2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
73 #ifdef HAVE_SYS_SYSCTL_H
74 #include <sys/sysctl.h>
77 #ifdef HAVE_HTTPCONNECTENCRYPT
78 #include <cups/http.h>
81 #ifdef CLUSTER_SUPPORT
82 #include "ctdb_private.h"
87 extern userdom_struct current_user_info;
89 /* the special value for the include parameter
90 * to be interpreted not as a file name but to
91 * trigger loading of the global smb.conf options
93 #ifndef INCLUDE_REGISTRY_NAME
94 #define INCLUDE_REGISTRY_NAME "registry"
97 static bool in_client = false; /* Not in the client by default */
98 static struct smbconf_csn conf_last_csn;
100 static int config_backend = CONFIG_BACKEND_FILE;
102 /* some helpful bits */
103 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
104 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
106 #define USERSHARE_VALID 1
107 #define USERSHARE_PENDING_DELETE 2
109 static bool defaults_saved = false;
111 #define LOADPARM_EXTRA_GLOBALS \
112 struct parmlist_entry *param_opt; \
113 char *realm_original; \
114 int iminreceivefile; \
115 char *szPrintcapname; \
117 int iPreferredMaster; \
118 char *szLdapMachineSuffix; \
119 char *szLdapUserSuffix; \
120 char *szLdapIdmapSuffix; \
121 char *szLdapGroupSuffix; \
126 char *szIdmapBackend; \
127 int winbindMaxDomainConnections; \
128 int ismb2_max_credits; \
130 char *tls_certfile; \
135 #include "param/param_global.h"
137 static struct loadparm_global Globals;
139 /* This is a default service used to prime a services structure */
140 static struct loadparm_service sDefault =
145 .usershare_last_mod = {0, 0},
149 .invalid_users = NULL,
156 .root_preexec = NULL,
157 .root_postexec = NULL,
158 .cups_options = NULL,
159 .print_command = NULL,
161 .lprm_command = NULL,
162 .lppause_command = NULL,
163 .lpresume_command = NULL,
164 .queuepause_command = NULL,
165 .queueresume_command = NULL,
166 ._printername = NULL,
167 .printjob_username = NULL,
168 .dont_descend = NULL,
171 .magic_script = NULL,
172 .magic_output = NULL,
175 .veto_oplock_files = NULL,
185 .aio_write_behind = NULL,
186 .dfree_command = NULL,
187 .min_print_space = 0,
188 .iMaxPrintJobs = 1000,
189 .max_reported_print_jobs = 0,
190 .write_cache_size = 0,
192 .force_create_mode = 0,
193 .directory_mask = 0755,
194 .force_directory_mode = 0,
195 .max_connections = 0,
196 .default_case = CASE_LOWER,
197 .printing = DEFAULT_PRINTING,
198 .oplock_contention_limit = 2,
201 .dfree_cache_time = 0,
202 .preexec_close = false,
203 .root_preexec_close = false,
204 .case_sensitive = Auto,
205 .preserve_case = true,
206 .short_preserve_case = true,
207 .hide_dot_files = true,
208 .hide_special_files = false,
209 .hide_unreadable = false,
210 .hide_unwriteable_files = false,
212 .access_based_share_enum = false,
216 .administrative_share = false,
219 .print_notify_backchannel = false,
223 .store_dos_attributes = false,
224 .dmapi_support = false,
226 .strict_locking = Auto,
227 .posix_locking = true,
229 .kernel_oplocks = false,
230 .level2_oplocks = true,
232 .mangled_names = true,
234 .follow_symlinks = true,
235 .sync_always = false,
236 .strict_allocate = false,
237 .strict_sync = false,
238 .mangling_char = '~',
240 .delete_readonly = false,
241 .fake_oplocks = false,
242 .delete_veto_files = false,
243 .dos_filemode = false,
244 .dos_filetimes = true,
245 .dos_filetime_resolution = false,
246 .fake_directory_create_times = false,
247 .blocking_locks = true,
248 .inherit_permissions = false,
249 .inherit_acls = false,
250 .inherit_owner = false,
252 .use_client_driver = false,
253 .default_devmode = true,
254 .force_printername = false,
255 .nt_acl_support = true,
256 .force_unknown_acl_user = false,
257 ._use_sendfile = false,
258 .profile_acls = false,
259 .map_acl_inherit = false,
262 .acl_check_permissions = true,
263 .acl_map_full_control = true,
264 .acl_group_control = false,
265 .acl_allow_execute_always = false,
266 .change_notify = true,
267 .kernel_change_notify = true,
268 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
271 .map_readonly = MAP_READONLY_YES,
272 .directory_name_cache_size = 100,
273 .smb_encrypt = SMB_SIGNING_DEFAULT,
274 .kernel_share_modes = true,
275 .durable_handles = true,
280 /* local variables */
281 static struct loadparm_service **ServicePtrs = NULL;
282 static int iNumServices = 0;
283 static int iServiceIndex = 0;
284 static struct db_context *ServiceHash;
285 static bool bInGlobalSection = true;
286 static bool bGlobalOnly = false;
288 #define NUMPARAMETERS (sizeof(parm_table) / sizeof(struct parm_struct))
290 /* prototypes for the special type handlers */
291 static bool handle_include(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr);
292 static bool handle_copy(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr);
293 static bool handle_idmap_backend(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr);
294 static bool handle_idmap_uid(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr);
295 static bool handle_idmap_gid(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr);
296 static bool handle_debug_list(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr );
297 static bool handle_realm(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr );
298 static bool handle_netbios_aliases(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr );
299 static bool handle_charset(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr );
300 static bool handle_dos_charset(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr );
301 static bool handle_printing(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr);
302 static bool handle_ldap_debug_level(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr);
304 /* these are parameter handlers which are not needed in the
308 #define handle_logfile NULL
310 static void set_allowed_client_auth(void);
312 static void add_to_file_list(const char *fname, const char *subfname);
313 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue, bool store_values);
314 static void free_param_opts(struct parmlist_entry **popts);
316 #include "lib/param/param_table.c"
318 /* this is used to prevent lots of mallocs of size 1 */
319 static const char null_string[] = "";
322 Set a string value, allocing the space for the string
325 static bool string_init(char **dest,const char *src)
335 *dest = discard_const_p(char, null_string);
337 (*dest) = SMB_STRDUP(src);
338 if ((*dest) == NULL) {
339 DEBUG(0,("Out of memory in string_init\n"));
350 static void string_free(char **s)
354 if (*s == null_string)
360 Set a string value, deallocating any existing space, and allocing the space
364 static bool string_set(char **dest,const char *src)
367 return(string_init(dest,src));
370 /***************************************************************************
371 Initialise the sDefault parameter structure for the printer values.
372 ***************************************************************************/
374 static void init_printer_values(struct loadparm_service *pService)
376 /* choose defaults depending on the type of printing */
377 switch (pService->printing) {
382 string_set(&pService->lpq_command, "lpq -P'%p'");
383 string_set(&pService->lprm_command, "lprm -P'%p' %j");
384 string_set(&pService->print_command, "lpr -r -P'%p' %s");
389 string_set(&pService->lpq_command, "lpq -P'%p'");
390 string_set(&pService->lprm_command, "lprm -P'%p' %j");
391 string_set(&pService->print_command, "lpr -r -P'%p' %s");
392 string_set(&pService->queuepause_command, "lpc stop '%p'");
393 string_set(&pService->queueresume_command, "lpc start '%p'");
394 string_set(&pService->lppause_command, "lpc hold '%p' %j");
395 string_set(&pService->lpresume_command, "lpc release '%p' %j");
400 /* set the lpq command to contain the destination printer
401 name only. This is used by cups_queue_get() */
402 string_set(&pService->lpq_command, "%p");
403 string_set(&pService->lprm_command, "");
404 string_set(&pService->print_command, "");
405 string_set(&pService->lppause_command, "");
406 string_set(&pService->lpresume_command, "");
407 string_set(&pService->queuepause_command, "");
408 string_set(&pService->queueresume_command, "");
413 string_set(&pService->lpq_command, "lpstat -o%p");
414 string_set(&pService->lprm_command, "cancel %p-%j");
415 string_set(&pService->print_command, "lp -c -d%p %s; rm %s");
416 string_set(&pService->queuepause_command, "disable %p");
417 string_set(&pService->queueresume_command, "enable %p");
419 string_set(&pService->lppause_command, "lp -i %p-%j -H hold");
420 string_set(&pService->lpresume_command, "lp -i %p-%j -H resume");
425 string_set(&pService->lpq_command, "lpq -P%p");
426 string_set(&pService->lprm_command, "lprm -P%p %j");
427 string_set(&pService->print_command, "lp -r -P%p %s");
430 #if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
435 TALLOC_CTX *tmp_ctx = talloc_stackframe();
438 tdbfile = talloc_asprintf(
439 tmp_ctx, "tdbfile=%s",
440 lp_parm_const_string(-1, "vlp", "tdbfile",
442 if (tdbfile == NULL) {
443 tdbfile="tdbfile=/tmp/vlp.tdb";
446 tmp = talloc_asprintf(tmp_ctx, "vlp %s print %%p %%s",
448 string_set(&pService->print_command,
449 tmp ? tmp : "vlp print %p %s");
451 tmp = talloc_asprintf(tmp_ctx, "vlp %s lpq %%p",
453 string_set(&pService->lpq_command,
454 tmp ? tmp : "vlp lpq %p");
456 tmp = talloc_asprintf(tmp_ctx, "vlp %s lprm %%p %%j",
458 string_set(&pService->lprm_command,
459 tmp ? tmp : "vlp lprm %p %j");
461 tmp = talloc_asprintf(tmp_ctx, "vlp %s lppause %%p %%j",
463 string_set(&pService->lppause_command,
464 tmp ? tmp : "vlp lppause %p %j");
466 tmp = talloc_asprintf(tmp_ctx, "vlp %s lpresume %%p %%j",
468 string_set(&pService->lpresume_command,
469 tmp ? tmp : "vlp lpresume %p %j");
471 tmp = talloc_asprintf(tmp_ctx, "vlp %s queuepause %%p",
473 string_set(&pService->queuepause_command,
474 tmp ? tmp : "vlp queuepause %p");
476 tmp = talloc_asprintf(tmp_ctx, "vlp %s queueresume %%p",
478 string_set(&pService->queueresume_command,
479 tmp ? tmp : "vlp queueresume %p");
480 TALLOC_FREE(tmp_ctx);
484 #endif /* DEVELOPER */
489 * Function to return the default value for the maximum number of open
490 * file descriptors permitted. This function tries to consult the
491 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
492 * the smaller of those.
494 static int max_open_files(void)
496 int sysctl_max = MAX_OPEN_FILES;
497 int rlimit_max = MAX_OPEN_FILES;
499 #ifdef HAVE_SYSCTLBYNAME
501 size_t size = sizeof(sysctl_max);
502 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
507 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
513 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
514 rlimit_max = rl.rlim_cur;
516 #if defined(RLIM_INFINITY)
517 if(rl.rlim_cur == RLIM_INFINITY)
518 rlimit_max = MAX_OPEN_FILES;
523 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
524 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
525 "minimum Windows limit (%d)\n",
527 MIN_OPEN_FILES_WINDOWS));
528 sysctl_max = MIN_OPEN_FILES_WINDOWS;
531 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
532 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
533 "minimum Windows limit (%d)\n",
535 MIN_OPEN_FILES_WINDOWS));
536 rlimit_max = MIN_OPEN_FILES_WINDOWS;
539 return MIN(sysctl_max, rlimit_max);
543 * Common part of freeing allocated data for one parameter.
545 static void free_one_parameter_common(void *parm_ptr,
546 struct parm_struct parm)
548 if ((parm.type == P_STRING) ||
549 (parm.type == P_USTRING))
551 string_free((char**)parm_ptr);
552 } else if (parm.type == P_LIST) {
553 TALLOC_FREE(*((char***)parm_ptr));
558 * Free the allocated data for one parameter for a share
559 * given as a service struct.
561 static void free_one_parameter(struct loadparm_service *service,
562 struct parm_struct parm)
566 if (parm.p_class != P_LOCAL) {
570 parm_ptr = lp_parm_ptr(service, &parm);
572 free_one_parameter_common(parm_ptr, parm);
576 * Free the allocated parameter data of a share given
577 * as a service struct.
579 static void free_parameters(struct loadparm_service *service)
583 for (i=0; parm_table[i].label; i++) {
584 free_one_parameter(service, parm_table[i]);
589 * Free the allocated data for one parameter for a given share
590 * specified by an snum.
592 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
597 parm_ptr = lp_parm_ptr(NULL, &parm);
598 } else if (parm.p_class != P_LOCAL) {
601 parm_ptr = lp_local_ptr_by_snum(snum, &parm);
604 free_one_parameter_common(parm_ptr, parm);
608 * Free the allocated parameter data for a share specified
611 static void free_parameters_by_snum(int snum)
615 for (i=0; parm_table[i].label; i++) {
616 free_one_parameter_by_snum(snum, parm_table[i]);
621 * Free the allocated global parameters.
623 static void free_global_parameters(void)
625 free_param_opts(&Globals.param_opt);
626 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
627 TALLOC_FREE(Globals.ctx);
630 struct lp_stored_option {
631 struct lp_stored_option *prev, *next;
636 static struct lp_stored_option *stored_options;
639 save options set by lp_set_cmdline() into a list. This list is
640 re-applied when we do a globals reset, so that cmdline set options
641 are sticky across reloads of smb.conf
643 static bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
645 struct lp_stored_option *entry, *entry_next;
646 for (entry = stored_options; entry != NULL; entry = entry_next) {
647 entry_next = entry->next;
648 if (strcmp(pszParmName, entry->label) == 0) {
649 DLIST_REMOVE(stored_options, entry);
655 entry = talloc(NULL, struct lp_stored_option);
660 entry->label = talloc_strdup(entry, pszParmName);
666 entry->value = talloc_strdup(entry, pszParmValue);
672 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
677 static bool apply_lp_set_cmdline(void)
679 struct lp_stored_option *entry = NULL;
680 for (entry = stored_options; entry != NULL; entry = entry->next) {
681 if (!lp_set_cmdline_helper(entry->label, entry->value, false)) {
682 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
683 entry->label, entry->value));
690 /***************************************************************************
691 Initialise the global parameter structure.
692 ***************************************************************************/
694 static void init_globals(bool reinit_globals)
696 static bool done_init = false;
700 /* If requested to initialize only once and we've already done it... */
701 if (!reinit_globals && done_init) {
702 /* ... then we have nothing more to do */
707 /* The logfile can be set before this is invoked. Free it if so. */
708 if (Globals.logfile != NULL) {
709 string_free(&Globals.logfile);
710 Globals.logfile = NULL;
714 free_global_parameters();
717 /* This memset and the free_global_parameters() above will
718 * wipe out smb.conf options set with lp_set_cmdline(). The
719 * apply_lp_set_cmdline() call puts these values back in the
720 * table once the defaults are set */
721 ZERO_STRUCT(Globals);
723 Globals.ctx = talloc_new(NULL);
725 for (i = 0; parm_table[i].label; i++) {
726 if ((parm_table[i].type == P_STRING ||
727 parm_table[i].type == P_USTRING))
729 string_set((char **)lp_parm_ptr(NULL, &parm_table[i]), "");
734 string_set(&sDefault.fstype, FSTYPE_STRING);
735 string_set(&sDefault.printjob_username, "%U");
737 init_printer_values(&sDefault);
739 sDefault.ntvfs_handler = (const char **)str_list_make_v3(NULL, "unixuid default", NULL);
741 DEBUG(3, ("Initialising global parameters\n"));
743 /* Must manually force to upper case here, as this does not go via the handler */
744 string_set(&Globals.netbios_name, myhostname_upper());
746 string_set(&Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
747 string_set(&Globals.private_dir, get_dyn_PRIVATE_DIR());
749 /* use the new 'hash2' method by default, with a prefix of 1 */
750 string_set(&Globals.mangling_method, "hash2");
751 Globals.mangle_prefix = 1;
753 string_set(&Globals.guest_account, GUEST_ACCOUNT);
755 /* using UTF8 by default allows us to support all chars */
756 string_set(&Globals.unix_charset, DEFAULT_UNIX_CHARSET);
758 /* Use codepage 850 as a default for the dos character set */
759 string_set(&Globals.dos_charset, DEFAULT_DOS_CHARSET);
762 * Allow the default PASSWD_CHAT to be overridden in local.h.
