2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
14 This program is free software; you can redistribute it and/or modify
15 it under the terms of the GNU General Public License as published by
16 the Free Software Foundation; either version 3 of the License, or
17 (at your option) any later version.
19 This program is distributed in the hope that it will be useful,
20 but WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 GNU General Public License for more details.
24 You should have received a copy of the GNU General Public License
25 along with this program. If not, see <http://www.gnu.org/licenses/>.
31 * This module provides suitable callback functions for the params
32 * module. It builds the internal table of service details which is
33 * then used by the rest of the server.
37 * 1) add it to the global or service structure definition
38 * 2) add it to the parm_table
39 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
40 * 4) If it's a global then initialise it in init_globals. If a local
41 * (ie. service) parameter then initialise it in the sDefault structure
45 * The configuration file is processed sequentially for speed. It is NOT
46 * accessed randomly as happens in 'real' Windows. For this reason, there
47 * is a fair bit of sequence-dependent code here - ie., code which assumes
48 * that certain things happen before others. In particular, the code which
49 * happens at the boundary between sections is delicately poised, so be
55 #include "system/filesys.h"
58 #include "lib/smbconf/smbconf.h"
59 #include "lib/smbconf/smbconf_init.h"
62 #include "../librpc/gen_ndr/svcctl.h"
64 #include "smb_signing.h"
68 #ifdef HAVE_SYS_SYSCTL_H
69 #include <sys/sysctl.h>
72 #ifdef HAVE_HTTPCONNECTENCRYPT
73 #include <cups/http.h>
78 extern userdom_struct current_user_info;
81 #define GLOBAL_NAME "global"
85 #define PRINTERS_NAME "printers"
89 #define HOMES_NAME "homes"
92 /* the special value for the include parameter
93 * to be interpreted not as a file name but to
94 * trigger loading of the global smb.conf options
96 #ifndef INCLUDE_REGISTRY_NAME
97 #define INCLUDE_REGISTRY_NAME "registry"
100 static bool in_client = False; /* Not in the client by default */
101 static struct smbconf_csn conf_last_csn;
103 #define CONFIG_BACKEND_FILE 0
104 #define CONFIG_BACKEND_REGISTRY 1
106 static int config_backend = CONFIG_BACKEND_FILE;
108 /* some helpful bits */
109 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
110 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
112 #define USERSHARE_VALID 1
113 #define USERSHARE_PENDING_DELETE 2
115 static bool defaults_saved = False;
117 struct param_opt_struct {
118 struct param_opt_struct *prev, *next;
126 * This structure describes global (ie., server-wide) parameters.
133 char *szPrintcapname;
134 char *szAddPortCommand;
135 char *szEnumPortsCommand;
136 char *szAddPrinterCommand;
137 char *szDeletePrinterCommand;
138 char *szOs2DriverMap;
144 char *szDefaultService;
148 char *szServerString;
149 char *szAutoServices;
150 char *szPasswdProgram;
154 char *szSMBPasswdFile;
156 char *szPassdbBackend;
157 char **szPreloadModules;
158 char *szPasswordServer;
159 char *szSocketOptions;
163 char *szAfsUsernameMap;
164 int iAfsTokenLifetime;
165 char *szLogNtTokenCommand;
171 char **szWINSservers;
173 char *szRemoteAnnounce;
174 char *szRemoteBrowseSync;
175 char *szSocketAddress;
176 bool bNmbdBindExplicitBroadcast;
177 char *szNISHomeMapName;
180 char **szNetbiosAliases;
181 char *szNetbiosScope;
182 char *szNameResolveOrder;
184 char *szAddUserScript;
185 char *szRenameUserScript;
186 char *szDelUserScript;
187 char *szAddGroupScript;
188 char *szDelGroupScript;
189 char *szAddUserToGroupScript;
190 char *szDelUserFromGroupScript;
191 char *szSetPrimaryGroupScript;
192 char *szAddMachineScript;
193 char *szShutdownScript;
194 char *szAbortShutdownScript;
195 char *szUsernameMapScript;
196 int iUsernameMapCacheTime;
197 char *szCheckPasswordScript;
204 bool bPassdbExpandExplicit;
205 int AlgorithmicRidBase;
206 char *szTemplateHomedir;
207 char *szTemplateShell;
208 char *szWinbindSeparator;
209 bool bWinbindEnumUsers;
210 bool bWinbindEnumGroups;
211 bool bWinbindUseDefaultDomain;
212 bool bWinbindTrustedDomainsOnly;
213 bool bWinbindNestedGroups;
214 int winbind_expand_groups;
215 bool bWinbindRefreshTickets;
216 bool bWinbindOfflineLogon;
217 bool bWinbindNormalizeNames;
218 bool bWinbindRpcOnly;
219 bool bCreateKrb5Conf;
220 int winbindMaxDomainConnections;
221 char *szIdmapBackend;
223 char *szAddShareCommand;
224 char *szChangeShareCommand;
225 char *szDeleteShareCommand;
227 char *szGuestaccount;
228 char *szManglingMethod;
229 char **szServicesList;
230 char *szUsersharePath;
231 char *szUsershareTemplateShare;
232 char **szUsersharePrefixAllowList;
233 char **szUsersharePrefixDenyList;
240 int open_files_db_hash_size;
249 bool paranoid_server_security;
252 int iMaxSmbdProcesses;
253 bool bDisableSpoolss;
256 bool enhanced_browsing;
262 int machine_password_timeout;
264 int oplock_break_wait_time;
265 int winbind_cache_time;
266 int winbind_reconnect_delay;
267 int winbind_max_clients;
268 char **szWinbindNssInfo;
270 char *szLdapMachineSuffix;
271 char *szLdapUserSuffix;
272 char *szLdapIdmapSuffix;
273 char *szLdapGroupSuffix;
277 int ldap_follow_referral;
280 int ldap_debug_level;
281 int ldap_debug_threshold;
285 char *szIPrintServer;
287 char **szClusterAddresses;
290 int ctdb_locktime_warn_threshold;
291 int ldap_passwd_sync;
292 int ldap_replication_sleep;
293 int ldap_timeout; /* This is initialised in init_globals */
294 int ldap_connection_timeout;
297 bool bMsAddPrinterWizard;
302 int iPreferredMaster;
305 char **szInitLogonDelayedHosts;
307 bool bEncryptPasswords;
312 bool bObeyPamRestrictions;
314 int PrintcapCacheTime;
315 bool bLargeReadwrite;
322 bool bBindInterfacesOnly;
323 bool bPamPasswordChange;
324 bool bUnixPasswdSync;
325 bool bPasswdChatDebug;
326 int iPasswdChatTimeout;
330 bool bNTStatusSupport;
332 int iMaxStatCacheSize;
334 bool bAllowTrustedDomains;
338 bool bClientLanManAuth;
339 bool bClientNTLMv2Auth;
340 bool bClientPlaintextAuth;
341 bool bClientUseSpnego;
342 bool client_use_spnego_principal;
343 bool send_spnego_principal;
344 bool bDebugPrefixTimestamp;
345 bool bDebugHiresTimestamp;
349 bool bEnableCoreFiles;
352 bool bHostnameLookups;
353 bool bUnixExtensions;
354 bool bDisableNetbios;
355 char * szDedicatedKeytabFile;
357 bool bDeferSharingViolations;
358 bool bEnablePrivileges;
360 bool bUsershareOwnerOnly;
361 bool bUsershareAllowGuests;
362 bool bRegistryShares;
363 int restrict_anonymous;
364 int name_cache_timeout;
367 int client_ldap_sasl_wrapping;
368 int iUsershareMaxShares;
370 int iIdmapNegativeCacheTime;
372 bool bLogWriteableFilesOnExit;
375 struct param_opt_struct *param_opt;
376 int cups_connection_timeout;
377 char *szSMBPerfcountModule;
378 bool bMapUntrustedToDomain;
379 bool bAsyncSMBEchoHandler;
380 bool bMulticastDnsRegister;
384 int ismb2_max_credits;
388 static struct global Globals;
391 * This structure describes a single service.
397 struct timespec usershare_last_mod;
401 char **szInvalidUsers;
409 char *szRootPostExec;
411 char *szPrintcommand;
414 char *szLppausecommand;
415 char *szLpresumecommand;
416 char *szQueuepausecommand;
417 char *szQueueresumecommand;
419 char *szPrintjobUsername;
427 char *szVetoOplockFiles;
433 char **printer_admin;
438 char *szAioWriteBehind;
442 int iMaxReportedPrintJobs;
445 int iCreate_force_mode;
447 int iSecurity_force_mode;
450 int iDir_Security_mask;
451 int iDir_Security_force_mode;
455 int iOplockContentionLimit;
460 bool bRootpreexecClose;
463 bool bShortCasePreserve;
465 bool bHideSpecialFiles;
466 bool bHideUnReadable;
467 bool bHideUnWriteableFiles;
469 bool bAccessBasedShareEnum;
474 bool bAdministrative_share;
477 bool bPrintNotifyBackchannel;
481 bool bStoreDosAttributes;
494 bool bStrictAllocate;
497 struct bitmap *copymap;
498 bool bDeleteReadonly;
500 bool bDeleteVetoFiles;
503 bool bDosFiletimeResolution;
504 bool bFakeDirCreateTimes;
510 bool bUseClientDriver;
511 bool bDefaultDevmode;
512 bool bForcePrintername;
514 bool bForceUnknownAclUser;
517 bool bMap_acl_inherit;
520 bool bAclCheckPermissions;
521 bool bAclMapFullControl;
522 bool bAclGroupControl;
524 bool bKernelChangeNotify;
525 int iallocation_roundup_size;
529 int iDirectoryNameCacheSize;
531 struct param_opt_struct *param_opt;
533 char dummy[3]; /* for alignment */
537 /* This is a default service used to prime a services structure */
538 static struct service sDefault = {
540 False, /* not autoloaded */
541 0, /* not a usershare */
542 {0, }, /* No last mod time */
543 NULL, /* szService */
545 NULL, /* szUsername */
546 NULL, /* szInvalidUsers */
547 NULL, /* szValidUsers */
548 NULL, /* szAdminUsers */
550 NULL, /* szInclude */
551 NULL, /* szPreExec */
552 NULL, /* szPostExec */
553 NULL, /* szRootPreExec */
554 NULL, /* szRootPostExec */
555 NULL, /* szCupsOptions */
556 NULL, /* szPrintcommand */
557 NULL, /* szLpqcommand */
558 NULL, /* szLprmcommand */
559 NULL, /* szLppausecommand */
560 NULL, /* szLpresumecommand */
561 NULL, /* szQueuepausecommand */
562 NULL, /* szQueueresumecommand */
563 NULL, /* szPrintername */
564 NULL, /* szPrintjobUsername */
565 NULL, /* szDontdescend */
566 NULL, /* szHostsallow */
567 NULL, /* szHostsdeny */
568 NULL, /* szMagicScript */
569 NULL, /* szMagicOutput */
570 NULL, /* szVetoFiles */
571 NULL, /* szHideFiles */
572 NULL, /* szVetoOplockFiles */
574 NULL, /* force user */
575 NULL, /* force group */
577 NULL, /* writelist */
578 NULL, /* printer admin */
581 NULL, /* vfs objects */
582 NULL, /* szMSDfsProxy */
583 NULL, /* szAioWriteBehind */
585 0, /* iMinPrintSpace */
586 1000, /* iMaxPrintJobs */
587 0, /* iMaxReportedPrintJobs */
588 0, /* iWriteCacheSize */
589 0744, /* iCreate_mask */
590 0000, /* iCreate_force_mode */
591 0777, /* iSecurity_mask */
592 0, /* iSecurity_force_mode */
593 0755, /* iDir_mask */
594 0000, /* iDir_force_mode */
595 0777, /* iDir_Security_mask */
596 0, /* iDir_Security_force_mode */
597 0, /* iMaxConnections */
598 CASE_LOWER, /* iDefaultCase */
599 DEFAULT_PRINTING, /* iPrinting */
600 2, /* iOplockContentionLimit */
602 1024, /* iBlock_size */
603 0, /* iDfreeCacheTime */
604 False, /* bPreexecClose */
605 False, /* bRootpreexecClose */
606 Auto, /* case sensitive */
607 True, /* case preserve */
608 True, /* short case preserve */
609 True, /* bHideDotFiles */
610 False, /* bHideSpecialFiles */
611 False, /* bHideUnReadable */
612 False, /* bHideUnWriteableFiles */
613 True, /* bBrowseable */
614 False, /* bAccessBasedShareEnum */
615 True, /* bAvailable */
616 True, /* bRead_only */
617 True, /* bNo_set_dir */
618 False, /* bGuest_only */
619 False, /* bAdministrative_share */
620 False, /* bGuest_ok */
621 False, /* bPrint_ok */
622 True, /* bPrintNotifyBackchannel */
623 False, /* bMap_system */
624 False, /* bMap_hidden */
625 True, /* bMap_archive */
626 False, /* bStoreDosAttributes */
627 False, /* bDmapiSupport */
629 Auto, /* iStrictLocking */
630 True, /* bPosixLocking */
631 True, /* bShareModes */
633 True, /* bLevel2OpLocks */
634 False, /* bOnlyUser */
635 True, /* bMangledNames */
636 false, /* bWidelinks */
637 True, /* bSymlinks */
638 False, /* bSyncAlways */
639 False, /* bStrictAllocate */
640 False, /* bStrictSync */
641 '~', /* magic char */
643 False, /* bDeleteReadonly */
644 False, /* bFakeOplocks */
645 False, /* bDeleteVetoFiles */
646 False, /* bDosFilemode */
647 True, /* bDosFiletimes */
648 False, /* bDosFiletimeResolution */
649 False, /* bFakeDirCreateTimes */
650 True, /* bBlockingLocks */
651 False, /* bInheritPerms */
652 False, /* bInheritACLS */
653 False, /* bInheritOwner */
654 False, /* bMSDfsRoot */
655 False, /* bUseClientDriver */
656 True, /* bDefaultDevmode */
657 False, /* bForcePrintername */
658 True, /* bNTAclSupport */
659 False, /* bForceUnknownAclUser */
660 False, /* bUseSendfile */
661 False, /* bProfileAcls */
662 False, /* bMap_acl_inherit */
663 False, /* bAfs_Share */
664 False, /* bEASupport */
665 True, /* bAclCheckPermissions */
666 True, /* bAclMapFullControl */
667 False, /* bAclGroupControl */
668 True, /* bChangeNotify */
669 True, /* bKernelChangeNotify */
670 SMB_ROUNDUP_ALLOCATION_SIZE, /* iallocation_roundup_size */
671 0, /* iAioReadSize */
672 0, /* iAioWriteSize */
673 MAP_READONLY_YES, /* iMap_readonly */
674 #ifdef BROKEN_DIRECTORY_HANDLING
675 0, /* iDirectoryNameCacheSize */
677 100, /* iDirectoryNameCacheSize */
679 Auto, /* ismb_encrypt */
680 NULL, /* Parametric options */
685 /* local variables */
686 static struct service **ServicePtrs = NULL;
687 static int iNumServices = 0;
688 static int iServiceIndex = 0;
689 static struct db_context *ServiceHash;
690 static int *invalid_services = NULL;
691 static int num_invalid_services = 0;
692 static bool bInGlobalSection = True;
693 static bool bGlobalOnly = False;
694 static int default_server_announce;
696 #define NUMPARAMETERS (sizeof(parm_table) / sizeof(struct parm_struct))
698 /* prototypes for the special type handlers */
699 static bool handle_include( int snum, const char *pszParmValue, char **ptr);
700 static bool handle_copy( int snum, const char *pszParmValue, char **ptr);
701 static bool handle_idmap_backend(int snum, const char *pszParmValue, char **ptr);
702 static bool handle_idmap_uid( int snum, const char *pszParmValue, char **ptr);
703 static bool handle_idmap_gid( int snum, const char *pszParmValue, char **ptr);
704 static bool handle_debug_list( int snum, const char *pszParmValue, char **ptr );
705 static bool handle_realm( int snum, const char *pszParmValue, char **ptr );
706 static bool handle_netbios_aliases( int snum, const char *pszParmValue, char **ptr );
707 static bool handle_charset( int snum, const char *pszParmValue, char **ptr );
708 static bool handle_dos_charset( int snum, const char *pszParmValue, char **ptr );
709 static bool handle_printing( int snum, const char *pszParmValue, char **ptr);
710 static bool handle_ldap_debug_level( int snum, const char *pszParmValue, char **ptr);
712 static void set_default_server_announce_type(void);
713 static void set_allowed_client_auth(void);
715 static void *lp_local_ptr(struct service *service, void *ptr);
717 static void add_to_file_list(const char *fname, const char *subfname);
718 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue, bool store_values);
720 static const struct enum_list enum_protocol[] = {
721 {PROTOCOL_SMB2, "SMB2"},
722 {PROTOCOL_NT1, "NT1"},
723 {PROTOCOL_LANMAN2, "LANMAN2"},
724 {PROTOCOL_LANMAN1, "LANMAN1"},
725 {PROTOCOL_CORE, "CORE"},
726 {PROTOCOL_COREPLUS, "COREPLUS"},
727 {PROTOCOL_COREPLUS, "CORE+"},
731 static const struct enum_list enum_security[] = {
732 {SEC_SHARE, "SHARE"},
734 {SEC_SERVER, "SERVER"},
735 {SEC_DOMAIN, "DOMAIN"},
742 static const struct enum_list enum_printing[] = {
743 {PRINT_SYSV, "sysv"},
745 {PRINT_HPUX, "hpux"},
749 {PRINT_LPRNG, "lprng"},
750 {PRINT_CUPS, "cups"},
751 {PRINT_IPRINT, "iprint"},
753 {PRINT_LPROS2, "os2"},
754 #if defined(DEVELOPER) || defined(ENABLE_BUILD_FARM_HACKS)
755 {PRINT_TEST, "test"},
757 #endif /* DEVELOPER */
761 static const struct enum_list enum_ldap_sasl_wrapping[] = {
763 {ADS_AUTH_SASL_SIGN, "sign"},
764 {ADS_AUTH_SASL_SEAL, "seal"},
768 static const struct enum_list enum_ldap_ssl[] = {
769 {LDAP_SSL_OFF, "no"},
770 {LDAP_SSL_OFF, "off"},
771 {LDAP_SSL_START_TLS, "start tls"},
772 {LDAP_SSL_START_TLS, "start_tls"},
776 /* LDAP Dereferencing Alias types */
777 #define SAMBA_LDAP_DEREF_NEVER 0
778 #define SAMBA_LDAP_DEREF_SEARCHING 1
779 #define SAMBA_LDAP_DEREF_FINDING 2
780 #define SAMBA_LDAP_DEREF_ALWAYS 3
782 static const struct enum_list enum_ldap_deref[] = {
783 {SAMBA_LDAP_DEREF_NEVER, "never"},
784 {SAMBA_LDAP_DEREF_SEARCHING, "searching"},
785 {SAMBA_LDAP_DEREF_FINDING, "finding"},
786 {SAMBA_LDAP_DEREF_ALWAYS, "always"},
790 static const struct enum_list enum_ldap_passwd_sync[] = {
791 {LDAP_PASSWD_SYNC_OFF, "no"},
792 {LDAP_PASSWD_SYNC_OFF, "off"},
793 {LDAP_PASSWD_SYNC_ON, "yes"},
794 {LDAP_PASSWD_SYNC_ON, "on"},
795 {LDAP_PASSWD_SYNC_ONLY, "only"},
799 static const struct enum_list enum_map_readonly[] = {
800 {MAP_READONLY_NO, "no"},
801 {MAP_READONLY_NO, "false"},
802 {MAP_READONLY_NO, "0"},
803 {MAP_READONLY_YES, "yes"},
804 {MAP_READONLY_YES, "true"},
805 {MAP_READONLY_YES, "1"},
806 {MAP_READONLY_PERMISSIONS, "permissions"},
807 {MAP_READONLY_PERMISSIONS, "perms"},
811 static const struct enum_list enum_case[] = {
812 {CASE_LOWER, "lower"},
813 {CASE_UPPER, "upper"},
819 static const struct enum_list enum_bool_auto[] = {
830 static const struct enum_list enum_csc_policy[] = {
831 {CSC_POLICY_MANUAL, "manual"},
832 {CSC_POLICY_DOCUMENTS, "documents"},
833 {CSC_POLICY_PROGRAMS, "programs"},
834 {CSC_POLICY_DISABLE, "disable"},
838 /* SMB signing types. */
839 static const struct enum_list enum_smb_signing_vals[] = {
851 {Required, "required"},
852 {Required, "mandatory"},
854 {Required, "forced"},
855 {Required, "enforced"},
859 /* ACL compatibility options. */
860 static const struct enum_list enum_acl_compat_vals[] = {
861 { ACL_COMPAT_AUTO, "auto" },
862 { ACL_COMPAT_WINNT, "winnt" },
863 { ACL_COMPAT_WIN2K, "win2k" },
868 Do you want session setups at user level security with a invalid
869 password to be rejected or allowed in as guest? WinNT rejects them
870 but it can be a pain as it means "net view" needs to use a password
872 You have 3 choices in the setting of map_to_guest:
874 "Never" means session setups with an invalid password
875 are rejected. This is the default.
877 "Bad User" means session setups with an invalid password
878 are rejected, unless the username does not exist, in which case it
879 is treated as a guest login
881 "Bad Password" means session setups with an invalid password
882 are treated as a guest login
884 Note that map_to_guest only has an effect in user or server
888 static const struct enum_list enum_map_to_guest[] = {
889 {NEVER_MAP_TO_GUEST, "Never"},
890 {MAP_TO_GUEST_ON_BAD_USER, "Bad User"},
891 {MAP_TO_GUEST_ON_BAD_PASSWORD, "Bad Password"},
892 {MAP_TO_GUEST_ON_BAD_UID, "Bad Uid"},
896 /* Config backend options */
898 static const struct enum_list enum_config_backend[] = {
899 {CONFIG_BACKEND_FILE, "file"},
900 {CONFIG_BACKEND_REGISTRY, "registry"},
904 /* ADS kerberos ticket verification options */
906 static const struct enum_list enum_kerberos_method[] = {
907 {KERBEROS_VERIFY_SECRETS, "default"},
908 {KERBEROS_VERIFY_SECRETS, "secrets only"},
909 {KERBEROS_VERIFY_SYSTEM_KEYTAB, "system keytab"},
910 {KERBEROS_VERIFY_DEDICATED_KEYTAB, "dedicated keytab"},
911 {KERBEROS_VERIFY_SECRETS_AND_KEYTAB, "secrets and keytab"},
915 /* Note: We do not initialise the defaults union - it is not allowed in ANSI C
917 * The FLAG_HIDE is explicit. Parameters set this way do NOT appear in any edit
918 * screen in SWAT. This is used to exclude parameters as well as to squash all
919 * parameters that have been duplicated by pseudonyms.
921 * NOTE: To display a parameter in BASIC view set FLAG_BASIC
922 * Any parameter that does NOT have FLAG_ADVANCED will not disply at all
923 * Set FLAG_SHARE and FLAG_PRINT to specifically display parameters in
926 * NOTE2: Handling of duplicated (synonym) parameters:
927 * Only the first occurance of a parameter should be enabled by FLAG_BASIC
928 * and/or FLAG_ADVANCED. All duplicates following the first mention should be
929 * set to FLAG_HIDE. ie: Make you must place the parameter that has the preferred
930 * name first, and all synonyms must follow it with the FLAG_HIDE attribute.
