct timespec *last_mod)
3471 SMB_STRUCT_STAT lsbuf;
3472 const char *usersharepath = Globals.usershare_path;
3475 fname = talloc_asprintf(talloc_tos(),
3478 ServicePtrs[iService]->szService);
3479 if (fname == NULL) {
3483 if (sys_lstat(fname, &lsbuf, false) != 0) {
3488 if (!S_ISREG(lsbuf.st_ex_mode)) {
3494 *last_mod = lsbuf.st_ex_mtime;
3498 /***************************************************************************
3499 Load a usershare service by name. Returns a valid servicenumber or -1.
3500 ***************************************************************************/
3502 int load_usershare_service(const char *servicename)
3504 SMB_STRUCT_STAT sbuf;
3505 const char *usersharepath = Globals.usershare_path;
3506 int max_user_shares = Globals.usershare_max_shares;
3507 int snum_template = -1;
3509 if (*usersharepath == 0 || max_user_shares == 0) {
3513 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3514 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3515 usersharepath, strerror(errno) ));
3519 if (!S_ISDIR(sbuf.st_ex_mode)) {
3520 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3526 * This directory must be owned by root, and have the 't' bit set.
3527 * It also must not be writable by "other".
3531 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3533 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3535 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3536 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3541 /* Ensure the template share exists if it's set. */
3542 if (Globals.usershare_template_share[0]) {
3543 /* We can't use lp_servicenumber here as we are recommending that
3544 template shares have -valid=false set. */
3545 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3546 if (ServicePtrs[snum_template]->szService &&
3547 strequal(ServicePtrs[snum_template]->szService,
3548 Globals.usershare_template_share)) {
3553 if (snum_template == -1) {
3554 DEBUG(0,("load_usershare_service: usershare template share %s "
3555 "does not exist.\n",
3556 Globals.usershare_template_share ));
3561 return process_usershare_file(usersharepath, servicename, snum_template);
3564 /***************************************************************************
3565 Load all user defined shares from the user share directory.
3566 We only do this if we're enumerating the share list.
3567 This is the function that can delete usershares that have
3569 ***************************************************************************/
3571 int load_usershare_shares(struct smbd_server_connection *sconn,
3572 bool (*snumused) (struct smbd_server_connection *, int))
3575 SMB_STRUCT_STAT sbuf;
3577 int num_usershares = 0;
3578 int max_user_shares = Globals.usershare_max_shares;
3579 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3580 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3581 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3583 int snum_template = -1;
3584 const char *usersharepath = Globals.usershare_path;
3585 int ret = lp_numservices();
3586 TALLOC_CTX *tmp_ctx;
3588 if (max_user_shares == 0 || *usersharepath == '\0') {
3589 return lp_numservices();
3592 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3593 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3594 usersharepath, strerror(errno) ));
3599 * This directory must be owned by root, and have the 't' bit set.
3600 * It also must not be writable by "other".
