char *szSocketOptions;
char *szRealm;
char *szAfsUsernameMap;
+ int iAfsTokenLifetime;
char *szUsernameMap;
char *szLogonScript;
char *szLogonPath;
BOOL bKernelChangeNotify;
BOOL bUseKerberosKeytab;
BOOL bDeferSharingViolations;
+ BOOL bEnablePrivileges;
int restrict_anonymous;
int name_cache_timeout;
int client_signing;
BOOL bMap_archive;
BOOL bStoreDosAttributes;
BOOL bLocking;
- BOOL bStrictLocking;
+ int iStrictLocking;
BOOL bPosixLocking;
BOOL bShareModes;
BOOL bOpLocks;
True, /* bMap_archive */
False, /* bStoreDosAttributes */
True, /* bLocking */
- True, /* bStrictLocking */
+ True, /* iStrictLocking */
True, /* bPosixLocking */
True, /* bShareModes */
True, /* bOpLocks */
{"server schannel", P_ENUM, P_GLOBAL, &Globals.serverSchannel, NULL, enum_bool_auto, FLAG_BASIC | FLAG_ADVANCED},
{"allow trusted domains", P_BOOL, P_GLOBAL, &Globals.bAllowTrustedDomains, NULL, NULL, FLAG_ADVANCED},
{"hosts equiv", P_STRING, P_GLOBAL, &Globals.szHostsEquiv, NULL, NULL, FLAG_ADVANCED},
- {"min password length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_ADVANCED},
- {"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_ADVANCED},
+ {"min password length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_DEPRECATED},
+ {"min passwd length", P_INTEGER, P_GLOBAL, &Globals.min_passwd_length, NULL, NULL, FLAG_DEPRECATED},
{"map to guest", P_ENUM, P_GLOBAL, &Globals.map_to_guest, NULL, enum_map_to_guest, FLAG_ADVANCED},
{"null passwords", P_BOOL, P_GLOBAL, &Globals.bNullPasswords, NULL, NULL, FLAG_ADVANCED},
{"obey pam restrictions", P_BOOL, P_GLOBAL, &Globals.bObeyPamRestrictions, NULL, NULL, FLAG_ADVANCED},
{"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_HIDE},
{"root", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_HIDE},
{"guest account", P_STRING, P_GLOBAL, &Globals.szGuestaccount, NULL, NULL, FLAG_BASIC | FLAG_ADVANCED},
+ {"enable privileges", P_BOOL, P_GLOBAL, &Globals.bEnablePrivileges, NULL, NULL, FLAG_ADVANCED},
{"pam password change", P_BOOL, P_GLOBAL, &Globals.bPamPasswordChange, NULL, NULL, FLAG_ADVANCED},
{"passwd program", P_STRING, P_GLOBAL, &Globals.szPasswdProgram, NULL, NULL, FLAG_ADVANCED},
{"oplock break wait time", P_INTEGER, P_GLOBAL, &Globals.oplock_break_wait_time, NULL, NULL, FLAG_ADVANCED | FLAG_GLOBAL},
{"oplock contention limit", P_INTEGER, P_LOCAL, &sDefault.iOplockContentionLimit, NULL, NULL, FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL},
{"posix locking", P_BOOL, P_LOCAL, &sDefault.bPosixLocking, NULL, NULL, FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL},
- {"strict locking", P_BOOL, P_LOCAL, &sDefault.bStrictLocking, NULL, NULL, FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL},
+ {"strict locking", P_ENUM, P_LOCAL, &sDefault.iStrictLocking, NULL, enum_bool_auto, FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL},
{"share modes", P_BOOL, P_LOCAL, &sDefault.bShareModes, NULL, NULL, FLAG_ADVANCED | FLAG_SHARE | FLAG_GLOBAL},
{N_("Ldap Options"), P_SEP, P_SEPARATOR},
