2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
72 #include "librpc/gen_ndr/nbt.h"
74 #ifdef HAVE_SYS_SYSCTL_H
75 #include <sys/sysctl.h>
78 #ifdef HAVE_HTTPCONNECTENCRYPT
79 #include <cups/http.h>
84 extern userdom_struct current_user_info;
86 /* the special value for the include parameter
87 * to be interpreted not as a file name but to
88 * trigger loading of the global smb.conf options
90 #ifndef INCLUDE_REGISTRY_NAME
91 #define INCLUDE_REGISTRY_NAME "registry"
94 static bool in_client = false; /* Not in the client by default */
95 static struct smbconf_csn conf_last_csn;
97 static int config_backend = CONFIG_BACKEND_FILE;
99 /* some helpful bits */
100 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
101 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
103 #define USERSHARE_VALID 1
104 #define USERSHARE_PENDING_DELETE 2
106 static bool defaults_saved = false;
108 #include "lib/param/param_global.h"
110 static struct loadparm_global Globals;
112 /* This is a default service used to prime a services structure */
113 static struct loadparm_service sDefault =
118 .usershare_last_mod = {0, 0},
122 .invalid_users = NULL,
129 .root_preexec = NULL,
130 .root_postexec = NULL,
131 .cups_options = NULL,
132 .print_command = NULL,
134 .lprm_command = NULL,
135 .lppause_command = NULL,
136 .lpresume_command = NULL,
137 .queuepause_command = NULL,
138 .queueresume_command = NULL,
139 ._printername = NULL,
140 .printjob_username = NULL,
141 .dont_descend = NULL,
144 .magic_script = NULL,
145 .magic_output = NULL,
148 .veto_oplock_files = NULL,
158 .aio_write_behind = NULL,
159 .dfree_command = NULL,
160 .min_print_space = 0,
161 .iMaxPrintJobs = 1000,
162 .max_reported_print_jobs = 0,
163 .write_cache_size = 0,
165 .force_create_mode = 0,
166 .directory_mask = 0755,
167 .force_directory_mode = 0,
168 .max_connections = 0,
169 .default_case = CASE_LOWER,
170 .printing = DEFAULT_PRINTING,
171 .oplock_contention_limit = 2,
174 .dfree_cache_time = 0,
175 .preexec_close = false,
176 .root_preexec_close = false,
177 .case_sensitive = Auto,
178 .preserve_case = true,
179 .short_preserve_case = true,
180 .hide_dot_files = true,
181 .hide_special_files = false,
182 .hide_unreadable = false,
183 .hide_unwriteable_files = false,
185 .access_based_share_enum = false,
189 .administrative_share = false,
192 .print_notify_backchannel = false,
196 .store_dos_attributes = false,
197 .dmapi_support = false,
199 .strict_locking = Auto,
200 .posix_locking = true,
202 .kernel_oplocks = false,
203 .level2_oplocks = true,
205 .mangled_names = true,
207 .follow_symlinks = true,
208 .sync_always = false,
209 .strict_allocate = false,
210 .strict_rename = false,
211 .strict_sync = false,
212 .mangling_char = '~',
214 .delete_readonly = false,
215 .fake_oplocks = false,
216 .delete_veto_files = false,
217 .dos_filemode = false,
218 .dos_filetimes = true,
219 .dos_filetime_resolution = false,
220 .fake_directory_create_times = false,
221 .blocking_locks = true,
222 .inherit_permissions = false,
223 .inherit_acls = false,
224 .inherit_owner = false,
226 .msdfs_shuffle_referrals = false,
227 .use_client_driver = false,
228 .default_devmode = true,
229 .force_printername = false,
230 .nt_acl_support = true,
231 .force_unknown_acl_user = false,
232 ._use_sendfile = false,
233 .profile_acls = false,
234 .map_acl_inherit = false,
237 .acl_check_permissions = true,
238 .acl_map_full_control = true,
239 .acl_group_control = false,
240 .acl_allow_execute_always = false,
241 .change_notify = true,
242 .kernel_change_notify = true,
243 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
246 .map_readonly = MAP_READONLY_YES,
247 .directory_name_cache_size = 100,
248 .smb_encrypt = SMB_SIGNING_DEFAULT,
249 .kernel_share_modes = true,
250 .durable_handles = true,
255 /* local variables */
256 static struct loadparm_service **ServicePtrs = NULL;
257 static int iNumServices = 0;
258 static int iServiceIndex = 0;
259 static struct db_context *ServiceHash;
260 static bool bInGlobalSection = true;
261 static bool bGlobalOnly = false;
262 static struct file_lists *file_lists = NULL;
263 static unsigned int *flags_list = NULL;
265 static void set_allowed_client_auth(void);
267 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
268 static void free_param_opts(struct parmlist_entry **popts);
270 /* this is used to prevent lots of mallocs of size 1 */
271 static const char null_string[] = "";
277 static void string_free(char **s)
281 if (*s == null_string)
287 Set a string value, deallocating any existing space, and allocing the space
291 static bool string_set(TALLOC_CTX *mem_ctx, char **dest,const char *src)
299 (*dest) = talloc_strdup(mem_ctx, src);
300 if ((*dest) == NULL) {
301 DEBUG(0,("Out of memory in string_init\n"));
309 * Function to return the default value for the maximum number of open
310 * file descriptors permitted. This function tries to consult the
311 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
312 * the smaller of those.
314 static int max_open_files(void)
316 int sysctl_max = MAX_OPEN_FILES;
317 int rlimit_max = MAX_OPEN_FILES;
319 #ifdef HAVE_SYSCTLBYNAME
321 size_t size = sizeof(sysctl_max);
322 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
327 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
333 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
334 rlimit_max = rl.rlim_cur;
336 #if defined(RLIM_INFINITY)
337 if(rl.rlim_cur == RLIM_INFINITY)
338 rlimit_max = MAX_OPEN_FILES;
343 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
344 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
345 "minimum Windows limit (%d)\n",
347 MIN_OPEN_FILES_WINDOWS));
348 sysctl_max = MIN_OPEN_FILES_WINDOWS;
351 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
352 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
353 "minimum Windows limit (%d)\n",
355 MIN_OPEN_FILES_WINDOWS));
356 rlimit_max = MIN_OPEN_FILES_WINDOWS;
359 return MIN(sysctl_max, rlimit_max);
363 * Common part of freeing allocated data for one parameter.
365 static void free_one_parameter_common(void *parm_ptr,
366 struct parm_struct parm)
368 if ((parm.type == P_STRING) ||
369 (parm.type == P_USTRING))
371 string_free((char**)parm_ptr);
372 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
373 TALLOC_FREE(*((char***)parm_ptr));
378 * Free the allocated data for one parameter for a share
379 * given as a service struct.
381 static void free_one_parameter(struct loadparm_service *service,
382 struct parm_struct parm)
386 if (parm.p_class != P_LOCAL) {
390 parm_ptr = lp_parm_ptr(service, &parm);
392 free_one_parameter_common(parm_ptr, parm);
396 * Free the allocated parameter data of a share given
397 * as a service struct.
399 static void free_parameters(struct loadparm_service *service)
403 for (i=0; parm_table[i].label; i++) {
404 free_one_parameter(service, parm_table[i]);
409 * Free the allocated data for one parameter for a given share
410 * specified by an snum.
412 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
417 parm_ptr = lp_parm_ptr(NULL, &parm);
418 } else if (parm.p_class != P_LOCAL) {
421 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
424 free_one_parameter_common(parm_ptr, parm);
428 * Free the allocated parameter data for a share specified
431 static void free_parameters_by_snum(int snum)
435 for (i=0; parm_table[i].label; i++) {
436 free_one_parameter_by_snum(snum, parm_table[i]);
441 * Free the allocated global parameters.
443 static void free_global_parameters(void)
445 free_param_opts(&Globals.param_opt);
446 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
447 TALLOC_FREE(Globals.ctx);
450 struct lp_stored_option {
451 struct lp_stored_option *prev, *next;
456 static struct lp_stored_option *stored_options;
459 save options set by lp_set_cmdline() into a list. This list is
460 re-applied when we do a globals reset, so that cmdline set options
461 are sticky across reloads of smb.conf
463 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
465 struct lp_stored_option *entry, *entry_next;
466 for (entry = stored_options; entry != NULL; entry = entry_next) {
467 entry_next = entry->next;
468 if (strcmp(pszParmName, entry->label) == 0) {
469 DLIST_REMOVE(stored_options, entry);
475 entry = talloc(NULL, struct lp_stored_option);
480 entry->label = talloc_strdup(entry, pszParmName);
486 entry->value = talloc_strdup(entry, pszParmValue);
492 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
497 static bool apply_lp_set_cmdline(void)
499 struct lp_stored_option *entry = NULL;
500 for (entry = stored_options; entry != NULL; entry = entry->next) {
501 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
502 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
503 entry->label, entry->value));
510 /***************************************************************************
511 Initialise the global parameter structure.
512 ***************************************************************************/
514 static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals)
516 static bool done_init = false;
520 /* If requested to initialize only once and we've already done it... */
521 if (!reinit_globals && done_init) {
522 /* ... then we have nothing more to do */
527 /* The logfile can be set before this is invoked. Free it if so. */
528 if (Globals.logfile != NULL) {
529 string_free(&Globals.logfile);
530 Globals.logfile = NULL;
534 free_global_parameters();
537 /* This memset and the free_global_parameters() above will
538 * wipe out smb.conf options set with lp_set_cmdline(). The
539 * apply_lp_set_cmdline() call puts these values back in the
540 * table once the defaults are set */
541 ZERO_STRUCT(Globals);
543 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
545 /* Initialize the flags list if necessary */
546 if (flags_list == NULL) {
550 for (i = 0; parm_table[i].label; i++) {
551 if ((parm_table[i].type == P_STRING ||
552 parm_table[i].type == P_USTRING))
554 string_set(Globals.ctx, (char **)lp_parm_ptr(NULL, &parm_table[i]), "");
559 string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
560 string_set(Globals.ctx, &sDefault.printjob_username, "%U");
562 init_printer_values(lp_ctx, Globals.ctx, &sDefault);
564 sDefault.ntvfs_handler = str_list_make_v3_const(NULL, "unixuid default", NULL);
566 DEBUG(3, ("Initialising global parameters\n"));
568 /* Must manually force to upper case here, as this does not go via the handler */
569 string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
571 string_set(Globals.ctx, &Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
572 string_set(Globals.ctx, &Globals.private_dir, get_dyn_PRIVATE_DIR());
574 /* use the new 'hash2' method by default, with a prefix of 1 */
575 string_set(Globals.ctx, &Globals.mangling_method, "hash2");
576 Globals.mangle_prefix = 1;
578 string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
580 /* using UTF8 by default allows us to support all chars */
581 string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
583 /* Use codepage 850 as a default for the dos character set */
584 string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
587 * Allow the default PASSWD_CHAT to be overridden in local.h.