933 static struct parm_struct parm_table[] = {
934 {N_("Base Options"), P_SEP, P_SEPARATOR},
937 .label = "dos charset",
940 .ptr = &Globals.dos_charset,
941 .special = handle_dos_charset,
943 .flags = FLAG_ADVANCED
946 .label = "unix charset",
949 .ptr = &Globals.unix_charset,
950 .special = handle_charset,
952 .flags = FLAG_ADVANCED
958 .ptr = &sDefault.comment,
961 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT
967 .ptr = &sDefault.szPath,
970 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
973 .label = "directory",
976 .ptr = &sDefault.szPath,
982 .label = "workgroup",
985 .ptr = &Globals.szWorkgroup,
988 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_WIZARD,
994 .ptr = &Globals.szRealm,
995 .special = handle_realm,
997 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_WIZARD,
1000 .label = "netbios name",
1002 .p_class = P_GLOBAL,
1003 .ptr = &Globals.szNetbiosName,
1006 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_WIZARD,
1009 .label = "netbios aliases",
1011 .p_class = P_GLOBAL,
1012 .ptr = &Globals.szNetbiosAliases,
1013 .special = handle_netbios_aliases,
1015 .flags = FLAG_ADVANCED,
1018 .label = "netbios scope",
1020 .p_class = P_GLOBAL,
1021 .ptr = &Globals.szNetbiosScope,
1024 .flags = FLAG_ADVANCED,
1027 .label = "server string",
1029 .p_class = P_GLOBAL,
1030 .ptr = &Globals.szServerString,
1033 .flags = FLAG_BASIC | FLAG_ADVANCED,
1036 .label = "interfaces",
1038 .p_class = P_GLOBAL,
1039 .ptr = &Globals.szInterfaces,
1042 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_WIZARD,
1045 .label = "bind interfaces only",
1047 .p_class = P_GLOBAL,
1048 .ptr = &Globals.bBindInterfacesOnly,
1051 .flags = FLAG_ADVANCED | FLAG_WIZARD,
1054 .label = "config backend",
1056 .p_class = P_GLOBAL,
1057 .ptr = &Globals.ConfigBackend,
1059 .enum_list = enum_config_backend,
1060 .flags = FLAG_HIDE|FLAG_ADVANCED|FLAG_META,
1063 {N_("Security Options"), P_SEP, P_SEPARATOR},
1066 .label = "security",
1068 .p_class = P_GLOBAL,
1069 .ptr = &Globals.security,
1071 .enum_list = enum_security,
1072 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_WIZARD,
1075 .label = "auth methods",
1077 .p_class = P_GLOBAL,
1078 .ptr = &Globals.AuthMethods,
1081 .flags = FLAG_ADVANCED,
1084 .label = "encrypt passwords",
1086 .p_class = P_GLOBAL,
1087 .ptr = &Globals.bEncryptPasswords,
1090 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_WIZARD,
1093 .label = "client schannel",
1095 .p_class = P_GLOBAL,
1096 .ptr = &Globals.clientSchannel,
1098 .enum_list = enum_bool_auto,
1099 .flags = FLAG_BASIC | FLAG_ADVANCED,
1102 .label = "server schannel",
1104 .p_class = P_GLOBAL,
1105 .ptr = &Globals.serverSchannel,
1107 .enum_list = enum_bool_auto,
1108 .flags = FLAG_BASIC | FLAG_ADVANCED,
1111 .label = "allow trusted domains",
1113 .p_class = P_GLOBAL,
1114 .ptr = &Globals.bAllowTrustedDomains,
1117 .flags = FLAG_ADVANCED,
1120 .label = "map to guest",
1122 .p_class = P_GLOBAL,
1123 .ptr = &Globals.map_to_guest,
1125 .enum_list = enum_map_to_guest,
1126 .flags = FLAG_ADVANCED,
1129 .label = "null passwords",
1131 .p_class = P_GLOBAL,
1132 .ptr = &Globals.bNullPasswords,
1135 .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
1138 .label = "obey pam restrictions",
1140 .p_class = P_GLOBAL,
1141 .ptr = &Globals.bObeyPamRestrictions,
1144 .flags = FLAG_ADVANCED,
1147 .label = "password server",
1149 .p_class = P_GLOBAL,
1150 .ptr = &Globals.szPasswordServer,
1153 .flags = FLAG_ADVANCED | FLAG_WIZARD,
1156 .label = "smb passwd file",
1158 .p_class = P_GLOBAL,
1159 .ptr = &Globals.szSMBPasswdFile,
1162 .flags = FLAG_ADVANCED,
1165 .label = "private dir",
1167 .p_class = P_GLOBAL,
1168 .ptr = &Globals.szPrivateDir,
1171 .flags = FLAG_ADVANCED,
1174 .label = "passdb backend",
1176 .p_class = P_GLOBAL,
1177 .ptr = &Globals.szPassdbBackend,
1180 .flags = FLAG_ADVANCED | FLAG_WIZARD,
1183 .label = "algorithmic rid base",
1185 .p_class = P_GLOBAL,
1186 .ptr = &Globals.AlgorithmicRidBase,
1189 .flags = FLAG_ADVANCED,
1192 .label = "root directory",
1194 .p_class = P_GLOBAL,
1195 .ptr = &Globals.szRootdir,
1198 .flags = FLAG_ADVANCED,
1201 .label = "root dir",
1203 .p_class = P_GLOBAL,
1204 .ptr = &Globals.szRootdir,
1212 .p_class = P_GLOBAL,
1213 .ptr = &Globals.szRootdir,
1219 .label = "guest account",
1221 .p_class = P_GLOBAL,
1222 .ptr = &Globals.szGuestaccount,
1225 .flags = FLAG_BASIC | FLAG_ADVANCED,
1228 .label = "enable privileges",
1230 .p_class = P_GLOBAL,
1231 .ptr = &Globals.bEnablePrivileges,
1234 .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
1238 .label = "pam password change",
1240 .p_class = P_GLOBAL,
1241 .ptr = &Globals.bPamPasswordChange,
1244 .flags = FLAG_ADVANCED,
1247 .label = "passwd program",
1249 .p_class = P_GLOBAL,
1250 .ptr = &Globals.szPasswdProgram,
1253 .flags = FLAG_ADVANCED,
1256 .label = "passwd chat",
1258 .p_class = P_GLOBAL,
1259 .ptr = &Globals.szPasswdChat,
1262 .flags = FLAG_ADVANCED,
1265 .label = "passwd chat debug",
1267 .p_class = P_GLOBAL,
1268 .ptr = &Globals.bPasswdChatDebug,
1271 .flags = FLAG_ADVANCED,
1274 .label = "passwd chat timeout",
1276 .p_class = P_GLOBAL,
1277 .ptr = &Globals.iPasswdChatTimeout,
1280 .flags = FLAG_ADVANCED,
1283 .label = "check password script",
1285 .p_class = P_GLOBAL,
1286 .ptr = &Globals.szCheckPasswordScript,
1289 .flags = FLAG_ADVANCED,
1292 .label = "username map",
1294 .p_class = P_GLOBAL,
1295 .ptr = &Globals.szUsernameMap,
1298 .flags = FLAG_ADVANCED,
1301 .label = "password level",
1303 .p_class = P_GLOBAL,
1304 .ptr = &Globals.pwordlevel,
1307 .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
1310 .label = "username level",
1312 .p_class = P_GLOBAL,
1313 .ptr = &Globals.unamelevel,
1316 .flags = FLAG_ADVANCED,
1319 .label = "unix password sync",
1321 .p_class = P_GLOBAL,
1322 .ptr = &Globals.bUnixPasswdSync,
1325 .flags = FLAG_ADVANCED,
1328 .label = "restrict anonymous",
1330 .p_class = P_GLOBAL,
1331 .ptr = &Globals.restrict_anonymous,
1334 .flags = FLAG_ADVANCED,
1337 .label = "lanman auth",
1339 .p_class = P_GLOBAL,
1340 .ptr = &Globals.bLanmanAuth,
1343 .flags = FLAG_ADVANCED,
1346 .label = "ntlm auth",
1348 .p_class = P_GLOBAL,
1349 .ptr = &Globals.bNTLMAuth,
1352 .flags = FLAG_ADVANCED,
1355 .label = "client NTLMv2 auth",
1357 .p_class = P_GLOBAL,
1358 .ptr = &Globals.bClientNTLMv2Auth,
1361 .flags = FLAG_ADVANCED,
1364 .label = "client lanman auth",
1366 .p_class = P_GLOBAL,
1367 .ptr = &Globals.bClientLanManAuth,
1370 .flags = FLAG_ADVANCED,
1373 .label = "client plaintext auth",
1375 .p_class = P_GLOBAL,
1376 .ptr = &Globals.bClientPlaintextAuth,
1379 .flags = FLAG_ADVANCED,
1382 .label = "client use spnego principal",
1384 .p_class = P_GLOBAL,
1385 .ptr = &Globals.client_use_spnego_principal,
1388 .flags = FLAG_ADVANCED,
1391 .label = "send spnego principal",
1393 .p_class = P_GLOBAL,
1394 .ptr = &Globals.send_spnego_principal,
1397 .flags = FLAG_ADVANCED,
1400 .label = "username",
1403 .ptr = &sDefault.szUsername,
1406 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE | FLAG_DEPRECATED,
1412 .ptr = &sDefault.szUsername,
1421 .ptr = &sDefault.szUsername,
1427 .label = "invalid users",
1430 .ptr = &sDefault.szInvalidUsers,
1433 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1436 .label = "valid users",
1439 .ptr = &sDefault.szValidUsers,
1442 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1445 .label = "admin users",
1448 .ptr = &sDefault.szAdminUsers,
1451 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1454 .label = "read list",
1457 .ptr = &sDefault.readlist,
1460 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1463 .label = "write list",
1466 .ptr = &sDefault.writelist,
1469 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1472 .label = "printer admin",
1475 .ptr = &sDefault.printer_admin,
1478 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_PRINT | FLAG_DEPRECATED,
1481 .label = "force user",
1484 .ptr = &sDefault.force_user,
1487 .flags = FLAG_ADVANCED | FLAG_SHARE,
1490 .label = "force group",
1493 .ptr = &sDefault.force_group,
1496 .flags = FLAG_ADVANCED | FLAG_SHARE,
1502 .ptr = &sDefault.force_group,
1505 .flags = FLAG_ADVANCED,
1508 .label = "read only",
1511 .ptr = &sDefault.bRead_only,
1514 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE,
1517 .label = "write ok",
1520 .ptr = &sDefault.bRead_only,
1526 .label = "writeable",
1529 .ptr = &sDefault.bRead_only,
1535 .label = "writable",
1538 .ptr = &sDefault.bRead_only,
1544 .label = "acl check permissions",
1547 .ptr = &sDefault.bAclCheckPermissions,
1550 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1553 .label = "acl group control",
1556 .ptr = &sDefault.bAclGroupControl,
1559 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1562 .label = "acl map full control",
1565 .ptr = &sDefault.bAclMapFullControl,
1568 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1571 .label = "create mask",
1574 .ptr = &sDefault.iCreate_mask,
1577 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1580 .label = "create mode",
1583 .ptr = &sDefault.iCreate_mask,
1589 .label = "force create mode",
1592 .ptr = &sDefault.iCreate_force_mode,
1595 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1598 .label = "security mask",
1601 .ptr = &sDefault.iSecurity_mask,
1604 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1607 .label = "force security mode",
1610 .ptr = &sDefault.iSecurity_force_mode,
1613 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1616 .label = "directory mask",
1619 .ptr = &sDefault.iDir_mask,
1622 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1625 .label = "directory mode",
1628 .ptr = &sDefault.iDir_mask,
1631 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
1634 .label = "force directory mode",
1637 .ptr = &sDefault.iDir_force_mode,
1640 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1643 .label = "directory security mask",
1646 .ptr = &sDefault.iDir_Security_mask,
1649 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1652 .label = "force directory security mode",
1655 .ptr = &sDefault.iDir_Security_force_mode,
1658 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1661 .label = "force unknown acl user",
1664 .ptr = &sDefault.bForceUnknownAclUser,
1667 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
1670 .label = "inherit permissions",
1673 .ptr = &sDefault.bInheritPerms,
1676 .flags = FLAG_ADVANCED | FLAG_SHARE,
1679 .label = "inherit acls",
1682 .ptr = &sDefault.bInheritACLS,
1685 .flags = FLAG_ADVANCED | FLAG_SHARE,
1688 .label = "inherit owner",
1691 .ptr = &sDefault.bInheritOwner,
1694 .flags = FLAG_ADVANCED | FLAG_SHARE,
1697 .label = "guest only",
1700 .ptr = &sDefault.bGuest_only,
1703 .flags = FLAG_ADVANCED | FLAG_SHARE,
1706 .label = "only guest",
1709 .ptr = &sDefault.bGuest_only,
1715 .label = "administrative share",
1718 .ptr = &sDefault.bAdministrative_share,
1721 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
1725 .label = "guest ok",
1728 .ptr = &sDefault.bGuest_ok,
1731 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
1737 .ptr = &sDefault.bGuest_ok,
1743 .label = "only user",
1746 .ptr = &sDefault.bOnlyUser,
1749 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_DEPRECATED,
1752 .label = "hosts allow",
1755 .ptr = &sDefault.szHostsallow,
1758 .flags = FLAG_GLOBAL | FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
1761 .label = "allow hosts",
1764 .ptr = &sDefault.szHostsallow,
1770 .label = "hosts deny",
1773 .ptr = &sDefault.szHostsdeny,
1776 .flags = FLAG_GLOBAL | FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
1779 .label = "deny hosts",
1782 .ptr = &sDefault.szHostsdeny,
1788 .label = "preload modules",
1790 .p_class = P_GLOBAL,
1791 .ptr = &Globals.szPreloadModules,
1794 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
1797 .label = "dedicated keytab file",
1799 .p_class = P_GLOBAL,
1800 .ptr = &Globals.szDedicatedKeytabFile,
1803 .flags = FLAG_ADVANCED,
1806 .label = "kerberos method",
1808 .p_class = P_GLOBAL,
1809 .ptr = &Globals.iKerberosMethod,
1811 .enum_list = enum_kerberos_method,
1812 .flags = FLAG_ADVANCED,
1815 .label = "map untrusted to domain",
1817 .p_class = P_GLOBAL,
1818 .ptr = &Globals.bMapUntrustedToDomain,
1821 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
1825 {N_("Logging Options"), P_SEP, P_SEPARATOR},
1828 .label = "log level",
1830 .p_class = P_GLOBAL,
1831 .ptr = &Globals.szLogLevel,
1832 .special = handle_debug_list,
1834 .flags = FLAG_ADVANCED,
1837 .label = "debuglevel",
1839 .p_class = P_GLOBAL,
1840 .ptr = &Globals.szLogLevel,
1841 .special = handle_debug_list,
1848 .p_class = P_GLOBAL,
1849 .ptr = &Globals.syslog,
1852 .flags = FLAG_ADVANCED,
1855 .label = "syslog only",
1857 .p_class = P_GLOBAL,
1858 .ptr = &Globals.bSyslogOnly,
1861 .flags = FLAG_ADVANCED,
1864 .label = "log file",
1866 .p_class = P_GLOBAL,
1867 .ptr = &Globals.szLogFile,
1870 .flags = FLAG_ADVANCED,
1873 .label = "max log size",
1875 .p_class = P_GLOBAL,
1876 .ptr = &Globals.max_log_size,
1879 .flags = FLAG_ADVANCED,
1882 .label = "debug timestamp",
1884 .p_class = P_GLOBAL,
1885 .ptr = &Globals.bTimestampLogs,
1888 .flags = FLAG_ADVANCED,
1891 .label = "timestamp logs",
1893 .p_class = P_GLOBAL,
1894 .ptr = &Globals.bTimestampLogs,
1897 .flags = FLAG_ADVANCED,
1900 .label = "debug prefix timestamp",
1902 .p_class = P_GLOBAL,
1903 .ptr = &Globals.bDebugPrefixTimestamp,
1906 .flags = FLAG_ADVANCED,
1909 .label = "debug hires timestamp",
1911 .p_class = P_GLOBAL,
1912 .ptr = &Globals.bDebugHiresTimestamp,
1915 .flags = FLAG_ADVANCED,
1918 .label = "debug pid",
1920 .p_class = P_GLOBAL,
1921 .ptr = &Globals.bDebugPid,
1924 .flags = FLAG_ADVANCED,
1927 .label = "debug uid",
1929 .p_class = P_GLOBAL,
1930 .ptr = &Globals.bDebugUid,
1933 .flags = FLAG_ADVANCED,
1936 .label = "debug class",
1938 .p_class = P_GLOBAL,
1939 .ptr = &Globals.bDebugClass,
1942 .flags = FLAG_ADVANCED,
1945 .label = "enable core files",
1947 .p_class = P_GLOBAL,
1948 .ptr = &Globals.bEnableCoreFiles,
1951 .flags = FLAG_ADVANCED,
1954 {N_("Protocol Options"), P_SEP, P_SEPARATOR},
1957 .label = "allocation roundup size",
1960 .ptr = &sDefault.iallocation_roundup_size,
1963 .flags = FLAG_ADVANCED,
1966 .label = "aio read size",
1969 .ptr = &sDefault.iAioReadSize,
1972 .flags = FLAG_ADVANCED,
1975 .label = "aio write size",
1978 .ptr = &sDefault.iAioWriteSize,
1981 .flags = FLAG_ADVANCED,
1984 .label = "aio write behind",
1987 .ptr = &sDefault.szAioWriteBehind,
1990 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
1993 .label = "smb ports",
1995 .p_class = P_GLOBAL,
1996 .ptr = &Globals.smb_ports,
1999 .flags = FLAG_ADVANCED,
2002 .label = "large readwrite",
2004 .p_class = P_GLOBAL,
2005 .ptr = &Globals.bLargeReadwrite,
2008 .flags = FLAG_ADVANCED,
2011 .label = "max protocol",
2013 .p_class = P_GLOBAL,
2014 .ptr = &Globals.maxprotocol,
2016 .enum_list = enum_protocol,
2017 .flags = FLAG_ADVANCED,
2020 .label = "protocol",
2022 .p_class = P_GLOBAL,
2023 .ptr = &Globals.maxprotocol,
2025 .enum_list = enum_protocol,
2026 .flags = FLAG_ADVANCED,
2029 .label = "min protocol",
2031 .p_class = P_GLOBAL,
2032 .ptr = &Globals.minprotocol,
2034 .enum_list = enum_protocol,
2035 .flags = FLAG_ADVANCED,
2038 .label = "min receivefile size",
2040 .p_class = P_GLOBAL,
2041 .ptr = &Globals.iminreceivefile,
2044 .flags = FLAG_ADVANCED,
2047 .label = "read raw",
2049 .p_class = P_GLOBAL,
2050 .ptr = &Globals.bReadRaw,
2053 .flags = FLAG_ADVANCED,
2056 .label = "write raw",
2058 .p_class = P_GLOBAL,
2059 .ptr = &Globals.bWriteRaw,
2062 .flags = FLAG_ADVANCED,
2065 .label = "disable netbios",
2067 .p_class = P_GLOBAL,
2068 .ptr = &Globals.bDisableNetbios,
2071 .flags = FLAG_ADVANCED,
2074 .label = "reset on zero vc",
2076 .p_class = P_GLOBAL,
2077 .ptr = &Globals.bResetOnZeroVC,
2080 .flags = FLAG_ADVANCED,
2083 .label = "log writeable files on exit",
2085 .p_class = P_GLOBAL,
2086 .ptr = &Globals.bLogWriteableFilesOnExit,
2089 .flags = FLAG_ADVANCED,
2092 .label = "acl compatibility",
2094 .p_class = P_GLOBAL,
2095 .ptr = &Globals.iAclCompat,
2097 .enum_list = enum_acl_compat_vals,
2098 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
2101 .label = "defer sharing violations",
2103 .p_class = P_GLOBAL,
2104 .ptr = &Globals.bDeferSharingViolations,
2107 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
2110 .label = "ea support",
2113 .ptr = &sDefault.bEASupport,
2116 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
2119 .label = "nt acl support",
2122 .ptr = &sDefault.bNTAclSupport,
2125 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
2128 .label = "nt pipe support",
2130 .p_class = P_GLOBAL,
2131 .ptr = &Globals.bNTPipeSupport,
2134 .flags = FLAG_ADVANCED,
2137 .label = "nt status support",
2139 .p_class = P_GLOBAL,
2140 .ptr = &Globals.bNTStatusSupport,
2143 .flags = FLAG_ADVANCED,
2146 .label = "profile acls",
2149 .ptr = &sDefault.bProfileAcls,
2152 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
2155 .label = "map acl inherit",
2158 .ptr = &sDefault.bMap_acl_inherit,
2161 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
2164 .label = "afs share",
2167 .ptr = &sDefault.bAfs_Share,
2170 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
2175 .p_class = P_GLOBAL,
2176 .ptr = &Globals.max_mux,
2179 .flags = FLAG_ADVANCED,
2182 .label = "max xmit",
2184 .p_class = P_GLOBAL,
2185 .ptr = &Globals.max_xmit,
2188 .flags = FLAG_ADVANCED,
2191 .label = "name resolve order",
2193 .p_class = P_GLOBAL,
2194 .ptr = &Globals.szNameResolveOrder,
2197 .flags = FLAG_ADVANCED | FLAG_WIZARD,
2202 .p_class = P_GLOBAL,
2203 .ptr = &Globals.max_ttl,
2206 .flags = FLAG_ADVANCED,
2209 .label = "max wins ttl",
2211 .p_class = P_GLOBAL,
2212 .ptr = &Globals.max_wins_ttl,
2215 .flags = FLAG_ADVANCED,
2218 .label = "min wins ttl",
2220 .p_class = P_GLOBAL,
2221 .ptr = &Globals.min_wins_ttl,
2224 .flags = FLAG_ADVANCED,
2227 .label = "time server",
2229 .p_class = P_GLOBAL,
2230 .ptr = &Globals.bTimeServer,
2233 .flags = FLAG_ADVANCED,
2236 .label = "unix extensions",
2238 .p_class = P_GLOBAL,
2239 .ptr = &Globals.bUnixExtensions,
2242 .flags = FLAG_ADVANCED,
2245 .label = "use spnego",
2247 .p_class = P_GLOBAL,
2248 .ptr = &Globals.bUseSpnego,
2251 .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
2254 .label = "client signing",
2256 .p_class = P_GLOBAL,
2257 .ptr = &Globals.client_signing,
2259 .enum_list = enum_smb_signing_vals,
2260 .flags = FLAG_ADVANCED,
2263 .label = "server signing",
2265 .p_class = P_GLOBAL,
2266 .ptr = &Globals.server_signing,
2268 .enum_list = enum_smb_signing_vals,
2269 .flags = FLAG_ADVANCED,
2272 .label = "smb encrypt",
2275 .ptr = &sDefault.ismb_encrypt,
2277 .enum_list = enum_smb_signing_vals,
2278 .flags = FLAG_ADVANCED,
2281 .label = "client use spnego",
2283 .p_class = P_GLOBAL,
2284 .ptr = &Globals.bClientUseSpnego,
2287 .flags = FLAG_ADVANCED,
2290 .label = "client ldap sasl wrapping",
2292 .p_class = P_GLOBAL,
2293 .ptr = &Globals.client_ldap_sasl_wrapping,
2295 .enum_list = enum_ldap_sasl_wrapping,
2296 .flags = FLAG_ADVANCED,
2299 .label = "enable asu support",
2301 .p_class = P_GLOBAL,
2302 .ptr = &Globals.bASUSupport,
2305 .flags = FLAG_ADVANCED,
2308 .label = "svcctl list",
2310 .p_class = P_GLOBAL,
2311 .ptr = &Globals.szServicesList,
2314 .flags = FLAG_ADVANCED,
2317 {N_("Tuning Options"), P_SEP, P_SEPARATOR},
2320 .label = "block size",
2323 .ptr = &sDefault.iBlock_size,
2326 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
2329 .label = "deadtime",
2331 .p_class = P_GLOBAL,
2332 .ptr = &Globals.deadtime,
2335 .flags = FLAG_ADVANCED,
2338 .label = "getwd cache",
2340 .p_class = P_GLOBAL,
2341 .ptr = &Globals.getwd_cache,
2344 .flags = FLAG_ADVANCED,
2347 .label = "keepalive",
2349 .p_class = P_GLOBAL,
2350 .ptr = &Globals.iKeepalive,
2353 .flags = FLAG_ADVANCED,
2356 .label = "change notify",
2359 .ptr = &sDefault.bChangeNotify,
2362 .flags = FLAG_ADVANCED | FLAG_SHARE,
2365 .label = "directory name cache size",
2368 .ptr = &sDefault.iDirectoryNameCacheSize,
2371 .flags = FLAG_ADVANCED | FLAG_SHARE,
2374 .label = "kernel change notify",
2377 .ptr = &sDefault.bKernelChangeNotify,
2380 .flags = FLAG_ADVANCED | FLAG_SHARE,
2383 .label = "lpq cache time",
2385 .p_class = P_GLOBAL,
2386 .ptr = &Globals.lpqcachetime,
2389 .flags = FLAG_ADVANCED,
2392 .label = "max smbd processes",
2394 .p_class = P_GLOBAL,
2395 .ptr = &Globals.iMaxSmbdProcesses,
2398 .flags = FLAG_ADVANCED,
2401 .label = "max connections",
2404 .ptr = &sDefault.iMaxConnections,
2407 .flags = FLAG_ADVANCED | FLAG_SHARE,
2410 .label = "paranoid server security",
2412 .p_class = P_GLOBAL,
2413 .ptr = &Globals.paranoid_server_security,
2416 .flags = FLAG_ADVANCED,
2419 .label = "max disk size",
2421 .p_class = P_GLOBAL,
2422 .ptr = &Globals.maxdisksize,
2425 .flags = FLAG_ADVANCED,
2428 .label = "max open files",
2430 .p_class = P_GLOBAL,
2431 .ptr = &Globals.max_open_files,
2434 .flags = FLAG_ADVANCED,
2437 .label = "min print space",
2440 .ptr = &sDefault.iMinPrintSpace,
2443 .flags = FLAG_ADVANCED | FLAG_PRINT,
2446 .label = "socket options",
2448 .p_class = P_GLOBAL,
2449 .ptr = &Globals.szSocketOptions,
2452 .flags = FLAG_ADVANCED,
2455 .label = "strict allocate",
2458 .ptr = &sDefault.bStrictAllocate,
2461 .flags = FLAG_ADVANCED | FLAG_SHARE,
2464 .label = "strict sync",
2467 .ptr = &sDefault.bStrictSync,
2470 .flags = FLAG_ADVANCED | FLAG_SHARE,
2473 .label = "sync always",
2476 .ptr = &sDefault.bSyncAlways,
2479 .flags = FLAG_ADVANCED | FLAG_SHARE,
2482 .label = "use mmap",
2484 .p_class = P_GLOBAL,
2485 .ptr = &Globals.bUseMmap,
2488 .flags = FLAG_ADVANCED,
2491 .label = "use sendfile",
2494 .ptr = &sDefault.bUseSendfile,
2497 .flags = FLAG_ADVANCED | FLAG_SHARE,
2500 .label = "hostname lookups",
2502 .p_class = P_GLOBAL,
2503 .ptr = &Globals.bHostnameLookups,
2506 .flags = FLAG_ADVANCED,
2509 .label = "write cache size",
2512 .ptr = &sDefault.iWriteCacheSize,
2515 .flags = FLAG_ADVANCED | FLAG_SHARE,
2518 .label = "name cache timeout",
2520 .p_class = P_GLOBAL,
2521 .ptr = &Globals.name_cache_timeout,
2524 .flags = FLAG_ADVANCED,
2527 .label = "ctdbd socket",
2529 .p_class = P_GLOBAL,
2530 .ptr = &Globals.ctdbdSocket,
2533 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
2536 .label = "cluster addresses",
2538 .p_class = P_GLOBAL,
2539 .ptr = &Globals.szClusterAddresses,
2542 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
2545 .label = "clustering",
2547 .p_class = P_GLOBAL,
2548 .ptr = &Globals.clustering,
2551 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
2554 .label = "ctdb timeout",
2556 .p_class = P_GLOBAL,
2557 .ptr = &Globals.ctdb_timeout,
2560 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
2563 .label = "ctdb locktime warn threshold",
2565 .p_class = P_GLOBAL,
2566 .ptr = &Globals.ctdb_locktime_warn_threshold,
2569 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
2572 .label = "smb2 max read",
2574 .p_class = P_GLOBAL,
2575 .ptr = &Globals.ismb2_max_read,
2578 .flags = FLAG_ADVANCED,
2581 .label = "smb2 max write",
2583 .p_class = P_GLOBAL,
2584 .ptr = &Globals.ismb2_max_write,
2587 .flags = FLAG_ADVANCED,
2590 .label = "smb2 max trans",
2592 .p_class = P_GLOBAL,
2593 .ptr = &Globals.ismb2_max_trans,
2596 .flags = FLAG_ADVANCED,
2599 .label = "smb2 max credits",
2601 .p_class = P_GLOBAL,
2602 .ptr = &Globals.ismb2_max_credits,
2605 .flags = FLAG_ADVANCED,
2608 {N_("Printing Options"), P_SEP, P_SEPARATOR},
2611 .label = "max reported print jobs",
2614 .ptr = &sDefault.iMaxReportedPrintJobs,
2617 .flags = FLAG_ADVANCED | FLAG_PRINT,
2620 .label = "max print jobs",
2623 .ptr = &sDefault.iMaxPrintJobs,
2626 .flags = FLAG_ADVANCED | FLAG_PRINT,
2629 .label = "load printers",
2631 .p_class = P_GLOBAL,
2632 .ptr = &Globals.bLoadPrinters,
2635 .flags = FLAG_ADVANCED | FLAG_PRINT,
2638 .label = "printcap cache time",
2640 .p_class = P_GLOBAL,
2641 .ptr = &Globals.PrintcapCacheTime,
2644 .flags = FLAG_ADVANCED | FLAG_PRINT,
2647 .label = "printcap name",
2649 .p_class = P_GLOBAL,
2650 .ptr = &Globals.szPrintcapname,
2653 .flags = FLAG_ADVANCED | FLAG_PRINT,
2656 .label = "printcap",
2658 .p_class = P_GLOBAL,
2659 .ptr = &Globals.szPrintcapname,
2665 .label = "printable",
2668 .ptr = &sDefault.bPrint_ok,
2671 .flags = FLAG_ADVANCED | FLAG_PRINT,
2674 .label = "print notify backchannel",
2677 .ptr = &sDefault.bPrintNotifyBackchannel,
2680 .flags = FLAG_ADVANCED,
2683 .label = "print ok",
2686 .ptr = &sDefault.bPrint_ok,
2692 .label = "printing",
2695 .ptr = &sDefault.iPrinting,
2696 .special = handle_printing,
2697 .enum_list = enum_printing,
2698 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2701 .label = "cups options",
2704 .ptr = &sDefault.szCupsOptions,
2707 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2710 .label = "cups server",
2712 .p_class = P_GLOBAL,
2713 .ptr = &Globals.szCupsServer,
2716 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2719 .label = "cups encrypt",
2721 .p_class = P_GLOBAL,
2722 .ptr = &Globals.CupsEncrypt,
2724 .enum_list = enum_bool_auto,
2725 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2729 .label = "cups connection timeout",
2731 .p_class = P_GLOBAL,
2732 .ptr = &Globals.cups_connection_timeout,
2735 .flags = FLAG_ADVANCED,
2738 .label = "iprint server",
2740 .p_class = P_GLOBAL,
2741 .ptr = &Globals.szIPrintServer,
2744 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2747 .label = "print command",
2750 .ptr = &sDefault.szPrintcommand,
2753 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2756 .label = "disable spoolss",
2758 .p_class = P_GLOBAL,
2759 .ptr = &Globals.bDisableSpoolss,
2762 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2765 .label = "enable spoolss",
2767 .p_class = P_GLOBAL,
2768 .ptr = &Globals.bDisableSpoolss,
2774 .label = "lpq command",
2777 .ptr = &sDefault.szLpqcommand,
2780 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2783 .label = "lprm command",
2786 .ptr = &sDefault.szLprmcommand,
2789 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2792 .label = "lppause command",
2795 .ptr = &sDefault.szLppausecommand,
2798 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2801 .label = "lpresume command",
2804 .ptr = &sDefault.szLpresumecommand,
2807 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2810 .label = "queuepause command",
2813 .ptr = &sDefault.szQueuepausecommand,
2816 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2819 .label = "queueresume command",
2822 .ptr = &sDefault.szQueueresumecommand,
2825 .flags = FLAG_ADVANCED | FLAG_PRINT | FLAG_GLOBAL,
2828 .label = "addport command",
2830 .p_class = P_GLOBAL,
2831 .ptr = &Globals.szAddPortCommand,
2834 .flags = FLAG_ADVANCED,
2837 .label = "enumports command",
2839 .p_class = P_GLOBAL,
2840 .ptr = &Globals.szEnumPortsCommand,
2843 .flags = FLAG_ADVANCED,
2846 .label = "addprinter command",
2848 .p_class = P_GLOBAL,
2849 .ptr = &Globals.szAddPrinterCommand,