{"ldap idmap suffix", P_STRING, P_GLOBAL, &Globals.szLdapIdmapSuffix, NULL, NULL, FLAG_ADVANCED},
{"ldap machine suffix", P_STRING, P_GLOBAL, &Globals.szLdapMachineSuffix, NULL, NULL, FLAG_ADVANCED},
{"ldap passwd sync", P_ENUM, P_GLOBAL, &Globals.ldap_passwd_sync, NULL, enum_ldap_passwd_sync, FLAG_ADVANCED},
+ {"ldap password sync", P_ENUM, P_GLOBAL, &Globals.ldap_passwd_sync, NULL, enum_ldap_passwd_sync, FLAG_HIDE},
{"ldap replication sleep", P_INTEGER, P_GLOBAL, &Globals.ldap_replication_sleep, NULL, NULL, FLAG_ADVANCED},
{"ldap suffix", P_STRING, P_GLOBAL, &Globals.szLdapSuffix, NULL, NULL, FLAG_ADVANCED},
{"ldap ssl", P_ENUM, P_GLOBAL, &Globals.ldap_ssl, NULL, enum_ldap_ssl, FLAG_ADVANCED},
{"socket address", P_STRING, P_GLOBAL, &Globals.szSocketAddress, NULL, NULL, FLAG_ADVANCED},
{"homedir map", P_STRING, P_GLOBAL, &Globals.szNISHomeMapName, NULL, NULL, FLAG_ADVANCED},
{"afs username map", P_STRING, P_GLOBAL, &Globals.szAfsUsernameMap, NULL, NULL, FLAG_ADVANCED},
+ {"afs token lifetime", P_INTEGER, P_GLOBAL, &Globals.iAfsTokenLifetime, NULL, NULL, FLAG_ADVANCED},
{"time offset", P_INTEGER, P_GLOBAL, &extra_time_offset, NULL, NULL, FLAG_ADVANCED},
{"NIS homedir", P_BOOL, P_GLOBAL, &Globals.bNISHomeMap, NULL, NULL, FLAG_ADVANCED},
{"-valid", P_BOOL, P_LOCAL, &sDefault.valid, NULL, NULL, FLAG_HIDE},
{"template shell", P_STRING, P_GLOBAL, &Globals.szTemplateShell, NULL, NULL, FLAG_ADVANCED},
{"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED},
{"winbind cache time", P_INTEGER, P_GLOBAL, &Globals.winbind_cache_time, NULL, NULL, FLAG_ADVANCED},
- {"winbind enable local accounts", P_BOOL, P_GLOBAL, &Globals.bWinbindEnableLocalAccounts, NULL, NULL, FLAG_ADVANCED},
+ {"winbind enable local accounts", P_BOOL, P_GLOBAL, &Globals.bWinbindEnableLocalAccounts, NULL, NULL, FLAG_ADVANCED|FLAG_DEPRECATED},
{"winbind enum users", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumUsers, NULL, NULL, FLAG_ADVANCED},
{"winbind enum groups", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumGroups, NULL, NULL, FLAG_ADVANCED},
{"winbind use default domain", P_BOOL, P_GLOBAL, &Globals.bWinbindUseDefaultDomain, NULL, NULL, FLAG_ADVANCED},
string_set(&pService->szLpresumecommand, "");
string_set(&pService->szQueuepausecommand, "");
string_set(&pService->szQueueresumecommand, "");
-
- string_set(&Globals.szPrintcapname, "cups");
#else
string_set(&pService->szLpqcommand, "/usr/bin/lpstat -o '%p'");
string_set(&pService->szLprmcommand, "/usr/bin/cancel '%p-%j'");
string_set(&pService->szLpresumecommand, "lp -i '%p-%j' -H resume");
string_set(&pService->szQueuepausecommand, "/usr/bin/disable '%p'");
string_set(&pService->szQueueresumecommand, "/usr/bin/enable '%p'");
- string_set(&Globals.szPrintcapname, "lpstat");
#endif /* HAVE_CUPS */
break;
string_set(&Globals.szWorkgroup, lp_workgroup());
string_set(&Globals.szPasswdProgram, "");
- string_set(&Globals.szPrintcapname, PRINTCAP_NAME);
string_set(&Globals.szPidDir, dyn_PIDDIR);