589 string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
591 string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
593 string_set(Globals.ctx, &Globals.passwd_program, "");
594 string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
595 string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
596 string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
597 string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
598 string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
600 * By default support explicit binding to broadcast
603 Globals.nmbd_bind_explicit_broadcast = true;
605 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
607 smb_panic("init_globals: ENOMEM");
609 string_set(Globals.ctx, &Globals.server_string, s);
612 string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
615 string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
617 string_set(Globals.ctx, &Globals.logon_drive, "");
618 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
619 string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
620 string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
622 Globals.name_resolve_order = str_list_make_v3_const(NULL, "lmhosts wins host bcast", NULL);
623 string_set(Globals.ctx, &Globals.password_server, "*");
625 Globals.algorithmic_rid_base = BASE_RID;
627 Globals.load_printers = true;
628 Globals.printcap_cache_time = 750; /* 12.5 minutes */
630 Globals.config_backend = config_backend;
631 Globals._server_role = ROLE_AUTO;
633 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
634 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
635 Globals.max_xmit = 0x4104;
636 Globals.max_mux = 50; /* This is *needed* for profile support. */
637 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
638 Globals._disable_spoolss = false;
639 Globals.max_smbd_processes = 0;/* no limit specified */
640 Globals.username_level = 0;
641 Globals.deadtime = 0;
642 Globals.getwd_cache = true;
643 Globals.large_readwrite = true;
644 Globals.max_log_size = 5000;
645 Globals.max_open_files = max_open_files();
646 Globals.server_max_protocol = PROTOCOL_SMB3_00;
647 Globals.server_min_protocol = PROTOCOL_LANMAN1;
648 Globals._client_max_protocol = PROTOCOL_DEFAULT;
649 Globals.client_min_protocol = PROTOCOL_CORE;
650 Globals._security = SEC_AUTO;
651 Globals.encrypt_passwords = true;
652 Globals.client_schannel = Auto;
653 Globals.winbind_sealed_pipes = true;
654 Globals.require_strong_key = true;
655 Globals.server_schannel = Auto;
656 Globals.read_raw = true;
657 Globals.write_raw = true;
658 Globals.null_passwords = false;
659 Globals.old_password_allowed_period = 60;
660 Globals.obey_pam_restrictions = false;
662 Globals.syslog_only = false;
663 Globals.timestamp_logs = true;
664 string_set(Globals.ctx, &Globals.log_level, "0");
665 Globals.debug_prefix_timestamp = false;
666 Globals.debug_hires_timestamp = true;
667 Globals.debug_pid = false;
668 Globals.debug_uid = false;
669 Globals.debug_class = false;
670 Globals.enable_core_files = true;
671 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
672 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
673 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
674 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
675 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
676 Globals.lm_interval = 60;
677 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
678 Globals.nis_homedir = false;
679 #ifdef WITH_NISPLUS_HOME
680 string_set(Globals.ctx, &Globals.homedir_map, "auto_home.org_dir");
682 string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
685 Globals.time_server = false;
686 Globals.bind_interfaces_only = false;
687 Globals.unix_password_sync = false;
688 Globals.pam_password_change = false;
689 Globals.passwd_chat_debug = false;
690 Globals.passwd_chat_timeout = 2; /* 2 second default. */
691 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
692 Globals.nt_status_support = true; /* Use NT status by default. */
693 Globals.smbd_profiling_level = 0;
694 Globals.stat_cache = true; /* use stat cache by default */
695 Globals.max_stat_cache_size = 256; /* 256k by default */
696 Globals.restrict_anonymous = 0;
697 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
698 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
699 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
700 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
701 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
702 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
704 Globals.map_to_guest = 0; /* By Default, "Never" */
705 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
706 Globals.enhanced_browsing = true;
707 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
708 #ifdef MMAP_BLACKLIST
709 Globals.use_mmap = false;
711 Globals.use_mmap = true;
713 Globals.unicode = true;
714 Globals.unix_extensions = true;
715 Globals.reset_on_zero_vc = false;
716 Globals.log_writeable_files_on_exit = false;
717 Globals.create_krb5_conf = true;
718 Globals.winbindMaxDomainConnections = 1;
720 /* hostname lookups can be very expensive and are broken on
721 a large number of sites (tridge) */
722 Globals.hostname_lookups = false;
724 string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
725 string_set(Globals.ctx, &Globals.ldap_suffix, "");
726 string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
727 string_set(Globals.ctx, &Globals.szLdapUserSuffix, "");
728 string_set(Globals.ctx, &Globals.szLdapGroupSuffix, "");
729 string_set(Globals.ctx, &Globals.szLdapIdmapSuffix, "");
731 string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
732 Globals.ldap_ssl = LDAP_SSL_START_TLS;
733 Globals.ldap_ssl_ads = false;
734 Globals.ldap_deref = -1;
735 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
736 Globals.ldap_delete_dn = false;
737 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
738 Globals.ldap_follow_referral = Auto;
739 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
740 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
741 Globals.ldap_page_size = LDAP_PAGE_SIZE;
743 Globals.ldap_debug_level = 0;
744 Globals.ldap_debug_threshold = 10;
746 Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN;
748 /* This is what we tell the afs client. in reality we set the token
749 * to never expire, though, when this runs out the afs client will
750 * forget the token. Set to 0 to get NEVERDATE.*/
751 Globals.afs_token_lifetime = 604800;
752 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
754 /* these parameters are set to defaults that are more appropriate
755 for the increasing samba install base:
757 as a member of the workgroup, that will possibly become a
758 _local_ master browser (lm = true). this is opposed to a forced
759 local master browser startup (pm = true).
761 doesn't provide WINS server service by default (wsupp = false),
762 and doesn't provide domain master browser services by default, either.
766 Globals.show_add_printer_wizard = true;
767 Globals.os_level = 20;
768 Globals.local_master = true;
769 Globals._domain_master = Auto; /* depending on _domain_logons */
770 Globals._domain_logons = false;
771 Globals.browse_list = true;
772 Globals.we_are_a_wins_server = false;
773 Globals.wins_proxy = false;
775 TALLOC_FREE(Globals.init_logon_delayed_hosts);
776 Globals.init_logon_delay = 100; /* 100 ms default delay */
778 Globals.wins_dns_proxy = true;
780 Globals.allow_trusted_domains = true;
781 string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
783 string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
784 string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
785 string_set(Globals.ctx, &Globals.winbind_separator, "\\");
786 string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
788 string_set(Globals.ctx, &Globals.cups_server, "");
789 string_set(Globals.ctx, &Globals.iprint_server, "");
791 string_set(Globals.ctx, &Globals._ctdbd_socket, "");
793 Globals.cluster_addresses = NULL;
794 Globals.clustering = false;
795 Globals.ctdb_timeout = 0;
796 Globals.ctdb_locktime_warn_threshold = 0;
798 Globals.winbind_cache_time = 300; /* 5 minutes */
799 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
800 Globals.winbind_request_timeout = 60; /* 60 seconds */
801 Globals.winbind_max_clients = 200;
802 Globals.winbind_enum_users = false;
803 Globals.winbind_enum_groups = false;
804 Globals.winbind_use_default_domain = false;
805 Globals.winbind_trusted_domains_only = false;
806 Globals.winbind_nested_groups = true;
807 Globals.winbind_expand_groups = 0;
808 Globals.winbind_nss_info = str_list_make_v3_const(NULL, "template", NULL);
809 Globals.winbind_refresh_tickets = false;
810 Globals.winbind_offline_logon = false;
812 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
813 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
815 Globals.passdb_expand_explicit = false;
817 Globals.name_cache_timeout = 660; /* In seconds */
819 Globals.use_spnego = true;
820 Globals.client_use_spnego = true;
822 Globals.client_signing = SMB_SIGNING_DEFAULT;
823 Globals.server_signing = SMB_SIGNING_DEFAULT;
825 Globals.defer_sharing_violations = true;
826 Globals.smb_ports = str_list_make_v3_const(NULL, SMB_PORTS, NULL);
828 Globals.enable_privileges = true;
829 Globals.host_msdfs = true;
830 Globals.enable_asu_support = false;
832 /* User defined shares. */
833 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
835 smb_panic("init_globals: ENOMEM");
837 string_set(Globals.ctx, &Globals.usershare_path, s);
839 string_set(Globals.ctx, &Globals.usershare_template_share, "");
840 Globals.usershare_max_shares = 0;
841 /* By default disallow sharing of directories not owned by the sharer. */
842 Globals.usershare_owner_only = true;
843 /* By default disallow guest access to usershares. */
844 Globals.usershare_allow_guests = false;
846 Globals.keepalive = DEFAULT_KEEPALIVE;
848 /* By default no shares out of the registry */
849 Globals.registry_shares = false;
851 Globals.iminreceivefile = 0;
853 Globals.map_untrusted_to_domain = false;
854 Globals.multicast_dns_register = true;
856 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
857 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
858 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
859 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
860 Globals.smb2_leases = false;
862 string_set(Globals.ctx, &Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
864 Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
866 Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
868 Globals.tls_enabled = true;
870 string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
871 string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
872 string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
874 string_set(Globals.ctx, &Globals.share_backend, "classic");
876 Globals.iPreferredMaster = Auto;
878 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
880 string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
882 string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
884 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
886 smb_panic("init_globals: ENOMEM");
888 Globals.samba_kcc_command = str_list_make_v3_const(NULL, s, NULL);
891 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
893 smb_panic("init_globals: ENOMEM");
895 Globals.dns_update_command = str_list_make_v3_const(NULL, s, NULL);
898 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
900 smb_panic("init_globals: ENOMEM");
902 Globals.spn_update_command = str_list_make_v3_const(NULL, s, NULL);
905 Globals.nsupdate_command = str_list_make_v3_const(NULL, "/usr/bin/nsupdate -g", NULL);
907 Globals.rndc_command = str_list_make_v3_const(NULL, "/usr/sbin/rndc", NULL);
909 Globals.cldap_port = 389;
911 Globals.dgram_port = NBT_DGRAM_SERVICE_PORT;
913 Globals.nbt_port = NBT_NAME_SERVICE_PORT;
915 Globals.krb5_port = 88;
917 Globals.kpasswd_port = 464;
919 Globals.web_port = 901;
921 /* Now put back the settings that were set with lp_set_cmdline() */
922 apply_lp_set_cmdline();
925 /* Convenience routine to setup an lp_context with additional s3 variables */
926 static struct loadparm_context *setup_lp_context(TALLOC_CTX *mem_ctx)
928 struct loadparm_context *lp_ctx;
930 lp_ctx = loadparm_init_s3(mem_ctx,
931 loadparm_s3_helpers());
932 if (lp_ctx == NULL) {
933 DEBUG(0, ("loadparm_init_s3 failed\n"));
937 lp_ctx->sDefault = &sDefault;
938 lp_ctx->services = NULL; /* We do not want to access this directly */
939 lp_ctx->bInGlobalSection = bInGlobalSection;
940 lp_ctx->flags = flags_list;
945 /*******************************************************************
946 Convenience routine to grab string parameters into talloced memory
947 and run standard_sub_basic on them. The buffers can be written to by
948 callers without affecting the source string.