764 string_set(&Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
766 string_set(&Globals.workgroup, DEFAULT_WORKGROUP);
768 string_set(&Globals.passwd_program, "");
769 string_set(&Globals.lock_directory, get_dyn_LOCKDIR());
770 string_set(&Globals.szStateDir, get_dyn_STATEDIR());
771 string_set(&Globals.szCacheDir, get_dyn_CACHEDIR());
772 string_set(&Globals.pid_directory, get_dyn_PIDDIR());
773 string_set(&Globals.nbt_client_socket_address, "0.0.0.0");
775 * By default support explicit binding to broadcast
778 Globals.nmbd_bind_explicit_broadcast = true;
780 if (asprintf(&s, "Samba %s", samba_version_string()) < 0) {
781 smb_panic("init_globals: ENOMEM");
783 string_set(&Globals.server_string, s);
786 string_set(&Globals.panic_action, "/bin/sleep 999999999");
789 string_set(&Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
791 string_set(&Globals.logon_drive, "");
792 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
793 string_set(&Globals.logon_home, "\\\\%N\\%U");
794 string_set(&Globals.logon_path, "\\\\%N\\%U\\profile");
796 Globals.name_resolve_order = (const char **)str_list_make_v3(NULL, "lmhosts wins host bcast", NULL);
797 string_set(&Globals.password_server, "*");
799 Globals.algorithmic_rid_base = BASE_RID;
801 Globals.load_printers = true;
802 Globals.printcap_cache_time = 750; /* 12.5 minutes */
804 Globals.config_backend = config_backend;
805 Globals._server_role = ROLE_AUTO;
807 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
808 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
809 Globals.max_xmit = 0x4104;
810 Globals.max_mux = 50; /* This is *needed* for profile support. */
811 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
812 Globals._disable_spoolss = false;
813 Globals.max_smbd_processes = 0;/* no limit specified */
814 Globals.username_level = 0;
815 Globals.deadtime = 0;
816 Globals.getwd_cache = true;
817 Globals.large_readwrite = true;
818 Globals.max_log_size = 5000;
819 Globals.max_open_files = max_open_files();
820 Globals.server_max_protocol = PROTOCOL_SMB3_00;
821 Globals.server_min_protocol = PROTOCOL_LANMAN1;
822 Globals.client_max_protocol = PROTOCOL_NT1;
823 Globals.client_min_protocol = PROTOCOL_CORE;
824 Globals._security = SEC_AUTO;
825 Globals.encrypt_passwords = true;
826 Globals.client_schannel = Auto;
827 Globals.winbind_sealed_pipes = true;
828 Globals.require_strong_key = true;
829 Globals.server_schannel = Auto;
830 Globals.read_raw = true;
831 Globals.write_raw = true;
832 Globals.null_passwords = false;
833 Globals.obey_pam_restrictions = false;
835 Globals.syslog_only = false;
836 Globals.timestamp_logs = true;
837 string_set(&Globals.log_level, "0");
838 Globals.debug_prefix_timestamp = false;
839 Globals.debug_hires_timestamp = true;
840 Globals.debug_pid = false;
841 Globals.debug_uid = false;
842 Globals.debug_class = false;
843 Globals.enable_core_files = true;
844 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
845 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
846 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
847 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
848 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
849 Globals.lm_interval = 60;
850 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
851 Globals.nis_homedir = false;
852 #ifdef WITH_NISPLUS_HOME
853 string_set(&Globals.homedir_map, "auto_home.org_dir");
855 string_set(&Globals.homedir_map, "auto.home");
858 Globals.time_server = false;
859 Globals.bind_interfaces_only = false;
860 Globals.unix_password_sync = false;
861 Globals.pam_password_change = false;
862 Globals.passwd_chat_debug = false;
863 Globals.passwd_chat_timeout = 2; /* 2 second default. */
864 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
865 Globals.nt_status_support = true; /* Use NT status by default. */
866 Globals.stat_cache = true; /* use stat cache by default */
867 Globals.max_stat_cache_size = 256; /* 256k by default */
868 Globals.restrict_anonymous = 0;
869 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
870 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
871 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
872 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
873 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
874 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
876 Globals.map_to_guest = 0; /* By Default, "Never" */
877 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
878 Globals.enhanced_browsing = true;
879 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
880 #ifdef MMAP_BLACKLIST
881 Globals.use_mmap = false;
883 Globals.use_mmap = true;
885 Globals.unicode = true;
886 Globals.unix_extensions = true;
887 Globals.reset_on_zero_vc = false;
888 Globals.log_writeable_files_on_exit = false;
889 Globals.create_krb5_conf = true;
890 Globals.winbindMaxDomainConnections = 1;
892 /* hostname lookups can be very expensive and are broken on
893 a large number of sites (tridge) */
894 Globals.hostname_lookups = false;
896 string_set(&Globals.passdb_backend, "tdbsam");
897 string_set(&Globals.ldap_suffix, "");
898 string_set(&Globals.szLdapMachineSuffix, "");
899 string_set(&Globals.szLdapUserSuffix, "");
900 string_set(&Globals.szLdapGroupSuffix, "");
901 string_set(&Globals.szLdapIdmapSuffix, "");
903 string_set(&Globals.ldap_admin_dn, "");
904 Globals.ldap_ssl = LDAP_SSL_START_TLS;
905 Globals.ldap_ssl_ads = false;
906 Globals.ldap_deref = -1;
907 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
908 Globals.ldap_delete_dn = false;
909 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
910 Globals.ldap_follow_referral = Auto;
911 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
912 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
913 Globals.ldap_page_size = LDAP_PAGE_SIZE;
915 Globals.ldap_debug_level = 0;
916 Globals.ldap_debug_threshold = 10;
918 /* This is what we tell the afs client. in reality we set the token
919 * to never expire, though, when this runs out the afs client will
920 * forget the token. Set to 0 to get NEVERDATE.*/
921 Globals.afs_token_lifetime = 604800;
922 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
924 /* these parameters are set to defaults that are more appropriate
925 for the increasing samba install base:
927 as a member of the workgroup, that will possibly become a
928 _local_ master browser (lm = true). this is opposed to a forced
929 local master browser startup (pm = true).
931 doesn't provide WINS server service by default (wsupp = false),
932 and doesn't provide domain master browser services by default, either.
936 Globals.show_add_printer_wizard = true;
937 Globals.os_level = 20;
938 Globals.local_master = true;
939 Globals._domain_master = Auto; /* depending on _domain_logons */
940 Globals._domain_logons = false;
941 Globals.browse_list = true;
942 Globals.we_are_a_wins_server = false;
943 Globals.wins_proxy = false;
945 TALLOC_FREE(Globals.init_logon_delayed_hosts);
946 Globals.init_logon_delay = 100; /* 100 ms default delay */
948 Globals.wins_dns_proxy = true;
950 Globals.allow_trusted_domains = true;
951 string_set(&Globals.szIdmapBackend, "tdb");
953 string_set(&Globals.template_shell, "/bin/false");
954 string_set(&Globals.template_homedir, "/home/%D/%U");
955 string_set(&Globals.winbind_separator, "\\");
956 string_set(&Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
958 string_set(&Globals.cups_server, "");
959 string_set(&Globals.iprint_server, "");
961 #ifdef CLUSTER_SUPPORT
962 string_set(&Globals.ctdbd_socket, CTDB_PATH);
964 string_set(&Globals.ctdbd_socket, "");
967 Globals.cluster_addresses = NULL;
968 Globals.clustering = false;
969 Globals.ctdb_timeout = 0;
970 Globals.ctdb_locktime_warn_threshold = 0;
972 Globals.winbind_cache_time = 300; /* 5 minutes */
973 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
974 Globals.winbind_max_clients = 200;
975 Globals.winbind_enum_users = false;
976 Globals.winbind_enum_groups = false;
977 Globals.winbind_use_default_domain = false;
978 Globals.winbind_trusted_domains_only = false;
979 Globals.winbind_nested_groups = true;
980 Globals.winbind_expand_groups = 1;
981 Globals.winbind_nss_info = (const char **)str_list_make_v3(NULL, "template", NULL);
982 Globals.winbind_refresh_tickets = false;
983 Globals.winbind_offline_logon = false;
985 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
986 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
988 Globals.passdb_expand_explicit = false;
990 Globals.name_cache_timeout = 660; /* In seconds */
992 Globals.use_spnego = true;
993 Globals.client_use_spnego = true;
995 Globals.client_signing = SMB_SIGNING_DEFAULT;
996 Globals.server_signing = SMB_SIGNING_DEFAULT;
998 Globals.defer_sharing_violations = true;
999 Globals.smb_ports = (const char **)str_list_make_v3(NULL, SMB_PORTS, NULL);
1001 Globals.enable_privileges = true;
1002 Globals.host_msdfs = true;
1003 Globals.enable_asu_support = false;
1005 /* User defined shares. */
1006 if (asprintf(&s, "%s/usershares", get_dyn_STATEDIR()) < 0) {
1007 smb_panic("init_globals: ENOMEM");
1009 string_set(&Globals.usershare_path, s);
1011 string_set(&Globals.usershare_template_share, "");
1012 Globals.usershare_max_shares = 0;
1013 /* By default disallow sharing of directories not owned by the sharer. */
1014 Globals.usershare_owner_only = true;
1015 /* By default disallow guest access to usershares. */
1016 Globals.usershare_allow_guests = false;
1018 Globals.keepalive = DEFAULT_KEEPALIVE;
1020 /* By default no shares out of the registry */
1021 Globals.registry_shares = false;
1023 Globals.iminreceivefile = 0;
1025 Globals.map_untrusted_to_domain = false;
1026 Globals.multicast_dns_register = true;
1028 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
1029 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
1030 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
1031 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1033 string_set(&Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
1035 Globals.server_services = (const char **)str_list_make_v3(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbind ntp_signd kcc dnsupdate dns", NULL);
1037 Globals.dcerpc_endpoint_servers = (const char **)str_list_make_v3(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
1039 Globals.tls_enabled = true;
1041 string_set(&Globals.tls_keyfile, "tls/key.pem");
1042 string_set(&Globals.tls_certfile, "tls/cert.pem");
1043 string_set(&Globals.tls_cafile, "tls/ca.pem");
1045 string_set(&Globals.share_backend, "classic");
1047 Globals.iPreferredMaster = Auto;
1049 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
1051 string_set(&Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
1053 string_set(&Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
1055 if (asprintf(&s, "%s/samba_kcc", get_dyn_SCRIPTSBINDIR()) < 0) {
1056 smb_panic("init_globals: ENOMEM");
1058 Globals.samba_kcc_command = (const char **)str_list_make_v3(NULL, s, NULL);
1061 if (asprintf(&s, "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR()) < 0) {
1062 smb_panic("init_globals: ENOMEM");
1064 Globals.dns_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
1067 if (asprintf(&s, "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR()) < 0) {
1068 smb_panic("init_globals: ENOMEM");
1070 Globals.spn_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
1073 Globals.nsupdate_command = (const char **)str_list_make_v3(NULL, "/usr/bin/nsupdate -g", NULL);
1075 Globals.rndc_command = (const char **)str_list_make_v3(NULL, "/usr/sbin/rndc", NULL);
1077 Globals.cldap_port = 389;
1079 Globals.dgram_port = 138;
1081 Globals.nbt_port = 137;
1083 Globals.krb5_port = 88;
1085 Globals.kpasswd_port = 464;
1087 Globals.web_port = 901;
1089 /* Now put back the settings that were set with lp_set_cmdline() */
1090 apply_lp_set_cmdline();
1093 /*******************************************************************
1094 Convenience routine to grab string parameters into talloced memory
1095 and run standard_sub_basic on them. The buffers can be written to by
1096 callers without affecting the source string.
1097 ********************************************************************/
1099 static char *lp_string(TALLOC_CTX *ctx, const char *s)
1103 /* The follow debug is useful for tracking down memory problems
1104 especially if you have an inner loop that is calling a lp_*()
1105 function that returns a string. Perhaps this debug should be
1106 present all the time? */
1109 DEBUG(10, ("lp_string(%s)\n", s));
1115 ret = talloc_sub_basic(ctx,
1116 get_current_username(),
1117 current_user_info.domain,
1119 if (trim_char(ret, '\"', '\"')) {
1120 if (strchr(ret,'\"') != NULL) {
1122 ret = talloc_sub_basic(ctx,
1123 get_current_username(),
1124 current_user_info.domain,
1132 In this section all the functions that are used to access the
1133 parameters from the rest of the program are defined
1136 #define FN_GLOBAL_STRING(fn_name,ptr) \
1137 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1138 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1139 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1140 #define FN_GLOBAL_LIST(fn_name,ptr) \
1141 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1142 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1143 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1144 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1145 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1146 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1147 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1149 #define FN_LOCAL_STRING(fn_name,val) \
1150 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1151 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1152 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1153 #define FN_LOCAL_LIST(fn_name,val) \
1154 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1155 #define FN_LOCAL_BOOL(fn_name,val) \
1156 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1157 #define FN_LOCAL_INTEGER(fn_name,val) \
1158 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1160 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1161 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1162 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1163 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1164 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1165 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1168 /* If lp_statedir() and lp_cachedir() are explicitely set during the
1169 * build process or in smb.conf, we use that value. Otherwise they
1170 * default to the value of lp_lock_directory(). */
1171 const char *lp_statedir(void) {
1172 if ((strcmp(get_dyn_STATEDIR(), get_dyn_LOCKDIR()) != 0) ||
1173 (strcmp(get_dyn_STATEDIR(), Globals.szStateDir) != 0))
1174 return(*(char **)(&Globals.szStateDir) ?
