2 Unix SMB/CIFS implementation.
3 Parameter loading functions
4 Copyright (C) Karl Auer 1993-1998
6 Largely re-written by Andrew Tridgell, September 1994
8 Copyright (C) Simo Sorce 2001
9 Copyright (C) Alexander Bokovoy 2002
10 Copyright (C) Stefan (metze) Metzmacher 2002
11 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
12 Copyright (C) Michael Adam 2008
13 Copyright (C) Jelmer Vernooij <jelmer@samba.org> 2007
14 Copyright (C) Andrew Bartlett 2011
16 This program is free software; you can redistribute it and/or modify
17 it under the terms of the GNU General Public License as published by
18 the Free Software Foundation; either version 3 of the License, or
19 (at your option) any later version.
21 This program is distributed in the hope that it will be useful,
22 but WITHOUT ANY WARRANTY; without even the implied warranty of
23 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
24 GNU General Public License for more details.
26 You should have received a copy of the GNU General Public License
27 along with this program. If not, see <http://www.gnu.org/licenses/>.
33 * This module provides suitable callback functions for the params
34 * module. It builds the internal table of service details which is
35 * then used by the rest of the server.
39 * 1) add it to the global or service structure definition
40 * 2) add it to the parm_table
41 * 3) add it to the list of available functions (eg: using FN_GLOBAL_STRING())
42 * 4) If it's a global then initialise it in init_globals. If a local
43 * (ie. service) parameter then initialise it in the sDefault structure
47 * The configuration file is processed sequentially for speed. It is NOT
48 * accessed randomly as happens in 'real' Windows. For this reason, there
49 * is a fair bit of sequence-dependent code here - ie., code which assumes
50 * that certain things happen before others. In particular, the code which
51 * happens at the boundary between sections is delicately poised, so be
57 #include "system/filesys.h"
59 #include "lib/param/loadparm.h"
60 #include "lib/param/param.h"
62 #include "lib/smbconf/smbconf.h"
63 #include "lib/smbconf/smbconf_init.h"
66 #include "../librpc/gen_ndr/svcctl.h"
68 #include "../libcli/smb/smb_signing.h"
69 #include "dbwrap/dbwrap.h"
70 #include "dbwrap/dbwrap_rbt.h"
71 #include "../lib/util/bitmap.h"
73 #ifdef HAVE_SYS_SYSCTL_H
74 #include <sys/sysctl.h>
77 #ifdef HAVE_HTTPCONNECTENCRYPT
78 #include <cups/http.h>
83 extern userdom_struct current_user_info;
85 /* the special value for the include parameter
86 * to be interpreted not as a file name but to
87 * trigger loading of the global smb.conf options
89 #ifndef INCLUDE_REGISTRY_NAME
90 #define INCLUDE_REGISTRY_NAME "registry"
93 static bool in_client = false; /* Not in the client by default */
94 static struct smbconf_csn conf_last_csn;
96 static int config_backend = CONFIG_BACKEND_FILE;
98 /* some helpful bits */
99 #define LP_SNUM_OK(i) (((i) >= 0) && ((i) < iNumServices) && (ServicePtrs != NULL) && ServicePtrs[(i)]->valid)
100 #define VALID(i) (ServicePtrs != NULL && ServicePtrs[i]->valid)
102 #define USERSHARE_VALID 1
103 #define USERSHARE_PENDING_DELETE 2
105 static bool defaults_saved = false;
107 #include "lib/param/param_global.h"
109 static struct loadparm_global Globals;
111 /* This is a default service used to prime a services structure */
112 static struct loadparm_service sDefault =
117 .usershare_last_mod = {0, 0},
121 .invalid_users = NULL,
128 .root_preexec = NULL,
129 .root_postexec = NULL,
130 .cups_options = NULL,
131 .print_command = NULL,
133 .lprm_command = NULL,
134 .lppause_command = NULL,
135 .lpresume_command = NULL,
136 .queuepause_command = NULL,
137 .queueresume_command = NULL,
138 ._printername = NULL,
139 .printjob_username = NULL,
140 .dont_descend = NULL,
143 .magic_script = NULL,
144 .magic_output = NULL,
147 .veto_oplock_files = NULL,
157 .aio_write_behind = NULL,
158 .dfree_command = NULL,
159 .min_print_space = 0,
160 .iMaxPrintJobs = 1000,
161 .max_reported_print_jobs = 0,
162 .write_cache_size = 0,
164 .force_create_mode = 0,
165 .directory_mask = 0755,
166 .force_directory_mode = 0,
167 .max_connections = 0,
168 .default_case = CASE_LOWER,
169 .printing = DEFAULT_PRINTING,
170 .oplock_contention_limit = 2,
173 .dfree_cache_time = 0,
174 .preexec_close = false,
175 .root_preexec_close = false,
176 .case_sensitive = Auto,
177 .preserve_case = true,
178 .short_preserve_case = true,
179 .hide_dot_files = true,
180 .hide_special_files = false,
181 .hide_unreadable = false,
182 .hide_unwriteable_files = false,
184 .access_based_share_enum = false,
188 .administrative_share = false,
191 .print_notify_backchannel = false,
195 .store_dos_attributes = false,
196 .dmapi_support = false,
198 .strict_locking = Auto,
199 .posix_locking = true,
201 .kernel_oplocks = false,
202 .level2_oplocks = true,
204 .mangled_names = true,
206 .follow_symlinks = true,
207 .sync_always = false,
208 .strict_allocate = false,
209 .strict_sync = false,
210 .mangling_char = '~',
212 .delete_readonly = false,
213 .fake_oplocks = false,
214 .delete_veto_files = false,
215 .dos_filemode = false,
216 .dos_filetimes = true,
217 .dos_filetime_resolution = false,
218 .fake_directory_create_times = false,
219 .blocking_locks = true,
220 .inherit_permissions = false,
221 .inherit_acls = false,
222 .inherit_owner = false,
224 .use_client_driver = false,
225 .default_devmode = true,
226 .force_printername = false,
227 .nt_acl_support = true,
228 .force_unknown_acl_user = false,
229 ._use_sendfile = false,
230 .profile_acls = false,
231 .map_acl_inherit = false,
234 .acl_check_permissions = true,
235 .acl_map_full_control = true,
236 .acl_group_control = false,
237 .acl_allow_execute_always = false,
238 .change_notify = true,
239 .kernel_change_notify = true,
240 .allocation_roundup_size = SMB_ROUNDUP_ALLOCATION_SIZE,
243 .map_readonly = MAP_READONLY_YES,
244 .directory_name_cache_size = 100,
245 .smb_encrypt = SMB_SIGNING_DEFAULT,
246 .kernel_share_modes = true,
247 .durable_handles = true,
252 /* local variables */
253 static struct loadparm_service **ServicePtrs = NULL;
254 static int iNumServices = 0;
255 static int iServiceIndex = 0;
256 static struct db_context *ServiceHash;
257 static bool bInGlobalSection = true;
258 static bool bGlobalOnly = false;
259 static struct file_lists *file_lists = NULL;
260 static unsigned int *flags_list = NULL;
262 static void set_allowed_client_auth(void);
264 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue);
265 static void free_param_opts(struct parmlist_entry **popts);
267 /* this is used to prevent lots of mallocs of size 1 */
268 static const char null_string[] = "";
274 static void string_free(char **s)
278 if (*s == null_string)
284 Set a string value, deallocating any existing space, and allocing the space
288 static bool string_set(TALLOC_CTX *mem_ctx, char **dest,const char *src)
296 (*dest) = talloc_strdup(mem_ctx, src);
297 if ((*dest) == NULL) {
298 DEBUG(0,("Out of memory in string_init\n"));
305 bool lp_string_set(char **dest, const char *src) {
306 return string_set(Globals.ctx, dest, src);
309 /***************************************************************************
310 Initialise the sDefault parameter structure for the printer values.
311 ***************************************************************************/
313 void init_printer_values(TALLOC_CTX *ctx, struct loadparm_service *pService)
315 /* choose defaults depending on the type of printing */
316 switch (pService->printing) {
321 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P'%p'");
322 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P'%p' %j");
323 lpcfg_string_set(ctx, &pService->print_command, "lpr -r -P'%p' %s");
328 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P'%p'");
329 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P'%p' %j");
330 lpcfg_string_set(ctx, &pService->print_command, "lpr -r -P'%p' %s");
331 lpcfg_string_set(ctx, &pService->queuepause_command, "lpc stop '%p'");
332 lpcfg_string_set(ctx, &pService->queueresume_command, "lpc start '%p'");
333 lpcfg_string_set(ctx, &pService->lppause_command, "lpc hold '%p' %j");
334 lpcfg_string_set(ctx, &pService->lpresume_command, "lpc release '%p' %j");
339 /* set the lpq command to contain the destination printer
340 name only. This is used by cups_queue_get() */
341 lpcfg_string_set(ctx, &pService->lpq_command, "%p");
342 lpcfg_string_set(ctx, &pService->lprm_command, "");
343 lpcfg_string_set(ctx, &pService->print_command, "");
344 lpcfg_string_set(ctx, &pService->lppause_command, "");
345 lpcfg_string_set(ctx, &pService->lpresume_command, "");
346 lpcfg_string_set(ctx, &pService->queuepause_command, "");
347 lpcfg_string_set(ctx, &pService->queueresume_command, "");
352 lpcfg_string_set(ctx, &pService->lpq_command, "lpstat -o%p");
353 lpcfg_string_set(ctx, &pService->lprm_command, "cancel %p-%j");
354 lpcfg_string_set(ctx, &pService->print_command, "lp -c -d%p %s; rm %s");
355 lpcfg_string_set(ctx, &pService->queuepause_command, "disable %p");
356 lpcfg_string_set(ctx, &pService->queueresume_command, "enable %p");
358 lpcfg_string_set(ctx, &pService->lppause_command, "lp -i %p-%j -H hold");
359 lpcfg_string_set(ctx, &pService->lpresume_command, "lp -i %p-%j -H resume");
364 lpcfg_string_set(ctx, &pService->lpq_command, "lpq -P%p");
365 lpcfg_string_set(ctx, &pService->lprm_command, "lprm -P%p %j");
366 lpcfg_string_set(ctx, &pService->print_command, "lp -r -P%p %s");
369 #if defined(DEVELOPER) || defined(ENABLE_SELFTEST)
374 TALLOC_CTX *tmp_ctx = talloc_new(ctx);
377 tdbfile = talloc_asprintf(
378 tmp_ctx, "tdbfile=%s",
379 lp_parm_const_string(-1, "vlp", "tdbfile",
381 if (tdbfile == NULL) {
382 tdbfile="tdbfile=/tmp/vlp.tdb";
385 tmp = talloc_asprintf(tmp_ctx, "vlp %s print %%p %%s",
387 lpcfg_string_set(ctx, &pService->print_command,
388 tmp ? tmp : "vlp print %p %s");
390 tmp = talloc_asprintf(tmp_ctx, "vlp %s lpq %%p",
392 lpcfg_string_set(ctx, &pService->lpq_command,
393 tmp ? tmp : "vlp lpq %p");
395 tmp = talloc_asprintf(tmp_ctx, "vlp %s lprm %%p %%j",
397 lpcfg_string_set(ctx, &pService->lprm_command,
398 tmp ? tmp : "vlp lprm %p %j");
400 tmp = talloc_asprintf(tmp_ctx, "vlp %s lppause %%p %%j",
402 lpcfg_string_set(ctx, &pService->lppause_command,
403 tmp ? tmp : "vlp lppause %p %j");
405 tmp = talloc_asprintf(tmp_ctx, "vlp %s lpresume %%p %%j",
407 lpcfg_string_set(ctx, &pService->lpresume_command,
408 tmp ? tmp : "vlp lpresume %p %j");
410 tmp = talloc_asprintf(tmp_ctx, "vlp %s queuepause %%p",
412 lpcfg_string_set(ctx, &pService->queuepause_command,
413 tmp ? tmp : "vlp queuepause %p");
415 tmp = talloc_asprintf(tmp_ctx, "vlp %s queueresume %%p",
417 lpcfg_string_set(ctx, &pService->queueresume_command,
418 tmp ? tmp : "vlp queueresume %p");
419 TALLOC_FREE(tmp_ctx);
423 #endif /* DEVELOPER */
428 * Function to return the default value for the maximum number of open
429 * file descriptors permitted. This function tries to consult the
430 * kernel-level (sysctl) and ulimit (getrlimit()) values and goes
431 * the smaller of those.
433 static int max_open_files(void)
435 int sysctl_max = MAX_OPEN_FILES;
436 int rlimit_max = MAX_OPEN_FILES;
438 #ifdef HAVE_SYSCTLBYNAME
440 size_t size = sizeof(sysctl_max);
441 sysctlbyname("kern.maxfilesperproc", &sysctl_max, &size, NULL,
446 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
452 if (getrlimit(RLIMIT_NOFILE, &rl) == 0)
453 rlimit_max = rl.rlim_cur;
455 #if defined(RLIM_INFINITY)
456 if(rl.rlim_cur == RLIM_INFINITY)
457 rlimit_max = MAX_OPEN_FILES;
462 if (sysctl_max < MIN_OPEN_FILES_WINDOWS) {
463 DEBUG(2,("max_open_files: increasing sysctl_max (%d) to "
464 "minimum Windows limit (%d)\n",
466 MIN_OPEN_FILES_WINDOWS));
467 sysctl_max = MIN_OPEN_FILES_WINDOWS;
470 if (rlimit_max < MIN_OPEN_FILES_WINDOWS) {
471 DEBUG(2,("rlimit_max: increasing rlimit_max (%d) to "
472 "minimum Windows limit (%d)\n",
474 MIN_OPEN_FILES_WINDOWS));
475 rlimit_max = MIN_OPEN_FILES_WINDOWS;
478 return MIN(sysctl_max, rlimit_max);
482 * Common part of freeing allocated data for one parameter.
484 static void free_one_parameter_common(void *parm_ptr,
485 struct parm_struct parm)
487 if ((parm.type == P_STRING) ||
488 (parm.type == P_USTRING))
490 string_free((char**)parm_ptr);
491 } else if (parm.type == P_LIST || parm.type == P_CMDLIST) {
492 TALLOC_FREE(*((char***)parm_ptr));
497 * Free the allocated data for one parameter for a share
498 * given as a service struct.
500 static void free_one_parameter(struct loadparm_service *service,
501 struct parm_struct parm)
505 if (parm.p_class != P_LOCAL) {
509 parm_ptr = lp_parm_ptr(service, &parm);
511 free_one_parameter_common(parm_ptr, parm);
515 * Free the allocated parameter data of a share given
516 * as a service struct.
518 static void free_parameters(struct loadparm_service *service)
522 for (i=0; parm_table[i].label; i++) {
523 free_one_parameter(service, parm_table[i]);
528 * Free the allocated data for one parameter for a given share
529 * specified by an snum.
531 static void free_one_parameter_by_snum(int snum, struct parm_struct parm)
536 parm_ptr = lp_parm_ptr(NULL, &parm);
537 } else if (parm.p_class != P_LOCAL) {
540 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm);
543 free_one_parameter_common(parm_ptr, parm);
547 * Free the allocated parameter data for a share specified
550 static void free_parameters_by_snum(int snum)
554 for (i=0; parm_table[i].label; i++) {
555 free_one_parameter_by_snum(snum, parm_table[i]);
560 * Free the allocated global parameters.