3604 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3606 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3608 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3609 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3614 /* Ensure the template share exists if it's set. */
3615 if (Globals.usershare_template_share[0]) {
3616 /* We can't use lp_servicenumber here as we are recommending that
3617 template shares have -valid=false set. */
3618 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3619 if (ServicePtrs[snum_template]->szService &&
3620 strequal(ServicePtrs[snum_template]->szService,
3621 Globals.usershare_template_share)) {
3626 if (snum_template == -1) {
3627 DEBUG(0,("load_usershare_shares: usershare template share %s "
3628 "does not exist.\n",
3629 Globals.usershare_template_share ));
3634 /* Mark all existing usershares as pending delete. */
3635 for (iService = iNumServices - 1; iService >= 0; iService--) {
3636 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3637 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3641 dp = opendir(usersharepath);
3643 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3644 usersharepath, strerror(errno) ));
3648 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3650 num_dir_entries++ ) {
3652 const char *n = de->d_name;
3654 /* Ignore . and .. */
3656 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3662 /* Temporary file used when creating a share. */
3663 num_tmp_dir_entries++;
3666 /* Allow 20% tmp entries. */
3667 if (num_tmp_dir_entries > allowed_tmp_entries) {
3668 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3669 "in directory %s\n",
3670 num_tmp_dir_entries, usersharepath));
3674 r = process_usershare_file(usersharepath, n, snum_template);
3676 /* Update the services count. */
3678 if (num_usershares >= max_user_shares) {
3679 DEBUG(0,("load_usershare_shares: max user shares reached "
3680 "on file %s in directory %s\n",
3681 n, usersharepath ));
3684 } else if (r == -1) {
3685 num_bad_dir_entries++;
3688 /* Allow 20% bad entries. */
3689 if (num_bad_dir_entries > allowed_bad_entries) {
3690 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3691 "in directory %s\n",
3692 num_bad_dir_entries, usersharepath));
3696 /* Allow 20% bad entries. */
3697 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3698 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3699 "in directory %s\n",
3700 num_dir_entries, usersharepath));
3707 /* Sweep through and delete any non-refreshed usershares that are
3708 not currently in use. */
3709 tmp_ctx = talloc_stackframe();
3710 for (iService = iNumServices - 1; iService >= 0; iService--) {
3711 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3714 if (snumused && snumused(sconn, iService)) {
3718 servname = lp_servicename(tmp_ctx, iService);
3720 /* Remove from the share ACL db. */
3721 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3723 delete_share_security(servname);
3724 free_service_byindex(iService);
3727 talloc_free(tmp_ctx);
3729 return lp_numservices();
3732 /********************************************************
3733 Destroy global resources allocated in this file
3734 ********************************************************/
3736 void gfree_loadparm(void)
3742 /* Free resources allocated to services */
3744 for ( i = 0; i < iNumServices; i++ ) {
3746 free_service_byindex(i);
3750 TALLOC_FREE( ServicePtrs );
3753 /* Now release all resources allocated to global
3754 parameters and the default service */
3756 free_global_parameters();
3760 /***************************************************************************
3761 Allow client apps to specify that they are a client
3762 ***************************************************************************/
3763 static void lp_set_in_client(bool b)
3769 /***************************************************************************
3770 Determine if we're running in a client app
3771 ***************************************************************************/
3772 static bool lp_is_in_client(void)
3777 static void lp_enforce_ad_dc_settings(void)
3779 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3780 lp_do_parameter(GLOBAL_SECTION_SNUM,
3781 "winbindd:use external pipes", "true");
3782 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3783 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3784 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3785 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3786 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3787 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3788 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3789 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3790 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3793 /***************************************************************************
3794 Load the services array from the services file. Return true on success,
3796 ***************************************************************************/
3798 static bool lp_load_ex(const char *pszFname,
3802 bool reinit_globals,
3803 bool allow_include_registry,
3804 bool load_all_shares)
3808 TALLOC_CTX *frame = talloc_stackframe();
3809 struct loadparm_context *lp_ctx;
3813 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3815 bInGlobalSection = true;
3816 bGlobalOnly = global_only;
3817 bAllowIncludeRegistry = allow_include_registry;
3819 lp_ctx = setup_lp_context(talloc_tos());
3821 init_globals(lp_ctx, reinit_globals);
3825 if (save_defaults) {
3830 if (!reinit_globals) {
3831 free_param_opts(&Globals.param_opt);
3832 apply_lp_set_cmdline();
3835 lp_do_parameter(-1, "idmap config * : backend", Globals.idmap_backend);
3837 /* We get sections first, so have to start 'behind' to make up */
3840 if (lp_config_backend_is_file()) {
3841 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3842 current_user_info.domain,
3845 smb_panic("lp_load_ex: out of memory");
3848 add_to_file_list(NULL, &file_lists, pszFname, n2);
3850 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3853 /* finish up the last section */
3854 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3856 if (iServiceIndex >= 0) {
3857 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3861 if (lp_config_backend_is_registry()) {
3863 /* config backend changed to registry in config file */
3865 * We need to use this extra global variable here to
3866 * survive restart: init_globals uses this as a default
3867 * for config_backend. Otherwise, init_globals would
3868 * send us into an endless loop here.