1175 *(char **)(&Globals.szStateDir) : "");
1177 return(*(char **)(&Globals.lock_directory) ?
1178 *(char **)(&Globals.lock_directory) : "");
1180 const char *lp_cachedir(void) {
1181 if ((strcmp(get_dyn_CACHEDIR(), get_dyn_LOCKDIR()) != 0) ||
1182 (strcmp(get_dyn_CACHEDIR(), Globals.szCacheDir) != 0))
1183 return(*(char **)(&Globals.szCacheDir) ?
1184 *(char **)(&Globals.szCacheDir) : "");
1186 return(*(char **)(&Globals.lock_directory) ?
1187 *(char **)(&Globals.lock_directory) : "");
1189 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1190 winbindMaxDomainConnections)
1192 int lp_winbind_max_domain_connections(void)
1194 if (lp_winbind_offline_logon() &&
1195 lp_winbind_max_domain_connections_int() > 1) {
1196 DEBUG(1, ("offline logons active, restricting max domain "
1197 "connections to 1\n"));
1200 return MAX(1, lp_winbind_max_domain_connections_int());
1203 int lp_smb2_max_credits(void)
1205 if (Globals.ismb2_max_credits == 0) {
1206 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1208 return Globals.ismb2_max_credits;
1210 int lp_cups_encrypt(void)
1213 #ifdef HAVE_HTTPCONNECTENCRYPT
1214 switch (Globals.CupsEncrypt) {
1216 result = HTTP_ENCRYPT_REQUIRED;
1219 result = HTTP_ENCRYPT_ALWAYS;
1222 result = HTTP_ENCRYPT_NEVER;
1229 /* These functions remain in source3/param for now */
1231 FN_GLOBAL_STRING(configfile, szConfigFile)
1233 #include "lib/param/param_functions.c"
1235 FN_LOCAL_STRING(servicename, szService)
1236 FN_LOCAL_CONST_STRING(const_servicename, szService)
1238 /* These functions cannot be auto-generated */
1239 FN_LOCAL_BOOL(autoloaded, autoloaded)
1240 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1242 /* local prototypes */
1244 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1245 static const char *get_boolean(bool bool_value);
1246 static int getservicebyname(const char *pszServiceName,
1247 struct loadparm_service *pserviceDest);
1248 static void copy_service(struct loadparm_service *pserviceDest,
1249 struct loadparm_service *pserviceSource,
1250 struct bitmap *pcopymapDest);
1251 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1253 static bool do_section(const char *pszSectionName, void *userdata);
1254 static void init_copymap(struct loadparm_service *pservice);
1255 static bool hash_a_service(const char *name, int number);
1256 static void free_service_byindex(int iService);
1257 static void show_parameter(int parmIndex);
1258 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1261 * This is a helper function for parametrical options support. It returns a
1262 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1263 * parametrical functions are quite simple
1265 static struct parmlist_entry *get_parametrics_by_service(struct loadparm_service *service, const char *type,
1268 bool global_section = false;
1270 struct parmlist_entry *data;
1272 if (service == NULL) {
1273 data = Globals.param_opt;
1274 global_section = true;
1276 data = service->param_opt;
1279 if (asprintf(¶m_key, "%s:%s", type, option) == -1) {
1280 DEBUG(0,("asprintf failed!\n"));
1285 if (strwicmp(data->key, param_key) == 0) {
1286 string_free(¶m_key);
1292 if (!global_section) {
1293 /* Try to fetch the same option but from globals */
1294 /* but only if we are not already working with Globals */
1295 data = Globals.param_opt;
1297 if (strwicmp(data->key, param_key) == 0) {
1298 string_free(¶m_key);
1305 string_free(¶m_key);
1311 * This is a helper function for parametrical options support. It returns a
1312 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1313 * parametrical functions are quite simple
1315 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1318 if (snum >= iNumServices) return NULL;
1321 return get_parametrics_by_service(NULL, type, option);
1323 return get_parametrics_by_service(ServicePtrs[snum], type, option);
1328 #define MISSING_PARAMETER(name) \
1329 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1331 /*******************************************************************
1332 convenience routine to return int parameters.
1333 ********************************************************************/
1334 static int lp_int(const char *s)
1338 MISSING_PARAMETER(lp_int);
1342 return (int)strtol(s, NULL, 0);
1345 /*******************************************************************
1346 convenience routine to return unsigned long parameters.
1347 ********************************************************************/
1348 static unsigned long lp_ulong(const char *s)
1352 MISSING_PARAMETER(lp_ulong);
1356 return strtoul(s, NULL, 0);
1359 /*******************************************************************
1360 convenience routine to return boolean parameters.
1361 ********************************************************************/
1362 static bool lp_bool(const char *s)
1367 MISSING_PARAMETER(lp_bool);
1371 if (!set_boolean(s, &ret)) {
1372 DEBUG(0,("lp_bool(%s): value is not boolean!\n",s));
1379 /*******************************************************************
1380 convenience routine to return enum parameters.
1381 ********************************************************************/
1382 static int lp_enum(const char *s,const struct enum_list *_enum)
1386 if (!s || !*s || !_enum) {
1387 MISSING_PARAMETER(lp_enum);
1391 for (i=0; _enum[i].name; i++) {
1392 if (strequal(_enum[i].name,s))
1393 return _enum[i].value;
1396 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1400 #undef MISSING_PARAMETER
1402 /* Return parametric option from a given service. Type is a part of option before ':' */
1403 /* Parametric option has following syntax: 'Type: option = value' */
1404 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1406 struct parmlist_entry *data = get_parametrics(snum, type, option);
1408 if (data == NULL||data->value==NULL) {
1410 return lp_string(ctx, def);
1416 return lp_string(ctx, data->value);
1419 /* Return parametric option from a given service. Type is a part of option before ':' */
1420 /* Parametric option has following syntax: 'Type: option = value' */
1421 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1423 struct parmlist_entry *data = get_parametrics(snum, type, option);
1425 if (data == NULL||data->value==NULL)
1431 const char *lp_parm_const_string_service(struct loadparm_service *service, const char *type, const char *option)
1433 struct parmlist_entry *data = get_parametrics_by_service(service, type, option);
1435 if (data == NULL||data->value==NULL)
1442 /* Return parametric option from a given service. Type is a part of option before ':' */
1443 /* Parametric option has following syntax: 'Type: option = value' */
1445 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1447 struct parmlist_entry *data = get_parametrics(snum, type, option);
1449 if (data == NULL||data->value==NULL)
1450 return (const char **)def;
1452 if (data->list==NULL) {
1453 data->list = str_list_make_v3(NULL, data->value, NULL);
1456 return (const char **)data->list;
1459 /* Return parametric option from a given service. Type is a part of option before ':' */
1460 /* Parametric option has following syntax: 'Type: option = value' */
1462 int lp_parm_int(int snum, const char *type, const char *option, int def)
1464 struct parmlist_entry *data = get_parametrics(snum, type, option);
1466 if (data && data->value && *data->value)
1467 return lp_int(data->value);
1472 /* Return parametric option from a given service. Type is a part of option before ':' */
1473 /* Parametric option has following syntax: 'Type: option = value' */
1475 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1477 struct parmlist_entry *data = get_parametrics(snum, type, option);
1479 if (data && data->value && *data->value)
1480 return lp_ulong(data->value);
1485 /* Return parametric option from a given service. Type is a part of option before ':' */
1486 /* Parametric option has following syntax: 'Type: option = value' */
1488 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1490 struct parmlist_entry *data = get_parametrics(snum, type, option);
1492 if (data && data->value && *data->value)
1493 return lp_bool(data->value);
1498 /* Return parametric option from a given service. Type is a part of option before ':' */
1499 /* Parametric option has following syntax: 'Type: option = value' */
1501 int lp_parm_enum(int snum, const char *type, const char *option,
1502 const struct enum_list *_enum, int def)
1504 struct parmlist_entry *data = get_parametrics(snum, type, option);
1506 if (data && data->value && *data->value && _enum)
1507 return lp_enum(data->value, _enum);
1513 /***************************************************************************
1514 Initialise a service to the defaults.
1515 ***************************************************************************/
1517 static void init_service(struct loadparm_service *pservice)
1519 memset((char *)pservice, '\0', sizeof(struct loadparm_service));
1520 copy_service(pservice, &sDefault, NULL);
1525 * free a param_opts structure.
1526 * param_opts handling should be moved to talloc;
1527 * then this whole functions reduces to a TALLOC_FREE().
1530 static void free_param_opts(struct parmlist_entry **popts)
1532 struct parmlist_entry *opt, *next_opt;
1534 if (*popts != NULL) {
1535 DEBUG(5, ("Freeing parametrics:\n"));
1538 while (opt != NULL) {
1539 string_free(&opt->key);
1540 string_free(&opt->value);
1541 TALLOC_FREE(opt->list);
1542 next_opt = opt->next;
1549 /***************************************************************************
1550 Free the dynamically allocated parts of a service struct.
1551 ***************************************************************************/
1553 static void free_service(struct loadparm_service *pservice)
1558 if (pservice->szService)
1559 DEBUG(5, ("free_service: Freeing service %s\n",
1560 pservice->szService));
1562 free_parameters(pservice);
1564 string_free(&pservice->szService);
1565 TALLOC_FREE(pservice->copymap);
1567 free_param_opts(&pservice->param_opt);
1569 ZERO_STRUCTP(pservice);
1573 /***************************************************************************
1574 remove a service indexed in the ServicePtrs array from the ServiceHash
1575 and free the dynamically allocated parts
1576 ***************************************************************************/
1578 static void free_service_byindex(int idx)
1580 if ( !LP_SNUM_OK(idx) )
1583 ServicePtrs[idx]->valid = false;
1585 /* we have to cleanup the hash record */
1587 if (ServicePtrs[idx]->szService) {
1588 char *canon_name = canonicalize_servicename(
1590 ServicePtrs[idx]->szService );
1592 dbwrap_delete_bystring(ServiceHash, canon_name );
1593 TALLOC_FREE(canon_name);
1596 free_service(ServicePtrs[idx]);
1597 talloc_free_children(ServicePtrs[idx]);
1600 /***************************************************************************
1601 Add a new service to the services array initialising it with the given
1603 ***************************************************************************/
1605 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1608 struct loadparm_service tservice;
1609 int num_to_alloc = iNumServices + 1;
1610 struct loadparm_service **tsp = NULL;
1612 tservice = *pservice;
1614 /* it might already exist */
1616 i = getservicebyname(name, NULL);
1622 /* if not, then create one */
1624 tsp = SMB_REALLOC_ARRAY_KEEP_OLD_ON_ERROR(ServicePtrs, struct loadparm_service *, num_to_alloc);
1626 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1630 ServicePtrs[iNumServices] = talloc(NULL, struct loadparm_service);
1631 if (!ServicePtrs[iNumServices]) {
1632 DEBUG(0,("add_a_service: out of memory!\n"));
1637 ServicePtrs[i]->valid = true;
1639 init_service(ServicePtrs[i]);
1640 copy_service(ServicePtrs[i], &tservice, NULL);
1642 string_set(&ServicePtrs[i]->szService, name);
1644 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1645 i, ServicePtrs[i]->szService));
1647 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1654 /***************************************************************************
1655 Convert a string to uppercase and remove whitespaces.
1656 ***************************************************************************/
1658 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1663 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1667 result = talloc_strdup(ctx, src);
1668 SMB_ASSERT(result != NULL);
1670 if (!strlower_m(result)) {
1671 TALLOC_FREE(result);
1677 /***************************************************************************
1678 Add a name/index pair for the services array to the hash table.
1679 ***************************************************************************/
1681 static bool hash_a_service(const char *name, int idx)
1685 if ( !ServiceHash ) {
1686 DEBUG(10,("hash_a_service: creating servicehash\n"));
1687 ServiceHash = db_open_rbt(NULL);
1688 if ( !ServiceHash ) {
1689 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1694 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1697 canon_name = canonicalize_servicename(talloc_tos(), name );
1699 dbwrap_store_bystring(ServiceHash, canon_name,
1700 make_tdb_data((uint8 *)&idx, sizeof(idx)),
1703 TALLOC_FREE(canon_name);
1708 /***************************************************************************
1709 Add a new home service, with the specified home directory, defaults coming
1711 ***************************************************************************/
1713 bool lp_add_home(const char *pszHomename, int iDefaultService,
1714 const char *user, const char *pszHomedir)
1718 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1719 pszHomedir[0] == '\0') {
1723 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1728 if (!(*(ServicePtrs[iDefaultService]->path))
1729 || strequal(ServicePtrs[iDefaultService]->path,
1730 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1731 string_set(&ServicePtrs[i]->path, pszHomedir);
1734 if (!(*(ServicePtrs[i]->comment))) {
1735 char *comment = NULL;
1736 if (asprintf(&comment, "Home directory of %s", user) < 0) {
1739 string_set(&ServicePtrs[i]->comment, comment);
1743 /* set the browseable flag from the global default */
1745 ServicePtrs[i]->browseable = sDefault.browseable;
1746 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1748 ServicePtrs[i]->autoloaded = true;
1750 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1751 user, ServicePtrs[i]->path ));
1756 /***************************************************************************
1757 Add a new service, based on an old one.
1758 ***************************************************************************/
1760 int lp_add_service(const char *pszService, int iDefaultService)
1762 if (iDefaultService < 0) {
1763 return add_a_service(&sDefault, pszService);
1766 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1769 /***************************************************************************
1770 Add the IPC service.
1771 ***************************************************************************/
1773 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1775 char *comment = NULL;
1776 int i = add_a_service(&sDefault, ipc_name);
1781 if (asprintf(&comment, "IPC Service (%s)",
1782 Globals.server_string) < 0) {
1786 string_set(&ServicePtrs[i]->path, tmpdir());
1787 string_set(&ServicePtrs[i]->username, "");
1788 string_set(&ServicePtrs[i]->comment, comment);
1789 string_set(&ServicePtrs[i]->fstype, "IPC");
1790 ServicePtrs[i]->max_connections = 0;
1791 ServicePtrs[i]->bAvailable = true;
1792 ServicePtrs[i]->read_only = true;
1793 ServicePtrs[i]->guest_only = false;
1794 ServicePtrs[i]->administrative_share = true;
1795 ServicePtrs[i]->guest_ok = guest_ok;
1796 ServicePtrs[i]->printable = false;
1797 ServicePtrs[i]->browseable = sDefault.browseable;
1799 DEBUG(3, ("adding IPC service\n"));
1805 /***************************************************************************
1806 Add a new printer service, with defaults coming from service iFrom.
1807 ***************************************************************************/
1809 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1811 const char *comment = "From Printcap";
1812 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1817 /* note that we do NOT default the availability flag to true - */
1818 /* we take it from the default service passed. This allows all */
1819 /* dynamic printers to be disabled by disabling the [printers] */
1820 /* entry (if/when the 'available' keyword is implemented!). */
1822 /* the printer name is set to the service name. */
1823 string_set(&ServicePtrs[i]->_printername, pszPrintername);
1824 string_set(&ServicePtrs[i]->comment, comment);
1826 /* set the browseable flag from the gloabl default */
1827 ServicePtrs[i]->browseable = sDefault.browseable;
1829 /* Printers cannot be read_only. */
1830 ServicePtrs[i]->read_only = false;
1831 /* No oplocks on printer services. */
1832 ServicePtrs[i]->oplocks = false;
1833 /* Printer services must be printable. */
1834 ServicePtrs[i]->printable = true;
1836 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1842 /***************************************************************************
1843 Check whether the given parameter name is valid.
1844 Parametric options (names containing a colon) are considered valid.
1845 ***************************************************************************/
1847 bool lp_parameter_is_valid(const char *pszParmName)
1849 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1850 (strchr(pszParmName, ':') != NULL));
1853 /***************************************************************************
1854 Check whether the given name is the name of a global parameter.
1855 Returns true for strings belonging to parameters of class
1856 P_GLOBAL, false for all other strings, also for parametric options
1857 and strings not belonging to any option.