562 static void free_global_parameters(void)
564 free_param_opts(&Globals.param_opt);
565 free_parameters_by_snum(GLOBAL_SECTION_SNUM);
566 TALLOC_FREE(Globals.ctx);
569 struct lp_stored_option {
570 struct lp_stored_option *prev, *next;
575 static struct lp_stored_option *stored_options;
578 save options set by lp_set_cmdline() into a list. This list is
579 re-applied when we do a globals reset, so that cmdline set options
580 are sticky across reloads of smb.conf
582 bool store_lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
584 struct lp_stored_option *entry, *entry_next;
585 for (entry = stored_options; entry != NULL; entry = entry_next) {
586 entry_next = entry->next;
587 if (strcmp(pszParmName, entry->label) == 0) {
588 DLIST_REMOVE(stored_options, entry);
594 entry = talloc(NULL, struct lp_stored_option);
599 entry->label = talloc_strdup(entry, pszParmName);
605 entry->value = talloc_strdup(entry, pszParmValue);
611 DLIST_ADD_END(stored_options, entry, struct lp_stored_option);
616 static bool apply_lp_set_cmdline(void)
618 struct lp_stored_option *entry = NULL;
619 for (entry = stored_options; entry != NULL; entry = entry->next) {
620 if (!lp_set_cmdline_helper(entry->label, entry->value)) {
621 DEBUG(0, ("Failed to re-apply cmdline parameter %s = %s\n",
622 entry->label, entry->value));
629 /***************************************************************************
630 Initialise the global parameter structure.
631 ***************************************************************************/
633 static void init_globals(bool reinit_globals)
635 static bool done_init = false;
639 /* If requested to initialize only once and we've already done it... */
640 if (!reinit_globals && done_init) {
641 /* ... then we have nothing more to do */
646 /* The logfile can be set before this is invoked. Free it if so. */
647 if (Globals.logfile != NULL) {
648 string_free(&Globals.logfile);
649 Globals.logfile = NULL;
653 free_global_parameters();
656 /* This memset and the free_global_parameters() above will
657 * wipe out smb.conf options set with lp_set_cmdline(). The
658 * apply_lp_set_cmdline() call puts these values back in the
659 * table once the defaults are set */
660 ZERO_STRUCT(Globals);
662 Globals.ctx = talloc_pooled_object(NULL, char, 272, 2048);
664 /* Initialize the flags list if necessary */
665 if (flags_list == NULL) {
669 for (i = 0; parm_table[i].label; i++) {
670 if ((parm_table[i].type == P_STRING ||
671 parm_table[i].type == P_USTRING))
673 string_set(Globals.ctx, (char **)lp_parm_ptr(NULL, &parm_table[i]), "");
678 string_set(Globals.ctx, &sDefault.fstype, FSTYPE_STRING);
679 string_set(Globals.ctx, &sDefault.printjob_username, "%U");
681 init_printer_values(Globals.ctx, &sDefault);
683 sDefault.ntvfs_handler = (const char **)str_list_make_v3(NULL, "unixuid default", NULL);
685 DEBUG(3, ("Initialising global parameters\n"));
687 /* Must manually force to upper case here, as this does not go via the handler */
688 string_set(Globals.ctx, &Globals.netbios_name, myhostname_upper());
690 string_set(Globals.ctx, &Globals.smb_passwd_file, get_dyn_SMB_PASSWD_FILE());
691 string_set(Globals.ctx, &Globals.private_dir, get_dyn_PRIVATE_DIR());
693 /* use the new 'hash2' method by default, with a prefix of 1 */
694 string_set(Globals.ctx, &Globals.mangling_method, "hash2");
695 Globals.mangle_prefix = 1;
697 string_set(Globals.ctx, &Globals.guest_account, GUEST_ACCOUNT);
699 /* using UTF8 by default allows us to support all chars */
700 string_set(Globals.ctx, &Globals.unix_charset, DEFAULT_UNIX_CHARSET);
702 /* Use codepage 850 as a default for the dos character set */
703 string_set(Globals.ctx, &Globals.dos_charset, DEFAULT_DOS_CHARSET);
706 * Allow the default PASSWD_CHAT to be overridden in local.h.
708 string_set(Globals.ctx, &Globals.passwd_chat, DEFAULT_PASSWD_CHAT);
710 string_set(Globals.ctx, &Globals.workgroup, DEFAULT_WORKGROUP);
712 string_set(Globals.ctx, &Globals.passwd_program, "");
713 string_set(Globals.ctx, &Globals.lock_directory, get_dyn_LOCKDIR());
714 string_set(Globals.ctx, &Globals.state_directory, get_dyn_STATEDIR());
715 string_set(Globals.ctx, &Globals.cache_directory, get_dyn_CACHEDIR());
716 string_set(Globals.ctx, &Globals.pid_directory, get_dyn_PIDDIR());
717 string_set(Globals.ctx, &Globals.nbt_client_socket_address, "0.0.0.0");
719 * By default support explicit binding to broadcast
722 Globals.nmbd_bind_explicit_broadcast = true;
724 s = talloc_asprintf(talloc_tos(), "Samba %s", samba_version_string());
726 smb_panic("init_globals: ENOMEM");
728 string_set(Globals.ctx, &Globals.server_string, s);
731 string_set(Globals.ctx, &Globals.panic_action, "/bin/sleep 999999999");
734 string_set(Globals.ctx, &Globals.socket_options, DEFAULT_SOCKET_OPTIONS);
736 string_set(Globals.ctx, &Globals.logon_drive, "");
737 /* %N is the NIS auto.home server if -DAUTOHOME is used, else same as %L */
738 string_set(Globals.ctx, &Globals.logon_home, "\\\\%N\\%U");
739 string_set(Globals.ctx, &Globals.logon_path, "\\\\%N\\%U\\profile");
741 Globals.name_resolve_order = (const char **)str_list_make_v3(NULL, "lmhosts wins host bcast", NULL);
742 string_set(Globals.ctx, &Globals.password_server, "*");
744 Globals.algorithmic_rid_base = BASE_RID;
746 Globals.load_printers = true;
747 Globals.printcap_cache_time = 750; /* 12.5 minutes */
749 Globals.config_backend = config_backend;
750 Globals._server_role = ROLE_AUTO;
752 /* Was 65535 (0xFFFF). 0x4101 matches W2K and causes major speed improvements... */
753 /* Discovered by 2 days of pain by Don McCall @ HP :-). */
754 Globals.max_xmit = 0x4104;
755 Globals.max_mux = 50; /* This is *needed* for profile support. */
756 Globals.lpq_cache_time = 30; /* changed to handle large print servers better -- jerry */
757 Globals._disable_spoolss = false;
758 Globals.max_smbd_processes = 0;/* no limit specified */
759 Globals.username_level = 0;
760 Globals.deadtime = 0;
761 Globals.getwd_cache = true;
762 Globals.large_readwrite = true;
763 Globals.max_log_size = 5000;
764 Globals.max_open_files = max_open_files();
765 Globals.server_max_protocol = PROTOCOL_SMB3_00;
766 Globals.server_min_protocol = PROTOCOL_LANMAN1;
767 Globals.client_max_protocol = PROTOCOL_NT1;
768 Globals.client_min_protocol = PROTOCOL_CORE;
769 Globals._security = SEC_AUTO;
770 Globals.encrypt_passwords = true;
771 Globals.client_schannel = Auto;
772 Globals.winbind_sealed_pipes = true;
773 Globals.require_strong_key = true;
774 Globals.server_schannel = Auto;
775 Globals.read_raw = true;
776 Globals.write_raw = true;
777 Globals.null_passwords = false;
778 Globals.old_password_allowed_period = 60;
779 Globals.obey_pam_restrictions = false;
781 Globals.syslog_only = false;
782 Globals.timestamp_logs = true;
783 string_set(Globals.ctx, &Globals.log_level, "0");
784 Globals.debug_prefix_timestamp = false;
785 Globals.debug_hires_timestamp = true;
786 Globals.debug_pid = false;
787 Globals.debug_uid = false;
788 Globals.debug_class = false;
789 Globals.enable_core_files = true;
790 Globals.max_ttl = 60 * 60 * 24 * 3; /* 3 days default. */
791 Globals.max_wins_ttl = 60 * 60 * 24 * 6; /* 6 days default. */
792 Globals.min_wins_ttl = 60 * 60 * 6; /* 6 hours default. */
793 Globals.machine_password_timeout = 60 * 60 * 24 * 7; /* 7 days default. */
794 Globals.lm_announce = Auto; /* = Auto: send only if LM clients found */
795 Globals.lm_interval = 60;
796 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
797 Globals.nis_homedir = false;
798 #ifdef WITH_NISPLUS_HOME
799 string_set(Globals.ctx, &Globals.homedir_map, "auto_home.org_dir");
801 string_set(Globals.ctx, &Globals.homedir_map, "auto.home");
804 Globals.time_server = false;
805 Globals.bind_interfaces_only = false;
806 Globals.unix_password_sync = false;
807 Globals.pam_password_change = false;
808 Globals.passwd_chat_debug = false;
809 Globals.passwd_chat_timeout = 2; /* 2 second default. */
810 Globals.nt_pipe_support = true; /* Do NT pipes by default. */
811 Globals.nt_status_support = true; /* Use NT status by default. */
812 Globals.stat_cache = true; /* use stat cache by default */
813 Globals.max_stat_cache_size = 256; /* 256k by default */
814 Globals.restrict_anonymous = 0;
815 Globals.client_lanman_auth = false; /* Do NOT use the LanMan hash if it is available */
816 Globals.client_plaintext_auth = false; /* Do NOT use a plaintext password even if is requested by the server */
817 Globals.lanman_auth = false; /* Do NOT use the LanMan hash, even if it is supplied */
818 Globals.ntlm_auth = true; /* Do use NTLMv1 if it is supplied by the client (otherwise NTLMv2) */
819 Globals.client_ntlmv2_auth = true; /* Client should always use use NTLMv2, as we can't tell that the server supports it, but most modern servers do */
820 /* Note, that we will also use NTLM2 session security (which is different), if it is available */
822 Globals.map_to_guest = 0; /* By Default, "Never" */
823 Globals.oplock_break_wait_time = 0; /* By Default, 0 msecs. */
824 Globals.enhanced_browsing = true;
825 Globals.lock_spin_time = WINDOWS_MINIMUM_LOCK_TIMEOUT_MS; /* msec. */
826 #ifdef MMAP_BLACKLIST
827 Globals.use_mmap = false;
829 Globals.use_mmap = true;
831 Globals.unicode = true;
832 Globals.unix_extensions = true;
833 Globals.reset_on_zero_vc = false;
834 Globals.log_writeable_files_on_exit = false;
835 Globals.create_krb5_conf = true;
836 Globals.winbindMaxDomainConnections = 1;
838 /* hostname lookups can be very expensive and are broken on
839 a large number of sites (tridge) */
840 Globals.hostname_lookups = false;
842 string_set(Globals.ctx, &Globals.passdb_backend, "tdbsam");
843 string_set(Globals.ctx, &Globals.ldap_suffix, "");
844 string_set(Globals.ctx, &Globals.szLdapMachineSuffix, "");
845 string_set(Globals.ctx, &Globals.szLdapUserSuffix, "");
846 string_set(Globals.ctx, &Globals.szLdapGroupSuffix, "");
847 string_set(Globals.ctx, &Globals.szLdapIdmapSuffix, "");
849 string_set(Globals.ctx, &Globals.ldap_admin_dn, "");
850 Globals.ldap_ssl = LDAP_SSL_START_TLS;
851 Globals.ldap_ssl_ads = false;
852 Globals.ldap_deref = -1;
853 Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
854 Globals.ldap_delete_dn = false;
855 Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
856 Globals.ldap_follow_referral = Auto;
857 Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
858 Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
859 Globals.ldap_page_size = LDAP_PAGE_SIZE;
861 Globals.ldap_debug_level = 0;
862 Globals.ldap_debug_threshold = 10;
864 /* This is what we tell the afs client. in reality we set the token
865 * to never expire, though, when this runs out the afs client will
866 * forget the token. Set to 0 to get NEVERDATE.*/
867 Globals.afs_token_lifetime = 604800;
868 Globals.cups_connection_timeout = CUPS_DEFAULT_CONNECTION_TIMEOUT;
870 /* these parameters are set to defaults that are more appropriate
871 for the increasing samba install base:
873 as a member of the workgroup, that will possibly become a
874 _local_ master browser (lm = true). this is opposed to a forced
875 local master browser startup (pm = true).
877 doesn't provide WINS server service by default (wsupp = false),
878 and doesn't provide domain master browser services by default, either.
882 Globals.show_add_printer_wizard = true;
883 Globals.os_level = 20;
884 Globals.local_master = true;
885 Globals._domain_master = Auto; /* depending on _domain_logons */
886 Globals._domain_logons = false;
887 Globals.browse_list = true;
888 Globals.we_are_a_wins_server = false;
889 Globals.wins_proxy = false;
891 TALLOC_FREE(Globals.init_logon_delayed_hosts);
892 Globals.init_logon_delay = 100; /* 100 ms default delay */
894 Globals.wins_dns_proxy = true;
896 Globals.allow_trusted_domains = true;
897 string_set(Globals.ctx, &Globals.szIdmapBackend, "tdb");
899 string_set(Globals.ctx, &Globals.template_shell, "/bin/false");
900 string_set(Globals.ctx, &Globals.template_homedir, "/home/%D/%U");
901 string_set(Globals.ctx, &Globals.winbind_separator, "\\");
902 string_set(Globals.ctx, &Globals.winbindd_socket_directory, dyn_WINBINDD_SOCKET_DIR);
904 string_set(Globals.ctx, &Globals.cups_server, "");
905 string_set(Globals.ctx, &Globals.iprint_server, "");
907 string_set(Globals.ctx, &Globals._ctdbd_socket, "");
909 Globals.cluster_addresses = NULL;
910 Globals.clustering = false;
911 Globals.ctdb_timeout = 0;
912 Globals.ctdb_locktime_warn_threshold = 0;
914 Globals.winbind_cache_time = 300; /* 5 minutes */
915 Globals.winbind_reconnect_delay = 30; /* 30 seconds */
916 Globals.winbind_max_clients = 200;
917 Globals.winbind_enum_users = false;
918 Globals.winbind_enum_groups = false;
919 Globals.winbind_use_default_domain = false;
920 Globals.winbind_trusted_domains_only = false;
921 Globals.winbind_nested_groups = true;
922 Globals.winbind_expand_groups = 1;
923 Globals.winbind_nss_info = (const char **)str_list_make_v3(NULL, "template", NULL);
924 Globals.winbind_refresh_tickets = false;
925 Globals.winbind_offline_logon = false;
927 Globals.idmap_cache_time = 86400 * 7; /* a week by default */
928 Globals.idmap_negative_cache_time = 120; /* 2 minutes by default */
930 Globals.passdb_expand_explicit = false;
932 Globals.name_cache_timeout = 660; /* In seconds */
934 Globals.use_spnego = true;
935 Globals.client_use_spnego = true;
937 Globals.client_signing = SMB_SIGNING_DEFAULT;
938 Globals.server_signing = SMB_SIGNING_DEFAULT;
940 Globals.defer_sharing_violations = true;
941 Globals.smb_ports = (const char **)str_list_make_v3(NULL, SMB_PORTS, NULL);
943 Globals.enable_privileges = true;
944 Globals.host_msdfs = true;
945 Globals.enable_asu_support = false;
947 /* User defined shares. */
948 s = talloc_asprintf(talloc_tos(), "%s/usershares", get_dyn_STATEDIR());
950 smb_panic("init_globals: ENOMEM");
952 string_set(Globals.ctx, &Globals.usershare_path, s);
954 string_set(Globals.ctx, &Globals.usershare_template_share, "");
955 Globals.usershare_max_shares = 0;
956 /* By default disallow sharing of directories not owned by the sharer. */
957 Globals.usershare_owner_only = true;
958 /* By default disallow guest access to usershares. */
959 Globals.usershare_allow_guests = false;
961 Globals.keepalive = DEFAULT_KEEPALIVE;
963 /* By default no shares out of the registry */
964 Globals.registry_shares = false;
966 Globals.iminreceivefile = 0;
968 Globals.map_untrusted_to_domain = false;
969 Globals.multicast_dns_register = true;
971 Globals.smb2_max_read = DEFAULT_SMB2_MAX_READ;
972 Globals.smb2_max_write = DEFAULT_SMB2_MAX_WRITE;
973 Globals.smb2_max_trans = DEFAULT_SMB2_MAX_TRANSACT;
974 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
976 string_set(Globals.ctx, &Globals.ncalrpc_dir, get_dyn_NCALRPCDIR());
978 Globals.server_services = (const char **)str_list_make_v3(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL);
980 Globals.dcerpc_endpoint_servers = (const char **)str_list_make_v3(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc spoolss drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL);
982 Globals.tls_enabled = true;
984 string_set(Globals.ctx, &Globals._tls_keyfile, "tls/key.pem");
985 string_set(Globals.ctx, &Globals._tls_certfile, "tls/cert.pem");
986 string_set(Globals.ctx, &Globals._tls_cafile, "tls/ca.pem");
988 string_set(Globals.ctx, &Globals.share_backend, "classic");
990 Globals.iPreferredMaster = Auto;
992 Globals.allow_dns_updates = DNS_UPDATE_SIGNED;
994 string_set(Globals.ctx, &Globals.ntp_signd_socket_directory, get_dyn_NTP_SIGND_SOCKET_DIR());
996 string_set(Globals.ctx, &Globals.winbindd_privileged_socket_directory, get_dyn_WINBINDD_PRIVILEGED_SOCKET_DIR());
998 s = talloc_asprintf(talloc_tos(), "%s/samba_kcc", get_dyn_SCRIPTSBINDIR());
1000 smb_panic("init_globals: ENOMEM");
1002 Globals.samba_kcc_command = (const char **)str_list_make_v3(NULL, s, NULL);
1005 s = talloc_asprintf(talloc_tos(), "%s/samba_dnsupdate", get_dyn_SCRIPTSBINDIR());
1007 smb_panic("init_globals: ENOMEM");
1009 Globals.dns_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
1012 s = talloc_asprintf(talloc_tos(), "%s/samba_spnupdate", get_dyn_SCRIPTSBINDIR());
1014 smb_panic("init_globals: ENOMEM");
1016 Globals.spn_update_command = (const char **)str_list_make_v3(NULL, s, NULL);
1019 Globals.nsupdate_command = (const char **)str_list_make_v3(NULL, "/usr/bin/nsupdate -g", NULL);
1021 Globals.rndc_command = (const char **)str_list_make_v3(NULL, "/usr/sbin/rndc", NULL);
1023 Globals.cldap_port = 389;
1025 Globals.dgram_port = 138;
1027 Globals.nbt_port = 137;
1029 Globals.krb5_port = 88;
1031 Globals.kpasswd_port = 464;
1033 Globals.web_port = 901;
1035 /* Now put back the settings that were set with lp_set_cmdline() */
1036 apply_lp_set_cmdline();
1039 /*******************************************************************
1040 Convenience routine to grab string parameters into talloced memory
1041 and run standard_sub_basic on them. The buffers can be written to by
1042 callers without affecting the source string.