949 ********************************************************************/
951 char *lp_string(TALLOC_CTX *ctx, const char *s)
955 /* The follow debug is useful for tracking down memory problems
956 especially if you have an inner loop that is calling a lp_*()
957 function that returns a string. Perhaps this debug should be
958 present all the time? */
961 DEBUG(10, ("lp_string(%s)\n", s));
967 ret = talloc_sub_basic(ctx,
968 get_current_username(),
969 current_user_info.domain,
971 if (trim_char(ret, '\"', '\"')) {
972 if (strchr(ret,'\"') != NULL) {
974 ret = talloc_sub_basic(ctx,
975 get_current_username(),
976 current_user_info.domain,
984 In this section all the functions that are used to access the
985 parameters from the rest of the program are defined
988 #define FN_GLOBAL_STRING(fn_name,ptr) \
989 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
990 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
991 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
992 #define FN_GLOBAL_LIST(fn_name,ptr) \
993 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
994 #define FN_GLOBAL_BOOL(fn_name,ptr) \
995 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
996 #define FN_GLOBAL_CHAR(fn_name,ptr) \
997 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
998 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
999 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1001 #define FN_LOCAL_STRING(fn_name,val) \
1002 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1003 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1004 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1005 #define FN_LOCAL_LIST(fn_name,val) \
1006 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1007 #define FN_LOCAL_BOOL(fn_name,val) \
1008 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1009 #define FN_LOCAL_INTEGER(fn_name,val) \
1010 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1012 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1013 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1014 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1015 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1016 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1017 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1019 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1020 winbindMaxDomainConnections)
1022 int lp_winbind_max_domain_connections(void)
1024 if (lp_winbind_offline_logon() &&
1025 lp_winbind_max_domain_connections_int() > 1) {
1026 DEBUG(1, ("offline logons active, restricting max domain "
1027 "connections to 1\n"));
1030 return MAX(1, lp_winbind_max_domain_connections_int());
1033 int lp_smb2_max_credits(void)
1035 if (Globals.ismb2_max_credits == 0) {
1036 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1038 return Globals.ismb2_max_credits;
1040 int lp_cups_encrypt(void)
1043 #ifdef HAVE_HTTPCONNECTENCRYPT
1044 switch (Globals.CupsEncrypt) {
1046 result = HTTP_ENCRYPT_REQUIRED;
1049 result = HTTP_ENCRYPT_ALWAYS;
1052 result = HTTP_ENCRYPT_NEVER;
1059 /* These functions remain in source3/param for now */
1061 #include "lib/param/param_functions.c"
1063 FN_LOCAL_STRING(servicename, szService)
1064 FN_LOCAL_CONST_STRING(const_servicename, szService)
1066 /* These functions cannot be auto-generated */
1067 FN_LOCAL_BOOL(autoloaded, autoloaded)
1068 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1070 /* local prototypes */
1072 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1073 static const char *get_boolean(bool bool_value);
1074 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1076 static bool hash_a_service(const char *name, int number);
1077 static void free_service_byindex(int iService);
1078 static void show_parameter(int parmIndex);
1079 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1082 * This is a helper function for parametrical options support. It returns a
1083 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1084 * parametrical functions are quite simple
1086 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1089 if (snum >= iNumServices) return NULL;
1092 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1094 return get_parametric_helper(ServicePtrs[snum],
1095 type, option, Globals.param_opt);
1100 #define MISSING_PARAMETER(name) \
1101 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1103 /*******************************************************************
1104 convenience routine to return enum parameters.
1105 ********************************************************************/
1106 static int lp_enum(const char *s,const struct enum_list *_enum)
1110 if (!s || !*s || !_enum) {
1111 MISSING_PARAMETER(lp_enum);
1115 for (i=0; _enum[i].name; i++) {
1116 if (strequal(_enum[i].name,s))
1117 return _enum[i].value;
1120 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1124 #undef MISSING_PARAMETER
1126 /* Return parametric option from a given service. Type is a part of option before ':' */
1127 /* Parametric option has following syntax: 'Type: option = value' */
1128 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1130 struct parmlist_entry *data = get_parametrics(snum, type, option);
1132 if (data == NULL||data->value==NULL) {
1134 return lp_string(ctx, def);
1140 return lp_string(ctx, data->value);
1143 /* Return parametric option from a given service. Type is a part of option before ':' */
1144 /* Parametric option has following syntax: 'Type: option = value' */
1145 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1147 struct parmlist_entry *data = get_parametrics(snum, type, option);
1149 if (data == NULL||data->value==NULL)
1156 /* Return parametric option from a given service. Type is a part of option before ':' */
1157 /* Parametric option has following syntax: 'Type: option = value' */
1159 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1161 struct parmlist_entry *data = get_parametrics(snum, type, option);
1163 if (data == NULL||data->value==NULL)
1164 return (const char **)def;
1166 if (data->list==NULL) {
1167 data->list = str_list_make_v3(NULL, data->value, NULL);
1170 return discard_const_p(const char *, data->list);
1173 /* Return parametric option from a given service. Type is a part of option before ':' */
1174 /* Parametric option has following syntax: 'Type: option = value' */
1176 int lp_parm_int(int snum, const char *type, const char *option, int def)
1178 struct parmlist_entry *data = get_parametrics(snum, type, option);
1180 if (data && data->value && *data->value)
1181 return lp_int(data->value);
1186 /* Return parametric option from a given service. Type is a part of option before ':' */
1187 /* Parametric option has following syntax: 'Type: option = value' */
1189 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1191 struct parmlist_entry *data = get_parametrics(snum, type, option);
1193 if (data && data->value && *data->value)
1194 return lp_ulong(data->value);
1199 /* Return parametric option from a given service. Type is a part of option before ':' */
1200 /* Parametric option has following syntax: 'Type: option = value' */
1202 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1204 struct parmlist_entry *data = get_parametrics(snum, type, option);
1206 if (data && data->value && *data->value)
1207 return lp_bool(data->value);
1212 /* Return parametric option from a given service. Type is a part of option before ':' */
1213 /* Parametric option has following syntax: 'Type: option = value' */
1215 int lp_parm_enum(int snum, const char *type, const char *option,
1216 const struct enum_list *_enum, int def)
1218 struct parmlist_entry *data = get_parametrics(snum, type, option);
1220 if (data && data->value && *data->value && _enum)
1221 return lp_enum(data->value, _enum);
1227 * free a param_opts structure.
1228 * param_opts handling should be moved to talloc;
1229 * then this whole functions reduces to a TALLOC_FREE().
1232 static void free_param_opts(struct parmlist_entry **popts)
1234 struct parmlist_entry *opt, *next_opt;
1236 if (*popts != NULL) {
1237 DEBUG(5, ("Freeing parametrics:\n"));
1240 while (opt != NULL) {
1241 string_free(&opt->key);
1242 string_free(&opt->value);
1243 TALLOC_FREE(opt->list);
1244 next_opt = opt->next;
1251 /***************************************************************************
1252 Free the dynamically allocated parts of a service struct.
1253 ***************************************************************************/
1255 static void free_service(struct loadparm_service *pservice)
1260 if (pservice->szService)
1261 DEBUG(5, ("free_service: Freeing service %s\n",
1262 pservice->szService));
1264 free_parameters(pservice);
1266 string_free(&pservice->szService);
1267 TALLOC_FREE(pservice->copymap);
1269 free_param_opts(&pservice->param_opt);
1271 ZERO_STRUCTP(pservice);
1275 /***************************************************************************
1276 remove a service indexed in the ServicePtrs array from the ServiceHash
1277 and free the dynamically allocated parts
1278 ***************************************************************************/
1280 static void free_service_byindex(int idx)
1282 if ( !LP_SNUM_OK(idx) )
1285 ServicePtrs[idx]->valid = false;
1287 /* we have to cleanup the hash record */
1289 if (ServicePtrs[idx]->szService) {
1290 char *canon_name = canonicalize_servicename(
1292 ServicePtrs[idx]->szService );
1294 dbwrap_delete_bystring(ServiceHash, canon_name );
1295 TALLOC_FREE(canon_name);
1298 free_service(ServicePtrs[idx]);
1299 talloc_free_children(ServicePtrs[idx]);
1302 /***************************************************************************
1303 Add a new service to the services array initialising it with the given
1305 ***************************************************************************/
1307 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1310 int num_to_alloc = iNumServices + 1;
1311 struct loadparm_service **tsp = NULL;
1313 /* it might already exist */
1315 i = getservicebyname(name, NULL);
1321 /* if not, then create one */
1323 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1325 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1329 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1330 if (!ServicePtrs[iNumServices]) {
1331 DEBUG(0,("add_a_service: out of memory!\n"));
1336 ServicePtrs[i]->valid = true;
1338 copy_service(ServicePtrs[i], pservice, NULL);
1340 string_set(ServicePtrs[i], &ServicePtrs[i]->szService, name);
1342 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1343 i, ServicePtrs[i]->szService));
1345 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1352 /***************************************************************************
1353 Convert a string to uppercase and remove whitespaces.
1354 ***************************************************************************/
1356 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1361 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1365 result = talloc_strdup(ctx, src);
1366 SMB_ASSERT(result != NULL);
1368 if (!strlower_m(result)) {
1369 TALLOC_FREE(result);
1375 /***************************************************************************
1376 Add a name/index pair for the services array to the hash table.
1377 ***************************************************************************/
1379 static bool hash_a_service(const char *name, int idx)
1383 if ( !ServiceHash ) {
1384 DEBUG(10,("hash_a_service: creating servicehash\n"));
1385 ServiceHash = db_open_rbt(NULL);
1386 if ( !ServiceHash ) {
1387 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1392 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1395 canon_name = canonicalize_servicename(talloc_tos(), name );
1397 dbwrap_store_bystring(ServiceHash, canon_name,
1398 make_tdb_data((uint8_t *)&idx, sizeof(idx)),
1401 TALLOC_FREE(canon_name);
1406 /***************************************************************************
1407 Add a new home service, with the specified home directory, defaults coming
1409 ***************************************************************************/
1411 bool lp_add_home(const char *pszHomename, int iDefaultService,
1412 const char *user, const char *pszHomedir)
1416 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1417 pszHomedir[0] == '\0') {
1421 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1426 if (!(*(ServicePtrs[iDefaultService]->path))
1427 || strequal(ServicePtrs[iDefaultService]->path,
1428 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1429 string_set(ServicePtrs[i], &ServicePtrs[i]->path, pszHomedir);
1432 if (!(*(ServicePtrs[i]->comment))) {
1433 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1434 if (comment == NULL) {
1437 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1438 TALLOC_FREE(comment);
1441 /* set the browseable flag from the global default */
1443 ServicePtrs[i]->browseable = sDefault.browseable;
1444 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1446 ServicePtrs[i]->autoloaded = true;
1448 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1449 user, ServicePtrs[i]->path ));
1454 /***************************************************************************
1455 Add a new service, based on an old one.
1456 ***************************************************************************/
1458 int lp_add_service(const char *pszService, int iDefaultService)
1460 if (iDefaultService < 0) {
1461 return add_a_service(&sDefault, pszService);
1464 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1467 /***************************************************************************
1468 Add the IPC service.
1469 ***************************************************************************/
1471 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1473 char *comment = NULL;
1474 int i = add_a_service(&sDefault, ipc_name);
1479 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1480 Globals.server_string);
1481 if (comment == NULL) {
1485 string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1486 string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1487 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1488 string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1489 ServicePtrs[i]->max_connections = 0;
1490 ServicePtrs[i]->bAvailable = true;
1491 ServicePtrs[i]->read_only = true;
1492 ServicePtrs[i]->guest_only = false;
1493 ServicePtrs[i]->administrative_share = true;
1494 ServicePtrs[i]->guest_ok = guest_ok;
1495 ServicePtrs[i]->printable = false;
1496 ServicePtrs[i]->browseable = sDefault.browseable;
1498 DEBUG(3, ("adding IPC service\n"));
1500 TALLOC_FREE(comment);
1504 /***************************************************************************
1505 Add a new printer service, with defaults coming from service iFrom.
1506 ***************************************************************************/
1508 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1510 const char *comment = "From Printcap";
1511 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1516 /* note that we do NOT default the availability flag to true - */
1517 /* we take it from the default service passed. This allows all */
1518 /* dynamic printers to be disabled by disabling the [printers] */
1519 /* entry (if/when the 'available' keyword is implemented!). */
1521 /* the printer name is set to the service name. */
1522 string_set(ServicePtrs[i], &ServicePtrs[i]->_printername, pszPrintername);
1523 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1525 /* set the browseable flag from the gloabl default */
1526 ServicePtrs[i]->browseable = sDefault.browseable;
1528 /* Printers cannot be read_only. */
1529 ServicePtrs[i]->read_only = false;
1530 /* No oplocks on printer services. */
1531 ServicePtrs[i]->oplocks = false;
1532 /* Printer services must be printable. */
1533 ServicePtrs[i]->printable = true;
1535 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1541 /***************************************************************************
1542 Check whether the given parameter name is valid.
1543 Parametric options (names containing a colon) are considered valid.
1544 ***************************************************************************/
1546 bool lp_parameter_is_valid(const char *pszParmName)
1548 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1549 (strchr(pszParmName, ':') != NULL));
1552 /***************************************************************************
1553 Check whether the given name is the name of a global parameter.
1554 Returns true for strings belonging to parameters of class
1555 P_GLOBAL, false for all other strings, also for parametric options
1556 and strings not belonging to any option.