1858 ***************************************************************************/
1860 bool lp_parameter_is_global(const char *pszParmName)
1862 int num = lpcfg_map_parameter(pszParmName);
1865 return (parm_table[num].p_class == P_GLOBAL);
1871 /**************************************************************************
1872 Check whether the given name is the canonical name of a parameter.
1873 Returns false if it is not a valid parameter Name.
1874 For parametric options, true is returned.
1875 **************************************************************************/
1877 bool lp_parameter_is_canonical(const char *parm_name)
1879 if (!lp_parameter_is_valid(parm_name)) {
1883 return (lpcfg_map_parameter(parm_name) ==
1884 map_parameter_canonical(parm_name, NULL));
1887 /**************************************************************************
1888 Determine the canonical name for a parameter.
1889 Indicate when it is an inverse (boolean) synonym instead of a
1891 **************************************************************************/
1893 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1898 if (!lp_parameter_is_valid(parm_name)) {
1903 num = map_parameter_canonical(parm_name, inverse);
1905 /* parametric option */
1906 *canon_parm = parm_name;
1908 *canon_parm = parm_table[num].label;
1915 /**************************************************************************
1916 Determine the canonical name for a parameter.
1917 Turn the value given into the inverse boolean expression when
1918 the synonym is an invers boolean synonym.
1920 Return true if parm_name is a valid parameter name and
1921 in case it is an invers boolean synonym, if the val string could
1922 successfully be converted to the reverse bool.
1923 Return false in all other cases.
1924 **************************************************************************/
1926 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1928 const char **canon_parm,
1929 const char **canon_val)
1934 if (!lp_parameter_is_valid(parm_name)) {
1940 num = map_parameter_canonical(parm_name, &inverse);
1942 /* parametric option */
1943 *canon_parm = parm_name;
1946 *canon_parm = parm_table[num].label;
1948 if (!lp_invert_boolean(val, canon_val)) {
1960 /***************************************************************************
1961 Map a parameter's string representation to the index of the canonical
1962 form of the parameter (it might be a synonym).
1963 Returns -1 if the parameter string is not recognised.
1964 ***************************************************************************/
1966 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1968 int parm_num, canon_num;
1969 bool loc_inverse = false;
1971 parm_num = lpcfg_map_parameter(pszParmName);
1972 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
1973 /* invalid, parametric or no canidate for synonyms ... */
1977 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1978 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1979 parm_num = canon_num;
1985 if (inverse != NULL) {
1986 *inverse = loc_inverse;
1991 /***************************************************************************
1992 return true if parameter number parm1 is a synonym of parameter
1993 number parm2 (parm2 being the principal name).
1994 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1996 ***************************************************************************/
1998 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
2000 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
2001 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
2002 (parm_table[parm1].flags & FLAG_HIDE) &&
2003 !(parm_table[parm2].flags & FLAG_HIDE))
2005 if (inverse != NULL) {
2006 if ((parm_table[parm1].type == P_BOOLREV) &&
2007 (parm_table[parm2].type == P_BOOL))
2019 /***************************************************************************
2020 Show one parameter's name, type, [values,] and flags.
2021 (helper functions for show_parameter_list)
2022 ***************************************************************************/
2024 static void show_parameter(int parmIndex)
2026 int enumIndex, flagIndex;
2031 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
2032 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
2034 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
2035 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
2037 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
2038 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
2039 "FLAG_DEPRECATED", "FLAG_HIDE", NULL};
2041 printf("%s=%s", parm_table[parmIndex].label,
2042 type[parm_table[parmIndex].type]);
2043 if (parm_table[parmIndex].type == P_ENUM) {
2046 parm_table[parmIndex].enum_list[enumIndex].name;
2050 enumIndex ? "|" : "",
2051 parm_table[parmIndex].enum_list[enumIndex].name);
2056 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
2057 if (parm_table[parmIndex].flags & flags[flagIndex]) {
2060 flag_names[flagIndex]);
2065 /* output synonyms */
2067 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
2068 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
2069 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
2070 parm_table[parmIndex2].label);
2071 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
2073 printf(" (synonyms: ");
2078 printf("%s%s", parm_table[parmIndex2].label,
2079 inverse ? "[i]" : "");
2089 /***************************************************************************
2090 Show all parameter's name, type, [values,] and flags.
2091 ***************************************************************************/
2093 void show_parameter_list(void)
2095 int classIndex, parmIndex;
2096 const char *section_names[] = { "local", "global", NULL};
2098 for (classIndex=0; section_names[classIndex]; classIndex++) {
2099 printf("[%s]\n", section_names[classIndex]);
2100 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
2101 if (parm_table[parmIndex].p_class == classIndex) {
2102 show_parameter(parmIndex);
2108 /***************************************************************************
2109 Check if a given string correctly represents a boolean value.
2110 ***************************************************************************/
2112 bool lp_string_is_valid_boolean(const char *parm_value)
2114 return set_boolean(parm_value, NULL);
2117 /***************************************************************************
2118 Get the standard string representation of a boolean value ("yes" or "no")
2119 ***************************************************************************/
2121 static const char *get_boolean(bool bool_value)
2123 static const char *yes_str = "yes";
2124 static const char *no_str = "no";
2126 return (bool_value ? yes_str : no_str);
2129 /***************************************************************************
2130 Provide the string of the negated boolean value associated to the boolean
2131 given as a string. Returns false if the passed string does not correctly
2132 represent a boolean.
2133 ***************************************************************************/
2135 bool lp_invert_boolean(const char *str, const char **inverse_str)
2139 if (!set_boolean(str, &val)) {
2143 *inverse_str = get_boolean(!val);
2147 /***************************************************************************
2148 Provide the canonical string representation of a boolean value given
2149 as a string. Return true on success, false if the string given does
2150 not correctly represent a boolean.
2151 ***************************************************************************/
2153 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
2157 if (!set_boolean(str, &val)) {
2161 *canon_str = get_boolean(val);
2165 /***************************************************************************
2166 Find a service by name. Otherwise works like get_service.
2167 ***************************************************************************/
2169 static int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
2176 if (ServiceHash == NULL) {
2180 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
2182 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
2185 if (NT_STATUS_IS_OK(status) &&
2186 (data.dptr != NULL) &&
2187 (data.dsize == sizeof(iService)))
2189 iService = *(int *)data.dptr;
2192 TALLOC_FREE(canon_name);
2194 if ((iService != -1) && (LP_SNUM_OK(iService))
2195 && (pserviceDest != NULL)) {
2196 copy_service(pserviceDest, ServicePtrs[iService], NULL);
2202 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
2203 struct loadparm_service *lp_service(const char *pszServiceName)
2205 int iService = getservicebyname(pszServiceName, NULL);
2206 if (iService == -1 || !LP_SNUM_OK(iService)) {
2209 return ServicePtrs[iService];
2212 struct loadparm_service *lp_servicebynum(int snum)
2214 if ((snum == -1) || !LP_SNUM_OK(snum)) {
2217 return ServicePtrs[snum];
2220 struct loadparm_service *lp_default_loadparm_service()
2226 /***************************************************************************
2227 Copy a service structure to another.
2228 If pcopymapDest is NULL then copy all fields
2229 ***************************************************************************/
2232 * Add a parametric option to a parmlist_entry,
2233 * replacing old value, if already present.
2235 static void set_param_opt(struct parmlist_entry **opt_list,
2236 const char *opt_name,
2237 const char *opt_value,
2240 struct parmlist_entry *new_opt, *opt;
2246 /* Traverse destination */
2248 /* If we already have same option, override it */
2249 if (strwicmp(opt->key, opt_name) == 0) {
2250 if ((opt->priority & FLAG_CMDLINE) &&
2251 !(priority & FLAG_CMDLINE)) {
2252 /* it's been marked as not to be
2256 string_free(&opt->value);
2257 TALLOC_FREE(opt->list);
2258 opt->value = SMB_STRDUP(opt_value);
2259 opt->priority = priority;
2266 new_opt = SMB_XMALLOC_P(struct parmlist_entry);
2267 new_opt->key = SMB_STRDUP(opt_name);
2268 new_opt->value = SMB_STRDUP(opt_value);
2269 new_opt->list = NULL;
2270 new_opt->priority = priority;
2271 DLIST_ADD(*opt_list, new_opt);
2275 static void copy_service(struct loadparm_service *pserviceDest, struct loadparm_service *pserviceSource,
2276 struct bitmap *pcopymapDest)
2279 bool bcopyall = (pcopymapDest == NULL);
2280 struct parmlist_entry *data;
2282 for (i = 0; parm_table[i].label; i++)
2283 if (parm_table[i].p_class == P_LOCAL &&
2284 (bcopyall || bitmap_query(pcopymapDest,i))) {
2285 void *src_ptr = lp_parm_ptr(pserviceSource, &parm_table[i]);
2286 void *dest_ptr = lp_parm_ptr(pserviceDest, &parm_table[i]);
2288 switch (parm_table[i].type) {
2291 *(bool *)dest_ptr = *(bool *)src_ptr;
2298 *(int *)dest_ptr = *(int *)src_ptr;
2302 *(char *)dest_ptr = *(char *)src_ptr;
2306 string_set((char **)dest_ptr,
2312 char *upper_string = strupper_talloc(talloc_tos(),
2314 string_set((char **)dest_ptr,
2316 TALLOC_FREE(upper_string);
2320 TALLOC_FREE(*((char ***)dest_ptr));
2321 *((char ***)dest_ptr) = str_list_copy(NULL,
2322 *(const char ***)src_ptr);
2330 init_copymap(pserviceDest);
2331 if (pserviceSource->copymap)
2332 bitmap_copy(pserviceDest->copymap,
2333 pserviceSource->copymap);
2336 data = pserviceSource->param_opt;
2338 set_param_opt(&pserviceDest->param_opt, data->key, data->value, data->priority);
2343 /***************************************************************************
2344 Check a service for consistency. Return false if the service is in any way
2345 incomplete or faulty, else true.
2346 ***************************************************************************/
2348 bool service_ok(int iService)
2353 if (ServicePtrs[iService]->szService[0] == '\0') {
2354 DEBUG(0, ("The following message indicates an internal error:\n"));
2355 DEBUG(0, ("No service name in service entry.\n"));
2359 /* The [printers] entry MUST be printable. I'm all for flexibility, but */
2360 /* I can't see why you'd want a non-printable printer service... */
2361 if (strwicmp(ServicePtrs[iService]->szService, PRINTERS_NAME) == 0) {
2362 if (!ServicePtrs[iService]->printable) {
2363 DEBUG(0, ("WARNING: [%s] service MUST be printable!\n",
2364 ServicePtrs[iService]->szService));
2365 ServicePtrs[iService]->printable = true;
2367 /* [printers] service must also be non-browsable. */
2368 if (ServicePtrs[iService]->browseable)
2369 ServicePtrs[iService]->browseable = false;
2372 if (ServicePtrs[iService]->path[0] == '\0' &&
2373 strwicmp(ServicePtrs[iService]->szService, HOMES_NAME) != 0 &&
2374 ServicePtrs[iService]->msdfs_proxy[0] == '\0'
2376 DEBUG(0, ("WARNING: No path in service %s - making it unavailable!\n",
2377 ServicePtrs[iService]->szService));
2378 ServicePtrs[iService]->bAvailable = false;
2381 /* If a service is flagged unavailable, log the fact at level 1. */
2382 if (!ServicePtrs[iService]->bAvailable)
2383 DEBUG(1, ("NOTE: Service %s is flagged unavailable.\n",
2384 ServicePtrs[iService]->szService));
2389 static struct smbconf_ctx *lp_smbconf_ctx(void)
2392 static struct smbconf_ctx *conf_ctx = NULL;
2394 if (conf_ctx == NULL) {
2395 err = smbconf_init(NULL, &conf_ctx, "registry:");
2396 if (!SBC_ERROR_IS_OK(err)) {
2397 DEBUG(1, ("error initializing registry configuration: "
2398 "%s\n", sbcErrorString(err)));
2406 static bool process_smbconf_service(struct smbconf_service *service)
2411 if (service == NULL) {
2415 ret = do_section(service->name, NULL);
2419 for (count = 0; count < service->num_params; count++) {
2420 ret = do_parameter(service->param_names[count],
2421 service->param_values[count],
2427 if (iServiceIndex >= 0) {
2428 return service_ok(iServiceIndex);
2434 * load a service from registry and activate it
2436 bool process_registry_service(const char *service_name)
2439 struct smbconf_service *service = NULL;
2440 TALLOC_CTX *mem_ctx = talloc_stackframe();
2441 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2444 if (conf_ctx == NULL) {
2448 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2450 if (!smbconf_share_exists(conf_ctx, service_name)) {
2452 * Registry does not contain data for this service (yet),
2453 * but make sure lp_load doesn't return false.
2459 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2460 if (!SBC_ERROR_IS_OK(err)) {
2464 ret = process_smbconf_service(service);
2470 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2473 TALLOC_FREE(mem_ctx);
2478 * process_registry_globals
2480 static bool process_registry_globals(void)
2484 add_to_file_list(INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2486 ret = do_parameter("registry shares", "yes", NULL);
2491 return process_registry_service(GLOBAL_NAME);
2494 bool process_registry_shares(void)
2498 struct smbconf_service **service = NULL;
2499 uint32_t num_shares = 0;
2500 TALLOC_CTX *mem_ctx = talloc_stackframe();
2501 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2504 if (conf_ctx == NULL) {
2508 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2509 if (!SBC_ERROR_IS_OK(err)) {
2515 for (count = 0; count < num_shares; count++) {
2516 if (strequal(service[count]->name, GLOBAL_NAME)) {
2519 ret = process_smbconf_service(service[count]);
2526 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2529 TALLOC_FREE(mem_ctx);
2534 * reload those shares from registry that are already
2535 * activated in the services array.