2852 .flags = FLAG_ADVANCED,
2855 .label = "deleteprinter command",
2857 .p_class = P_GLOBAL,
2858 .ptr = &Globals.szDeletePrinterCommand,
2861 .flags = FLAG_ADVANCED,
2864 .label = "show add printer wizard",
2866 .p_class = P_GLOBAL,
2867 .ptr = &Globals.bMsAddPrinterWizard,
2870 .flags = FLAG_ADVANCED,
2873 .label = "os2 driver map",
2875 .p_class = P_GLOBAL,
2876 .ptr = &Globals.szOs2DriverMap,
2879 .flags = FLAG_ADVANCED,
2883 .label = "printer name",
2886 .ptr = &sDefault.szPrintername,
2889 .flags = FLAG_ADVANCED | FLAG_PRINT,
2895 .ptr = &sDefault.szPrintername,
2901 .label = "use client driver",
2904 .ptr = &sDefault.bUseClientDriver,
2907 .flags = FLAG_ADVANCED | FLAG_PRINT,
2910 .label = "default devmode",
2913 .ptr = &sDefault.bDefaultDevmode,
2916 .flags = FLAG_ADVANCED | FLAG_PRINT,
2919 .label = "force printername",
2922 .ptr = &sDefault.bForcePrintername,
2925 .flags = FLAG_ADVANCED | FLAG_PRINT,
2928 .label = "printjob username",
2931 .ptr = &sDefault.szPrintjobUsername,
2934 .flags = FLAG_ADVANCED | FLAG_PRINT,
2937 {N_("Filename Handling"), P_SEP, P_SEPARATOR},
2940 .label = "mangling method",
2942 .p_class = P_GLOBAL,
2943 .ptr = &Globals.szManglingMethod,
2946 .flags = FLAG_ADVANCED,
2949 .label = "mangle prefix",
2951 .p_class = P_GLOBAL,
2952 .ptr = &Globals.mangle_prefix,
2955 .flags = FLAG_ADVANCED,
2959 .label = "default case",
2962 .ptr = &sDefault.iDefaultCase,
2964 .enum_list = enum_case,
2965 .flags = FLAG_ADVANCED | FLAG_SHARE,
2968 .label = "case sensitive",
2971 .ptr = &sDefault.iCaseSensitive,
2973 .enum_list = enum_bool_auto,
2974 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
2977 .label = "casesignames",
2980 .ptr = &sDefault.iCaseSensitive,
2982 .enum_list = enum_bool_auto,
2983 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL | FLAG_HIDE,
2986 .label = "preserve case",
2989 .ptr = &sDefault.bCasePreserve,
2992 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
2995 .label = "short preserve case",
2998 .ptr = &sDefault.bShortCasePreserve,
3001 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3004 .label = "mangling char",
3007 .ptr = &sDefault.magic_char,
3010 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3013 .label = "hide dot files",
3016 .ptr = &sDefault.bHideDotFiles,
3019 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3022 .label = "hide special files",
3025 .ptr = &sDefault.bHideSpecialFiles,
3028 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3031 .label = "hide unreadable",
3034 .ptr = &sDefault.bHideUnReadable,
3037 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3040 .label = "hide unwriteable files",
3043 .ptr = &sDefault.bHideUnWriteableFiles,
3046 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3049 .label = "delete veto files",
3052 .ptr = &sDefault.bDeleteVetoFiles,
3055 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3058 .label = "veto files",
3061 .ptr = &sDefault.szVetoFiles,
3064 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3067 .label = "hide files",
3070 .ptr = &sDefault.szHideFiles,
3073 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3076 .label = "veto oplock files",
3079 .ptr = &sDefault.szVetoOplockFiles,
3082 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3085 .label = "map archive",
3088 .ptr = &sDefault.bMap_archive,
3091 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3094 .label = "map hidden",
3097 .ptr = &sDefault.bMap_hidden,
3100 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3103 .label = "map system",
3106 .ptr = &sDefault.bMap_system,
3109 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3112 .label = "map readonly",
3115 .ptr = &sDefault.iMap_readonly,
3117 .enum_list = enum_map_readonly,
3118 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3121 .label = "mangled names",
3124 .ptr = &sDefault.bMangledNames,
3127 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3130 .label = "max stat cache size",
3132 .p_class = P_GLOBAL,
3133 .ptr = &Globals.iMaxStatCacheSize,
3136 .flags = FLAG_ADVANCED,
3139 .label = "stat cache",
3141 .p_class = P_GLOBAL,
3142 .ptr = &Globals.bStatCache,
3145 .flags = FLAG_ADVANCED,
3148 .label = "store dos attributes",
3151 .ptr = &sDefault.bStoreDosAttributes,
3154 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3157 .label = "dmapi support",
3160 .ptr = &sDefault.bDmapiSupport,
3163 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3167 {N_("Domain Options"), P_SEP, P_SEPARATOR},
3170 .label = "machine password timeout",
3172 .p_class = P_GLOBAL,
3173 .ptr = &Globals.machine_password_timeout,
3176 .flags = FLAG_ADVANCED | FLAG_WIZARD,
3179 {N_("Logon Options"), P_SEP, P_SEPARATOR},
3182 .label = "add user script",
3184 .p_class = P_GLOBAL,
3185 .ptr = &Globals.szAddUserScript,
3188 .flags = FLAG_ADVANCED,
3191 .label = "rename user script",
3193 .p_class = P_GLOBAL,
3194 .ptr = &Globals.szRenameUserScript,
3197 .flags = FLAG_ADVANCED,
3200 .label = "delete user script",
3202 .p_class = P_GLOBAL,
3203 .ptr = &Globals.szDelUserScript,
3206 .flags = FLAG_ADVANCED,
3209 .label = "add group script",
3211 .p_class = P_GLOBAL,
3212 .ptr = &Globals.szAddGroupScript,
3215 .flags = FLAG_ADVANCED,
3218 .label = "delete group script",
3220 .p_class = P_GLOBAL,
3221 .ptr = &Globals.szDelGroupScript,
3224 .flags = FLAG_ADVANCED,
3227 .label = "add user to group script",
3229 .p_class = P_GLOBAL,
3230 .ptr = &Globals.szAddUserToGroupScript,
3233 .flags = FLAG_ADVANCED,
3236 .label = "delete user from group script",
3238 .p_class = P_GLOBAL,
3239 .ptr = &Globals.szDelUserFromGroupScript,
3242 .flags = FLAG_ADVANCED,
3245 .label = "set primary group script",
3247 .p_class = P_GLOBAL,
3248 .ptr = &Globals.szSetPrimaryGroupScript,
3251 .flags = FLAG_ADVANCED,
3254 .label = "add machine script",
3256 .p_class = P_GLOBAL,
3257 .ptr = &Globals.szAddMachineScript,
3260 .flags = FLAG_ADVANCED,
3263 .label = "shutdown script",
3265 .p_class = P_GLOBAL,
3266 .ptr = &Globals.szShutdownScript,
3269 .flags = FLAG_ADVANCED,
3272 .label = "abort shutdown script",
3274 .p_class = P_GLOBAL,
3275 .ptr = &Globals.szAbortShutdownScript,
3278 .flags = FLAG_ADVANCED,
3281 .label = "username map script",
3283 .p_class = P_GLOBAL,
3284 .ptr = &Globals.szUsernameMapScript,
3287 .flags = FLAG_ADVANCED,
3290 .label = "username map cache time",
3292 .p_class = P_GLOBAL,
3293 .ptr = &Globals.iUsernameMapCacheTime,
3296 .flags = FLAG_ADVANCED,
3299 .label = "logon script",
3301 .p_class = P_GLOBAL,
3302 .ptr = &Globals.szLogonScript,
3305 .flags = FLAG_ADVANCED,
3308 .label = "logon path",
3310 .p_class = P_GLOBAL,
3311 .ptr = &Globals.szLogonPath,
3314 .flags = FLAG_ADVANCED,
3317 .label = "logon drive",
3319 .p_class = P_GLOBAL,
3320 .ptr = &Globals.szLogonDrive,
3323 .flags = FLAG_ADVANCED,
3326 .label = "logon home",
3328 .p_class = P_GLOBAL,
3329 .ptr = &Globals.szLogonHome,
3332 .flags = FLAG_ADVANCED,
3335 .label = "domain logons",
3337 .p_class = P_GLOBAL,
3338 .ptr = &Globals.bDomainLogons,
3341 .flags = FLAG_ADVANCED,
3345 .label = "init logon delayed hosts",
3347 .p_class = P_GLOBAL,
3348 .ptr = &Globals.szInitLogonDelayedHosts,
3351 .flags = FLAG_ADVANCED,
3355 .label = "init logon delay",
3357 .p_class = P_GLOBAL,
3358 .ptr = &Globals.InitLogonDelay,
3361 .flags = FLAG_ADVANCED,
3365 {N_("Browse Options"), P_SEP, P_SEPARATOR},
3368 .label = "os level",
3370 .p_class = P_GLOBAL,
3371 .ptr = &Globals.os_level,
3374 .flags = FLAG_BASIC | FLAG_ADVANCED,
3377 .label = "lm announce",
3379 .p_class = P_GLOBAL,
3380 .ptr = &Globals.lm_announce,
3382 .enum_list = enum_bool_auto,
3383 .flags = FLAG_ADVANCED,
3386 .label = "lm interval",
3388 .p_class = P_GLOBAL,
3389 .ptr = &Globals.lm_interval,
3392 .flags = FLAG_ADVANCED,
3395 .label = "preferred master",
3397 .p_class = P_GLOBAL,
3398 .ptr = &Globals.iPreferredMaster,
3400 .enum_list = enum_bool_auto,
3401 .flags = FLAG_BASIC | FLAG_ADVANCED,
3404 .label = "prefered master",
3406 .p_class = P_GLOBAL,
3407 .ptr = &Globals.iPreferredMaster,
3409 .enum_list = enum_bool_auto,
3413 .label = "local master",
3415 .p_class = P_GLOBAL,
3416 .ptr = &Globals.bLocalMaster,
3419 .flags = FLAG_BASIC | FLAG_ADVANCED,
3422 .label = "domain master",
3424 .p_class = P_GLOBAL,
3425 .ptr = &Globals.iDomainMaster,
3427 .enum_list = enum_bool_auto,
3428 .flags = FLAG_BASIC | FLAG_ADVANCED,
3431 .label = "browse list",
3433 .p_class = P_GLOBAL,
3434 .ptr = &Globals.bBrowseList,
3437 .flags = FLAG_ADVANCED,
3440 .label = "browseable",
3443 .ptr = &sDefault.bBrowseable,
3446 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
3449 .label = "browsable",
3452 .ptr = &sDefault.bBrowseable,
3458 .label = "access based share enum",
3461 .ptr = &sDefault.bAccessBasedShareEnum,
3464 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE
3467 .label = "enhanced browsing",
3469 .p_class = P_GLOBAL,
3470 .ptr = &Globals.enhanced_browsing,
3473 .flags = FLAG_ADVANCED,
3476 {N_("WINS Options"), P_SEP, P_SEPARATOR},
3479 .label = "dns proxy",
3481 .p_class = P_GLOBAL,
3482 .ptr = &Globals.bDNSproxy,
3485 .flags = FLAG_ADVANCED,
3488 .label = "wins proxy",
3490 .p_class = P_GLOBAL,
3491 .ptr = &Globals.bWINSproxy,
3494 .flags = FLAG_ADVANCED,
3497 .label = "wins server",
3499 .p_class = P_GLOBAL,
3500 .ptr = &Globals.szWINSservers,
3503 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_WIZARD,
3506 .label = "wins support",
3508 .p_class = P_GLOBAL,
3509 .ptr = &Globals.bWINSsupport,
3512 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_WIZARD,
3515 .label = "wins hook",
3517 .p_class = P_GLOBAL,
3518 .ptr = &Globals.szWINSHook,
3521 .flags = FLAG_ADVANCED,
3524 {N_("Locking Options"), P_SEP, P_SEPARATOR},
3527 .label = "blocking locks",
3530 .ptr = &sDefault.bBlockingLocks,
3533 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3536 .label = "csc policy",
3539 .ptr = &sDefault.iCSCPolicy,
3541 .enum_list = enum_csc_policy,
3542 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3545 .label = "fake oplocks",
3548 .ptr = &sDefault.bFakeOplocks,
3551 .flags = FLAG_ADVANCED | FLAG_SHARE,
3554 .label = "kernel oplocks",
3556 .p_class = P_GLOBAL,
3557 .ptr = &Globals.bKernelOplocks,
3560 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
3566 .ptr = &sDefault.bLocking,
3569 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3572 .label = "lock spin time",
3574 .p_class = P_GLOBAL,
3575 .ptr = &Globals.iLockSpinTime,
3578 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
3584 .ptr = &sDefault.bOpLocks,
3587 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3590 .label = "level2 oplocks",
3593 .ptr = &sDefault.bLevel2OpLocks,
3596 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3599 .label = "oplock break wait time",
3601 .p_class = P_GLOBAL,
3602 .ptr = &Globals.oplock_break_wait_time,
3605 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
3608 .label = "oplock contention limit",
3611 .ptr = &sDefault.iOplockContentionLimit,
3614 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3617 .label = "posix locking",
3620 .ptr = &sDefault.bPosixLocking,
3623 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3626 .label = "strict locking",
3629 .ptr = &sDefault.iStrictLocking,
3631 .enum_list = enum_bool_auto,
3632 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
3635 .label = "share modes",
3638 .ptr = &sDefault.bShareModes,
3641 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL | FLAG_DEPRECATED,
3644 {N_("Ldap Options"), P_SEP, P_SEPARATOR},
3647 .label = "ldap admin dn",
3649 .p_class = P_GLOBAL,
3650 .ptr = &Globals.szLdapAdminDn,
3653 .flags = FLAG_ADVANCED,
3656 .label = "ldap delete dn",
3658 .p_class = P_GLOBAL,
3659 .ptr = &Globals.ldap_delete_dn,
3662 .flags = FLAG_ADVANCED,
3665 .label = "ldap group suffix",
3667 .p_class = P_GLOBAL,
3668 .ptr = &Globals.szLdapGroupSuffix,
3671 .flags = FLAG_ADVANCED,
3674 .label = "ldap idmap suffix",
3676 .p_class = P_GLOBAL,
3677 .ptr = &Globals.szLdapIdmapSuffix,
3680 .flags = FLAG_ADVANCED,
3683 .label = "ldap machine suffix",
3685 .p_class = P_GLOBAL,
3686 .ptr = &Globals.szLdapMachineSuffix,
3689 .flags = FLAG_ADVANCED,
3692 .label = "ldap passwd sync",
3694 .p_class = P_GLOBAL,
3695 .ptr = &Globals.ldap_passwd_sync,
3697 .enum_list = enum_ldap_passwd_sync,
3698 .flags = FLAG_ADVANCED,
3701 .label = "ldap password sync",
3703 .p_class = P_GLOBAL,
3704 .ptr = &Globals.ldap_passwd_sync,
3706 .enum_list = enum_ldap_passwd_sync,
3710 .label = "ldap replication sleep",
3712 .p_class = P_GLOBAL,
3713 .ptr = &Globals.ldap_replication_sleep,
3716 .flags = FLAG_ADVANCED,
3719 .label = "ldap suffix",
3721 .p_class = P_GLOBAL,
3722 .ptr = &Globals.szLdapSuffix,
3725 .flags = FLAG_ADVANCED,
3728 .label = "ldap ssl",
3730 .p_class = P_GLOBAL,
3731 .ptr = &Globals.ldap_ssl,
3733 .enum_list = enum_ldap_ssl,
3734 .flags = FLAG_ADVANCED,
3737 .label = "ldap ssl ads",
3739 .p_class = P_GLOBAL,
3740 .ptr = &Globals.ldap_ssl_ads,
3743 .flags = FLAG_ADVANCED,
3746 .label = "ldap deref",
3748 .p_class = P_GLOBAL,
3749 .ptr = &Globals.ldap_deref,
3751 .enum_list = enum_ldap_deref,
3752 .flags = FLAG_ADVANCED,
3755 .label = "ldap follow referral",
3757 .p_class = P_GLOBAL,
3758 .ptr = &Globals.ldap_follow_referral,
3760 .enum_list = enum_bool_auto,
3761 .flags = FLAG_ADVANCED,
3764 .label = "ldap timeout",
3766 .p_class = P_GLOBAL,
3767 .ptr = &Globals.ldap_timeout,
3770 .flags = FLAG_ADVANCED,
3773 .label = "ldap connection timeout",
3775 .p_class = P_GLOBAL,
3776 .ptr = &Globals.ldap_connection_timeout,
3779 .flags = FLAG_ADVANCED,
3782 .label = "ldap page size",
3784 .p_class = P_GLOBAL,
3785 .ptr = &Globals.ldap_page_size,
3788 .flags = FLAG_ADVANCED,
3791 .label = "ldap user suffix",
3793 .p_class = P_GLOBAL,
3794 .ptr = &Globals.szLdapUserSuffix,
3797 .flags = FLAG_ADVANCED,
3800 .label = "ldap debug level",
3802 .p_class = P_GLOBAL,
3803 .ptr = &Globals.ldap_debug_level,
3804 .special = handle_ldap_debug_level,
3806 .flags = FLAG_ADVANCED,
3809 .label = "ldap debug threshold",
3811 .p_class = P_GLOBAL,
3812 .ptr = &Globals.ldap_debug_threshold,
3815 .flags = FLAG_ADVANCED,
3818 {N_("EventLog Options"), P_SEP, P_SEPARATOR},
3821 .label = "eventlog list",
3823 .p_class = P_GLOBAL,
3824 .ptr = &Globals.szEventLogs,
3827 .flags = FLAG_ADVANCED | FLAG_GLOBAL | FLAG_SHARE,
3830 {N_("Miscellaneous Options"), P_SEP, P_SEPARATOR},
3833 .label = "add share command",
3835 .p_class = P_GLOBAL,
3836 .ptr = &Globals.szAddShareCommand,
3839 .flags = FLAG_ADVANCED,
3842 .label = "change share command",
3844 .p_class = P_GLOBAL,
3845 .ptr = &Globals.szChangeShareCommand,
3848 .flags = FLAG_ADVANCED,
3851 .label = "delete share command",
3853 .p_class = P_GLOBAL,
3854 .ptr = &Globals.szDeleteShareCommand,
3857 .flags = FLAG_ADVANCED,
3860 .label = "config file",
3862 .p_class = P_GLOBAL,
3863 .ptr = &Globals.szConfigFile,
3866 .flags = FLAG_HIDE|FLAG_META,
3871 .p_class = P_GLOBAL,
3872 .ptr = &Globals.szAutoServices,
3875 .flags = FLAG_ADVANCED,
3878 .label = "auto services",
3880 .p_class = P_GLOBAL,
3881 .ptr = &Globals.szAutoServices,
3884 .flags = FLAG_ADVANCED,
3887 .label = "lock directory",
3889 .p_class = P_GLOBAL,
3890 .ptr = &Globals.szLockDir,
3893 .flags = FLAG_ADVANCED,
3896 .label = "lock dir",
3898 .p_class = P_GLOBAL,
3899 .ptr = &Globals.szLockDir,
3905 .label = "state directory",
3907 .p_class = P_GLOBAL,
3908 .ptr = &Globals.szStateDir,
3911 .flags = FLAG_ADVANCED,
3914 .label = "cache directory",
3916 .p_class = P_GLOBAL,
3917 .ptr = &Globals.szCacheDir,
3920 .flags = FLAG_ADVANCED,
3923 .label = "pid directory",
3925 .p_class = P_GLOBAL,
3926 .ptr = &Globals.szPidDir,
3929 .flags = FLAG_ADVANCED,
3933 .label = "utmp directory",
3935 .p_class = P_GLOBAL,
3936 .ptr = &Globals.szUtmpDir,
3939 .flags = FLAG_ADVANCED,
3942 .label = "wtmp directory",
3944 .p_class = P_GLOBAL,
3945 .ptr = &Globals.szWtmpDir,
3948 .flags = FLAG_ADVANCED,
3953 .p_class = P_GLOBAL,
3954 .ptr = &Globals.bUtmp,
3957 .flags = FLAG_ADVANCED,
3961 .label = "default service",
3963 .p_class = P_GLOBAL,
3964 .ptr = &Globals.szDefaultService,
3967 .flags = FLAG_ADVANCED,
3972 .p_class = P_GLOBAL,
3973 .ptr = &Globals.szDefaultService,
3976 .flags = FLAG_ADVANCED,
3979 .label = "message command",
3981 .p_class = P_GLOBAL,
3982 .ptr = &Globals.szMsgCommand,
3985 .flags = FLAG_ADVANCED,
3988 .label = "dfree cache time",
3991 .ptr = &sDefault.iDfreeCacheTime,
3994 .flags = FLAG_ADVANCED,
3997 .label = "dfree command",
4000 .ptr = &sDefault.szDfree,
4003 .flags = FLAG_ADVANCED,
4006 .label = "get quota command",
4008 .p_class = P_GLOBAL,
4009 .ptr = &Globals.szGetQuota,
4012 .flags = FLAG_ADVANCED,
4015 .label = "set quota command",
4017 .p_class = P_GLOBAL,
4018 .ptr = &Globals.szSetQuota,
4021 .flags = FLAG_ADVANCED,
4024 .label = "remote announce",
4026 .p_class = P_GLOBAL,
4027 .ptr = &Globals.szRemoteAnnounce,
4030 .flags = FLAG_ADVANCED,
4033 .label = "remote browse sync",
4035 .p_class = P_GLOBAL,
4036 .ptr = &Globals.szRemoteBrowseSync,
4039 .flags = FLAG_ADVANCED,
4042 .label = "socket address",
4044 .p_class = P_GLOBAL,
4045 .ptr = &Globals.szSocketAddress,
4048 .flags = FLAG_ADVANCED,
4051 .label = "nmbd bind explicit broadcast",
4053 .p_class = P_GLOBAL,
4054 .ptr = &Globals.bNmbdBindExplicitBroadcast,
4057 .flags = FLAG_ADVANCED,
4060 .label = "homedir map",
4062 .p_class = P_GLOBAL,
4063 .ptr = &Globals.szNISHomeMapName,
4066 .flags = FLAG_ADVANCED,
4069 .label = "afs username map",
4071 .p_class = P_GLOBAL,
4072 .ptr = &Globals.szAfsUsernameMap,
4075 .flags = FLAG_ADVANCED,
4078 .label = "afs token lifetime",
4080 .p_class = P_GLOBAL,
4081 .ptr = &Globals.iAfsTokenLifetime,
4084 .flags = FLAG_ADVANCED,
4087 .label = "log nt token command",
4089 .p_class = P_GLOBAL,
4090 .ptr = &Globals.szLogNtTokenCommand,
4093 .flags = FLAG_ADVANCED,
4096 .label = "NIS homedir",
4098 .p_class = P_GLOBAL,
4099 .ptr = &Globals.bNISHomeMap,
4102 .flags = FLAG_ADVANCED,
4108 .ptr = &sDefault.valid,
4117 .ptr = &sDefault.szCopy,
4118 .special = handle_copy,
4126 .ptr = &sDefault.szInclude,
4127 .special = handle_include,
4129 .flags = FLAG_HIDE|FLAG_META,
4135 .ptr = &sDefault.szPreExec,
4138 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
4144 .ptr = &sDefault.szPreExec,
4147 .flags = FLAG_ADVANCED,
4150 .label = "preexec close",
4153 .ptr = &sDefault.bPreexecClose,
4156 .flags = FLAG_ADVANCED | FLAG_SHARE,
4159 .label = "postexec",
4162 .ptr = &sDefault.szPostExec,
4165 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
4168 .label = "root preexec",
4171 .ptr = &sDefault.szRootPreExec,
4174 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
4177 .label = "root preexec close",
4180 .ptr = &sDefault.bRootpreexecClose,
4183 .flags = FLAG_ADVANCED | FLAG_SHARE,
4186 .label = "root postexec",
4189 .ptr = &sDefault.szRootPostExec,
4192 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
4195 .label = "available",
4198 .ptr = &sDefault.bAvailable,
4201 .flags = FLAG_BASIC | FLAG_ADVANCED | FLAG_SHARE | FLAG_PRINT,
4204 .label = "registry shares",
4206 .p_class = P_GLOBAL,
4207 .ptr = &Globals.bRegistryShares,
4210 .flags = FLAG_ADVANCED,
4213 .label = "usershare allow guests",
4215 .p_class = P_GLOBAL,
4216 .ptr = &Globals.bUsershareAllowGuests,
4219 .flags = FLAG_ADVANCED,
4222 .label = "usershare max shares",
4224 .p_class = P_GLOBAL,
4225 .ptr = &Globals.iUsershareMaxShares,
4228 .flags = FLAG_ADVANCED,
4231 .label = "usershare owner only",
4233 .p_class = P_GLOBAL,
4234 .ptr = &Globals.bUsershareOwnerOnly,
4237 .flags = FLAG_ADVANCED,
4240 .label = "usershare path",
4242 .p_class = P_GLOBAL,
4243 .ptr = &Globals.szUsersharePath,
4246 .flags = FLAG_ADVANCED,
4249 .label = "usershare prefix allow list",
4251 .p_class = P_GLOBAL,
4252 .ptr = &Globals.szUsersharePrefixAllowList,
4255 .flags = FLAG_ADVANCED,
4258 .label = "usershare prefix deny list",
4260 .p_class = P_GLOBAL,
4261 .ptr = &Globals.szUsersharePrefixDenyList,
4264 .flags = FLAG_ADVANCED,
4267 .label = "usershare template share",
4269 .p_class = P_GLOBAL,
4270 .ptr = &Globals.szUsershareTemplateShare,
4273 .flags = FLAG_ADVANCED,
4279 .ptr = &sDefault.volume,
4282 .flags = FLAG_ADVANCED | FLAG_SHARE,
4288 .ptr = &sDefault.fstype,
4291 .flags = FLAG_ADVANCED | FLAG_SHARE,
4294 .label = "set directory",
4297 .ptr = &sDefault.bNo_set_dir,
4300 .flags = FLAG_ADVANCED | FLAG_SHARE,
4303 .label = "wide links",
4306 .ptr = &sDefault.bWidelinks,
4309 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
4312 .label = "follow symlinks",
4315 .ptr = &sDefault.bSymlinks,
4318 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
4321 .label = "dont descend",
4324 .ptr = &sDefault.szDontdescend,
4327 .flags = FLAG_ADVANCED | FLAG_SHARE,
4330 .label = "magic script",
4333 .ptr = &sDefault.szMagicScript,
4336 .flags = FLAG_ADVANCED | FLAG_SHARE,
4339 .label = "magic output",
4342 .ptr = &sDefault.szMagicOutput,
4345 .flags = FLAG_ADVANCED | FLAG_SHARE,
4348 .label = "delete readonly",
4351 .ptr = &sDefault.bDeleteReadonly,
4354 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
4357 .label = "dos filemode",
4360 .ptr = &sDefault.bDosFilemode,
4363 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
4366 .label = "dos filetimes",
4369 .ptr = &sDefault.bDosFiletimes,
4372 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
4375 .label = "dos filetime resolution",
4378 .ptr = &sDefault.bDosFiletimeResolution,
4381 .flags = FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL,
4384 .label = "fake directory create times",
4387 .ptr = &sDefault.bFakeDirCreateTimes,
4390 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
4393 .label = "async smb echo handler",
4395 .p_class = P_GLOBAL,
4396 .ptr = &Globals.bAsyncSMBEchoHandler,
4399 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
4402 .label = "multicast dns register",
4404 .p_class = P_GLOBAL,
4405 .ptr = &Globals.bMulticastDnsRegister,
4408 .flags = FLAG_ADVANCED | FLAG_GLOBAL,
4411 .label = "panic action",
4413 .p_class = P_GLOBAL,
4414 .ptr = &Globals.szPanicAction,
4417 .flags = FLAG_ADVANCED,
4420 .label = "perfcount module",
4422 .p_class = P_GLOBAL,
4423 .ptr = &Globals.szSMBPerfcountModule,
4426 .flags = FLAG_ADVANCED,
4429 {N_("VFS module options"), P_SEP, P_SEPARATOR},
4432 .label = "vfs objects",
4435 .ptr = &sDefault.szVfsObjects,
4438 .flags = FLAG_ADVANCED | FLAG_SHARE,
4441 .label = "vfs object",
4444 .ptr = &sDefault.szVfsObjects,
4451 {N_("MSDFS options"), P_SEP, P_SEPARATOR},
4454 .label = "msdfs root",
4457 .ptr = &sDefault.bMSDfsRoot,
4460 .flags = FLAG_ADVANCED | FLAG_SHARE,
4463 .label = "msdfs proxy",
4466 .ptr = &sDefault.szMSDfsProxy,
4469 .flags = FLAG_ADVANCED | FLAG_SHARE,
4472 .label = "host msdfs",
4474 .p_class = P_GLOBAL,
4475 .ptr = &Globals.bHostMSDfs,
4478 .flags = FLAG_ADVANCED,
4481 {N_("Winbind options"), P_SEP, P_SEPARATOR},
4484 .label = "passdb expand explicit",
4486 .p_class = P_GLOBAL,
4487 .ptr = &Globals.bPassdbExpandExplicit,
4490 .flags = FLAG_ADVANCED,
4493 .label = "idmap backend",
4495 .p_class = P_GLOBAL,
4496 .ptr = &Globals.szIdmapBackend,
4497 .special = handle_idmap_backend,
4499 .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
4502 .label = "idmap cache time",
4504 .p_class = P_GLOBAL,
4505 .ptr = &Globals.iIdmapCacheTime,
4508 .flags = FLAG_ADVANCED,
4511 .label = "idmap negative cache time",
4513 .p_class = P_GLOBAL,
4514 .ptr = &Globals.iIdmapNegativeCacheTime,
4517 .flags = FLAG_ADVANCED,
4520 .label = "idmap uid",
4522 .p_class = P_GLOBAL,
4523 .ptr = &Globals.szIdmapUID,
4524 .special = handle_idmap_uid,
4526 .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
4529 .label = "winbind uid",
4531 .p_class = P_GLOBAL,
4532 .ptr = &Globals.szIdmapUID,
4533 .special = handle_idmap_uid,
4538 .label = "idmap gid",
4540 .p_class = P_GLOBAL,
4541 .ptr = &Globals.szIdmapGID,
4542 .special = handle_idmap_gid,
4544 .flags = FLAG_ADVANCED | FLAG_DEPRECATED,
4547 .label = "winbind gid",
4549 .p_class = P_GLOBAL,
4550 .ptr = &Globals.szIdmapGID,
4551 .special = handle_idmap_gid,
4556 .label = "template homedir",
4558 .p_class = P_GLOBAL,
4559 .ptr = &Globals.szTemplateHomedir,
4562 .flags = FLAG_ADVANCED,
4565 .label = "template shell",
4567 .p_class = P_GLOBAL,
4568 .ptr = &Globals.szTemplateShell,
4571 .flags = FLAG_ADVANCED,
4574 .label = "winbind separator",
4576 .p_class = P_GLOBAL,
4577 .ptr = &Globals.szWinbindSeparator,
4580 .flags = FLAG_ADVANCED,
4583 .label = "winbind cache time",
4585 .p_class = P_GLOBAL,
4586 .ptr = &Globals.winbind_cache_time,
4589 .flags = FLAG_ADVANCED,
4592 .label = "winbind reconnect delay",
4594 .p_class = P_GLOBAL,
4595 .ptr = &Globals.winbind_reconnect_delay,
4598 .flags = FLAG_ADVANCED,
4601 .label = "winbind max clients",
4603 .p_class = P_GLOBAL,
4604 .ptr = &Globals.winbind_max_clients,
4607 .flags = FLAG_ADVANCED,
4610 .label = "winbind enum users",
4612 .p_class = P_GLOBAL,
4613 .ptr = &Globals.bWinbindEnumUsers,
4616 .flags = FLAG_ADVANCED,
4619 .label = "winbind enum groups",
4621 .p_class = P_GLOBAL,
4622 .ptr = &Globals.bWinbindEnumGroups,
4625 .flags = FLAG_ADVANCED,
4628 .label = "winbind use default domain",
4630 .p_class = P_GLOBAL,
4631 .ptr = &Globals.bWinbindUseDefaultDomain,
4634 .flags = FLAG_ADVANCED,
4637 .label = "winbind trusted domains only",
4639 .p_class = P_GLOBAL,
4640 .ptr = &Globals.bWinbindTrustedDomainsOnly,
4643 .flags = FLAG_ADVANCED,
4646 .label = "winbind nested groups",
4648 .p_class = P_GLOBAL,
4649 .ptr = &Globals.bWinbindNestedGroups,
4652 .flags = FLAG_ADVANCED,
4655 .label = "winbind expand groups",
4657 .p_class = P_GLOBAL,
4658 .ptr = &Globals.winbind_expand_groups,
4661 .flags = FLAG_ADVANCED,
4664 .label = "winbind nss info",
4666 .p_class = P_GLOBAL,
4667 .ptr = &Globals.szWinbindNssInfo,
4670 .flags = FLAG_ADVANCED,
4673 .label = "winbind refresh tickets",
4675 .p_class = P_GLOBAL,
4676 .ptr = &Globals.bWinbindRefreshTickets,
4679 .flags = FLAG_ADVANCED,
4682 .label = "winbind offline logon",
4684 .p_class = P_GLOBAL,
4685 .ptr = &Globals.bWinbindOfflineLogon,
4688 .flags = FLAG_ADVANCED,
4691 .label = "winbind normalize names",
4693 .p_class = P_GLOBAL,
4694 .ptr = &Globals.bWinbindNormalizeNames,
4697 .flags = FLAG_ADVANCED,
4700 .label = "winbind rpc only",
4702 .p_class = P_GLOBAL,
4703 .ptr = &Globals.bWinbindRpcOnly,
4706 .flags = FLAG_ADVANCED,
4709 .label = "create krb5 conf",
4711 .p_class = P_GLOBAL,
4712 .ptr = &Globals.bCreateKrb5Conf,
4715 .flags = FLAG_ADVANCED,
4718 .label = "ncalrpc dir",
4720 .p_class = P_GLOBAL,
4721 .ptr = &Globals.ncalrpc_dir,
4724 .flags = FLAG_ADVANCED,
4727 .label = "winbind max domain connections",
4729 .p_class = P_GLOBAL,
4730 .ptr = &Globals.winbindMaxDomainConnections,
4733 .flags = FLAG_ADVANCED,
4736 {NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
4739 /***************************************************************************