1557 ***************************************************************************/
1559 bool lp_parameter_is_global(const char *pszParmName)
1561 int num = lpcfg_map_parameter(pszParmName);
1564 return (parm_table[num].p_class == P_GLOBAL);
1570 /**************************************************************************
1571 Determine the canonical name for a parameter.
1572 Indicate when it is an inverse (boolean) synonym instead of a
1574 **************************************************************************/
1576 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1581 if (!lp_parameter_is_valid(parm_name)) {
1586 num = map_parameter_canonical(parm_name, inverse);
1588 /* parametric option */
1589 *canon_parm = parm_name;
1591 *canon_parm = parm_table[num].label;
1598 /**************************************************************************
1599 Determine the canonical name for a parameter.
1600 Turn the value given into the inverse boolean expression when
1601 the synonym is an invers boolean synonym.
1603 Return true if parm_name is a valid parameter name and
1604 in case it is an invers boolean synonym, if the val string could
1605 successfully be converted to the reverse bool.
1606 Return false in all other cases.
1607 **************************************************************************/
1609 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1611 const char **canon_parm,
1612 const char **canon_val)
1617 if (!lp_parameter_is_valid(parm_name)) {
1623 num = map_parameter_canonical(parm_name, &inverse);
1625 /* parametric option */
1626 *canon_parm = parm_name;
1629 *canon_parm = parm_table[num].label;
1631 if (!lp_invert_boolean(val, canon_val)) {
1643 /***************************************************************************
1644 Map a parameter's string representation to the index of the canonical
1645 form of the parameter (it might be a synonym).
1646 Returns -1 if the parameter string is not recognised.
1647 ***************************************************************************/
1649 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1651 int parm_num, canon_num;
1652 bool loc_inverse = false;
1654 parm_num = lpcfg_map_parameter(pszParmName);
1655 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_SYNONYM)) {
1656 /* invalid, parametric or no canidate for synonyms ... */
1660 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1661 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1662 parm_num = canon_num;
1668 if (inverse != NULL) {
1669 *inverse = loc_inverse;
1674 /***************************************************************************
1675 return true if parameter number parm1 is a synonym of parameter
1676 number parm2 (parm2 being the principal name).
1677 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1679 ***************************************************************************/
1681 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1683 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1684 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1685 (parm_table[parm1].flags & FLAG_SYNONYM) &&
1686 !(parm_table[parm2].flags & FLAG_SYNONYM))
1688 if (inverse != NULL) {
1689 if ((parm_table[parm1].type == P_BOOLREV) &&
1690 (parm_table[parm2].type == P_BOOL))
1702 /***************************************************************************
1703 Show one parameter's name, type, [values,] and flags.
1704 (helper functions for show_parameter_list)
1705 ***************************************************************************/
1707 static void show_parameter(int parmIndex)
1709 int enumIndex, flagIndex;
1714 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1715 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1717 unsigned flags[] = { FLAG_DEPRECATED, FLAG_SYNONYM };
1718 const char *flag_names[] = { "FLAG_DEPRECATED", "FLAG_SYNONYM", NULL};
1720 printf("%s=%s", parm_table[parmIndex].label,
1721 type[parm_table[parmIndex].type]);
1722 if (parm_table[parmIndex].type == P_ENUM) {
1725 parm_table[parmIndex].enum_list[enumIndex].name;
1729 enumIndex ? "|" : "",
1730 parm_table[parmIndex].enum_list[enumIndex].name);
1735 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1736 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1739 flag_names[flagIndex]);
1744 /* output synonyms */
1746 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1747 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1748 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1749 parm_table[parmIndex2].label);
1750 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1752 printf(" (synonyms: ");
1757 printf("%s%s", parm_table[parmIndex2].label,
1758 inverse ? "[i]" : "");
1768 /***************************************************************************
1769 Show all parameter's name, type, [values,] and flags.
1770 ***************************************************************************/
1772 void show_parameter_list(void)
1774 int classIndex, parmIndex;
1775 const char *section_names[] = { "local", "global", NULL};
1777 for (classIndex=0; section_names[classIndex]; classIndex++) {
1778 printf("[%s]\n", section_names[classIndex]);
1779 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1780 if (parm_table[parmIndex].p_class == classIndex) {
1781 show_parameter(parmIndex);
1787 /***************************************************************************
1788 Get the standard string representation of a boolean value ("yes" or "no")
1789 ***************************************************************************/
1791 static const char *get_boolean(bool bool_value)
1793 static const char *yes_str = "yes";
1794 static const char *no_str = "no";
1796 return (bool_value ? yes_str : no_str);
1799 /***************************************************************************
1800 Provide the string of the negated boolean value associated to the boolean
1801 given as a string. Returns false if the passed string does not correctly
1802 represent a boolean.
1803 ***************************************************************************/
1805 bool lp_invert_boolean(const char *str, const char **inverse_str)
1809 if (!set_boolean(str, &val)) {
1813 *inverse_str = get_boolean(!val);
1817 /***************************************************************************
1818 Provide the canonical string representation of a boolean value given
1819 as a string. Return true on success, false if the string given does
1820 not correctly represent a boolean.
1821 ***************************************************************************/
1823 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1827 if (!set_boolean(str, &val)) {
1831 *canon_str = get_boolean(val);
1835 /***************************************************************************
1836 Find a service by name. Otherwise works like get_service.
1837 ***************************************************************************/
1839 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1846 if (ServiceHash == NULL) {
1850 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1852 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1855 if (NT_STATUS_IS_OK(status) &&
1856 (data.dptr != NULL) &&
1857 (data.dsize == sizeof(iService)))
1859 iService = *(int *)data.dptr;
1862 TALLOC_FREE(canon_name);
1864 if ((iService != -1) && (LP_SNUM_OK(iService))
1865 && (pserviceDest != NULL)) {
1866 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1872 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1873 struct loadparm_service *lp_service(const char *pszServiceName)
1875 int iService = getservicebyname(pszServiceName, NULL);
1876 if (iService == -1 || !LP_SNUM_OK(iService)) {
1879 return ServicePtrs[iService];
1882 struct loadparm_service *lp_servicebynum(int snum)
1884 if ((snum == -1) || !LP_SNUM_OK(snum)) {
1887 return ServicePtrs[snum];
1890 struct loadparm_service *lp_default_loadparm_service()
1895 static struct smbconf_ctx *lp_smbconf_ctx(void)
1898 static struct smbconf_ctx *conf_ctx = NULL;
1900 if (conf_ctx == NULL) {
1901 err = smbconf_init(NULL, &conf_ctx, "registry:");
1902 if (!SBC_ERROR_IS_OK(err)) {
1903 DEBUG(1, ("error initializing registry configuration: "
1904 "%s\n", sbcErrorString(err)));
1912 static bool process_smbconf_service(struct smbconf_service *service)
1917 if (service == NULL) {
1921 ret = lp_do_section(service->name, NULL);
1925 for (count = 0; count < service->num_params; count++) {
1927 if (!bInGlobalSection && bGlobalOnly) {
1930 const char *pszParmName = service->param_names[count];
1931 const char *pszParmValue = service->param_values[count];
1933 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
1935 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
1936 pszParmName, pszParmValue);
1943 if (iServiceIndex >= 0) {
1944 return lpcfg_service_ok(ServicePtrs[iServiceIndex]);
1950 * load a service from registry and activate it
1952 bool process_registry_service(const char *service_name)
1955 struct smbconf_service *service = NULL;
1956 TALLOC_CTX *mem_ctx = talloc_stackframe();
1957 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
1960 if (conf_ctx == NULL) {
1964 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
1966 if (!smbconf_share_exists(conf_ctx, service_name)) {
1968 * Registry does not contain data for this service (yet),
1969 * but make sure lp_load doesn't return false.
1975 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
1976 if (!SBC_ERROR_IS_OK(err)) {
1980 ret = process_smbconf_service(service);
1986 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
1989 TALLOC_FREE(mem_ctx);
1994 * process_registry_globals
1996 static bool process_registry_globals(void)
2000 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2002 if (!bInGlobalSection && bGlobalOnly) {
2005 const char *pszParmName = "registry shares";
2006 const char *pszParmValue = "yes";
2008 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2010 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2011 pszParmName, pszParmValue);
2018 return process_registry_service(GLOBAL_NAME);
2021 bool process_registry_shares(void)
2025 struct smbconf_service **service = NULL;
2026 uint32_t num_shares = 0;
2027 TALLOC_CTX *mem_ctx = talloc_stackframe();
2028 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2031 if (conf_ctx == NULL) {
2035 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2036 if (!SBC_ERROR_IS_OK(err)) {
2042 for (count = 0; count < num_shares; count++) {
2043 if (strequal(service[count]->name, GLOBAL_NAME)) {
2046 ret = process_smbconf_service(service[count]);
2053 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2056 TALLOC_FREE(mem_ctx);
2061 * reload those shares from registry that are already
2062 * activated in the services array.
2064 static bool reload_registry_shares(void)
2069 for (i = 0; i < iNumServices; i++) {
2074 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2078 ret = process_registry_service(ServicePtrs[i]->szService);
2089 #define MAX_INCLUDE_DEPTH 100
2091 static uint8_t include_depth;
2094 * Free the file lists
2096 static void free_file_list(void)
2098 struct file_lists *f;
2099 struct file_lists *next;
2112 * Utility function for outsiders to check if we're running on registry.
2114 bool lp_config_backend_is_registry(void)
2116 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2120 * Utility function to check if the config backend is FILE.
2122 bool lp_config_backend_is_file(void)
2124 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2127 /*******************************************************************
2128 Check if a config file has changed date.
2129 ********************************************************************/
2131 bool lp_file_list_changed(void)
2133 struct file_lists *f = file_lists;
2135 DEBUG(6, ("lp_file_list_changed()\n"));
2138 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2139 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2141 if (conf_ctx == NULL) {
2144 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2147 DEBUGADD(6, ("registry config changed\n"));
2154 n2 = talloc_sub_basic(talloc_tos(),
2155 get_current_username(),
2156 current_user_info.domain,
2161 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2162 f->name, n2, ctime(&f->modtime)));
2164 mod_time = file_modtime(n2);
2167 ((f->modtime != mod_time) ||
2168 (f->subfname == NULL) ||
2169 (strcmp(n2, f->subfname) != 0)))
2172 ("file %s modified: %s\n", n2,
2174 f->modtime = mod_time;
2175 TALLOC_FREE(f->subfname);
2176 f->subfname = talloc_strdup(f, n2);
2177 if (f->subfname == NULL) {
2178 smb_panic("talloc_strdup failed");
2192 * Initialize iconv conversion descriptors.
2194 * This is called the first time it is needed, and also called again
2195 * every time the configuration is reloaded, because the charset or
2196 * codepage might have changed.