3871 config_backend = CONFIG_BACKEND_REGISTRY;
3873 DEBUG(1, ("lp_load_ex: changing to config backend "
3875 init_globals(lp_ctx, true);
3877 TALLOC_FREE(lp_ctx);
3879 lp_kill_all_services();
3880 ok = lp_load_ex(pszFname, global_only, save_defaults,
3881 add_ipc, reinit_globals,
3882 allow_include_registry,
3887 } else if (lp_config_backend_is_registry()) {
3888 bRetval = process_registry_globals();
3890 DEBUG(0, ("Illegal config backend given: %d\n",
3891 lp_config_backend()));
3895 if (bRetval && lp_registry_shares()) {
3896 if (load_all_shares) {
3897 bRetval = process_registry_shares();
3899 bRetval = reload_registry_shares();
3904 char *serv = lp_auto_services(talloc_tos());
3905 lp_add_auto_services(serv);
3910 /* When 'restrict anonymous = 2' guest connections to ipc$
3912 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3913 if ( lp_enable_asu_support() ) {
3914 lp_add_ipc("ADMIN$", false);
3918 set_allowed_client_auth();
3920 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3921 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3922 lp_password_server()));
3927 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3928 /* if we_are_a_wins_server is true and we are in the client */
3929 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3930 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3935 fault_configure(smb_panic_s3);
3938 * We run this check once the whole smb.conf is parsed, to
3939 * force some settings for the standard way a AD DC is
3940 * operated. We may change these as our code evolves, which
3941 * is why we force these settings.
3943 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3944 lp_enforce_ad_dc_settings();
3947 bAllowIncludeRegistry = true;
3953 static bool lp_load(const char *pszFname,
3957 bool reinit_globals)
3959 return lp_load_ex(pszFname,
3964 true, /* allow_include_registry */
3965 false); /* load_all_shares*/
3968 bool lp_load_initial_only(const char *pszFname)
3970 return lp_load_ex(pszFname,
3971 true, /* global only */
3972 true, /* save_defaults */
3973 false, /* add_ipc */
3974 true, /* reinit_globals */
3975 false, /* allow_include_registry */
3976 false); /* load_all_shares*/
3980 * most common lp_load wrapper, loading only the globals
3982 * If this is used in a daemon or client utility it should be called
3983 * after processing popt.
3985 bool lp_load_global(const char *file_name)
3987 return lp_load(file_name,
3988 true, /* global_only */
3989 false, /* save_defaults */
3990 false, /* add_ipc */
3991 true); /* reinit_globals */
3995 * The typical lp_load wrapper with shares, loads global and
3996 * shares, including IPC, but does not force immediate
3997 * loading of all shares from registry.
3999 bool lp_load_with_shares(const char *file_name)
4001 return lp_load(file_name,
4002 false, /* global_only */
4003 false, /* save_defaults */
4005 true); /* reinit_globals */
4009 * lp_load wrapper, especially for clients
4011 bool lp_load_client(const char *file_name)
4013 lp_set_in_client(true);
4015 return lp_load_global(file_name);
4019 * lp_load wrapper, loading only globals, but intended
4020 * for subsequent calls, not reinitializing the globals
4023 bool lp_load_global_no_reinit(const char *file_name)
4025 return lp_load(file_name,
4026 true, /* global_only */
4027 false, /* save_defaults */
4028 false, /* add_ipc */
4029 false); /* reinit_globals */
4033 * lp_load wrapper, loading globals and shares,
4034 * intended for subsequent calls, i.e. not reinitializing
4035 * the globals to default values.