2537 static bool reload_registry_shares(void)
2542 for (i = 0; i < iNumServices; i++) {
2547 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2551 ret = process_registry_service(ServicePtrs[i]->szService);
2562 #define MAX_INCLUDE_DEPTH 100
2564 static uint8_t include_depth;
2566 static struct file_lists {
2567 struct file_lists *next;
2571 } *file_lists = NULL;
2573 /*******************************************************************
2574 Keep a linked list of all config files so we know when one has changed
2575 it's date and needs to be reloaded.
2576 ********************************************************************/
2578 static void add_to_file_list(const char *fname, const char *subfname)
2580 struct file_lists *f = file_lists;
2583 if (f->name && !strcmp(f->name, fname))
2589 f = SMB_MALLOC_P(struct file_lists);
2592 f->next = file_lists;
2593 f->name = SMB_STRDUP(fname);
2598 f->subfname = SMB_STRDUP(subfname);
2605 f->modtime = file_modtime(subfname);
2607 time_t t = file_modtime(subfname);
2615 * Free the file lists
2617 static void free_file_list(void)
2619 struct file_lists *f;
2620 struct file_lists *next;
2625 SAFE_FREE( f->name );
2626 SAFE_FREE( f->subfname );
2635 * Utility function for outsiders to check if we're running on registry.
2637 bool lp_config_backend_is_registry(void)
2639 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2643 * Utility function to check if the config backend is FILE.
2645 bool lp_config_backend_is_file(void)
2647 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2650 /*******************************************************************
2651 Check if a config file has changed date.
2652 ********************************************************************/
2654 bool lp_file_list_changed(void)
2656 struct file_lists *f = file_lists;
2658 DEBUG(6, ("lp_file_list_changed()\n"));
2663 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2664 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2666 if (conf_ctx == NULL) {
2669 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2672 DEBUGADD(6, ("registry config changed\n"));
2677 n2 = talloc_sub_basic(talloc_tos(),
2678 get_current_username(),
2679 current_user_info.domain,
2684 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2685 f->name, n2, ctime(&f->modtime)));
2687 mod_time = file_modtime(n2);
2690 ((f->modtime != mod_time) ||
2691 (f->subfname == NULL) ||
2692 (strcmp(n2, f->subfname) != 0)))
2695 ("file %s modified: %s\n", n2,
2697 f->modtime = mod_time;
2698 SAFE_FREE(f->subfname);
2699 f->subfname = SMB_STRDUP(n2);
2712 * Initialize iconv conversion descriptors.
2714 * This is called the first time it is needed, and also called again
2715 * every time the configuration is reloaded, because the charset or
2716 * codepage might have changed.
2718 static void init_iconv(void)
2720 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2722 true, global_iconv_handle);
2725 static bool handle_charset(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2727 if (strcmp(*ptr, pszParmValue) != 0) {
2728 string_set(ptr, pszParmValue);
2734 static bool handle_dos_charset(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2736 bool is_utf8 = false;
2737 size_t len = strlen(pszParmValue);
2739 if (len == 4 || len == 5) {
2740 /* Don't use StrCaseCmp here as we don't want to
2741 initialize iconv. */
2742 if ((toupper_m(pszParmValue[0]) == 'U') &&
2743 (toupper_m(pszParmValue[1]) == 'T') &&
2744 (toupper_m(pszParmValue[2]) == 'F')) {
2746 if (pszParmValue[3] == '8') {
2750 if (pszParmValue[3] == '-' &&
2751 pszParmValue[4] == '8') {
2758 if (strcmp(*ptr, pszParmValue) != 0) {
2760 DEBUG(0,("ERROR: invalid DOS charset: 'dos charset' must not "
2761 "be UTF8, using (default value) %s instead.\n",
2762 DEFAULT_DOS_CHARSET));
2763 pszParmValue = DEFAULT_DOS_CHARSET;
2765 string_set(ptr, pszParmValue);
2771 static bool handle_realm(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2774 TALLOC_CTX *frame = talloc_stackframe();
2775 char *realm = strupper_talloc(frame, pszParmValue);
2776 char *dnsdomain = strlower_talloc(realm, pszParmValue);
2778 ret &= string_set(&Globals.realm_original, pszParmValue);
2779 ret &= string_set(&Globals.realm, realm);
2780 ret &= string_set(&Globals.dnsdomain, dnsdomain);
2786 static bool handle_netbios_aliases(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2788 TALLOC_FREE(Globals.netbios_aliases);
2789 Globals.netbios_aliases = (const char **)str_list_make_v3(NULL, pszParmValue, NULL);
2790 return set_netbios_aliases(Globals.netbios_aliases);
2793 /***************************************************************************
2794 Handle the include operation.
2795 ***************************************************************************/
2796 static bool bAllowIncludeRegistry = true;
2798 static bool handle_include(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2802 if (include_depth >= MAX_INCLUDE_DEPTH) {
2803 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2808 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2809 if (!bAllowIncludeRegistry) {
2812 if (bInGlobalSection) {
2815 ret = process_registry_globals();
2819 DEBUG(1, ("\"include = registry\" only effective "
2820 "in %s section\n", GLOBAL_NAME));
2825 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2826 current_user_info.domain,
2829 add_to_file_list(pszParmValue, fname);
2831 string_set(ptr, fname);
2833 if (file_exist(fname)) {
2836 ret = pm_process(fname, do_section, do_parameter, NULL);
2842 DEBUG(2, ("Can't find include file %s\n", fname));
2847 /***************************************************************************
2848 Handle the interpretation of the copy parameter.
2849 ***************************************************************************/
2851 static bool handle_copy(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2855 struct loadparm_service serviceTemp;
2857 string_set(ptr, pszParmValue);
2859 init_service(&serviceTemp);
2863 DEBUG(3, ("Copying service from service %s\n", pszParmValue));
2865 if ((iTemp = getservicebyname(pszParmValue, &serviceTemp)) >= 0) {
2866 if (iTemp == iServiceIndex) {
2867 DEBUG(0, ("Can't copy service %s - unable to copy self!\n", pszParmValue));
2869 copy_service(ServicePtrs[iServiceIndex],
2871 ServicePtrs[iServiceIndex]->copymap);
2875 DEBUG(0, ("Unable to copy service - source not found: %s\n", pszParmValue));
2879 free_service(&serviceTemp);
2883 static bool handle_ldap_debug_level(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2885 Globals.ldap_debug_level = lp_int(pszParmValue);
2886 init_ldap_debugging();
2891 * idmap related parameters
2894 static bool handle_idmap_backend(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2896 lp_do_parameter(snum, "idmap config * : backend", pszParmValue);
2901 static bool handle_idmap_uid(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2903 lp_do_parameter(snum, "idmap config * : range", pszParmValue);
2908 static bool handle_idmap_gid(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
2910 lp_do_parameter(snum, "idmap config * : range", pszParmValue);
2915 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2917 char *config_option = NULL;
2918 const char *range = NULL;
2921 SMB_ASSERT(low != NULL);
2922 SMB_ASSERT(high != NULL);
2924 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2928 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2930 if (config_option == NULL) {
2931 DEBUG(0, ("out of memory\n"));
2935 range = lp_parm_const_string(-1, config_option, "range", NULL);
2936 if (range == NULL) {
2937 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2941 if (sscanf(range, "%u - %u", low, high) != 2) {
2942 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2943 range, domain_name));
2950 talloc_free(config_option);
2955 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2957 return lp_idmap_range("*", low, high);
2960 const char *lp_idmap_backend(const char *domain_name)
2962 char *config_option = NULL;
2963 const char *backend = NULL;
2965 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2969 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2971 if (config_option == NULL) {
2972 DEBUG(0, ("out of memory\n"));
2976 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2977 if (backend == NULL) {
2978 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2983 talloc_free(config_option);
2987 const char *lp_idmap_default_backend(void)
2989 return lp_idmap_backend("*");
2992 /***************************************************************************
2993 Handle the DEBUG level list.
2994 ***************************************************************************/
2996 static bool handle_debug_list(struct loadparm_context *unused, int snum, const char *pszParmValueIn, char **ptr )
2998 string_set(ptr, pszParmValueIn);
2999 return debug_parse_levels(pszParmValueIn);
3002 /***************************************************************************
3003 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
3004 ***************************************************************************/
3006 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
3008 const char *suffix_string;
3010 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
3011 Globals.ldap_suffix );
3012 if ( !suffix_string ) {
3013 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
3017 return suffix_string;
3020 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
3022 if (Globals.szLdapMachineSuffix[0])
3023 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
3025 return lp_string(ctx, Globals.ldap_suffix);
3028 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
3030 if (Globals.szLdapUserSuffix[0])
3031 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
3033 return lp_string(ctx, Globals.ldap_suffix);
3036 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
3038 if (Globals.szLdapGroupSuffix[0])
3039 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
3041 return lp_string(ctx, Globals.ldap_suffix);
3044 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
3046 if (Globals.szLdapIdmapSuffix[0])
3047 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
3049 return lp_string(ctx, Globals.ldap_suffix);
3052 /****************************************************************************
3053 set the value for a P_ENUM
3054 ***************************************************************************/
3056 static void lp_set_enum_parm( struct parm_struct *parm, const char *pszParmValue,
3061 for (i = 0; parm->enum_list[i].name; i++) {
3062 if ( strequal(pszParmValue, parm->enum_list[i].name)) {
3063 *ptr = parm->enum_list[i].value;
3067 DEBUG(0, ("WARNING: Ignoring invalid value '%s' for parameter '%s'\n",
3068 pszParmValue, parm->label));
3071 /***************************************************************************
3072 ***************************************************************************/
3074 static bool handle_printing(struct loadparm_context *unused, int snum, const char *pszParmValue, char **ptr)
3076 static int parm_num = -1;
3077 struct loadparm_service *s;
3079 if ( parm_num == -1 )
3080 parm_num = lpcfg_map_parameter( "printing" );
3082 lp_set_enum_parm( &parm_table[parm_num], pszParmValue, (int*)ptr );
3087 s = ServicePtrs[snum];
3089 init_printer_values( s );
3095 /***************************************************************************
3096 Initialise a copymap.
3097 ***************************************************************************/
3099 static void init_copymap(struct loadparm_service *pservice)
3103 TALLOC_FREE(pservice->copymap);
3105 pservice->copymap = bitmap_talloc(NULL, NUMPARAMETERS);
3106 if (!pservice->copymap)
3108 ("Couldn't allocate copymap!! (size %d)\n",
3109 (int)NUMPARAMETERS));
3111 for (i = 0; i < NUMPARAMETERS; i++)
3112 bitmap_set(pservice->copymap, i);
3116 return the parameter pointer for a parameter
3118 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
3120 if (service == NULL) {
3121 if (parm->p_class == P_LOCAL)
3122 return (void *)(((char *)&sDefault)+parm->offset);
3123 else if (parm->p_class == P_GLOBAL)
3124 return (void *)(((char *)&Globals)+parm->offset);
3127 return (void *)(((char *)service) + parm->offset);
3131 /***************************************************************************
3132 Return the local pointer to a parameter given the service number and parameter
3133 ***************************************************************************/
3135 void *lp_local_ptr_by_snum(int snum, struct parm_struct *parm)
3137 return lp_parm_ptr(ServicePtrs[snum], parm);
3140 /***************************************************************************
3141 Process a parameter for a particular service number. If snum < 0
3142 then assume we are in the globals.
3143 ***************************************************************************/
3145 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
3148 void *parm_ptr = NULL; /* where we are going to store the result */
3149 struct parmlist_entry **opt_list;
3151 parmnum = lpcfg_map_parameter(pszParmName);
3154 if (strchr(pszParmName, ':') == NULL) {
3155 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n",
3161 * We've got a parametric option
3164 opt_list = (snum < 0)
3165 ? &Globals.param_opt : &ServicePtrs[snum]->param_opt;
3166 set_param_opt(opt_list, pszParmName, pszParmValue, 0);
3171 /* if it's already been set by the command line, then we don't
3173 if (parm_table[parmnum].flags & FLAG_CMDLINE) {
3177 if (parm_table[parmnum].flags & FLAG_DEPRECATED) {
3178 DEBUG(1, ("WARNING: The \"%s\" option is deprecated\n",
3182 /* we might point at a service, the default service or a global */
3184 parm_ptr = lp_parm_ptr(NULL, &parm_table[parmnum]);
3186 if (parm_table[parmnum].p_class == P_GLOBAL) {
3188 ("Global parameter %s found in service section!\n",
3192 parm_ptr = lp_local_ptr_by_snum(snum, &parm_table[parmnum]);
3196 if (!ServicePtrs[snum]->copymap)
3197 init_copymap(ServicePtrs[snum]);
3199 /* this handles the aliases - set the copymap for other entries with
3200 the same data pointer */
3201 for (i = 0; parm_table[i].label; i++) {
3202 if ((parm_table[i].offset == parm_table[parmnum].offset)
3203 && (parm_table[i].p_class == parm_table[parmnum].p_class)) {
3204 bitmap_clear(ServicePtrs[snum]->copymap, i);
3209 /* if it is a special case then go ahead */
3210 if (parm_table[parmnum].special) {
3211 return parm_table[parmnum].special(NULL, snum, pszParmValue,
3215 /* now switch on the type of variable it is */
3216 switch (parm_table[parmnum].type)
3219 *(bool *)parm_ptr = lp_bool(pszParmValue);
3223 *(bool *)parm_ptr = !lp_bool(pszParmValue);
3227 *(int *)parm_ptr = lp_int(pszParmValue);
3231 *(char *)parm_ptr = *pszParmValue;
3235 i = sscanf(pszParmValue, "%o", (int *)parm_ptr);
3237 DEBUG ( 0, ("Invalid octal number %s\n", pszParmName ));
3244 if (conv_str_size_error(pszParmValue, &val)) {
3245 if (val <= INT_MAX) {
3246 *(int *)parm_ptr = (int)val;
3251 DEBUG(0,("lp_do_parameter(%s): value is not "
3252 "a valid size specifier!\n", pszParmValue));
3258 TALLOC_FREE(*((char ***)parm_ptr));
3259 *(char ***)parm_ptr = str_list_make_v3(
3260 NULL, pszParmValue, NULL);
3264 string_set((char **)parm_ptr, pszParmValue);
3269 char *upper_string = strupper_talloc(talloc_tos(),
3271 string_set((char **)parm_ptr, upper_string);
3272 TALLOC_FREE(upper_string);
3276 lp_set_enum_parm( &parm_table[parmnum], pszParmValue, (int*)parm_ptr );
3285 /***************************************************************************