4740 Initialise the sDefault parameter structure for the printer values.
4741 ***************************************************************************/
4743 static void init_printer_values(struct service *pService)
4745 /* choose defaults depending on the type of printing */
4746 switch (pService->iPrinting) {
4751 string_set(&pService->szLpqcommand, "lpq -P'%p'");
4752 string_set(&pService->szLprmcommand, "lprm -P'%p' %j");
4753 string_set(&pService->szPrintcommand, "lpr -r -P'%p' %s");
4758 string_set(&pService->szLpqcommand, "lpq -P'%p'");
4759 string_set(&pService->szLprmcommand, "lprm -P'%p' %j");
4760 string_set(&pService->szPrintcommand, "lpr -r -P'%p' %s");
4761 string_set(&pService->szQueuepausecommand, "lpc stop '%p'");
4762 string_set(&pService->szQueueresumecommand, "lpc start '%p'");
4763 string_set(&pService->szLppausecommand, "lpc hold '%p' %j");
4764 string_set(&pService->szLpresumecommand, "lpc release '%p' %j");
4770 /* set the lpq command to contain the destination printer
4771 name only. This is used by cups_queue_get() */
4772 string_set(&pService->szLpqcommand, "%p");
4773 string_set(&pService->szLprmcommand, "");
4774 string_set(&pService->szPrintcommand, "");
4775 string_set(&pService->szLppausecommand, "");
4776 string_set(&pService->szLpresumecommand, "");
4777 string_set(&pService->szQueuepausecommand, "");
4778 string_set(&pService->szQueueresumecommand, "");
4780 string_set(&pService->szLpqcommand, "lpq -P'%p'");
4781 string_set(&pService->szLprmcommand, "lprm -P'%p' %j");
4782 string_set(&pService->szPrintcommand, "lpr -P'%p' %s; rm %s");
4783 string_set(&pService->szLppausecommand, "lp -i '%p-%j' -H hold");
4784 string_set(&pService->szLpresumecommand, "lp -i '%p-%j' -H resume");
4785 string_set(&pService->szQueuepausecommand, "disable '%p'");
4786 string_set(&pService->szQueueresumecommand, "enable '%p'");
4787 #endif /* HAVE_CUPS */
4792 string_set(&pService->szLpqcommand, "lpstat -o%p");
4793 string_set(&pService->szLprmcommand, "cancel %p-%j");
4794 string_set(&pService->szPrintcommand, "lp -c -d%p %s; rm %s");
4795 string_set(&pService->szQueuepausecommand, "disable %p");
4796 string_set(&pService->szQueueresumecommand, "enable %p");
4798 string_set(&pService->szLppausecommand, "lp -i %p-%j -H hold");
4799 string_set(&pService->szLpresumecommand, "lp -i %p-%j -H resume");
4804 string_set(&pService->szLpqcommand, "lpq -P%p");
4805 string_set(&pService->szLprmcommand, "lprm -P%p %j");
4806 string_set(&pService->szPrintcommand, "lp -r -P%p %s");
4809 #if defined(DEVELOPER) || defined(ENABLE_BUILD_FARM_HACKS)
4813 const char *tdbfile;
4816 tdbfile = talloc_asprintf(
4817 talloc_tos(), "tdbfile=%s",
4818 lp_parm_const_string(-1, "vlp", "tdbfile",
4820 if (tdbfile == NULL) {
4821 tdbfile="tdbfile=/tmp/vlp.tdb";
4824 tmp = talloc_asprintf(talloc_tos(), "vlp %s print %%p %%s",
4826 string_set(&pService->szPrintcommand,
4827 tmp ? tmp : "vlp print %p %s");
4830 tmp = talloc_asprintf(talloc_tos(), "vlp %s lpq %%p",
4832 string_set(&pService->szLpqcommand,
4833 tmp ? tmp : "vlp lpq %p");
4836 tmp = talloc_asprintf(talloc_tos(), "vlp %s lprm %%p %%j",
4838 string_set(&pService->szLprmcommand,
4839 tmp ? tmp : "vlp lprm %p %j");
4842 tmp = talloc_asprintf(talloc_tos(), "vlp %s lppause %%p %%j",
4844 string_set(&pService->szLppausecommand,
4845 tmp ? tmp : "vlp lppause %p %j");
4848 tmp = talloc_asprintf(talloc_tos(), "vlp %s lpresume %%p %%j",
4850 string_set(&pService->szLpresumecommand,
4851 tmp ? tmp : "vlp lpresume %p %j");
4854 tmp = talloc_asprintf(talloc_tos(), "vlp %s queuepause %%p",
4856 string_set(&pService->szQueuepausecommand,
4857 tmp ? tmp : "vlp queuepause %p");
4860 tmp = talloc_asprintf(talloc_tos(), "vlp %s queueresume %%p",
4862 string_set(&pService->szQueueresumecommand,
4863 tmp ? tmp : "vlp queueresume %p");
4868 #endif /* DEVELOPER */
4873 * Function to return the default value for the maximum number of open
4874 * file descriptors permitted. This function tries to consult the
4875 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
4876 * the smaller of those.
4878 static int max_open_files(void)
4880 int sysctl_max = MAX_OPEN_FILES;
4881 int rlimit_max = MAX_OPEN_FILES;
4883 #ifdef HAVE_SYSCTLBYNAME
4885 size_t size = sizeof(sysctl_max);
4886 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
4891 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
4897 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
4898 rlimit_max = rl.rlim_cur;
4900 #if defined(RLIM_INFINITY)
4901 if(rl.rlim_cur == RLIM_INFINITY)
4902 rlimit_max = MAX_OPEN_FILES;
4907 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
4908 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
4909 "minimum Windows limit (%d)\n",
4911 MIN_OPEN_FILES_WINDOWS));
4912 sysctl_max = MIN_OPEN_FILES_WINDOWS;
4915 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
4916 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
4917 "minimum Windows limit (%d)\n",
4919 MIN_OPEN_FILES_WINDOWS));
4920 rlimit_max = MIN_OPEN_FILES_WINDOWS;
4923 return MIN(sysctl_max, rlimit_max);
4927 * Common part of freeing allocated data for one parameter.
4929 static void free_one_parameter_common(void *parm_ptr,
4930 struct parm_struct parm)
4932 if ((parm.type == P_STRING) ||
4933 (parm.type == P_USTRING))
4935 string_free((char**)parm_ptr);
4936 } else if (parm.type == P_LIST) {
4937 TALLOC_FREE(*((char***)parm_ptr));
4942 * Free the allocated data for one parameter for a share
4943 * given as a service struct.
4945 static void free_one_parameter(struct service *service,
4946 struct parm_struct parm)
4950 if (parm.p_class != P_LOCAL) {
4954 parm_ptr = lp_local_ptr(service, parm.ptr);
4956 free_one_parameter_common(parm_ptr, parm);
4960 * Free the allocated parameter data of a share given
4961 * as a service struct.
4963 static void free_parameters(struct service *service)
4967 for (i=0; parm_table[i].label; i++) {
4968 free_one_parameter(service, parm_table[i]);
4973 * Free the allocated data for one parameter for a given share
4974 * specified by an snum.
4976 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
4980 if (parm.ptr == NULL) {
4985 parm_ptr = parm.ptr;
4986 } else if (parm.p_class != P_LOCAL) {
4989 parm_ptr = lp_local_ptr_by_snum(snum, parm.ptr);
4992 free_one_parameter_common(parm_ptr, parm);
4996 * Free the allocated parameter data for a share specified
4999 static void free_parameters_by_snum(int snum)
5003 for (i=0; parm_table[i].label; i++) {
5004 free_one_parameter_by_snum(snum, parm_table[i]);
5009 * Free the allocated global parameters.
5011 static void free_global_parameters(void)
5013 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
5016 static int map_parameter(const char *pszParmName);
5018 struct lp_stored_option {
5019 struct lp_stored_option *prev, *next;
5024 static struct lp_stored_option *stored_options;
5027 save options set by lp_set_cmdline() into a list. This list is
5028 re-applied when we do a globals reset, so that cmdline set options
5029 are sticky across reloads of smb.conf
5031 static bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
5033 struct lp_stored_option *entry, *entry_next;
5034 for (entry = stored_options; entry != NULL; entry = entry_next) {
5035 entry_next = entry->next;
5036 if (strcmp(pszParmName, entry->label) == 0) {
5037 DLIST_REMOVE(stored_options, entry);
5043 entry = talloc(NULL, struct lp_stored_option);
5048 entry->label = talloc_strdup(entry, pszParmName);
5049 if (!entry->label) {
5054 entry->value = talloc_strdup(entry, pszParmValue);
5055 if (!entry->value) {
5060 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
5065 static bool apply_lp_set_cmdline(void)
5067 struct lp_stored_option *entry = NULL;
5068 for (entry = stored_options; entry != NULL; entry = entry->next) {
5069 if (!lp_set_cmdline_helper(entry->label, entry->value, false)) {
5070 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
5071 entry->label, entry->value));
5078 /***************************************************************************
5079 Initialise the global parameter structure.
5080 ***************************************************************************/
5082 static void init_globals(bool reinit_globals)
5084 static bool done_init = False;
5088 /* If requested to initialize only once and we've already done it... */
5089 if (!reinit_globals && done_init) {
5090 /* ... then we have nothing more to do */
5095 /* The logfile can be set before this is invoked. Free it if so. */
5096 if (Globals.szLogFile != NULL) {
5097 string_free(&Globals.szLogFile);
5098 Globals.szLogFile = NULL;
5102 free_global_parameters();
5105 /* This memset and the free_global_parameters() above will
5106 * wipe out smb.conf options set with lp_set_cmdline(). The
5107 * apply_lp_set_cmdline() call puts these values back in the
5108 * table once the defaults are set */
5109 memset((void *)&Globals, '\0', sizeof(Globals));
5111 for (i = 0; parm_table[i].label; i++) {
5112 if ((parm_table[i].type == P_STRING ||
5113 parm_table[i].type == P_USTRING) &&
5116 string_set((char **)parm_table[i].ptr, "");
5121 string_set(&sDefault.fstype, FSTYPE_STRING);
5122 string_set(&sDefault.szPrintjobUsername, "%U");
5124 init_printer_values(&sDefault);
5127 DEBUG(3, ("Initialising global parameters\n"));
5129 /* Must manually force to upper case here, as this does not go via the handler */
5130 string_set(&Globals.szNetbiosName, myhostname_upper());
5132 string_set(&Globals.szSMBPasswdFile, get_dyn_SMB_PASSWD_FILE());
5133 string_set(&Globals.szPrivateDir, get_dyn_PRIVATE_DIR());
5135 /* use the new 'hash2' method by default, with a prefix of 1 */
5136 string_set(&Globals.szManglingMethod, "hash2");
5137 Globals.mangle_prefix = 1;
5139 string_set(&Globals.szGuestaccount, GUEST_ACCOUNT);
5141 /* using UTF8 by default allows us to support all chars */
5142 string_set(&Globals.unix_charset, DEFAULT_UNIX_CHARSET);
5144 /* Use codepage 850 as a default for the dos character set */
5145 string_set(&Globals.dos_charset, DEFAULT_DOS_CHARSET);
5148 * Allow the default PASSWD_CHAT to be overridden in local.h.
5150 string_set(&Globals.szPasswdChat, DEFAULT_PASSWD_CHAT);
5152 string_set(&Globals.szWorkgroup, WORKGROUP);
5154 string_set(&Globals.szPasswdProgram, "");
5155 string_set(&Globals.szLockDir, get_dyn_LOCKDIR());
5156 string_set(&Globals.szStateDir, get_dyn_STATEDIR());
5157 string_set(&Globals.szCacheDir, get_dyn_CACHEDIR());
5158 string_set(&Globals.szPidDir, get_dyn_PIDDIR());
5159 string_set(&Globals.szSocketAddress, "0.0.0.0");
5161 * By default support explicit binding to broadcast
5164 Globals.bNmbdBindExplicitBroadcast = true;
5166 if (asprintf(&s, "Samba %s", samba_version_string()) < 0) {
5167 smb_panic("init_globals: ENOMEM");
5169 string_set(&Globals.szServerString, s);
5172 string_set(&Globals.szPanicAction, "/bin/sleep 999999999");
5175 string_set(&Globals.szSocketOptions, DEFAULT_SOCKET_OPTIONS);
5177 string_set(&Globals.szLogonDrive, "");
5178 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
5179 string_set(&Globals.szLogonHome, "\\\\%N\\%U");
5180 string_set(&Globals.szLogonPath, "\\\\%N\\%U\\profile");
5182 string_set(&Globals.szNameResolveOrder, "lmhosts wins host bcast");
5183 string_set(&Globals.szPasswordServer, "*");
5185 Globals.AlgorithmicRidBase = BASE_RID;
5187 Globals.bLoadPrinters = True;
5188 Globals.PrintcapCacheTime = 750; /* 12.5 minutes */
5190 Globals.ConfigBackend = config_backend;
5192 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
5193 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
5194 Globals.max_xmit = 0x4104;
5195 Globals.max_mux = 50; /* This is *needed* for profile support. */
5196 Globals.lpqcachetime = 30; /* changed to handle large print servers better -- jerry */
5197 Globals.bDisableSpoolss = False;
5198 Globals.iMaxSmbdProcesses = 0;/* no limit specified */
5199 Globals.pwordlevel = 0;
5200 Globals.unamelevel = 0;
5201 Globals.deadtime = 0;
5202 Globals.getwd_cache = true;
5203 Globals.bLargeReadwrite = True;
5204 Globals.max_log_size = 5000;
5205 Globals.max_open_files = max_open_files();
5206 Globals.open_files_db_hash_size = SMB_OPEN_DATABASE_TDB_HASH_SIZE;
5207 Globals.maxprotocol = PROTOCOL_NT1;
5208 Globals.minprotocol = PROTOCOL_CORE;
5209 Globals.security = SEC_USER;
5210 Globals.paranoid_server_security = True;
5211 Globals.bEncryptPasswords = True;
5212 Globals.bUpdateEncrypt = False;
5213 Globals.clientSchannel = Auto;
5214 Globals.serverSchannel = Auto;
5215 Globals.bReadRaw = True;
5216 Globals.bWriteRaw = True;
5217 Globals.bNullPasswords = False;
5218 Globals.bObeyPamRestrictions = False;
5220 Globals.bSyslogOnly = False;
5221 Globals.bTimestampLogs = True;
5222 string_set(&Globals.szLogLevel, "0");
5223 Globals.bDebugPrefixTimestamp = False;
5224 Globals.bDebugHiresTimestamp = true;
5225 Globals.bDebugPid = False;
5226 Globals.bDebugUid = False;
5227 Globals.bDebugClass = False;
5228 Globals.bEnableCoreFiles = True;
5229 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
5230 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
5231 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
5232 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
5233 Globals.lm_announce = 2; /* = Auto: send only if LM clients found */
5234 Globals.lm_interval = 60;
5235 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
5236 Globals.bNISHomeMap = False;
5237 #ifdef WITH_NISPLUS_HOME
5238 string_set(&Globals.szNISHomeMapName, "auto_home.org_dir");
5240 string_set(&Globals.szNISHomeMapName, "auto.home");
5243 Globals.bTimeServer = False;
5244 Globals.bBindInterfacesOnly = False;
5245 Globals.bUnixPasswdSync = False;
5246 Globals.bPamPasswordChange = False;
5247 Globals.bPasswdChatDebug = False;
5248 Globals.iPasswdChatTimeout = 2; /* 2 second default. */
5249 Globals.bNTPipeSupport = True; /* Do NT pipes by default. */
5250 Globals.bNTStatusSupport = True; /* Use NT status by default. */
5251 Globals.bStatCache = True; /* use stat cache by default */
5252 Globals.iMaxStatCacheSize = 256; /* 256k by default */
5253 Globals.restrict_anonymous = 0;
5254 Globals.bClientLanManAuth = False; /* Do NOT use the LanMan hash if it is available */
5255 Globals.bClientPlaintextAuth = False; /* Do NOT use a plaintext password even if is requested by the server */
5256 Globals.bLanmanAuth = False; /* Do NOT use the LanMan hash, even if it is supplied */
5257 Globals.bNTLMAuth = True; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
5258 Globals.bClientNTLMv2Auth = True; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
5259 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
5261 Globals.map_to_guest = 0; /* By Default, "Never" */
5262 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
5263 Globals.enhanced_browsing = true;
5264 Globals.iLockSpinTime = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
5265 #ifdef MMAP_BLACKLIST
5266 Globals.bUseMmap = False;
5268 Globals.bUseMmap = True;
5270 Globals.bUnixExtensions = True;
5271 Globals.bResetOnZeroVC = False;
5272 Globals.bLogWriteableFilesOnExit = False;
5273 Globals.bCreateKrb5Conf = true;
5274 Globals.winbindMaxDomainConnections = 1;
5276 /* hostname lookups can be very expensive and are broken on
5277 a large number of sites (tridge) */
5278 Globals.bHostnameLookups = False;
5280 string_set(&Globals.szPassdbBackend, "tdbsam");
5281 string_set(&Globals.szLdapSuffix, "");
5282 string_set(&Globals.szLdapMachineSuffix, "");
5283 string_set(&Globals.szLdapUserSuffix, "");
5284 string_set(&Globals.szLdapGroupSuffix, "");
5285 string_set(&Globals.szLdapIdmapSuffix, "");
5287 string_set(&Globals.szLdapAdminDn, "");
5288 Globals.ldap_ssl = LDAP_SSL_START_TLS;
5289 Globals.ldap_ssl_ads = False;
5290 Globals.ldap_deref = -1;
5291 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
5292 Globals.ldap_delete_dn = False;
5293 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
5294 Globals.ldap_follow_referral = Auto;
5295 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
5296 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
5297 Globals.ldap_page_size = LDAP_PAGE_SIZE;
5299 Globals.ldap_debug_level = 0;
5300 Globals.ldap_debug_threshold = 10;
5302 /* This is what we tell the afs client. in reality we set the token
5303 * to never expire, though, when this runs out the afs client will
5304 * forget the token. Set to 0 to get NEVERDATE.*/
5305 Globals.iAfsTokenLifetime = 604800;
5306 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
5308 /* these parameters are set to defaults that are more appropriate
5309 for the increasing samba install base:
5311 as a member of the workgroup, that will possibly become a
5312 _local_ master browser (lm = True). this is opposed to a forced
5313 local master browser startup (pm = True).
5315 doesn't provide WINS server service by default (wsupp = False),
5316 and doesn't provide domain master browser services by default, either.
5320 Globals.bMsAddPrinterWizard = True;
5321 Globals.os_level = 20;
5322 Globals.bLocalMaster = True;
5323 Globals.iDomainMaster = Auto; /* depending on bDomainLogons */
5324 Globals.bDomainLogons = False;
5325 Globals.bBrowseList = True;
5326 Globals.bWINSsupport = False;
5327 Globals.bWINSproxy = False;
5329 TALLOC_FREE(Globals.szInitLogonDelayedHosts);
5330 Globals.InitLogonDelay = 100; /* 100 ms default delay */
5332 Globals.bDNSproxy = True;
5334 /* this just means to use them if they exist */
5335 Globals.bKernelOplocks = True;
5337 Globals.bAllowTrustedDomains = True;
5338 string_set(&Globals.szIdmapBackend, "tdb");
5339 Globals.bIdmapReadOnly = false;
5341 string_set(&Globals.szTemplateShell, "/bin/false");
5342 string_set(&Globals.szTemplateHomedir, "/home/%D/%U");
5343 string_set(&Globals.szWinbindSeparator, "\\");
5345 string_set(&Globals.szCupsServer, "");
5346 string_set(&Globals.szIPrintServer, "");
5348 string_set(&Globals.ctdbdSocket, "");
5349 Globals.szClusterAddresses = NULL;
5350 Globals.clustering = False;
5351 Globals.ctdb_timeout = 0;
5352 Globals.ctdb_locktime_warn_threshold = 0;
5354 Globals.winbind_cache_time = 300; /* 5 minutes */
5355 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
5356 Globals.winbind_max_clients = 200;
5357 Globals.bWinbindEnumUsers = False;
5358 Globals.bWinbindEnumGroups = False;
5359 Globals.bWinbindUseDefaultDomain = False;
5360 Globals.bWinbindTrustedDomainsOnly = False;
5361 Globals.bWinbindNestedGroups = True;
5362 Globals.winbind_expand_groups = 1;
5363 Globals.szWinbindNssInfo = str_list_make_v3(NULL, "template", NULL);
5364 Globals.bWinbindRefreshTickets = False;
5365 Globals.bWinbindOfflineLogon = False;
5367 Globals.iIdmapCacheTime = 86400 * 7; /* a week by default */
5368 Globals.iIdmapNegativeCacheTime = 120; /* 2 minutes by default */
5370 Globals.bPassdbExpandExplicit = False;
5372 Globals.name_cache_timeout = 660; /* In seconds */
5374 Globals.bUseSpnego = True;
5375 Globals.bClientUseSpnego = True;
5377 Globals.client_signing = Auto;
5378 Globals.server_signing = False;
5380 Globals.bDeferSharingViolations = True;
5381 string_set(&Globals.smb_ports, SMB_PORTS);
5383 Globals.bEnablePrivileges = True;
5384 Globals.bHostMSDfs = True;
5385 Globals.bASUSupport = False;
5387 /* User defined shares. */
5388 if (asprintf(&s, "%s/usershares", get_dyn_STATEDIR()) < 0) {
5389 smb_panic("init_globals: ENOMEM");
5391 string_set(&Globals.szUsersharePath, s);
5393 string_set(&Globals.szUsershareTemplateShare, "");
5394 Globals.iUsershareMaxShares = 0;
5395 /* By default disallow sharing of directories not owned by the sharer. */
5396 Globals.bUsershareOwnerOnly = True;
5397 /* By default disallow guest access to usershares. */
5398 Globals.bUsershareAllowGuests = False;
5400 Globals.iKeepalive = DEFAULT_KEEPALIVE;
5402 /* By default no shares out of the registry */
5403 Globals.bRegistryShares = False;
5405 Globals.iminreceivefile = 0;
5407 Globals.bMapUntrustedToDomain = false;
5408 Globals.bMulticastDnsRegister = true;
5410 Globals.ismb2_max_read = DEFAULT_SMB2_MAX_READ;
5411 Globals.ismb2_max_write = DEFAULT_SMB2_MAX_WRITE;
5412 Globals.ismb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
5413 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
5415 string_set(&Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
5417 /* Now put back the settings that were set with lp_set_cmdline() */
5418 apply_lp_set_cmdline();
5421 /*******************************************************************
5422 Convenience routine to grab string parameters into temporary memory
5423 and run standard_sub_basic on them. The buffers can be written to by
5424 callers without affecting the source string.
5425 ********************************************************************/
5427 static char *lp_string(const char *s)
5430 TALLOC_CTX *ctx = talloc_tos();
5432 /* The follow debug is useful for tracking down memory problems
5433 especially if you have an inner loop that is calling a lp_*()
5434 function that returns a string. Perhaps this debug should be
5435 present all the time? */
5438 DEBUG(10, ("lp_string(%s)\n", s));
5444 ret = talloc_sub_basic(ctx,
5445 get_current_username(),
5446 current_user_info.domain,
5448 if (trim_char(ret, '\"', '\"')) {
5449 if (strchr(ret,'\"') != NULL) {
5451 ret = talloc_sub_basic(ctx,
5452 get_current_username(),
5453 current_user_info.domain,
5461 In this section all the functions that are used to access the
5462 parameters from the rest of the program are defined
5465 #define FN_GLOBAL_STRING(fn_name,ptr) \
5466 char *fn_name(void) {return(lp_string(*(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
5467 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
5468 const char *fn_name(void) {return(*(const char **)(&Globals.ptr) ? *(const char **)(&Globals.ptr) : "");}
5469 #define FN_GLOBAL_LIST(fn_name,ptr) \
5470 const char **fn_name(void) {return(*(const char ***)(&Globals.ptr));}
5471 #define FN_GLOBAL_BOOL(fn_name,ptr) \
5472 bool fn_name(void) {return(*(bool *)(&Globals.ptr));}
5473 #define FN_GLOBAL_CHAR(fn_name,ptr) \
5474 char fn_name(void) {return(*(char *)(&Globals.ptr));}
5475 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
5476 int fn_name(void) {return(*(int *)(&Globals.ptr));}
5478 #define FN_LOCAL_STRING(fn_name,val) \
5479 char *fn_name(int i) {return(lp_string((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
5480 #define FN_LOCAL_CONST_STRING(fn_name,val) \
5481 const char *fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
5482 #define FN_LOCAL_LIST(fn_name,val) \
5483 const char **fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
5484 #define FN_LOCAL_BOOL(fn_name,val) \
5485 bool fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
5486 #define FN_LOCAL_INTEGER(fn_name,val) \
5487 int fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
5489 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
5490 bool fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
5491 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
5492 int fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
5493 #define FN_LOCAL_CHAR(fn_name,val) \
5494 char fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
5496 FN_GLOBAL_CONST_STRING(lp_smb_ports, smb_ports)
5497 FN_GLOBAL_CONST_STRING(lp_dos_charset, dos_charset)
5498 FN_GLOBAL_CONST_STRING(lp_unix_charset, unix_charset)
5499 FN_GLOBAL_STRING(lp_logfile, szLogFile)
5500 FN_GLOBAL_STRING(lp_configfile, szConfigFile)
5501 FN_GLOBAL_CONST_STRING(lp_smb_passwd_file, szSMBPasswdFile)
5502 FN_GLOBAL_CONST_STRING(lp_private_dir, szPrivateDir)
5503 FN_GLOBAL_STRING(lp_serverstring, szServerString)
5504 FN_GLOBAL_INTEGER(lp_printcap_cache_time, PrintcapCacheTime)
5505 FN_GLOBAL_STRING(lp_addport_cmd, szAddPortCommand)
5506 FN_GLOBAL_STRING(lp_enumports_cmd, szEnumPortsCommand)
5507 FN_GLOBAL_STRING(lp_addprinter_cmd, szAddPrinterCommand)
5508 FN_GLOBAL_STRING(lp_deleteprinter_cmd, szDeletePrinterCommand)
5509 FN_GLOBAL_STRING(lp_os2_driver_map, szOs2DriverMap)
5510 FN_GLOBAL_CONST_STRING(lp_lockdir, szLockDir)
5511 /* If lp_statedir() and lp_cachedir() are explicitely set during the
5512 * build process or in smb.conf, we use that value. Otherwise they
5513 * default to the value of lp_lockdir(). */
5514 const char *lp_statedir(void) {
5515 if ((strcmp(get_dyn_STATEDIR(), get_dyn_LOCKDIR()) != 0) ||
5516 (strcmp(get_dyn_STATEDIR(), Globals.szStateDir) != 0))
5517 return(*(char **)(&Globals.szStateDir) ?
5518 *(char **)(&Globals.szStateDir) : "");
5520 return(*(char **)(&Globals.szLockDir) ?
5521 *(char **)(&Globals.szLockDir) : "");
5523 const char *lp_cachedir(void) {
5524 if ((strcmp(get_dyn_CACHEDIR(), get_dyn_LOCKDIR()) != 0) ||
5525 (strcmp(get_dyn_CACHEDIR(), Globals.szCacheDir) != 0))
5526 return(*(char **)(&Globals.szCacheDir) ?
5527 *(char **)(&Globals.szCacheDir) : "");
5529 return(*(char **)(&Globals.szLockDir) ?