string_set(&Globals.szLockDir, dyn_LOCKDIR);
string_set(&Globals.szSocketAddress, "0.0.0.0");
/* Discovered by 2 days of pain by Don McCall @ HP :-). */
Globals.max_xmit = 0x4104;
Globals.max_mux = 50; /* This is *needed* for profile support. */
- Globals.lpqcachetime = 10;
+ Globals.lpqcachetime = 30; /* changed to handle large print servers better -- jerry */
Globals.bDisableSpoolss = False;
Globals.iMaxSmbdProcesses = 0;/* no limit specified */
Globals.pwordlevel = 0;
Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
Globals.ldap_timeout = LDAP_CONNECT_DEFAULT_TIMEOUT;
+ /* This is what we tell the afs client. in reality we set the token
+ * to never expire, though, when this runs out the afs client will
+ * forget the token. Set to 0 to get NEVERDATE.*/
+ Globals.iAfsTokenLifetime = 604800;
+
/* these parameters are set to defaults that are more appropriate
for the increasing samba install base:
Globals.bDeferSharingViolations = True;
string_set(&Globals.smb_ports, SMB_PORTS);
+
+ /* don't enable privileges by default since Domain
+ Admins can then assign thr rights to perform certain
+ operations as root */
+
+ Globals.bEnablePrivileges = False;
}
static TALLOC_CTX *lp_talloc;
if (!lp_talloc)
lp_talloc = talloc_init("lp_talloc");
- tmpstr = alloc_sub_basic(current_user_info.smb_name, s);
+ tmpstr = alloc_sub_basic(get_current_username(), s);
if (trim_char(tmpstr, '\"', '\"')) {
if (strchr(tmpstr,'\"') != NULL) {
SAFE_FREE(tmpstr);
- tmpstr = alloc_sub_basic(current_user_info.smb_name,s);
+ tmpstr = alloc_sub_basic(get_current_username(),s);
}
}
ret = talloc_strdup(lp_talloc, tmpstr);
FN_GLOBAL_STRING(lp_private_dir, &Globals.szPrivateDir)
FN_GLOBAL_STRING(lp_serverstring, &Globals.szServerString)
FN_GLOBAL_INTEGER(lp_printcap_cache_time, &Globals.PrintcapCacheTime)
-FN_GLOBAL_STRING(lp_printcapname, &Globals.szPrintcapname)
FN_GLOBAL_STRING(lp_enumports_cmd, &Globals.szEnumPortsCommand)
FN_GLOBAL_STRING(lp_addprinter_cmd, &Globals.szAddPrinterCommand)
FN_GLOBAL_STRING(lp_deleteprinter_cmd, &Globals.szDeletePrinterCommand)
FN_GLOBAL_STRING(lp_name_resolve_order, &Globals.szNameResolveOrder)
FN_GLOBAL_STRING(lp_realm, &Globals.szRealm)
FN_GLOBAL_CONST_STRING(lp_afs_username_map, &Globals.szAfsUsernameMap)
+FN_GLOBAL_INTEGER(lp_afs_token_lifetime, &Globals.iAfsTokenLifetime)
FN_GLOBAL_STRING(lp_username_map, &Globals.szUsernameMap)
FN_GLOBAL_CONST_STRING(lp_logon_script, &Globals.szLogonScript)
FN_GLOBAL_CONST_STRING(lp_logon_path, &Globals.szLogonPath)
FN_GLOBAL_BOOL(lp_kernel_change_notify, &Globals.bKernelChangeNotify)
FN_GLOBAL_BOOL(lp_use_kerberos_keytab, &Globals.bUseKerberosKeytab)
FN_GLOBAL_BOOL(lp_defer_sharing_violations, &Globals.bDeferSharingViolations)
+FN_GLOBAL_BOOL(lp_enable_privileges, &Globals.bEnablePrivileges)
FN_GLOBAL_INTEGER(lp_os_level, &Globals.os_level)
FN_GLOBAL_INTEGER(lp_max_ttl, &Globals.max_ttl)
FN_GLOBAL_INTEGER(lp_max_wins_ttl, &Globals.max_wins_ttl)
FN_LOCAL_BOOL(lp_map_archive, bMap_archive)