3286 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
3287 FLAG_CMDLINE won't be overridden by loads from smb.conf.
3288 ***************************************************************************/
3290 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue, bool store_values)
3293 parmnum = lpcfg_map_parameter(pszParmName);
3295 parm_table[parmnum].flags &= ~FLAG_CMDLINE;
3296 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
3299 parm_table[parmnum].flags |= FLAG_CMDLINE;
3301 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
3302 * be grouped in the table, so we don't have to search the
3305 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
3306 && parm_table[i].p_class == parm_table[parmnum].p_class;
3308 parm_table[i].flags |= FLAG_CMDLINE;
3310 for (i=parmnum+1;i<NUMPARAMETERS && parm_table[i].offset == parm_table[parmnum].offset
3311 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
3312 parm_table[i].flags |= FLAG_CMDLINE;
3316 store_lp_set_cmdline(pszParmName, pszParmValue);
3321 /* it might be parametric */
3322 if (strchr(pszParmName, ':') != NULL) {
3323 set_param_opt(&Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
3325 store_lp_set_cmdline(pszParmName, pszParmValue);
3330 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
3334 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
3336 return lp_set_cmdline_helper(pszParmName, pszParmValue, true);
3339 /***************************************************************************
3340 Process a parameter.
3341 ***************************************************************************/
3343 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
3346 if (!bInGlobalSection && bGlobalOnly)
3349 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
3351 return (lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
3352 pszParmName, pszParmValue));
3356 set a option from the commandline in 'a=b' format. Use to support --option
3358 bool lp_set_option(const char *option)
3363 s = talloc_strdup(NULL, option);
3376 /* skip white spaces after the = sign */
3379 } while (*p == ' ');
3381 ret = lp_set_cmdline(s, p);
3386 /***************************************************************************
3387 Initialize any local variables in the sDefault table, after parsing a
3389 ***************************************************************************/
3391 static void init_locals(void)
3394 * We run this check once the [globals] is parsed, to force
3395 * the VFS objects and other per-share settings we need for
3396 * the standard way a AD DC is operated. We may change these
3397 * as our code evolves, which is why we force these settings.
3399 * We can't do this at the end of lp_load_ex(), as by that
3400 * point the services have been loaded and they will already
3401 * have "" as their vfs objects.
3403 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3404 const char **vfs_objects = lp_vfs_objects(-1);
3405 if (!vfs_objects || !vfs_objects[0]) {
3406 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
3407 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
3408 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
3409 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
3411 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
3415 lp_do_parameter(-1, "map hidden", "no");
3416 lp_do_parameter(-1, "map system", "no");
3417 lp_do_parameter(-1, "map readonly", "no");
3418 lp_do_parameter(-1, "map archive", "no");
3419 lp_do_parameter(-1, "store dos attributes", "yes");
3423 /***************************************************************************
3424 Process a new section (service). At this stage all sections are services.
3425 Later we'll have special sections that permit server parameters to be set.
3426 Returns true on success, false on failure.
3427 ***************************************************************************/
3429 static bool do_section(const char *pszSectionName, void *userdata)
3432 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
3433 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
3436 /* if we were in a global section then do the local inits */
3437 if (bInGlobalSection && !isglobal)
3440 /* if we've just struck a global section, note the fact. */
3441 bInGlobalSection = isglobal;
3443 /* check for multiple global sections */
3444 if (bInGlobalSection) {
3445 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
3449 if (!bInGlobalSection && bGlobalOnly)
3452 /* if we have a current service, tidy it up before moving on */
3455 if (iServiceIndex >= 0)
3456 bRetval = service_ok(iServiceIndex);
3458 /* if all is still well, move to the next record in the services array */
3460 /* We put this here to avoid an odd message order if messages are */
3461 /* issued by the post-processing of a previous section. */
3462 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
3464 iServiceIndex = add_a_service(&sDefault, pszSectionName);
3465 if (iServiceIndex < 0) {
3466 DEBUG(0, ("Failed to add a new service\n"));
3469 /* Clean all parametric options for service */
3470 /* They will be added during parsing again */
3471 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
3478 /***************************************************************************
3479 Determine if a partcular base parameter is currentl set to the default value.
3480 ***************************************************************************/
3482 static bool is_default(int i)
3484 switch (parm_table[i].type) {
3487 return str_list_equal((const char **)parm_table[i].def.lvalue,
3488 *(const char ***)lp_parm_ptr(NULL,
3492 return strequal(parm_table[i].def.svalue,
3493 *(char **)lp_parm_ptr(NULL,
3497 return parm_table[i].def.bvalue ==
3498 *(bool *)lp_parm_ptr(NULL,
3501 return parm_table[i].def.cvalue ==
3502 *(char *)lp_parm_ptr(NULL,
3508 return parm_table[i].def.ivalue ==
3509 *(int *)lp_parm_ptr(NULL,
3517 /***************************************************************************
3518 Display the contents of the global structure.
3519 ***************************************************************************/
3521 static void dump_globals(FILE *f)
3524 struct parmlist_entry *data;
3526 fprintf(f, "[global]\n");
3528 for (i = 0; parm_table[i].label; i++)
3529 if (parm_table[i].p_class == P_GLOBAL &&
3530 !(parm_table[i].flags & FLAG_META) &&
3531 (i == 0 || (parm_table[i].offset != parm_table[i - 1].offset))) {
3532 if (defaults_saved && is_default(i))
3534 fprintf(f, "\t%s = ", parm_table[i].label);
3535 lpcfg_print_parameter(&parm_table[i], lp_parm_ptr(NULL,
3540 if (Globals.param_opt != NULL) {
3541 data = Globals.param_opt;
3543 fprintf(f, "\t%s = %s\n", data->key, data->value);
3550 /***************************************************************************
3551 Display the contents of a single services record.
3552 ***************************************************************************/
3554 static void dump_a_service(struct loadparm_service *pService, FILE * f)
3557 struct parmlist_entry *data;
3559 if (pService != &sDefault)
3560 fprintf(f, "[%s]\n", pService->szService);
3562 for (i = 0; parm_table[i].label; i++) {
3564 if (parm_table[i].p_class == P_LOCAL &&
3565 !(parm_table[i].flags & FLAG_META) &&
3566 (*parm_table[i].label != '-') &&
3567 (i == 0 || (parm_table[i].offset != parm_table[i - 1].offset)))
3569 if (pService == &sDefault) {
3570 if (defaults_saved && is_default(i))
3573 if (lpcfg_equal_parameter(parm_table[i].type,
3574 lp_parm_ptr(pService, &parm_table[i]),
3575 lp_parm_ptr(NULL, &parm_table[i])))
3579 fprintf(f, "\t%s = ", parm_table[i].label);
3580 lpcfg_print_parameter(&parm_table[i],
3581 lp_parm_ptr(pService, &parm_table[i]),
3587 if (pService->param_opt != NULL) {
3588 data = pService->param_opt;
3590 fprintf(f, "\t%s = %s\n", data->key, data->value);
3596 /***************************************************************************
3597 Display the contents of a parameter of a single services record.
3598 ***************************************************************************/
3600 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
3602 bool result = false;
3603 fstring local_parm_name;
3605 const char *parm_opt_value;
3607 struct loadparm_context *lp_ctx;
3609 /* check for parametrical option */
3610 fstrcpy( local_parm_name, parm_name);
3611 parm_opt = strchr( local_parm_name, ':');
3616 if (strlen(parm_opt)) {
3617 parm_opt_value = lp_parm_const_string( snum,
3618 local_parm_name, parm_opt, NULL);
3619 if (parm_opt_value) {
3620 printf( "%s\n", parm_opt_value);
3627 lp_ctx = loadparm_init_s3(talloc_tos(), loadparm_s3_helpers());
3628 if (lp_ctx == NULL) {
3633 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
3635 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
3637 TALLOC_FREE(lp_ctx);
3641 /***************************************************************************
3642 Return info about the requested parameter (given as a string).
3643 Return NULL when the string is not a valid parameter name.
3644 ***************************************************************************/
3646 struct parm_struct *lp_get_parameter(const char *param_name)
3648 int num = lpcfg_map_parameter(param_name);
3654 return &parm_table[num];
3658 /***************************************************************************
3659 Display the contents of a single copy structure.
3660 ***************************************************************************/
3661 static void dump_copy_map(bool *pcopymap)
3667 printf("\n\tNon-Copied parameters:\n");
3669 for (i = 0; parm_table[i].label; i++)
3670 if (parm_table[i].p_class == P_LOCAL &&
3671 parm_table[i].ptr && !pcopymap[i] &&
3672 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
3674 printf("\t\t%s\n", parm_table[i].label);
3679 /***************************************************************************
3680 Return TRUE if the passed service number is within range.
3681 ***************************************************************************/
3683 bool lp_snum_ok(int iService)
3685 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
3688 /***************************************************************************
3689 Auto-load some home services.
3690 ***************************************************************************/
3692 static void lp_add_auto_services(char *str)
3702 s = SMB_STRDUP(str);
3706 homes = lp_servicenumber(HOMES_NAME);
3708 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
3709 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
3712 if (lp_servicenumber(p) >= 0)
3715 home = get_user_home_dir(talloc_tos(), p);
3717 if (home && home[0] && homes >= 0)
3718 lp_add_home(p, homes, p, home);
3725 /***************************************************************************
3726 Auto-load one printer.
3727 ***************************************************************************/
3729 void lp_add_one_printer(const char *name, const char *comment,
3730 const char *location, void *pdata)
3732 int printers = lp_servicenumber(PRINTERS_NAME);
3735 if (lp_servicenumber(name) < 0) {
3736 lp_add_printer(name, printers);
3737 if ((i = lp_servicenumber(name)) >= 0) {
3738 string_set(&ServicePtrs[i]->comment, comment);
3739 ServicePtrs[i]->autoloaded = true;
3744 /***************************************************************************
3745 Have we loaded a services file yet?
3746 ***************************************************************************/
3748 bool lp_loaded(void)
3753 /***************************************************************************
3754 Unload unused services.
3755 ***************************************************************************/
3757 void lp_killunused(struct smbd_server_connection *sconn,
3758 bool (*snumused) (struct smbd_server_connection *, int))
3761 for (i = 0; i < iNumServices; i++) {
3765 /* don't kill autoloaded or usershare services */
3766 if ( ServicePtrs[i]->autoloaded ||
3767 ServicePtrs[i]->usershare == USERSHARE_VALID) {
3771 if (!snumused || !snumused(sconn, i)) {
3772 free_service_byindex(i);
3778 * Kill all except autoloaded and usershare services - convenience wrapper
3780 void lp_kill_all_services(void)
3782 lp_killunused(NULL, NULL);
3785 /***************************************************************************
3787 ***************************************************************************/
3789 void lp_killservice(int iServiceIn)
3791 if (VALID(iServiceIn)) {
3792 free_service_byindex(iServiceIn);
3796 /***************************************************************************
3797 Save the curent values of all global and sDefault parameters into the
3798 defaults union. This allows testparm to show only the
3799 changed (ie. non-default) parameters.
3800 ***************************************************************************/
3802 static void lp_save_defaults(void)
3805 for (i = 0; parm_table[i].label; i++) {
3806 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
3807 && parm_table[i].p_class == parm_table[i - 1].p_class)
3809 switch (parm_table[i].type) {
3812 parm_table[i].def.lvalue = str_list_copy(
3813 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
3817 parm_table[i].def.svalue = SMB_STRDUP(*(char **)lp_parm_ptr(NULL, &parm_table[i]));
3821 parm_table[i].def.bvalue =
3822 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
3825 parm_table[i].def.cvalue =
3826 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
3832 parm_table[i].def.ivalue =
3833 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
3839 defaults_saved = true;
3842 /***********************************************************
3843 If we should send plaintext/LANMAN passwords in the clinet
3844 ************************************************************/
3846 static void set_allowed_client_auth(void)
3848 if (Globals.client_ntlmv2_auth) {
3849 Globals.client_lanman_auth = false;
3851 if (!Globals.client_lanman_auth) {
3852 Globals.client_plaintext_auth = false;
3856 /***************************************************************************
3858 The following code allows smbd to read a user defined share file.
3859 Yes, this is my intent. Yes, I'm comfortable with that...
3861 THE FOLLOWING IS SECURITY CRITICAL CODE.
3863 It washes your clothes, it cleans your house, it guards you while you sleep...
3864 Do not f%^k with it....
3865 ***************************************************************************/
3867 #define MAX_USERSHARE_FILE_SIZE (10*1024)
3869 /***************************************************************************
3870 Check allowed stat state of a usershare file.
3871 Ensure we print out who is dicking with us so the admin can
3872 get their sorry ass fired.