1043 ********************************************************************/
1045 char *lp_string(TALLOC_CTX *ctx, const char *s)
1049 /* The follow debug is useful for tracking down memory problems
1050 especially if you have an inner loop that is calling a lp_*()
1051 function that returns a string. Perhaps this debug should be
1052 present all the time? */
1055 DEBUG(10, ("lp_string(%s)\n", s));
1061 ret = talloc_sub_basic(ctx,
1062 get_current_username(),
1063 current_user_info.domain,
1065 if (trim_char(ret, '\"', '\"')) {
1066 if (strchr(ret,'\"') != NULL) {
1068 ret = talloc_sub_basic(ctx,
1069 get_current_username(),
1070 current_user_info.domain,
1078 In this section all the functions that are used to access the
1079 parameters from the rest of the program are defined
1082 #define FN_GLOBAL_STRING(fn_name,ptr) \
1083 char *lp_ ## fn_name(TALLOC_CTX *ctx) {return(lp_string((ctx), *(char **)(&Globals.ptr) ? *(char **)(&Globals.ptr) : ""));}
1084 #define FN_GLOBAL_CONST_STRING(fn_name,ptr) \
1085 const char *lp_ ## fn_name(void) {return(*(const char * const *)(&Globals.ptr) ? *(const char * const *)(&Globals.ptr) : "");}
1086 #define FN_GLOBAL_LIST(fn_name,ptr) \
1087 const char **lp_ ## fn_name(void) {return(*(const char ***)(&Globals.ptr));}
1088 #define FN_GLOBAL_BOOL(fn_name,ptr) \
1089 bool lp_ ## fn_name(void) {return(*(bool *)(&Globals.ptr));}
1090 #define FN_GLOBAL_CHAR(fn_name,ptr) \
1091 char lp_ ## fn_name(void) {return(*(char *)(&Globals.ptr));}
1092 #define FN_GLOBAL_INTEGER(fn_name,ptr) \
1093 int lp_ ## fn_name(void) {return(*(int *)(&Globals.ptr));}
1095 #define FN_LOCAL_STRING(fn_name,val) \
1096 char *lp_ ## fn_name(TALLOC_CTX *ctx,int i) {return(lp_string((ctx), (LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val));}
1097 #define FN_LOCAL_CONST_STRING(fn_name,val) \
1098 const char *lp_ ## fn_name(int i) {return (const char *)((LP_SNUM_OK(i) && ServicePtrs[(i)]->val) ? ServicePtrs[(i)]->val : sDefault.val);}
1099 #define FN_LOCAL_LIST(fn_name,val) \
1100 const char **lp_ ## fn_name(int i) {return(const char **)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1101 #define FN_LOCAL_BOOL(fn_name,val) \
1102 bool lp_ ## fn_name(int i) {return(bool)(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1103 #define FN_LOCAL_INTEGER(fn_name,val) \
1104 int lp_ ## fn_name(int i) {return(LP_SNUM_OK(i)? ServicePtrs[(i)]->val : sDefault.val);}
1106 #define FN_LOCAL_PARM_BOOL(fn_name,val) \
1107 bool lp_ ## fn_name(const struct share_params *p) {return(bool)(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1108 #define FN_LOCAL_PARM_INTEGER(fn_name,val) \
1109 int lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1110 #define FN_LOCAL_PARM_CHAR(fn_name,val) \
1111 char lp_ ## fn_name(const struct share_params *p) {return(LP_SNUM_OK(p->service)? ServicePtrs[(p->service)]->val : sDefault.val);}
1113 static FN_GLOBAL_INTEGER(winbind_max_domain_connections_int,
1114 winbindMaxDomainConnections)
1116 int lp_winbind_max_domain_connections(void)
1118 if (lp_winbind_offline_logon() &&
1119 lp_winbind_max_domain_connections_int() > 1) {
1120 DEBUG(1, ("offline logons active, restricting max domain "
1121 "connections to 1\n"));
1124 return MAX(1, lp_winbind_max_domain_connections_int());
1127 int lp_smb2_max_credits(void)
1129 if (Globals.ismb2_max_credits == 0) {
1130 Globals.ismb2_max_credits = DEFAULT_SMB2_MAX_CREDITS;
1132 return Globals.ismb2_max_credits;
1134 int lp_cups_encrypt(void)
1137 #ifdef HAVE_HTTPCONNECTENCRYPT
1138 switch (Globals.CupsEncrypt) {
1140 result = HTTP_ENCRYPT_REQUIRED;
1143 result = HTTP_ENCRYPT_ALWAYS;
1146 result = HTTP_ENCRYPT_NEVER;
1153 /* These functions remain in source3/param for now */
1155 #include "lib/param/param_functions.c"
1157 FN_LOCAL_STRING(servicename, szService)
1158 FN_LOCAL_CONST_STRING(const_servicename, szService)
1160 /* These functions cannot be auto-generated */
1161 FN_LOCAL_BOOL(autoloaded, autoloaded)
1162 FN_GLOBAL_CONST_STRING(dnsdomain, dnsdomain)
1164 /* local prototypes */
1166 static int map_parameter_canonical(const char *pszParmName, bool *inverse);
1167 static const char *get_boolean(bool bool_value);
1168 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
1170 static bool hash_a_service(const char *name, int number);
1171 static void free_service_byindex(int iService);
1172 static void show_parameter(int parmIndex);
1173 static bool is_synonym_of(int parm1, int parm2, bool *inverse);
1176 * This is a helper function for parametrical options support. It returns a
1177 * pointer to parametrical option value if it exists or NULL otherwise. Actual
1178 * parametrical functions are quite simple
1180 static struct parmlist_entry *get_parametrics(int snum, const char *type,
1183 if (snum >= iNumServices) return NULL;
1186 return get_parametric_helper(NULL, type, option, Globals.param_opt);
1188 return get_parametric_helper(ServicePtrs[snum],
1189 type, option, Globals.param_opt);
1194 #define MISSING_PARAMETER(name) \
1195 DEBUG(0, ("%s(): value is NULL or empty!\n", #name))
1197 /*******************************************************************
1198 convenience routine to return enum parameters.
1199 ********************************************************************/
1200 static int lp_enum(const char *s,const struct enum_list *_enum)
1204 if (!s || !*s || !_enum) {
1205 MISSING_PARAMETER(lp_enum);
1209 for (i=0; _enum[i].name; i++) {
1210 if (strequal(_enum[i].name,s))
1211 return _enum[i].value;
1214 DEBUG(0,("lp_enum(%s,enum): value is not in enum_list!\n",s));
1218 #undef MISSING_PARAMETER
1220 /* Return parametric option from a given service. Type is a part of option before ':' */
1221 /* Parametric option has following syntax: 'Type: option = value' */
1222 char *lp_parm_talloc_string(TALLOC_CTX *ctx, int snum, const char *type, const char *option, const char *def)
1224 struct parmlist_entry *data = get_parametrics(snum, type, option);
1226 if (data == NULL||data->value==NULL) {
1228 return lp_string(ctx, def);
1234 return lp_string(ctx, data->value);
1237 /* Return parametric option from a given service. Type is a part of option before ':' */
1238 /* Parametric option has following syntax: 'Type: option = value' */
1239 const char *lp_parm_const_string(int snum, const char *type, const char *option, const char *def)
1241 struct parmlist_entry *data = get_parametrics(snum, type, option);
1243 if (data == NULL||data->value==NULL)
1250 /* Return parametric option from a given service. Type is a part of option before ':' */
1251 /* Parametric option has following syntax: 'Type: option = value' */
1253 const char **lp_parm_string_list(int snum, const char *type, const char *option, const char **def)
1255 struct parmlist_entry *data = get_parametrics(snum, type, option);
1257 if (data == NULL||data->value==NULL)
1258 return (const char **)def;
1260 if (data->list==NULL) {
1261 data->list = str_list_make_v3(NULL, data->value, NULL);
1264 return (const char **)data->list;
1267 /* Return parametric option from a given service. Type is a part of option before ':' */
1268 /* Parametric option has following syntax: 'Type: option = value' */
1270 int lp_parm_int(int snum, const char *type, const char *option, int def)
1272 struct parmlist_entry *data = get_parametrics(snum, type, option);
1274 if (data && data->value && *data->value)
1275 return lp_int(data->value);
1280 /* Return parametric option from a given service. Type is a part of option before ':' */
1281 /* Parametric option has following syntax: 'Type: option = value' */
1283 unsigned long lp_parm_ulong(int snum, const char *type, const char *option, unsigned long def)
1285 struct parmlist_entry *data = get_parametrics(snum, type, option);
1287 if (data && data->value && *data->value)
1288 return lp_ulong(data->value);
1293 /* Return parametric option from a given service. Type is a part of option before ':' */
1294 /* Parametric option has following syntax: 'Type: option = value' */
1296 bool lp_parm_bool(int snum, const char *type, const char *option, bool def)
1298 struct parmlist_entry *data = get_parametrics(snum, type, option);
1300 if (data && data->value && *data->value)
1301 return lp_bool(data->value);
1306 /* Return parametric option from a given service. Type is a part of option before ':' */
1307 /* Parametric option has following syntax: 'Type: option = value' */
1309 int lp_parm_enum(int snum, const char *type, const char *option,
1310 const struct enum_list *_enum, int def)
1312 struct parmlist_entry *data = get_parametrics(snum, type, option);
1314 if (data && data->value && *data->value && _enum)
1315 return lp_enum(data->value, _enum);
1321 * free a param_opts structure.
1322 * param_opts handling should be moved to talloc;
1323 * then this whole functions reduces to a TALLOC_FREE().
1326 static void free_param_opts(struct parmlist_entry **popts)
1328 struct parmlist_entry *opt, *next_opt;
1330 if (*popts != NULL) {
1331 DEBUG(5, ("Freeing parametrics:\n"));
1334 while (opt != NULL) {
1335 string_free(&opt->key);
1336 string_free(&opt->value);
1337 TALLOC_FREE(opt->list);
1338 next_opt = opt->next;
1345 /***************************************************************************
1346 Free the dynamically allocated parts of a service struct.
1347 ***************************************************************************/
1349 static void free_service(struct loadparm_service *pservice)
1354 if (pservice->szService)
1355 DEBUG(5, ("free_service: Freeing service %s\n",
1356 pservice->szService));
1358 free_parameters(pservice);
1360 string_free(&pservice->szService);
1361 TALLOC_FREE(pservice->copymap);
1363 free_param_opts(&pservice->param_opt);
1365 ZERO_STRUCTP(pservice);
1369 /***************************************************************************
1370 remove a service indexed in the ServicePtrs array from the ServiceHash
1371 and free the dynamically allocated parts
1372 ***************************************************************************/
1374 static void free_service_byindex(int idx)
1376 if ( !LP_SNUM_OK(idx) )
1379 ServicePtrs[idx]->valid = false;
1381 /* we have to cleanup the hash record */
1383 if (ServicePtrs[idx]->szService) {
1384 char *canon_name = canonicalize_servicename(
1386 ServicePtrs[idx]->szService );
1388 dbwrap_delete_bystring(ServiceHash, canon_name );
1389 TALLOC_FREE(canon_name);
1392 free_service(ServicePtrs[idx]);
1393 talloc_free_children(ServicePtrs[idx]);
1396 /***************************************************************************
1397 Add a new service to the services array initialising it with the given
1399 ***************************************************************************/
1401 static int add_a_service(const struct loadparm_service *pservice, const char *name)
1404 int num_to_alloc = iNumServices + 1;
1405 struct loadparm_service **tsp = NULL;
1407 /* it might already exist */
1409 i = getservicebyname(name, NULL);
1415 /* if not, then create one */
1417 tsp = talloc_realloc(NULL, ServicePtrs, struct loadparm_service *, num_to_alloc);
1419 DEBUG(0,("add_a_service: failed to enlarge ServicePtrs!\n"));
1423 ServicePtrs[iNumServices] = talloc_zero(NULL, struct loadparm_service);
1424 if (!ServicePtrs[iNumServices]) {
1425 DEBUG(0,("add_a_service: out of memory!\n"));
1430 ServicePtrs[i]->valid = true;
1432 copy_service(ServicePtrs[i], pservice, NULL);
1434 string_set(ServicePtrs[i], &ServicePtrs[i]->szService, name);
1436 DEBUG(8,("add_a_service: Creating snum = %d for %s\n",
1437 i, ServicePtrs[i]->szService));
1439 if (!hash_a_service(ServicePtrs[i]->szService, i)) {
1446 /***************************************************************************
1447 Convert a string to uppercase and remove whitespaces.
1448 ***************************************************************************/
1450 char *canonicalize_servicename(TALLOC_CTX *ctx, const char *src)
1455 DEBUG(0,("canonicalize_servicename: NULL source name!\n"));
1459 result = talloc_strdup(ctx, src);
1460 SMB_ASSERT(result != NULL);
1462 if (!strlower_m(result)) {
1463 TALLOC_FREE(result);
1469 /***************************************************************************
1470 Add a name/index pair for the services array to the hash table.
1471 ***************************************************************************/
1473 static bool hash_a_service(const char *name, int idx)
1477 if ( !ServiceHash ) {
1478 DEBUG(10,("hash_a_service: creating servicehash\n"));
1479 ServiceHash = db_open_rbt(NULL);
1480 if ( !ServiceHash ) {
1481 DEBUG(0,("hash_a_service: open tdb servicehash failed!\n"));
1486 DEBUG(10,("hash_a_service: hashing index %d for service name %s\n",
1489 canon_name = canonicalize_servicename(talloc_tos(), name );
1491 dbwrap_store_bystring(ServiceHash, canon_name,
1492 make_tdb_data((uint8 *)&idx, sizeof(idx)),
1495 TALLOC_FREE(canon_name);
1500 /***************************************************************************
1501 Add a new home service, with the specified home directory, defaults coming
1503 ***************************************************************************/
1505 bool lp_add_home(const char *pszHomename, int iDefaultService,
1506 const char *user, const char *pszHomedir)
1510 if (pszHomename == NULL || user == NULL || pszHomedir == NULL ||
1511 pszHomedir[0] == '\0') {
1515 i = add_a_service(ServicePtrs[iDefaultService], pszHomename);
1520 if (!(*(ServicePtrs[iDefaultService]->path))
1521 || strequal(ServicePtrs[iDefaultService]->path,
1522 lp_path(talloc_tos(), GLOBAL_SECTION_SNUM))) {
1523 string_set(ServicePtrs[i], &ServicePtrs[i]->path, pszHomedir);
1526 if (!(*(ServicePtrs[i]->comment))) {
1527 char *comment = talloc_asprintf(talloc_tos(), "Home directory of %s", user);
1528 if (comment == NULL) {
1531 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1532 TALLOC_FREE(comment);
1535 /* set the browseable flag from the global default */
1537 ServicePtrs[i]->browseable = sDefault.browseable;
1538 ServicePtrs[i]->access_based_share_enum = sDefault.access_based_share_enum;
1540 ServicePtrs[i]->autoloaded = true;
1542 DEBUG(3, ("adding home's share [%s] for user '%s' at '%s'\n", pszHomename,
1543 user, ServicePtrs[i]->path ));
1548 /***************************************************************************