5530 *(char **)(&Globals.szLockDir) : "");
5532 FN_GLOBAL_CONST_STRING(lp_piddir, szPidDir)
5533 FN_GLOBAL_STRING(lp_mangling_method, szManglingMethod)
5534 FN_GLOBAL_INTEGER(lp_mangle_prefix, mangle_prefix)
5535 FN_GLOBAL_CONST_STRING(lp_utmpdir, szUtmpDir)
5536 FN_GLOBAL_CONST_STRING(lp_wtmpdir, szWtmpDir)
5537 FN_GLOBAL_BOOL(lp_utmp, bUtmp)
5538 FN_GLOBAL_STRING(lp_rootdir, szRootdir)
5539 FN_GLOBAL_STRING(lp_perfcount_module, szSMBPerfcountModule)
5540 FN_GLOBAL_STRING(lp_defaultservice, szDefaultService)
5541 FN_GLOBAL_STRING(lp_msg_command, szMsgCommand)
5542 FN_GLOBAL_STRING(lp_get_quota_command, szGetQuota)
5543 FN_GLOBAL_STRING(lp_set_quota_command, szSetQuota)
5544 FN_GLOBAL_STRING(lp_auto_services, szAutoServices)
5545 FN_GLOBAL_STRING(lp_passwd_program, szPasswdProgram)
5546 FN_GLOBAL_STRING(lp_passwd_chat, szPasswdChat)
5547 FN_GLOBAL_CONST_STRING(lp_passwordserver, szPasswordServer)
5548 FN_GLOBAL_CONST_STRING(lp_name_resolve_order, szNameResolveOrder)
5549 FN_GLOBAL_CONST_STRING(lp_workgroup, szWorkgroup)
5550 FN_GLOBAL_CONST_STRING(lp_netbios_name, szNetbiosName)
5551 FN_GLOBAL_CONST_STRING(lp_netbios_scope, szNetbiosScope)
5552 FN_GLOBAL_CONST_STRING(lp_realm, szRealmUpper)
5553 FN_GLOBAL_CONST_STRING(lp_dnsdomain, szDnsDomain)
5554 FN_GLOBAL_CONST_STRING(lp_afs_username_map, szAfsUsernameMap)
5555 FN_GLOBAL_INTEGER(lp_afs_token_lifetime, iAfsTokenLifetime)
5556 FN_GLOBAL_STRING(lp_log_nt_token_command, szLogNtTokenCommand)
5557 FN_GLOBAL_STRING(lp_username_map, szUsernameMap)
5558 FN_GLOBAL_CONST_STRING(lp_logon_script, szLogonScript)
5559 FN_GLOBAL_CONST_STRING(lp_logon_path, szLogonPath)
5560 FN_GLOBAL_CONST_STRING(lp_logon_drive, szLogonDrive)
5561 FN_GLOBAL_CONST_STRING(lp_logon_home, szLogonHome)
5562 FN_GLOBAL_STRING(lp_remote_announce, szRemoteAnnounce)
5563 FN_GLOBAL_STRING(lp_remote_browse_sync, szRemoteBrowseSync)
5564 FN_GLOBAL_BOOL(lp_nmbd_bind_explicit_broadcast, bNmbdBindExplicitBroadcast)
5565 FN_GLOBAL_LIST(lp_wins_server_list, szWINSservers)
5566 FN_GLOBAL_LIST(lp_interfaces, szInterfaces)
5567 FN_GLOBAL_STRING(lp_nis_home_map_name, szNISHomeMapName)
5568 FN_GLOBAL_LIST(lp_netbios_aliases, szNetbiosAliases)
5569 FN_GLOBAL_CONST_STRING(lp_passdb_backend, szPassdbBackend)
5570 FN_GLOBAL_LIST(lp_preload_modules, szPreloadModules)
5571 FN_GLOBAL_STRING(lp_panic_action, szPanicAction)
5572 FN_GLOBAL_STRING(lp_adduser_script, szAddUserScript)
5573 FN_GLOBAL_STRING(lp_renameuser_script, szRenameUserScript)
5574 FN_GLOBAL_STRING(lp_deluser_script, szDelUserScript)
5576 FN_GLOBAL_CONST_STRING(lp_guestaccount, szGuestaccount)
5577 FN_GLOBAL_STRING(lp_addgroup_script, szAddGroupScript)
5578 FN_GLOBAL_STRING(lp_delgroup_script, szDelGroupScript)
5579 FN_GLOBAL_STRING(lp_addusertogroup_script, szAddUserToGroupScript)
5580 FN_GLOBAL_STRING(lp_deluserfromgroup_script, szDelUserFromGroupScript)
5581 FN_GLOBAL_STRING(lp_setprimarygroup_script, szSetPrimaryGroupScript)
5583 FN_GLOBAL_STRING(lp_addmachine_script, szAddMachineScript)
5585 FN_GLOBAL_STRING(lp_shutdown_script, szShutdownScript)
5586 FN_GLOBAL_STRING(lp_abort_shutdown_script, szAbortShutdownScript)
5587 FN_GLOBAL_STRING(lp_username_map_script, szUsernameMapScript)
5588 FN_GLOBAL_INTEGER(lp_username_map_cache_time, iUsernameMapCacheTime)
5590 FN_GLOBAL_STRING(lp_check_password_script, szCheckPasswordScript)
5592 FN_GLOBAL_STRING(lp_wins_hook, szWINSHook)
5593 FN_GLOBAL_CONST_STRING(lp_template_homedir, szTemplateHomedir)
5594 FN_GLOBAL_CONST_STRING(lp_template_shell, szTemplateShell)
5595 FN_GLOBAL_CONST_STRING(lp_winbind_separator, szWinbindSeparator)
5596 FN_GLOBAL_INTEGER(lp_acl_compatibility, iAclCompat)
5597 FN_GLOBAL_BOOL(lp_winbind_enum_users, bWinbindEnumUsers)
5598 FN_GLOBAL_BOOL(lp_winbind_enum_groups, bWinbindEnumGroups)
5599 FN_GLOBAL_BOOL(lp_winbind_use_default_domain, bWinbindUseDefaultDomain)
5600 FN_GLOBAL_BOOL(lp_winbind_trusted_domains_only, bWinbindTrustedDomainsOnly)
5601 FN_GLOBAL_BOOL(lp_winbind_nested_groups, bWinbindNestedGroups)
5602 FN_GLOBAL_INTEGER(lp_winbind_expand_groups, winbind_expand_groups)
5603 FN_GLOBAL_BOOL(lp_winbind_refresh_tickets, bWinbindRefreshTickets)
5604 FN_GLOBAL_BOOL(lp_winbind_offline_logon, bWinbindOfflineLogon)
5605 FN_GLOBAL_BOOL(lp_winbind_normalize_names, bWinbindNormalizeNames)
5606 FN_GLOBAL_BOOL(lp_winbind_rpc_only, bWinbindRpcOnly)
5607 FN_GLOBAL_BOOL(lp_create_krb5_conf, bCreateKrb5Conf)
5608 static FN_GLOBAL_INTEGER(lp_winbind_max_domain_connections_int,
5609 winbindMaxDomainConnections)
5611 int lp_winbind_max_domain_connections(void)
5613 if (lp_winbind_offline_logon() &&
5614 lp_winbind_max_domain_connections_int() > 1) {
5615 DEBUG(1, ("offline logons active, restricting max domain "
5616 "connections to 1\n"));
5619 return MAX(1, lp_winbind_max_domain_connections_int());
5622 FN_GLOBAL_CONST_STRING(lp_idmap_backend, szIdmapBackend)
5623 FN_GLOBAL_INTEGER(lp_idmap_cache_time, iIdmapCacheTime)
5624 FN_GLOBAL_INTEGER(lp_idmap_negative_cache_time, iIdmapNegativeCacheTime)
5625 FN_GLOBAL_INTEGER(lp_keepalive, iKeepalive)
5626 FN_GLOBAL_BOOL(lp_passdb_expand_explicit, bPassdbExpandExplicit)
5628 FN_GLOBAL_STRING(lp_ldap_suffix, szLdapSuffix)
5629 FN_GLOBAL_STRING(lp_ldap_admin_dn, szLdapAdminDn)
5630 FN_GLOBAL_INTEGER(lp_ldap_ssl, ldap_ssl)
5631 FN_GLOBAL_BOOL(lp_ldap_ssl_ads, ldap_ssl_ads)
5632 FN_GLOBAL_INTEGER(lp_ldap_deref, ldap_deref)
5633 FN_GLOBAL_INTEGER(lp_ldap_follow_referral, ldap_follow_referral)
5634 FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, ldap_passwd_sync)
5635 FN_GLOBAL_BOOL(lp_ldap_delete_dn, ldap_delete_dn)
5636 FN_GLOBAL_INTEGER(lp_ldap_replication_sleep, ldap_replication_sleep)
5637 FN_GLOBAL_INTEGER(lp_ldap_timeout, ldap_timeout)
5638 FN_GLOBAL_INTEGER(lp_ldap_connection_timeout, ldap_connection_timeout)
5639 FN_GLOBAL_INTEGER(lp_ldap_page_size, ldap_page_size)
5640 FN_GLOBAL_INTEGER(lp_ldap_debug_level, ldap_debug_level)
5641 FN_GLOBAL_INTEGER(lp_ldap_debug_threshold, ldap_debug_threshold)
5642 FN_GLOBAL_STRING(lp_add_share_cmd, szAddShareCommand)
5643 FN_GLOBAL_STRING(lp_change_share_cmd, szChangeShareCommand)
5644 FN_GLOBAL_STRING(lp_delete_share_cmd, szDeleteShareCommand)
5645 FN_GLOBAL_STRING(lp_usershare_path, szUsersharePath)
5646 FN_GLOBAL_LIST(lp_usershare_prefix_allow_list, szUsersharePrefixAllowList)
5647 FN_GLOBAL_LIST(lp_usershare_prefix_deny_list, szUsersharePrefixDenyList)
5649 FN_GLOBAL_LIST(lp_eventlog_list, szEventLogs)
5651 FN_GLOBAL_BOOL(lp_registry_shares, bRegistryShares)
5652 FN_GLOBAL_BOOL(lp_usershare_allow_guests, bUsershareAllowGuests)
5653 FN_GLOBAL_BOOL(lp_usershare_owner_only, bUsershareOwnerOnly)
5654 FN_GLOBAL_BOOL(lp_disable_netbios, bDisableNetbios)
5655 FN_GLOBAL_BOOL(lp_reset_on_zero_vc, bResetOnZeroVC)
5656 FN_GLOBAL_BOOL(lp_log_writeable_files_on_exit,
5657 bLogWriteableFilesOnExit)
5658 FN_GLOBAL_BOOL(lp_ms_add_printer_wizard, bMsAddPrinterWizard)
5659 FN_GLOBAL_BOOL(lp_dns_proxy, bDNSproxy)
5660 FN_GLOBAL_BOOL(lp_wins_support, bWINSsupport)
5661 FN_GLOBAL_BOOL(lp_we_are_a_wins_server, bWINSsupport)
5662 FN_GLOBAL_BOOL(lp_wins_proxy, bWINSproxy)
5663 FN_GLOBAL_BOOL(lp_local_master, bLocalMaster)
5664 FN_GLOBAL_BOOL(lp_domain_logons, bDomainLogons)
5665 FN_GLOBAL_LIST(lp_init_logon_delayed_hosts, szInitLogonDelayedHosts)
5666 FN_GLOBAL_INTEGER(lp_init_logon_delay, InitLogonDelay)
5667 FN_GLOBAL_BOOL(lp_load_printers, bLoadPrinters)
5668 FN_GLOBAL_BOOL(_lp_readraw, bReadRaw)
5669 FN_GLOBAL_BOOL(lp_large_readwrite, bLargeReadwrite)
5670 FN_GLOBAL_BOOL(_lp_writeraw, bWriteRaw)
5671 FN_GLOBAL_BOOL(lp_null_passwords, bNullPasswords)
5672 FN_GLOBAL_BOOL(lp_obey_pam_restrictions, bObeyPamRestrictions)
5673 FN_GLOBAL_BOOL(lp_encrypted_passwords, bEncryptPasswords)
5674 FN_GLOBAL_INTEGER(lp_client_schannel, clientSchannel)
5675 FN_GLOBAL_INTEGER(lp_server_schannel, serverSchannel)
5676 FN_GLOBAL_BOOL(lp_syslog_only, bSyslogOnly)
5677 FN_GLOBAL_BOOL(lp_timestamp_logs, bTimestampLogs)
5678 FN_GLOBAL_BOOL(lp_debug_prefix_timestamp, bDebugPrefixTimestamp)
5679 FN_GLOBAL_BOOL(lp_debug_hires_timestamp, bDebugHiresTimestamp)
5680 FN_GLOBAL_BOOL(lp_debug_pid, bDebugPid)
5681 FN_GLOBAL_BOOL(lp_debug_uid, bDebugUid)
5682 FN_GLOBAL_BOOL(lp_debug_class, bDebugClass)
5683 FN_GLOBAL_BOOL(lp_enable_core_files, bEnableCoreFiles)
5684 FN_GLOBAL_BOOL(lp_browse_list, bBrowseList)
5685 FN_GLOBAL_BOOL(lp_nis_home_map, bNISHomeMap)
5686 static FN_GLOBAL_BOOL(lp_time_server, bTimeServer)
5687 FN_GLOBAL_BOOL(lp_bind_interfaces_only, bBindInterfacesOnly)
5688 FN_GLOBAL_BOOL(lp_pam_password_change, bPamPasswordChange)
5689 FN_GLOBAL_BOOL(lp_unix_password_sync, bUnixPasswdSync)
5690 FN_GLOBAL_BOOL(lp_passwd_chat_debug, bPasswdChatDebug)
5691 FN_GLOBAL_INTEGER(lp_passwd_chat_timeout, iPasswdChatTimeout)
5692 FN_GLOBAL_BOOL(lp_nt_pipe_support, bNTPipeSupport)
5693 FN_GLOBAL_BOOL(lp_nt_status_support, bNTStatusSupport)
5694 FN_GLOBAL_BOOL(lp_stat_cache, bStatCache)
5695 FN_GLOBAL_INTEGER(lp_max_stat_cache_size, iMaxStatCacheSize)
5696 FN_GLOBAL_BOOL(lp_allow_trusted_domains, bAllowTrustedDomains)
5697 FN_GLOBAL_BOOL(lp_map_untrusted_to_domain, bMapUntrustedToDomain)
5698 FN_GLOBAL_INTEGER(lp_restrict_anonymous, restrict_anonymous)
5699 FN_GLOBAL_BOOL(lp_lanman_auth, bLanmanAuth)
5700 FN_GLOBAL_BOOL(lp_ntlm_auth, bNTLMAuth)
5701 FN_GLOBAL_BOOL(lp_client_plaintext_auth, bClientPlaintextAuth)
5702 FN_GLOBAL_BOOL(lp_client_lanman_auth, bClientLanManAuth)
5703 FN_GLOBAL_BOOL(lp_client_ntlmv2_auth, bClientNTLMv2Auth)
5704 FN_GLOBAL_BOOL(lp_host_msdfs, bHostMSDfs)
5705 FN_GLOBAL_BOOL(lp_kernel_oplocks, bKernelOplocks)
5706 FN_GLOBAL_BOOL(lp_enhanced_browsing, enhanced_browsing)
5707 FN_GLOBAL_BOOL(lp_use_mmap, bUseMmap)
5708 FN_GLOBAL_BOOL(lp_unix_extensions, bUnixExtensions)
5709 FN_GLOBAL_BOOL(lp_use_spnego, bUseSpnego)
5710 FN_GLOBAL_BOOL(lp_client_use_spnego, bClientUseSpnego)
5711 FN_GLOBAL_BOOL(lp_client_use_spnego_principal, client_use_spnego_principal)
5712 FN_GLOBAL_BOOL(lp_send_spnego_principal, send_spnego_principal)
5713 FN_GLOBAL_BOOL(lp_hostname_lookups, bHostnameLookups)
5714 FN_LOCAL_PARM_BOOL(lp_change_notify, bChangeNotify)
5715 FN_LOCAL_PARM_BOOL(lp_kernel_change_notify, bKernelChangeNotify)
5716 FN_GLOBAL_CONST_STRING(lp_dedicated_keytab_file, szDedicatedKeytabFile)
5717 FN_GLOBAL_INTEGER(lp_kerberos_method, iKerberosMethod)
5718 FN_GLOBAL_BOOL(lp_defer_sharing_violations, bDeferSharingViolations)
5719 FN_GLOBAL_BOOL(lp_enable_privileges, bEnablePrivileges)
5720 FN_GLOBAL_BOOL(lp_enable_asu_support, bASUSupport)
5721 FN_GLOBAL_INTEGER(lp_os_level, os_level)
5722 FN_GLOBAL_INTEGER(lp_max_ttl, max_ttl)
5723 FN_GLOBAL_INTEGER(lp_max_wins_ttl, max_wins_ttl)
5724 FN_GLOBAL_INTEGER(lp_min_wins_ttl, min_wins_ttl)
5725 FN_GLOBAL_INTEGER(lp_max_log_size, max_log_size)
5726 FN_GLOBAL_INTEGER(lp_max_open_files, max_open_files)
5727 FN_GLOBAL_INTEGER(lp_open_files_db_hash_size, open_files_db_hash_size)
5728 FN_GLOBAL_INTEGER(lp_maxxmit, max_xmit)
5729 FN_GLOBAL_INTEGER(lp_maxmux, max_mux)
5730 FN_GLOBAL_INTEGER(lp_passwordlevel, pwordlevel)
5731 FN_GLOBAL_INTEGER(lp_usernamelevel, unamelevel)
5732 FN_GLOBAL_INTEGER(lp_deadtime, deadtime)
5733 FN_GLOBAL_BOOL(lp_getwd_cache, getwd_cache)
5734 static FN_GLOBAL_INTEGER(_lp_maxprotocol, maxprotocol)
5735 int lp_maxprotocol(void)
5737 int ret = _lp_maxprotocol();
5738 if ((ret == PROTOCOL_SMB2) && (lp_security() == SEC_SHARE)) {
5739 DEBUG(2,("WARNING!!: \"security = share\" is incompatible "
5740 "with the SMB2 protocol. Resetting to SMB1.\n" ));
5741 lp_do_parameter(-1, "max protocol", "NT1");
5742 return PROTOCOL_NT1;
5746 FN_GLOBAL_INTEGER(lp_minprotocol, minprotocol)
5747 FN_GLOBAL_INTEGER(lp_security, security)
5748 FN_GLOBAL_LIST(lp_auth_methods, AuthMethods)
5749 FN_GLOBAL_BOOL(lp_paranoid_server_security, paranoid_server_security)
5750 FN_GLOBAL_INTEGER(lp_maxdisksize, maxdisksize)
5751 FN_GLOBAL_INTEGER(lp_lpqcachetime, lpqcachetime)
5752 FN_GLOBAL_INTEGER(lp_max_smbd_processes, iMaxSmbdProcesses)
5753 FN_GLOBAL_BOOL(_lp_disable_spoolss, bDisableSpoolss)
5754 FN_GLOBAL_INTEGER(lp_syslog, syslog)
5755 FN_GLOBAL_INTEGER(lp_lm_announce, lm_announce)
5756 FN_GLOBAL_INTEGER(lp_lm_interval, lm_interval)
5757 FN_GLOBAL_INTEGER(lp_machine_password_timeout, machine_password_timeout)
5758 FN_GLOBAL_INTEGER(lp_map_to_guest, map_to_guest)
5759 FN_GLOBAL_INTEGER(lp_oplock_break_wait_time, oplock_break_wait_time)
5760 FN_GLOBAL_INTEGER(lp_lock_spin_time, iLockSpinTime)
5761 FN_GLOBAL_INTEGER(lp_usershare_max_shares, iUsershareMaxShares)
5762 FN_GLOBAL_CONST_STRING(lp_socket_options, szSocketOptions)
5763 FN_GLOBAL_INTEGER(lp_config_backend, ConfigBackend)
5764 FN_GLOBAL_INTEGER(lp_smb2_max_read, ismb2_max_read)
5765 FN_GLOBAL_INTEGER(lp_smb2_max_write, ismb2_max_write)
5766 FN_GLOBAL_INTEGER(lp_smb2_max_trans, ismb2_max_trans)
5767 int lp_smb2_max_credits(void)
5769 if (Globals.ismb2_max_credits == 0) {
5770 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
5772 return Globals.ismb2_max_credits;
5774 FN_LOCAL_STRING(lp_preexec, szPreExec)
5775 FN_LOCAL_STRING(lp_postexec, szPostExec)
5776 FN_LOCAL_STRING(lp_rootpreexec, szRootPreExec)
5777 FN_LOCAL_STRING(lp_rootpostexec, szRootPostExec)
5778 FN_LOCAL_STRING(lp_servicename, szService)
5779 FN_LOCAL_CONST_STRING(lp_const_servicename, szService)
5780 FN_LOCAL_STRING(lp_pathname, szPath)
5781 FN_LOCAL_STRING(lp_dontdescend, szDontdescend)
5782 FN_LOCAL_STRING(lp_username, szUsername)
5783 FN_LOCAL_LIST(lp_invalid_users, szInvalidUsers)
5784 FN_LOCAL_LIST(lp_valid_users, szValidUsers)
5785 FN_LOCAL_LIST(lp_admin_users, szAdminUsers)
5786 FN_GLOBAL_LIST(lp_svcctl_list, szServicesList)
5787 FN_LOCAL_STRING(lp_cups_options, szCupsOptions)
5788 FN_GLOBAL_STRING(lp_cups_server, szCupsServer)
5789 int lp_cups_encrypt(void)
5792 #ifdef HAVE_HTTPCONNECTENCRYPT
5793 switch (Globals.CupsEncrypt) {
5795 result = HTTP_ENCRYPT_REQUIRED;
5798 result = HTTP_ENCRYPT_ALWAYS;
5801 result = HTTP_ENCRYPT_NEVER;
5807 FN_GLOBAL_STRING(lp_iprint_server, szIPrintServer)
5808 FN_GLOBAL_INTEGER(lp_cups_connection_timeout, cups_connection_timeout)
5809 FN_GLOBAL_CONST_STRING(lp_ctdbd_socket, ctdbdSocket)
5810 FN_GLOBAL_LIST(lp_cluster_addresses, szClusterAddresses)
5811 FN_GLOBAL_BOOL(lp_clustering, clustering)
5812 FN_GLOBAL_INTEGER(lp_ctdb_timeout, ctdb_timeout)
5813 FN_GLOBAL_INTEGER(lp_ctdb_locktime_warn_threshold, ctdb_locktime_warn_threshold)
5814 FN_LOCAL_STRING(lp_printcommand, szPrintcommand)
5815 FN_LOCAL_STRING(lp_lpqcommand, szLpqcommand)
5816 FN_LOCAL_STRING(lp_lprmcommand, szLprmcommand)
5817 FN_LOCAL_STRING(lp_lppausecommand, szLppausecommand)
5818 FN_LOCAL_STRING(lp_lpresumecommand, szLpresumecommand)
5819 FN_LOCAL_STRING(lp_queuepausecommand, szQueuepausecommand)
5820 FN_LOCAL_STRING(lp_queueresumecommand, szQueueresumecommand)
5821 static FN_LOCAL_STRING(_lp_printername, szPrintername)
5822 FN_LOCAL_CONST_STRING(lp_printjob_username, szPrintjobUsername)
5823 FN_LOCAL_LIST(lp_hostsallow, szHostsallow)
5824 FN_LOCAL_LIST(lp_hostsdeny, szHostsdeny)
5825 FN_LOCAL_STRING(lp_magicscript, szMagicScript)
5826 FN_LOCAL_STRING(lp_magicoutput, szMagicOutput)
5827 FN_LOCAL_STRING(lp_comment, comment)
5828 FN_LOCAL_STRING(lp_force_user, force_user)
5829 FN_LOCAL_STRING(lp_force_group, force_group)
5830 FN_LOCAL_LIST(lp_readlist, readlist)
5831 FN_LOCAL_LIST(lp_writelist, writelist)
5832 FN_LOCAL_LIST(lp_printer_admin, printer_admin)
5833 FN_LOCAL_STRING(lp_fstype, fstype)
5834 FN_LOCAL_LIST(lp_vfs_objects, szVfsObjects)
5835 FN_LOCAL_STRING(lp_msdfs_proxy, szMSDfsProxy)
5836 static FN_LOCAL_STRING(lp_volume, volume)
5837 FN_LOCAL_STRING(lp_veto_files, szVetoFiles)
5838 FN_LOCAL_STRING(lp_hide_files, szHideFiles)
5839 FN_LOCAL_STRING(lp_veto_oplocks, szVetoOplockFiles)
5840 FN_LOCAL_BOOL(lp_msdfs_root, bMSDfsRoot)
5841 FN_LOCAL_STRING(lp_aio_write_behind, szAioWriteBehind)
5842 FN_LOCAL_STRING(lp_dfree_command, szDfree)
5843 FN_LOCAL_BOOL(lp_autoloaded, autoloaded)
5844 FN_LOCAL_BOOL(lp_preexec_close, bPreexecClose)
5845 FN_LOCAL_BOOL(lp_rootpreexec_close, bRootpreexecClose)
5846 FN_LOCAL_INTEGER(lp_casesensitive, iCaseSensitive)
5847 FN_LOCAL_BOOL(lp_preservecase, bCasePreserve)
5848 FN_LOCAL_BOOL(lp_shortpreservecase, bShortCasePreserve)
5849 FN_LOCAL_BOOL(lp_hide_dot_files, bHideDotFiles)
5850 FN_LOCAL_BOOL(lp_hide_special_files, bHideSpecialFiles)
5851 FN_LOCAL_BOOL(lp_hideunreadable, bHideUnReadable)
5852 FN_LOCAL_BOOL(lp_hideunwriteable_files, bHideUnWriteableFiles)
5853 FN_LOCAL_BOOL(lp_browseable, bBrowseable)
5854 FN_LOCAL_BOOL(lp_access_based_share_enum, bAccessBasedShareEnum)
5855 FN_LOCAL_BOOL(lp_readonly, bRead_only)
5856 FN_LOCAL_BOOL(lp_no_set_dir, bNo_set_dir)
5857 FN_LOCAL_BOOL(lp_guest_ok, bGuest_ok)
5858 FN_LOCAL_BOOL(lp_guest_only, bGuest_only)
5859 FN_LOCAL_BOOL(lp_administrative_share, bAdministrative_share)
5860 FN_LOCAL_BOOL(lp_print_ok, bPrint_ok)
5861 FN_LOCAL_BOOL(lp_print_notify_backchannel, bPrintNotifyBackchannel)
5862 FN_LOCAL_BOOL(lp_map_hidden, bMap_hidden)
5863 FN_LOCAL_BOOL(lp_map_archive, bMap_archive)
5864 FN_LOCAL_BOOL(lp_store_dos_attributes, bStoreDosAttributes)
5865 FN_LOCAL_BOOL(lp_dmapi_support, bDmapiSupport)
5866 FN_LOCAL_PARM_BOOL(lp_locking, bLocking)
5867 FN_LOCAL_PARM_INTEGER(lp_strict_locking, iStrictLocking)
5868 FN_LOCAL_PARM_BOOL(lp_posix_locking, bPosixLocking)
5869 FN_LOCAL_BOOL(lp_share_modes, bShareModes)
5870 FN_LOCAL_BOOL(lp_oplocks, bOpLocks)
5871 FN_LOCAL_BOOL(lp_level2_oplocks, bLevel2OpLocks)
5872 FN_LOCAL_BOOL(lp_onlyuser, bOnlyUser)
5873 FN_LOCAL_PARM_BOOL(lp_manglednames, bMangledNames)
5874 FN_LOCAL_BOOL(lp_symlinks, bSymlinks)
5875 FN_LOCAL_BOOL(lp_syncalways, bSyncAlways)
5876 FN_LOCAL_BOOL(lp_strict_allocate, bStrictAllocate)
5877 FN_LOCAL_BOOL(lp_strict_sync, bStrictSync)
5878 FN_LOCAL_BOOL(lp_map_system, bMap_system)
5879 FN_LOCAL_BOOL(lp_delete_readonly, bDeleteReadonly)
5880 FN_LOCAL_BOOL(lp_fake_oplocks, bFakeOplocks)
5881 FN_LOCAL_BOOL(lp_recursive_veto_delete, bDeleteVetoFiles)
5882 FN_LOCAL_BOOL(lp_dos_filemode, bDosFilemode)
5883 FN_LOCAL_BOOL(lp_dos_filetimes, bDosFiletimes)
5884 FN_LOCAL_BOOL(lp_dos_filetime_resolution, bDosFiletimeResolution)
5885 FN_LOCAL_BOOL(lp_fake_dir_create_times, bFakeDirCreateTimes)
5886 FN_GLOBAL_BOOL(lp_async_smb_echo_handler, bAsyncSMBEchoHandler)
5887 FN_GLOBAL_BOOL(lp_multicast_dns_register, bMulticastDnsRegister)
5888 FN_LOCAL_BOOL(lp_blocking_locks, bBlockingLocks)
5889 FN_LOCAL_BOOL(lp_inherit_perms, bInheritPerms)
5890 FN_LOCAL_BOOL(lp_inherit_acls, bInheritACLS)
5891 FN_LOCAL_BOOL(lp_inherit_owner, bInheritOwner)
5892 FN_LOCAL_BOOL(lp_use_client_driver, bUseClientDriver)
5893 FN_LOCAL_BOOL(lp_default_devmode, bDefaultDevmode)
5894 FN_LOCAL_BOOL(lp_force_printername, bForcePrintername)
5895 FN_LOCAL_BOOL(lp_nt_acl_support, bNTAclSupport)
5896 FN_LOCAL_BOOL(lp_force_unknown_acl_user, bForceUnknownAclUser)
5897 FN_LOCAL_BOOL(lp_ea_support, bEASupport)
5898 FN_LOCAL_BOOL(_lp_use_sendfile, bUseSendfile)
5899 FN_LOCAL_BOOL(lp_profile_acls, bProfileAcls)
5900 FN_LOCAL_BOOL(lp_map_acl_inherit, bMap_acl_inherit)
5901 FN_LOCAL_BOOL(lp_afs_share, bAfs_Share)
5902 FN_LOCAL_BOOL(lp_acl_check_permissions, bAclCheckPermissions)
5903 FN_LOCAL_BOOL(lp_acl_group_control, bAclGroupControl)
5904 FN_LOCAL_BOOL(lp_acl_map_full_control, bAclMapFullControl)
5905 FN_LOCAL_INTEGER(lp_create_mask, iCreate_mask)
5906 FN_LOCAL_INTEGER(lp_force_create_mode, iCreate_force_mode)
5907 FN_LOCAL_INTEGER(lp_security_mask, iSecurity_mask)
5908 FN_LOCAL_INTEGER(lp_force_security_mode, iSecurity_force_mode)
5909 FN_LOCAL_INTEGER(lp_dir_mask, iDir_mask)
5910 FN_LOCAL_INTEGER(lp_force_dir_mode, iDir_force_mode)
5911 FN_LOCAL_INTEGER(lp_dir_security_mask, iDir_Security_mask)
5912 FN_LOCAL_INTEGER(lp_force_dir_security_mode, iDir_Security_force_mode)
5913 FN_LOCAL_INTEGER(lp_max_connections, iMaxConnections)
5914 FN_LOCAL_INTEGER(lp_defaultcase, iDefaultCase)
5915 FN_LOCAL_INTEGER(lp_minprintspace, iMinPrintSpace)
5916 FN_LOCAL_INTEGER(lp_printing, iPrinting)
5917 FN_LOCAL_INTEGER(lp_max_reported_jobs, iMaxReportedPrintJobs)
5918 FN_LOCAL_INTEGER(lp_oplock_contention_limit, iOplockContentionLimit)
5919 FN_LOCAL_INTEGER(lp_csc_policy, iCSCPolicy)
5920 FN_LOCAL_INTEGER(lp_write_cache_size, iWriteCacheSize)
5921 FN_LOCAL_INTEGER(lp_block_size, iBlock_size)
5922 FN_LOCAL_INTEGER(lp_dfree_cache_time, iDfreeCacheTime)
5923 FN_LOCAL_INTEGER(lp_allocation_roundup_size, iallocation_roundup_size)
5924 FN_LOCAL_INTEGER(lp_aio_read_size, iAioReadSize)
5925 FN_LOCAL_INTEGER(lp_aio_write_size, iAioWriteSize)
5926 FN_LOCAL_INTEGER(lp_map_readonly, iMap_readonly)
5927 FN_LOCAL_INTEGER(lp_directory_name_cache_size, iDirectoryNameCacheSize)
5928 FN_LOCAL_INTEGER(lp_smb_encrypt, ismb_encrypt)
5929 FN_LOCAL_CHAR(lp_magicchar, magic_char)
5930 FN_GLOBAL_INTEGER(lp_winbind_cache_time, winbind_cache_time)
5931 FN_GLOBAL_INTEGER(lp_winbind_reconnect_delay, winbind_reconnect_delay)
5932 FN_GLOBAL_INTEGER(lp_winbind_max_clients, winbind_max_clients)
5933 FN_GLOBAL_LIST(lp_winbind_nss_info, szWinbindNssInfo)
5934 FN_GLOBAL_INTEGER(lp_algorithmic_rid_base, AlgorithmicRidBase)
5935 FN_GLOBAL_INTEGER(lp_name_cache_timeout, name_cache_timeout)
5936 FN_GLOBAL_INTEGER(lp_client_signing, client_signing)
5937 FN_GLOBAL_INTEGER(lp_server_signing, server_signing)
5938 FN_GLOBAL_INTEGER(lp_client_ldap_sasl_wrapping, client_ldap_sasl_wrapping)
5940 FN_GLOBAL_CONST_STRING(lp_ncalrpc_dir, ncalrpc_dir)
5942 /* local prototypes */
5944 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
5945 static const char *get_boolean(bool bool_value);
5946 static int getservicebyname(const char *pszServiceName,
5947 struct service *pserviceDest);
5948 static void copy_service(struct service *pserviceDest,
5949 struct service *pserviceSource,
5950 struct bitmap *pcopymapDest);
5951 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
5953 static bool do_section(const char *pszSectionName, void *userdata);
5954 static void init_copymap(struct service *pservice);
5955 static bool hash_a_service(const char *name, int number);
5956 static void free_service_byindex(int iService);
5957 static void free_param_opts(struct param_opt_struct **popts);
5958 static void show_parameter(int parmIndex);
5959 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
5962 * This is a helper function for parametrical options support. It returns a
5963 * pointer to parametrical option value if it exists or NULL otherwise. Actual
5964 * parametrical functions are quite simple
5966 static struct param_opt_struct *get_parametrics(int snum, const char *type,
5969 bool global_section = False;
5971 struct param_opt_struct *data;
5973 if (snum >= iNumServices) return NULL;
5976 data = Globals.param_opt;
5977 global_section = True;
5979 data = ServicePtrs[snum]->param_opt;
5982 if (asprintf(¶m_key, "%s:%s", type, option) == -1) {
5983 DEBUG(0,("asprintf failed!\n"));
5988 if (strwicmp(data->key, param_key) == 0) {
5989 string_free(¶m_key);
5995 if (!global_section) {
5996 /* Try to fetch the same option but from globals */
5997 /* but only if we are not already working with Globals */
5998 data = Globals.param_opt;
6000 if (strwicmp(data->key, param_key) == 0) {
6001 string_free(¶m_key);
6008 string_free(¶m_key);
6014 #define MISSING_PARAMETER(name) \
6015 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
6017 /*******************************************************************
6018 convenience routine to return int parameters.