FN_LOCAL_BOOL(lp_store_dos_attributes, bStoreDosAttributes)
FN_LOCAL_BOOL(lp_locking, bLocking)
-FN_LOCAL_BOOL(lp_strict_locking, bStrictLocking)
+FN_LOCAL_INTEGER(lp_strict_locking, iStrictLocking)
FN_LOCAL_BOOL(lp_posix_locking, bPosixLocking)
FN_LOCAL_BOOL(lp_share_modes, bShareModes)
FN_LOCAL_BOOL(lp_oplocks, bOpLocks)
if (i == iNumServices) {
service **tsp;
- tsp = (service **) Realloc(ServicePtrs,
- sizeof(service *) *
- num_to_alloc);
+ tsp = SMB_REALLOC_ARRAY(ServicePtrs, service *, num_to_alloc);
if (!tsp) {
DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
}
else {
ServicePtrs = tsp;
- ServicePtrs[iNumServices] =
- (service *) malloc(sizeof(service));
+ ServicePtrs[iNumServices] = SMB_MALLOC_P(service);
}
if (!ServicePtrs[iNumServices]) {
DEBUG(0,("add_a_service: out of memory!\n"));
if (strcmp(pdata->key, data->key) == 0) {
string_free(&pdata->value);
str_list_free(&data->list);
- pdata->value = strdup(data->value);
+ pdata->value = SMB_STRDUP(data->value);
not_added = False;
break;
}
pdata = pdata->next;
}
if (not_added) {
- paramo = smb_xmalloc(sizeof(param_opt_struct));
- paramo->key = strdup(data->key);
- paramo->value = strdup(data->value);
+ paramo = SMB_XMALLOC_P(param_opt_struct);
+ paramo->key = SMB_STRDUP(data->key);
+ paramo->value = SMB_STRDUP(data->value);
paramo->list = NULL;
DLIST_ADD(pserviceDest->param_opt, paramo);
}
}
if (!f) {
- f = (struct file_lists *)malloc(sizeof(file_lists[0]));
+ f = SMB_MALLOC_P(struct file_lists);
if (!f)
return;
f->next = file_lists;
- f->name = strdup(fname);
+ f->name = SMB_STRDUP(fname);
if (!f->name) {
SAFE_FREE(f);
return;
}
- f->subfname = strdup(subfname);
+ f->subfname = SMB_STRDUP(subfname);
if (!f->subfname) {
SAFE_FREE(f);
return;
BOOL lp_file_list_changed(void)
{
struct file_lists *f = file_lists;
- char *username;
DEBUG(6, ("lp_file_list_changed()\n"));
- /* get the username for substituion -- preference to the current_user_info */
- if ( strlen( current_user_info.smb_name ) != 0 )
- username = current_user_info.smb_name;
- else
- username = sub_get_smb_name();
-
-
while (f) {
pstring n2;
time_t mod_time;
pstrcpy(n2, f->name);
- standard_sub_basic(current_user_info.smb_name, n2,sizeof(n2));
+ standard_sub_basic( get_current_username(), n2, sizeof(n2) );
DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
f->name, n2, ctime(&f->modtime)));
ctime(&mod_time)));
f->modtime = mod_time;
SAFE_FREE(f->subfname);
- f->subfname = strdup(n2);
+ f->subfname = SMB_STRDUP(n2);
return (True);
}
f = f->next;
pstrcpy(netbios_name, pszParmValue);
- standard_sub_basic(current_user_info.smb_name, netbios_name,sizeof(netbios_name));
+ standard_sub_basic(get_current_username(), netbios_name,sizeof(netbios_name));
ret = set_global_myname(netbios_name);
string_set(&Globals.szNetbiosName,global_myname());
pstring fname;
pstrcpy(fname, pszParmValue);
- standard_sub_basic(current_user_info.smb_name, fname,sizeof(fname));
+ standard_sub_basic(get_current_username(), fname,sizeof(fname));