1549 Add a new service, based on an old one.
1550 ***************************************************************************/
1552 int lp_add_service(const char *pszService, int iDefaultService)
1554 if (iDefaultService < 0) {
1555 return add_a_service(&sDefault, pszService);
1558 return (add_a_service(ServicePtrs[iDefaultService], pszService));
1561 /***************************************************************************
1562 Add the IPC service.
1563 ***************************************************************************/
1565 static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
1567 char *comment = NULL;
1568 int i = add_a_service(&sDefault, ipc_name);
1573 comment = talloc_asprintf(talloc_tos(), "IPC Service (%s)",
1574 Globals.server_string);
1575 if (comment == NULL) {
1579 string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
1580 string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
1581 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1582 string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
1583 ServicePtrs[i]->max_connections = 0;
1584 ServicePtrs[i]->bAvailable = true;
1585 ServicePtrs[i]->read_only = true;
1586 ServicePtrs[i]->guest_only = false;
1587 ServicePtrs[i]->administrative_share = true;
1588 ServicePtrs[i]->guest_ok = guest_ok;
1589 ServicePtrs[i]->printable = false;
1590 ServicePtrs[i]->browseable = sDefault.browseable;
1592 DEBUG(3, ("adding IPC service\n"));
1594 TALLOC_FREE(comment);
1598 /***************************************************************************
1599 Add a new printer service, with defaults coming from service iFrom.
1600 ***************************************************************************/
1602 bool lp_add_printer(const char *pszPrintername, int iDefaultService)
1604 const char *comment = "From Printcap";
1605 int i = add_a_service(ServicePtrs[iDefaultService], pszPrintername);
1610 /* note that we do NOT default the availability flag to true - */
1611 /* we take it from the default service passed. This allows all */
1612 /* dynamic printers to be disabled by disabling the [printers] */
1613 /* entry (if/when the 'available' keyword is implemented!). */
1615 /* the printer name is set to the service name. */
1616 string_set(ServicePtrs[i], &ServicePtrs[i]->_printername, pszPrintername);
1617 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
1619 /* set the browseable flag from the gloabl default */
1620 ServicePtrs[i]->browseable = sDefault.browseable;
1622 /* Printers cannot be read_only. */
1623 ServicePtrs[i]->read_only = false;
1624 /* No oplocks on printer services. */
1625 ServicePtrs[i]->oplocks = false;
1626 /* Printer services must be printable. */
1627 ServicePtrs[i]->printable = true;
1629 DEBUG(3, ("adding printer service %s\n", pszPrintername));
1635 /***************************************************************************
1636 Check whether the given parameter name is valid.
1637 Parametric options (names containing a colon) are considered valid.
1638 ***************************************************************************/
1640 bool lp_parameter_is_valid(const char *pszParmName)
1642 return ((lpcfg_map_parameter(pszParmName) != -1) ||
1643 (strchr(pszParmName, ':') != NULL));
1646 /***************************************************************************
1647 Check whether the given name is the name of a global parameter.
1648 Returns true for strings belonging to parameters of class
1649 P_GLOBAL, false for all other strings, also for parametric options
1650 and strings not belonging to any option.
1651 ***************************************************************************/
1653 bool lp_parameter_is_global(const char *pszParmName)
1655 int num = lpcfg_map_parameter(pszParmName);
1658 return (parm_table[num].p_class == P_GLOBAL);
1664 /**************************************************************************
1665 Check whether the given name is the canonical name of a parameter.
1666 Returns false if it is not a valid parameter Name.
1667 For parametric options, true is returned.
1668 **************************************************************************/
1670 bool lp_parameter_is_canonical(const char *parm_name)
1672 if (!lp_parameter_is_valid(parm_name)) {
1676 return (lpcfg_map_parameter(parm_name) ==
1677 map_parameter_canonical(parm_name, NULL));
1680 /**************************************************************************
1681 Determine the canonical name for a parameter.
1682 Indicate when it is an inverse (boolean) synonym instead of a
1684 **************************************************************************/
1686 bool lp_canonicalize_parameter(const char *parm_name, const char **canon_parm,
1691 if (!lp_parameter_is_valid(parm_name)) {
1696 num = map_parameter_canonical(parm_name, inverse);
1698 /* parametric option */
1699 *canon_parm = parm_name;
1701 *canon_parm = parm_table[num].label;
1708 /**************************************************************************
1709 Determine the canonical name for a parameter.
1710 Turn the value given into the inverse boolean expression when
1711 the synonym is an invers boolean synonym.
1713 Return true if parm_name is a valid parameter name and
1714 in case it is an invers boolean synonym, if the val string could
1715 successfully be converted to the reverse bool.
1716 Return false in all other cases.
1717 **************************************************************************/
1719 bool lp_canonicalize_parameter_with_value(const char *parm_name,
1721 const char **canon_parm,
1722 const char **canon_val)
1727 if (!lp_parameter_is_valid(parm_name)) {
1733 num = map_parameter_canonical(parm_name, &inverse);
1735 /* parametric option */
1736 *canon_parm = parm_name;
1739 *canon_parm = parm_table[num].label;
1741 if (!lp_invert_boolean(val, canon_val)) {
1753 /***************************************************************************
1754 Map a parameter's string representation to the index of the canonical
1755 form of the parameter (it might be a synonym).
1756 Returns -1 if the parameter string is not recognised.
1757 ***************************************************************************/
1759 static int map_parameter_canonical(const char *pszParmName, bool *inverse)
1761 int parm_num, canon_num;
1762 bool loc_inverse = false;
1764 parm_num = lpcfg_map_parameter(pszParmName);
1765 if ((parm_num < 0) || !(parm_table[parm_num].flags & FLAG_HIDE)) {
1766 /* invalid, parametric or no canidate for synonyms ... */
1770 for (canon_num = 0; parm_table[canon_num].label; canon_num++) {
1771 if (is_synonym_of(parm_num, canon_num, &loc_inverse)) {
1772 parm_num = canon_num;
1778 if (inverse != NULL) {
1779 *inverse = loc_inverse;
1784 /***************************************************************************
1785 return true if parameter number parm1 is a synonym of parameter
1786 number parm2 (parm2 being the principal name).
1787 set inverse to true if parm1 is P_BOOLREV and parm2 is P_BOOL,
1789 ***************************************************************************/
1791 static bool is_synonym_of(int parm1, int parm2, bool *inverse)
1793 if ((parm_table[parm1].offset == parm_table[parm2].offset) &&
1794 (parm_table[parm1].p_class == parm_table[parm2].p_class) &&
1795 (parm_table[parm1].flags & FLAG_HIDE) &&
1796 !(parm_table[parm2].flags & FLAG_HIDE))
1798 if (inverse != NULL) {
1799 if ((parm_table[parm1].type == P_BOOLREV) &&
1800 (parm_table[parm2].type == P_BOOL))
1812 /***************************************************************************
1813 Show one parameter's name, type, [values,] and flags.
1814 (helper functions for show_parameter_list)
1815 ***************************************************************************/
1817 static void show_parameter(int parmIndex)
1819 int enumIndex, flagIndex;
1824 const char *type[] = { "P_BOOL", "P_BOOLREV", "P_CHAR", "P_INTEGER",
1825 "P_OCTAL", "P_LIST", "P_STRING", "P_USTRING",
1827 unsigned flags[] = { FLAG_BASIC, FLAG_SHARE, FLAG_PRINT, FLAG_GLOBAL,
1828 FLAG_WIZARD, FLAG_ADVANCED, FLAG_DEVELOPER, FLAG_DEPRECATED,
1830 const char *flag_names[] = { "FLAG_BASIC", "FLAG_SHARE", "FLAG_PRINT",
1831 "FLAG_GLOBAL", "FLAG_WIZARD", "FLAG_ADVANCED", "FLAG_DEVELOPER",
1832 "FLAG_DEPRECATED", "FLAG_HIDE", NULL};
1834 printf("%s=%s", parm_table[parmIndex].label,
1835 type[parm_table[parmIndex].type]);
1836 if (parm_table[parmIndex].type == P_ENUM) {
1839 parm_table[parmIndex].enum_list[enumIndex].name;
1843 enumIndex ? "|" : "",
1844 parm_table[parmIndex].enum_list[enumIndex].name);
1849 for (flagIndex=0; flag_names[flagIndex]; flagIndex++) {
1850 if (parm_table[parmIndex].flags & flags[flagIndex]) {
1853 flag_names[flagIndex]);
1858 /* output synonyms */
1860 for (parmIndex2=0; parm_table[parmIndex2].label; parmIndex2++) {
1861 if (is_synonym_of(parmIndex, parmIndex2, &inverse)) {
1862 printf(" (%ssynonym of %s)", inverse ? "inverse " : "",
1863 parm_table[parmIndex2].label);
1864 } else if (is_synonym_of(parmIndex2, parmIndex, &inverse)) {
1866 printf(" (synonyms: ");
1871 printf("%s%s", parm_table[parmIndex2].label,
1872 inverse ? "[i]" : "");
1882 /***************************************************************************
1883 Show all parameter's name, type, [values,] and flags.
1884 ***************************************************************************/
1886 void show_parameter_list(void)
1888 int classIndex, parmIndex;
1889 const char *section_names[] = { "local", "global", NULL};
1891 for (classIndex=0; section_names[classIndex]; classIndex++) {
1892 printf("[%s]\n", section_names[classIndex]);
1893 for (parmIndex = 0; parm_table[parmIndex].label; parmIndex++) {
1894 if (parm_table[parmIndex].p_class == classIndex) {
1895 show_parameter(parmIndex);
1901 /***************************************************************************
1902 Get the standard string representation of a boolean value ("yes" or "no")
1903 ***************************************************************************/
1905 static const char *get_boolean(bool bool_value)
1907 static const char *yes_str = "yes";
1908 static const char *no_str = "no";
1910 return (bool_value ? yes_str : no_str);
1913 /***************************************************************************
1914 Provide the string of the negated boolean value associated to the boolean
1915 given as a string. Returns false if the passed string does not correctly
1916 represent a boolean.
1917 ***************************************************************************/
1919 bool lp_invert_boolean(const char *str, const char **inverse_str)
1923 if (!set_boolean(str, &val)) {
1927 *inverse_str = get_boolean(!val);
1931 /***************************************************************************
1932 Provide the canonical string representation of a boolean value given
1933 as a string. Return true on success, false if the string given does
1934 not correctly represent a boolean.
1935 ***************************************************************************/
1937 bool lp_canonicalize_boolean(const char *str, const char**canon_str)
1941 if (!set_boolean(str, &val)) {
1945 *canon_str = get_boolean(val);
1949 /***************************************************************************
1950 Find a service by name. Otherwise works like get_service.
1951 ***************************************************************************/
1953 int getservicebyname(const char *pszServiceName, struct loadparm_service *pserviceDest)
1960 if (ServiceHash == NULL) {
1964 canon_name = canonicalize_servicename(talloc_tos(), pszServiceName);
1966 status = dbwrap_fetch_bystring(ServiceHash, canon_name, canon_name,
1969 if (NT_STATUS_IS_OK(status) &&
1970 (data.dptr != NULL) &&
1971 (data.dsize == sizeof(iService)))
1973 iService = *(int *)data.dptr;
1976 TALLOC_FREE(canon_name);
1978 if ((iService != -1) && (LP_SNUM_OK(iService))
1979 && (pserviceDest != NULL)) {
1980 copy_service(pserviceDest, ServicePtrs[iService], NULL);
1986 /* Return a pointer to a service by name. Unlike getservicebyname, it does not copy the service */
1987 struct loadparm_service *lp_service(const char *pszServiceName)
1989 int iService = getservicebyname(pszServiceName, NULL);
1990 if (iService == -1 || !LP_SNUM_OK(iService)) {
1993 return ServicePtrs[iService];
1996 struct loadparm_service *lp_servicebynum(int snum)
1998 if ((snum == -1) || !LP_SNUM_OK(snum)) {
2001 return ServicePtrs[snum];
2004 struct loadparm_service *lp_default_loadparm_service()
2009 /***************************************************************************
2010 Check a service for consistency. Return false if the service is in any way
2011 incomplete or faulty, else true.
2012 ***************************************************************************/
2014 bool service_ok(int iService)
2019 if (ServicePtrs[iService]->szService[0] == '\0') {
2020 DEBUG(0, ("The following message indicates an internal error:\n"));
2021 DEBUG(0, ("No service name in service entry.\n"));
2025 /* The [printers] entry MUST be printable. I'm all for flexibility, but */
2026 /* I can't see why you'd want a non-printable printer service... */
2027 if (strwicmp(ServicePtrs[iService]->szService, PRINTERS_NAME) == 0) {
2028 if (!ServicePtrs[iService]->printable) {
2029 DEBUG(0, ("WARNING: [%s] service MUST be printable!\n",
2030 ServicePtrs[iService]->szService));
2031 ServicePtrs[iService]->printable = true;
2033 /* [printers] service must also be non-browsable. */
2034 if (ServicePtrs[iService]->browseable)
2035 ServicePtrs[iService]->browseable = false;
2038 if (ServicePtrs[iService]->path[0] == '\0' &&
2039 strwicmp(ServicePtrs[iService]->szService, HOMES_NAME) != 0 &&
2040 ServicePtrs[iService]->msdfs_proxy[0] == '\0'
2042 DEBUG(0, ("WARNING: No path in service %s - making it unavailable!\n",
2043 ServicePtrs[iService]->szService));
2044 ServicePtrs[iService]->bAvailable = false;
2047 /* If a service is flagged unavailable, log the fact at level 1. */
2048 if (!ServicePtrs[iService]->bAvailable)
2049 DEBUG(1, ("NOTE: Service %s is flagged unavailable.\n",
2050 ServicePtrs[iService]->szService));
2055 static struct smbconf_ctx *lp_smbconf_ctx(void)
2058 static struct smbconf_ctx *conf_ctx = NULL;
2060 if (conf_ctx == NULL) {
2061 err = smbconf_init(NULL, &conf_ctx, "registry:");
2062 if (!SBC_ERROR_IS_OK(err)) {
2063 DEBUG(1, ("error initializing registry configuration: "
2064 "%s\n", sbcErrorString(err)));
2072 static bool process_smbconf_service(struct smbconf_service *service)
2077 if (service == NULL) {
2081 ret = lp_do_section(service->name, NULL);
2085 for (count = 0; count < service->num_params; count++) {
2087 if (!bInGlobalSection && bGlobalOnly) {
2090 const char *pszParmName = service->param_names[count];
2091 const char *pszParmValue = service->param_values[count];
2093 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2095 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2096 pszParmName, pszParmValue);
2103 if (iServiceIndex >= 0) {
2104 return service_ok(iServiceIndex);
2110 * load a service from registry and activate it
2112 bool process_registry_service(const char *service_name)
2115 struct smbconf_service *service = NULL;
2116 TALLOC_CTX *mem_ctx = talloc_stackframe();
2117 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2120 if (conf_ctx == NULL) {
2124 DEBUG(5, ("process_registry_service: service name %s\n", service_name));
2126 if (!smbconf_share_exists(conf_ctx, service_name)) {
2128 * Registry does not contain data for this service (yet),
2129 * but make sure lp_load doesn't return false.