6019 ********************************************************************/
6020 static int lp_int(const char *s)
6024 MISSING_PARAMETER(lp_int);
6028 return (int)strtol(s, NULL, 0);
6031 /*******************************************************************
6032 convenience routine to return unsigned long parameters.
6033 ********************************************************************/
6034 static unsigned long lp_ulong(const char *s)
6038 MISSING_PARAMETER(lp_ulong);
6042 return strtoul(s, NULL, 0);
6045 /*******************************************************************
6046 convenience routine to return boolean parameters.
6047 ********************************************************************/
6048 static bool lp_bool(const char *s)
6053 MISSING_PARAMETER(lp_bool);
6057 if (!set_boolean(s, &ret)) {
6058 DEBUG(0,("lp_bool(%s): value is not boolean!\n",s));
6065 /*******************************************************************
6066 convenience routine to return enum parameters.
6067 ********************************************************************/
6068 static int lp_enum(const char *s,const struct enum_list *_enum)
6072 if (!s || !*s || !_enum) {
6073 MISSING_PARAMETER(lp_enum);
6077 for (i=0; _enum[i].name; i++) {
6078 if (strequal(_enum[i].name,s))
6079 return _enum[i].value;
6082 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
6086 #undef MISSING_PARAMETER
6088 /* DO NOT USE lp_parm_string ANYMORE!!!!
6089 * use lp_parm_const_string or lp_parm_talloc_string
6091 * lp_parm_string is only used to let old modules find this symbol
6093 #undef lp_parm_string
6094 char *lp_parm_string(const char *servicename, const char *type, const char *option);
6095 char *lp_parm_string(const char *servicename, const char *type, const char *option)
6097 return lp_parm_talloc_string(lp_servicenumber(servicename), type, option, NULL);
6100 /* Return parametric option from a given service. Type is a part of option before ':' */
6101 /* Parametric option has following syntax: 'Type: option = value' */
6102 /* the returned value is talloced on the talloc_tos() */
6103 char *lp_parm_talloc_string(int snum, const char *type, const char *option, const char *def)
6105 struct param_opt_struct *data = get_parametrics(snum, type, option);
6107 if (data == NULL||data->value==NULL) {
6109 return lp_string(def);
6115 return lp_string(data->value);
6118 /* Return parametric option from a given service. Type is a part of option before ':' */
6119 /* Parametric option has following syntax: 'Type: option = value' */
6120 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
6122 struct param_opt_struct *data = get_parametrics(snum, type, option);
6124 if (data == NULL||data->value==NULL)
6130 /* Return parametric option from a given service. Type is a part of option before ':' */
6131 /* Parametric option has following syntax: 'Type: option = value' */
6133 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
6135 struct param_opt_struct *data = get_parametrics(snum, type, option);
6137 if (data == NULL||data->value==NULL)
6138 return (const char **)def;
6140 if (data->list==NULL) {
6141 data->list = str_list_make_v3(NULL, data->value, NULL);
6144 return (const char **)data->list;
6147 /* Return parametric option from a given service. Type is a part of option before ':' */
6148 /* Parametric option has following syntax: 'Type: option = value' */
6150 int lp_parm_int(int snum, const char *type, const char *option, int def)
6152 struct param_opt_struct *data = get_parametrics(snum, type, option);
6154 if (data && data->value && *data->value)
6155 return lp_int(data->value);
6160 /* Return parametric option from a given service. Type is a part of option before ':' */
6161 /* Parametric option has following syntax: 'Type: option = value' */
6163 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
6165 struct param_opt_struct *data = get_parametrics(snum, type, option);
6167 if (data && data->value && *data->value)
6168 return lp_ulong(data->value);
6173 /* Return parametric option from a given service. Type is a part of option before ':' */
6174 /* Parametric option has following syntax: 'Type: option = value' */
6176 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
6178 struct param_opt_struct *data = get_parametrics(snum, type, option);
6180 if (data && data->value && *data->value)
6181 return lp_bool(data->value);
6186 /* Return parametric option from a given service. Type is a part of option before ':' */
6187 /* Parametric option has following syntax: 'Type: option = value' */
6189 int lp_parm_enum(int snum, const char *type, const char *option,
6190 const struct enum_list *_enum, int def)
6192 struct param_opt_struct *data = get_parametrics(snum, type, option);
6194 if (data && data->value && *data->value && _enum)
6195 return lp_enum(data->value, _enum);
6201 /***************************************************************************
6202 Initialise a service to the defaults.
6203 ***************************************************************************/
6205 static void init_service(struct service *pservice)
6207 memset((char *)pservice, '\0', sizeof(struct service));
6208 copy_service(pservice, &sDefault, NULL);
6213 * free a param_opts structure.
6214 * param_opts handling should be moved to talloc;
6215 * then this whole functions reduces to a TALLOC_FREE().
6218 static void free_param_opts(struct param_opt_struct **popts)
6220 struct param_opt_struct *opt, *next_opt;
6222 if (popts == NULL) {
6226 if (*popts != NULL) {
6227 DEBUG(5, ("Freeing parametrics:\n"));
6230 while (opt != NULL) {
6231 string_free(&opt->key);
6232 string_free(&opt->value);
6233 TALLOC_FREE(opt->list);
6234 next_opt = opt->next;
6241 /***************************************************************************
6242 Free the dynamically allocated parts of a service struct.
6243 ***************************************************************************/
6245 static void free_service(struct service *pservice)
6250 if (pservice->szService)
6251 DEBUG(5, ("free_service: Freeing service %s\n",
6252 pservice->szService));
6254 free_parameters(pservice);
6256 string_free(&pservice->szService);
6257 TALLOC_FREE(pservice->copymap);
6259 free_param_opts(&pservice->param_opt);
6261 ZERO_STRUCTP(pservice);
6265 /***************************************************************************
6266 remove a service indexed in the ServicePtrs array from the ServiceHash
6267 and free the dynamically allocated parts
6268 ***************************************************************************/
6270 static void free_service_byindex(int idx)
6272 if ( !LP_SNUM_OK(idx) )
6275 ServicePtrs[idx]->valid = False;
6276 invalid_services[num_invalid_services++] = idx;
6278 /* we have to cleanup the hash record */
6280 if (ServicePtrs[idx]->szService) {
6281 char *canon_name = canonicalize_servicename(
6283 ServicePtrs[idx]->szService );
6285 dbwrap_delete_bystring(ServiceHash, canon_name );
6286 TALLOC_FREE(canon_name);
6289 free_service(ServicePtrs[idx]);
6292 /***************************************************************************
6293 Add a new service to the services array initialising it with the given
6295 ***************************************************************************/
6297 static int add_a_service(const struct service *pservice, const char *name)
6300 struct service tservice;
6301 int num_to_alloc = iNumServices + 1;
6303 tservice = *pservice;
6305 /* it might already exist */
6307 i = getservicebyname(name, NULL);
6313 /* find an invalid one */
6315 if (num_invalid_services > 0) {
6316 i = invalid_services[--num_invalid_services];
6319 /* if not, then create one */
6320 if (i == iNumServices) {
6321 struct service **tsp;
6324 tsp = SMB_REALLOC_ARRAY_KEEP_OLD_ON_ERROR(ServicePtrs, struct service *, num_to_alloc);
6326 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
6330 ServicePtrs[iNumServices] = SMB_MALLOC_P(struct service);
6331 if (!ServicePtrs[iNumServices]) {
6332 DEBUG(0,("add_a_service: out of memory!\n"));
6337 /* enlarge invalid_services here for now... */
6338 tinvalid = SMB_REALLOC_ARRAY_KEEP_OLD_ON_ERROR(invalid_services, int,
6340 if (tinvalid == NULL) {
6341 DEBUG(0,("add_a_service: failed to enlarge "
6342 "invalid_services!\n"));
6345 invalid_services = tinvalid;
6347 free_service_byindex(i);
6350 ServicePtrs[i]->valid = True;
6352 init_service(ServicePtrs[i]);
6353 copy_service(ServicePtrs[i], &tservice, NULL);
6355 string_set(&ServicePtrs[i]->szService, name);
6357 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
6358 i, ServicePtrs[i]->szService));
6360 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
6367 /***************************************************************************
6368 Convert a string to uppercase and remove whitespaces.
6369 ***************************************************************************/
6371 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
6376 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
6380 result = talloc_strdup(ctx, src);
6381 SMB_ASSERT(result != NULL);
6387 /***************************************************************************
6388 Add a name/index pair for the services array to the hash table.
6389 ***************************************************************************/
6391 static bool hash_a_service(const char *name, int idx)
6395 if ( !ServiceHash ) {
6396 DEBUG(10,("hash_a_service: creating servicehash\n"));
6397 ServiceHash = db_open_rbt(NULL);
6398 if ( !ServiceHash ) {
6399 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
6404 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
6407 canon_name = canonicalize_servicename(talloc_tos(), name );
6409 dbwrap_store_bystring(ServiceHash, canon_name,
6410 make_tdb_data((uint8 *)&idx, sizeof(idx)),
6413 TALLOC_FREE(canon_name);
6418 /***************************************************************************
6419 Add a new home service, with the specified home directory, defaults coming
6421 ***************************************************************************/
6423 bool lp_add_home(const char *pszHomename, int iDefaultService,
6424 const char *user, const char *pszHomedir)
6428 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
6429 pszHomedir[0] == '\0') {
6433 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
6438 if (!(*(ServicePtrs[iDefaultService]->szPath))
6439 || strequal(ServicePtrs[iDefaultService]->szPath, lp_pathname(GLOBAL_SECTION_SNUM))) {
6440 string_set(&ServicePtrs[i]->szPath, pszHomedir);
6443 if (!(*(ServicePtrs[i]->comment))) {
6444 char *comment = NULL;
6445 if (asprintf(&comment, "Home directory of %s", user) < 0) {
6448 string_set(&ServicePtrs[i]->comment, comment);
6452 /* set the browseable flag from the global default */
6454 ServicePtrs[i]->bBrowseable = sDefault.bBrowseable;
6455 ServicePtrs[i]->bAccessBasedShareEnum = sDefault.bAccessBasedShareEnum;
6457 ServicePtrs[i]->autoloaded = True;
6459 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
6460 user, ServicePtrs[i]->szPath ));
6465 /***************************************************************************
6466 Add a new service, based on an old one.
6467 ***************************************************************************/
6469 int lp_add_service(const char *pszService, int iDefaultService)
6471 if (iDefaultService < 0) {
6472 return add_a_service(&sDefault, pszService);
6475 return (add_a_service(ServicePtrs[iDefaultService], pszService));
6478 /***************************************************************************
6479 Add the IPC service.
6480 ***************************************************************************/
6482 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
6484 char *comment = NULL;
6485 int i = add_a_service(&sDefault, ipc_name);
6490 if (asprintf(&comment, "IPC Service (%s)",
6491 Globals.szServerString) < 0) {
6495 string_set(&ServicePtrs[i]->szPath, tmpdir());
6496 string_set(&ServicePtrs[i]->szUsername, "");
6497 string_set(&ServicePtrs[i]->comment, comment);
6498 string_set(&ServicePtrs[i]->fstype, "IPC");
6499 ServicePtrs[i]->iMaxConnections = 0;
6500 ServicePtrs[i]->bAvailable = True;
6501 ServicePtrs[i]->bRead_only = True;
6502 ServicePtrs[i]->bGuest_only = False;
6503 ServicePtrs[i]->bAdministrative_share = True;
6504 ServicePtrs[i]->bGuest_ok = guest_ok;
6505 ServicePtrs[i]->bPrint_ok = False;
6506 ServicePtrs[i]->bBrowseable = sDefault.bBrowseable;
6508 DEBUG(3, ("adding IPC service\n"));
6514 /***************************************************************************
6515 Add a new printer service, with defaults coming from service iFrom.
6516 ***************************************************************************/
6518 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
6520 const char *comment = "From Printcap";
6521 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
6526 /* note that we do NOT default the availability flag to True - */
6527 /* we take it from the default service passed. This allows all */
6528 /* dynamic printers to be disabled by disabling the [printers] */
6529 /* entry (if/when the 'available' keyword is implemented!). */
6531 /* the printer name is set to the service name. */
6532 string_set(&ServicePtrs[i]->szPrintername, pszPrintername);
6533 string_set(&ServicePtrs[i]->comment, comment);
6535 /* set the browseable flag from the gloabl default */
6536 ServicePtrs[i]->bBrowseable = sDefault.bBrowseable;
6538 /* Printers cannot be read_only. */
6539 ServicePtrs[i]->bRead_only = False;
6540 /* No share modes on printer services. */
6541 ServicePtrs[i]->bShareModes = False;
6542 /* No oplocks on printer services. */
6543 ServicePtrs[i]->bOpLocks = False;
6544 /* Printer services must be printable. */
6545 ServicePtrs[i]->bPrint_ok = True;
6547 DEBUG(3, ("adding printer service %s\n", pszPrintername));
6553 /***************************************************************************
6554 Check whether the given parameter name is valid.
6555 Parametric options (names containing a colon) are considered valid.
6556 ***************************************************************************/
6558 bool lp_parameter_is_valid(const char *pszParmName)
6560 return ((map_parameter(pszParmName) != -1) ||
6561 (strchr(pszParmName, ':') != NULL));
6564 /***************************************************************************
6565 Check whether the given name is the name of a global parameter.
6566 Returns True for strings belonging to parameters of class
6567 P_GLOBAL, False for all other strings, also for parametric options
6568 and strings not belonging to any option.
6569 ***************************************************************************/
6571 bool lp_parameter_is_global(const char *pszParmName)
6573 int num = map_parameter(pszParmName);
6576 return (parm_table[num].p_class == P_GLOBAL);
6582 /**************************************************************************
6583 Check whether the given name is the canonical name of a parameter.
6584 Returns False if it is not a valid parameter Name.
6585 For parametric options, True is returned.
6586 **************************************************************************/
6588 bool lp_parameter_is_canonical(const char *parm_name)
6590 if (!lp_parameter_is_valid(parm_name)) {
6594 return (map_parameter(parm_name) ==
6595 map_parameter_canonical(parm_name, NULL));
6598 /**************************************************************************
6599 Determine the canonical name for a parameter.
6600 Indicate when it is an inverse (boolean) synonym instead of a
6602 **************************************************************************/
6604 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
6609 if (!lp_parameter_is_valid(parm_name)) {
6614 num = map_parameter_canonical(parm_name, inverse);
6616 /* parametric option */
6617 *canon_parm = parm_name;
6619 *canon_parm = parm_table[num].label;
6626 /**************************************************************************
6627 Determine the canonical name for a parameter.
6628 Turn the value given into the inverse boolean expression when
6629 the synonym is an invers boolean synonym.
6631 Return True if parm_name is a valid parameter name and
6632 in case it is an invers boolean synonym, if the val string could
6633 successfully be converted to the reverse bool.
6634 Return false in all other cases.
6635 **************************************************************************/
6637 bool lp_canonicalize_parameter_with_value(const char *parm_name,
6639 const char **canon_parm,
6640 const char **canon_val)
6645 if (!lp_parameter_is_valid(parm_name)) {
6651 num = map_parameter_canonical(parm_name, &inverse);
6653 /* parametric option */
6654 *canon_parm = parm_name;
6657 *canon_parm = parm_table[num].label;
6659 if (!lp_invert_boolean(val, canon_val)) {
6671 /***************************************************************************
6672 Map a parameter's string representation to something we can use.
6673 Returns False if the parameter string is not recognised, else TRUE.
6674 ***************************************************************************/
6676 static int map_parameter(const char *pszParmName)
6680 if (*pszParmName == '-' && !strequal(pszParmName, "-valid"))
6683 for (iIndex = 0; parm_table[iIndex].label; iIndex++)
6684 if (strwicmp(parm_table[iIndex].label, pszParmName) == 0)
6687 /* Warn only if it isn't parametric option */
6688 if (strchr(pszParmName, ':') == NULL)
6689 DEBUG(1, ("Unknown parameter encountered: \"%s\"\n", pszParmName));
6690 /* We do return 'fail' for parametric options as well because they are
6691 stored in different storage
6696 /***************************************************************************
6697 Map a parameter's string representation to the index of the canonical
6698 form of the parameter (it might be a synonym).
6699 Returns -1 if the parameter string is not recognised.
6700 ***************************************************************************/
6702 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
6704 int parm_num, canon_num;
6705 bool loc_inverse = False;
6707 parm_num = map_parameter(pszParmName);
6708 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
6709 /* invalid, parametric or no canidate for synonyms ... */
6713 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
6714 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
6715 parm_num = canon_num;
6721 if (inverse != NULL) {
6722 *inverse = loc_inverse;
6727 /***************************************************************************
6728 return true if parameter number parm1 is a synonym of parameter
6729 number parm2 (parm2 being the principal name).
6730 set inverse to True if parm1 is P_BOOLREV and parm2 is P_BOOL,
6732 ***************************************************************************/
6734 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
6736 if ((parm_table[parm1].ptr == parm_table[parm2].ptr) &&
6737 (parm_table[parm1].flags & FLAG_HIDE) &&
6738 !(parm_table[parm2].flags & FLAG_HIDE))
6740 if (inverse != NULL) {
6741 if ((parm_table[parm1].type == P_BOOLREV) &&
6742 (parm_table[parm2].type == P_BOOL))
6754 /***************************************************************************
6755 Show one parameter's name, type, [values,] and flags.
6756 (helper functions for show_parameter_list)
6757 ***************************************************************************/
6759 static void show_parameter(int parmIndex)
6761 int enumIndex, flagIndex;
6766 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
6767 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
6769 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
6770 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
6771 FLAG_HIDE, FLAG_DOS_STRING};
6772 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
6773 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
6774 "FLAG_DEPRECATED", "FLAG_HIDE", "FLAG_DOS_STRING", NULL};
6776 printf("%s=%s", parm_table[parmIndex].label,
6777 type[parm_table[parmIndex].type]);
6778 if (parm_table[parmIndex].type == P_ENUM) {
6781 parm_table[parmIndex].enum_list[enumIndex].name;
6785 enumIndex ? "|" : "",
6786 parm_table[parmIndex].enum_list[enumIndex].name);
6791 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
6792 if (parm_table[parmIndex].flags & flags[flagIndex]) {
6795 flag_names[flagIndex]);
6800 /* output synonyms */
6802 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
6803 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
6804 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
6805 parm_table[parmIndex2].label);
6806 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
6808 printf(" (synonyms: ");
6813 printf("%s%s", parm_table[parmIndex2].label,
6814 inverse ? "[i]" : "");
6824 /***************************************************************************
6825 Show all parameter's name, type, [values,] and flags.
6826 ***************************************************************************/
6828 void show_parameter_list(void)
6830 int classIndex, parmIndex;
6831 const char *section_names[] = { "local", "global", NULL};
6833 for (classIndex=0; section_names[classIndex]; classIndex++) {
6834 printf("[%s]\n", section_names[classIndex]);
6835 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
6836 if (parm_table[parmIndex].p_class == classIndex) {
6837 show_parameter(parmIndex);
6843 /***************************************************************************
6844 Check if a given string correctly represents a boolean value.
6845 ***************************************************************************/
6847 bool lp_string_is_valid_boolean(const char *parm_value)
6849 return set_boolean(parm_value, NULL);
6852 /***************************************************************************
6853 Get the standard string representation of a boolean value ("yes" or "no")
6854 ***************************************************************************/
6856 static const char *get_boolean(bool bool_value)
6858 static const char *yes_str = "yes";
6859 static const char *no_str = "no";
6861 return (bool_value ? yes_str : no_str);
6864 /***************************************************************************
6865 Provide the string of the negated boolean value associated to the boolean
6866 given as a string. Returns False if the passed string does not correctly
6867 represent a boolean.
6868 ***************************************************************************/
6870 bool lp_invert_boolean(const char *str, const char **inverse_str)
6874 if (!set_boolean(str, &val)) {
6878 *inverse_str = get_boolean(!val);
6882 /***************************************************************************
6883 Provide the canonical string representation of a boolean value given
6884 as a string. Return True on success, False if the string given does
6885 not correctly represent a boolean.
6886 ***************************************************************************/
6888 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
6892 if (!set_boolean(str, &val)) {
6896 *canon_str = get_boolean(val);
6900 /***************************************************************************
6901 Find a service by name. Otherwise works like get_service.
6902 ***************************************************************************/
6904 static int getservicebyname(const char *pszServiceName, struct service *pserviceDest)
6910 if (ServiceHash == NULL) {
6914 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
6916 data = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name);
6918 if ((data.dptr != NULL) && (data.dsize == sizeof(iService))) {
6919 iService = *(int *)data.dptr;
6922 TALLOC_FREE(canon_name);
6924 if ((iService != -1) && (LP_SNUM_OK(iService))
6925 && (pserviceDest != NULL)) {
6926 copy_service(pserviceDest, ServicePtrs[iService], NULL);
6932 /***************************************************************************
6933 Copy a service structure to another.
6934 If pcopymapDest is NULL then copy all fields
6935 ***************************************************************************/
6938 * Add a parametric option to a param_opt_struct,
6939 * replacing old value, if already present.
6941 static void set_param_opt(struct param_opt_struct **opt_list,
6942 const char *opt_name,
6943 const char *opt_value,
6946 struct param_opt_struct *new_opt, *opt;
6949 if (opt_list == NULL) {
6956 /* Traverse destination */
6958 /* If we already have same option, override it */
6959 if (strwicmp(opt->key, opt_name) == 0) {
6960 if ((opt->flags & FLAG_CMDLINE) &&
6961 !(flags & FLAG_CMDLINE)) {
6962 /* it's been marked as not to be
6966 string_free(&opt->value);
6967 TALLOC_FREE(opt->list);
6968 opt->value = SMB_STRDUP(opt_value);
6976 new_opt = SMB_XMALLOC_P(struct param_opt_struct);
6977 new_opt->key = SMB_STRDUP(opt_name);
6978 new_opt->value = SMB_STRDUP(opt_value);
6979 new_opt->list = NULL;
6980 new_opt->flags = flags;
6981 DLIST_ADD(*opt_list, new_opt);
6985 static void copy_service(struct service *pserviceDest, struct service *pserviceSource,
6986 struct bitmap *pcopymapDest)
6989 bool bcopyall = (pcopymapDest == NULL);
6990 struct param_opt_struct *data;
6992 for (i = 0; parm_table[i].label; i++)
6993 if (parm_table[i].ptr && parm_table[i].p_class == P_LOCAL &&
6994 (bcopyall || bitmap_query(pcopymapDest,i))) {
6995 void *def_ptr = parm_table[i].ptr;
6997 ((char *)pserviceSource) + PTR_DIFF(def_ptr,
7000 ((char *)pserviceDest) + PTR_DIFF(def_ptr,
7003 switch (parm_table[i].type) {
7006 *(bool *)dest_ptr = *(bool *)src_ptr;
7012 *(int *)dest_ptr = *(int *)src_ptr;
7016 *(char *)dest_ptr = *(char *)src_ptr;
7020 string_set((char **)dest_ptr,
7026 char *upper_string = strupper_talloc(talloc_tos(),
7028 string_set((char **)dest_ptr,
7030 TALLOC_FREE(upper_string);
7034 TALLOC_FREE(*((char ***)dest_ptr));
7035 *((char ***)dest_ptr) = str_list_copy(NULL,
7036 *(const char ***)src_ptr);
7044 init_copymap(pserviceDest);
7045 if (pserviceSource->copymap)
7046 bitmap_copy(pserviceDest->copymap,
7047 pserviceSource->copymap);
7050 data = pserviceSource->param_opt;
7052 set_param_opt(&pserviceDest->param_opt, data->key, data->value, data->flags);
7057 /***************************************************************************
7058 Check a service for consistency. Return False if the service is in any way
7059 incomplete or faulty, else True.
7060 ***************************************************************************/
7062 bool service_ok(int iService)
7067 if (ServicePtrs[iService]->szService[0] == '\0') {
7068 DEBUG(0, ("The following message indicates an internal error:\n"));
7069 DEBUG(0, ("No service name in service entry.\n"));
7073 /* The [printers] entry MUST be printable. I'm all for flexibility, but */
7074 /* I can't see why you'd want a non-printable printer service... */
7075 if (strwicmp(ServicePtrs[iService]->szService, PRINTERS_NAME) == 0) {
7076 if (!ServicePtrs[iService]->bPrint_ok) {
7077 DEBUG(0, ("WARNING: [%s] service MUST be printable!\n",
7078 ServicePtrs[iService]->szService));
7079 ServicePtrs[iService]->bPrint_ok = True;
7081 /* [printers] service must also be non-browsable. */
7082 if (ServicePtrs[iService]->bBrowseable)
7083 ServicePtrs[iService]->bBrowseable = False;
7086 if (ServicePtrs[iService]->szPath[0] == '\0' &&
7087 strwicmp(ServicePtrs[iService]->szService, HOMES_NAME) != 0 &&
7088 ServicePtrs[iService]->szMSDfsProxy[0] == '\0'
7090 DEBUG(0, ("WARNING: No path in service %s - making it unavailable!\n",
7091 ServicePtrs[iService]->szService));
7092 ServicePtrs[iService]->bAvailable = False;
7095 /* If a service is flagged unavailable, log the fact at level 1. */
7096 if (!ServicePtrs[iService]->bAvailable)
7097 DEBUG(1, ("NOTE: Service %s is flagged unavailable.\n",
7098 ServicePtrs[iService]->szService));
7103 static struct smbconf_ctx *lp_smbconf_ctx(void)
7106 static struct smbconf_ctx *conf_ctx = NULL;
7108 if (conf_ctx == NULL) {
7109 err = smbconf_init(NULL, &conf_ctx, "registry:");
7110 if (!SBC_ERROR_IS_OK(err)) {
7111 DEBUG(1, ("error initializing registry configuration: "
7112 "%s\n", sbcErrorString(err)));
7120 static bool process_smbconf_service(struct smbconf_service *service)
7125 if (service == NULL) {
7129 ret = do_section(service->name, NULL);
7133 for (count = 0; count < service->num_params; count++) {
7134 ret = do_parameter(service->param_names[count],
7135 service->param_values[count],
7141 if (iServiceIndex >= 0) {
7142 return service_ok(iServiceIndex);
7148 * load a service from registry and activate it
7150 bool process_registry_service(const char *service_name)
7153 struct smbconf_service *service = NULL;
7154 TALLOC_CTX *mem_ctx = talloc_stackframe();
7155 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
7158 if (conf_ctx == NULL) {
7162 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
7164 if (!smbconf_share_exists(conf_ctx, service_name)) {
7166 * Registry does not contain data for this service (yet),
7167 * but make sure lp_load doesn't return false.
7173 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
7174 if (!SBC_ERROR_IS_OK(err)) {
7178 ret = process_smbconf_service(service);
7184 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
7187 TALLOC_FREE(mem_ctx);
7192 * process_registry_globals
7194 static bool process_registry_globals(void)
7198 add_to_file_list(INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
7200 ret = do_parameter("registry shares", "yes", NULL);
7205 return process_registry_service(GLOBAL_NAME);
7208 bool process_registry_shares(void)
7212 struct smbconf_service **service = NULL;
7213 uint32_t num_shares = 0;
7214 TALLOC_CTX *mem_ctx = talloc_stackframe();
7215 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
7218 if (conf_ctx == NULL) {
7222 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
7223 if (!SBC_ERROR_IS_OK(err)) {
7229 for (count = 0; count < num_shares; count++) {
7230 if (strequal(service[count]->name, GLOBAL_NAME)) {
7233 ret = process_smbconf_service(service[count]);
7240 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
7243 TALLOC_FREE(mem_ctx);
7247 #define MAX_INCLUDE_DEPTH 100
7249 static uint8_t include_depth;
7251 static struct file_lists {
7252 struct file_lists *next;
7256 } *file_lists = NULL;
7258 /*******************************************************************
7259 Keep a linked list of all config files so we know when one has changed
7260 it's date and needs to be reloaded.
7261 ********************************************************************/
7263 static void add_to_file_list(const char *fname, const char *subfname)
7265 struct file_lists *f = file_lists;
7268 if (f->name && !strcmp(f->name, fname))
7274 f = SMB_MALLOC_P(struct file_lists);
7277 f->next = file_lists;
7278 f->name = SMB_STRDUP(fname);
7283 f->subfname = SMB_STRDUP(subfname);
7290 f->modtime = file_modtime(subfname);
7292 time_t t = file_modtime(subfname);
7300 * Free the file lists
7302 static void free_file_list(void)
7304 struct file_lists *f;
7305 struct file_lists *next;
7310 SAFE_FREE( f->name );
7311 SAFE_FREE( f->subfname );
7320 * Utility function for outsiders to check if we're running on registry.