4037 bool lp_load_no_reinit(const char *file_name)
4039 return lp_load(file_name,
4040 false, /* global_only */
4041 false, /* save_defaults */
4042 false, /* add_ipc */
4043 false); /* reinit_globals */
4048 * lp_load wrapper, especially for clients, no reinitialization
4050 bool lp_load_client_no_reinit(const char *file_name)
4052 lp_set_in_client(true);
4054 return lp_load_global_no_reinit(file_name);
4057 bool lp_load_with_registry_shares(const char *pszFname)
4059 return lp_load_ex(pszFname,
4060 false, /* global_only */
4061 true, /* save_defaults */
4062 false, /* add_ipc */
4063 false, /* reinit_globals */
4064 true, /* allow_include_registry */
4065 true); /* load_all_shares*/
4068 /***************************************************************************
4069 Return the max number of services.
4070 ***************************************************************************/
4072 int lp_numservices(void)
4074 return (iNumServices);
4077 /***************************************************************************
4078 Display the contents of the services array in human-readable form.
4079 ***************************************************************************/
4081 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4084 struct loadparm_context *lp_ctx;
4087 defaults_saved = false;
4089 lp_ctx = setup_lp_context(talloc_tos());
4090 if (lp_ctx == NULL) {
4094 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
4096 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
4098 for (iService = 0; iService < maxtoprint; iService++) {
4100 lp_dump_one(f, show_defaults, iService);
4104 /***************************************************************************
4105 Display the contents of one service in human-readable form.
4106 ***************************************************************************/
4108 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4111 if (ServicePtrs[snum]->szService[0] == '\0')
4113 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
4114 flags_list, show_defaults);
4118 /***************************************************************************
4119 Return the number of the service with the given name, or -1 if it doesn't
4120 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4121 getservicebyname()! This works ONLY if all services have been loaded, and
4122 does not copy the found service.
4123 ***************************************************************************/
4125 int lp_servicenumber(const char *pszServiceName)
4128 fstring serviceName;
4130 if (!pszServiceName) {
4131 return GLOBAL_SECTION_SNUM;
4134 for (iService = iNumServices - 1; iService >= 0; iService--) {
4135 if (VALID(iService) && ServicePtrs[iService]->szService) {
4137 * The substitution here is used to support %U in
4140 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4141 standard_sub_basic(get_current_username(),
4142 current_user_info.domain,
4143 serviceName,sizeof(serviceName));
4144 if (strequal(serviceName, pszServiceName)) {
4150 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4151 struct timespec last_mod;
4153 if (!usershare_exists(iService, &last_mod)) {
4154 /* Remove the share security tdb entry for it. */
4155 delete_share_security(lp_servicename(talloc_tos(), iService));
4156 /* Remove it from the array. */
4157 free_service_byindex(iService);
4158 /* Doesn't exist anymore. */
4159 return GLOBAL_SECTION_SNUM;
4162 /* Has it been modified ? If so delete and reload. */
4163 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4165 /* Remove it from the array. */
4166 free_service_byindex(iService);
4167 /* and now reload it. */
4168 iService = load_usershare_service(pszServiceName);
4173 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4174 return GLOBAL_SECTION_SNUM;
4180 /*******************************************************************
4181 A useful volume label function.
4182 ********************************************************************/
4184 const char *volume_label(TALLOC_CTX *ctx, int snum)
4187 const char *label = lp_volume(ctx, snum);
4189 label = lp_servicename(ctx, snum);
4192 /* This returns a 33 byte guarenteed null terminated string. */
4193 ret = talloc_strndup(ctx, label, 32);