2135 err = smbconf_get_share(conf_ctx, mem_ctx, service_name, &service);
2136 if (!SBC_ERROR_IS_OK(err)) {
2140 ret = process_smbconf_service(service);
2146 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2149 TALLOC_FREE(mem_ctx);
2154 * process_registry_globals
2156 static bool process_registry_globals(void)
2160 add_to_file_list(NULL, &file_lists, INCLUDE_REGISTRY_NAME, INCLUDE_REGISTRY_NAME);
2162 if (!bInGlobalSection && bGlobalOnly) {
2165 const char *pszParmName = "registry shares";
2166 const char *pszParmValue = "yes";
2168 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2170 ret = lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2171 pszParmName, pszParmValue);
2178 return process_registry_service(GLOBAL_NAME);
2181 bool process_registry_shares(void)
2185 struct smbconf_service **service = NULL;
2186 uint32_t num_shares = 0;
2187 TALLOC_CTX *mem_ctx = talloc_stackframe();
2188 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2191 if (conf_ctx == NULL) {
2195 err = smbconf_get_config(conf_ctx, mem_ctx, &num_shares, &service);
2196 if (!SBC_ERROR_IS_OK(err)) {
2202 for (count = 0; count < num_shares; count++) {
2203 if (strequal(service[count]->name, GLOBAL_NAME)) {
2206 ret = process_smbconf_service(service[count]);
2213 smbconf_changed(conf_ctx, &conf_last_csn, NULL, NULL);
2216 TALLOC_FREE(mem_ctx);
2221 * reload those shares from registry that are already
2222 * activated in the services array.
2224 static bool reload_registry_shares(void)
2229 for (i = 0; i < iNumServices; i++) {
2234 if (ServicePtrs[i]->usershare == USERSHARE_VALID) {
2238 ret = process_registry_service(ServicePtrs[i]->szService);
2249 #define MAX_INCLUDE_DEPTH 100
2251 static uint8_t include_depth;
2254 * Free the file lists
2256 static void free_file_list(void)
2258 struct file_lists *f;
2259 struct file_lists *next;
2272 * Utility function for outsiders to check if we're running on registry.
2274 bool lp_config_backend_is_registry(void)
2276 return (lp_config_backend() == CONFIG_BACKEND_REGISTRY);
2280 * Utility function to check if the config backend is FILE.
2282 bool lp_config_backend_is_file(void)
2284 return (lp_config_backend() == CONFIG_BACKEND_FILE);
2287 /*******************************************************************
2288 Check if a config file has changed date.
2289 ********************************************************************/
2291 bool lp_file_list_changed(void)
2293 struct file_lists *f = file_lists;
2295 DEBUG(6, ("lp_file_list_changed()\n"));
2300 if (strequal(f->name, INCLUDE_REGISTRY_NAME)) {
2301 struct smbconf_ctx *conf_ctx = lp_smbconf_ctx();
2303 if (conf_ctx == NULL) {
2306 if (smbconf_changed(conf_ctx, &conf_last_csn, NULL,
2309 DEBUGADD(6, ("registry config changed\n"));
2314 n2 = talloc_sub_basic(talloc_tos(),
2315 get_current_username(),
2316 current_user_info.domain,
2321 DEBUGADD(6, ("file %s -> %s last mod_time: %s\n",
2322 f->name, n2, ctime(&f->modtime)));
2324 mod_time = file_modtime(n2);
2327 ((f->modtime != mod_time) ||
2328 (f->subfname == NULL) ||
2329 (strcmp(n2, f->subfname) != 0)))
2332 ("file %s modified: %s\n", n2,
2334 f->modtime = mod_time;
2335 TALLOC_FREE(f->subfname);
2336 f->subfname = talloc_strdup(f, n2);
2337 if (f->subfname == NULL) {
2338 smb_panic("talloc_strdup failed");
2352 * Initialize iconv conversion descriptors.
2354 * This is called the first time it is needed, and also called again
2355 * every time the configuration is reloaded, because the charset or
2356 * codepage might have changed.
2358 static void init_iconv(void)
2360 global_iconv_handle = smb_iconv_handle_reinit(NULL, lp_dos_charset(),
2362 true, global_iconv_handle);
2365 /***************************************************************************
2366 Handle the include operation.
2367 ***************************************************************************/
2368 static bool bAllowIncludeRegistry = true;
2370 bool lp_include(struct loadparm_context *lp_ctx, int snum, const char *pszParmValue, char **ptr)
2374 if (include_depth >= MAX_INCLUDE_DEPTH) {
2375 DEBUG(0, ("Error: Maximum include depth (%u) exceeded!\n",
2380 if (strequal(pszParmValue, INCLUDE_REGISTRY_NAME)) {
2381 if (!bAllowIncludeRegistry) {
2384 if (lp_ctx->bInGlobalSection) {
2387 ret = process_registry_globals();
2391 DEBUG(1, ("\"include = registry\" only effective "
2392 "in %s section\n", GLOBAL_NAME));
2397 fname = talloc_sub_basic(talloc_tos(), get_current_username(),
2398 current_user_info.domain,
2401 add_to_file_list(NULL, &file_lists, pszParmValue, fname);
2404 string_set(Globals.ctx, ptr, fname);
2406 string_set(ServicePtrs[snum], ptr, fname);
2409 if (file_exist(fname)) {
2412 ret = pm_process(fname, lp_do_section, do_parameter, NULL);
2418 DEBUG(2, ("Can't find include file %s\n", fname));
2423 bool lp_idmap_range(const char *domain_name, uint32_t *low, uint32_t *high)
2425 char *config_option = NULL;
2426 const char *range = NULL;
2429 SMB_ASSERT(low != NULL);
2430 SMB_ASSERT(high != NULL);
2432 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2436 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2438 if (config_option == NULL) {
2439 DEBUG(0, ("out of memory\n"));
2443 range = lp_parm_const_string(-1, config_option, "range", NULL);
2444 if (range == NULL) {
2445 DEBUG(1, ("idmap range not specified for domain '%s'\n", domain_name));
2449 if (sscanf(range, "%u - %u", low, high) != 2) {
2450 DEBUG(1, ("error parsing idmap range '%s' for domain '%s'\n",
2451 range, domain_name));
2458 talloc_free(config_option);
2463 bool lp_idmap_default_range(uint32_t *low, uint32_t *high)
2465 return lp_idmap_range("*", low, high);
2468 const char *lp_idmap_backend(const char *domain_name)
2470 char *config_option = NULL;
2471 const char *backend = NULL;
2473 if ((domain_name == NULL) || (domain_name[0] == '\0')) {
2477 config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
2479 if (config_option == NULL) {
2480 DEBUG(0, ("out of memory\n"));
2484 backend = lp_parm_const_string(-1, config_option, "backend", NULL);
2485 if (backend == NULL) {
2486 DEBUG(1, ("idmap backend not specified for domain '%s'\n", domain_name));
2491 talloc_free(config_option);
2495 const char *lp_idmap_default_backend(void)
2497 return lp_idmap_backend("*");
2500 /***************************************************************************
2501 Handle ldap suffixes - default to ldapsuffix if sub-suffixes are not defined.
2502 ***************************************************************************/
2504 static const char *append_ldap_suffix(TALLOC_CTX *ctx, const char *str )
2506 const char *suffix_string;
2508 suffix_string = talloc_asprintf(ctx, "%s,%s", str,
2509 Globals.ldap_suffix );
2510 if ( !suffix_string ) {
2511 DEBUG(0,("append_ldap_suffix: talloc_asprintf() failed!\n"));
2515 return suffix_string;
2518 const char *lp_ldap_machine_suffix(TALLOC_CTX *ctx)
2520 if (Globals.szLdapMachineSuffix[0])
2521 return append_ldap_suffix(ctx, Globals.szLdapMachineSuffix);
2523 return lp_string(ctx, Globals.ldap_suffix);
2526 const char *lp_ldap_user_suffix(TALLOC_CTX *ctx)
2528 if (Globals.szLdapUserSuffix[0])
2529 return append_ldap_suffix(ctx, Globals.szLdapUserSuffix);
2531 return lp_string(ctx, Globals.ldap_suffix);
2534 const char *lp_ldap_group_suffix(TALLOC_CTX *ctx)
2536 if (Globals.szLdapGroupSuffix[0])
2537 return append_ldap_suffix(ctx, Globals.szLdapGroupSuffix);
2539 return lp_string(ctx, Globals.ldap_suffix);
2542 const char *lp_ldap_idmap_suffix(TALLOC_CTX *ctx)
2544 if (Globals.szLdapIdmapSuffix[0])
2545 return append_ldap_suffix(ctx, Globals.szLdapIdmapSuffix);
2547 return lp_string(ctx, Globals.ldap_suffix);
2551 return the parameter pointer for a parameter
2553 void *lp_parm_ptr(struct loadparm_service *service, struct parm_struct *parm)
2555 if (service == NULL) {
2556 if (parm->p_class == P_LOCAL)
2557 return (void *)(((char *)&sDefault)+parm->offset);
2558 else if (parm->p_class == P_GLOBAL)
2559 return (void *)(((char *)&Globals)+parm->offset);
2562 return (void *)(((char *)service) + parm->offset);
2566 /***************************************************************************
2567 Process a parameter for a particular service number. If snum < 0
2568 then assume we are in the globals.
2569 ***************************************************************************/
2571 bool lp_do_parameter(int snum, const char *pszParmName, const char *pszParmValue)
2574 void *parm_ptr = NULL; /* where we are going to store the result */
2575 struct parmlist_entry **opt_list;
2576 TALLOC_CTX *mem_ctx;
2577 TALLOC_CTX *frame = talloc_stackframe();
2580 parmnum = lpcfg_map_parameter(pszParmName);
2583 if (strchr(pszParmName, ':') == NULL) {
2584 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n",
2591 * We've got a parametric option
2595 opt_list = &Globals.param_opt;
2596 set_param_opt(NULL, opt_list, pszParmName, pszParmValue, 0);
2598 opt_list = &ServicePtrs[snum]->param_opt;
2599 set_param_opt(ServicePtrs[snum], opt_list, pszParmName, pszParmValue, 0);
2606 /* if it's already been set by the command line, then we don't
2608 if (flags_list[parmnum] & FLAG_CMDLINE) {
2613 if (parm_table[parmnum].flags & FLAG_DEPRECATED) {
2614 DEBUG(1, ("WARNING: The \"%s\" option is deprecated\n",
2618 /* we might point at a service, the default service or a global */
2620 parm_ptr = lp_parm_ptr(NULL, &parm_table[parmnum]);
2621 mem_ctx = Globals.ctx;
2623 if (parm_table[parmnum].p_class == P_GLOBAL) {
2625 ("Global parameter %s found in service section!\n",
2630 parm_ptr = lp_parm_ptr(ServicePtrs[snum], &parm_table[parmnum]);
2632 if (!ServicePtrs[snum]->copymap)
2633 init_copymap(ServicePtrs[snum]);
2635 /* this handles the aliases - set the copymap for other entries with
2636 the same data pointer */
2637 for (i = 0; parm_table[i].label; i++) {
2638 if ((parm_table[i].offset == parm_table[parmnum].offset)
2639 && (parm_table[i].p_class == parm_table[parmnum].p_class)) {
2640 bitmap_clear(ServicePtrs[snum]->copymap, i);
2644 mem_ctx = ServicePtrs[snum];
2647 /* if it is a special case then go ahead */
2648 if (parm_table[parmnum].special) {
2649 struct loadparm_context *lp_ctx = loadparm_init_s3(frame,
2650 loadparm_s3_helpers());
2651 if (lp_ctx == NULL) {
2652 DEBUG(0, ("loadparm_init_s3 failed\n"));
2657 lp_ctx->sDefault = &sDefault;
2658 lp_ctx->services = ServicePtrs;
2659 lp_ctx->bInGlobalSection = bInGlobalSection;
2660 lp_ctx->flags = flags_list;
2661 ok = parm_table[parmnum].special(lp_ctx, snum, pszParmValue,
2668 goto mark_non_default;
2673 ok = set_variable_helper(mem_ctx, parmnum, parm_ptr, pszParmName, pszParmValue);
2680 if (snum < 0 && (flags_list[parmnum] & FLAG_DEFAULT)) {
2681 flags_list[parmnum] &= ~FLAG_DEFAULT;
2682 /* we have to also unset FLAG_DEFAULT on aliases */
2683 for (i=parmnum-1;i>=0 && parm_table[i].offset == parm_table[parmnum].offset;i--) {
2684 flags_list[i] &= ~FLAG_DEFAULT;
2686 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset;i++) {
2687 flags_list[i] &= ~FLAG_DEFAULT;
2693 /***************************************************************************
2694 set a parameter, marking it with FLAG_CMDLINE. Parameters marked as
2695 FLAG_CMDLINE won't be overridden by loads from smb.conf.
2696 ***************************************************************************/
2698 static bool lp_set_cmdline_helper(const char *pszParmName, const char *pszParmValue)
2701 parmnum = lpcfg_map_parameter(pszParmName);
2703 flags_list[parmnum] &= ~FLAG_CMDLINE;
2704 if (!lp_do_parameter(-1, pszParmName, pszParmValue)) {
2707 flags_list[parmnum] |= FLAG_CMDLINE;
2709 /* we have to also set FLAG_CMDLINE on aliases. Aliases must
2710 * be grouped in the table, so we don't have to search the
2713 i>=0 && parm_table[i].offset == parm_table[parmnum].offset
2714 && parm_table[i].p_class == parm_table[parmnum].p_class;
2716 flags_list[i] |= FLAG_CMDLINE;
2718 for (i=parmnum+1;i<num_parameters() && parm_table[i].offset == parm_table[parmnum].offset
2719 && parm_table[i].p_class == parm_table[parmnum].p_class;i++) {
2720 flags_list[i] |= FLAG_CMDLINE;
2726 /* it might be parametric */
2727 if (strchr(pszParmName, ':') != NULL) {
2728 set_param_opt(NULL, &Globals.param_opt, pszParmName, pszParmValue, FLAG_CMDLINE);
2732 DEBUG(0, ("Ignoring unknown parameter \"%s\"\n", pszParmName));
2736 bool lp_set_cmdline(const char *pszParmName, const char *pszParmValue)
2739 TALLOC_CTX *frame = talloc_stackframe();
2740 struct loadparm_context *lp_ctx;
2742 lp_ctx = loadparm_init_s3(talloc_tos(), loadparm_s3_helpers());
2743 if (lp_ctx == NULL) {
2744 DEBUG(0, ("loadparm_init_s3 failed\n"));
2748 ret = lpcfg_set_cmdline(lp_ctx, pszParmName, pszParmValue);
2754 /***************************************************************************
2755 Process a parameter.
2756 ***************************************************************************/
2758 static bool do_parameter(const char *pszParmName, const char *pszParmValue,
2761 if (!bInGlobalSection && bGlobalOnly)
2764 DEBUGADD(4, ("doing parameter %s = %s\n", pszParmName, pszParmValue));
2766 return (lp_do_parameter(bInGlobalSection ? -2 : iServiceIndex,
2767 pszParmName, pszParmValue));
2770 /***************************************************************************
2771 Initialize any local variables in the sDefault table, after parsing a
2773 ***************************************************************************/
2775 static void init_locals(void)
2778 * We run this check once the [globals] is parsed, to force
2779 * the VFS objects and other per-share settings we need for
2780 * the standard way a AD DC is operated. We may change these
2781 * as our code evolves, which is why we force these settings.
2783 * We can't do this at the end of lp_load_ex(), as by that
2784 * point the services have been loaded and they will already
2785 * have "" as their vfs objects.