3873 ***************************************************************************/
3875 static bool check_usershare_stat(const char *fname,
3876 const SMB_STRUCT_STAT *psbuf)
3878 if (!S_ISREG(psbuf->st_ex_mode)) {
3879 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3880 "not a regular file\n",
3881 fname, (unsigned int)psbuf->st_ex_uid ));
3885 /* Ensure this doesn't have the other write bit set. */
3886 if (psbuf->st_ex_mode & S_IWOTH) {
3887 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
3888 "public write. Refusing to allow as a usershare file.\n",
3889 fname, (unsigned int)psbuf->st_ex_uid ));
3893 /* Should be 10k or less. */
3894 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
3895 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3896 "too large (%u) to be a user share file.\n",
3897 fname, (unsigned int)psbuf->st_ex_uid,
3898 (unsigned int)psbuf->st_ex_size ));
3905 /***************************************************************************
3906 Parse the contents of a usershare file.
3907 ***************************************************************************/
3909 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3910 SMB_STRUCT_STAT *psbuf,
3911 const char *servicename,
3915 char **pp_sharepath,
3917 char **pp_cp_servicename,
3918 struct security_descriptor **ppsd,
3921 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3922 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3925 SMB_STRUCT_STAT sbuf;
3926 char *sharepath = NULL;
3927 char *comment = NULL;
3929 *pp_sharepath = NULL;
3932 *pallow_guest = false;
3935 return USERSHARE_MALFORMED_FILE;
3938 if (strcmp(lines[0], "#VERSION 1") == 0) {
3940 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3943 return USERSHARE_MALFORMED_FILE;
3946 return USERSHARE_BAD_VERSION;
3949 if (strncmp(lines[1], "path=", 5) != 0) {
3950 return USERSHARE_MALFORMED_PATH;
3953 sharepath = talloc_strdup(ctx, &lines[1][5]);
3955 return USERSHARE_POSIX_ERR;
3957 trim_string(sharepath, " ", " ");
3959 if (strncmp(lines[2], "comment=", 8) != 0) {
3960 return USERSHARE_MALFORMED_COMMENT_DEF;
3963 comment = talloc_strdup(ctx, &lines[2][8]);
3965 return USERSHARE_POSIX_ERR;
3967 trim_string(comment, " ", " ");
3968 trim_char(comment, '"', '"');
3970 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3971 return USERSHARE_MALFORMED_ACL_DEF;
3974 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3975 return USERSHARE_ACL_ERR;
3979 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3980 return USERSHARE_MALFORMED_ACL_DEF;
3982 if (lines[4][9] == 'y') {
3983 *pallow_guest = true;
3986 /* Backwards compatible extension to file version #2. */
3988 if (strncmp(lines[5], "sharename=", 10) != 0) {
3989 return USERSHARE_MALFORMED_SHARENAME_DEF;
3991 if (!strequal(&lines[5][10], servicename)) {
3992 return USERSHARE_BAD_SHARENAME;
3994 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3995 if (!*pp_cp_servicename) {
3996 return USERSHARE_POSIX_ERR;
4001 if (*pp_cp_servicename == NULL) {
4002 *pp_cp_servicename = talloc_strdup(ctx, servicename);
4003 if (!*pp_cp_servicename) {
4004 return USERSHARE_POSIX_ERR;
4008 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
4009 /* Path didn't change, no checks needed. */
4010 *pp_sharepath = sharepath;
4011 *pp_comment = comment;
4012 return USERSHARE_OK;
4015 /* The path *must* be absolute. */
4016 if (sharepath[0] != '/') {
4017 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
4018 servicename, sharepath));
4019 return USERSHARE_PATH_NOT_ABSOLUTE;
4022 /* If there is a usershare prefix deny list ensure one of these paths
4023 doesn't match the start of the user given path. */
4024 if (prefixdenylist) {
4026 for ( i=0; prefixdenylist[i]; i++ ) {
4027 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
4028 servicename, i, prefixdenylist[i], sharepath ));
4029 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
4030 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
4031 "usershare prefix deny list entries.\n",
4032 servicename, sharepath));
4033 return USERSHARE_PATH_IS_DENIED;
4038 /* If there is a usershare prefix allow list ensure one of these paths
4039 does match the start of the user given path. */
4041 if (prefixallowlist) {
4043 for ( i=0; prefixallowlist[i]; i++ ) {
4044 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
4045 servicename, i, prefixallowlist[i], sharepath ));
4046 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
4050 if (prefixallowlist[i] == NULL) {
4051 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
4052 "usershare prefix allow list entries.\n",
4053 servicename, sharepath));
4054 return USERSHARE_PATH_NOT_ALLOWED;
4058 /* Ensure this is pointing to a directory. */
4059 dp = opendir(sharepath);
4062 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
4063 servicename, sharepath));
4064 return USERSHARE_PATH_NOT_DIRECTORY;
4067 /* Ensure the owner of the usershare file has permission to share
4070 if (sys_stat(sharepath, &sbuf, false) == -1) {
4071 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
4072 servicename, sharepath, strerror(errno) ));
4074 return USERSHARE_POSIX_ERR;
4079 if (!S_ISDIR(sbuf.st_ex_mode)) {
4080 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
4081 servicename, sharepath ));
4082 return USERSHARE_PATH_NOT_DIRECTORY;
4085 /* Check if sharing is restricted to owner-only. */
4086 /* psbuf is the stat of the usershare definition file,
4087 sbuf is the stat of the target directory to be shared. */
4089 if (lp_usershare_owner_only()) {
4090 /* root can share anything. */
4091 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
4092 return USERSHARE_PATH_NOT_ALLOWED;
4096 *pp_sharepath = sharepath;
4097 *pp_comment = comment;
4098 return USERSHARE_OK;
4101 /***************************************************************************
4102 Deal with a usershare file.
4105 -1 - Bad name, invalid contents.
4106 - service name already existed and not a usershare, problem
4107 with permissions to share directory etc.
4108 ***************************************************************************/
4110 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
4112 SMB_STRUCT_STAT sbuf;
4113 SMB_STRUCT_STAT lsbuf;
4115 char *sharepath = NULL;
4116 char *comment = NULL;
4117 char *cp_service_name = NULL;
4118 char **lines = NULL;
4122 TALLOC_CTX *ctx = talloc_stackframe();
4123 struct security_descriptor *psd = NULL;
4124 bool guest_ok = false;
4125 char *canon_name = NULL;
4126 bool added_service = false;
4129 /* Ensure share name doesn't contain invalid characters. */
4130 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
4131 DEBUG(0,("process_usershare_file: share name %s contains "
4132 "invalid characters (any of %s)\n",
4133 file_name, INVALID_SHARENAME_CHARS ));
4137 canon_name = canonicalize_servicename(ctx, file_name);
4142 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
4147 /* Minimize the race condition by doing an lstat before we
4148 open and fstat. Ensure this isn't a symlink link. */
4150 if (sys_lstat(fname, &lsbuf, false) != 0) {
4151 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
4152 fname, strerror(errno) ));
4156 /* This must be a regular file, not a symlink, directory or
4157 other strange filetype. */
4158 if (!check_usershare_stat(fname, &lsbuf)) {
4166 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
4171 if (NT_STATUS_IS_OK(status) &&
4172 (data.dptr != NULL) &&
4173 (data.dsize == sizeof(iService))) {
4174 memcpy(&iService, data.dptr, sizeof(iService));
4178 if (iService != -1 &&
4179 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4180 &lsbuf.st_ex_mtime) == 0) {
4181 /* Nothing changed - Mark valid and return. */
4182 DEBUG(10,("process_usershare_file: service %s not changed.\n",
4184 ServicePtrs[iService]->usershare = USERSHARE_VALID;
4189 /* Try and open the file read only - no symlinks allowed. */
4191 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
4193 fd = open(fname, O_RDONLY, 0);
4197 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
4198 fname, strerror(errno) ));
4202 /* Now fstat to be *SURE* it's a regular file. */
4203 if (sys_fstat(fd, &sbuf, false) != 0) {
4205 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
4206 fname, strerror(errno) ));
4210 /* Is it the same dev/inode as was lstated ? */
4211 if (!check_same_stat(&lsbuf, &sbuf)) {
4213 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
4214 "Symlink spoofing going on ?\n", fname ));
4218 /* This must be a regular file, not a symlink, directory or
4219 other strange filetype. */
4220 if (!check_usershare_stat(fname, &sbuf)) {
4225 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
4228 if (lines == NULL) {
4229 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
4230 fname, (unsigned int)sbuf.st_ex_uid ));
4234 if (parse_usershare_file(ctx, &sbuf, file_name,
4235 iService, lines, numlines, &sharepath,
4236 &comment, &cp_service_name,
4237 &psd, &guest_ok) != USERSHARE_OK) {
4241 /* Everything ok - add the service possibly using a template. */
4243 const struct loadparm_service *sp = &sDefault;
4244 if (snum_template != -1) {
4245 sp = ServicePtrs[snum_template];
4248 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
4249 DEBUG(0, ("process_usershare_file: Failed to add "
4250 "new service %s\n", cp_service_name));
4254 added_service = true;
4256 /* Read only is controlled by usershare ACL below. */
4257 ServicePtrs[iService]->read_only = false;
4260 /* Write the ACL of the new/modified share. */
4261 if (!set_share_security(canon_name, psd)) {
4262 DEBUG(0, ("process_usershare_file: Failed to set share "
4263 "security for user share %s\n",
4268 /* If from a template it may be marked invalid. */
4269 ServicePtrs[iService]->valid = true;
4271 /* Set the service as a valid usershare. */
4272 ServicePtrs[iService]->usershare = USERSHARE_VALID;
4274 /* Set guest access. */
4275 if (lp_usershare_allow_guests()) {
4276 ServicePtrs[iService]->guest_ok = guest_ok;
4279 /* And note when it was loaded. */
4280 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
4281 string_set(&ServicePtrs[iService]->path, sharepath);
4282 string_set(&ServicePtrs[iService]->comment, comment);
4288 if (ret == -1 && iService != -1 && added_service) {
4289 lp_remove_service(iService);
4297 /***************************************************************************
4298 Checks if a usershare entry has been modified since last load.
4299 ***************************************************************************/
4301 static bool usershare_exists(int iService, struct timespec *last_mod)
4303 SMB_STRUCT_STAT lsbuf;
4304 const char *usersharepath = Globals.usershare_path;
4307 if (asprintf(&fname, "%s/%s",
4309 ServicePtrs[iService]->szService) < 0) {
4313 if (sys_lstat(fname, &lsbuf, false) != 0) {
4318 if (!S_ISREG(lsbuf.st_ex_mode)) {
4324 *last_mod = lsbuf.st_ex_mtime;
4328 /***************************************************************************
4329 Load a usershare service by name. Returns a valid servicenumber or -1.
4330 ***************************************************************************/
4332 int load_usershare_service(const char *servicename)
4334 SMB_STRUCT_STAT sbuf;
4335 const char *usersharepath = Globals.usershare_path;
4336 int max_user_shares = Globals.usershare_max_shares;
4337 int snum_template = -1;
4339 if (*usersharepath == 0 || max_user_shares == 0) {
4343 if (sys_stat(usersharepath, &sbuf, false) != 0) {
4344 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
4345 usersharepath, strerror(errno) ));
4349 if (!S_ISDIR(sbuf.st_ex_mode)) {
4350 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
4356 * This directory must be owned by root, and have the 't' bit set.
4357 * It also must not be writable by "other".
4361 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
4363 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
4365 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
4366 "or does not have the sticky bit 't' set or is writable by anyone.\n",
4371 /* Ensure the template share exists if it's set. */
4372 if (Globals.usershare_template_share[0]) {
4373 /* We can't use lp_servicenumber here as we are recommending that
4374 template shares have -valid=false set. */
4375 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
4376 if (ServicePtrs[snum_template]->szService &&
4377 strequal(ServicePtrs[snum_template]->szService,
4378 Globals.usershare_template_share)) {
4383 if (snum_template == -1) {
4384 DEBUG(0,("load_usershare_service: usershare template share %s "
4385 "does not exist.\n",
4386 Globals.usershare_template_share ));
4391 return process_usershare_file(usersharepath, servicename, snum_template);
4394 /***************************************************************************
4395 Load all user defined shares from the user share directory.
4396 We only do this if we're enumerating the share list.
4397 This is the function that can delete usershares that have
4399 ***************************************************************************/
4401 int load_usershare_shares(struct smbd_server_connection *sconn,
4402 bool (*snumused) (struct smbd_server_connection *, int))
4405 SMB_STRUCT_STAT sbuf;
4407 int num_usershares = 0;
4408 int max_user_shares = Globals.usershare_max_shares;
4409 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
4410 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
4411 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
4413 int snum_template = -1;
4414 const char *usersharepath = Globals.usershare_path;
4415 int ret = lp_numservices();
4416 TALLOC_CTX *tmp_ctx;
4418 if (max_user_shares == 0 || *usersharepath == '\0') {
4419 return lp_numservices();
4422 if (sys_stat(usersharepath, &sbuf, false) != 0) {
4423 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
4424 usersharepath, strerror(errno) ));
4429 * This directory must be owned by root, and have the 't' bit set.
4430 * It also must not be writable by "other".
4434 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
4436 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
4438 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
4439 "or does not have the sticky bit 't' set or is writable by anyone.\n",
4444 /* Ensure the template share exists if it's set. */
4445 if (Globals.usershare_template_share[0]) {
4446 /* We can't use lp_servicenumber here as we are recommending that
4447 template shares have -valid=false set. */
4448 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
4449 if (ServicePtrs[snum_template]->szService &&
4450 strequal(ServicePtrs[snum_template]->szService,
4451 Globals.usershare_template_share)) {
4456 if (snum_template == -1) {
4457 DEBUG(0,("load_usershare_shares: usershare template share %s "
4458 "does not exist.\n",
4459 Globals.usershare_template_share ));
4464 /* Mark all existing usershares as pending delete. */
4465 for (iService = iNumServices - 1; iService >= 0; iService--) {
4466 if (VALID(iService) && ServicePtrs[iService]->usershare) {
4467 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
4471 dp = opendir(usersharepath);
4473 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
4474 usersharepath, strerror(errno) ));
4478 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
4480 num_dir_entries++ ) {
4482 const char *n = de->d_name;
4484 /* Ignore . and .. */
4486 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
4492 /* Temporary file used when creating a share. */
4493 num_tmp_dir_entries++;
4496 /* Allow 20% tmp entries. */
4497 if (num_tmp_dir_entries > allowed_tmp_entries) {
4498 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
4499 "in directory %s\n",
4500 num_tmp_dir_entries, usersharepath));
4504 r = process_usershare_file(usersharepath, n, snum_template);
4506 /* Update the services count. */
4508 if (num_usershares >= max_user_shares) {
4509 DEBUG(0,("load_usershare_shares: max user shares reached "
4510 "on file %s in directory %s\n",
4511 n, usersharepath ));
4514 } else if (r == -1) {
4515 num_bad_dir_entries++;
4518 /* Allow 20% bad entries. */
4519 if (num_bad_dir_entries > allowed_bad_entries) {
4520 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
4521 "in directory %s\n",
4522 num_bad_dir_entries, usersharepath));
4526 /* Allow 20% bad entries. */
4527 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
4528 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
4529 "in directory %s\n",
4530 num_dir_entries, usersharepath));
4537 /* Sweep through and delete any non-refreshed usershares that are
4538 not currently in use. */
4539 tmp_ctx = talloc_stackframe();
4540 for (iService = iNumServices - 1; iService >= 0; iService--) {
4541 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
4544 if (snumused && snumused(sconn, iService)) {
4548 servname = lp_servicename(tmp_ctx, iService);
4550 /* Remove from the share ACL db. */
4551 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
4553 delete_share_security(servname);
4554 free_service_byindex(iService);
4557 talloc_free(tmp_ctx);
4559 return lp_numservices();
4562 /********************************************************
4563 Destroy global resources allocated in this file
4564 ********************************************************/
4566 void gfree_loadparm(void)
4572 /* Free resources allocated to services */
4574 for ( i = 0; i < iNumServices; i++ ) {
4576 free_service_byindex(i);
4580 SAFE_FREE( ServicePtrs );
4583 /* Now release all resources allocated to global
4584 parameters and the default service */
4586 free_global_parameters();
4590 /***************************************************************************
4591 Allow client apps to specify that they are a client
4592 ***************************************************************************/
4593 static void lp_set_in_client(bool b)
4599 /***************************************************************************
4600 Determine if we're running in a client app
4601 ***************************************************************************/
4602 static bool lp_is_in_client(void)
4607 /***************************************************************************
4608 Load the services array from the services file. Return true on success,
4610 ***************************************************************************/
4612 static bool lp_load_ex(const char *pszFname,
4616 bool initialize_globals,
4617 bool allow_include_registry,
4618 bool load_all_shares)
4625 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
4627 bInGlobalSection = true;
4628 bGlobalOnly = global_only;
4629 bAllowIncludeRegistry = allow_include_registry;
4631 init_globals(initialize_globals);
4635 if (save_defaults) {
4640 if (!initialize_globals) {
4641 free_param_opts(&Globals.param_opt);
4642 apply_lp_set_cmdline();
4645 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
4647 /* We get sections first, so have to start 'behind' to make up */
4650 if (lp_config_backend_is_file()) {
4651 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
4652 current_user_info.domain,
4655 smb_panic("lp_load_ex: out of memory");
4658 add_to_file_list(pszFname, n2);
4660 bRetval = pm_process(n2, do_section, do_parameter, NULL);
4663 /* finish up the last section */
4664 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
4666 if (iServiceIndex >= 0) {
4667 bRetval = service_ok(iServiceIndex);
4671 if (lp_config_backend_is_registry()) {
4672 /* config backend changed to registry in config file */
4674 * We need to use this extra global variable here to
4675 * survive restart: init_globals uses this as a default
4676 * for config_backend. Otherwise, init_globals would
4677 * send us into an endless loop here.