4200 /*******************************************************************
4201 Get the default server type we will announce as via nmbd.
4202 ********************************************************************/
4204 int lp_default_server_announce(void)
4206 int default_server_announce = 0;
4207 default_server_announce |= SV_TYPE_WORKSTATION;
4208 default_server_announce |= SV_TYPE_SERVER;
4209 default_server_announce |= SV_TYPE_SERVER_UNIX;
4211 /* note that the flag should be set only if we have a
4212 printer service but nmbd doesn't actually load the
4213 services so we can't tell --jerry */
4215 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4217 default_server_announce |= SV_TYPE_SERVER_NT;
4218 default_server_announce |= SV_TYPE_NT;
4220 switch (lp_server_role()) {
4221 case ROLE_DOMAIN_MEMBER:
4222 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4224 case ROLE_DOMAIN_PDC:
4225 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4227 case ROLE_DOMAIN_BDC:
4228 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4230 case ROLE_STANDALONE:
4234 if (lp_time_server())
4235 default_server_announce |= SV_TYPE_TIME_SOURCE;
4237 if (lp_host_msdfs())
4238 default_server_announce |= SV_TYPE_DFS_SERVER;
4240 return default_server_announce;
4243 /***********************************************************
4244 If we are PDC then prefer us as DMB
4245 ************************************************************/
4247 bool lp_domain_master(void)
4249 if (Globals._domain_master == Auto)
4250 return (lp_server_role() == ROLE_DOMAIN_PDC);
4252 return (bool)Globals._domain_master;
4255 /***********************************************************
4256 If we are PDC then prefer us as DMB
4257 ************************************************************/
4259 static bool lp_domain_master_true_or_auto(void)
4261 if (Globals._domain_master) /* auto or yes */
4267 /***********************************************************
4268 If we are DMB then prefer us as LMB
4269 ************************************************************/
4271 bool lp_preferred_master(void)
4273 int preferred_master = lp__preferred_master();
4275 if (preferred_master == Auto)
4276 return (lp_local_master() && lp_domain_master());
4278 return (bool)preferred_master;
4281 /*******************************************************************
4283 ********************************************************************/
4285 void lp_remove_service(int snum)
4287 ServicePtrs[snum]->valid = false;
4290 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4292 const char *ret = lp__printername(ctx, snum);
4293 if (ret == NULL || *ret == '\0') {
4294 ret = lp_const_servicename(snum);
4301 /***********************************************************
4302 Allow daemons such as winbindd to fix their logfile name.
4303 ************************************************************/
4305 void lp_set_logfile(const char *name)
4307 lpcfg_string_set(Globals.ctx, &Globals.logfile, name);
4308 debug_set_logfile(name);
4311 /*******************************************************************
4312 Return the max print jobs per queue.
4313 ********************************************************************/
4315 int lp_maxprintjobs(int snum)
4317 int maxjobs = lp_max_print_jobs(snum);
4319 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4320 maxjobs = PRINT_MAX_JOBID - 1;
4325 const char *lp_printcapname(void)
4327 const char *printcap_name = lp_printcap_name();
4329 if ((printcap_name != NULL) &&
4330 (printcap_name[0] != '\0'))
4331 return printcap_name;
4333 if (sDefault.printing == PRINT_CUPS) {
4337 if (sDefault.printing == PRINT_BSD)
4338 return "/etc/printcap";
4340 return PRINTCAP_NAME;
4343 static uint32_t spoolss_state;
4345 bool lp_disable_spoolss( void )
4347 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4348 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4350 return spoolss_state == SVCCTL_STOPPED ? true : false;
4353 void lp_set_spoolss_state( uint32_t state )
4355 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4357 spoolss_state = state;
4360 uint32_t lp_get_spoolss_state( void )
4362 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4365 /*******************************************************************
4366 Ensure we don't use sendfile if server smb signing is active.
4367 ********************************************************************/
4369 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4371 bool sign_active = false;
4373 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4374 if (get_Protocol() < PROTOCOL_NT1) {
4377 if (signing_state) {
4378 sign_active = smb_signing_is_active(signing_state);
4380 return (lp__use_sendfile(snum) &&
4381 (get_remote_arch() != RA_WIN95) &&
4385 /*******************************************************************
4386 Turn off sendfile if we find the underlying OS doesn't support it.
4387 ********************************************************************/
4389 void set_use_sendfile(int snum, bool val)
4391 if (LP_SNUM_OK(snum))
4392 ServicePtrs[snum]->_use_sendfile = val;
4394 sDefault._use_sendfile = val;
4397 void lp_set_mangling_method(const char *new_method)
4399 lpcfg_string_set(Globals.ctx, &Globals.mangling_method, new_method);