2787 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
2788 const char **vfs_objects = lp_vfs_objects(-1);
2789 if (!vfs_objects || !vfs_objects[0]) {
2790 if (lp_parm_const_string(-1, "xattr_tdb", "file", NULL)) {
2791 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr xattr_tdb");
2792 } else if (lp_parm_const_string(-1, "posix", "eadb", NULL)) {
2793 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr posix_eadb");
2795 lp_do_parameter(-1, "vfs objects", "dfs_samba4 acl_xattr");
2799 lp_do_parameter(-1, "map hidden", "no");
2800 lp_do_parameter(-1, "map system", "no");
2801 lp_do_parameter(-1, "map readonly", "no");
2802 lp_do_parameter(-1, "map archive", "no");
2803 lp_do_parameter(-1, "store dos attributes", "yes");
2807 /***************************************************************************
2808 Process a new section (service). At this stage all sections are services.
2809 Later we'll have special sections that permit server parameters to be set.
2810 Returns true on success, false on failure.
2811 ***************************************************************************/
2813 bool lp_do_section(const char *pszSectionName, void *userdata)
2816 bool isglobal = ((strwicmp(pszSectionName, GLOBAL_NAME) == 0) ||
2817 (strwicmp(pszSectionName, GLOBAL_NAME2) == 0));
2820 /* if we were in a global section then do the local inits */
2821 if (bInGlobalSection && !isglobal)
2824 /* if we've just struck a global section, note the fact. */
2825 bInGlobalSection = isglobal;
2827 /* check for multiple global sections */
2828 if (bInGlobalSection) {
2829 DEBUG(3, ("Processing section \"[%s]\"\n", pszSectionName));
2833 if (!bInGlobalSection && bGlobalOnly)
2836 /* if we have a current service, tidy it up before moving on */
2839 if (iServiceIndex >= 0)
2840 bRetval = service_ok(iServiceIndex);
2842 /* if all is still well, move to the next record in the services array */
2844 /* We put this here to avoid an odd message order if messages are */
2845 /* issued by the post-processing of a previous section. */
2846 DEBUG(2, ("Processing section \"[%s]\"\n", pszSectionName));
2848 iServiceIndex = add_a_service(&sDefault, pszSectionName);
2849 if (iServiceIndex < 0) {
2850 DEBUG(0, ("Failed to add a new service\n"));
2853 /* Clean all parametric options for service */
2854 /* They will be added during parsing again */
2855 free_param_opts(&ServicePtrs[iServiceIndex]->param_opt);
2862 /***************************************************************************
2863 Determine if a partcular base parameter is currentl set to the default value.
2864 ***************************************************************************/
2866 static bool is_default(int i)
2868 switch (parm_table[i].type) {
2871 return str_list_equal((const char * const *)parm_table[i].def.lvalue,
2872 *(const char ***)lp_parm_ptr(NULL,
2876 return strequal(parm_table[i].def.svalue,
2877 *(char **)lp_parm_ptr(NULL,
2881 return parm_table[i].def.bvalue ==
2882 *(bool *)lp_parm_ptr(NULL,
2885 return parm_table[i].def.cvalue ==
2886 *(char *)lp_parm_ptr(NULL,
2892 return parm_table[i].def.ivalue ==
2893 *(int *)lp_parm_ptr(NULL,
2901 /***************************************************************************
2902 Display the contents of the global structure.
2903 ***************************************************************************/
2905 static void dump_globals(FILE *f, bool show_defaults)
2908 struct parmlist_entry *data;
2910 fprintf(f, "[global]\n");
2912 for (i = 0; parm_table[i].label; i++)
2913 if (parm_table[i].p_class == P_GLOBAL &&
2914 !(parm_table[i].flags & FLAG_META) &&
2915 (i == 0 || (parm_table[i].offset != parm_table[i - 1].offset))) {
2916 if (show_defaults && is_default(i))
2918 fprintf(f, "\t%s = ", parm_table[i].label);
2919 lpcfg_print_parameter(&parm_table[i], lp_parm_ptr(NULL,
2924 if (Globals.param_opt != NULL) {
2925 data = Globals.param_opt;
2927 if (!show_defaults && (data->priority & FLAG_DEFAULT)) {
2931 fprintf(f, "\t%s = %s\n", data->key, data->value);
2938 /***************************************************************************
2939 Display the contents of a parameter of a single services record.
2940 ***************************************************************************/
2942 bool dump_a_parameter(int snum, char *parm_name, FILE * f, bool isGlobal)
2944 bool result = false;
2946 struct loadparm_context *lp_ctx;
2948 lp_ctx = loadparm_init_s3(talloc_tos(), loadparm_s3_helpers());
2949 if (lp_ctx == NULL) {
2954 result = lpcfg_dump_a_parameter(lp_ctx, NULL, parm_name, f);
2956 result = lpcfg_dump_a_parameter(lp_ctx, ServicePtrs[snum], parm_name, f);
2958 TALLOC_FREE(lp_ctx);
2962 /***************************************************************************
2963 Return info about the requested parameter (given as a string).
2964 Return NULL when the string is not a valid parameter name.
2965 ***************************************************************************/
2967 struct parm_struct *lp_get_parameter(const char *param_name)
2969 int num = lpcfg_map_parameter(param_name);
2975 return &parm_table[num];
2979 /***************************************************************************
2980 Display the contents of a single copy structure.
2981 ***************************************************************************/
2982 static void dump_copy_map(bool *pcopymap)
2988 printf("\n\tNon-Copied parameters:\n");
2990 for (i = 0; parm_table[i].label; i++)
2991 if (parm_table[i].p_class == P_LOCAL &&
2992 parm_table[i].ptr && !pcopymap[i] &&
2993 (i == 0 || (parm_table[i].ptr != parm_table[i - 1].ptr)))
2995 printf("\t\t%s\n", parm_table[i].label);
3000 /***************************************************************************
3001 Return TRUE if the passed service number is within range.
3002 ***************************************************************************/
3004 bool lp_snum_ok(int iService)
3006 return (LP_SNUM_OK(iService) && ServicePtrs[iService]->bAvailable);
3009 /***************************************************************************
3010 Auto-load some home services.
3011 ***************************************************************************/
3013 static void lp_add_auto_services(char *str)
3023 s = talloc_strdup(talloc_tos(), str);
3025 smb_panic("talloc_strdup failed");
3029 homes = lp_servicenumber(HOMES_NAME);
3031 for (p = strtok_r(s, LIST_SEP, &saveptr); p;
3032 p = strtok_r(NULL, LIST_SEP, &saveptr)) {
3035 if (lp_servicenumber(p) >= 0)
3038 home = get_user_home_dir(talloc_tos(), p);
3040 if (home && home[0] && homes >= 0)
3041 lp_add_home(p, homes, p, home);
3048 /***************************************************************************
3049 Auto-load one printer.
3050 ***************************************************************************/
3052 void lp_add_one_printer(const char *name, const char *comment,
3053 const char *location, void *pdata)
3055 int printers = lp_servicenumber(PRINTERS_NAME);
3058 if (lp_servicenumber(name) < 0) {
3059 lp_add_printer(name, printers);
3060 if ((i = lp_servicenumber(name)) >= 0) {
3061 string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
3062 ServicePtrs[i]->autoloaded = true;
3067 /***************************************************************************
3068 Have we loaded a services file yet?
3069 ***************************************************************************/
3071 bool lp_loaded(void)
3076 /***************************************************************************
3077 Unload unused services.
3078 ***************************************************************************/
3080 void lp_killunused(struct smbd_server_connection *sconn,
3081 bool (*snumused) (struct smbd_server_connection *, int))
3084 for (i = 0; i < iNumServices; i++) {
3088 /* don't kill autoloaded or usershare services */
3089 if ( ServicePtrs[i]->autoloaded ||
3090 ServicePtrs[i]->usershare == USERSHARE_VALID) {
3094 if (!snumused || !snumused(sconn, i)) {
3095 free_service_byindex(i);
3101 * Kill all except autoloaded and usershare services - convenience wrapper
3103 void lp_kill_all_services(void)
3105 lp_killunused(NULL, NULL);
3108 /***************************************************************************
3110 ***************************************************************************/
3112 void lp_killservice(int iServiceIn)
3114 if (VALID(iServiceIn)) {
3115 free_service_byindex(iServiceIn);
3119 /***************************************************************************
3120 Save the curent values of all global and sDefault parameters into the
3121 defaults union. This allows testparm to show only the
3122 changed (ie. non-default) parameters.
3123 ***************************************************************************/
3125 static void lp_save_defaults(void)
3128 struct parmlist_entry * parm;
3129 for (i = 0; parm_table[i].label; i++) {
3130 if (!(flags_list[i] & FLAG_CMDLINE)) {
3131 flags_list[i] |= FLAG_DEFAULT;
3134 if (i > 0 && parm_table[i].offset == parm_table[i - 1].offset
3135 && parm_table[i].p_class == parm_table[i - 1].p_class)
3137 switch (parm_table[i].type) {
3140 parm_table[i].def.lvalue = str_list_copy(
3141 NULL, *(const char ***)lp_parm_ptr(NULL, &parm_table[i]));
3145 parm_table[i].def.svalue = talloc_strdup(Globals.ctx, *(char **)lp_parm_ptr(NULL, &parm_table[i]));
3146 if (parm_table[i].def.svalue == NULL) {
3147 smb_panic("talloc_strdup failed");
3152 parm_table[i].def.bvalue =
3153 *(bool *)lp_parm_ptr(NULL, &parm_table[i]);
3156 parm_table[i].def.cvalue =
3157 *(char *)lp_parm_ptr(NULL, &parm_table[i]);
3163 parm_table[i].def.ivalue =
3164 *(int *)lp_parm_ptr(NULL, &parm_table[i]);
3171 for (parm=Globals.param_opt; parm; parm=parm->next) {
3172 if (!(parm->priority & FLAG_CMDLINE)) {
3173 parm->priority |= FLAG_DEFAULT;
3177 for (parm=sDefault.param_opt; parm; parm=parm->next) {
3178 if (!(parm->priority & FLAG_CMDLINE)) {
3179 parm->priority |= FLAG_DEFAULT;
3183 defaults_saved = true;
3186 /***********************************************************
3187 If we should send plaintext/LANMAN passwords in the clinet
3188 ************************************************************/
3190 static void set_allowed_client_auth(void)
3192 if (Globals.client_ntlmv2_auth) {
3193 Globals.client_lanman_auth = false;
3195 if (!Globals.client_lanman_auth) {
3196 Globals.client_plaintext_auth = false;
3200 /***************************************************************************
3202 The following code allows smbd to read a user defined share file.
3203 Yes, this is my intent. Yes, I'm comfortable with that...
3205 THE FOLLOWING IS SECURITY CRITICAL CODE.
3207 It washes your clothes, it cleans your house, it guards you while you sleep...
3208 Do not f%^k with it....
3209 ***************************************************************************/
3211 #define MAX_USERSHARE_FILE_SIZE (10*1024)
3213 /***************************************************************************
3214 Check allowed stat state of a usershare file.
3215 Ensure we print out who is dicking with us so the admin can
3216 get their sorry ass fired.
3217 ***************************************************************************/
3219 static bool check_usershare_stat(const char *fname,
3220 const SMB_STRUCT_STAT *psbuf)
3222 if (!S_ISREG(psbuf->st_ex_mode)) {
3223 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3224 "not a regular file\n",
3225 fname, (unsigned int)psbuf->st_ex_uid ));
3229 /* Ensure this doesn't have the other write bit set. */
3230 if (psbuf->st_ex_mode & S_IWOTH) {
3231 DEBUG(0,("check_usershare_stat: file %s owned by uid %u allows "
3232 "public write. Refusing to allow as a usershare file.\n",
3233 fname, (unsigned int)psbuf->st_ex_uid ));
3237 /* Should be 10k or less. */
3238 if (psbuf->st_ex_size > MAX_USERSHARE_FILE_SIZE) {
3239 DEBUG(0,("check_usershare_stat: file %s owned by uid %u is "
3240 "too large (%u) to be a user share file.\n",
3241 fname, (unsigned int)psbuf->st_ex_uid,
3242 (unsigned int)psbuf->st_ex_size ));
3249 /***************************************************************************
3250 Parse the contents of a usershare file.
3251 ***************************************************************************/
3253 enum usershare_err parse_usershare_file(TALLOC_CTX *ctx,
3254 SMB_STRUCT_STAT *psbuf,
3255 const char *servicename,
3259 char **pp_sharepath,
3261 char **pp_cp_servicename,
3262 struct security_descriptor **ppsd,
3265 const char **prefixallowlist = lp_usershare_prefix_allow_list();
3266 const char **prefixdenylist = lp_usershare_prefix_deny_list();
3269 SMB_STRUCT_STAT sbuf;
3270 char *sharepath = NULL;
3271 char *comment = NULL;
3273 *pp_sharepath = NULL;
3276 *pallow_guest = false;
3279 return USERSHARE_MALFORMED_FILE;
3282 if (strcmp(lines[0], "#VERSION 1") == 0) {
3284 } else if (strcmp(lines[0], "#VERSION 2") == 0) {
3287 return USERSHARE_MALFORMED_FILE;
3290 return USERSHARE_BAD_VERSION;
3293 if (strncmp(lines[1], "path=", 5) != 0) {
3294 return USERSHARE_MALFORMED_PATH;
3297 sharepath = talloc_strdup(ctx, &lines[1][5]);
3299 return USERSHARE_POSIX_ERR;
3301 trim_string(sharepath, " ", " ");
3303 if (strncmp(lines[2], "comment=", 8) != 0) {
3304 return USERSHARE_MALFORMED_COMMENT_DEF;
3307 comment = talloc_strdup(ctx, &lines[2][8]);
3309 return USERSHARE_POSIX_ERR;
3311 trim_string(comment, " ", " ");
3312 trim_char(comment, '"', '"');
3314 if (strncmp(lines[3], "usershare_acl=", 14) != 0) {
3315 return USERSHARE_MALFORMED_ACL_DEF;
3318 if (!parse_usershare_acl(ctx, &lines[3][14], ppsd)) {
3319 return USERSHARE_ACL_ERR;
3323 if (strncmp(lines[4], "guest_ok=", 9) != 0) {
3324 return USERSHARE_MALFORMED_ACL_DEF;
3326 if (lines[4][9] == 'y') {
3327 *pallow_guest = true;
3330 /* Backwards compatible extension to file version #2. */
3332 if (strncmp(lines[5], "sharename=", 10) != 0) {
3333 return USERSHARE_MALFORMED_SHARENAME_DEF;
3335 if (!strequal(&lines[5][10], servicename)) {
3336 return USERSHARE_BAD_SHARENAME;
3338 *pp_cp_servicename = talloc_strdup(ctx, &lines[5][10]);
3339 if (!*pp_cp_servicename) {
3340 return USERSHARE_POSIX_ERR;
3345 if (*pp_cp_servicename == NULL) {
3346 *pp_cp_servicename = talloc_strdup(ctx, servicename);
3347 if (!*pp_cp_servicename) {
3348 return USERSHARE_POSIX_ERR;
3352 if (snum != -1 && (strcmp(sharepath, ServicePtrs[snum]->path) == 0)) {
3353 /* Path didn't change, no checks needed. */
3354 *pp_sharepath = sharepath;
3355 *pp_comment = comment;
3356 return USERSHARE_OK;
3359 /* The path *must* be absolute. */
3360 if (sharepath[0] != '/') {
3361 DEBUG(2,("parse_usershare_file: share %s: path %s is not an absolute path.\n",
3362 servicename, sharepath));
3363 return USERSHARE_PATH_NOT_ABSOLUTE;
3366 /* If there is a usershare prefix deny list ensure one of these paths
3367 doesn't match the start of the user given path. */
3368 if (prefixdenylist) {
3370 for ( i=0; prefixdenylist[i]; i++ ) {
3371 DEBUG(10,("parse_usershare_file: share %s : checking prefixdenylist[%d]='%s' against %s\n",
3372 servicename, i, prefixdenylist[i], sharepath ));
3373 if (memcmp( sharepath, prefixdenylist[i], strlen(prefixdenylist[i])) == 0) {
3374 DEBUG(2,("parse_usershare_file: share %s path %s starts with one of the "
3375 "usershare prefix deny list entries.\n",
3376 servicename, sharepath));
3377 return USERSHARE_PATH_IS_DENIED;
3382 /* If there is a usershare prefix allow list ensure one of these paths
3383 does match the start of the user given path. */
3385 if (prefixallowlist) {
3387 for ( i=0; prefixallowlist[i]; i++ ) {
3388 DEBUG(10,("parse_usershare_file: share %s checking prefixallowlist[%d]='%s' against %s\n",
3389 servicename, i, prefixallowlist[i], sharepath ));
3390 if (memcmp( sharepath, prefixallowlist[i], strlen(prefixallowlist[i])) == 0) {
3394 if (prefixallowlist[i] == NULL) {
3395 DEBUG(2,("parse_usershare_file: share %s path %s doesn't start with one of the "
3396 "usershare prefix allow list entries.\n",
3397 servicename, sharepath));
3398 return USERSHARE_PATH_NOT_ALLOWED;
3402 /* Ensure this is pointing to a directory. */
3403 dp = opendir(sharepath);
3406 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3407 servicename, sharepath));
3408 return USERSHARE_PATH_NOT_DIRECTORY;
3411 /* Ensure the owner of the usershare file has permission to share
3414 if (sys_stat(sharepath, &sbuf, false) == -1) {
3415 DEBUG(2,("parse_usershare_file: share %s : stat failed on path %s. %s\n",
3416 servicename, sharepath, strerror(errno) ));
3418 return USERSHARE_POSIX_ERR;
3423 if (!S_ISDIR(sbuf.st_ex_mode)) {
3424 DEBUG(2,("parse_usershare_file: share %s path %s is not a directory.\n",
3425 servicename, sharepath ));
3426 return USERSHARE_PATH_NOT_DIRECTORY;
3429 /* Check if sharing is restricted to owner-only. */
3430 /* psbuf is the stat of the usershare definition file,
3431 sbuf is the stat of the target directory to be shared. */
3433 if (lp_usershare_owner_only()) {
3434 /* root can share anything. */
3435 if ((psbuf->st_ex_uid != 0) && (sbuf.st_ex_uid != psbuf->st_ex_uid)) {
3436 return USERSHARE_PATH_NOT_ALLOWED;
3440 *pp_sharepath = sharepath;
3441 *pp_comment = comment;
3442 return USERSHARE_OK;
3445 /***************************************************************************
3446 Deal with a usershare file.
3449 -1 - Bad name, invalid contents.