4679 config_backend = CONFIG_BACKEND_REGISTRY;
4681 DEBUG(1, ("lp_load_ex: changing to config backend "
4684 lp_kill_all_services();
4685 return lp_load_ex(pszFname, global_only, save_defaults,
4686 add_ipc, initialize_globals,
4687 allow_include_registry,
4690 } else if (lp_config_backend_is_registry()) {
4691 bRetval = process_registry_globals();
4693 DEBUG(0, ("Illegal config backend given: %d\n",
4694 lp_config_backend()));
4698 if (bRetval && lp_registry_shares()) {
4699 if (load_all_shares) {
4700 bRetval = process_registry_shares();
4702 bRetval = reload_registry_shares();
4707 char *serv = lp_auto_services(talloc_tos());
4708 lp_add_auto_services(serv);
4713 /* When 'restrict anonymous = 2' guest connections to ipc$
4715 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
4716 if ( lp_enable_asu_support() ) {
4717 lp_add_ipc("ADMIN$", false);
4721 set_allowed_client_auth();
4723 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
4724 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
4725 lp_password_server()));
4730 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
4731 /* if we_are_a_wins_server is true and we are in the client */
4732 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
4733 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
4738 fault_configure(smb_panic_s3);
4741 * We run this check once the whole smb.conf is parsed, to
4742 * force some settings for the standard way a AD DC is
4743 * operated. We may changed these as our code evolves, which
4744 * is why we force these settings.
4746 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
4747 lp_do_parameter(-1, "passdb backend", "samba_dsdb");
4749 lp_do_parameter(-1, "rpc_server:default", "external");
4750 lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
4751 lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
4752 lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
4753 lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
4754 lp_do_parameter(-1, "rpc_server:winreg", "embedded");
4755 lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
4756 lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
4757 lp_do_parameter(-1, "rpc_server:tcpip", "no");
4760 bAllowIncludeRegistry = true;
4765 bool lp_load(const char *pszFname,
4769 bool initialize_globals)
4771 return lp_load_ex(pszFname,
4776 true, /* allow_include_registry */
4777 false); /* load_all_shares*/
4780 bool lp_load_initial_only(const char *pszFname)
4782 return lp_load_ex(pszFname,
4783 true, /* global only */
4784 false, /* save_defaults */
4785 false, /* add_ipc */
4786 true, /* initialize_globals */
4787 false, /* allow_include_registry */
4788 false); /* load_all_shares*/
4792 * most common lp_load wrapper, loading only the globals
4794 bool lp_load_global(const char *file_name)
4796 return lp_load_ex(file_name,
4797 true, /* global_only */
4798 false, /* save_defaults */
4799 false, /* add_ipc */
4800 true, /* initialize_globals */
4801 true, /* allow_include_registry */
4802 false); /* load_all_shares*/
4806 * lp_load wrapper, especially for clients
4808 bool lp_load_client(const char *file_name)
4810 lp_set_in_client(true);
4812 return lp_load_global(file_name);
4816 * lp_load wrapper, loading only globals, but intended
4817 * for subsequent calls, not reinitializing the globals
4820 bool lp_load_global_no_reinit(const char *file_name)
4822 return lp_load_ex(file_name,
4823 true, /* global_only */
4824 false, /* save_defaults */
4825 false, /* add_ipc */
4826 false, /* initialize_globals */
4827 true, /* allow_include_registry */
4828 false); /* load_all_shares*/
4832 * lp_load wrapper, especially for clients, no reinitialization
4834 bool lp_load_client_no_reinit(const char *file_name)
4836 lp_set_in_client(true);
4838 return lp_load_global_no_reinit(file_name);
4841 bool lp_load_with_registry_shares(const char *pszFname,
4845 bool initialize_globals)
4847 return lp_load_ex(pszFname,
4852 true, /* allow_include_registry */
4853 true); /* load_all_shares*/
4856 /***************************************************************************
4857 Return the max number of services.
4858 ***************************************************************************/
4860 int lp_numservices(void)
4862 return (iNumServices);
4865 /***************************************************************************
4866 Display the contents of the services array in human-readable form.
4867 ***************************************************************************/
4869 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4874 defaults_saved = false;
4878 dump_a_service(&sDefault, f);
4880 for (iService = 0; iService < maxtoprint; iService++) {
4882 lp_dump_one(f, show_defaults, iService);
4886 /***************************************************************************
4887 Display the contents of one service in human-readable form.
4888 ***************************************************************************/
4890 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4893 if (ServicePtrs[snum]->szService[0] == '\0')
4895 dump_a_service(ServicePtrs[snum], f);
4899 /***************************************************************************
4900 Return the number of the service with the given name, or -1 if it doesn't
4901 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4902 getservicebyname()! This works ONLY if all services have been loaded, and
4903 does not copy the found service.
4904 ***************************************************************************/
4906 int lp_servicenumber(const char *pszServiceName)
4909 fstring serviceName;
4911 if (!pszServiceName) {
4912 return GLOBAL_SECTION_SNUM;
4915 for (iService = iNumServices - 1; iService >= 0; iService--) {
4916 if (VALID(iService) && ServicePtrs[iService]->szService) {
4918 * The substitution here is used to support %U is
4921 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4922 standard_sub_basic(get_current_username(),
4923 current_user_info.domain,
4924 serviceName,sizeof(serviceName));
4925 if (strequal(serviceName, pszServiceName)) {
4931 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4932 struct timespec last_mod;
4934 if (!usershare_exists(iService, &last_mod)) {
4935 /* Remove the share security tdb entry for it. */
4936 delete_share_security(lp_servicename(talloc_tos(), iService));
4937 /* Remove it from the array. */
4938 free_service_byindex(iService);
4939 /* Doesn't exist anymore. */
4940 return GLOBAL_SECTION_SNUM;
4943 /* Has it been modified ? If so delete and reload. */
4944 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4946 /* Remove it from the array. */
4947 free_service_byindex(iService);
4948 /* and now reload it. */
4949 iService = load_usershare_service(pszServiceName);
4954 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4955 return GLOBAL_SECTION_SNUM;
4961 /*******************************************************************
4962 A useful volume label function.
4963 ********************************************************************/
4965 const char *volume_label(TALLOC_CTX *ctx, int snum)
4968 const char *label = lp_volume(ctx, snum);
4970 label = lp_servicename(ctx, snum);
4973 /* This returns a 33 byte guarenteed null terminated string. */
4974 ret = talloc_strndup(ctx, label, 32);
4981 /*******************************************************************
4982 Get the default server type we will announce as via nmbd.
4983 ********************************************************************/
4985 int lp_default_server_announce(void)
4987 int default_server_announce = 0;
4988 default_server_announce |= SV_TYPE_WORKSTATION;
4989 default_server_announce |= SV_TYPE_SERVER;
4990 default_server_announce |= SV_TYPE_SERVER_UNIX;
4992 /* note that the flag should be set only if we have a
4993 printer service but nmbd doesn't actually load the
4994 services so we can't tell --jerry */
4996 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4998 default_server_announce |= SV_TYPE_SERVER_NT;
4999 default_server_announce |= SV_TYPE_NT;
5001 switch (lp_server_role()) {
5002 case ROLE_DOMAIN_MEMBER:
5003 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
5005 case ROLE_DOMAIN_PDC:
5006 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
5008 case ROLE_DOMAIN_BDC:
5009 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
5011 case ROLE_STANDALONE:
5015 if (lp_time_server())
5016 default_server_announce |= SV_TYPE_TIME_SOURCE;
5018 if (lp_host_msdfs())
5019 default_server_announce |= SV_TYPE_DFS_SERVER;
5021 return default_server_announce;
5024 /***********************************************************
5025 If we are PDC then prefer us as DMB
5026 ************************************************************/
5028 bool lp_domain_master(void)
5030 if (Globals._domain_master == Auto)
5031 return (lp_server_role() == ROLE_DOMAIN_PDC);
5033 return (bool)Globals._domain_master;
5036 /***********************************************************
5037 If we are PDC then prefer us as DMB
5038 ************************************************************/
5040 static bool lp_domain_master_true_or_auto(void)
5042 if (Globals._domain_master) /* auto or yes */
5048 /***********************************************************
5049 If we are DMB then prefer us as LMB
5050 ************************************************************/
5052 bool lp_preferred_master(void)
5054 if (Globals.iPreferredMaster == Auto)
5055 return (lp_local_master() && lp_domain_master());
5057 return (bool)Globals.iPreferredMaster;
5060 /*******************************************************************
5062 ********************************************************************/
5064 void lp_remove_service(int snum)
5066 ServicePtrs[snum]->valid = false;
5069 /*******************************************************************
5071 ********************************************************************/
5073 void lp_copy_service(int snum, const char *new_name)
5075 do_section(new_name, NULL);
5077 snum = lp_servicenumber(new_name);
5079 char *name = lp_servicename(talloc_tos(), snum);
5080 lp_do_parameter(snum, "copy", name);
5085 const char *lp_printername(TALLOC_CTX *ctx, int snum)
5087 const char *ret = lp__printername(ctx, snum);
5088 if (ret == NULL || *ret == '\0') {
5089 ret = lp_const_servicename(snum);
5096 /***********************************************************
5097 Allow daemons such as winbindd to fix their logfile name.
5098 ************************************************************/
5100 void lp_set_logfile(const char *name)
5102 string_set(&Globals.logfile, name);
5103 debug_set_logfile(name);
5106 /*******************************************************************
5107 Return the max print jobs per queue.
5108 ********************************************************************/
5110 int lp_maxprintjobs(int snum)
5112 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
5113 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
5114 maxjobs = PRINT_MAX_JOBID - 1;
5119 const char *lp_printcapname(void)
5121 if ((Globals.szPrintcapname != NULL) &&
5122 (Globals.szPrintcapname[0] != '\0'))
5123 return Globals.szPrintcapname;
5125 if (sDefault.printing == PRINT_CUPS) {
5129 if (sDefault.printing == PRINT_BSD)
5130 return "/etc/printcap";
5132 return PRINTCAP_NAME;
5135 static uint32 spoolss_state;
5137 bool lp_disable_spoolss( void )
5139 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
5140 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
5142 return spoolss_state == SVCCTL_STOPPED ? true : false;
5145 void lp_set_spoolss_state( uint32 state )
5147 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
5149 spoolss_state = state;
5152 uint32 lp_get_spoolss_state( void )
5154 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
5157 /*******************************************************************
5158 Ensure we don't use sendfile if server smb signing is active.
5159 ********************************************************************/
5161 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
5163 bool sign_active = false;
5165 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
5166 if (get_Protocol() < PROTOCOL_NT1) {
5169 if (signing_state) {
5170 sign_active = smb_signing_is_active(signing_state);
5172 return (lp__use_sendfile(snum) &&
5173 (get_remote_arch() != RA_WIN95) &&
5177 /*******************************************************************
5178 Turn off sendfile if we find the underlying OS doesn't support it.
5179 ********************************************************************/
5181 void set_use_sendfile(int snum, bool val)
5183 if (LP_SNUM_OK(snum))
5184 ServicePtrs[snum]->_use_sendfile = val;
5186 sDefault._use_sendfile = val;
5189 /*******************************************************************
5190 Turn off storing DOS attributes if this share doesn't support it.
5191 ********************************************************************/
5193 void set_store_dos_attributes(int snum, bool val)
5195 if (!LP_SNUM_OK(snum))
5197 ServicePtrs[(snum)]->store_dos_attributes = val;
5200 void lp_set_mangling_method(const char *new_method)
5202 string_set(&Globals.mangling_method, new_method);
5205 /*******************************************************************
5206 Global state for POSIX pathname processing.
5207 ********************************************************************/
5209 static bool posix_pathnames;
5211 bool lp_posix_pathnames(void)
5213 return posix_pathnames;
5216 /*******************************************************************
5217 Change everything needed to ensure POSIX pathname processing (currently
5219 ********************************************************************/
5221 void lp_set_posix_pathnames(void)
5223 posix_pathnames = true;
5226 /*******************************************************************
5227 Global state for POSIX lock processing - CIFS unix extensions.
5228 ********************************************************************/
5230 bool posix_default_lock_was_set;
5231 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
5233 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
5235 if (posix_default_lock_was_set) {
5236 return posix_cifsx_locktype;
5238 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
5242 /*******************************************************************
5243 ********************************************************************/
5245 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
5247 posix_default_lock_was_set = true;
5248 posix_cifsx_locktype = val;
5251 int lp_min_receive_file_size(void)
5253 if (Globals.iminreceivefile < 0) {
5256 return MIN(Globals.iminreceivefile, BUFFER_SIZE);
5259 /*******************************************************************
5260 Safe wide links checks.
5261 This helper function always verify the validity of wide links,
5262 even after a configuration file reload.
5263 ********************************************************************/
5265 static bool lp_widelinks_internal(int snum)
5267 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
5268 sDefault.bWidelinks);
5271 void widelinks_warning(int snum)
5273 if (lp_allow_insecure_wide_links()) {
5277 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
5278 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
5279 "These parameters are incompatible. "
5280 "Wide links will be disabled for this share.\n",
5281 lp_servicename(talloc_tos(), snum) ));
5285 bool lp_widelinks(int snum)
5287 /* wide links is always incompatible with unix extensions */
5288 if (lp_unix_extensions()) {
5290 * Unless we have "allow insecure widelinks"
5293 if (!lp_allow_insecure_wide_links()) {
5298 return lp_widelinks_internal(snum);
5301 int lp_server_role(void)
5303 return lp_find_server_role(lp__server_role(),
5305 lp__domain_logons(),
5306 lp_domain_master_true_or_auto());
5309 int lp_security(void)
5311 return lp_find_security(lp__server_role(),
git.samba.org / kai / samba-autobuild / .git / blob