2198 static void init_iconv(void)
2200 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2202 true, global_iconv_handle);
2205 /***************************************************************************
2206 Handle the include operation.
2207 ***************************************************************************/
2208 static bool bAllowIncludeRegistry = true;
2210 bool lp_include(struct loadparm_context *lp_ctx, struct loadparm_service *service,
2211 const char *pszParmValue, char **ptr)
2215 if (include_depth >= MAX_INCLUDE_DEPTH) {
2216 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2221 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2222 if (!bAllowIncludeRegistry) {
2225 if (lp_ctx->bInGlobalSection) {
2228 ret = process_registry_globals();
2232 DEBUG(1, ("\"include = registry\" only effective "
2233 "in %s section\n", GLOBAL_NAME));
2238 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2239 current_user_info.domain,
2242 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2244 if (service == NULL) {
2245 string_set(Globals.ctx, ptr, fname);
2247 string_set(service, ptr, fname);
2250 if (file_exist(fname)) {
2253 ret = pm_process(fname, lp_do_section, do_parameter, lp_ctx);
2259 DEBUG(2, ("Can't find include file %s\n", fname));
2264 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2266 char *config_option = NULL;
2267 const char *range = NULL;
2270 SMB_ASSERT(low != NULL);
2271 SMB_ASSERT(high != NULL);
2273 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2277 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2279 if (config_option == NULL) {
2280 DEBUG(0, ("out of memory\n"));
2284 range = lp_parm_const_string(-1, config_option, "range", NULL);
2285 if (range == NULL) {
2286 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2290 if (sscanf(range, "%u - %u", low, high) != 2) {
2291 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2292 range, domain_name));
2299 talloc_free(config_option);
2304 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2306 return lp_idmap_range("*", low, high);
2309 const char *lp_idmap_backend(const char *domain_name)
2311 char *config_option = NULL;
2312 const char *backend = NULL;
2314 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2318 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2320 if (config_option == NULL) {
2321 DEBUG(0, ("out of memory\n"));
2325 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2326 if (backend == NULL) {
2327 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2332 talloc_free(config_option);
2336 const char *lp_idmap_default_backend(void)
2338 return lp_idmap_backend("*");
2341 /***************************************************************************
2342 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2343 ***************************************************************************/
2345 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2347 const char *suffix_string;
2349 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2350 Globals.ldap_suffix );
2351 if ( !suffix_string ) {
2352 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2356 return suffix_string;
2359 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2361 if (Globals.szLdapMachineSuffix[0])
2362 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2364 return lp_string(ctx, Globals.ldap_suffix);
2367 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2369 if (Globals.szLdapUserSuffix[0])
2370 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
2372 return lp_string(ctx, Globals.ldap_suffix);
2375 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2377 if (Globals.szLdapGroupSuffix[0])
2378 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
2380 return lp_string(ctx, Globals.ldap_suffix);
2383 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2385 if (Globals.szLdapIdmapSuffix[0])
2386 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
2388 return lp_string(ctx, Globals.ldap_suffix);
2392 return the parameter pointer for a parameter
2394 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2396 if (service == NULL) {
2397 if (parm->p_class == P_LOCAL)
2398 return (void *)(((char *)&sDefault)+parm->offset);
2399 else if (parm->p_class == P_GLOBAL)
2400 return (void *)(((char *)&Globals)+parm->offset);
2403 return (void *)(((char *)service) + parm->offset);
2407 /***************************************************************************
2408 Process a parameter for a particular service number. If snum < 0
2409 then assume we are in the globals.
2410 ***************************************************************************/
2412 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2414 TALLOC_CTX *frame = talloc_stackframe();
2415 struct loadparm_context *lp_ctx;
2418 lp_ctx = setup_lp_context(frame);
2419 if (lp_ctx == NULL) {
2425 ok = lpcfg_do_global_parameter(lp_ctx, pszParmName, pszParmValue);
2427 ok = lpcfg_do_service_parameter(lp_ctx, ServicePtrs[snum],
2428 pszParmName, pszParmValue);
2436 /***************************************************************************
2437 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2438 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2439 ***************************************************************************/
2441 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2444 parmnum = lpcfg_map_parameter(pszParmName);
2446 flags_list[parmnum] &= ~FLAG_CMDLINE;
2447 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2450 flags_list[parmnum] |= FLAG_CMDLINE;
2452 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2453 * be grouped in the table, so we don't have to search the
2456 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2457 && parm_table[i].p_class == parm_table[parmnum].p_class;
2459 flags_list[i] |= FLAG_CMDLINE;
2461 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2462 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2463 flags_list[i] |= FLAG_CMDLINE;
2469 /* it might be parametric */
2470 if (strchr(pszParmName, ':') != NULL) {
2471 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2475 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2479 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2482 TALLOC_CTX *frame = talloc_stackframe();
2483 struct loadparm_context *lp_ctx;
2485 lp_ctx = setup_lp_context(frame);
2486 if (lp_ctx == NULL) {
2491 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2497 /***************************************************************************
2498 Process a parameter.
2499 ***************************************************************************/
2501 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2504 if (!bInGlobalSection && bGlobalOnly)
2507 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2509 if (bInGlobalSection) {
2510 return lpcfg_do_global_parameter(userdata, pszParmName, pszParmValue);
2512 return lpcfg_do_service_parameter(userdata, ServicePtrs[iServiceIndex],
2513 pszParmName, pszParmValue);
2517 /***************************************************************************
2518 Initialize any local variables in the sDefault table, after parsing a
2520 ***************************************************************************/
2522 static void init_locals(void)
2525 * We run this check once the [globals] is parsed, to force
2526 * the VFS objects and other per-share settings we need for
2527 * the standard way a AD DC is operated. We may change these
2528 * as our code evolves, which is why we force these settings.
2530 * We can't do this at the end of lp_load_ex(), as by that
2531 * point the services have been loaded and they will already
2532 * have "" as their vfs objects.
2534 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2535 const char **vfs_objects = lp_vfs_objects(-1);
2536 if (!vfs_objects || !vfs_objects[0]) {
2537 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2538 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2539 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2540 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2542 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2546 lp_do_parameter(-1, "map hidden", "no");
2547 lp_do_parameter(-1, "map system", "no");
2548 lp_do_parameter(-1, "map readonly", "no");
2549 lp_do_parameter(-1, "map archive", "no");
2550 lp_do_parameter(-1, "store dos attributes", "yes");
2554 /***************************************************************************
2555 Process a new section (service). At this stage all sections are services.
2556 Later we'll have special sections that permit server parameters to be set.
2557 Returns true on success, false on failure.
2558 ***************************************************************************/
2560 bool lp_do_section(const char *pszSectionName, void *userdata)
2562 struct loadparm_context *lp_ctx = (struct loadparm_context *)userdata;
2564 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2565 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2568 /* if we were in a global section then do the local inits */
2569 if (bInGlobalSection && !isglobal)
2572 /* if we've just struck a global section, note the fact. */
2573 bInGlobalSection = isglobal;
2574 if (lp_ctx != NULL) {
2575 lp_ctx->bInGlobalSection = isglobal;
2578 /* check for multiple global sections */
2579 if (bInGlobalSection) {
2580 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2584 if (!bInGlobalSection && bGlobalOnly)
2587 /* if we have a current service, tidy it up before moving on */
2590 if (iServiceIndex >= 0)
2591 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
2593 /* if all is still well, move to the next record in the services array */
2595 /* We put this here to avoid an odd message order if messages are */
2596 /* issued by the post-processing of a previous section. */
2597 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2599 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2600 if (iServiceIndex < 0) {
2601 DEBUG(0, ("Failed to add a new service\n"));
2604 /* Clean all parametric options for service */
2605 /* They will be added during parsing again */
2606 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2612 /***************************************************************************
2613 Display the contents of a parameter of a single services record.
2614 ***************************************************************************/
2616 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2618 bool result = false;
2619 struct loadparm_context *lp_ctx;
2621 lp_ctx = setup_lp_context(talloc_tos());
2622 if (lp_ctx == NULL) {
2627 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2629 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2631 TALLOC_FREE(lp_ctx);
2636 /***************************************************************************
2637 Display the contents of a single copy structure.
2638 ***************************************************************************/
2639 static void dump_copy_map(bool *pcopymap)
2645 printf("\n\tNon-Copied parameters:\n");
2647 for (i = 0; parm_table[i].label; i++)
2648 if (parm_table[i].p_class == P_LOCAL &&
2649 parm_table[i].ptr && !pcopymap[i] &&
2650 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2652 printf("\t\t%s\n", parm_table[i].label);
2657 /***************************************************************************
2658 Return TRUE if the passed service number is within range.
2659 ***************************************************************************/
2661 bool lp_snum_ok(int iService)
2663 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
2666 /***************************************************************************
2667 Auto-load some home services.
2668 ***************************************************************************/
2670 static void lp_add_auto_services(char *str)
2680 s = talloc_strdup(talloc_tos(), str);
2682 smb_panic("talloc_strdup failed");
2686 homes = lp_servicenumber(HOMES_NAME);
2688 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
2689 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
2692 if (lp_servicenumber(p) >= 0)
2695 home = get_user_home_dir(talloc_tos(), p);
2697 if (home && home[0] && homes >= 0)
2698 lp_add_home(p, homes, p, home);
2705 /***************************************************************************
2706 Auto-load one printer.
2707 ***************************************************************************/
2709 void lp_add_one_printer(const char *name, const char *comment,
2710 const char *location, void *pdata)
2712 int printers = lp_servicenumber(PRINTERS_NAME);
2715 if (lp_servicenumber(name) < 0) {
2716 lp_add_printer(name, printers);
2717 if ((i = lp_servicenumber(name)) >= 0) {
2718 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
2719 ServicePtrs[i]->autoloaded = true;
2724 /***************************************************************************
2725 Have we loaded a services file yet?
2726 ***************************************************************************/
2728 bool lp_loaded(void)
2733 /***************************************************************************
2734 Unload unused services.
2735 ***************************************************************************/
2737 void lp_killunused(struct smbd_server_connection *sconn,
2738 bool (*snumused) (struct smbd_server_connection *, int))
2741 for (i = 0; i < iNumServices; i++) {
2745 /* don't kill autoloaded or usershare services */
2746 if ( ServicePtrs[i]->autoloaded ||
2747 ServicePtrs[i]->usershare == USERSHARE_VALID) {
2751 if (!snumused || !snumused(sconn, i)) {
2752 free_service_byindex(i);
2758 * Kill all except autoloaded and usershare services - convenience wrapper
2760 void lp_kill_all_services(void)
2762 lp_killunused(NULL, NULL);
2765 /***************************************************************************
2767 ***************************************************************************/
2769 void lp_killservice(int iServiceIn)
2771 if (VALID(iServiceIn)) {
2772 free_service_byindex(iServiceIn);
2776 /***************************************************************************
2777 Save the curent values of all global and sDefault parameters into the
2778 defaults union. This allows testparm to show only the
2779 changed (ie. non-default) parameters.