3450 - service name already existed and not a usershare, problem
3451 with permissions to share directory etc.
3452 ***************************************************************************/
3454 static int process_usershare_file(const char *dir_name, const char *file_name, int snum_template)
3456 SMB_STRUCT_STAT sbuf;
3457 SMB_STRUCT_STAT lsbuf;
3459 char *sharepath = NULL;
3460 char *comment = NULL;
3461 char *cp_service_name = NULL;
3462 char **lines = NULL;
3466 TALLOC_CTX *ctx = talloc_stackframe();
3467 struct security_descriptor *psd = NULL;
3468 bool guest_ok = false;
3469 char *canon_name = NULL;
3470 bool added_service = false;
3473 /* Ensure share name doesn't contain invalid characters. */
3474 if (!validate_net_name(file_name, INVALID_SHARENAME_CHARS, strlen(file_name))) {
3475 DEBUG(0,("process_usershare_file: share name %s contains "
3476 "invalid characters (any of %s)\n",
3477 file_name, INVALID_SHARENAME_CHARS ));
3481 canon_name = canonicalize_servicename(ctx, file_name);
3486 fname = talloc_asprintf(ctx, "%s/%s", dir_name, file_name);
3491 /* Minimize the race condition by doing an lstat before we
3492 open and fstat. Ensure this isn't a symlink link. */
3494 if (sys_lstat(fname, &lsbuf, false) != 0) {
3495 DEBUG(0,("process_usershare_file: stat of %s failed. %s\n",
3496 fname, strerror(errno) ));
3500 /* This must be a regular file, not a symlink, directory or
3501 other strange filetype. */
3502 if (!check_usershare_stat(fname, &lsbuf)) {
3510 status = dbwrap_fetch_bystring(ServiceHash, canon_name,
3515 if (NT_STATUS_IS_OK(status) &&
3516 (data.dptr != NULL) &&
3517 (data.dsize == sizeof(iService))) {
3518 memcpy(&iService, data.dptr, sizeof(iService));
3522 if (iService != -1 &&
3523 timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
3524 &lsbuf.st_ex_mtime) == 0) {
3525 /* Nothing changed - Mark valid and return. */
3526 DEBUG(10,("process_usershare_file: service %s not changed.\n",
3528 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3533 /* Try and open the file read only - no symlinks allowed. */
3535 fd = open(fname, O_RDONLY|O_NOFOLLOW, 0);
3537 fd = open(fname, O_RDONLY, 0);
3541 DEBUG(0,("process_usershare_file: unable to open %s. %s\n",
3542 fname, strerror(errno) ));
3546 /* Now fstat to be *SURE* it's a regular file. */
3547 if (sys_fstat(fd, &sbuf, false) != 0) {
3549 DEBUG(0,("process_usershare_file: fstat of %s failed. %s\n",
3550 fname, strerror(errno) ));
3554 /* Is it the same dev/inode as was lstated ? */
3555 if (!check_same_stat(&lsbuf, &sbuf)) {
3557 DEBUG(0,("process_usershare_file: fstat of %s is a different file from lstat. "
3558 "Symlink spoofing going on ?\n", fname ));
3562 /* This must be a regular file, not a symlink, directory or
3563 other strange filetype. */
3564 if (!check_usershare_stat(fname, &sbuf)) {
3569 lines = fd_lines_load(fd, &numlines, MAX_USERSHARE_FILE_SIZE, NULL);
3572 if (lines == NULL) {
3573 DEBUG(0,("process_usershare_file: loading file %s owned by %u failed.\n",
3574 fname, (unsigned int)sbuf.st_ex_uid ));
3578 if (parse_usershare_file(ctx, &sbuf, file_name,
3579 iService, lines, numlines, &sharepath,
3580 &comment, &cp_service_name,
3581 &psd, &guest_ok) != USERSHARE_OK) {
3585 /* Everything ok - add the service possibly using a template. */
3587 const struct loadparm_service *sp = &sDefault;
3588 if (snum_template != -1) {
3589 sp = ServicePtrs[snum_template];
3592 if ((iService = add_a_service(sp, cp_service_name)) < 0) {
3593 DEBUG(0, ("process_usershare_file: Failed to add "
3594 "new service %s\n", cp_service_name));
3598 added_service = true;
3600 /* Read only is controlled by usershare ACL below. */
3601 ServicePtrs[iService]->read_only = false;
3604 /* Write the ACL of the new/modified share. */
3605 if (!set_share_security(canon_name, psd)) {
3606 DEBUG(0, ("process_usershare_file: Failed to set share "
3607 "security for user share %s\n",
3612 /* If from a template it may be marked invalid. */
3613 ServicePtrs[iService]->valid = true;
3615 /* Set the service as a valid usershare. */
3616 ServicePtrs[iService]->usershare = USERSHARE_VALID;
3618 /* Set guest access. */
3619 if (lp_usershare_allow_guests()) {
3620 ServicePtrs[iService]->guest_ok = guest_ok;
3623 /* And note when it was loaded. */
3624 ServicePtrs[iService]->usershare_last_mod = sbuf.st_ex_mtime;
3625 string_set(ServicePtrs[iService], &ServicePtrs[iService]->path, sharepath);
3626 string_set(ServicePtrs[iService], &ServicePtrs[iService]->comment, comment);
3632 if (ret == -1 && iService != -1 && added_service) {
3633 lp_remove_service(iService);
3641 /***************************************************************************
3642 Checks if a usershare entry has been modified since last load.
3643 ***************************************************************************/
3645 static bool usershare_exists(int iService, struct timespec *last_mod)
3647 SMB_STRUCT_STAT lsbuf;
3648 const char *usersharepath = Globals.usershare_path;
3651 fname = talloc_asprintf(talloc_tos(),
3654 ServicePtrs[iService]->szService);
3655 if (fname == NULL) {
3659 if (sys_lstat(fname, &lsbuf, false) != 0) {
3664 if (!S_ISREG(lsbuf.st_ex_mode)) {
3670 *last_mod = lsbuf.st_ex_mtime;
3674 /***************************************************************************
3675 Load a usershare service by name. Returns a valid servicenumber or -1.
3676 ***************************************************************************/
3678 int load_usershare_service(const char *servicename)
3680 SMB_STRUCT_STAT sbuf;
3681 const char *usersharepath = Globals.usershare_path;
3682 int max_user_shares = Globals.usershare_max_shares;
3683 int snum_template = -1;
3685 if (*usersharepath == 0 || max_user_shares == 0) {
3689 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3690 DEBUG(0,("load_usershare_service: stat of %s failed. %s\n",
3691 usersharepath, strerror(errno) ));
3695 if (!S_ISDIR(sbuf.st_ex_mode)) {
3696 DEBUG(0,("load_usershare_service: %s is not a directory.\n",
3702 * This directory must be owned by root, and have the 't' bit set.
3703 * It also must not be writable by "other".
3707 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3709 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3711 DEBUG(0,("load_usershare_service: directory %s is not owned by root "
3712 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3717 /* Ensure the template share exists if it's set. */
3718 if (Globals.usershare_template_share[0]) {
3719 /* We can't use lp_servicenumber here as we are recommending that
3720 template shares have -valid=false set. */
3721 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3722 if (ServicePtrs[snum_template]->szService &&
3723 strequal(ServicePtrs[snum_template]->szService,
3724 Globals.usershare_template_share)) {
3729 if (snum_template == -1) {
3730 DEBUG(0,("load_usershare_service: usershare template share %s "
3731 "does not exist.\n",
3732 Globals.usershare_template_share ));
3737 return process_usershare_file(usersharepath, servicename, snum_template);
3740 /***************************************************************************
3741 Load all user defined shares from the user share directory.
3742 We only do this if we're enumerating the share list.
3743 This is the function that can delete usershares that have
3745 ***************************************************************************/
3747 int load_usershare_shares(struct smbd_server_connection *sconn,
3748 bool (*snumused) (struct smbd_server_connection *, int))
3751 SMB_STRUCT_STAT sbuf;
3753 int num_usershares = 0;
3754 int max_user_shares = Globals.usershare_max_shares;
3755 unsigned int num_dir_entries, num_bad_dir_entries, num_tmp_dir_entries;
3756 unsigned int allowed_bad_entries = ((2*max_user_shares)/10);
3757 unsigned int allowed_tmp_entries = ((2*max_user_shares)/10);
3759 int snum_template = -1;
3760 const char *usersharepath = Globals.usershare_path;
3761 int ret = lp_numservices();
3762 TALLOC_CTX *tmp_ctx;
3764 if (max_user_shares == 0 || *usersharepath == '\0') {
3765 return lp_numservices();
3768 if (sys_stat(usersharepath, &sbuf, false) != 0) {
3769 DEBUG(0,("load_usershare_shares: stat of %s failed. %s\n",
3770 usersharepath, strerror(errno) ));
3775 * This directory must be owned by root, and have the 't' bit set.
3776 * It also must not be writable by "other".
3780 if (sbuf.st_ex_uid != 0 || !(sbuf.st_ex_mode & S_ISVTX) || (sbuf.st_ex_mode & S_IWOTH)) {
3782 if (sbuf.st_ex_uid != 0 || (sbuf.st_ex_mode & S_IWOTH)) {
3784 DEBUG(0,("load_usershare_shares: directory %s is not owned by root "
3785 "or does not have the sticky bit 't' set or is writable by anyone.\n",
3790 /* Ensure the template share exists if it's set. */
3791 if (Globals.usershare_template_share[0]) {
3792 /* We can't use lp_servicenumber here as we are recommending that
3793 template shares have -valid=false set. */
3794 for (snum_template = iNumServices - 1; snum_template >= 0; snum_template--) {
3795 if (ServicePtrs[snum_template]->szService &&
3796 strequal(ServicePtrs[snum_template]->szService,
3797 Globals.usershare_template_share)) {
3802 if (snum_template == -1) {
3803 DEBUG(0,("load_usershare_shares: usershare template share %s "
3804 "does not exist.\n",
3805 Globals.usershare_template_share ));
3810 /* Mark all existing usershares as pending delete. */
3811 for (iService = iNumServices - 1; iService >= 0; iService--) {
3812 if (VALID(iService) && ServicePtrs[iService]->usershare) {
3813 ServicePtrs[iService]->usershare = USERSHARE_PENDING_DELETE;
3817 dp = opendir(usersharepath);
3819 DEBUG(0,("load_usershare_shares:: failed to open directory %s. %s\n",
3820 usersharepath, strerror(errno) ));
3824 for (num_dir_entries = 0, num_bad_dir_entries = 0, num_tmp_dir_entries = 0;
3826 num_dir_entries++ ) {
3828 const char *n = de->d_name;
3830 /* Ignore . and .. */
3832 if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) {
3838 /* Temporary file used when creating a share. */
3839 num_tmp_dir_entries++;
3842 /* Allow 20% tmp entries. */
3843 if (num_tmp_dir_entries > allowed_tmp_entries) {
3844 DEBUG(0,("load_usershare_shares: too many temp entries (%u) "
3845 "in directory %s\n",
3846 num_tmp_dir_entries, usersharepath));
3850 r = process_usershare_file(usersharepath, n, snum_template);
3852 /* Update the services count. */
3854 if (num_usershares >= max_user_shares) {
3855 DEBUG(0,("load_usershare_shares: max user shares reached "
3856 "on file %s in directory %s\n",
3857 n, usersharepath ));
3860 } else if (r == -1) {
3861 num_bad_dir_entries++;
3864 /* Allow 20% bad entries. */
3865 if (num_bad_dir_entries > allowed_bad_entries) {
3866 DEBUG(0,("load_usershare_shares: too many bad entries (%u) "
3867 "in directory %s\n",
3868 num_bad_dir_entries, usersharepath));
3872 /* Allow 20% bad entries. */
3873 if (num_dir_entries > max_user_shares + allowed_bad_entries) {
3874 DEBUG(0,("load_usershare_shares: too many total entries (%u) "
3875 "in directory %s\n",
3876 num_dir_entries, usersharepath));
3883 /* Sweep through and delete any non-refreshed usershares that are
3884 not currently in use. */
3885 tmp_ctx = talloc_stackframe();
3886 for (iService = iNumServices - 1; iService >= 0; iService--) {
3887 if (VALID(iService) && (ServicePtrs[iService]->usershare == USERSHARE_PENDING_DELETE)) {
3890 if (snumused && snumused(sconn, iService)) {
3894 servname = lp_servicename(tmp_ctx, iService);
3896 /* Remove from the share ACL db. */
3897 DEBUG(10,("load_usershare_shares: Removing deleted usershare %s\n",
3899 delete_share_security(servname);
3900 free_service_byindex(iService);
3903 talloc_free(tmp_ctx);
3905 return lp_numservices();
3908 /********************************************************
3909 Destroy global resources allocated in this file
3910 ********************************************************/
3912 void gfree_loadparm(void)
3918 /* Free resources allocated to services */
3920 for ( i = 0; i < iNumServices; i++ ) {
3922 free_service_byindex(i);
3926 TALLOC_FREE( ServicePtrs );
3929 /* Now release all resources allocated to global
3930 parameters and the default service */
3932 free_global_parameters();
3936 /***************************************************************************
3937 Allow client apps to specify that they are a client
3938 ***************************************************************************/
3939 static void lp_set_in_client(bool b)
3945 /***************************************************************************
3946 Determine if we're running in a client app
3947 ***************************************************************************/
3948 static bool lp_is_in_client(void)
3953 /***************************************************************************
3954 Load the services array from the services file. Return true on success,
3956 ***************************************************************************/
3958 static bool lp_load_ex(const char *pszFname,
3962 bool initialize_globals,
3963 bool allow_include_registry,
3964 bool load_all_shares)
3968 TALLOC_CTX *frame = talloc_stackframe();
3972 DEBUG(3, ("lp_load_ex: refreshing parameters\n"));
3974 bInGlobalSection = true;
3975 bGlobalOnly = global_only;
3976 bAllowIncludeRegistry = allow_include_registry;
3978 init_globals(initialize_globals);
3982 if (save_defaults) {
3987 if (!initialize_globals) {
3988 free_param_opts(&Globals.param_opt);
3989 apply_lp_set_cmdline();
3992 lp_do_parameter(-1, "idmap config * : backend", Globals.szIdmapBackend);
3994 /* We get sections first, so have to start 'behind' to make up */
3997 if (lp_config_backend_is_file()) {
3998 n2 = talloc_sub_basic(talloc_tos(), get_current_username(),
3999 current_user_info.domain,
4002 smb_panic("lp_load_ex: out of memory");
4005 add_to_file_list(NULL, &file_lists, pszFname, n2);
4007 bRetval = pm_process(n2, lp_do_section, do_parameter, NULL);
4010 /* finish up the last section */
4011 DEBUG(4, ("pm_process() returned %s\n", BOOLSTR(bRetval)));
4013 if (iServiceIndex >= 0) {
4014 bRetval = service_ok(iServiceIndex);
4018 if (lp_config_backend_is_registry()) {
4020 /* config backend changed to registry in config file */
4022 * We need to use this extra global variable here to
4023 * survive restart: init_globals uses this as a default
4024 * for config_backend. Otherwise, init_globals would
4025 * send us into an endless loop here.