7322 bool lp_config_backend_is_registry(void)
7324 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
7328 * Utility function to check if the config backend is FILE.
7330 bool lp_config_backend_is_file(void)
7332 return (lp_config_backend() == CONFIG_BACKEND_FILE);
7335 /*******************************************************************
7336 Check if a config file has changed date.
7337 ********************************************************************/
7339 bool lp_file_list_changed(void)
7341 struct file_lists *f = file_lists;
7343 DEBUG(6, ("lp_file_list_changed()\n"));
7348 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
7349 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
7351 if (conf_ctx == NULL) {
7354 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
7357 DEBUGADD(6, ("registry config changed\n"));
7362 n2 = talloc_sub_basic(talloc_tos(),
7363 get_current_username(),
7364 current_user_info.domain,
7369 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
7370 f->name, n2, ctime(&f->modtime)));
7372 mod_time = file_modtime(n2);
7375 ((f->modtime != mod_time) ||
7376 (f->subfname == NULL) ||
7377 (strcmp(n2, f->subfname) != 0)))
7380 ("file %s modified: %s\n", n2,
7382 f->modtime = mod_time;
7383 SAFE_FREE(f->subfname);
7384 f->subfname = SMB_STRDUP(n2);
7397 * Initialize iconv conversion descriptors.
7399 * This is called the first time it is needed, and also called again
7400 * every time the configuration is reloaded, because the charset or
7401 * codepage might have changed.
7403 static void init_iconv(void)
7405 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
7407 true, global_iconv_handle);
7410 static bool handle_charset(int snum, const char *pszParmValue, char **ptr)
7412 if (strcmp(*ptr, pszParmValue) != 0) {
7413 string_set(ptr, pszParmValue);
7419 static bool handle_dos_charset(int snum, const char *pszParmValue, char **ptr)
7421 bool is_utf8 = false;
7422 size_t len = strlen(pszParmValue);
7424 if (len == 4 || len == 5) {
7425 /* Don't use StrCaseCmp here as we don't want to
7426 initialize iconv. */
7427 if ((toupper_ascii(pszParmValue[0]) == 'U') &&
7428 (toupper_ascii(pszParmValue[1]) == 'T') &&
7429 (toupper_ascii(pszParmValue[2]) == 'F')) {
7431 if (pszParmValue[3] == '8') {
7435 if (pszParmValue[3] == '-' &&
7436 pszParmValue[4] == '8') {
7443 if (strcmp(*ptr, pszParmValue) != 0) {
7445 DEBUG(0,("ERROR: invalid DOS charset: 'dos charset' must not "
7446 "be UTF8, using (default value) %s instead.\n",
7447 DEFAULT_DOS_CHARSET));
7448 pszParmValue = DEFAULT_DOS_CHARSET;
7450 string_set(ptr, pszParmValue);
7456 static bool handle_realm(int snum, const char *pszParmValue, char **ptr)
7459 char *realm = strupper_talloc(talloc_tos(), pszParmValue);
7460 char *dnsdomain = strlower_talloc(talloc_tos(), pszParmValue);
7462 ret &= string_set(&Globals.szRealm, pszParmValue);
7463 ret &= string_set(&Globals.szRealmUpper, realm);
7464 ret &= string_set(&Globals.szDnsDomain, dnsdomain);
7466 TALLOC_FREE(dnsdomain);
7471 static bool handle_netbios_aliases(int snum, const char *pszParmValue, char **ptr)
7473 TALLOC_FREE(Globals.szNetbiosAliases);
7474 Globals.szNetbiosAliases = str_list_make_v3(NULL, pszParmValue, NULL);
7475 return set_netbios_aliases((const char **)Globals.szNetbiosAliases);
7478 /***************************************************************************
7479 Handle the include operation.
7480 ***************************************************************************/
7481 static bool bAllowIncludeRegistry = true;
7483 static bool handle_include(int snum, const char *pszParmValue, char **ptr)
7487 if (include_depth >= MAX_INCLUDE_DEPTH) {
7488 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
7493 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
7494 if (!bAllowIncludeRegistry) {
7497 if (bInGlobalSection) {
7500 ret = process_registry_globals();
7504 DEBUG(1, ("\"include = registry\" only effective "
7505 "in %s section\n", GLOBAL_NAME));
7510 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
7511 current_user_info.domain,
7514 add_to_file_list(pszParmValue, fname);
7516 string_set(ptr, fname);
7518 if (file_exist(fname)) {
7521 ret = pm_process(fname, do_section, do_parameter, NULL);
7527 DEBUG(2, ("Can't find include file %s\n", fname));
7532 /***************************************************************************
7533 Handle the interpretation of the copy parameter.
7534 ***************************************************************************/
7536 static bool handle_copy(int snum, const char *pszParmValue, char **ptr)
7540 struct service serviceTemp;
7542 string_set(ptr, pszParmValue);
7544 init_service(&serviceTemp);
7548 DEBUG(3, ("Copying service from service %s\n", pszParmValue));
7550 if ((iTemp = getservicebyname(pszParmValue, &serviceTemp)) >= 0) {
7551 if (iTemp == iServiceIndex) {
7552 DEBUG(0, ("Can't copy service %s - unable to copy self!\n", pszParmValue));
7554 copy_service(ServicePtrs[iServiceIndex],
7556 ServicePtrs[iServiceIndex]->copymap);
7560 DEBUG(0, ("Unable to copy service - source not found: %s\n", pszParmValue));
7564 free_service(&serviceTemp);
7568 static bool handle_ldap_debug_level(int snum, const char *pszParmValue, char **ptr)
7570 Globals.ldap_debug_level = lp_int(pszParmValue);
7571 init_ldap_debugging();
7575 /***************************************************************************
7576 Handle idmap/non unix account uid and gid allocation parameters. The format of these
7581 idmap uid = 1000-1999
7584 We only do simple parsing checks here. The strings are parsed into useful
7585 structures in the idmap daemon code.
7587 ***************************************************************************/
7589 /* Some lp_ routines to return idmap [ug]id information */
7591 static uid_t idmap_uid_low, idmap_uid_high;
7592 static gid_t idmap_gid_low, idmap_gid_high;
7594 bool lp_idmap_uid(uid_t *low, uid_t *high)
7596 if (idmap_uid_low == 0 || idmap_uid_high == 0)
7600 *low = idmap_uid_low;
7603 *high = idmap_uid_high;
7608 bool lp_idmap_gid(gid_t *low, gid_t *high)
7610 if (idmap_gid_low == 0 || idmap_gid_high == 0)
7614 *low = idmap_gid_low;
7617 *high = idmap_gid_high;
7622 static bool handle_idmap_backend(int snum, const char *pszParmValue, char **ptr)
7624 lp_do_parameter(snum, "idmap config * : backend", pszParmValue);
7629 /* Do some simple checks on "idmap [ug]id" parameter values */
7631 static bool handle_idmap_uid(int snum, const char *pszParmValue, char **ptr)
7633 lp_do_parameter(snum, "idmap config * : range", pszParmValue);
7638 static bool handle_idmap_gid(int snum, const char *pszParmValue, char **ptr)
7640 lp_do_parameter(snum, "idmap config * : range", pszParmValue);
7645 /***************************************************************************
7646 Handle the DEBUG level list.
7647 ***************************************************************************/
7649 static bool handle_debug_list( int snum, const char *pszParmValueIn, char **ptr )
7651 string_set(ptr, pszParmValueIn);
7652 return debug_parse_levels(pszParmValueIn);
7655 /***************************************************************************
7656 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
7657 ***************************************************************************/
7659 static const char *append_ldap_suffix( const char *str )
7661 const char *suffix_string;
7664 suffix_string = talloc_asprintf(talloc_tos(), "%s,%s", str,
7665 Globals.szLdapSuffix );
7666 if ( !suffix_string ) {
7667 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
7671 return suffix_string;
7674 const char *lp_ldap_machine_suffix(void)
7676 if (Globals.szLdapMachineSuffix[0])
7677 return append_ldap_suffix(Globals.szLdapMachineSuffix);
7679 return lp_string(Globals.szLdapSuffix);
7682 const char *lp_ldap_user_suffix(void)
7684 if (Globals.szLdapUserSuffix[0])
7685 return append_ldap_suffix(Globals.szLdapUserSuffix);
7687 return lp_string(Globals.szLdapSuffix);
7690 const char *lp_ldap_group_suffix(void)
7692 if (Globals.szLdapGroupSuffix[0])
7693 return append_ldap_suffix(Globals.szLdapGroupSuffix);
7695 return lp_string(Globals.szLdapSuffix);
7698 const char *lp_ldap_idmap_suffix(void)
7700 if (Globals.szLdapIdmapSuffix[0])
7701 return append_ldap_suffix(Globals.szLdapIdmapSuffix);
7703 return lp_string(Globals.szLdapSuffix);
7706 /****************************************************************************
7707 set the value for a P_ENUM
7708 ***************************************************************************/
7710 static void lp_set_enum_parm( struct parm_struct *parm, const char *pszParmValue,
7715 for (i = 0; parm->enum_list[i].name; i++) {
7716 if ( strequal(pszParmValue, parm->enum_list[i].name)) {
7717 *ptr = parm->enum_list[i].value;
7721 DEBUG(0, ("WARNING: Ignoring invalid value '%s' for parameter '%s'\n",
7722 pszParmValue, parm->label));
7725 /***************************************************************************
7726 ***************************************************************************/
7728 static bool handle_printing(int snum, const char *pszParmValue, char **ptr)
7730 static int parm_num = -1;
7733 if ( parm_num == -1 )
7734 parm_num = map_parameter( "printing" );
7736 lp_set_enum_parm( &parm_table[parm_num], pszParmValue, (int*)ptr );
7741 s = ServicePtrs[snum];
7743 init_printer_values( s );
7749 /***************************************************************************
7750 Initialise a copymap.
7751 ***************************************************************************/
7753 static void init_copymap(struct service *pservice)
7757 TALLOC_FREE(pservice->copymap);
7759 pservice->copymap = bitmap_talloc(NULL, NUMPARAMETERS);
7760 if (!pservice->copymap)
7762 ("Couldn't allocate copymap!! (size %d)\n",
7763 (int)NUMPARAMETERS));
7765 for (i = 0; i < NUMPARAMETERS; i++)
7766 bitmap_set(pservice->copymap, i);
7769 /***************************************************************************
7770 Return the local pointer to a parameter given a service struct and the
7771 pointer into the default structure.
7772 ***************************************************************************/
7774 static void *lp_local_ptr(struct service *service, void *ptr)
7776 return (void *)(((char *)service) + PTR_DIFF(ptr, &sDefault));
7779 /***************************************************************************
7780 Return the local pointer to a parameter given the service number and the
7781 pointer into the default structure.
7782 ***************************************************************************/
7784 void *lp_local_ptr_by_snum(int snum, void *ptr)
7786 return lp_local_ptr(ServicePtrs[snum], ptr);
7789 /***************************************************************************
7790 Process a parameter for a particular service number. If snum < 0
7791 then assume we are in the globals.
7792 ***************************************************************************/
7794 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
7797 void *parm_ptr = NULL; /* where we are going to store the result */
7798 void *def_ptr = NULL;
7799 struct param_opt_struct **opt_list;
7801 parmnum = map_parameter(pszParmName);
7804 if (strchr(pszParmName, ':') == NULL) {
7805 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n",
7811 * We've got a parametric option
7814 opt_list = (snum < 0)
7815 ? &Globals.param_opt : &ServicePtrs[snum]->param_opt;
7816 set_param_opt(opt_list, pszParmName, pszParmValue, 0);
7821 /* if it's already been set by the command line, then we don't
7823 if (parm_table[parmnum].flags & FLAG_CMDLINE) {
7827 if (parm_table[parmnum].flags & FLAG_DEPRECATED) {
7828 DEBUG(1, ("WARNING: The \"%s\" option is deprecated\n",
7832 def_ptr = parm_table[parmnum].ptr;
7834 /* we might point at a service, the default service or a global */
7838 if (parm_table[parmnum].p_class == P_GLOBAL) {
7840 ("Global parameter %s found in service section!\n",
7844 parm_ptr = lp_local_ptr_by_snum(snum, def_ptr);
7848 if (!ServicePtrs[snum]->copymap)
7849 init_copymap(ServicePtrs[snum]);
7851 /* this handles the aliases - set the copymap for other entries with
7852 the same data pointer */
7853 for (i = 0; parm_table[i].label; i++)
7854 if (parm_table[i].ptr == parm_table[parmnum].ptr)
7855 bitmap_clear(ServicePtrs[snum]->copymap, i);
7858 /* if it is a special case then go ahead */
7859 if (parm_table[parmnum].special) {
7860 return parm_table[parmnum].special(snum, pszParmValue,
7864 /* now switch on the type of variable it is */
7865 switch (parm_table[parmnum].type)
7868 *(bool *)parm_ptr = lp_bool(pszParmValue);
7872 *(bool *)parm_ptr = !lp_bool(pszParmValue);
7876 *(int *)parm_ptr = lp_int(pszParmValue);
7880 *(char *)parm_ptr = *pszParmValue;
7884 i = sscanf(pszParmValue, "%o", (int *)parm_ptr);
7886 DEBUG ( 0, ("Invalid octal number %s\n", pszParmName ));
7891 TALLOC_FREE(*((char ***)parm_ptr));
7892 *(char ***)parm_ptr = str_list_make_v3(
7893 NULL, pszParmValue, NULL);
7897 string_set((char **)parm_ptr, pszParmValue);
7902 char *upper_string = strupper_talloc(talloc_tos(),
7904 string_set((char **)parm_ptr, upper_string);
7905 TALLOC_FREE(upper_string);
7909 lp_set_enum_parm( &parm_table[parmnum], pszParmValue, (int*)parm_ptr );
7918 /***************************************************************************
7919 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
7920 FLAG_CMDLINE won't be overridden by loads from smb.conf.
7921 ***************************************************************************/
7923 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue, bool store_values)
7926 parmnum = map_parameter(pszParmName);
7928 parm_table[parmnum].flags &= ~FLAG_CMDLINE;
7929 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
7932 parm_table[parmnum].flags |= FLAG_CMDLINE;
7934 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
7935 * be grouped in the table, so we don't have to search the
7937 for (i=parmnum-1;i>=0 && parm_table[i].ptr == parm_table[parmnum].ptr;i--) {
7938 parm_table[i].flags |= FLAG_CMDLINE;
7940 for (i=parmnum+1;i<NUMPARAMETERS && parm_table[i].ptr == parm_table[parmnum].ptr;i++) {
7941 parm_table[i].flags |= FLAG_CMDLINE;
7945 store_lp_set_cmdline(pszParmName, pszParmValue);
7950 /* it might be parametric */
7951 if (strchr(pszParmName, ':') != NULL) {
7952 set_param_opt(&Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
7954 store_lp_set_cmdline(pszParmName, pszParmValue);
7959 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
7963 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
7965 return lp_set_cmdline_helper(pszParmName, pszParmValue, true);
7968 /***************************************************************************
7969 Process a parameter.
7970 ***************************************************************************/
7972 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
7975 if (!bInGlobalSection && bGlobalOnly)
7978 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
7980 return (lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
7981 pszParmName, pszParmValue));
7985 set a option from the commandline in 'a=b' format. Use to support --option
7987 bool lp_set_option(const char *option)
7992 s = talloc_strdup(NULL, option);
8005 /* skip white spaces after the = sign */
8008 } while (*p == ' ');
8010 ret = lp_set_cmdline(s, p);
8015 /**************************************************************************
8016 Print a parameter of the specified type.
8017 ***************************************************************************/
8019 static void print_parameter(struct parm_struct *p, void *ptr, FILE * f)
8025 for (i = 0; p->enum_list[i].name; i++) {
8026 if (*(int *)ptr == p->enum_list[i].value) {
8028 p->enum_list[i].name);
8035 fprintf(f, "%s", BOOLSTR(*(bool *)ptr));
8039 fprintf(f, "%s", BOOLSTR(!*(bool *)ptr));
8043 fprintf(f, "%d", *(int *)ptr);
8047 fprintf(f, "%c", *(char *)ptr);
8051 char *o = octal_string(*(int *)ptr);
8052 fprintf(f, "%s", o);
8058 if ((char ***)ptr && *(char ***)ptr) {
8059 char **list = *(char ***)ptr;
8060 for (; *list; list++) {
8061 /* surround strings with whitespace in double quotes */
8062 if ( strchr_m( *list, ' ' ) )
8063 fprintf(f, "\"%s\"%s", *list, ((*(list+1))?", ":""));
8065 fprintf(f, "%s%s", *list, ((*(list+1))?", ":""));
8072 if (*(char **)ptr) {
8073 fprintf(f, "%s", *(char **)ptr);
8081 /***************************************************************************
8082 Check if two parameters are equal.
8083 ***************************************************************************/
8085 static bool equal_parameter(parm_type type, void *ptr1, void *ptr2)
8090 return (*((bool *)ptr1) == *((bool *)ptr2));
8095 return (*((int *)ptr1) == *((int *)ptr2));
8098 return (*((char *)ptr1) == *((char *)ptr2));
8101 return str_list_equal(*(const char ***)ptr1, *(const char ***)ptr2);
8106 char *p1 = *(char **)ptr1, *p2 = *(char **)ptr2;
8111 return (p1 == p2 || strequal(p1, p2));
8119 /***************************************************************************
8120 Initialize any local varients in the sDefault table.
8121 ***************************************************************************/
8123 void init_locals(void)
8128 /***************************************************************************
8129 Process a new section (service). At this stage all sections are services.
8130 Later we'll have special sections that permit server parameters to be set.
8131 Returns True on success, False on failure.
8132 ***************************************************************************/
8134 static bool do_section(const char *pszSectionName, void *userdata)
8137 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
8138 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
8141 /* if we were in a global section then do the local inits */
8142 if (bInGlobalSection && !isglobal)
8145 /* if we've just struck a global section, note the fact. */
8146 bInGlobalSection = isglobal;
8148 /* check for multiple global sections */
8149 if (bInGlobalSection) {
8150 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
8154 if (!bInGlobalSection && bGlobalOnly)
8157 /* if we have a current service, tidy it up before moving on */
8160 if (iServiceIndex >= 0)
8161 bRetval = service_ok(iServiceIndex);
8163 /* if all is still well, move to the next record in the services array */
8165 /* We put this here to avoid an odd message order if messages are */
8166 /* issued by the post-processing of a previous section. */
8167 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
8169 if ((iServiceIndex = add_a_service(&sDefault, pszSectionName))
8171 DEBUG(0, ("Failed to add a new service\n"));
8174 /* Clean all parametric options for service */
8175 /* They will be added during parsing again */
8176 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
8183 /***************************************************************************
8184 Determine if a partcular base parameter is currentl set to the default value.
8185 ***************************************************************************/
8187 static bool is_default(int i)
8189 if (!defaults_saved)
8191 switch (parm_table[i].type) {
8193 return str_list_equal((const char **)parm_table[i].def.lvalue,
8194 *(const char ***)parm_table[i].ptr);
8197 return strequal(parm_table[i].def.svalue,
8198 *(char **)parm_table[i].ptr);
8201 return parm_table[i].def.bvalue ==
8202 *(bool *)parm_table[i].ptr;
8204 return parm_table[i].def.cvalue ==
8205 *(char *)parm_table[i].ptr;
8209 return parm_table[i].def.ivalue ==
8210 *(int *)parm_table[i].ptr;
8217 /***************************************************************************
8218 Display the contents of the global structure.
8219 ***************************************************************************/
8221 static void dump_globals(FILE *f)
8224 struct param_opt_struct *data;
8226 fprintf(f, "[global]\n");
8228 for (i = 0; parm_table[i].label; i++)
8229 if (parm_table[i].p_class == P_GLOBAL &&
8230 !(parm_table[i].flags & FLAG_META) &&
8231 parm_table[i].ptr &&
8232 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr))) {
8233 if (defaults_saved && is_default(i))
8235 fprintf(f, "\t%s = ", parm_table[i].label);
8236 print_parameter(&parm_table[i], parm_table[i].ptr, f);
8239 if (Globals.param_opt != NULL) {
8240 data = Globals.param_opt;
8242 fprintf(f, "\t%s = %s\n", data->key, data->value);
8249 /***************************************************************************
8250 Return True if a local parameter is currently set to the global default.
8251 ***************************************************************************/
8253 bool lp_is_default(int snum, struct parm_struct *parm)
8255 int pdiff = PTR_DIFF(parm->ptr, &sDefault);
8257 return equal_parameter(parm->type,
8258 ((char *)ServicePtrs[snum]) + pdiff,
8259 ((char *)&sDefault) + pdiff);
8262 /***************************************************************************
8263 Display the contents of a single services record.
8264 ***************************************************************************/
8266 static void dump_a_service(struct service *pService, FILE * f)
8269 struct param_opt_struct *data;
8271 if (pService != &sDefault)
8272 fprintf(f, "[%s]\n", pService->szService);
8274 for (i = 0; parm_table[i].label; i++) {
8276 if (parm_table[i].p_class == P_LOCAL &&
8277 !(parm_table[i].flags & FLAG_META) &&
8278 parm_table[i].ptr &&
8279 (*parm_table[i].label != '-') &&
8280 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
8282 int pdiff = PTR_DIFF(parm_table[i].ptr, &sDefault);
8284 if (pService == &sDefault) {
8285 if (defaults_saved && is_default(i))
8288 if (equal_parameter(parm_table[i].type,
8289 ((char *)pService) +
8291 ((char *)&sDefault) +
8296 fprintf(f, "\t%s = ", parm_table[i].label);
8297 print_parameter(&parm_table[i],
8298 ((char *)pService) + pdiff, f);
8303 if (pService->param_opt != NULL) {
8304 data = pService->param_opt;
8306 fprintf(f, "\t%s = %s\n", data->key, data->value);
8312 /***************************************************************************
8313 Display the contents of a parameter of a single services record.
8314 ***************************************************************************/
8316 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
8319 bool result = False;
8322 fstring local_parm_name;
8324 const char *parm_opt_value;
8326 /* check for parametrical option */
8327 fstrcpy( local_parm_name, parm_name);
8328 parm_opt = strchr( local_parm_name, ':');
8333 if (strlen(parm_opt)) {
8334 parm_opt_value = lp_parm_const_string( snum,
8335 local_parm_name, parm_opt, NULL);
8336 if (parm_opt_value) {
8337 printf( "%s\n", parm_opt_value);
8344 /* check for a key and print the value */
8351 for (i = 0; parm_table[i].label; i++) {
8352 if (strwicmp(parm_table[i].label, parm_name) == 0 &&
8353 !(parm_table[i].flags & FLAG_META) &&
8354 (parm_table[i].p_class == p_class || parm_table[i].flags & flag) &&
8355 parm_table[i].ptr &&
8356 (*parm_table[i].label != '-') &&
8357 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
8362 ptr = parm_table[i].ptr;
8364 struct service *pService = ServicePtrs[snum];
8365 ptr = ((char *)pService) +
8366 PTR_DIFF(parm_table[i].ptr, &sDefault);
8369 print_parameter(&parm_table[i],
8380 /***************************************************************************
8381 Return info about the requested parameter (given as a string).
8382 Return NULL when the string is not a valid parameter name.
8383 ***************************************************************************/
8385 struct parm_struct *lp_get_parameter(const char *param_name)
8387 int num = map_parameter(param_name);
8393 return &parm_table[num];
8396 /***************************************************************************
8397 Return info about the next parameter in a service.
8398 snum==GLOBAL_SECTION_SNUM gives the globals.
8399 Return NULL when out of parameters.
8400 ***************************************************************************/
8402 struct parm_struct *lp_next_parameter(int snum, int *i, int allparameters)
8405 /* do the globals */
8406 for (; parm_table[*i].label; (*i)++) {
8407 if (parm_table[*i].p_class == P_SEPARATOR)
8408 return &parm_table[(*i)++];
8410 if (!parm_table[*i].ptr
8411 || (*parm_table[*i].label == '-'))
8415 && (parm_table[*i].ptr ==
8416 parm_table[(*i) - 1].ptr))
8419 if (is_default(*i) && !allparameters)
8422 return &parm_table[(*i)++];
8425 struct service *pService = ServicePtrs[snum];
8427 for (; parm_table[*i].label; (*i)++) {
8428 if (parm_table[*i].p_class == P_SEPARATOR)
8429 return &parm_table[(*i)++];
8431 if (parm_table[*i].p_class == P_LOCAL &&
8432 parm_table[*i].ptr &&
8433 (*parm_table[*i].label != '-') &&
8435 (parm_table[*i].ptr !=
8436 parm_table[(*i) - 1].ptr)))
8439 PTR_DIFF(parm_table[*i].ptr,
8442 if (allparameters ||
8443 !equal_parameter(parm_table[*i].type,
8444 ((char *)pService) +
8446 ((char *)&sDefault) +
8449 return &parm_table[(*i)++];
8460 /***************************************************************************
8461 Display the contents of a single copy structure.
8462 ***************************************************************************/
8463 static void dump_copy_map(bool *pcopymap)
8469 printf("\n\tNon-Copied parameters:\n");
8471 for (i = 0; parm_table[i].label; i++)
8472 if (parm_table[i].p_class == P_LOCAL &&
8473 parm_table[i].ptr && !pcopymap[i] &&
8474 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
8476 printf("\t\t%s\n", parm_table[i].label);
8481 /***************************************************************************
8482 Return TRUE if the passed service number is within range.
8483 ***************************************************************************/
8485 bool lp_snum_ok(int iService)
8487 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
8490 /***************************************************************************
8491 Auto-load some home services.
8492 ***************************************************************************/
8494 static void lp_add_auto_services(char *str)
8504 s = SMB_STRDUP(str);
8508 homes = lp_servicenumber(HOMES_NAME);
8510 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
8511 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
8514 if (lp_servicenumber(p) >= 0)
8517 home = get_user_home_dir(talloc_tos(), p);
8519 if (home && home[0] && homes >= 0)
8520 lp_add_home(p, homes, p, home);
8527 /***************************************************************************
8528 Auto-load one printer.
8529 ***************************************************************************/
8531 void lp_add_one_printer(const char *name, const char *comment,
8532 const char *location, void *pdata)
8534 int printers = lp_servicenumber(PRINTERS_NAME);
8537 if (lp_servicenumber(name) < 0) {
8538 lp_add_printer(name, printers);
8539 if ((i = lp_servicenumber(name)) >= 0) {
8540 string_set(&ServicePtrs[i]->comment, comment);
8541 ServicePtrs[i]->autoloaded = True;
8546 /***************************************************************************
8547 Have we loaded a services file yet?
8548 ***************************************************************************/
8550 bool lp_loaded(void)
8555 /***************************************************************************
8556 Unload unused services.
8557 ***************************************************************************/
8559 void lp_killunused(struct smbd_server_connection *sconn,
8560 bool (*snumused) (struct smbd_server_connection *, int))
8563 for (i = 0; i < iNumServices; i++) {
8567 /* don't kill autoloaded or usershare services */
8568 if ( ServicePtrs[i]->autoloaded ||
8569 ServicePtrs[i]->usershare == USERSHARE_VALID) {
8573 if (!snumused || !snumused(sconn, i)) {
8574 free_service_byindex(i);
8580 * Kill all except autoloaded and usershare services - convenience wrapper
8582 void lp_kill_all_services(void)
8584 lp_killunused(NULL, NULL);
8587 /***************************************************************************
8589 ***************************************************************************/
8591 void lp_killservice(int iServiceIn)
8593 if (VALID(iServiceIn)) {
8594 free_service_byindex(iServiceIn);
8598 /***************************************************************************
8599 Save the curent values of all global and sDefault parameters into the
8600 defaults union. This allows swat and testparm to show only the
8601 changed (ie. non-default) parameters.
8602 ***************************************************************************/
8604 static void lp_save_defaults(void)
8607 for (i = 0; parm_table[i].label; i++) {
8608 if (i > 0 && parm_table[i].ptr == parm_table[i - 1].ptr)
8610 switch (parm_table[i].type) {
8612 parm_table[i].def.lvalue = str_list_copy(
8613 NULL, *(const char ***)parm_table[i].ptr);
8617 if (parm_table[i].ptr) {
8618 parm_table[i].def.svalue = SMB_STRDUP(*(char **)parm_table[i].ptr);
8620 parm_table[i].def.svalue = NULL;
8625 parm_table[i].def.bvalue =
8626 *(bool *)parm_table[i].ptr;
8629 parm_table[i].def.cvalue =
8630 *(char *)parm_table[i].ptr;
8635 parm_table[i].def.ivalue =
8636 *(int *)parm_table[i].ptr;
8642 defaults_saved = True;
8645 /***********************************************************
8646 If we should send plaintext/LANMAN passwords in the clinet
8647 ************************************************************/
8649 static void set_allowed_client_auth(void)
8651 if (Globals.bClientNTLMv2Auth) {
8652 Globals.bClientLanManAuth = False;
8654 if (!Globals.bClientLanManAuth) {
8655 Globals.bClientPlaintextAuth = False;
8659 /***************************************************************************
8661 The following code allows smbd to read a user defined share file.
8662 Yes, this is my intent. Yes, I'm comfortable with that...
8664 THE FOLLOWING IS SECURITY CRITICAL CODE.
8666 It washes your clothes, it cleans your house, it guards you while you sleep...
8667 Do not f%^k with it....
8668 ***************************************************************************/
8670 #define MAX_USERSHARE_FILE_SIZE (10*1024)
8672 /***************************************************************************
8673 Check allowed stat state of a usershare file.
8674 Ensure we print out who is dicking with us so the admin can
8675 get their sorry ass fired.