2780 ***************************************************************************/
2782 static void lp_save_defaults(void)
2785 struct parmlist_entry * parm;
2786 for (i = 0; parm_table[i].label; i++) {
2787 if (!(flags_list[i] & FLAG_CMDLINE)) {
2788 flags_list[i] |= FLAG_DEFAULT;
2791 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
2792 && parm_table[i].p_class == parm_table[i - 1].p_class)
2794 switch (parm_table[i].type) {
2797 parm_table[i].def.lvalue = str_list_copy(
2798 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
2802 parm_table[i].def.svalue = talloc_strdup(Globals.ctx, *(char **)lp_parm_ptr(NULL, &parm_table[i]));
2803 if (parm_table[i].def.svalue == NULL) {
2804 smb_panic("talloc_strdup failed");
2809 parm_table[i].def.bvalue =
2810 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
2813 parm_table[i].def.cvalue =
2814 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
2820 parm_table[i].def.ivalue =
2821 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
2826 for (parm=Globals.param_opt; parm; parm=parm->next) {
2827 if (!(parm->priority & FLAG_CMDLINE)) {
2828 parm->priority |= FLAG_DEFAULT;
2832 for (parm=sDefault.param_opt; parm; parm=parm->next) {
2833 if (!(parm->priority & FLAG_CMDLINE)) {
2834 parm->priority |= FLAG_DEFAULT;
2838 defaults_saved = true;
2841 /***********************************************************
2842 If we should send plaintext/LANMAN passwords in the clinet
2843 ************************************************************/
2845 static void set_allowed_client_auth(void)
2847 if (Globals.client_ntlmv2_auth) {
2848 Globals.client_lanman_auth = false;
2850 if (!Globals.client_lanman_auth) {
2851 Globals.client_plaintext_auth = false;
2855 /***************************************************************************
2857 The following code allows smbd to read a user defined share file.
2858 Yes, this is my intent. Yes, I'm comfortable with that...
2860 THE FOLLOWING IS SECURITY CRITICAL CODE.
2862 It washes your clothes, it cleans your house, it guards you while you sleep...
2863 Do not f%^k with it....
2864 ***************************************************************************/
2866 #define MAX_USERSHARE_FILE_SIZE (10*1024)
2868 /***************************************************************************
2869 Check allowed stat state of a usershare file.
2870 Ensure we print out who is dicking with us so the admin can
2871 get their sorry ass fired.
2872 ***************************************************************************/
2874 static bool check_usershare_stat(const char *fname,
2875 const SMB_STRUCT_STAT *psbuf)
2877 if (!S_ISREG(psbuf->st_ex_mode)) {
2878 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2879 "not a regular file\n",
2880 fname, (unsigned int)psbuf->st_ex_uid ));
2884 /* Ensure this doesn't have the other write bit set. */
2885 if (psbuf->st_ex_mode & S_IWOTH) {
2886 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
2887 "public write. Refusing to allow as a usershare file.\n",
2888 fname, (unsigned int)psbuf->st_ex_uid ));
2892 /* Should be 10k or less. */
2893 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
2894 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
2895 "too large (%u) to be a user share file.\n",
2896 fname, (unsigned int)psbuf->st_ex_uid,
2897 (unsigned int)psbuf->st_ex_size ));
2904 /***************************************************************************
2905 Parse the contents of a usershare file.
2906 ***************************************************************************/
2908 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
2909 SMB_STRUCT_STAT *psbuf,
2910 const char *servicename,
2914 char **pp_sharepath,
2916 char **pp_cp_servicename,
2917 struct security_descriptor **ppsd,
2920 const char **prefixallowlist = lp_usershare_prefix_allow_list();
2921 const char **prefixdenylist = lp_usershare_prefix_deny_list();
2924 SMB_STRUCT_STAT sbuf;
2925 char *sharepath = NULL;
2926 char *comment = NULL;
2928 *pp_sharepath = NULL;
2931 *pallow_guest = false;
2934 return USERSHARE_MALFORMED_FILE;
2937 if (strcmp(lines[0], "#VERSION 1") == 0) {
2939 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
2942 return USERSHARE_MALFORMED_FILE;
2945 return USERSHARE_BAD_VERSION;
2948 if (strncmp(lines[1], "path=", 5) != 0) {
2949 return USERSHARE_MALFORMED_PATH;
2952 sharepath = talloc_strdup(ctx, &lines[1][5]);
2954 return USERSHARE_POSIX_ERR;
2956 trim_string(sharepath, " ", " ");
2958 if (strncmp(lines[2], "comment=", 8) != 0) {
2959 return USERSHARE_MALFORMED_COMMENT_DEF;
2962 comment = talloc_strdup(ctx, &lines[2][8]);
2964 return USERSHARE_POSIX_ERR;
2966 trim_string(comment, " ", " ");
2967 trim_char(comment, '"', '"');
2969 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
2970 return USERSHARE_MALFORMED_ACL_DEF;
2973 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
2974 return USERSHARE_ACL_ERR;
2978 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
2979 return USERSHARE_MALFORMED_ACL_DEF;
2981 if (lines[4][9] == 'y') {
2982 *pallow_guest = true;
2985 /* Backwards compatible extension to file version #2. */
2987 if (strncmp(lines[5], "sharename=", 10) != 0) {
2988 return USERSHARE_MALFORMED_SHARENAME_DEF;
2990 if (!strequal(&lines[5][10], servicename)) {
2991 return USERSHARE_BAD_SHARENAME;
2993 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
2994 if (!*pp_cp_servicename) {
2995 return USERSHARE_POSIX_ERR;
3000 if (*pp_cp_servicename == NULL) {
3001 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3002 if (!*pp_cp_servicename) {
3003 return USERSHARE_POSIX_ERR;
3007 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3008 /* Path didn't change, no checks needed. */
3009 *pp_sharepath = sharepath;
3010 *pp_comment = comment;
3011 return USERSHARE_OK;
3014 /* The path *must* be absolute. */
3015 if (sharepath[0] != '/') {
3016 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3017 servicename, sharepath));
3018 return USERSHARE_PATH_NOT_ABSOLUTE;
3021 /* If there is a usershare prefix deny list ensure one of these paths
3022 doesn't match the start of the user given path. */
3023 if (prefixdenylist) {
3025 for ( i=0; prefixdenylist[i]; i++ ) {
3026 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3027 servicename, i, prefixdenylist[i], sharepath ));
3028 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3029 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3030 "usershare prefix deny list entries.\n",
3031 servicename, sharepath));
3032 return USERSHARE_PATH_IS_DENIED;
3037 /* If there is a usershare prefix allow list ensure one of these paths
3038 does match the start of the user given path. */
3040 if (prefixallowlist) {
3042 for ( i=0; prefixallowlist[i]; i++ ) {
3043 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3044 servicename, i, prefixallowlist[i], sharepath ));
3045 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3049 if (prefixallowlist[i] == NULL) {
3050 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3051 "usershare prefix allow list entries.\n",
3052 servicename, sharepath));
3053 return USERSHARE_PATH_NOT_ALLOWED;
3057 /* Ensure this is pointing to a directory. */
3058 dp = opendir(sharepath);
3061 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3062 servicename, sharepath));
3063 return USERSHARE_PATH_NOT_DIRECTORY;
3066 /* Ensure the owner of the usershare file has permission to share
3069 if (sys_stat(sharepath, &sbuf, false) == -1) {
3070 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3071 servicename, sharepath, strerror(errno) ));
3073 return USERSHARE_POSIX_ERR;
3078 if (!S_ISDIR(sbuf.st_ex_mode)) {
3079 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3080 servicename, sharepath ));
3081 return USERSHARE_PATH_NOT_DIRECTORY;
3084 /* Check if sharing is restricted to owner-only. */
3085 /* psbuf is the stat of the usershare definition file,
3086 sbuf is the stat of the target directory to be shared. */
3088 if (lp_usershare_owner_only()) {
3089 /* root can share anything. */
3090 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3091 return USERSHARE_PATH_NOT_ALLOWED;
3095 *pp_sharepath = sharepath;
3096 *pp_comment = comment;
3097 return USERSHARE_OK;
3100 /***************************************************************************
3101 Deal with a usershare file.
3104 -1 - Bad name, invalid contents.
3105 - service name already existed and not a usershare, problem
3106 with permissions to share directory etc.
3107 ***************************************************************************/
3109 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3111 SMB_STRUCT_STAT sbuf;
3112 SMB_STRUCT_STAT lsbuf;
3114 char *sharepath = NULL;
3115 char *comment = NULL;
3116 char *cp_service_name = NULL;
3117 char **lines = NULL;
3121 TALLOC_CTX *ctx = talloc_stackframe();
3122 struct security_descriptor *psd = NULL;
3123 bool guest_ok = false;
3124 char *canon_name = NULL;
3125 bool added_service = false;
3128 /* Ensure share name doesn't contain invalid characters. */
3129 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3130 DEBUG(0,("process_usershare_file: share name %s contains "
3131 "invalid characters (any of %s)\n",
3132 file_name, INVALID_SHARENAME_CHARS ));
3136 canon_name = canonicalize_servicename(ctx, file_name);
3141 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3146 /* Minimize the race condition by doing an lstat before we
3147 open and fstat. Ensure this isn't a symlink link. */
3149 if (sys_lstat(fname, &lsbuf, false) != 0) {
3150 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3151 fname, strerror(errno) ));
3155 /* This must be a regular file, not a symlink, directory or
3156 other strange filetype. */
3157 if (!check_usershare_stat(fname, &lsbuf)) {
3165 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3170 if (NT_STATUS_IS_OK(status) &&
3171 (data.dptr != NULL) &&
3172 (data.dsize == sizeof(iService))) {
3173 memcpy(&iService, data.dptr, sizeof(iService));
3177 if (iService != -1 &&
3178 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3179 &lsbuf.st_ex_mtime) == 0) {
3180 /* Nothing changed - Mark valid and return. */
3181 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3183 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3188 /* Try and open the file read only - no symlinks allowed. */
3190 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3192 fd = open(fname, O_RDONLY, 0);
3196 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3197 fname, strerror(errno) ));
3201 /* Now fstat to be *SURE* it's a regular file. */
3202 if (sys_fstat(fd, &sbuf, false) != 0) {
3204 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3205 fname, strerror(errno) ));
3209 /* Is it the same dev/inode as was lstated ? */
3210 if (!check_same_stat(&lsbuf, &sbuf)) {
3212 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3213 "Symlink spoofing going on ?\n", fname ));
3217 /* This must be a regular file, not a symlink, directory or
3218 other strange filetype. */
3219 if (!check_usershare_stat(fname, &sbuf)) {
3224 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3227 if (lines == NULL) {
3228 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3229 fname, (unsigned int)sbuf.st_ex_uid ));
3233 if (parse_usershare_file(ctx, &sbuf, file_name,
3234 iService, lines, numlines, &sharepath,
3235 &comment, &cp_service_name,
3236 &psd, &guest_ok) != USERSHARE_OK) {
3240 /* Everything ok - add the service possibly using a template. */
3242 const struct loadparm_service *sp = &sDefault;
3243 if (snum_template != -1) {
3244 sp = ServicePtrs[snum_template];
3247 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3248 DEBUG(0, ("process_usershare_file: Failed to add "
3249 "new service %s\n", cp_service_name));
3253 added_service = true;
3255 /* Read only is controlled by usershare ACL below. */
3256 ServicePtrs[iService]->read_only = false;
3259 /* Write the ACL of the new/modified share. */
3260 if (!set_share_security(canon_name, psd)) {
3261 DEBUG(0, ("process_usershare_file: Failed to set share "
3262 "security for user share %s\n",
3267 /* If from a template it may be marked invalid. */
3268 ServicePtrs[iService]->valid = true;
3270 /* Set the service as a valid usershare. */
3271 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3273 /* Set guest access. */
3274 if (lp_usershare_allow_guests()) {
3275 ServicePtrs[iService]->guest_ok = guest_ok;
3278 /* And note when it was loaded. */
3279 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3280 string_set(ServicePtrs[iService], &ServicePtrs[iService]->path, sharepath);
3281 string_set(ServicePtrs[iService], &ServicePtrs[iService]->comment, comment);
3287 if (ret == -1 && iService != -1 && added_service) {
3288 lp_remove_service(iService);
3296 /***************************************************************************
3297 Checks if a usershare entry has been modified since last load.
3298 ***************************************************************************/
3300 static bool usershare_exists(int iService, struct timespec *last_mod)
3302 SMB_STRUCT_STAT lsbuf;
3303 const char *usersharepath = Globals.usershare_path;
3306 fname = talloc_asprintf(talloc_tos(),
3309 ServicePtrs[iService]->szService);
3310 if (fname == NULL) {
3314 if (sys_lstat(fname, &lsbuf, false) != 0) {
3319 if (!S_ISREG(lsbuf.st_ex_mode)) {
3325 *last_mod = lsbuf.st_ex_mtime;
3329 /***************************************************************************
3330 Load a usershare service by name. Returns a valid servicenumber or -1.
3331 ***************************************************************************/
3333 int load_usershare_service(const char *servicename)
3335 SMB_STRUCT_STAT sbuf;
3336 const char *usersharepath = Globals.usershare_path;
3337 int max_user_shares = Globals.usershare_max_shares;
3338 int snum_template = -1;
3340 if (*usersharepath == 0 || max_user_shares == 0) {
3344 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3345 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3346 usersharepath, strerror(errno) ));
3350 if (!S_ISDIR(sbuf.st_ex_mode)) {
3351 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3357 * This directory must be owned by root, and have the 't' bit set.