add_to_file_list(pszParmValue, fname);
{
int i;
SAFE_FREE(pservice->copymap);
- pservice->copymap = (BOOL *)malloc(sizeof(BOOL) * NUMPARAMETERS);
+ pservice->copymap = SMB_MALLOC_ARRAY(BOOL,NUMPARAMETERS);
if (!pservice->copymap)
DEBUG(0,
("Couldn't allocate copymap!! (size %d)\n",
if (strcmp(data->key, param_key) == 0) {
string_free(&data->value);
str_list_free(&data->list);
- data->value = strdup(pszParmValue);
+ data->value = SMB_STRDUP(pszParmValue);
not_added = False;
break;
}
data = data->next;
}
if (not_added) {
- paramo = smb_xmalloc(sizeof(param_opt_struct));
- paramo->key = strdup(param_key);
- paramo->value = strdup(pszParmValue);
+ paramo = SMB_XMALLOC_P(param_opt_struct);
+ paramo->key = SMB_STRDUP(param_key);
+ paramo->value = SMB_STRDUP(pszParmValue);
paramo->list = NULL;
if (snum < 0) {
DLIST_ADD(Globals.param_opt, paramo);
if (!str)
return;
- s = strdup(str);
+ s = SMB_STRDUP(str);
if (!s)
return;
case P_STRING:
case P_USTRING:
if (parm_table[i].ptr) {
- parm_table[i].def.svalue = strdup(*(char **)parm_table[i].ptr);
+ parm_table[i].def.svalue = SMB_STRDUP(*(char **)parm_table[i].ptr);
} else {
parm_table[i].def.svalue = NULL;
}
case P_GSTRING:
case P_UGSTRING:
if (parm_table[i].ptr) {
- parm_table[i].def.svalue = strdup((char *)parm_table[i].ptr);
+ parm_table[i].def.svalue = SMB_STRDUP((char *)parm_table[i].ptr);
} else {
parm_table[i].def.svalue = NULL;
}
pstring n2;
BOOL bRetval;
param_opt_struct *data, *pdata;
- char *username;
pstrcpy(n2, pszFname);
- /* get the username for substituion -- preference to the current_user_info */
-
- if ( strlen( current_user_info.smb_name ) != 0 ) {
- username = current_user_info.smb_name;
- } else {
- username = sub_get_smb_name();
- }
-
- standard_sub_basic( username, n2,sizeof(n2) );
+ standard_sub_basic( get_current_username(), n2,sizeof(n2) );
add_to_file_list(pszFname, n2);
* service names
*/
fstrcpy(serviceName, ServicePtrs[iService]->szService);
- standard_sub_basic(current_user_info.smb_name, serviceName,sizeof(serviceName));
+ standard_sub_basic(get_current_username(), serviceName,sizeof(serviceName));
if (strequal(serviceName, pszServiceName))
break;
}
return maxjobs;
}
+const char *lp_printcapname(void)
+{
+ if ((Globals.szPrintcapname != NULL) &&
+ (Globals.szPrintcapname[0] != '\0'))
+ return Globals.szPrintcapname;
+
+ if (sDefault.iPrinting == PRINT_CUPS) {
+#ifdef HAVE_CUPS
+ return "cups";
+#else
+ return "lpstat";
+#endif
+ }
+
+ if (sDefault.iPrinting == PRINT_BSD)
+ return "/etc/printcap";
+
+ return PRINTCAP_NAME;
+}
+
/*******************************************************************
Ensure we don't use sendfile if server smb signing is active.
********************************************************************/
BOOL lp_use_sendfile(int snum)
{
- extern int Protocol;
+ extern enum protocol_types Protocol;
/* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
if (Protocol < PROTOCOL_NT1) {
return False;
git.samba.org / ira / wip.git / blobdiff