8676 ***************************************************************************/
8678 static bool check_usershare_stat(const char *fname,
8679 const SMB_STRUCT_STAT *psbuf)
8681 if (!S_ISREG(psbuf->st_ex_mode)) {
8682 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
8683 "not a regular file\n",
8684 fname, (unsigned int)psbuf->st_ex_uid ));
8688 /* Ensure this doesn't have the other write bit set. */
8689 if (psbuf->st_ex_mode & S_IWOTH) {
8690 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
8691 "public write. Refusing to allow as a usershare file.\n",
8692 fname, (unsigned int)psbuf->st_ex_uid ));
8696 /* Should be 10k or less. */
8697 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
8698 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
8699 "too large (%u) to be a user share file.\n",
8700 fname, (unsigned int)psbuf->st_ex_uid,
8701 (unsigned int)psbuf->st_ex_size ));
8708 /***************************************************************************
8709 Parse the contents of a usershare file.
8710 ***************************************************************************/
8712 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
8713 SMB_STRUCT_STAT *psbuf,
8714 const char *servicename,
8718 char **pp_sharepath,
8720 char **pp_cp_servicename,
8721 struct security_descriptor **ppsd,
8724 const char **prefixallowlist = lp_usershare_prefix_allow_list();
8725 const char **prefixdenylist = lp_usershare_prefix_deny_list();
8728 SMB_STRUCT_STAT sbuf;
8729 char *sharepath = NULL;
8730 char *comment = NULL;
8732 *pp_sharepath = NULL;
8735 *pallow_guest = False;
8738 return USERSHARE_MALFORMED_FILE;
8741 if (strcmp(lines[0], "#VERSION 1") == 0) {
8743 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
8746 return USERSHARE_MALFORMED_FILE;
8749 return USERSHARE_BAD_VERSION;
8752 if (strncmp(lines[1], "path=", 5) != 0) {
8753 return USERSHARE_MALFORMED_PATH;
8756 sharepath = talloc_strdup(ctx, &lines[1][5]);
8758 return USERSHARE_POSIX_ERR;
8760 trim_string(sharepath, " ", " ");
8762 if (strncmp(lines[2], "comment=", 8) != 0) {
8763 return USERSHARE_MALFORMED_COMMENT_DEF;
8766 comment = talloc_strdup(ctx, &lines[2][8]);
8768 return USERSHARE_POSIX_ERR;
8770 trim_string(comment, " ", " ");
8771 trim_char(comment, '"', '"');
8773 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
8774 return USERSHARE_MALFORMED_ACL_DEF;
8777 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
8778 return USERSHARE_ACL_ERR;
8782 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
8783 return USERSHARE_MALFORMED_ACL_DEF;
8785 if (lines[4][9] == 'y') {
8786 *pallow_guest = True;
8789 /* Backwards compatible extension to file version #2. */
8791 if (strncmp(lines[5], "sharename=", 10) != 0) {
8792 return USERSHARE_MALFORMED_SHARENAME_DEF;
8794 if (!strequal(&lines[5][10], servicename)) {
8795 return USERSHARE_BAD_SHARENAME;
8797 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
8798 if (!*pp_cp_servicename) {
8799 return USERSHARE_POSIX_ERR;
8804 if (*pp_cp_servicename == NULL) {
8805 *pp_cp_servicename = talloc_strdup(ctx, servicename);
8806 if (!*pp_cp_servicename) {
8807 return USERSHARE_POSIX_ERR;
8811 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->szPath) == 0)) {
8812 /* Path didn't change, no checks needed. */
8813 *pp_sharepath = sharepath;
8814 *pp_comment = comment;
8815 return USERSHARE_OK;
8818 /* The path *must* be absolute. */
8819 if (sharepath[0] != '/') {
8820 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
8821 servicename, sharepath));
8822 return USERSHARE_PATH_NOT_ABSOLUTE;
8825 /* If there is a usershare prefix deny list ensure one of these paths
8826 doesn't match the start of the user given path. */
8827 if (prefixdenylist) {
8829 for ( i=0; prefixdenylist[i]; i++ ) {
8830 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
8831 servicename, i, prefixdenylist[i], sharepath ));
8832 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
8833 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
8834 "usershare prefix deny list entries.\n",
8835 servicename, sharepath));
8836 return USERSHARE_PATH_IS_DENIED;
8841 /* If there is a usershare prefix allow list ensure one of these paths
8842 does match the start of the user given path. */
8844 if (prefixallowlist) {
8846 for ( i=0; prefixallowlist[i]; i++ ) {
8847 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
8848 servicename, i, prefixallowlist[i], sharepath ));
8849 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
8853 if (prefixallowlist[i] == NULL) {
8854 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
8855 "usershare prefix allow list entries.\n",
8856 servicename, sharepath));
8857 return USERSHARE_PATH_NOT_ALLOWED;
8861 /* Ensure this is pointing to a directory. */
8862 dp = sys_opendir(sharepath);
8865 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
8866 servicename, sharepath));
8867 return USERSHARE_PATH_NOT_DIRECTORY;
8870 /* Ensure the owner of the usershare file has permission to share
8873 if (sys_stat(sharepath, &sbuf, false) == -1) {
8874 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
8875 servicename, sharepath, strerror(errno) ));
8877 return USERSHARE_POSIX_ERR;
8882 if (!S_ISDIR(sbuf.st_ex_mode)) {
8883 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
8884 servicename, sharepath ));
8885 return USERSHARE_PATH_NOT_DIRECTORY;
8888 /* Check if sharing is restricted to owner-only. */
8889 /* psbuf is the stat of the usershare definition file,
8890 sbuf is the stat of the target directory to be shared. */
8892 if (lp_usershare_owner_only()) {
8893 /* root can share anything. */
8894 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
8895 return USERSHARE_PATH_NOT_ALLOWED;
8899 *pp_sharepath = sharepath;
8900 *pp_comment = comment;
8901 return USERSHARE_OK;
8904 /***************************************************************************
8905 Deal with a usershare file.
8908 -1 - Bad name, invalid contents.
8909 - service name already existed and not a usershare, problem
8910 with permissions to share directory etc.
8911 ***************************************************************************/
8913 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
8915 SMB_STRUCT_STAT sbuf;
8916 SMB_STRUCT_STAT lsbuf;
8918 char *sharepath = NULL;
8919 char *comment = NULL;
8920 char *cp_service_name = NULL;
8921 char **lines = NULL;
8925 TALLOC_CTX *ctx = talloc_stackframe();
8926 struct security_descriptor *psd = NULL;
8927 bool guest_ok = False;
8928 char *canon_name = NULL;
8929 bool added_service = false;
8932 /* Ensure share name doesn't contain invalid characters. */
8933 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
8934 DEBUG(0,("process_usershare_file: share name %s contains "
8935 "invalid characters (any of %s)\n",
8936 file_name, INVALID_SHARENAME_CHARS ));
8940 canon_name = canonicalize_servicename(ctx, file_name);
8945 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
8950 /* Minimize the race condition by doing an lstat before we
8951 open and fstat. Ensure this isn't a symlink link. */
8953 if (sys_lstat(fname, &lsbuf, false) != 0) {
8954 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
8955 fname, strerror(errno) ));
8959 /* This must be a regular file, not a symlink, directory or
8960 other strange filetype. */
8961 if (!check_usershare_stat(fname, &lsbuf)) {
8966 TDB_DATA data = dbwrap_fetch_bystring(
8967 ServiceHash, canon_name, canon_name);
8971 if ((data.dptr != NULL) && (data.dsize == sizeof(iService))) {
8972 iService = *(int *)data.dptr;
8976 if (iService != -1 &&
8977 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
8978 &lsbuf.st_ex_mtime) == 0) {
8979 /* Nothing changed - Mark valid and return. */
8980 DEBUG(10,("process_usershare_file: service %s not changed.\n",
8982 ServicePtrs[iService]->usershare = USERSHARE_VALID;
8987 /* Try and open the file read only - no symlinks allowed. */
8989 fd = sys_open(fname, O_RDONLY|O_NOFOLLOW, 0);
8991 fd = sys_open(fname, O_RDONLY, 0);
8995 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
8996 fname, strerror(errno) ));
9000 /* Now fstat to be *SURE* it's a regular file. */
9001 if (sys_fstat(fd, &sbuf, false) != 0) {
9003 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
9004 fname, strerror(errno) ));
9008 /* Is it the same dev/inode as was lstated ? */
9009 if (lsbuf.st_ex_dev != sbuf.st_ex_dev || lsbuf.st_ex_ino != sbuf.st_ex_ino) {
9011 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
9012 "Symlink spoofing going on ?\n", fname ));
9016 /* This must be a regular file, not a symlink, directory or
9017 other strange filetype. */
9018 if (!check_usershare_stat(fname, &sbuf)) {
9022 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
9025 if (lines == NULL) {
9026 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
9027 fname, (unsigned int)sbuf.st_ex_uid ));
9031 if (parse_usershare_file(ctx, &sbuf, file_name,
9032 iService, lines, numlines, &sharepath,
9033 &comment, &cp_service_name,
9034 &psd, &guest_ok) != USERSHARE_OK) {
9038 /* Everything ok - add the service possibly using a template. */
9040 const struct service *sp = &sDefault;
9041 if (snum_template != -1) {
9042 sp = ServicePtrs[snum_template];
9045 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
9046 DEBUG(0, ("process_usershare_file: Failed to add "
9047 "new service %s\n", cp_service_name));
9051 added_service = true;
9053 /* Read only is controlled by usershare ACL below. */
9054 ServicePtrs[iService]->bRead_only = False;
9057 /* Write the ACL of the new/modified share. */
9058 if (!set_share_security(canon_name, psd)) {
9059 DEBUG(0, ("process_usershare_file: Failed to set share "
9060 "security for user share %s\n",
9065 /* If from a template it may be marked invalid. */
9066 ServicePtrs[iService]->valid = True;
9068 /* Set the service as a valid usershare. */
9069 ServicePtrs[iService]->usershare = USERSHARE_VALID;
9071 /* Set guest access. */
9072 if (lp_usershare_allow_guests()) {
9073 ServicePtrs[iService]->bGuest_ok = guest_ok;
9076 /* And note when it was loaded. */
9077 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
9078 string_set(&ServicePtrs[iService]->szPath, sharepath);
9079 string_set(&ServicePtrs[iService]->comment, comment);
9085 if (ret == -1 && iService != -1 && added_service) {
9086 lp_remove_service(iService);
9094 /***************************************************************************
9095 Checks if a usershare entry has been modified since last load.
9096 ***************************************************************************/
9098 static bool usershare_exists(int iService, struct timespec *last_mod)
9100 SMB_STRUCT_STAT lsbuf;
9101 const char *usersharepath = Globals.szUsersharePath;
9104 if (asprintf(&fname, "%s/%s",
9106 ServicePtrs[iService]->szService) < 0) {
9110 if (sys_lstat(fname, &lsbuf, false) != 0) {
9115 if (!S_ISREG(lsbuf.st_ex_mode)) {
9121 *last_mod = lsbuf.st_ex_mtime;
9125 /***************************************************************************
9126 Load a usershare service by name. Returns a valid servicenumber or -1.
9127 ***************************************************************************/
9129 int load_usershare_service(const char *servicename)
9131 SMB_STRUCT_STAT sbuf;
9132 const char *usersharepath = Globals.szUsersharePath;
9133 int max_user_shares = Globals.iUsershareMaxShares;
9134 int snum_template = -1;
9136 if (*usersharepath == 0 || max_user_shares == 0) {
9140 if (sys_stat(usersharepath, &sbuf, false) != 0) {
9141 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
9142 usersharepath, strerror(errno) ));
9146 if (!S_ISDIR(sbuf.st_ex_mode)) {
9147 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
9153 * This directory must be owned by root, and have the 't' bit set.
9154 * It also must not be writable by "other".
9158 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
9160 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
9162 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
9163 "or does not have the sticky bit 't' set or is writable by anyone.\n",
9168 /* Ensure the template share exists if it's set. */
9169 if (Globals.szUsershareTemplateShare[0]) {
9170 /* We can't use lp_servicenumber here as we are recommending that
9171 template shares have -valid=False set. */
9172 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
9173 if (ServicePtrs[snum_template]->szService &&
9174 strequal(ServicePtrs[snum_template]->szService,
9175 Globals.szUsershareTemplateShare)) {
9180 if (snum_template == -1) {
9181 DEBUG(0,("load_usershare_service: usershare template share %s "
9182 "does not exist.\n",
9183 Globals.szUsershareTemplateShare ));
9188 return process_usershare_file(usersharepath, servicename, snum_template);
9191 /***************************************************************************
9192 Load all user defined shares from the user share directory.
9193 We only do this if we're enumerating the share list.
9194 This is the function that can delete usershares that have
9196 ***************************************************************************/
9198 int load_usershare_shares(struct smbd_server_connection *sconn)
9201 SMB_STRUCT_STAT sbuf;
9202 SMB_STRUCT_DIRENT *de;
9203 int num_usershares = 0;
9204 int max_user_shares = Globals.iUsershareMaxShares;
9205 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
9206 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
9207 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
9209 int snum_template = -1;
9210 const char *usersharepath = Globals.szUsersharePath;
9211 int ret = lp_numservices();
9213 if (max_user_shares == 0 || *usersharepath == '\0') {
9214 return lp_numservices();
9217 if (sys_stat(usersharepath, &sbuf, false) != 0) {
9218 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
9219 usersharepath, strerror(errno) ));
9224 * This directory must be owned by root, and have the 't' bit set.
9225 * It also must not be writable by "other".
9229 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
9231 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
9233 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
9234 "or does not have the sticky bit 't' set or is writable by anyone.\n",
9239 /* Ensure the template share exists if it's set. */
9240 if (Globals.szUsershareTemplateShare[0]) {
9241 /* We can't use lp_servicenumber here as we are recommending that
9242 template shares have -valid=False set. */
9243 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
9244 if (ServicePtrs[snum_template]->szService &&
9245 strequal(ServicePtrs[snum_template]->szService,
9246 Globals.szUsershareTemplateShare)) {
9251 if (snum_template == -1) {
9252 DEBUG(0,("load_usershare_shares: usershare template share %s "
9253 "does not exist.\n",
9254 Globals.szUsershareTemplateShare ));
9259 /* Mark all existing usershares as pending delete. */
9260 for (iService = iNumServices - 1; iService >= 0; iService--) {
9261 if (VALID(iService) && ServicePtrs[iService]->usershare) {
9262 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
9266 dp = sys_opendir(usersharepath);
9268 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
9269 usersharepath, strerror(errno) ));
9273 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
9274 (de = sys_readdir(dp));
9275 num_dir_entries++ ) {
9277 const char *n = de->d_name;
9279 /* Ignore . and .. */
9281 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
9287 /* Temporary file used when creating a share. */
9288 num_tmp_dir_entries++;
9291 /* Allow 20% tmp entries. */
9292 if (num_tmp_dir_entries > allowed_tmp_entries) {
9293 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
9294 "in directory %s\n",
9295 num_tmp_dir_entries, usersharepath));
9299 r = process_usershare_file(usersharepath, n, snum_template);
9301 /* Update the services count. */
9303 if (num_usershares >= max_user_shares) {
9304 DEBUG(0,("load_usershare_shares: max user shares reached "
9305 "on file %s in directory %s\n",
9306 n, usersharepath ));
9309 } else if (r == -1) {
9310 num_bad_dir_entries++;
9313 /* Allow 20% bad entries. */
9314 if (num_bad_dir_entries > allowed_bad_entries) {
9315 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
9316 "in directory %s\n",
9317 num_bad_dir_entries, usersharepath));
9321 /* Allow 20% bad entries. */
9322 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
9323 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
9324 "in directory %s\n",
9325 num_dir_entries, usersharepath));
9332 /* Sweep through and delete any non-refreshed usershares that are
9333 not currently in use. */
9334 for (iService = iNumServices - 1; iService >= 0; iService--) {
9335 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
9336 if (conn_snum_used(sconn, iService)) {
9339 /* Remove from the share ACL db. */
9340 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
9341 lp_servicename(iService) ));
9342 delete_share_security(lp_servicename(iService));
9343 free_service_byindex(iService);
9347 return lp_numservices();
9350 /********************************************************
9351 Destroy global resources allocated in this file
9352 ********************************************************/
9354 void gfree_loadparm(void)
9360 /* Free resources allocated to services */
9362 for ( i = 0; i < iNumServices; i++ ) {
9364 free_service_byindex(i);
9368 SAFE_FREE( ServicePtrs );
9371 /* Now release all resources allocated to global
9372 parameters and the default service */
9374 free_global_parameters();
9378 /***************************************************************************
9379 Allow client apps to specify that they are a client
9380 ***************************************************************************/
9381 void lp_set_in_client(bool b)
9387 /***************************************************************************
9388 Determine if we're running in a client app
9389 ***************************************************************************/
9390 bool lp_is_in_client(void)
9395 /***************************************************************************
9396 Load the services array from the services file. Return True on success,
9398 ***************************************************************************/
9400 static bool lp_load_ex(const char *pszFname,
9404 bool initialize_globals,
9405 bool allow_include_registry,
9406 bool allow_registry_shares)
9413 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
9415 bInGlobalSection = True;
9416 bGlobalOnly = global_only;
9417 bAllowIncludeRegistry = allow_include_registry;
9419 init_globals(initialize_globals);
9423 if (save_defaults) {
9428 free_param_opts(&Globals.param_opt);
9430 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
9432 /* We get sections first, so have to start 'behind' to make up */
9435 if (lp_config_backend_is_file()) {
9436 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
9437 current_user_info.domain,
9440 smb_panic("lp_load_ex: out of memory");
9443 add_to_file_list(pszFname, n2);
9445 bRetval = pm_process(n2, do_section, do_parameter, NULL);
9448 /* finish up the last section */
9449 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
9451 if (iServiceIndex >= 0) {
9452 bRetval = service_ok(iServiceIndex);
9456 if (lp_config_backend_is_registry()) {
9457 /* config backend changed to registry in config file */
9459 * We need to use this extra global variable here to
9460 * survive restart: init_globals uses this as a default
9461 * for ConfigBackend. Otherwise, init_globals would
9462 * send us into an endless loop here.
9464 config_backend = CONFIG_BACKEND_REGISTRY;
9466 DEBUG(1, ("lp_load_ex: changing to config backend "
9469 lp_kill_all_services();
9470 return lp_load_ex(pszFname, global_only, save_defaults,
9471 add_ipc, initialize_globals,
9472 allow_include_registry,
9473 allow_registry_shares);
9475 } else if (lp_config_backend_is_registry()) {
9476 bRetval = process_registry_globals();
9478 DEBUG(0, ("Illegal config backend given: %d\n",
9479 lp_config_backend()));
9483 if (bRetval && lp_registry_shares() && allow_registry_shares) {
9484 bRetval = process_registry_shares();
9487 lp_add_auto_services(lp_auto_services());
9490 /* When 'restrict anonymous = 2' guest connections to ipc$
9492 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
9493 if ( lp_enable_asu_support() ) {
9494 lp_add_ipc("ADMIN$", false);
9499 set_default_server_announce_type();
9500 set_allowed_client_auth();
9502 if (lp_security() == SEC_SHARE) {
9503 DEBUG(1, ("WARNING: The security=share option is deprecated\n"));
9504 } else if (lp_security() == SEC_SERVER) {
9505 DEBUG(1, ("WARNING: The security=server option is deprecated\n"));
9508 if (lp_security() == SEC_ADS && strchr(lp_passwordserver(), ':')) {
9509 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
9510 lp_passwordserver()));
9515 /* Now we check bWINSsupport and set szWINSserver to 127.0.0.1 */
9516 /* if bWINSsupport is true and we are in the client */
9517 if (lp_is_in_client() && Globals.bWINSsupport) {
9518 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
9523 fault_configure(smb_panic_s3);
9525 bAllowIncludeRegistry = true;
9530 bool lp_load(const char *pszFname,
9534 bool initialize_globals)
9536 return lp_load_ex(pszFname,
9541 true, /* allow_include_registry */
9542 false); /* allow_registry_shares*/
9545 bool lp_load_initial_only(const char *pszFname)
9547 return lp_load_ex(pszFname,
9548 true, /* global only */
9549 false, /* save_defaults */
9550 false, /* add_ipc */
9551 true, /* initialize_globals */
9552 false, /* allow_include_registry */
9553 false); /* allow_registry_shares*/
9556 bool lp_load_with_registry_shares(const char *pszFname,
9560 bool initialize_globals)
9562 return lp_load_ex(pszFname,
9567 true, /* allow_include_registry */
9568 true); /* allow_registry_shares*/
9571 /***************************************************************************
9572 Return the max number of services.
9573 ***************************************************************************/
9575 int lp_numservices(void)
9577 return (iNumServices);
9580 /***************************************************************************
9581 Display the contents of the services array in human-readable form.
9582 ***************************************************************************/
9584 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
9589 defaults_saved = False;
9593 dump_a_service(&sDefault, f);
9595 for (iService = 0; iService < maxtoprint; iService++) {
9597 lp_dump_one(f, show_defaults, iService);
9601 /***************************************************************************
9602 Display the contents of one service in human-readable form.
9603 ***************************************************************************/
9605 void lp_dump_one(FILE * f, bool show_defaults, int snum)
9608 if (ServicePtrs[snum]->szService[0] == '\0')
9610 dump_a_service(ServicePtrs[snum], f);
9614 /***************************************************************************
9615 Return the number of the service with the given name, or -1 if it doesn't
9616 exist. Note that this is a DIFFERENT ANIMAL from the internal function
9617 getservicebyname()! This works ONLY if all services have been loaded, and
9618 does not copy the found service.
9619 ***************************************************************************/
9621 int lp_servicenumber(const char *pszServiceName)
9624 fstring serviceName;
9626 if (!pszServiceName) {
9627 return GLOBAL_SECTION_SNUM;
9630 for (iService = iNumServices - 1; iService >= 0; iService--) {
9631 if (VALID(iService) && ServicePtrs[iService]->szService) {
9633 * The substitution here is used to support %U is
9636 fstrcpy(serviceName, ServicePtrs[iService]->szService);
9637 standard_sub_basic(get_current_username(),
9638 current_user_info.domain,
9639 serviceName,sizeof(serviceName));
9640 if (strequal(serviceName, pszServiceName)) {
9646 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
9647 struct timespec last_mod;
9649 if (!usershare_exists(iService, &last_mod)) {
9650 /* Remove the share security tdb entry for it. */
9651 delete_share_security(lp_servicename(iService));
9652 /* Remove it from the array. */
9653 free_service_byindex(iService);
9654 /* Doesn't exist anymore. */
9655 return GLOBAL_SECTION_SNUM;
9658 /* Has it been modified ? If so delete and reload. */
9659 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
9661 /* Remove it from the array. */
9662 free_service_byindex(iService);
9663 /* and now reload it. */
9664 iService = load_usershare_service(pszServiceName);
9669 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
9670 return GLOBAL_SECTION_SNUM;
9676 bool share_defined(const char *service_name)
9678 return (lp_servicenumber(service_name) != -1);
9681 /*******************************************************************
9682 A useful volume label function.
9683 ********************************************************************/
9685 const char *volume_label(int snum)
9688 const char *label = lp_volume(snum);
9690 label = lp_servicename(snum);
9693 /* This returns a 33 byte guarenteed null terminated string. */
9694 ret = talloc_strndup(talloc_tos(), label, 32);
9701 /*******************************************************************
9702 Set the server type we will announce as via nmbd.
9703 ********************************************************************/
9705 static void set_default_server_announce_type(void)
9707 default_server_announce = 0;
9708 default_server_announce |= SV_TYPE_WORKSTATION;
9709 default_server_announce |= SV_TYPE_SERVER;
9710 default_server_announce |= SV_TYPE_SERVER_UNIX;
9712 /* note that the flag should be set only if we have a
9713 printer service but nmbd doesn't actually load the
9714 services so we can't tell --jerry */
9716 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
9718 default_server_announce |= SV_TYPE_SERVER_NT;
9719 default_server_announce |= SV_TYPE_NT;
9721 switch (lp_server_role()) {
9722 case ROLE_DOMAIN_MEMBER:
9723 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
9725 case ROLE_DOMAIN_PDC:
9726 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
9728 case ROLE_DOMAIN_BDC:
9729 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
9731 case ROLE_STANDALONE:
9735 if (lp_time_server())
9736 default_server_announce |= SV_TYPE_TIME_SOURCE;
9738 if (lp_host_msdfs())
9739 default_server_announce |= SV_TYPE_DFS_SERVER;
9742 /***********************************************************
9743 If we are PDC then prefer us as DMB
9744 ************************************************************/
9746 bool lp_domain_master(void)
9748 if (Globals.iDomainMaster == Auto)
9749 return (lp_server_role() == ROLE_DOMAIN_PDC);
9751 return (bool)Globals.iDomainMaster;
9754 /***********************************************************
9755 If we are PDC then prefer us as DMB
9756 ************************************************************/
9758 bool lp_domain_master_true_or_auto(void)
9760 if (Globals.iDomainMaster) /* auto or yes */
9766 /***********************************************************
9767 If we are DMB then prefer us as LMB
9768 ************************************************************/
9770 bool lp_preferred_master(void)
9772 if (Globals.iPreferredMaster == Auto)
9773 return (lp_local_master() && lp_domain_master());
9775 return (bool)Globals.iPreferredMaster;
9778 /*******************************************************************
9780 ********************************************************************/
9782 void lp_remove_service(int snum)
9784 ServicePtrs[snum]->valid = False;
9785 invalid_services[num_invalid_services++] = snum;
9788 /*******************************************************************
9790 ********************************************************************/
9792 void lp_copy_service(int snum, const char *new_name)
9794 do_section(new_name, NULL);
9796 snum = lp_servicenumber(new_name);
9798 lp_do_parameter(snum, "copy", lp_servicename(snum));
9803 /*******************************************************************
9804 Get the default server type we will announce as via nmbd.
9805 ********************************************************************/
9807 int lp_default_server_announce(void)
9809 return default_server_announce;
9812 /***********************************************************
9813 Set the global name resolution order (used in smbclient).
9814 ************************************************************/
9816 void lp_set_name_resolve_order(const char *new_order)
9818 string_set(&Globals.szNameResolveOrder, new_order);
9821 const char *lp_printername(int snum)
9823 const char *ret = _lp_printername(snum);
9824 if (ret == NULL || (ret != NULL && *ret == '\0'))
9825 ret = lp_const_servicename(snum);
9831 /***********************************************************
9832 Allow daemons such as winbindd to fix their logfile name.
9833 ************************************************************/
9835 void lp_set_logfile(const char *name)
9837 string_set(&Globals.szLogFile, name);
9838 debug_set_logfile(name);
9841 /*******************************************************************
9842 Return the max print jobs per queue.
9843 ********************************************************************/
9845 int lp_maxprintjobs(int snum)
9847 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
9848 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
9849 maxjobs = PRINT_MAX_JOBID - 1;
9854 const char *lp_printcapname(void)
9856 if ((Globals.szPrintcapname != NULL) &&
9857 (Globals.szPrintcapname[0] != '\0'))
9858 return Globals.szPrintcapname;
9860 if (sDefault.iPrinting == PRINT_CUPS) {
9868 if (sDefault.iPrinting == PRINT_BSD)
9869 return "/etc/printcap";
9871 return PRINTCAP_NAME;
9874 static uint32 spoolss_state;
9876 bool lp_disable_spoolss( void )
9878 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
9879 spoolss_state = _lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
9881 return spoolss_state == SVCCTL_STOPPED ? True : False;
9884 void lp_set_spoolss_state( uint32 state )
9886 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
9888 spoolss_state = state;
9891 uint32 lp_get_spoolss_state( void )
9893 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
9896 /*******************************************************************
9897 Ensure we don't use sendfile if server smb signing is active.
9898 ********************************************************************/
9900 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
9902 bool sign_active = false;
9904 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
9905 if (get_Protocol() < PROTOCOL_NT1) {
9908 if (signing_state) {
9909 sign_active = smb_signing_is_active(signing_state);
9911 return (_lp_use_sendfile(snum) &&
9912 (get_remote_arch() != RA_WIN95) &&
9916 /*******************************************************************
9917 Turn off sendfile if we find the underlying OS doesn't support it.
9918 ********************************************************************/
9920 void set_use_sendfile(int snum, bool val)
9922 if (LP_SNUM_OK(snum))
9923 ServicePtrs[snum]->bUseSendfile = val;
9925 sDefault.bUseSendfile = val;
9928 /*******************************************************************
9929 Turn off storing DOS attributes if this share doesn't support it.
9930 ********************************************************************/
9932 void set_store_dos_attributes(int snum, bool val)
9934 if (!LP_SNUM_OK(snum))
9936 ServicePtrs[(snum)]->bStoreDosAttributes = val;
9939 void lp_set_mangling_method(const char *new_method)
9941 string_set(&Globals.szManglingMethod, new_method);
9944 /*******************************************************************
9945 Global state for POSIX pathname processing.
9946 ********************************************************************/
9948 static bool posix_pathnames;
9950 bool lp_posix_pathnames(void)
9952 return posix_pathnames;
9955 /*******************************************************************
9956 Change everything needed to ensure POSIX pathname processing (currently
9958 ********************************************************************/
9960 void lp_set_posix_pathnames(void)
9962 posix_pathnames = True;
9965 /*******************************************************************
9966 Global state for POSIX lock processing - CIFS unix extensions.
9967 ********************************************************************/
9969 bool posix_default_lock_was_set;
9970 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
9972 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
9974 if (posix_default_lock_was_set) {
9975 return posix_cifsx_locktype;
9977 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
9981 /*******************************************************************
9982 ********************************************************************/
9984 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
9986 posix_default_lock_was_set = True;
9987 posix_cifsx_locktype = val;
9990 int lp_min_receive_file_size(void)
9992 if (Globals.iminreceivefile < 0) {
9995 return MIN(Globals.iminreceivefile, BUFFER_SIZE);
9998 /*******************************************************************
9999 If socket address is an empty character string, it is necessary to
10000 define it as "0.0.0.0".
10001 ********************************************************************/
10003 const char *lp_socket_address(void)
10005 char *sock_addr = Globals.szSocketAddress;
10007 if (sock_addr[0] == '\0'){
10008 string_set(&Globals.szSocketAddress, "0.0.0.0");
10010 return Globals.szSocketAddress;
10013 void lp_set_passdb_backend(const char *backend)
10015 string_set(&Globals.szPassdbBackend, backend);
10018 /*******************************************************************
10019 Safe wide links checks.
10020 This helper function always verify the validity of wide links,
10021 even after a configuration file reload.
10022 ********************************************************************/
10024 static bool lp_widelinks_internal(int snum)
10026 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
10027 sDefault.bWidelinks);
10030 void widelinks_warning(int snum)
10032 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
10033 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
10034 "These parameters are incompatible. "
10035 "Wide links will be disabled for this share.\n",
10036 lp_servicename(snum) ));
10040 bool lp_widelinks(int snum)
10042 /* wide links is always incompatible with unix extensions */
10043 if (lp_unix_extensions()) {
10047 return lp_widelinks_internal(snum);
10050 bool lp_writeraw(void)
10052 if (lp_async_smb_echo_handler()) {
10055 return _lp_writeraw();
10058 bool lp_readraw(void)
10060 if (lp_async_smb_echo_handler()) {
10063 return _lp_readraw();
git.samba.org / ira / wip.git / blob