3358 * It also must not be writable by "other".
3362 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3364 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3366 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3367 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3372 /* Ensure the template share exists if it's set. */
3373 if (Globals.usershare_template_share[0]) {
3374 /* We can't use lp_servicenumber here as we are recommending that
3375 template shares have -valid=false set. */
3376 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3377 if (ServicePtrs[snum_template]->szService &&
3378 strequal(ServicePtrs[snum_template]->szService,
3379 Globals.usershare_template_share)) {
3384 if (snum_template == -1) {
3385 DEBUG(0,("load_usershare_service: usershare template share %s "
3386 "does not exist.\n",
3387 Globals.usershare_template_share ));
3392 return process_usershare_file(usersharepath, servicename, snum_template);
3395 /***************************************************************************
3396 Load all user defined shares from the user share directory.
3397 We only do this if we're enumerating the share list.
3398 This is the function that can delete usershares that have
3400 ***************************************************************************/
3402 int load_usershare_shares(struct smbd_server_connection *sconn,
3403 bool (*snumused) (struct smbd_server_connection *, int))
3406 SMB_STRUCT_STAT sbuf;
3408 int num_usershares = 0;
3409 int max_user_shares = Globals.usershare_max_shares;
3410 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3411 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3412 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3414 int snum_template = -1;
3415 const char *usersharepath = Globals.usershare_path;
3416 int ret = lp_numservices();
3417 TALLOC_CTX *tmp_ctx;
3419 if (max_user_shares == 0 || *usersharepath == '\0') {
3420 return lp_numservices();
3423 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3424 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3425 usersharepath, strerror(errno) ));
3430 * This directory must be owned by root, and have the 't' bit set.
3431 * It also must not be writable by "other".
3435 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3437 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3439 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3440 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3445 /* Ensure the template share exists if it's set. */
3446 if (Globals.usershare_template_share[0]) {
3447 /* We can't use lp_servicenumber here as we are recommending that
3448 template shares have -valid=false set. */
3449 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3450 if (ServicePtrs[snum_template]->szService &&
3451 strequal(ServicePtrs[snum_template]->szService,
3452 Globals.usershare_template_share)) {
3457 if (snum_template == -1) {
3458 DEBUG(0,("load_usershare_shares: usershare template share %s "
3459 "does not exist.\n",
3460 Globals.usershare_template_share ));
3465 /* Mark all existing usershares as pending delete. */
3466 for (iService = iNumServices - 1; iService >= 0; iService--) {
3467 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3468 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3472 dp = opendir(usersharepath);
3474 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3475 usersharepath, strerror(errno) ));
3479 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3481 num_dir_entries++ ) {
3483 const char *n = de->d_name;
3485 /* Ignore . and .. */
3487 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3493 /* Temporary file used when creating a share. */
3494 num_tmp_dir_entries++;
3497 /* Allow 20% tmp entries. */
3498 if (num_tmp_dir_entries > allowed_tmp_entries) {
3499 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3500 "in directory %s\n",
3501 num_tmp_dir_entries, usersharepath));
3505 r = process_usershare_file(usersharepath, n, snum_template);
3507 /* Update the services count. */
3509 if (num_usershares >= max_user_shares) {
3510 DEBUG(0,("load_usershare_shares: max user shares reached "
3511 "on file %s in directory %s\n",
3512 n, usersharepath ));
3515 } else if (r == -1) {
3516 num_bad_dir_entries++;
3519 /* Allow 20% bad entries. */
3520 if (num_bad_dir_entries > allowed_bad_entries) {
3521 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3522 "in directory %s\n",
3523 num_bad_dir_entries, usersharepath));
3527 /* Allow 20% bad entries. */
3528 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3529 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3530 "in directory %s\n",
3531 num_dir_entries, usersharepath));
3538 /* Sweep through and delete any non-refreshed usershares that are
3539 not currently in use. */
3540 tmp_ctx = talloc_stackframe();
3541 for (iService = iNumServices - 1; iService >= 0; iService--) {
3542 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3545 if (snumused && snumused(sconn, iService)) {
3549 servname = lp_servicename(tmp_ctx, iService);
3551 /* Remove from the share ACL db. */
3552 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3554 delete_share_security(servname);
3555 free_service_byindex(iService);
3558 talloc_free(tmp_ctx);
3560 return lp_numservices();
3563 /********************************************************
3564 Destroy global resources allocated in this file
3565 ********************************************************/
3567 void gfree_loadparm(void)
3573 /* Free resources allocated to services */
3575 for ( i = 0; i < iNumServices; i++ ) {
3577 free_service_byindex(i);
3581 TALLOC_FREE( ServicePtrs );
3584 /* Now release all resources allocated to global
3585 parameters and the default service */
3587 free_global_parameters();
3591 /***************************************************************************
3592 Allow client apps to specify that they are a client
3593 ***************************************************************************/
3594 static void lp_set_in_client(bool b)
3600 /***************************************************************************
3601 Determine if we're running in a client app
3602 ***************************************************************************/
3603 static bool lp_is_in_client(void)
3608 static void lp_enforce_ad_dc_settings(void)
3610 lp_do_parameter(GLOBAL_SECTION_SNUM, "passdb backend", "samba_dsdb");
3611 lp_do_parameter(GLOBAL_SECTION_SNUM,
3612 "winbindd:use external pipes", "true");
3613 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:default", "external");
3614 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:svcctl", "embedded");
3615 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:srvsvc", "embedded");
3616 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:eventlog", "embedded");
3617 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:ntsvcs", "embedded");
3618 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:winreg", "embedded");
3619 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:spoolss", "embedded");
3620 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_daemon:spoolssd", "embedded");
3621 lp_do_parameter(GLOBAL_SECTION_SNUM, "rpc_server:tcpip", "no");
3624 /***************************************************************************
3625 Load the services array from the services file. Return true on success,
3627 ***************************************************************************/
3629 static bool lp_load_ex(const char *pszFname,
3633 bool reinit_globals,
3634 bool allow_include_registry,
3635 bool load_all_shares)
3639 TALLOC_CTX *frame = talloc_stackframe();
3640 struct loadparm_context *lp_ctx;
3644 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3646 bInGlobalSection = true;
3647 bGlobalOnly = global_only;
3648 bAllowIncludeRegistry = allow_include_registry;
3650 lp_ctx = setup_lp_context(talloc_tos());
3652 init_globals(lp_ctx, reinit_globals);
3656 if (save_defaults) {
3661 if (!reinit_globals) {
3662 free_param_opts(&Globals.param_opt);
3663 apply_lp_set_cmdline();
3666 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
3668 /* We get sections first, so have to start 'behind' to make up */
3671 if (lp_config_backend_is_file()) {
3672 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3673 current_user_info.domain,
3676 smb_panic("lp_load_ex: out of memory");
3679 add_to_file_list(NULL, &file_lists, pszFname, n2);
3681 bRetval = pm_process(n2, lp_do_section, do_parameter, lp_ctx);
3684 /* finish up the last section */
3685 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
3687 if (iServiceIndex >= 0) {
3688 bRetval = lpcfg_service_ok(ServicePtrs[iServiceIndex]);
3692 if (lp_config_backend_is_registry()) {
3694 /* config backend changed to registry in config file */
3696 * We need to use this extra global variable here to
3697 * survive restart: init_globals uses this as a default
3698 * for config_backend. Otherwise, init_globals would
3699 * send us into an endless loop here.
3702 config_backend = CONFIG_BACKEND_REGISTRY;
3704 DEBUG(1, ("lp_load_ex: changing to config backend "
3706 init_globals(lp_ctx, true);
3708 TALLOC_FREE(lp_ctx);
3710 lp_kill_all_services();
3711 ok = lp_load_ex(pszFname, global_only, save_defaults,
3712 add_ipc, reinit_globals,
3713 allow_include_registry,
3718 } else if (lp_config_backend_is_registry()) {
3719 bRetval = process_registry_globals();
3721 DEBUG(0, ("Illegal config backend given: %d\n",
3722 lp_config_backend()));
3726 if (bRetval && lp_registry_shares()) {
3727 if (load_all_shares) {
3728 bRetval = process_registry_shares();
3730 bRetval = reload_registry_shares();
3735 char *serv = lp_auto_services(talloc_tos());
3736 lp_add_auto_services(serv);
3741 /* When 'restrict anonymous = 2' guest connections to ipc$
3743 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
3744 if ( lp_enable_asu_support() ) {
3745 lp_add_ipc("ADMIN$", false);
3749 set_allowed_client_auth();
3751 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
3752 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
3753 lp_password_server()));
3758 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
3759 /* if we_are_a_wins_server is true and we are in the client */
3760 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
3761 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
3766 fault_configure(smb_panic_s3);
3769 * We run this check once the whole smb.conf is parsed, to
3770 * force some settings for the standard way a AD DC is
3771 * operated. We may change these as our code evolves, which
3772 * is why we force these settings.
3774 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
3775 lp_enforce_ad_dc_settings();
3778 bAllowIncludeRegistry = true;
3784 static bool lp_load(const char *pszFname,
3788 bool reinit_globals)
3790 return lp_load_ex(pszFname,
3795 true, /* allow_include_registry */
3796 false); /* load_all_shares*/
3799 bool lp_load_initial_only(const char *pszFname)
3801 return lp_load_ex(pszFname,
3802 true, /* global only */
3803 true, /* save_defaults */
3804 false, /* add_ipc */
3805 true, /* reinit_globals */
3806 false, /* allow_include_registry */
3807 false); /* load_all_shares*/
3811 * most common lp_load wrapper, loading only the globals
3813 bool lp_load_global(const char *file_name)
3815 return lp_load(file_name,
3816 true, /* global_only */
3817 false, /* save_defaults */
3818 false, /* add_ipc */
3819 true); /* reinit_globals */
3823 * The typical lp_load wrapper with shares, loads global and
3824 * shares, including IPC, but does not force immediate
3825 * loading of all shares from registry.
3827 bool lp_load_with_shares(const char *file_name)
3829 return lp_load(file_name,
3830 false, /* global_only */
3831 false, /* save_defaults */
3833 true); /* reinit_globals */
3837 * lp_load wrapper, especially for clients
3839 bool lp_load_client(const char *file_name)
3841 lp_set_in_client(true);
3843 return lp_load_global(file_name);
3847 * lp_load wrapper, loading only globals, but intended
3848 * for subsequent calls, not reinitializing the globals
3851 bool lp_load_global_no_reinit(const char *file_name)
3853 return lp_load(file_name,
3854 true, /* global_only */
3855 false, /* save_defaults */
3856 false, /* add_ipc */
3857 false); /* reinit_globals */
3861 * lp_load wrapper, loading globals and shares,
3862 * intended for subsequent calls, i.e. not reinitializing
3863 * the globals to default values.