4402 /*******************************************************************
4403 Global state for POSIX pathname processing.
4404 ********************************************************************/
4406 static bool posix_pathnames;
4408 bool lp_posix_pathnames(void)
4410 return posix_pathnames;
4413 /*******************************************************************
4414 Change everything needed to ensure POSIX pathname processing (currently
4416 ********************************************************************/
4418 void lp_set_posix_pathnames(void)
4420 posix_pathnames = true;
4423 /*******************************************************************
4424 Global state for POSIX lock processing - CIFS unix extensions.
4425 ********************************************************************/
4427 bool posix_default_lock_was_set;
4428 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4430 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4432 if (posix_default_lock_was_set) {
4433 return posix_cifsx_locktype;
4435 return (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) ?
4436 POSIX_LOCK : WINDOWS_LOCK;
4440 /*******************************************************************
4441 ********************************************************************/
4443 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4445 posix_default_lock_was_set = true;
4446 posix_cifsx_locktype = val;
4449 int lp_min_receive_file_size(void)
4451 int min_receivefile_size = lp_min_receivefile_size();
4453 if (min_receivefile_size < 0) {
4456 return min_receivefile_size;
4459 /*******************************************************************
4460 Safe wide links checks.
4461 This helper function always verify the validity of wide links,
4462 even after a configuration file reload.
4463 ********************************************************************/
4465 void widelinks_warning(int snum)
4467 if (lp_allow_insecure_wide_links()) {
4471 if (lp_unix_extensions() && lp_wide_links(snum)) {
4472 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4473 "These parameters are incompatible. "
4474 "Wide links will be disabled for this share.\n",
4475 lp_servicename(talloc_tos(), snum) ));
4479 bool lp_widelinks(int snum)
4481 /* wide links is always incompatible with unix extensions */
4482 if (lp_unix_extensions()) {
4484 * Unless we have "allow insecure widelinks"
4487 if (!lp_allow_insecure_wide_links()) {
4492 return lp_wide_links(snum);
4495 int lp_server_role(void)
4497 return lp_find_server_role(lp__server_role(),
4499 lp__domain_logons(),
4500 lp_domain_master_true_or_auto());
4503 int lp_security(void)
4505 return lp_find_security(lp__server_role(),
4509 int lp_client_max_protocol(void)
4511 int client_max_protocol = lp__client_max_protocol();
4512 if (client_max_protocol == PROTOCOL_DEFAULT) {
4513 return PROTOCOL_NT1;
4515 return client_max_protocol;
4518 int lp_client_ipc_min_protocol(void)
4520 int client_ipc_min_protocol = lp__client_ipc_min_protocol();
4521 if (client_ipc_min_protocol == PROTOCOL_DEFAULT) {
4522 client_ipc_min_protocol = lp_client_min_protocol();
4524 if (client_ipc_min_protocol < PROTOCOL_NT1) {
4525 return PROTOCOL_NT1;
4527 return client_ipc_min_protocol;
4530 int lp_client_ipc_max_protocol(void)
4532 int client_ipc_max_protocol = lp__client_ipc_max_protocol();
4533 if (client_ipc_max_protocol == PROTOCOL_DEFAULT) {
4534 return PROTOCOL_LATEST;
4536 if (client_ipc_max_protocol < PROTOCOL_NT1) {
4537 return PROTOCOL_NT1;
4539 return client_ipc_max_protocol;
4542 int lp_client_ipc_signing(void)
4544 int client_ipc_signing = lp__client_ipc_signing();
4545 if (client_ipc_signing == SMB_SIGNING_DEFAULT) {
4546 return SMB_SIGNING_REQUIRED;
4548 return client_ipc_signing;
4551 struct loadparm_global * get_globals(void)
4556 unsigned int * get_flags(void)
4558 if (flags_list == NULL) {
4559 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());