4027 config_backend = CONFIG_BACKEND_REGISTRY;
4029 DEBUG(1, ("lp_load_ex: changing to config backend "
4032 lp_kill_all_services();
4033 ok = lp_load_ex(pszFname, global_only, save_defaults,
4034 add_ipc, initialize_globals,
4035 allow_include_registry,
4040 } else if (lp_config_backend_is_registry()) {
4041 bRetval = process_registry_globals();
4043 DEBUG(0, ("Illegal config backend given: %d\n",
4044 lp_config_backend()));
4048 if (bRetval && lp_registry_shares()) {
4049 if (load_all_shares) {
4050 bRetval = process_registry_shares();
4052 bRetval = reload_registry_shares();
4057 char *serv = lp_auto_services(talloc_tos());
4058 lp_add_auto_services(serv);
4063 /* When 'restrict anonymous = 2' guest connections to ipc$
4065 lp_add_ipc("IPC$", (lp_restrict_anonymous() < 2));
4066 if ( lp_enable_asu_support() ) {
4067 lp_add_ipc("ADMIN$", false);
4071 set_allowed_client_auth();
4073 if (lp_security() == SEC_ADS && strchr(lp_password_server(), ':')) {
4074 DEBUG(1, ("WARNING: The optional ':port' in password server = %s is deprecated\n",
4075 lp_password_server()));
4080 /* Now we check we_are_a_wins_server and set szWINSserver to 127.0.0.1 */
4081 /* if we_are_a_wins_server is true and we are in the client */
4082 if (lp_is_in_client() && Globals.we_are_a_wins_server) {
4083 lp_do_parameter(GLOBAL_SECTION_SNUM, "wins server", "127.0.0.1");
4088 fault_configure(smb_panic_s3);
4091 * We run this check once the whole smb.conf is parsed, to
4092 * force some settings for the standard way a AD DC is
4093 * operated. We may changed these as our code evolves, which
4094 * is why we force these settings.
4096 if (lp_server_role() == ROLE_ACTIVE_DIRECTORY_DC) {
4097 lp_do_parameter(-1, "passdb backend", "samba_dsdb");
4099 lp_do_parameter(-1, "winbindd:use external pipes", "true");
4101 lp_do_parameter(-1, "rpc_server:default", "external");
4102 lp_do_parameter(-1, "rpc_server:svcctl", "embedded");
4103 lp_do_parameter(-1, "rpc_server:srvsvc", "embedded");
4104 lp_do_parameter(-1, "rpc_server:eventlog", "embedded");
4105 lp_do_parameter(-1, "rpc_server:ntsvcs", "embedded");
4106 lp_do_parameter(-1, "rpc_server:winreg", "embedded");
4107 lp_do_parameter(-1, "rpc_server:spoolss", "embedded");
4108 lp_do_parameter(-1, "rpc_daemon:spoolssd", "embedded");
4109 lp_do_parameter(-1, "rpc_server:tcpip", "no");
4112 bAllowIncludeRegistry = true;
4118 bool lp_load(const char *pszFname,
4122 bool initialize_globals)
4124 return lp_load_ex(pszFname,
4129 true, /* allow_include_registry */
4130 false); /* load_all_shares*/
4133 bool lp_load_initial_only(const char *pszFname)
4135 return lp_load_ex(pszFname,
4136 true, /* global only */
4137 false, /* save_defaults */
4138 false, /* add_ipc */
4139 true, /* initialize_globals */
4140 false, /* allow_include_registry */
4141 false); /* load_all_shares*/
4145 * most common lp_load wrapper, loading only the globals
4147 bool lp_load_global(const char *file_name)
4149 return lp_load_ex(file_name,
4150 true, /* global_only */
4151 false, /* save_defaults */
4152 false, /* add_ipc */
4153 true, /* initialize_globals */
4154 true, /* allow_include_registry */
4155 false); /* load_all_shares*/
4159 * lp_load wrapper, especially for clients
4161 bool lp_load_client(const char *file_name)
4163 lp_set_in_client(true);
4165 return lp_load_global(file_name);
4169 * lp_load wrapper, loading only globals, but intended
4170 * for subsequent calls, not reinitializing the globals
4173 bool lp_load_global_no_reinit(const char *file_name)
4175 return lp_load_ex(file_name,
4176 true, /* global_only */
4177 false, /* save_defaults */
4178 false, /* add_ipc */
4179 false, /* initialize_globals */
4180 true, /* allow_include_registry */
4181 false); /* load_all_shares*/
4185 * lp_load wrapper, especially for clients, no reinitialization
4187 bool lp_load_client_no_reinit(const char *file_name)
4189 lp_set_in_client(true);
4191 return lp_load_global_no_reinit(file_name);
4194 bool lp_load_with_registry_shares(const char *pszFname,
4198 bool initialize_globals)
4200 return lp_load_ex(pszFname,
4205 true, /* allow_include_registry */
4206 true); /* load_all_shares*/
4209 /***************************************************************************
4210 Return the max number of services.
4211 ***************************************************************************/
4213 int lp_numservices(void)
4215 return (iNumServices);
4218 /***************************************************************************
4219 Display the contents of the services array in human-readable form.
4220 ***************************************************************************/
4222 void lp_dump(FILE *f, bool show_defaults, int maxtoprint)
4227 defaults_saved = false;
4229 dump_globals(f, defaults_saved);
4231 lpcfg_dump_a_service(&sDefault, &sDefault, f, flags_list, show_defaults);
4233 for (iService = 0; iService < maxtoprint; iService++) {
4235 lp_dump_one(f, show_defaults, iService);
4239 /***************************************************************************
4240 Display the contents of one service in human-readable form.
4241 ***************************************************************************/
4243 void lp_dump_one(FILE * f, bool show_defaults, int snum)
4246 if (ServicePtrs[snum]->szService[0] == '\0')
4248 lpcfg_dump_a_service(ServicePtrs[snum], &sDefault, f,
4249 flags_list, show_defaults);
4253 /***************************************************************************
4254 Return the number of the service with the given name, or -1 if it doesn't
4255 exist. Note that this is a DIFFERENT ANIMAL from the internal function
4256 getservicebyname()! This works ONLY if all services have been loaded, and
4257 does not copy the found service.
4258 ***************************************************************************/
4260 int lp_servicenumber(const char *pszServiceName)
4263 fstring serviceName;
4265 if (!pszServiceName) {
4266 return GLOBAL_SECTION_SNUM;
4269 for (iService = iNumServices - 1; iService >= 0; iService--) {
4270 if (VALID(iService) && ServicePtrs[iService]->szService) {
4272 * The substitution here is used to support %U is
4275 fstrcpy(serviceName, ServicePtrs[iService]->szService);
4276 standard_sub_basic(get_current_username(),
4277 current_user_info.domain,
4278 serviceName,sizeof(serviceName));
4279 if (strequal(serviceName, pszServiceName)) {
4285 if (iService >= 0 && ServicePtrs[iService]->usershare == USERSHARE_VALID) {
4286 struct timespec last_mod;
4288 if (!usershare_exists(iService, &last_mod)) {
4289 /* Remove the share security tdb entry for it. */
4290 delete_share_security(lp_servicename(talloc_tos(), iService));
4291 /* Remove it from the array. */
4292 free_service_byindex(iService);
4293 /* Doesn't exist anymore. */
4294 return GLOBAL_SECTION_SNUM;
4297 /* Has it been modified ? If so delete and reload. */
4298 if (timespec_compare(&ServicePtrs[iService]->usershare_last_mod,
4300 /* Remove it from the array. */
4301 free_service_byindex(iService);
4302 /* and now reload it. */
4303 iService = load_usershare_service(pszServiceName);
4308 DEBUG(7,("lp_servicenumber: couldn't find %s\n", pszServiceName));
4309 return GLOBAL_SECTION_SNUM;
4315 /*******************************************************************
4316 A useful volume label function.
4317 ********************************************************************/
4319 const char *volume_label(TALLOC_CTX *ctx, int snum)
4322 const char *label = lp_volume(ctx, snum);
4324 label = lp_servicename(ctx, snum);
4327 /* This returns a 33 byte guarenteed null terminated string. */
4328 ret = talloc_strndup(ctx, label, 32);
4335 /*******************************************************************
4336 Get the default server type we will announce as via nmbd.
4337 ********************************************************************/
4339 int lp_default_server_announce(void)
4341 int default_server_announce = 0;
4342 default_server_announce |= SV_TYPE_WORKSTATION;
4343 default_server_announce |= SV_TYPE_SERVER;
4344 default_server_announce |= SV_TYPE_SERVER_UNIX;
4346 /* note that the flag should be set only if we have a
4347 printer service but nmbd doesn't actually load the
4348 services so we can't tell --jerry */
4350 default_server_announce |= SV_TYPE_PRINTQ_SERVER;
4352 default_server_announce |= SV_TYPE_SERVER_NT;
4353 default_server_announce |= SV_TYPE_NT;
4355 switch (lp_server_role()) {
4356 case ROLE_DOMAIN_MEMBER:
4357 default_server_announce |= SV_TYPE_DOMAIN_MEMBER;
4359 case ROLE_DOMAIN_PDC:
4360 default_server_announce |= SV_TYPE_DOMAIN_CTRL;
4362 case ROLE_DOMAIN_BDC:
4363 default_server_announce |= SV_TYPE_DOMAIN_BAKCTRL;
4365 case ROLE_STANDALONE:
4369 if (lp_time_server())
4370 default_server_announce |= SV_TYPE_TIME_SOURCE;
4372 if (lp_host_msdfs())
4373 default_server_announce |= SV_TYPE_DFS_SERVER;
4375 return default_server_announce;
4378 /***********************************************************
4379 If we are PDC then prefer us as DMB
4380 ************************************************************/
4382 bool lp_domain_master(void)
4384 if (Globals._domain_master == Auto)
4385 return (lp_server_role() == ROLE_DOMAIN_PDC);
4387 return (bool)Globals._domain_master;
4390 /***********************************************************
4391 If we are PDC then prefer us as DMB
4392 ************************************************************/
4394 static bool lp_domain_master_true_or_auto(void)
4396 if (Globals._domain_master) /* auto or yes */
4402 /***********************************************************
4403 If we are DMB then prefer us as LMB
4404 ************************************************************/
4406 bool lp_preferred_master(void)
4408 if (Globals.iPreferredMaster == Auto)
4409 return (lp_local_master() && lp_domain_master());
4411 return (bool)Globals.iPreferredMaster;
4414 /*******************************************************************
4416 ********************************************************************/
4418 void lp_remove_service(int snum)
4420 ServicePtrs[snum]->valid = false;
4423 const char *lp_printername(TALLOC_CTX *ctx, int snum)
4425 const char *ret = lp__printername(ctx, snum);
4426 if (ret == NULL || *ret == '\0') {
4427 ret = lp_const_servicename(snum);
4434 /***********************************************************
4435 Allow daemons such as winbindd to fix their logfile name.
4436 ************************************************************/
4438 void lp_set_logfile(const char *name)
4440 string_set(Globals.ctx, &Globals.logfile, name);
4441 debug_set_logfile(name);
4444 /*******************************************************************
4445 Return the max print jobs per queue.
4446 ********************************************************************/
4448 int lp_maxprintjobs(int snum)
4450 int maxjobs = LP_SNUM_OK(snum) ? ServicePtrs[snum]->iMaxPrintJobs : sDefault.iMaxPrintJobs;
4451 if (maxjobs <= 0 || maxjobs >= PRINT_MAX_JOBID)
4452 maxjobs = PRINT_MAX_JOBID - 1;
4457 const char *lp_printcapname(void)
4459 if ((Globals.szPrintcapname != NULL) &&
4460 (Globals.szPrintcapname[0] != '\0'))
4461 return Globals.szPrintcapname;
4463 if (sDefault.printing == PRINT_CUPS) {
4467 if (sDefault.printing == PRINT_BSD)
4468 return "/etc/printcap";
4470 return PRINTCAP_NAME;
4473 static uint32 spoolss_state;
4475 bool lp_disable_spoolss( void )
4477 if ( spoolss_state == SVCCTL_STATE_UNKNOWN )
4478 spoolss_state = lp__disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4480 return spoolss_state == SVCCTL_STOPPED ? true : false;
4483 void lp_set_spoolss_state( uint32 state )
4485 SMB_ASSERT( (state == SVCCTL_STOPPED) || (state == SVCCTL_RUNNING) );
4487 spoolss_state = state;
4490 uint32 lp_get_spoolss_state( void )
4492 return lp_disable_spoolss() ? SVCCTL_STOPPED : SVCCTL_RUNNING;
4495 /*******************************************************************
4496 Ensure we don't use sendfile if server smb signing is active.
4497 ********************************************************************/
4499 bool lp_use_sendfile(int snum, struct smb_signing_state *signing_state)
4501 bool sign_active = false;
4503 /* Using sendfile blows the brains out of any DOS or Win9x TCP stack... JRA. */
4504 if (get_Protocol() < PROTOCOL_NT1) {
4507 if (signing_state) {
4508 sign_active = smb_signing_is_active(signing_state);
4510 return (lp__use_sendfile(snum) &&
4511 (get_remote_arch() != RA_WIN95) &&
4515 /*******************************************************************
4516 Turn off sendfile if we find the underlying OS doesn't support it.
4517 ********************************************************************/
4519 void set_use_sendfile(int snum, bool val)
4521 if (LP_SNUM_OK(snum))
4522 ServicePtrs[snum]->_use_sendfile = val;
4524 sDefault._use_sendfile = val;
4527 /*******************************************************************
4528 Turn off storing DOS attributes if this share doesn't support it.
4529 ********************************************************************/
4531 void set_store_dos_attributes(int snum, bool val)
4533 if (!LP_SNUM_OK(snum))
4535 ServicePtrs[(snum)]->store_dos_attributes = val;
4538 void lp_set_mangling_method(const char *new_method)
4540 string_set(Globals.ctx, &Globals.mangling_method, new_method);
4543 /*******************************************************************
4544 Global state for POSIX pathname processing.
4545 ********************************************************************/
4547 static bool posix_pathnames;
4549 bool lp_posix_pathnames(void)
4551 return posix_pathnames;
4554 /*******************************************************************
4555 Change everything needed to ensure POSIX pathname processing (currently
4557 ********************************************************************/
4559 void lp_set_posix_pathnames(void)
4561 posix_pathnames = true;
4564 /*******************************************************************
4565 Global state for POSIX lock processing - CIFS unix extensions.
4566 ********************************************************************/
4568 bool posix_default_lock_was_set;
4569 static enum brl_flavour posix_cifsx_locktype; /* By default 0 == WINDOWS_LOCK */
4571 enum brl_flavour lp_posix_cifsu_locktype(files_struct *fsp)
4573 if (posix_default_lock_was_set) {
4574 return posix_cifsx_locktype;
4576 return fsp->posix_open ? POSIX_LOCK : WINDOWS_LOCK;
4580 /*******************************************************************
4581 ********************************************************************/
4583 void lp_set_posix_default_cifsx_readwrite_locktype(enum brl_flavour val)
4585 posix_default_lock_was_set = true;
4586 posix_cifsx_locktype = val;
4589 int lp_min_receive_file_size(void)
4591 if (Globals.iminreceivefile < 0) {
4594 return Globals.iminreceivefile;
4597 /*******************************************************************
4598 Safe wide links checks.
4599 This helper function always verify the validity of wide links,
4600 even after a configuration file reload.
4601 ********************************************************************/
4603 static bool lp_widelinks_internal(int snum)
4605 return (bool)(LP_SNUM_OK(snum)? ServicePtrs[(snum)]->bWidelinks :
4606 sDefault.bWidelinks);
4609 void widelinks_warning(int snum)
4611 if (lp_allow_insecure_wide_links()) {
4615 if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
4616 DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
4617 "These parameters are incompatible. "
4618 "Wide links will be disabled for this share.\n",
4619 lp_servicename(talloc_tos(), snum) ));
4623 bool lp_widelinks(int snum)
4625 /* wide links is always incompatible with unix extensions */
4626 if (lp_unix_extensions()) {
4628 * Unless we have "allow insecure widelinks"
4631 if (!lp_allow_insecure_wide_links()) {
4636 return lp_widelinks_internal(snum);
4639 int lp_server_role(void)
4641 return lp_find_server_role(lp__server_role(),
4643 lp__domain_logons(),
4644 lp_domain_master_true_or_auto());
4647 int lp_security(void)
4649 return lp_find_security(lp__server_role(),
4653 struct loadparm_global * get_globals(void)
4658 unsigned int * get_flags(void)
4660 if (flags_list == NULL) {
4661 flags_list = talloc_zero_array(NULL, unsigned int, num_parameters());