3865 bool lp_load_no_reinit(const char *file_name)
3867 return lp_load(file_name,
3868 false, /* global_only */
3869 false, /* save_defaults */
3870 false, /* add_ipc */
3871 false); /* reinit_globals */
3876 * lp_load wrapper, especially for clients, no reinitialization
3878 bool lp_load_client_no_reinit(const char *file_name)
3880 lp_set_in_client(true);
3882 return lp_load_global_no_reinit(file_name);
3885 bool lp_load_with_registry_shares(const char *pszFname)
3887 return lp_load_ex(pszFname,
3888 false, /* global_only */
3889 true, /* save_defaults */
3890 false, /* add_ipc */
3891 false, /* reinit_globals */
3892 true, /* allow_include_registry */
3893 true); /* load_all_shares*/
3896 /***************************************************************************
3897 Return the max number of services.
3898 ***************************************************************************/
3900 int lp_numservices(void)
3902 return (iNumServices);
3905 /***************************************************************************
3906 Display the contents of the services array in human-readable form.
3907 ***************************************************************************/
3909 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
3912 struct loadparm_context *lp_ctx;
3915 defaults_saved = false;
3917 lp_ctx = setup_lp_context(talloc_tos());
3918 if (lp_ctx == NULL) {
3922 lpcfg_dump_globals(lp_ctx, f, !defaults_saved);
3924 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
3926 for (iService = 0; iService < maxtoprint; iService++) {
3928 lp_dump_one(f, show_defaults, iService);
3932 /***************************************************************************
3933 Display the contents of one service in human-readable form.
3934 ***************************************************************************/
3936 void lp_dump_one(FILE * f, bool show_defaults, int snum)
3939 if (ServicePtrs[snum]->szService[0] == '\0')
3941 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
3942 flags_list, show_defaults);
3946 /***************************************************************************
3947 Return the number of the service with the given name, or -1 if it doesn't
3948 exist. Note that this is a DIFFERENT ANIMAL from the internal function
3949 getservicebyname()! This works ONLY if all services have been loaded, and
3950 does not copy the found service.
3951 ***************************************************************************/
3953 int lp_servicenumber(const char *pszServiceName)
3956 fstring serviceName;
3958 if (!pszServiceName) {
3959 return GLOBAL_SECTION_SNUM;
3962 for (iService = iNumServices - 1; iService >= 0; iService--) {
3963 if (VALID(iService) && ServicePtrs[iService]->szService) {
3965 * The substitution here is used to support %U in
3968 fstrcpy(serviceName, ServicePtrs[iService]->szService);
3969 standard_sub_basic(get_current_username(),
3970 current_user_info.domain,
3971 serviceName,sizeof(serviceName));
3972 if (strequal(serviceName, pszServiceName)) {
3978 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
3979 struct timespec last_mod;
3981 if (!usershare_exists(iService, &last_mod)) {
3982 /* Remove the share security tdb entry for it. */
3983 delete_share_security(lp_servicename(talloc_tos(), iService));
3984 /* Remove it from the array. */
3985 free_service_byindex(iService);
3986 /* Doesn't exist anymore. */
3987 return GLOBAL_SECTION_SNUM;
3990 /* Has it been modified ? If so delete and reload. */
3991 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3993 /* Remove it from the array. */
3994 free_service_byindex(iService);
3995 /* and now reload it. */
3996 iService = load_usershare_service(pszServiceName);
4001 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4002 return GLOBAL_SECTION_SNUM;
4008 /*******************************************************************
4009 A useful volume label function.
4010 ********************************************************************/
4012 const char *volume_label(TALLOC_CTX *ctx, int snum)
4015 const char *label = lp_volume(ctx, snum);
4017 label = lp_servicename(ctx, snum);
4020 /* This returns a 33 byte guarenteed null terminated string. */
4021 ret = talloc_strndup(ctx, label, 32);
4028 /*******************************************************************
4029 Get the default server type we will announce as via nmbd.
4030 ********************************************************************/
4032 int lp_default_server_announce(void)
4034 int default_server_announce = 0;
4035 default_server_announce |= SV_TYPE_WORKSTATION;
4036 default_server_announce |= SV_TYPE_SERVER;
4037 default_server_announce |= SV_TYPE_SERVER_UNIX;
4039 /* note that the flag should be set only if we have a
4040 printer service but nmbd doesn't actually load the
4041 services so we can't tell --jerry */
4043 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4045 default_server_announce |= SV_TYPE_SERVER_NT;
4046 default_server_announce |= SV_TYPE_NT;
4048 switch (lp_server_role()) {
4049 case ROLE_DOMAIN_MEMBER:
4050 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4052 case ROLE_DOMAIN_PDC:
4053 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4055 case ROLE_DOMAIN_BDC:
4056 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4058 case ROLE_STANDALONE:
4062 if (lp_time_server())
4063 default_server_announce |= SV_TYPE_TIME_SOURCE;
4065 if (lp_host_msdfs())
4066 default_server_announce |= SV_TYPE_DFS_SERVER;
4068 return default_server_announce;
4071 /***********************************************************
4072 If we are PDC then prefer us as DMB
4073 ************************************************************/
4075 bool lp_domain_master(void)
4077 if (Globals._domain_master == Auto)
4078 return (lp_server_role() == ROLE_DOMAIN_PDC);
4080 return (bool)Globals._domain_master;
4083 /***********************************************************
4084 If we are PDC then prefer us as DMB
4085 ************************************************************/
4087 static bool lp_domain_master_true_or_auto(void)
4089 if (Globals._domain_master) /* auto or yes */
4095 /***********************************************************
4096 If we are DMB then prefer us as LMB
4097 ************************************************************/
4099 bool lp_preferred_master(void)
4101 if (Globals.iPreferredMaster == Auto)
4102 return (lp_local_master() && lp_domain_master());
4104 return (bool)Globals.iPreferredMaster;
4107 /*******************************************************************
4109 ********************************************************************/
4111 void lp_remove_service(int snum)
4113 ServicePtrs[snum]->valid = false;
4116 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4118 const char *ret = lp__printername(ctx, snum);
4119 if (ret == NULL || *ret == '\0') {
4120 ret = lp_const_servicename(snum);
4127 /***********************************************************
4128 Allow daemons such as winbindd to fix their logfile name.
4129 ************************************************************/
4131 void lp_set_logfile(const char *name)
4133 string_set(Globals.ctx, &Globals.logfile, name);
4134 debug_set_logfile(name);
4137 /*******************************************************************
4138 Return the max print jobs per queue.
4139 ********************************************************************/
4141 int lp_maxprintjobs(int snum)
4143 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4144 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4145 maxjobs = PRINT_MAX_JOBID - 1;
4150 const char *lp_printcapname(void)
4152 if ((Globals.szPrintcapname != NULL) &&
4153 (Globals.szPrintcapname[0] != '\0'))
4154 return Globals.szPrintcapname;
4156 if (sDefault.printing == PRINT_CUPS) {
4160 if (sDefault.printing == PRINT_BSD)
4161 return "/etc/printcap";
4163 return PRINTCAP_NAME;
4166 static uint32_t spoolss_state;
4168 bool lp_disable_spoolss( void )
4170 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4171 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4173 return spoolss_state == SVCCTL_STOPPED ? true : false;
4176 void lp_set_spoolss_state( uint32_t state )
4178 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4180 spoolss_state = state;
4183 uint32_t lp_get_spoolss_state( void )
4185 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4188 /*******************************************************************
4189 Ensure we don't use sendfile if server smb signing is active.
4190 ********************************************************************/
4192 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4194 bool sign_active = false;
4196 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4197 if (get_Protocol() < PROTOCOL_NT1) {
4200 if (signing_state) {
4201 sign_active = smb_signing_is_active(signing_state);
4203 return (lp__use_sendfile(snum) &&
4204 (get_remote_arch() != RA_WIN95) &&
4208 /*******************************************************************
4209 Turn off sendfile if we find the underlying OS doesn't support it.
4210 ********************************************************************/
4212 void set_use_sendfile(int snum, bool val)
4214 if (LP_SNUM_OK(snum))
4215 ServicePtrs[snum]->_use_sendfile = val;
4217 sDefault._use_sendfile = val;
4220 /*******************************************************************
4221 Turn off storing DOS attributes if this share doesn't support it.
4222 ********************************************************************/
4224 void set_store_dos_attributes(int snum, bool val)
4226 if (!LP_SNUM_OK(snum))
4228 ServicePtrs[(snum)]->store_dos_attributes = val;
4231 void lp_set_mangling_method(const char *new_method)
4233 string_set(Globals.ctx, &Globals.mangling_method, new_method);
4236 /*******************************************************************
4237 Global state for POSIX pathname processing.
4238 ********************************************************************/
4240 static bool posix_pathnames;
4242 bool lp_posix_pathnames(void)
4244 return posix_pathnames;
4247 /*******************************************************************
4248 Change everything needed to ensure POSIX pathname processing (currently
4250 ********************************************************************/
4252 void lp_set_posix_pathnames(void)
4254 posix_pathnames = true;
4257 /*******************************************************************
4258 Global state for POSIX lock processing - CIFS unix extensions.
4259 ********************************************************************/
4261 bool posix_default_lock_was_set;
4262 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4264 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4266 if (posix_default_lock_was_set) {
4267 return posix_cifsx_locktype;
4269 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
4273 /*******************************************************************
4274 ********************************************************************/
4276 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4278 posix_default_lock_was_set = true;
4279 posix_cifsx_locktype = val;
4282 int lp_min_receive_file_size(void)
4284 if (Globals.iminreceivefile < 0) {
4287 return Globals.iminreceivefile;
4290 /*******************************************************************
4291 Safe wide links checks.
4292 This helper function always verify the validity of wide links,
4293 even after a configuration file reload.
4294 ********************************************************************/
4296 static bool lp_widelinks_internal(int snum)
4298 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4299 sDefault.bWidelinks);
4302 void widelinks_warning(int snum)
4304 if (lp_allow_insecure_wide_links()) {
4308 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4309 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4310 "These parameters are incompatible. "
4311 "Wide links will be disabled for this share.\n",
4312 lp_servicename(talloc_tos(), snum) ));
4316 bool lp_widelinks(int snum)
4318 /* wide links is always incompatible with unix extensions */
4319 if (lp_unix_extensions()) {
4321 * Unless we have "allow insecure widelinks"
4324 if (!lp_allow_insecure_wide_links()) {
4329 return lp_widelinks_internal(snum);
4332 int lp_server_role(void)
4334 return lp_find_server_role(lp__server_role(),
4336 lp__domain_logons(),
4337 lp_domain_master_true_or_auto());
4340 int lp_security(void)
4342 return lp_find_security(lp__server_role(),
4346 int lp_client_max_protocol(void)
4348 int client_max_protocol = lp__client_max_protocol();
4349 if (client_max_protocol == PROTOCOL_DEFAULT) {
4350 return PROTOCOL_NT1;
4352 return client_max_protocol;
4355 int lp_winbindd_max_protocol(void)
4357 int client_max_protocol = lp__client_max_protocol();
4358 if (client_max_protocol == PROTOCOL_DEFAULT) {
4359 return PROTOCOL_LATEST;
4361 return client_max_protocol;
4364 struct loadparm_global * get_globals(void)
4369 unsigned int * get_flags(void)
4371 if (flags_list == NULL) {
4372 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());
git.samba.org / kai / samba-autobuild / .git / blob